Commit Graph

35 Commits

Author SHA1 Message Date
Daniel Roethlisberger
ce002378b8 Use more intuitive letters for new format specs
%D for Destination host, %p for the (more interesting) destination port,
%S for Source host, %q for the (less interesting) source port.
2015-03-15 18:39:36 +01:00
Daniel Roethlisberger
e17108f9b7 Merge branch 'master' of https://github.com/AdamJacobMuller/sslsplit into issue/74 2015-03-15 18:28:10 +01:00
Daniel Roethlisberger
01d10b192a IPv6 addrs in filenames use underscore not colon
Use underscore instead of colon for all IPv6 addresses in generated
filenames in order to generate NTFS clean filenames.

Issue:		#69
2015-03-15 17:52:04 +01:00
Daniel Roethlisberger
914360eb5e Separate host and port into separate strings
Store host and port in separate strings internally and get rid of the
[host]:port representation where separate host and port would be
cleaner.  This includes the following user-visible changes:

-   Generated filenames that contain host and port, such as by -S and
    -F %d and %s, now use a host,port format instead of [host]:port.

-   Connect log now uses separate fields for host and port.

Issue:		#69 #74
Reported by:	Adam Jacob Muller
2015-03-15 17:23:46 +01:00
Daniel Roethlisberger
91da4674e5 Update copyright, license and tagline
-   Update copyright to 2015
-   Remove the non-standard "unmodified" from the 2-clause BSD license
-   Remove scalable from the tagline to avoid misinterpretations
2015-02-24 19:19:20 +01:00
Adam Jacob Muller
9267cf9bb4 add support for:
%f - dest address
%h - dest port
%t - source address
%v - source port

format specifiers to pathspec
2015-02-08 20:20:02 -05:00
Daniel Roethlisberger
f16783cee2 Move cert writer to logger thread using privsep
Make -w and -W work in conjunction with dropping privileges and
chrooting by moving the cert writer code to a separate logger thread and
using the privsep framework to open the files if they do not exist
already.

Issue:		#70
2014-12-13 23:52:17 +01:00
Daniel Roethlisberger
b8213e756d Merge branch 'feature/privsep' into develop
Conflicts:
	NEWS.md
	main.c
	sslsplit.1
2014-11-28 11:08:05 +01:00
Daniel Roethlisberger
c4b22efa5a Fix segmentation fault for aborted connections 2014-11-27 23:19:54 +01:00
Daniel Roethlisberger
e69b13f2eb SIGUSR1 re-opens -l/-L log files; add defaults.h
Issue:		#52
2014-11-25 23:45:40 +01:00
Daniel Roethlisberger
c01ace1261 Introduce privilege separation architecture
Fork into a monitor parent process and an actual proxy child process,
communicating over AF_UNIX sockets.  Certain privileged operations are
performed through the privileged parent process, like opening log files
or listener sockets, while all other operations happen in the child
process, which can now drop its privileges without side-effects for
log file opening and other privileged operations.  This is also a
preparation for -l/-L logfile reopening through SIGUSR1.

This means that -S and -F are no longer relative to chroot() if used
with -j.  This is a deliberate POLA violation.
2014-11-24 22:14:09 +01:00
Daniel Roethlisberger
b3f4d25619 Make log_fini() more robust 2014-11-24 21:34:08 +01:00
Daniel Roethlisberger
db80d3460c Remove spurious UNUSED attribute 2014-11-23 17:27:57 +01:00
Daniel Roethlisberger
762bd0cba1 Rename shortcut flag for clarity 2014-11-23 15:44:20 +01:00
Daniel Roethlisberger
65f56f634d Improve error handling on logging calls 2014-11-21 17:42:10 +01:00
Daniel Roethlisberger
c24d32e9e5 Remove obsolete preinit code 2014-11-21 16:41:57 +01:00
Daniel Roethlisberger
b5e3856a97 Move open() and mkdir() to logger thread 2014-11-21 16:10:37 +01:00
Daniel Roethlisberger
5fd1d7de9c Rename flags for clarity 2014-11-21 12:03:08 +01:00
Daniel Roethlisberger
fcd008df4b Unify asprintf error handling 2014-11-17 19:11:27 +01:00
Daniel Roethlisberger
b1ec5d0e09 Improve log_content_open() error handling 2014-11-16 22:31:54 +01:00
Daniel Roethlisberger
18c3e055e3 Refactor recursive mkdir() into sys_mkpath() 2014-11-16 21:53:47 +01:00
Daniel Roethlisberger
0237fe34dc Only build local process info code where supported 2014-11-14 15:31:30 +01:00
Daniel Roethlisberger
a906147943 Fix memory leak and handle failure of pathspec formatting 2014-11-14 01:18:43 +01:00
Daniel Roethlisberger
86f509d2ea Skip realloc and elem access for elem_len == 0
Besides obvious benefits, this prevents passing NULL to strncat().
2014-11-14 01:10:47 +01:00
Daniel Roethlisberger
1ce0ee8b12 Safeguard against elem == NULL
This should not normally happen but in theory it can (if match wraps
around in the match++ instruction).
2014-11-14 01:06:51 +01:00
Daniel Roethlisberger
38314ea16d Formatting changes 2014-11-13 23:38:46 +01:00
Landon Fuller
f36b06f8c1 Fix stupid bug caused by leaving the path string as non-NULL terminated on initialization.
This failed visibly when the allocated buffer did not already
lead with \0.
2014-10-18 20:41:43 -06:00
Landon Fuller
e6aa76b844 Implement automatic creation of parent directories. 2014-10-18 17:02:53 -06:00
Landon Fuller
06c61c16ed Add support for specifying log paths as a specialized format string.
Format string handling is fully implemented, with the exception of
support for automatically creating missing directories.
2014-10-18 16:40:22 -06:00
Landon Fuller
8350b1deb0 Plumb user/group/path information through the logging API. 2014-10-18 14:35:49 -06:00
Daniel Roethlisberger
e1d8a2a965 Lint fix: define some variables in smaller scope 2014-01-14 17:37:57 +01:00
Daniel Roethlisberger
ca923ee7f1 Update copyright notices to 2014 2014-01-06 14:09:18 +01:00
Daniel Roethlisberger
b06a2474f5 Shortcut errlog thrqueue in debug mode 2013-05-27 00:01:44 +02:00
Daniel Roethlisberger
c972501063 Update copyright notices 2013-04-24 20:36:38 +02:00
Daniel Roethlisberger
4cfdef405a Initial import of sslsplit-0.4.2 2012-04-13 14:47:30 +02:00