Daniel Roethlisberger
ce002378b8
Use more intuitive letters for new format specs
...
%D for Destination host, %p for the (more interesting) destination port,
%S for Source host, %q for the (less interesting) source port.
2015-03-15 18:39:36 +01:00
Daniel Roethlisberger
e17108f9b7
Merge branch 'master' of https://github.com/AdamJacobMuller/sslsplit into issue/74
2015-03-15 18:28:10 +01:00
Daniel Roethlisberger
01d10b192a
IPv6 addrs in filenames use underscore not colon
...
Use underscore instead of colon for all IPv6 addresses in generated
filenames in order to generate NTFS clean filenames.
Issue: #69
2015-03-15 17:52:04 +01:00
Daniel Roethlisberger
914360eb5e
Separate host and port into separate strings
...
Store host and port in separate strings internally and get rid of the
[host]:port representation where separate host and port would be
cleaner. This includes the following user-visible changes:
- Generated filenames that contain host and port, such as by -S and
-F %d and %s, now use a host,port format instead of [host]:port.
- Connect log now uses separate fields for host and port.
Issue: #69 #74
Reported by: Adam Jacob Muller
2015-03-15 17:23:46 +01:00
Daniel Roethlisberger
91da4674e5
Update copyright, license and tagline
...
- Update copyright to 2015
- Remove the non-standard "unmodified" from the 2-clause BSD license
- Remove scalable from the tagline to avoid misinterpretations
2015-02-24 19:19:20 +01:00
Adam Jacob Muller
9267cf9bb4
add support for:
...
%f - dest address
%h - dest port
%t - source address
%v - source port
format specifiers to pathspec
2015-02-08 20:20:02 -05:00
Daniel Roethlisberger
f16783cee2
Move cert writer to logger thread using privsep
...
Make -w and -W work in conjunction with dropping privileges and
chrooting by moving the cert writer code to a separate logger thread and
using the privsep framework to open the files if they do not exist
already.
Issue: #70
2014-12-13 23:52:17 +01:00
Daniel Roethlisberger
b8213e756d
Merge branch 'feature/privsep' into develop
...
Conflicts:
NEWS.md
main.c
sslsplit.1
2014-11-28 11:08:05 +01:00
Daniel Roethlisberger
c4b22efa5a
Fix segmentation fault for aborted connections
2014-11-27 23:19:54 +01:00
Daniel Roethlisberger
e69b13f2eb
SIGUSR1 re-opens -l/-L log files; add defaults.h
...
Issue: #52
2014-11-25 23:45:40 +01:00
Daniel Roethlisberger
c01ace1261
Introduce privilege separation architecture
...
Fork into a monitor parent process and an actual proxy child process,
communicating over AF_UNIX sockets. Certain privileged operations are
performed through the privileged parent process, like opening log files
or listener sockets, while all other operations happen in the child
process, which can now drop its privileges without side-effects for
log file opening and other privileged operations. This is also a
preparation for -l/-L logfile reopening through SIGUSR1.
This means that -S and -F are no longer relative to chroot() if used
with -j. This is a deliberate POLA violation.
2014-11-24 22:14:09 +01:00
Daniel Roethlisberger
b3f4d25619
Make log_fini() more robust
2014-11-24 21:34:08 +01:00
Daniel Roethlisberger
db80d3460c
Remove spurious UNUSED attribute
2014-11-23 17:27:57 +01:00
Daniel Roethlisberger
762bd0cba1
Rename shortcut flag for clarity
2014-11-23 15:44:20 +01:00
Daniel Roethlisberger
65f56f634d
Improve error handling on logging calls
2014-11-21 17:42:10 +01:00
Daniel Roethlisberger
c24d32e9e5
Remove obsolete preinit code
2014-11-21 16:41:57 +01:00
Daniel Roethlisberger
b5e3856a97
Move open() and mkdir() to logger thread
2014-11-21 16:10:37 +01:00
Daniel Roethlisberger
5fd1d7de9c
Rename flags for clarity
2014-11-21 12:03:08 +01:00
Daniel Roethlisberger
fcd008df4b
Unify asprintf error handling
2014-11-17 19:11:27 +01:00
Daniel Roethlisberger
b1ec5d0e09
Improve log_content_open() error handling
2014-11-16 22:31:54 +01:00
Daniel Roethlisberger
18c3e055e3
Refactor recursive mkdir() into sys_mkpath()
2014-11-16 21:53:47 +01:00
Daniel Roethlisberger
0237fe34dc
Only build local process info code where supported
2014-11-14 15:31:30 +01:00
Daniel Roethlisberger
a906147943
Fix memory leak and handle failure of pathspec formatting
2014-11-14 01:18:43 +01:00
Daniel Roethlisberger
86f509d2ea
Skip realloc and elem access for elem_len == 0
...
Besides obvious benefits, this prevents passing NULL to strncat().
2014-11-14 01:10:47 +01:00
Daniel Roethlisberger
1ce0ee8b12
Safeguard against elem == NULL
...
This should not normally happen but in theory it can (if match wraps
around in the match++ instruction).
2014-11-14 01:06:51 +01:00
Daniel Roethlisberger
38314ea16d
Formatting changes
2014-11-13 23:38:46 +01:00
Landon Fuller
f36b06f8c1
Fix stupid bug caused by leaving the path string as non-NULL terminated on initialization.
...
This failed visibly when the allocated buffer did not already
lead with \0.
2014-10-18 20:41:43 -06:00
Landon Fuller
e6aa76b844
Implement automatic creation of parent directories.
2014-10-18 17:02:53 -06:00
Landon Fuller
06c61c16ed
Add support for specifying log paths as a specialized format string.
...
Format string handling is fully implemented, with the exception of
support for automatically creating missing directories.
2014-10-18 16:40:22 -06:00
Landon Fuller
8350b1deb0
Plumb user/group/path information through the logging API.
2014-10-18 14:35:49 -06:00
Daniel Roethlisberger
e1d8a2a965
Lint fix: define some variables in smaller scope
2014-01-14 17:37:57 +01:00
Daniel Roethlisberger
ca923ee7f1
Update copyright notices to 2014
2014-01-06 14:09:18 +01:00
Daniel Roethlisberger
b06a2474f5
Shortcut errlog thrqueue in debug mode
2013-05-27 00:01:44 +02:00
Daniel Roethlisberger
c972501063
Update copyright notices
2013-04-24 20:36:38 +02:00
Daniel Roethlisberger
4cfdef405a
Initial import of sslsplit-0.4.2
2012-04-13 14:47:30 +02:00