Commit Graph

22 Commits

Author SHA1 Message Date
Daniel Roethlisberger
13ed7f8425 Slightly improve error logging on log init failure
Issue:		#13
Reported by:	vinies
2014-01-06 19:03:29 +01:00
Daniel Roethlisberger
ca923ee7f1 Update copyright notices to 2014 2014-01-06 14:09:18 +01:00
Daniel Roethlisberger
ac9a2613e0 Only generate RSA leaf key if CA key present
Issue:          #9
Reported by:    ceear
2013-05-27 00:17:36 +02:00
Daniel Roethlisberger
c972501063 Update copyright notices 2013-04-24 20:36:38 +02:00
Daniel Roethlisberger
711448759c Bind to ports before dropping privileges
This fixes a regression which caused bind() to ports < 1024 to fail with
the default settings of dropping privileges to nobody.

Issue:          #8
Reported by:    Ian Grispan
2013-04-24 17:17:23 +02:00
Daniel Roethlisberger
005ebd1b95 Fix syslog for more error cases
Also fix issue #6 for target certificate loading error cases.
2012-10-23 23:04:22 +02:00
Daniel Roethlisberger
bb15224d11 Flush error queue prior to exiting
Reorganize the cleanup code after detaching from the TTY in order to be
able to flush the error queue before calling exit().  Addresses issue #6
2012-10-23 21:30:11 +02:00
Daniel Roethlisberger
7713f82b62 Move more log writes after log initialization 2012-10-17 00:24:26 +02:00
Daniel Roethlisberger
1995dc4b89 Reinitialize SSL mutexes after fork
See issue #5.
2012-10-17 00:11:53 +02:00
Daniel Roethlisberger
067521924a Cleanup tgcrt loading to protect mutexes from fork
See issue #5.
2012-10-17 00:10:47 +02:00
Daniel Roethlisberger
3d15f14239 Fix lost error message 2012-10-16 23:37:46 +02:00
Daniel Roethlisberger
bb9c353ecb Initialize proxy after detaching from TTY
Fixes issue #5.
2012-10-16 23:20:55 +02:00
Daniel Roethlisberger
0073cbdc47 Make cache initialization fork()-safe
POSIX threads require mutexes to be reinitialized after fork().  Not
doing so will break daemon mode, depending on pthread implementation.
See issue #5.
2012-10-16 23:05:37 +02:00
Daniel Roethlisberger
b27175f910 Reorder initialization in main() 2012-10-16 22:52:54 +02:00
Daniel Roethlisberger
8eb5165760 Optimize debug branching using __builtin_expect() 2012-05-13 15:24:50 +02:00
Daniel Roethlisberger
38d22415af Generic EC loading, new default curve 'secp160r2' 2012-05-11 17:39:12 +02:00
Daniel Roethlisberger
2d1ad219b9 Change default cipher suite to "ALL:-aNULL" 2012-05-02 14:59:47 +02:00
Daniel Roethlisberger
439e8a8267 Use WUNRES and MALLOC attribs and fix sloppy code 2012-04-23 00:35:17 +02:00
Daniel Roethlisberger
7aca81a7b7 Improve CA cert/key config code and docs
Make -c and -k functional twins by also loading DH params in -c and by
fixing certificate loading in -k.  Improve the documentation for both
switches and simplify the SYNOPSIS in sslsplit(1).
2012-04-22 22:59:00 +02:00
Daniel Roethlisberger
ee98c04b29 Add generic OCSP denial 2012-04-22 19:12:38 +02:00
Daniel Roethlisberger
423c1b0a32 Move volatile build-time information into separate compilation unit 2012-04-13 22:40:36 +02:00
Daniel Roethlisberger
4cfdef405a Initial import of sslsplit-0.4.2 2012-04-13 14:47:30 +02:00