Commit Graph

28 Commits

Author SHA1 Message Date
Soner Tari
4c8831bd90 Update with SSLsplit 0.5.1 changes, fix LibreSSL version issues
Add VerifyPeer and AllowWrongHost options
2018-01-18 03:18:53 +03:00
Soner Tari
b064ffa668 Use llu int as unique conn id, much simpler than uuid 2017-10-26 20:10:36 +03:00
Soner Tari
a1c5d05143 Add support for log priority to error logs, so syslogd prints the correct prio for error logs now 2017-10-15 01:39:30 +03:00
Soner Tari
67ddee1585 Import sslsplit-devel changes
Add stats logs, initial
Add SSLproxy_SrcAddr header field
Clean-up
2017-07-25 16:07:39 +03:00
Soner Tari
ae35623c15 Remove meta ctx completely
Fix issues
2017-07-15 04:07:42 +03:00
Soner Tari
496a4f090d Refactoring: Simplify, reduce, rearrange, rename, and clean-up
Get rid of now unnecessary child info struct and functions
2017-07-12 22:37:36 +03:00
Soner Tari
d7094d7138 Refactoring: Simplify, reduce, rearrange, rename, and clean-up
Got rid of now unnecessary pxy_conn_is_ready_to_free*() functions
Got rid of now unnecessary duplicate child and parent free functions: pxy_*_conn_free()
Fix error handling
2017-07-12 16:46:51 +03:00
Soner Tari
1a446cd243 Refactoring: Create child ctx
Rearrange, clean-up
2017-07-12 01:45:15 +03:00
Soner Tari
d6e1ed2cef Fix a potential issue which could forward a packet without any SSL proxy address
Rename, rearrange, and clean-up
2017-07-07 17:18:01 +03:00
Soner Tari
6975175117 Defer e2 setup until after parent is connected, to prevent multithreading issues
Refactoring, improvements
2017-07-05 22:32:10 +03:00
Soner Tari
4d88906d24 Clean up and improve 2017-07-04 18:13:34 +03:00
Soner Tari
ad1f95e465 Remove conn mutexes: Use thrmgr mutex during attach/detatch only, do eveything in the same thread, do not touch the other threads
Flex, fix, and improve conn termination: Make it more similar to orig sslsplit code
Fix issues, and clean-up
2017-07-04 02:12:17 +03:00
Soner Tari
ecfaf24614 Add more child info to conns list, and clean-up 2017-07-02 17:47:26 +03:00
Soner Tari
5047df8cba Fix some of the compiler warnings, rearrange, and clean-up 2017-07-01 23:17:45 +03:00
Soner Tari
0b0f6b21dc Add uuid to all conn mctxs, otherwise we cannot uniquely identify them, causing trouble especially while deleting conns
Fix issues, clean-up
2017-07-01 00:29:39 +03:00
Soner Tari
833e1903e1 Dump conn info list
Remove conns using delete list of timed out conns
Fix issues, improvements
2017-06-30 00:38:37 +03:00
Soner Tari
4a34c4792b travis-cgi.org issue seems to be gone now
Rely less on parent ctx, and more on meta ctx
Rearrange, improve, and clean-up
2017-06-27 17:09:01 +03:00
Soner Tari
82b58c2dab Fix multithreading
Clean-up
2017-06-25 14:21:32 +03:00
Soner Tari
d033ea68dd Plain TCP version is running good enough, next will try to switch the SSL on 2017-05-29 12:22:23 +03:00
Daniel Roethlisberger
e632490888 Add exception handler to logger, exit on errors
Add exception handler mechanism to logger and use that to exit cleanly
when sslsplit fails to write to a log file or fails to open a log file.

Issue:		#113
Reported by:	Matthias Kadenbach
2016-03-25 15:56:42 +01:00
Daniel Roethlisberger
0506024587 Update copyright notices to 2016 2016-03-25 12:19:23 +01:00
Daniel Roethlisberger
91da4674e5 Update copyright, license and tagline
-   Update copyright to 2015
-   Remove the non-standard "unmodified" from the 2-clause BSD license
-   Remove scalable from the tagline to avoid misinterpretations
2015-02-24 19:19:20 +01:00
Daniel Roethlisberger
c01ace1261 Introduce privilege separation architecture
Fork into a monitor parent process and an actual proxy child process,
communicating over AF_UNIX sockets.  Certain privileged operations are
performed through the privileged parent process, like opening log files
or listener sockets, while all other operations happen in the child
process, which can now drop its privileges without side-effects for
log file opening and other privileged operations.  This is also a
preparation for -l/-L logfile reopening through SIGUSR1.

This means that -S and -F are no longer relative to chroot() if used
with -j.  This is a deliberate POLA violation.
2014-11-24 22:14:09 +01:00
Daniel Roethlisberger
06a02f946a Always explicitly name the non-null arguments
Always explicitly name which arguments are non-null, even if all
arguments are non-null.  This is to avoid bugs where newly added
arguments are automatically non-null by accident, possibly leading to
optimisation errors.

This also fixes a few potential errors related to non-null arguments;
specifically it prevents the compiler optimising away a test for sni
being NULL in cachedsess_mkkey().

Issue:		#14
Reported by:	kythyria
2014-01-06 14:28:33 +01:00
Daniel Roethlisberger
ca923ee7f1 Update copyright notices to 2014 2014-01-06 14:09:18 +01:00
Daniel Roethlisberger
c972501063 Update copyright notices 2013-04-24 20:36:38 +02:00
Daniel Roethlisberger
439e8a8267 Use WUNRES and MALLOC attribs and fix sloppy code 2012-04-23 00:35:17 +02:00
Daniel Roethlisberger
4cfdef405a Initial import of sslsplit-0.4.2 2012-04-13 14:47:30 +02:00