Commit Graph

349 Commits

Author SHA1 Message Date
Daniel Roethlisberger
ed4134487c Merge pull request #56 from wjjensen/master
Fix memory leaks in ssl_x509_load() and ssl_key_load()
2014-11-11 19:54:27 +01:00
wjensen
cc0b57d341 Fix memory leaks in ssl_x509_load() and ssl_key_load(), remove unnecessary condition in ssl_x509chain_load() 2014-11-11 09:46:29 -08:00
Daniel Roethlisberger
3579fb6891 Merge branch 'sys_proc_info' of git://github.com/fix-macosx/sslsplit into issue/54 2014-11-10 23:29:16 +01:00
Daniel Roethlisberger
40a2b7c2c3 Merge branch 'issue/53' 2014-11-10 20:45:31 +01:00
Daniel Roethlisberger
d9d8674792 Fix memory leak in libproc lookup code 2014-11-10 20:44:26 +01:00
Daniel Roethlisberger
f8867368ee Detect presence of Darwin libproc.h 2014-11-10 19:59:56 +01:00
Landon Fuller
afd32151d8
Merge branch 'sys_proc_info' into logspec_path_support 2014-11-07 17:20:12 -07:00
Landon Fuller
5225ec50b7
Merge branch 'nat_local_pid' into sys_proc_info 2014-11-07 17:19:59 -07:00
Landon Fuller
6e860472d1
Remove debugging statement. 2014-11-07 17:19:14 -07:00
Landon Fuller
bea605d7ca
Update the man page to include the -F option and its logspec directives. 2014-11-07 17:03:55 -07:00
Landon Fuller
7ce301a60f
Fix incorrect format specifiers used in the -F usage example. 2014-11-07 16:49:00 -07:00
Landon Fuller
6b8ac51653
Merge branch 'master' into fix-macosx 2014-11-07 16:47:37 -07:00
Landon Fuller
be4be4a054
Merge branch 'sys_proc_info' into logspec_path_support 2014-11-07 16:46:33 -07:00
Landon Fuller
afe6b87d80
Merge branch 'nat_local_pid' into sys_proc_info 2014-11-07 16:46:20 -07:00
Landon Fuller
137d10aa6e
Define HAVE_DARWIN_LIBPROC on Darwin. 2014-11-07 16:46:07 -07:00
Landon Fuller
02c6e6e605
Adopt the new oom_die() usage. 2014-11-07 16:44:47 -07:00
Landon Fuller
a4c518c8a0
Merge remote-tracking branch 'origin/fix-macosx' into logspec_path_support 2014-11-07 16:43:09 -07:00
Landon Fuller
efca8d73c9
Remove debugging statement. 2014-11-07 16:38:50 -07:00
Landon Fuller
81bf954c17
Merge commit '5ed49c498596995c79a5b7fda3d1ee1eb09ce8ec' into sys_proc_info 2014-11-07 16:37:50 -07:00
Landon Fuller
fe5eb66b53
Merge commit '9204418c806fc85ba04c3650dc4002bd440083ca' into nat_local_pid 2014-11-07 16:33:39 -07:00
Daniel Roethlisberger
2de17692f0 Avoid casting !NULL to ptr types to silence clang 2014-11-06 21:17:41 +01:00
Daniel Roethlisberger
375bf2a13c Clarify comment about logging 2014-11-06 18:12:49 +01:00
Daniel Roethlisberger
206c688219 Refactor SSL/TLS debug code 2014-11-05 21:18:53 +01:00
Daniel Roethlisberger
601cdf5b52 Add SSL/TLS protocol selection debug code 2014-11-05 20:41:41 +01:00
Daniel Roethlisberger
6b0e47dc89 Allow more control over used SSL/TLS versions
Add -r to force a specific SSL/TLS protocol version.
Add -R to disable one or several SSL/TLS protocol versions.
Replace WANT_SSLV2_CLIENT and WANT_SSLV2_SERVER to WITH_SSLV2.

Issue:		#30
Reported by:	@Apollo2342
2014-11-05 20:06:11 +01:00
Daniel Roethlisberger
53e3d593c8 Move build status into h1 2014-11-04 20:41:48 +01:00
Daniel Roethlisberger
67ed768fec Migrate documentation to markdown
Issue:		#33
2014-11-04 20:39:20 +01:00
Daniel Roethlisberger
50001e5458 Avoid apparently common misunderstandings 2014-11-04 20:03:33 +01:00
Daniel Roethlisberger
0648f84bfc Remove legacy TODO file; move to Github issues 2014-11-04 18:59:56 +01:00
Daniel Roethlisberger
fb2841f645 Zero allocated elements before initializing them
For some error conditions, the error handler depends on
ctx->thr[idx]->dnsbase to be zeroed expicitly after allocation.
To prevent this type of error, zero all allocated memory even
though it will get written to in any case.
2014-11-04 18:36:08 +01:00
Daniel Roethlisberger
508435d929 Use correct pointer type in sizeof() 2014-11-04 18:35:00 +01:00
Daniel Roethlisberger
8dbea83b21 Prevent malloc(0) when ssl_x509_names() returns no names 2014-11-04 18:33:00 +01:00
Daniel Roethlisberger
259d470498 Use -I instead of -isystem with clang-analyzer 2014-11-04 18:31:19 +01:00
Daniel Roethlisberger
d0665377ee Remove WGET_FLAGS from developer targets 2014-11-04 18:30:26 +01:00
Daniel Roethlisberger
a299d7e3f3 Add unit tests for ssl_x509_subject() and ssl_x509_subject_cn() 2014-11-03 23:01:19 +01:00
Daniel Roethlisberger
eca1ac9a5e Rewrite ssl_x509_subject_cn() error handling 2014-11-03 22:32:22 +01:00
Daniel Roethlisberger
c210641783 Don't add XNU includes to cppcheck invocation 2014-11-03 22:31:55 +01:00
Daniel Roethlisberger
76aab3b816 Fix X509_NAME_get_text_by_NID() error handling 2014-11-03 22:10:44 +01:00
Daniel Roethlisberger
5219d494f3 Protect session cache calls from sess == NULL 2014-11-03 22:10:01 +01:00
Daniel Roethlisberger
78a573121d Add some CPPFLAGS to cppcheck arguments 2014-11-03 22:08:07 +01:00
Daniel Roethlisberger
b9ab5a03e6 SSLsplit 0.4.9 release 2014-11-03 19:42:24 +01:00
Daniel Roethlisberger
fcb64e85e7 Make SSLv2 support opt-in instead of opt-out
Migrate knobs from DISABLE_SSLV2_CLIENT and DISABLE_SSLV2_SERVER to
WANT_SSLV2_CLIENT and WANT_SSLV2_SERVER and remove the
DISABLE_SSLV2_SESSION_CACHE knob entirely, automatically including the
respective code if SSLv2 support is compiled into SSLsplit.
2014-11-03 19:39:13 +01:00
Daniel Roethlisberger
edf1dac8fa Improve manual page re protocols and scalability
Issue:		#42
2014-11-02 20:40:53 +01:00
Daniel Roethlisberger
769fbd042d Filter HSTS response headers to allow cert override
Also remove HTTP Strict Transport Security (HSTS, RFC 6797) headers from
HTTP responses.  With HSTS active, the user is not allowed to accept
untrusted certificates.
2014-11-02 20:25:17 +01:00
Daniel Roethlisberger
cc6cb59485 Rewrite Mac OS X support to use proper XNU headers
Move from one set of headers per major OS X release to one set of
headers per XNU release.  Fetch the header files from Apple's official
Open Source site instead of GitHub in the fetchdeps developer target.
As a side effect, 10.6.x is now supported as well (untested), and proper
headers are used for 10.10.

Issue:		#39
2014-10-30 22:01:55 +00:00
Daniel Roethlisberger
001615c53b Update khash.h to latest klib master 2014-10-28 23:59:17 +01:00
Daniel Roethlisberger
b1a7b11aea Don't depend on the space when parsing HTTP headers 2014-10-28 23:31:07 +01:00
Daniel Roethlisberger
d85e5ddbe2 Disable SSLv2 support by default 2014-10-28 23:24:37 +01:00
Daniel Roethlisberger
d6f2fa067d Update TODO and refer to github issues 2014-10-24 22:07:02 +02:00
Daniel Roethlisberger
0a225ae65c Update documentation after merging pull req #35 2014-10-23 13:28:14 +02:00