Archives
/
SSLproxy
mirror of https://github.com/sonertari/SSLproxy
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
320 Commits
2 Branches
26 Tags
3.1 MiB
develop
master
v0.5.0
v0.5.1
v0.5.2
v0.5.3
v0.5.4
v0.5.5
v0.5.6
v0.5.7
v0.5.8
v0.5.9
v0.6.0
v0.7.0
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.8.4
v0.8.5
v0.8.6
v0.9.0
v0.9.1
v0.9.2
v0.9.3
v0.9.4
v0.9.5
v0.9.6
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c8e9f231bd'
${ noResults }
Commit Graph

320 Commits (c8e9f231bdeb045422d0c2cc05b5ea07b37dab5d)
 

Author SHA1 Message Date
Daniel Roethlisberger c8e9f231bd Fix loading of certificate chains with OpenSSL 1.0.2 
SSLsplit was directly accessing `extra_certs` within `SSL_CTX` to get to
the extra certificates chain.  When building on OpenSSL 1.0.2 or newer,
use the new API instead of directly accessing `extra_certs`.

Issue:		#79
 10 years ago
Daniel Roethlisberger 580d2286b9 Record the actual XNU version detected 10 years ago
Daniel Roethlisberger 89860add8a Add XNU header selection fallback 
If the proper headers matching either the reported XNU version or OS X
version exactly cannot be found, use the latest headers that SSLsplit
knows about.  This fixes build on new releases of OS X that have no
source code published by Apple yet.
 10 years ago
Daniel Roethlisberger 992c90db3b Escape # in shell invocation 
This fixes the following make error on Mac OS X versions that we don't
explicitly support yet due to missing sources:

    GNUmakefile:55: *** unterminated call to function `shell': missing `)'.
    Stop.

Reported by:	Justin Garrick
 10 years ago
Daniel Roethlisberger 00253f34db Quote dollar signs in shell invocation 
Reported by:	Justin Garrick
 10 years ago
Daniel Roethlisberger 61cd0fb541 SSLsplit 0.4.10 release 10 years ago
Daniel Roethlisberger 5ac565f5df Note that -j impacts -S and -F 10 years ago
Daniel Roethlisberger 008821cfca Update NEWS.md 10 years ago
Daniel Roethlisberger ab466aafb7 Allow -u root with pf proxyspecs on OS X 10 years ago
Daniel Roethlisberger f076336e0b Don't allow -u on Mac OS X with pf proxyspecs 
Apple checks EUID==0 on ioctl(/dev/pf), whereas OpenBSD and FreeBSD only
check permissions on open(/dev/pf).  This means that on OS X, it is not
possible to open /dev/pf, drop privileges, and send an ioctl to the file
descriptor opened earlier with EUID==0.  It also means Apple broke the
Unix way of dealing with device nodes - why are there file permissions
on /dev/pf when they later enforce EUID==0 on use, thereby breaking
basic Unix mechanisms?  Work around this by disallowing -u with pf
proxyspecs and by not automatically dropping to nobody on Mac OS X.

Issue:		#65
Reported by:	Vladimir Marteev
 10 years ago
Daniel Roethlisberger c4b22efa5a Fix segmentation fault for aborted connections 10 years ago
Daniel Roethlisberger 9341f25e6d Explicitly support Yosemite 10.10.1 with XNU 2782.1.97 10 years ago
Daniel Roethlisberger 47abb0030d Update clean target for newer clang build artefacts 10 years ago
Daniel Roethlisberger 16a1beb655 Fix version output on local procinfo availability 10 years ago
Daniel Roethlisberger a9bd438756 Minor updates to manual page 10 years ago
Daniel Roethlisberger 12ff6e6ddf Merge https://github.com/fix-macosx/sslsplit 
Conflicts:
	GNUmakefile
	main.c
 10 years ago
Daniel Roethlisberger 65f56f634d Improve error handling on logging calls 10 years ago
Daniel Roethlisberger 98520c8091 Remove old struct definition 10 years ago
Daniel Roethlisberger c24d32e9e5 Remove obsolete preinit code 10 years ago
Daniel Roethlisberger 25edad1b6a Merge branch 'rewrite/logthr' 10 years ago
Daniel Roethlisberger d1d6d295df Fixing error-case memory leaks in uid/gid lookups 10 years ago
Daniel Roethlisberger b5e3856a97 Move open() and mkdir() to logger thread 10 years ago
Daniel Roethlisberger 5fd1d7de9c Rename flags for clarity 10 years ago
Daniel Roethlisberger 77942a7abb Fix compiler warning on type conversion 10 years ago
Daniel Roethlisberger 007823b16e Fix connect logging for corner cases 10 years ago
Daniel Roethlisberger 80af8f7d52 Fix SSL_METHOD* const mismatch on OpenSSL < 1.0.0 10 years ago
Daniel Roethlisberger 125163a003 Add local process lookup on FreeBSD using sysctl() API 10 years ago
Daniel Roethlisberger 7b8ba7310d Fix uid/gid lookup where sysconf(_SC_GETPW_R_SIZE_MAX) fails 
On some platforms, sysconf(_SC_GETPW_R_SIZE_MAX) compiles but never
succeeds (e.g. FreeBSD 8.4).  Fix this by dynamically enlarging an
initially small buffer until it is large enough, and reuse the
determined buffer size on subsequent calls to the same function.
 10 years ago
Daniel Roethlisberger c35e40a597 Update NEWS.md for OpenSSL 0.9.8y bug workaround 10 years ago
Daniel Roethlisberger 341d6b77d1 Use SSL_get_certificate() hack for OpenSSL 0.9.8y 
OpenSSL 0.9.8y also crashes in OpenSSL's SSL_get_certificate() on a
NULL pointer dereference.  Fix by also using the direct access hack
developed for OpenSSL 1.0.0k and 1.0.1e with OpenSSL 0.9.8y.
 10 years ago
Daniel Roethlisberger e1156a3482 Make awk regexp more robust 10 years ago
Daniel Roethlisberger 352b199166 Remove spurious space in netfilter output 10 years ago
Daniel Roethlisberger c5b8fd127f Add version and ciphersuite to connect and debug log 10 years ago
Daniel Roethlisberger 077fb8c348 Handle other address families and abort when found 10 years ago
Daniel Roethlisberger fcd008df4b Unify asprintf error handling 10 years ago
Daniel Roethlisberger ec9cc5fb23 Fix usr/grp test with Linux `id` 10 years ago
Daniel Roethlisberger b1ec5d0e09 Improve log_content_open() error handling 10 years ago
Daniel Roethlisberger 6f2f0af0c3 Fix usr/grp formatting unit test when id fails 10 years ago
Daniel Roethlisberger 328e3320f9 Fix build for !HAVE_LOCAL_PROCINFO 10 years ago
Daniel Roethlisberger 18c3e055e3 Refactor recursive mkdir() into sys_mkpath() 10 years ago
Daniel Roethlisberger 8c71970f33 Add unit test for sys_user_str and sys_group_str 10 years ago
Daniel Roethlisberger 84dfba04f2 Update manual page 10 years ago
Daniel Roethlisberger e022b2af26 Add local process information to connect log 10 years ago
Daniel Roethlisberger 08ca5b2891 Also print pid if lookup (partially or fully) fails 10 years ago
Daniel Roethlisberger 48e00cf947 Remove stubs that should never be used 10 years ago
Daniel Roethlisberger 96ad8f92af Add -i and restore order 10 years ago
Daniel Roethlisberger 544b93a9ab Add procinfo status to -V 10 years ago
Daniel Roethlisberger 6cc01ec32b Update NEWS.md for -i 10 years ago
Daniel Roethlisberger 150650c7e9 Make local procinfo run-time optional (-i) and use src host:port 10 years ago
Daniel Roethlisberger 42497693d1 Rename define for consistency 10 years ago