Archives
/
SSLproxy
mirror of https://github.com/sonertari/SSLproxy
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
717 Commits
2 Branches
26 Tags
3.1 MiB
develop
master
v0.5.0
v0.5.1
v0.5.2
v0.5.3
v0.5.4
v0.5.5
v0.5.6
v0.5.7
v0.5.8
v0.5.9
v0.6.0
v0.7.0
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.8.4
v0.8.5
v0.8.6
v0.9.0
v0.9.1
v0.9.2
v0.9.3
v0.9.4
v0.9.5
v0.9.6
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd1a3328c58'
${ noResults }
Commit Graph

113 Commits (d1a3328c5899d66e647574413986a1b11cee8257)

Author SHA1 Message Date
Soner Tari f9b850f63b Add user info to SSLproxy header line, so listening programs know network users 
Debug print conf file option
 6 years ago
Soner Tari 074e5d6400 Add LeafKeyRSABits option for user to change leaf key RSA keysize in bits, so it can be set to 1024|2048|3072|4096 now 6 years ago
Soner Tari dcaaa49f90 Improve documentation and use better names 6 years ago
Soner Tari 7b11eb15fa Update copyright year to 2019 6 years ago
Soner Tari 76a599d464 Put the getdtablecount() solution back in, otherwise sometimes, although rarely, we get "Error 24 on listener: Too many open files" nonstop, it's better to be safe(r) 6 years ago
Soner Tari 1f451aa04d Change user db table name to users, change mac column name to ether 
Clean up
 6 years ago
Soner Tari c37bcc6de1 Add UserDBPath and UserTimeout options 6 years ago
Soner Tari cde3fbca3f Redirect user to login page and redirect again to orig target after successful authentication, currently supported only on OpenBSD 
Get ethernet address and compare with the one in userdb, on each conn setup
Create user_auth options
Rename and clean-up
 6 years ago
Soner Tari 70a22f4515 Do not break the event loop if out of fds, instead properly check all retvals of libevent functions 
So remove getdtable*() solution
 6 years ago
Soner Tari 52d37297b6 Update with sslsplit develop changes, especially content logging 
Change SIGHUP to behave like SIGUSR1
 6 years ago
Soner Tari d2e9ab4487 Merge sslsplit-develop changes 6 years ago
Soner Tari 0c8348db75 Merge sslsplit develop changes 6 years ago
Soner Tari e8054deed3 Set option defaults in opts_new() now 
Use bit instead of int for boolean options
 6 years ago
Soner Tari 5e2724c38b Update version to 0.5.6 
Improve man pages and help message
 6 years ago
Soner Tari 442425177c Fix proxyspec definition and examples in usage message 6 years ago
Soner Tari 27650fab69 Support all command line options in the conf file as well 
Update with the latest sslsplit-devel changes
 6 years ago
Soner Tari 027b6e3a95 Update with sslsplit develop changes 7 years ago
Soner Tari 42348cbe41 Add Ciphers option to conf file 7 years ago
Soner Tari 9d435e180c Update with SSLsplit 0.5.2 and develop branch changes as of 270218 7 years ago
Soner Tari 4c8831bd90 Update with SSLsplit 0.5.1 changes, fix LibreSSL version issues 
Add VerifyPeer and AllowWrongHost options
 7 years ago
Soner Tari 392c6be48c Add SSLproxy copyright to -v output 7 years ago
Soner Tari a1c5d05143 Add support for log priority to error logs, so syslogd prints the correct prio for error logs now 7 years ago
Soner Tari 179aa4fc8f Close the conn if we are out of file descriptors, or libevent will crash us 7 years ago
Soner Tari 4bf27d09e5 Add RemoveHTTPReferer option, Referer causes redirection errors with some sites 7 years ago
Soner Tari d52ee62079 Add RemoveHTTPAcceptEncoding option 7 years ago
Soner Tari 0b5ef8b14d Mark critical errors as CRITICAL 7 years ago
Soner Tari 7748e3ec1b Add conf file support, with -f command line option, supports a subset of all possible options 7 years ago
Soner Tari 1a6eab50a5 Tidy and clean logs up 
Add DEBUG_PROXY directive around all log_dbg_level_printf() and related lines
Log stats to syslog, similar to error logs, so that it is simpler to rotate and parse
-O w/o -g is failing bufferevent_socket_connect for parent dst, so either enable -O w/ -g, or disable -O w/o -g (-O2 is failing too)
Refactoring
 7 years ago
Soner Tari ea6dc07248 Rename to sslproxy 
Reduce http headers to just one SSLproxy line
 7 years ago
Soner Tari 1ae732f533 There are 3 dst bevs, writecbs of all of them may fire before connected event, so call eventcb first when that happens for each dst bevs. 
Check if srv_dst bev is NULL or not: Since both eventcb and writecb for srv_dst are enabled, either eventcb or writecb may get a NULL srv_dst bev, causing a crash with signal 10.
Remove unnecessary evutil_closesocket() calls, they could close the fds twice, causing conn stalls
 7 years ago
Soner Tari 67ddee1585 Import sslsplit-devel changes 
Add stats logs, initial
Add SSLproxy_SrcAddr header field
Clean-up
 7 years ago
Soner Tari 5047df8cba Fix some of the compiler warnings, rearrange, and clean-up 7 years ago
Soner Tari 9858928b73 Add debug levels, initial 7 years ago
Soner Tari d033ea68dd Plain TCP version is running good enough, next will try to switch the SSL on 7 years ago
Daniel Roethlisberger 29f44c3d64 Add autossl spec parsing tests and improve docs 9 years ago
Daniel Roethlisberger 25b096450d Modernize DHE and ECDHE support 
Enable full strength DHE and ECDHE by default in order to allow modern
browsers to connect without weak crypto warnings.

Issue:		#119
Reported by:	@curioustwo
 9 years ago
Daniel Roethlisberger e632490888 Add exception handler to logger, exit on errors 
Add exception handler mechanism to logger and use that to exit cleanly
when sslsplit fails to write to a log file or fails to open a log file.

Issue:		#113
Reported by:	Matthias Kadenbach
 9 years ago
Daniel Roethlisberger 0b858431a2 Add warning if version string is bogus 9 years ago
Daniel Roethlisberger 0506024587 Update copyright notices to 2016 9 years ago
Daniel Roethlisberger 43b697d875 Initialize proxy before daemonizing 
Issue:		#104
 9 years ago
Daniel Roethlisberger 95d4a9bc35 Explicitly initialize OpenSSL with SSL proxy specs 
Make sure we always initialize OpenSSL explicitly, even if there are no
certificates or keys loaded or generated.  Previously, OpenSSL would
only have been initialized if the configuration actually uses
certificates or keys, which is not always the case, e.g. with -t
pointing to an empty directory.

Issue:		#92
Reported by:	xelalexv
 10 years ago
Daniel Roethlisberger 77109df8d2 Improve docs on autogenerated 1024 bit RSA leaf key 
Issue:		#83
 10 years ago
Daniel Roethlisberger 80b727054b Refactor proxyspec printing into proxyspec_str() 10 years ago
Daniel Roethlisberger ce002378b8 Use more intuitive letters for new format specs 
%D for Destination host, %p for the (more interesting) destination port,
%S for Source host, %q for the (less interesting) source port.
 10 years ago
Daniel Roethlisberger e17108f9b7 Merge branch 'master' of https://github.com/AdamJacobMuller/sslsplit into issue/74 10 years ago
Daniel Roethlisberger 914360eb5e Separate host and port into separate strings 
Store host and port in separate strings internally and get rid of the
[host]:port representation where separate host and port would be
cleaner.  This includes the following user-visible changes:

-   Generated filenames that contain host and port, such as by -S and
    -F %d and %s, now use a host,port format instead of [host]:port.

-   Connect log now uses separate fields for host and port.

Issue:		#69 #74
Reported by:	Adam Jacob Muller
 10 years ago
Daniel Roethlisberger 91da4674e5 Update copyright, license and tagline 
-   Update copyright to 2015
-   Remove the non-standard "unmodified" from the 2-clause BSD license
-   Remove scalable from the tagline to avoid misinterpretations
 10 years ago
Adam Jacob Muller 9267cf9bb4 add support for: 
%f - dest address
%h - dest port
%t - source address
%v - source port

format specifiers to pathspec
 10 years ago
Daniel Roethlisberger f16783cee2 Move cert writer to logger thread using privsep 
Make -w and -W work in conjunction with dropping privileges and
chrooting by moving the cert writer code to a separate logger thread and
using the privsep framework to open the files if they do not exist
already.

Issue:		#70
 10 years ago
Daniel Roethlisberger 6ec6c56ded Refactored -w/-W and improved docs 10 years ago