Archives
/
SSLproxy
mirror of https://github.com/sonertari/SSLproxy
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
480 Commits
2 Branches
26 Tags
3.0 MiB
develop
master
v0.5.0
v0.5.1
v0.5.2
v0.5.3
v0.5.4
v0.5.5
v0.5.6
v0.5.7
v0.5.8
v0.5.9
v0.6.0
v0.7.0
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.8.4
v0.8.5
v0.8.6
v0.9.0
v0.9.1
v0.9.2
v0.9.3
v0.9.4
v0.9.5
v0.9.6
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ecfaf24614'
${ noResults }
Commit Graph

480 Commits (ecfaf246141a20b189e409ce297eeffb31af5fce)
 

Author SHA1 Message Date
Soner Tari ecfaf24614 Add more child info to conns list, and clean-up 7 years ago
Soner Tari 5047df8cba Fix some of the compiler warnings, rearrange, and clean-up 7 years ago
Soner Tari be54db770f Add comments, improvements, and clean-up 7 years ago
Soner Tari 0b0f6b21dc Add uuid to all conn mctxs, otherwise we cannot uniquely identify them, causing trouble especially while deleting conns 
Fix issues, clean-up
 7 years ago
Soner Tari 833e1903e1 Dump conn info list 
Remove conns using delete list of timed out conns
Fix issues, improvements
 7 years ago
Soner Tari c11ca7a195 Fix freeing of non-ssl buffer events and fds 7 years ago
Soner Tari 4a34c4792b travis-cgi.org issue seems to be gone now 
Rely less on parent ctx, and more on meta ctx
Rearrange, improve, and clean-up
 7 years ago
Soner Tari 82b58c2dab Fix multithreading 
Clean-up
 7 years ago
Soner Tari 9858928b73 Add debug levels, initial 7 years ago
Soner Tari ab600c8215 Leave if getsockname() fails 7 years ago
Soner Tari d71533f0b9 Remove SSL proxy specific header line from the packet on the egress exit 
Insert our header line right after the first header line in the packet in case the packet is fragmented, otherwise Squid is confused when it cannot find our header line in the first packet
 7 years ago
Soner Tari ad63380b07 Fix e2 port specs, otherwise we get: 
"Error from socket() fd2: Protocol not supported (43)
Error opening socket: Bad file descriptor (9)"
 7 years ago
Soner Tari 85a96ec844 First working SSL version, surprisingly running so fine and stable for a first prototype that I think there is something wrong and it is just running in passthrough mode :), seriously this is just the beginning. 7 years ago
Soner Tari d033ea68dd Plain TCP version is running good enough, next will try to switch the SSL on 7 years ago
Daniel Roethlisberger 7677fe0655 SSLsplit 0.5.0 release 8 years ago
Daniel Roethlisberger cf79be7b2b Fix BSDmakefile for recent versions of BSD make 8 years ago
Daniel Roethlisberger 4c7b1419e4 Include netinet/in.h for INET6_ADDRSTRLEN 8 years ago
Daniel Roethlisberger 0dbb2aee8f Add autossl to NEWS 8 years ago
Daniel Roethlisberger c7bc4219da Merge branch 'feature/autossl' into develop 
Issue:		#87
Contributed by:	Richard Poole
 8 years ago
Daniel Roethlisberger b1cc2b30c1 Remove debug printf 8 years ago
Daniel Roethlisberger 2b02891206 Add paragraph on autossl to README 8 years ago
Daniel Roethlisberger 29f44c3d64 Add autossl spec parsing tests and improve docs 8 years ago
Daniel Roethlisberger ca7f20e442 Fix connect log for autossl connections 8 years ago
Daniel Roethlisberger e67978f4dd Merge branch 'develop' into feature/autossl 8 years ago
Daniel Roethlisberger 3c20f473fa Rename and improve autossl peeking function 8 years ago
Daniel Roethlisberger 9843ead5d7 Copy SNI hostname from OpenSSL if ctx->sni is NULL 8 years ago
Daniel Roethlisberger 2f834419eb Handle inbound EOF before outbound CONNECTED 
Fix segmentation fault upon receiving BEV_EVENT_EOF on the inbound
bufferevent while the outbound bufferevent has not received
BEV_EVENT_CONNECTED yet.

Issue:		#124
Patch by:	Eun Soo Park
 8 years ago
Daniel Roethlisberger 1bd963caf2 Modernize fast cipher suites example and explanation 8 years ago
Daniel Roethlisberger ac3e845fbe Test dnsbase and evbase for !NULL before freeing 
Fix segmentation fault upon exiting the main loop that was introduced
when evdns initialization was made optional, resulting in dnsbase
elements not always being initialized.

Introduced in:	0e2b748
 8 years ago
Daniel Roethlisberger c76b04025e Update khash.h to latest version 8 years ago
Daniel Roethlisberger 3bda2715c7 Don't test NONNULL spec in first loop iteration 8 years ago
Daniel Roethlisberger 88c039b059 Don't test NONNULL arguments for NULL 8 years ago
Daniel Roethlisberger 76cb576ab9 Update NEWS 8 years ago
Daniel Roethlisberger 25b096450d Modernize DHE and ECDHE support 
Enable full strength DHE and ECDHE by default in order to allow modern
browsers to connect without weak crypto warnings.

Issue:		#119
Reported by:	@curioustwo
 8 years ago
Daniel Roethlisberger e632490888 Add exception handler to logger, exit on errors 
Add exception handler mechanism to logger and use that to exit cleanly
when sslsplit fails to write to a log file or fails to open a log file.

Issue:		#113
Reported by:	Matthias Kadenbach
 8 years ago
Daniel Roethlisberger 0b858431a2 Add warning if version string is bogus 8 years ago
Daniel Roethlisberger 0506024587 Update copyright notices to 2016 8 years ago
Daniel Roethlisberger 1c9aa249a9 Fix Travis build by disabling tests using IPv6 
TravisCI has removed IPv6 support in 2016.  To cope with this regression
in the testing infrastructure, disable all tests on Travis that depend
on the system being able to handle ::1 as an IP address.  Normal unit
testing still uses the full test suite.
 8 years ago
Daniel Roethlisberger d404063eab Attempt at fixing TravisCI ::1 resolution 8 years ago
Daniel Roethlisberger b3b7a7ab17 Merge branch 'develop' into feature/autossl 8 years ago
Daniel Roethlisberger 43b697d875 Initialize proxy before daemonizing 
Issue:		#104
 8 years ago
Daniel Roethlisberger b3a3c36b70 Fix the SSL session timeout calculation 
Issue:		#115
Reported by:	Eun Soo Park
 8 years ago
Daniel Roethlisberger 73324dcd7b Update NEWS.md 8 years ago
Daniel Roethlisberger 88973e1757 Add support for XNU 3247.1.106, 3247.10.11 and 3248.20.55 
Add XNU headers for OS X 10.11, 10.11.1 and 10.11.2.
 8 years ago
Daniel Roethlisberger ba2f451f5e Fix bev write handler for other->closed case 
When other->closed is set, the bufferevent write handler accesses
other->bev even though it is invalid.  Fix this access, and as added
layer of defense against future bugs, set ->bev to NULL whenever
invalidating it, except where the connection is torn down completely.

Reported by:	Eun Soo Park
Introduced in:	2bcfaf4 17d753f
Issue:		#109
 9 years ago
Daniel Roethlisberger 17d753fc2d Fix NULL pointer dereference in bev write handler 
Only manipulate other->bev if it is not NULL to avoid a NULL pointer
dereference in the proxy bufferevent write handler when only one
direction is fully established, for example during connection shutdown.

Reported by:	@david-holonet
Introduced in:	2bcfaf4
Issue:		#109
 9 years ago
Daniel Roethlisberger 2bcfaf4b44 Re-enable EV_READ if disabled and outbuf empty 
The event buffer write handler failes to re-enable the corresponding
read event of the opposite connection if the buffer is not only down to
less than half the limit, but completely emptied.  In that case, the
read event would never be re-enabled and the connection would stall and
time out.

Issue:		#109
Patch by:	Eun Soo Park
 9 years ago
Daniel Roethlisberger 02ab680b34 Add log to PCAP conversion script 
Add contributed python script for parsing the output of sslsplit -L
from a log file or named pipe and converting the log entries to an
emulated PCAP format.  Information not contained in the log, such as
sequence numbers, IP IDs etc is emulated and does not correspond to the
original packets on the network.

Issue:		#27
Contributed by:	Maciej Kotowicz
 9 years ago
Daniel Roethlisberger ceffe7a676 Add log parsing script for sslsplit -L 
Add contributed script to read and parse the output of sslsplit -L from
a named pipe or log file and post-process the logged connection data
programmatically from python.

Issue:		#27
Contributed by:	Maciej Kotowicz
 9 years ago
Daniel Roethlisberger b95f46b8bd Add XNU headers for OS X 10.10.3, 10.10.4 and 10.10.5 
Add pf ioctl API headers for XNU releases 2782.20.48 (10.10.3),
2782.30.5 (10.10.4) and 2782.40.9 (10.10.5).
 9 years ago