Archives
/
SSLproxy
mirror of https://github.com/sonertari/SSLproxy
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
develop
master
v0.5.0
v0.5.1
v0.5.2
v0.5.3
v0.5.4
v0.5.5
v0.5.6
v0.5.7
v0.5.8
v0.5.9
v0.6.0
v0.7.0
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.8.4
v0.8.5
v0.8.6
v0.9.0
v0.9.1
v0.9.2
v0.9.3
v0.9.4
v0.9.5
v0.9.6
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'eca1ac9a5e'
${ noResults }
SSLproxy/TODO

17 lines
995 B
Plaintext
Raw Blame History

Legacy list of to do items; see github issues for a more up to date list.
- Control SSL_OP_SINGLE_ECDH_USE and other de-optimizations by a
"prefer speed to security" command line option
- Optionally add ephemeral RSA key to SSL_CTX to allow export cipher suites
http://www.openssl.org/docs/ssl/SSL_CTX_set_tmp_rsa_callback.html
- Dump cipher suites sent by the client in debug mode
- Consider memory pools for use by per-connection state
- Handle renego & client cert authentication more gracefully
- Separate orig cert retrieval from actual fwd address/proto config
- CRL denial mode based on targetdir cert's CDPs or by identifying CRL ASN.1
- Browser update denial mode
- Extendable approach to broken certificate verification implementations
- Client fingerprinting: only intercept clients with headers matching regex
- Configurable and/or scriptable modification of requests and/or responses
- Sample scripts for single file/fifo content log postprocessing
Reference in New Issue View Git Blame Copy Permalink