SSLproxy

Commit Graph

Author	SHA1	Message	Date
Soner Tari	52d37297b6	Update with sslsplit develop changes, especially content logging Change SIGHUP to behave like SIGUSR1	6 years ago
Soner Tari	f681b31497	Decouple ssl from tcp and other protocols Improve and clean up	6 years ago
Soner Tari	9d435e180c	Update with SSLsplit 0.5.2 and develop branch changes as of 270218	6 years ago
Soner Tari	4c8831bd90	Update with SSLsplit 0.5.1 changes, fix LibreSSL version issues Add VerifyPeer and AllowWrongHost options	6 years ago
Soner Tari	a1c5d05143	Add support for log priority to error logs, so syslogd prints the correct prio for error logs now	7 years ago
Soner Tari	0b5ef8b14d	Mark critical errors as CRITICAL	7 years ago
Soner Tari	1a6eab50a5	Tidy and clean logs up Add DEBUG_PROXY directive around all log_dbg_level_printf() and related lines Log stats to syslog, similar to error logs, so that it is simpler to rotate and parse -O w/o -g is failing bufferevent_socket_connect for parent dst, so either enable -O w/ -g, or disable -O w/o -g (-O2 is failing too) Refactoring	7 years ago
Soner Tari	67ddee1585	Import sslsplit-devel changes Add stats logs, initial Add SSLproxy_SrcAddr header field Clean-up	7 years ago
Soner Tari	1b9a192947	Remove recursion while freeing children, parent frees children in a loop now Improve, simplify, clean-up	7 years ago
Soner Tari	ae35623c15	Remove meta ctx completely Fix issues	7 years ago
Soner Tari	09e1c858b9	Refactoring to remove mctx	7 years ago
Soner Tari	1a446cd243	Refactoring: Create child ctx Rearrange, clean-up	7 years ago
Soner Tari	e8332f11cf	Make conn termination more similar to orig sslsplit code Free child info struct of a deleted child Rename, rearrange, and clean-up	7 years ago
Soner Tari	d6e1ed2cef	Fix a potential issue which could forward a packet without any SSL proxy address Rename, rearrange, and clean-up	7 years ago
Soner Tari	e3266cc811	Fix closing fd2 when uninit, i.e. fd2=0, which was freeing stdin Clean-up and improvements	7 years ago
Soner Tari	8ad3b5db25	Defer all e2 setup until after parent is connected Clean-up and improvements	7 years ago
Soner Tari	6975175117	Defer e2 setup until after parent is connected, to prevent multithreading issues Refactoring, improvements	7 years ago
Soner Tari	4d88906d24	Clean up and improve	7 years ago
Soner Tari	ad1f95e465	Remove conn mutexes: Use thrmgr mutex during attach/detatch only, do eveything in the same thread, do not touch the other threads Flex, fix, and improve conn termination: Make it more similar to orig sslsplit code Fix issues, and clean-up	7 years ago
Soner Tari	5047df8cba	Fix some of the compiler warnings, rearrange, and clean-up	7 years ago
Soner Tari	be54db770f	Add comments, improvements, and clean-up	7 years ago
Soner Tari	0b0f6b21dc	Add uuid to all conn mctxs, otherwise we cannot uniquely identify them, causing trouble especially while deleting conns Fix issues, clean-up	7 years ago
Soner Tari	833e1903e1	Dump conn info list Remove conns using delete list of timed out conns Fix issues, improvements	7 years ago
Soner Tari	4a34c4792b	travis-cgi.org issue seems to be gone now Rely less on parent ctx, and more on meta ctx Rearrange, improve, and clean-up	7 years ago
Soner Tari	82b58c2dab	Fix multithreading Clean-up	7 years ago
Soner Tari	9858928b73	Add debug levels, initial	7 years ago
Soner Tari	ad63380b07	Fix e2 port specs, otherwise we get: "Error from socket() fd2: Protocol not supported (43) Error opening socket: Bad file descriptor (9)"	7 years ago
Soner Tari	85a96ec844	First working SSL version, surprisingly running so fine and stable for a first prototype that I think there is something wrong and it is just running in passthrough mode :), seriously this is just the beginning.	7 years ago
Soner Tari	d033ea68dd	Plain TCP version is running good enough, next will try to switch the SSL on	7 years ago
Daniel Roethlisberger	e632490888	Add exception handler to logger, exit on errors Add exception handler mechanism to logger and use that to exit cleanly when sslsplit fails to write to a log file or fails to open a log file. Issue: #113 Reported by: Matthias Kadenbach	8 years ago
Daniel Roethlisberger	0506024587	Update copyright notices to 2016	8 years ago
Daniel Roethlisberger	43b697d875	Initialize proxy before daemonizing Issue: #104	8 years ago
Daniel Roethlisberger	0e2b748bba	Only init DNS when DNS is required by proxy specs Only initialize evdns if DNS lookups are actually required by the loaded proxy specifications. This allows sslsplit to work in non-DNS modes in situations where the local DNS resolver does not work, such as for local use on a system without network connectivity. Currently, only SNI based proxy specs require DNS. On systems without network connectivity, DNS subsystem init may fail due to /etc/resolv.conf being (temporarily) unavailable. Issue: #104	9 years ago
Daniel Roethlisberger	c28ca34fe1	Revert "bugfix: actually parse resolv.conf at startup" This reverts commit `aaa4e94f84`. The initialize_nameservers argument to evdns_base_new was deliberately not set to 1 because we call evdns_resolv_conf_parse manually later, as we want more differentiated error reporting. Issue: #86	9 years ago
Richard Poole	aaa4e94f84	bugfix: actually parse resolv.conf at startup	9 years ago
Daniel Roethlisberger	91da4674e5	Update copyright, license and tagline - Update copyright to 2015 - Remove the non-standard "unmodified" from the 2-clause BSD license - Remove scalable from the tagline to avoid misinterpretations	9 years ago
Daniel Roethlisberger	e69b13f2eb	SIGUSR1 re-opens -l/-L log files; add defaults.h Issue: #52	10 years ago
Daniel Roethlisberger	c01ace1261	Introduce privilege separation architecture Fork into a monitor parent process and an actual proxy child process, communicating over AF_UNIX sockets. Certain privileged operations are performed through the privileged parent process, like opening log files or listener sockets, while all other operations happen in the child process, which can now drop its privileges without side-effects for log file opening and other privileged operations. This is also a preparation for -l/-L logfile reopening through SIGUSR1. This means that -S and -F are no longer relative to chroot() if used with -j. This is a deliberate POLA violation.	10 years ago
Daniel Roethlisberger	9338200705	Detect when libevent cannot parse resolv.conf Issue: #17 Reported by: Florian Schaefer	11 years ago
Daniel Roethlisberger	06a02f946a	Always explicitly name the non-null arguments Always explicitly name which arguments are non-null, even if all arguments are non-null. This is to avoid bugs where newly added arguments are automatically non-null by accident, possibly leading to optimisation errors. This also fixes a few potential errors related to non-null arguments; specifically it prevents the compiler optimising away a test for sni being NULL in cachedsess_mkkey(). Issue: #14 Reported by: kythyria	11 years ago
Daniel Roethlisberger	ca923ee7f1	Update copyright notices to 2014	11 years ago
Daniel Roethlisberger	080604e3c2	Fix segfault after thread manager start failure This should fix the segmentation fault in issue #10 but not the underlying reason why the thread manager fails to start in the first place. Issue: #10 Reported by: linuxton	11 years ago
Daniel Roethlisberger	a0fd9c1050	Start thrmgr threads after forking	11 years ago
Daniel Roethlisberger	c972501063	Update copyright notices	11 years ago
Daniel Roethlisberger	bd639bf847	Fix typo in comment	11 years ago
Daniel Roethlisberger	8eb5165760	Optimize debug branching using __builtin_expect()	12 years ago
Daniel Roethlisberger	4cfdef405a	Initial import of sslsplit-0.4.2	12 years ago

47 Commits (52d37297b64fa1897c2d1c7220e630b0a74a776c)