]>
ruderich.org/simon Gitweb - tlsproxy/tlsproxy.git/log
Simon Ruderich [Sat, 17 Sep 2011 19:30:17 +0000 (21:30 +0200)]
src/connection.c: Correctly log suggested buffer size.
Simon Ruderich [Sat, 17 Sep 2011 19:26:21 +0000 (21:26 +0200)]
src/verify.c: Remove duplicated code.
Moved to new helper function get_certificate_path().
Simon Ruderich [Sat, 17 Sep 2011 18:59:01 +0000 (20:59 +0200)]
src/connection.c: Move code to get proxy certificate path to verify.c.
Moved to new function proxy_certificate_path() in verify.c.
Simon Ruderich [Thu, 8 Sep 2011 13:55:58 +0000 (15:55 +0200)]
src/connection.c: Reduce calls to gnutls_record_get_max_size().
Calling it once per connection is sufficient.
Simon Ruderich [Tue, 6 Sep 2011 14:31:11 +0000 (16:31 +0200)]
src/*.c: Minor documentation updates.
Simon Ruderich [Tue, 6 Sep 2011 14:30:01 +0000 (16:30 +0200)]
README: Minor documentation updates.
Simon Ruderich [Tue, 6 Sep 2011 14:20:09 +0000 (16:20 +0200)]
src/log.c: Fix build without DEBUG.
Broken in
64bfebde76d568808b6fa8a8d09b4b5afe13dc15 .
Simon Ruderich [Tue, 6 Sep 2011 14:13:12 +0000 (16:13 +0200)]
Check return value of snprintf().
Simon Ruderich [Fri, 19 Aug 2011 00:14:00 +0000 (02:14 +0200)]
configure.ac: Compile with additional security features if GCC is used.
See http://wiki.debian.org/Hardening for more information.
Simon Ruderich [Thu, 18 Aug 2011 23:53:52 +0000 (01:53 +0200)]
Implement cleaner logging approach.
Simon Ruderich [Wed, 23 Mar 2011 22:42:28 +0000 (23:42 +0100)]
Release 0.2.
Simon Ruderich [Wed, 23 Mar 2011 22:34:52 +0000 (23:34 +0100)]
src/verify.c: Print server certificate in case of an error.
Simon Ruderich [Wed, 23 Mar 2011 22:34:13 +0000 (23:34 +0100)]
README: Fix typo.
Simon Ruderich [Tue, 22 Mar 2011 16:09:32 +0000 (17:09 +0100)]
src/connection.c: Remove unnecessary check.
Simon Ruderich [Tue, 22 Mar 2011 16:09:15 +0000 (17:09 +0100)]
src/tlsproxy.c: Initialize done with 0 for clarity.
Simon Ruderich [Tue, 22 Mar 2011 16:08:02 +0000 (17:08 +0100)]
Minor whitespace fixes.
Simon Ruderich [Tue, 22 Mar 2011 16:07:44 +0000 (17:07 +0100)]
Minor source comment fixes.
Simon Ruderich [Wed, 16 Mar 2011 21:29:10 +0000 (22:29 +0100)]
README: Add KNOWN ISSUES with a minor Firefox problem.
Simon Ruderich [Wed, 16 Mar 2011 21:26:37 +0000 (22:26 +0100)]
src/tlsproxy.h: Prepend global_ to tls_priority_cache and tls_dh_params.
Simon Ruderich [Wed, 16 Mar 2011 16:58:42 +0000 (17:58 +0100)]
src/connection.c: Send HTML in error messages.
Simon Ruderich [Wed, 16 Mar 2011 13:25:45 +0000 (14:25 +0100)]
README: Improve -u description.
Simon Ruderich [Tue, 15 Mar 2011 21:31:50 +0000 (22:31 +0100)]
README: Add information about -u option.
Simon Ruderich [Tue, 15 Mar 2011 21:01:28 +0000 (22:01 +0100)]
tests/test-*.sh: Minor comment update.
Simon Ruderich [Tue, 15 Mar 2011 20:52:43 +0000 (21:52 +0100)]
Add -u option to pass through unknown hostnames.
Also add tests.
If -d 2 is used then use SO_REUSEADDR, necessary for the test suite as
we have to restart the proxy and otherwise we have to wait for the
timeout.
Simon Ruderich [Tue, 15 Mar 2011 20:35:21 +0000 (21:35 +0100)]
tests/client.c: Exit with EXIT_FAILURE if hostname doesn't match.
Simon Ruderich [Tue, 15 Mar 2011 20:34:33 +0000 (21:34 +0100)]
tests: Correctly handle cleanup of (temporary) files.
Simon Ruderich [Tue, 15 Mar 2011 20:27:49 +0000 (21:27 +0100)]
tests: Separate common test data, move tests in tests-normal.sh.
Simon Ruderich [Tue, 15 Mar 2011 18:05:26 +0000 (19:05 +0100)]
README: Clarify use of `proxy-invalid.pem`.
No client data is sent to the server in case of an error.
Simon Ruderich [Tue, 15 Mar 2011 16:12:11 +0000 (17:12 +0100)]
src/tlsproxy.c: Add missing htonl() for INADDR_ANY.
Not really necessary as INADDR_ANY is normally 0.
Simon Ruderich [Tue, 15 Mar 2011 16:01:29 +0000 (17:01 +0100)]
Add ./configure --disable-ipv6 to use IPv4 only.
For networks stacks which don't support any IPv6.
Simon Ruderich [Sun, 13 Mar 2011 16:14:55 +0000 (17:14 +0100)]
.gitignore: Sort.
Simon Ruderich [Fri, 11 Mar 2011 23:55:51 +0000 (00:55 +0100)]
NEWS: Add.
Simon Ruderich [Fri, 11 Mar 2011 23:49:34 +0000 (00:49 +0100)]
README: Add.
Simon Ruderich [Fri, 11 Mar 2011 23:21:33 +0000 (00:21 +0100)]
tests/tests.sh: Add missing license.
Simon Ruderich [Fri, 11 Mar 2011 23:15:47 +0000 (00:15 +0100)]
.gitignore: Ignore .o files.
Simon Ruderich [Fri, 11 Mar 2011 23:15:27 +0000 (00:15 +0100)]
.gitignore: Ignore files created by tests/.
Simon Ruderich [Fri, 11 Mar 2011 23:13:30 +0000 (00:13 +0100)]
.gitignore: Use absolute paths, starting from repository root.
Simon Ruderich [Fri, 11 Mar 2011 23:12:29 +0000 (00:12 +0100)]
tests: Add. Test basic behavior.
Simon Ruderich [Fri, 11 Mar 2011 21:46:55 +0000 (22:46 +0100)]
src/tlsproxy.c: Only handle SIGINT in DEBUG mode.
It's useful for valgrind in DEBUG mode, but makes it more difficult to
terminate tlsproxy (Ctrl-C no longer works) in case of a
stalled/unfinished connection.
Simon Ruderich [Fri, 11 Mar 2011 21:37:54 +0000 (22:37 +0100)]
src/tlsproxy-add: Add, adds server certificates to tlsproxy.
Simon Ruderich [Fri, 11 Mar 2011 21:37:34 +0000 (22:37 +0100)]
src/tlsproxy-setup: Print message when done.
Simon Ruderich [Fri, 11 Mar 2011 02:42:42 +0000 (03:42 +0100)]
src/Makefile.am: Distribute tlsproxy-setup.
Simon Ruderich [Fri, 11 Mar 2011 02:41:13 +0000 (03:41 +0100)]
src/tlsproxy-setup.sh: Rename to tlsproxy-setup.
Simon Ruderich [Fri, 11 Mar 2011 02:26:36 +0000 (03:26 +0100)]
src/tlsproxy.c: Fix error message.
Simon Ruderich [Fri, 11 Mar 2011 02:22:29 +0000 (03:22 +0100)]
src/connection.c: Fix memory leak in initialize_tls_session_*().
Simon Ruderich [Fri, 11 Mar 2011 02:03:50 +0000 (03:03 +0100)]
src/tlsproxy-setup.sh: Add. Creates files to use tlsproxy.
Simon Ruderich [Fri, 11 Mar 2011 02:02:00 +0000 (03:02 +0100)]
src/connection.c: Use "invalid" certificate when the server certificate changes.
This special "invalid" certificate lets the client know there was a
problem.
Simon Ruderich [Thu, 10 Mar 2011 23:26:08 +0000 (00:26 +0100)]
Verify the server certificate against a stored copy.
Simon Ruderich [Thu, 10 Mar 2011 23:20:06 +0000 (00:20 +0100)]
src/connection.c: Finish the TLS connection instead of closing it.
This ensures the transmission was complete.
Simon Ruderich [Thu, 10 Mar 2011 23:18:36 +0000 (00:18 +0100)]
src/connection.c: Move path related defines to tlsproxy.h.
Thus all file constants are stored in one place.
Simon Ruderich [Thu, 10 Mar 2011 22:17:49 +0000 (23:17 +0100)]
src/: Move log related functions/defines to log.[hc].
Simon Ruderich [Tue, 8 Mar 2011 02:47:29 +0000 (03:47 +0100)]
Intercept TLS connections between client and server.
Talk to the client as TLS server and to the server as TLS client and
transferring data transparently between them.
_No_ fingerprint validation of the server certificate is done yet!
Simon Ruderich [Tue, 8 Mar 2011 02:17:14 +0000 (03:17 +0100)]
src/tlsproxy.c: Ignore SIGPIPEs.
Simon Ruderich [Mon, 7 Mar 2011 20:30:09 +0000 (21:30 +0100)]
src/connection.c: Align WARNING (now "WARN ") in log_message().
Simon Ruderich [Mon, 7 Mar 2011 20:29:05 +0000 (21:29 +0100)]
src/connection.c: Close connections only in one place.
Simon Ruderich [Mon, 7 Mar 2011 19:59:29 +0000 (20:59 +0100)]
src/: Improve debug output/logging.
Simon Ruderich [Mon, 7 Mar 2011 17:06:56 +0000 (18:06 +0100)]
src/: Prefix all global variables with global_.
Simon Ruderich [Mon, 7 Mar 2011 17:05:17 +0000 (18:05 +0100)]
src/tlsproxy.c: Fix missing -t in print_usage().
Simon Ruderich [Mon, 7 Mar 2011 16:47:05 +0000 (17:47 +0100)]
src/connection.c: Fix switched variables in read_from_write_to().
Simon Ruderich [Mon, 7 Mar 2011 16:46:07 +0000 (17:46 +0100)]
src/connection.c: Add missing close() in handle_connection().
Simon Ruderich [Mon, 7 Mar 2011 16:45:10 +0000 (17:45 +0100)]
src/connection.c: Minor source comment fixes.
Simon Ruderich [Mon, 7 Mar 2011 05:52:41 +0000 (06:52 +0100)]
src/*.c: Always use constants on the left in comparisons.
Simon Ruderich [Mon, 7 Mar 2011 05:33:05 +0000 (06:33 +0100)]
src/tlsproxy.c: Improve command line argument error messages.
Simon Ruderich [Mon, 7 Mar 2011 00:41:06 +0000 (01:41 +0100)]
src/*: Cleanup includes.
Simon Ruderich [Mon, 7 Mar 2011 00:31:16 +0000 (01:31 +0100)]
src/*: Split src/tlsproxy.c in several files.
Simon Ruderich [Sun, 6 Mar 2011 15:21:22 +0000 (16:21 +0100)]
configure.ac: Simpler check for libraries.
Simon Ruderich [Sun, 6 Mar 2011 01:39:05 +0000 (02:39 +0100)]
src/tlsproxy.c: Add thread support.
By default 10 threads are spawned.
Simon Ruderich [Sun, 6 Mar 2011 00:34:55 +0000 (01:34 +0100)]
src/tlsproxy.c: Fix wrong timeout for poll(), -1 is infinity.
Simon Ruderich [Sat, 5 Mar 2011 23:12:47 +0000 (00:12 +0100)]
.gitignore: Also ignore config.h.in~.
Simon Ruderich [Sat, 5 Mar 2011 22:25:47 +0000 (23:25 +0100)]
src/tlsproxy.c: Fix possible warning.
Simon Ruderich [Sat, 5 Mar 2011 22:16:55 +0000 (23:16 +0100)]
Switch to GNU autotools.
Simon Ruderich [Sun, 27 Feb 2011 13:36:12 +0000 (14:36 +0100)]
tlsproxy.c: Free resources when receiving SIGINT.
Simon Ruderich [Sun, 27 Feb 2011 02:44:36 +0000 (03:44 +0100)]
tlsproxy.c: Use getopt() to parse command line arguments.
Simon Ruderich [Sun, 27 Feb 2011 01:54:35 +0000 (02:54 +0100)]
Makefile: Add.
Simon Ruderich [Sun, 27 Feb 2011 01:47:56 +0000 (02:47 +0100)]
tlsproxy.c: Add more debug output.
Simon Ruderich [Sun, 27 Feb 2011 01:47:01 +0000 (02:47 +0100)]
tlsproxy.c: Add -proxy command line option to use another TLS proxy.
Simon Ruderich [Sun, 27 Feb 2011 01:22:05 +0000 (02:22 +0100)]
tlsproxy.c: Add read_http_request().
Simon Ruderich [Sun, 27 Feb 2011 00:30:56 +0000 (01:30 +0100)]
Initial commit.
tlsproxy is (at the moment) a transparent TLS proxy for HTTPS
connections.