Fabian Keil [Thu, 11 Jul 2024 17:09:51 +0000 (19:09 +0200)]
wolfssl: Use log_error() more often
log_ssl_errors() is only supposed to be used for TLS-related errors.
Fabian Keil [Wed, 10 Jul 2024 13:58:37 +0000 (15:58 +0200)]
wolfssl ssl_(send|recv)_data(): Call wolfSSL_ERR_clear_error() before doing any work
Prevents logging of bogus errors like:
15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: RSA key too small
15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: RSA key too small
15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: RSA key too small
15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: RSA key too small
15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: RSA key too small
15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: RSA key too small
15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: RSA key too small
15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: ECC key too small
15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: error state on socket
15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: Peer closed underlying transport Error
15:53:27.933 009 Error: Failed to send the modified content to the client over TLS
Fabian Keil [Wed, 10 Jul 2024 13:36:43 +0000 (15:36 +0200)]
wolfssl ssl_store_cert(): Consistently use log_error() to log errors
Previously log_ssl_errors() was used which only works for TLS errors.
Prevents logging stale errors like:
15:10:34.153 007 Error: X509 certificate verification for www.youtube.com failed with error -161: ASN alternate name error
15:10:34.156 007 Error: wolfSSL_PEM_write_bio_X509() failed: RSA key too small
15:10:34.156 007 Error: wolfSSL_PEM_write_bio_X509() failed: RSA key too small
15:10:34.156 007 Error: wolfSSL_PEM_write_bio_X509() failed: RSA key too small
15:10:34.156 007 Error: wolfSSL_PEM_write_bio_X509() failed: RSA key too small
15:10:34.156 007 Error: wolfSSL_PEM_write_bio_X509() failed: RSA key too small
15:10:34.156 007 Error: wolfSSL_PEM_write_bio_X509() failed: RSA key too small
15:10:34.156 007 Error: wolfSSL_PEM_write_bio_X509() failed: RSA key too small
15:10:34.156 007 Error: wolfSSL_PEM_write_bio_X509() failed: ECC key too small
15:10:34.156 007 Error: wolfSSL_PEM_write_bio_X509() failed: ASN alternate name error
15:10:34.156 007 Error: wolfSSL_PEM_write_bio_X509() failed: ASN alternate name error
15:10:34.156 007 Error: ssl_store_cert() failed for cert 2
15:10:34.156 007 Error: Incomplete certificate information for www.youtube.com.
While at it, add periods to log messages.
Fabian Keil [Thu, 27 Jun 2024 23:13:19 +0000 (01:13 +0200)]
Block requests for .amazon-adsystem.com/
Fabian Keil [Wed, 14 Aug 2024 16:38:57 +0000 (18:38 +0200)]
Disable fast-redirects to duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/
Fabian Keil [Wed, 14 Aug 2024 11:23:28 +0000 (13:23 +0200)]
Disable fast-redirects for .creator-spring.com/_next/image
Fabian Keil [Mon, 10 Jun 2024 12:32:22 +0000 (14:32 +0200)]
Disable fast redirects for accounts.bahn.de/
Fabian Keil [Tue, 9 Apr 2024 09:47:08 +0000 (11:47 +0200)]
wolfSSL shutdown_connection(): Shorten an error message
... to not include the return code which is always -1.
Fabian Keil [Wed, 26 Jun 2024 14:40:39 +0000 (16:40 +0200)]
Bump copyright
Fabian Keil [Wed, 26 Jun 2024 14:31:29 +0000 (16:31 +0200)]
Bump copyright
Fabian Keil [Wed, 26 Jun 2024 14:31:06 +0000 (16:31 +0200)]
Bump copyright
Fabian Keil [Wed, 26 Jun 2024 14:31:03 +0000 (16:31 +0200)]
Bump copyright
Fabian Keil [Thu, 11 Jul 2024 08:21:03 +0000 (10:21 +0200)]
OpenSSL generate_key(): Check EVP_RSA_gen()'s return value
Fabian Keil [Wed, 26 Jun 2024 14:23:46 +0000 (16:23 +0200)]
Factor out create_hexadecimal_hash_of_host()
Fabian Keil [Wed, 26 Jun 2024 13:23:25 +0000 (15:23 +0200)]
Use SHA256 as hash algorithm for the certificate and key file names
... instead of MD5.
The known MD5 vulnerabilities shoulnd't matter for Privoxy's use case
but it doesn't hurt to use a hash algorithm that isn't deprecated.
Sponsored by: Robert Klemme
Fabian Keil [Wed, 10 Jul 2024 17:39:03 +0000 (19:39 +0200)]
OpenSSL generate_key(): Use EVP_RSA_gen() when using OpenSSL 3.0 or later
Silences a bunch of deprecation warnings:
openssl.c:1523:10: warning: 'RSA_new' is deprecated [-Wdeprecated-declarations]
1523 | rsa = RSA_new();
| ^
/usr/local/include/openssl/rsa.h:201:1: note: 'RSA_new' has been explicitly marked deprecated here
201 | OSSL_DEPRECATEDIN_3_0 RSA *RSA_new(void);
| ^
/usr/local/include/openssl/macros.h:182:49: note: expanded from macro 'OSSL_DEPRECATEDIN_3_0'
182 | # define OSSL_DEPRECATEDIN_3_0 OSSL_DEPRECATED(3.0)
| ^
/usr/local/include/openssl/macros.h:62:52: note: expanded from macro 'OSSL_DEPRECATED'
62 | # define OSSL_DEPRECATED(since) __attribute__((deprecated))
| ^
openssl.c:1540:10: warning: 'RSA_generate_key_ex' is deprecated [-Wdeprecated-declarations]
1540 | ret = RSA_generate_key_ex(rsa, RSA_KEYSIZE, exp, NULL);
| ^
/usr/local/include/openssl/rsa.h:260:1: note: 'RSA_generate_key_ex' has been explicitly marked deprecated here
260 | OSSL_DEPRECATEDIN_3_0 int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e,
| ^
/usr/local/include/openssl/macros.h:182:49: note: expanded from macro 'OSSL_DEPRECATEDIN_3_0'
182 | # define OSSL_DEPRECATEDIN_3_0 OSSL_DEPRECATED(3.0)
| ^
/usr/local/include/openssl/macros.h:62:52: note: expanded from macro 'OSSL_DEPRECATED'
62 | # define OSSL_DEPRECATED(since) __attribute__((deprecated))
| ^
openssl.c:1549:9: warning: 'EVP_PKEY_set1_RSA' is deprecated [-Wdeprecated-declarations]
1549 | if (!EVP_PKEY_set1_RSA(key, rsa))
| ^
/usr/local/include/openssl/evp.h:1345:1: note: 'EVP_PKEY_set1_RSA' has been explicitly marked deprecated here
1345 | OSSL_DEPRECATEDIN_3_0
| ^
/usr/local/include/openssl/macros.h:182:49: note: expanded from macro 'OSSL_DEPRECATEDIN_3_0'
182 | # define OSSL_DEPRECATEDIN_3_0 OSSL_DEPRECATED(3.0)
| ^
/usr/local/include/openssl/macros.h:62:52: note: expanded from macro 'OSSL_DEPRECATED'
62 | # define OSSL_DEPRECATED(since) __attribute__((deprecated))
| ^
openssl.c:1592:7: warning: 'RSA_free' is deprecated [-Wdeprecated-declarations]
1592 | RSA_free(rsa);
| ^
/usr/local/include/openssl/rsa.h:293:1: note: 'RSA_free' has been explicitly marked deprecated here
293 | OSSL_DEPRECATEDIN_3_0 void RSA_free(RSA *r);
| ^
/usr/local/include/openssl/macros.h:182:49: note: expanded from macro 'OSSL_DEPRECATEDIN_3_0'
182 | # define OSSL_DEPRECATEDIN_3_0 OSSL_DEPRECATED(3.0)
| ^
/usr/local/include/openssl/macros.h:62:52: note: expanded from macro 'OSSL_DEPRECATED'
62 | # define OSSL_DEPRECATED(since) __attribute__((deprecated))
| ^
Maxim Khon [Wed, 3 Jul 2024 13:37:28 +0000 (15:37 +0200)]
Add missing "#include <stddef.h>" to fix the build on macOS
... after
19d7684ca10f.
Prevents:
gateway.c:845:18: error: call to undeclared function 'offsetof'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration]
Fixes SF#150.
Fabian Keil [Mon, 8 Apr 2024 13:39:07 +0000 (15:39 +0200)]
GNUmakefile.in: Shorten warning
Fabian Keil [Mon, 8 Apr 2024 13:04:03 +0000 (15:04 +0200)]
GNUMakefile.in: Let the install target work if no group is specified
Fabrice Fontaine [Sun, 31 Mar 2024 17:23:47 +0000 (19:23 +0200)]
GNUMakefile.in: Set GROUP_T when installing configuration files as root
... and there is no privoxy user available.
Prevents the install target from failing with:
Installing templates to /tmp/etc/templates
id: privoxy: no such user
******************************************************************
WARNING! WARNING! installing config files as root!
It is strongly recommended to run privoxy as a non-root user,
and to install the config files as that user and/or group!
Please read INSTALL, and create a privoxy user and group!
*******************************************************************
Installing configuration files to /tmp/etc
Installing config as config.new
usage: install [-bCcpSsUv] [-f flags] [-g group] [-m mode] [-o owner]
[-M log] [-D dest] [-h hash] [-T tags]
[-B suffix] [-l linkflags] [-N dbdir]
file1 file2
install [-bCcpSsUv] [-f flags] [-g group] [-m mode] [-o owner]
[-M log] [-D dest] [-h hash] [-T tags]
[-B suffix] [-l linkflags] [-N dbdir]
file1 ... fileN directory
install -dU [-vU] [-g group] [-m mode] [-N dbdir] [-o owner]
[-M log] [-D dest] [-h hash] [-T tags]
directory ...
gmake: *** [GNUmakefile:865: install] Error 1
Fabian Keil [Wed, 3 Apr 2024 18:46:21 +0000 (20:46 +0200)]
wolfSSL: Downgrade a log message to LOG_LEVEL_CONNECT
Fabian Keil [Mon, 1 Apr 2024 19:24:40 +0000 (21:24 +0200)]
Bump copyright
Fabian Keil [Mon, 1 Apr 2024 18:46:24 +0000 (20:46 +0200)]
Disable fast-redirect for archive.softwareheritage.org/
Fabian Keil [Sun, 31 Mar 2024 11:54:18 +0000 (13:54 +0200)]
wolfSSL: Log if wolfSSL_shutdown() succeeds after retrying
Fabian Keil [Sun, 31 Mar 2024 13:48:49 +0000 (15:48 +0200)]
privoxy-regression-test: Bump version
Fabian Keil [Sun, 31 Mar 2024 13:20:45 +0000 (15:20 +0200)]
privoxy-regression-test: Bump copyright
Fabian Keil [Sun, 31 Mar 2024 13:20:21 +0000 (15:20 +0200)]
privoxy-regression-test: Add --curl option to use a non-default curl binary
Fabian Keil [Fri, 21 Jun 2024 16:34:10 +0000 (18:34 +0200)]
Remove obsolete parts of TODO item #1
Fabian Keil [Mon, 10 Jun 2024 11:54:15 +0000 (13:54 +0200)]
Add Laurent Caumont as contributor
Fabian Keil [Sun, 9 Jun 2024 13:22:08 +0000 (15:22 +0200)]
Bump copyright
Fabian Keil [Sun, 9 Jun 2024 12:50:34 +0000 (14:50 +0200)]
is_untrusted_url(): Search the encrypted headers for the Referer
... when the client is using https and https inspection is enabled.
Fixes the trust mechanism for https requests.
Reported by Laurent Caumont in #1767.
Fabian Keil [Sun, 9 Jun 2024 12:42:28 +0000 (14:42 +0200)]
is_untrusted_url(): Remove stray space
Fabian Keil [Sun, 2 Jun 2024 13:45:16 +0000 (15:45 +0200)]
Remove stray space
Fabian Keil [Sun, 2 Jun 2024 13:02:09 +0000 (15:02 +0200)]
Remove stray space
Fabian Keil [Mon, 3 Jun 2024 14:57:34 +0000 (16:57 +0200)]
log_error(): Add missing space and new line in fatal error message
Fabian Keil [Wed, 22 May 2024 12:36:25 +0000 (14:36 +0200)]
Remove silver sponsor scrubtheweb.com
Fabian Keil [Wed, 22 May 2024 12:32:36 +0000 (14:32 +0200)]
Remove bronze sponsor vpnxpert.com
Fabian Keil [Wed, 22 May 2024 12:31:32 +0000 (14:31 +0200)]
Remove bronze sponsor moneybanker.fr
Fabian Keil [Wed, 22 May 2024 12:30:58 +0000 (14:30 +0200)]
Remove bronze sponsor www.betrugstest.com
Fabian Keil [Fri, 3 May 2024 13:50:01 +0000 (15:50 +0200)]
Bump copyright
Fabian Keil [Fri, 3 May 2024 13:40:19 +0000 (15:40 +0200)]
Add www.proxidize.com as Bronze level sponsor
Fabian Keil [Mon, 1 Apr 2024 15:19:06 +0000 (17:19 +0200)]
wolfSSL: Use LIBWOLFSSL_VERSION_HEX to decide whether or not to use WOLFSSL_X509_V_OK
As Roland pointed out, in older wolfSSL releases X509_V_OK
is an enum so the previous commit
838bc3c0e did not work
as expected there.
Fabian Keil [Mon, 1 Apr 2024 14:41:27 +0000 (16:41 +0200)]
wolfSSL: Unconditionally increment shutdown_attempts
Previously the succeeding attempt wasn't counted.
Fabian Keil [Mon, 1 Apr 2024 11:46:39 +0000 (13:46 +0200)]
wolfSSL: Bump MAX_SHUTDOWN_ATTEMPTS to 5 as an experiment
Fabian Keil [Mon, 1 Apr 2024 11:31:20 +0000 (13:31 +0200)]
privoxy-log-parser: Highlight 'Not shutting down client connection on socket 8. The socket is no longer alive.'
Fabian Keil [Sun, 31 Mar 2024 15:50:18 +0000 (17:50 +0200)]
Bump copyright
Fabian Keil [Sun, 31 Mar 2024 15:16:46 +0000 (17:16 +0200)]
wolfSSL: Use X509_V_OK if it's available
Older wolfSSL releases don't have WOLFSSL_X509_V_OK yet.
Reported by Roland [0].
[0]: <https://lists.privoxy.org/pipermail/privoxy-devel/2024-March/000759.html>
Fabian Keil [Sun, 31 Mar 2024 15:04:43 +0000 (17:04 +0200)]
wolfSSL: Use variable type wc_Md5 instead of md5
As Roland reported [0] the latter may not be available.
[0] <https://lists.privoxy.org/pipermail/privoxy-devel/2024-March/000759.html>
Fabian Keil [Sun, 31 Mar 2024 15:01:36 +0000 (17:01 +0200)]
wolfSSL: Use variable type WC_RNG instead of RNG
As Roland reported [0] the latter may not be available.
[0] <https://lists.privoxy.org/pipermail/privoxy-devel/2024-March/000759.html>
Fabian Keil [Sun, 31 Mar 2024 11:50:02 +0000 (13:50 +0200)]
wolfSSL: Make it more obvious that Subject Alternative Name support is mandatory
Fabian Keil [Sun, 31 Mar 2024 11:15:33 +0000 (13:15 +0200)]
Add Juliusz Sosinowicz as contributor
Fabian Keil [Sun, 31 Mar 2024 11:11:59 +0000 (13:11 +0200)]
wolfSSL: Include wolfssl/openssl/pem.h
Apparently this is needed on some systems including Linux Mint 21.2.
Reported by by Juliusz Sosinowicz.
Fabian Keil [Sun, 31 Mar 2024 10:54:25 +0000 (12:54 +0200)]
wolfSSL: Use WOLFSSL_X509_V_OK instead of X509_V_OK
They have the same value but X509_V_OK may need
an additional header.
Reported by withoutname in #1765.
Fabian Keil [Sun, 17 Mar 2024 18:00:25 +0000 (19:00 +0100)]
privoxy-log-parser: Bump copyright
Fabian Keil [Sun, 17 Mar 2024 18:00:05 +0000 (19:00 +0100)]
privoxy-log-parser: Highlight 'Keeping chunk offset at 0 despite flushing 31 bytes.'
Fabian Keil [Sun, 17 Mar 2024 17:59:35 +0000 (18:59 +0100)]
handle_established_connection(): Add a period to a log message
Fabian Keil [Fri, 10 Jun 2022 15:56:44 +0000 (17:56 +0200)]
Add test scenario acl-destination-permitted
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Fri, 10 Jun 2022 15:45:12 +0000 (17:45 +0200)]
Add test scenario acl-destination-denied
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Fri, 10 Jun 2022 15:15:52 +0000 (17:15 +0200)]
Add test scenario acl-ip-address-denied
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Fri, 10 Jun 2022 15:15:42 +0000 (17:15 +0200)]
Add test scenario acl-ip-address-permitted
Sponsored by: Privoxy project funds collected at SPI
Roland Rosenfeld [Wed, 1 Jun 2022 11:26:55 +0000 (13:26 +0200)]
tests/cts: When there's lots of POST data, read it from a file
... instead of the command line (two more tests affected).
Fabian Keil [Tue, 24 May 2022 06:07:40 +0000 (08:07 +0200)]
tests/cts: When there's lots of POST data, read it from a file
... instead of the command line.
Makes it less likely that the curl executions fails due
to the argument list being too long.
Reported by: Roland
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Wed, 10 Mar 2021 15:05:04 +0000 (16:05 +0100)]
Add test scenario chunked-transfer-encoding-https
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Sun, 17 Mar 2024 18:11:19 +0000 (19:11 +0100)]
Test scenario chunked-transfer-encoding: Skip tests that require 'writesize' support
... in the curl test framework as the patch hasn't been upstreamed yet.
Fabian Keil [Sat, 23 Jan 2021 14:22:03 +0000 (15:22 +0100)]
Add test scenario chunked-transfer-encoding
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Tue, 8 Feb 2022 12:22:11 +0000 (13:22 +0100)]
Add test scenario blocked-https-requests
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Sat, 6 Feb 2021 10:57:24 +0000 (11:57 +0100)]
Add test scenario gif-deanimation
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Sun, 28 Mar 2021 09:09:29 +0000 (11:09 +0200)]
Add test scenario client-tags
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Sun, 28 Mar 2021 01:05:37 +0000 (03:05 +0200)]
Add test scenario client-body-tagger-https
Sponsored by: Robert Klemme
Fabian Keil [Sat, 27 Mar 2021 14:04:11 +0000 (15:04 +0100)]
Add test scenario client-body-tagger
Sponsored by: Robert Klemme
Fabian Keil [Fri, 26 Mar 2021 11:01:28 +0000 (12:01 +0100)]
Add test scenario client-body-filter-https
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Fri, 26 Mar 2021 06:06:07 +0000 (07:06 +0100)]
Add test scenario client-body-filter
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Tue, 9 Mar 2021 16:40:54 +0000 (17:40 +0100)]
Add test scenario forward-to-socks-proxy
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Tue, 9 Mar 2021 09:16:06 +0000 (10:16 +0100)]
Add test scenario forward-to-http-proxy
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Fri, 5 Mar 2021 07:19:04 +0000 (08:19 +0100)]
Add test scenario pac-file-delivery
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Wed, 3 Feb 2021 10:41:43 +0000 (11:41 +0100)]
Add test scenario user-manual-https
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Wed, 3 Feb 2021 10:36:51 +0000 (11:36 +0100)]
Add test scenario user-manual-http
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Thu, 28 Jan 2021 13:56:59 +0000 (14:56 +0100)]
Add test scenario gzip compression
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Fri, 22 Jan 2021 15:32:10 +0000 (16:32 +0100)]
Add test scenario header-filters
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Tue, 19 Jan 2021 17:54:50 +0000 (18:54 +0100)]
Add test scenario content-filters
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Sun, 10 Jan 2021 15:18:17 +0000 (16:18 +0100)]
Add upstream-tests scenario
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Sun, 10 Jan 2021 09:17:30 +0000 (10:17 +0100)]
Add tests for redirects for https-inspected requests
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Sun, 10 Jan 2021 08:48:35 +0000 (09:48 +0100)]
Add redirect tests
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Sat, 9 Jan 2021 18:54:09 +0000 (19:54 +0100)]
Add tests for destination rewrite
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Sun, 10 Jan 2021 03:37:16 +0000 (04:37 +0100)]
Add tests for rewrite behind the client's back with https
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Sat, 9 Jan 2021 18:05:53 +0000 (19:05 +0100)]
Add tests for client-header-order with https-inspection enabled
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Sat, 9 Jan 2021 15:49:29 +0000 (16:49 +0100)]
Add client-header-order tests
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Sat, 27 Feb 2021 09:54:18 +0000 (10:54 +0100)]
Add a README for the tests based on the curl test suite (cts)
Contains improvements made after feedback from Roland.
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Sun, 10 Jan 2021 05:50:06 +0000 (06:50 +0100)]
Add run-privoxy-tests.sh
... which takes care of starting Privoxy before running tests.
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Fri, 22 Jan 2021 08:25:39 +0000 (09:25 +0100)]
Add logs directory for the tests based on the curl test suite
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Sat, 12 Jul 2014 12:15:23 +0000 (14:15 +0200)]
Add a generated test manifest file
.. to skip curl tests that aren't relevant for Privoxy or
are known not to work for other reasons.
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Sat, 17 Nov 2012 14:02:18 +0000 (15:02 +0100)]
Add a script to generate a runtests.pl exclude file for Privoxy
curl tests that are known not to work with Privoxy are skipped.
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Sat, 9 Jan 2021 15:49:08 +0000 (16:49 +0100)]
Add runtests-wrapper.sh
A wrapper around curl's runtests.pl.
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Sun, 15 Jun 2014 16:28:51 +0000 (18:28 +0200)]
Add privoxy-runtests.pm
Overwrites some of the functions used by curl's runtests.pl
to let it properly deal with Privoxy being used as proxy.
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Sun, 17 Mar 2024 13:11:01 +0000 (14:11 +0100)]
Add Fabrice Fontaine as contributor
Fabrice Fontaine [Sun, 17 Mar 2024 11:36:31 +0000 (12:36 +0100)]
GNUmakefile.in: Don't exit if configuration files are installed as root
... as this can be considered acceptable when cross-compiling
Privoxy inside an autobuilder with only a root user.
Fabian Keil [Wed, 28 Feb 2024 16:52:37 +0000 (17:52 +0100)]
Disable fast-redirect for syndication.twitter.com/
Fabian Keil [Thu, 4 Jan 2024 04:44:12 +0000 (05:44 +0100)]
Unblock .datenschmutz.de/
Fabian Keil [Thu, 11 Mar 2021 17:08:11 +0000 (18:08 +0100)]
user-manual: List wolfSSL as potential dependency
... in the 'Third-party licenses and copyrights' section.
Sponsored by: Privoxy project funds collected at SPI
Fabian Keil [Tue, 12 Jan 2021 07:12:38 +0000 (08:12 +0100)]
Allow to use wolfSSL for https inspection
It's licensed under GPlv2 or later and unlike mbedTLS
there don't seem to be plans to change the license.
As a bonus, wolfSSL supports TLS 1.3 and can be significantly
faster than mbedTLS. Mainly tested on ElectroBSD amd64 where
it can compete with OpenSSL and LibreSSL:
https://www.fabiankeil.de/gehacktes/privoxy-tls-benchmarks/
To enable the support, install wolfSSL and run ./configure
with the --with-wolfssl option.
Privoxy users and packagers that currently build Privoxy
binaries with mbedTLS may want to consider using wolfSSL
in the future once it has been properly tested.
Sponsored by: Privoxy project funds collected at SPI
projects / privoxy.git / log