Fabian Keil [Tue, 27 Sep 2022 10:14:12 +0000 (12:14 +0200)]
Initialize ca-related defaults with strdup_or_die()
... so errors aren't silently ignored.
Fabian Keil [Mon, 3 Oct 2022 07:32:20 +0000 (09:32 +0200)]
Add Chakib Benziane as contributor
Fabian Keil [Mon, 3 Oct 2022 07:25:32 +0000 (09:25 +0200)]
Disable filter{banners-by-size} for .freiheitsfoo.de/
Fabian Keil [Fri, 30 Sep 2022 05:35:31 +0000 (07:35 +0200)]
privoxy-log-parser: Highlight the socket number in 'debug 16' messages
Fabian Keil [Thu, 29 Sep 2022 14:34:59 +0000 (16:34 +0200)]
privoxy-log-parser: Highlight the socket number in 'debug 32768' messages
Fabian Keil [Wed, 28 Sep 2022 06:06:55 +0000 (08:06 +0200)]
Bump copyright
Fabian Keil [Wed, 28 Sep 2022 06:06:14 +0000 (08:06 +0200)]
make_path: Use malloc_or_die()
... in cases where allocation errors were already fatal anyway.
Fabian Keil [Wed, 28 Sep 2022 05:57:59 +0000 (07:57 +0200)]
Disable filter{banners-by-size} for freebsdfoundation.org/
Fabian Keil [Fri, 30 Sep 2022 06:29:57 +0000 (08:29 +0200)]
Bump copyright
Fabian Keil [Tue, 9 Aug 2022 06:31:25 +0000 (08:31 +0200)]
OpenSSL generate_host_certificate(): Use X509_get_subject_name()
... instead of X509_get_issuer_name() to get the issuer for generated
website certificates so there are no warnings in the browser when using
an intermediate CA certificate instead of a self-signed root certificate.
Problem reported and patch submitted by Chakib Benziane.
Fabian Keil [Tue, 27 Sep 2022 08:46:12 +0000 (10:46 +0200)]
Rebuild config file
Fabian Keil [Tue, 27 Sep 2022 08:45:13 +0000 (10:45 +0200)]
Bump copyright
Fabian Keil [Tue, 27 Sep 2022 08:43:43 +0000 (10:43 +0200)]
Rebuild docs
Fabian Keil [Tue, 27 Sep 2022 08:42:15 +0000 (10:42 +0200)]
Add avoidr as contributor
Fabian Keil [Tue, 27 Sep 2022 08:41:01 +0000 (10:41 +0200)]
config: Fix the documented ca-directory default value
Reported by avoidr.
Fabian Keil [Mon, 26 Sep 2022 09:31:50 +0000 (11:31 +0200)]
Rebuild docs
Fabian Keil [Sun, 25 Sep 2022 18:10:24 +0000 (20:10 +0200)]
Mention bundeswehr.de filter in the user manual
Fabian Keil [Tue, 13 Sep 2022 11:27:24 +0000 (13:27 +0200)]
uagen: Update BROWSER_VERSION and BROWSER_REVISION to 102.0
... to match the User-Agent of the current Firefox ESR.
Roland Rosenfeld [Sun, 25 Sep 2022 18:02:44 +0000 (20:02 +0200)]
Merge Debian 3.0.33-2 and 3.0.33-3 changes.
Fabian Keil [Thu, 25 Aug 2022 18:33:46 +0000 (20:33 +0200)]
Disable fast-redirects for consent.youtube.com/
Fabian Keil [Tue, 23 Aug 2022 18:38:48 +0000 (20:38 +0200)]
Block requests to ups.xplosion.de/
Fabian Keil [Sat, 6 Aug 2022 06:46:11 +0000 (08:46 +0200)]
user.action: Add copyright information
Fabian Keil [Sat, 6 Aug 2022 06:42:54 +0000 (08:42 +0200)]
user.action: Add example section for the bundeswehr.de filter
Fabian Keil [Fri, 5 Aug 2022 21:13:07 +0000 (23:13 +0200)]
uagen: Explicitly document that changing the 'Gecko token' is suspicious
Fabian Keil [Fri, 5 Aug 2022 21:04:20 +0000 (23:04 +0200)]
uagen: Consistently use a lower-case 'c' as copyright symbol
Fabian Keil [Fri, 5 Aug 2022 21:00:20 +0000 (23:00 +0200)]
uagen: Bump copyright
Fabian Keil [Fri, 5 Aug 2022 20:59:45 +0000 (22:59 +0200)]
uagen: Add 'aarch64' as Linux architecture
Fabian Keil [Fri, 5 Aug 2022 08:50:59 +0000 (10:50 +0200)]
default.filter: Bump coypright
Fabian Keil [Fri, 5 Aug 2022 08:32:20 +0000 (10:32 +0200)]
Block requests for elsa.memoinsights.com/t
Fabian Keil [Fri, 5 Aug 2022 08:31:09 +0000 (10:31 +0200)]
Fix a typo in a test
Fabian Keil [Fri, 5 Aug 2022 08:04:56 +0000 (10:04 +0200)]
Add a filter for bundeswehr.de
Fabian Keil [Fri, 5 Aug 2022 07:41:12 +0000 (09:41 +0200)]
privoxy-log-parser: Highlight the Crunch reason only once
Previously the "crunch reason" could also be highlighted when
the URL contained a matching string. The real crunch reason
only occurs once per line, so there's no need to continue
looking for it after it has been found once.
While at it, add a comment with an example log line.
Fabian Keil [Wed, 3 Aug 2022 13:13:36 +0000 (15:13 +0200)]
Disable fast-redirects for launchpad.net/
Fabian Keil [Mon, 25 Jul 2022 05:56:19 +0000 (07:56 +0200)]
Add moneybanker.fr as Bronze level sponsor
Fabian Keil [Sun, 10 Jul 2022 16:09:51 +0000 (18:09 +0200)]
Unblock .eff.org/
Fabian Keil [Sun, 10 Jul 2022 07:12:30 +0000 (09:12 +0200)]
privoxy-log-parser: Highlight 'Client successfully connected over TLSv1.3 (TLS_AES_128_GCM_SHA256).'
Fabian Keil [Sat, 9 Jul 2022 06:12:05 +0000 (08:12 +0200)]
privoxy-log-parser: Higlight 'Server successfully connected over TLSv1.3 (TLS_AES_256_GCM_SHA384).'
Fabian Keil [Sat, 9 Jul 2022 06:22:13 +0000 (08:22 +0200)]
privoxy-log-parser: Bump version to 0.9.5
Fabian Keil [Fri, 8 Jul 2022 15:35:31 +0000 (17:35 +0200)]
Stop unblocking .org/.*(image|banner) which appears to be too generous
It let requests like:
https://stats.noblogs.org/piwik.php?action_name=anti%20gentrifizierungs%20fest&idsite=10175&rec=1&r=220192&h=17&m=7&s=44&url=https%3A%2F%2Fmuellemcalling.noblogs.org%2F&urlref=https%3A%2F%2Fmuellemcalling.noblogs.org%2Finfostande%2F&_id=&_idn=1&_refts=0&send_image=0&cookie=1&res=1366x768&pv_id=eqr7jX&pf_net=7&pf_srv=3&pf_tfr=2281&pf_dm1=156
pass.
The example URL http://www.gnu.org/graphics/gnu-head-banner.png is
already unblocked due to .gnu.org being unblocked.
Fabian Keil [Fri, 8 Jul 2022 14:40:44 +0000 (16:40 +0200)]
Unblock adfd.org/
Fabian Keil [Sun, 3 Jul 2022 09:31:50 +0000 (11:31 +0200)]
privoxy-log-parser: Highlight 'Client socket 21 is no longer usable. The server socket has been closed.'
Fabian Keil [Wed, 15 Jun 2022 09:09:12 +0000 (11:09 +0200)]
templates: Fix spelling of 'available' in comments
Fabian Keil [Tue, 14 Jun 2022 04:36:55 +0000 (06:36 +0200)]
default.action.master: Fix a couple of spelling errors in comments
Fabian Keil [Tue, 14 Jun 2022 03:40:08 +0000 (05:40 +0200)]
configure.in: Fix spelling of 'program'
Fabian Keil [Tue, 14 Jun 2022 03:45:51 +0000 (05:45 +0200)]
windows/MYconfigure: Fix spelling of 'difference' in a comment
Fabian Keil [Tue, 14 Jun 2022 03:45:02 +0000 (05:45 +0200)]
windows/privoxy_winthreads.nsi: Fix spelling of 'original'
Fabian Keil [Wed, 15 Jun 2022 09:07:17 +0000 (11:07 +0200)]
windows/WinMessages.nsh: Fix spelling of 'supported'
Fabian Keil [Thu, 26 May 2022 14:10:49 +0000 (16:10 +0200)]
privoxy-log-parser: Highlight 'Reducing the chunk offset from 16219 to 128 after flushing 16091 bytes.' completely
Fabian Keil [Thu, 26 May 2022 14:09:31 +0000 (16:09 +0200)]
handle_established_connection(): Improve an error message slightly
Fabian Keil [Thu, 12 May 2022 11:21:53 +0000 (13:21 +0200)]
Use parentheses after function name in init_domain_components()'s description
Fabian Keil [Thu, 12 May 2022 11:22:48 +0000 (13:22 +0200)]
parse_http_url(): Add spaces in a comment
Fabian Keil [Sun, 8 May 2022 10:01:59 +0000 (12:01 +0200)]
privoxy-log-parser: Highlight: 'Reducing the chunk offset from
1096654 to 32704 after discarding
1063950 bytes to make room in the buffer.'
Fabian Keil [Thu, 5 May 2022 15:43:22 +0000 (17:43 +0200)]
privoxy-log-parser: Highlight 'The last 6945 bytes of the encrypted request body have been read.'
Fabian Keil [Thu, 5 May 2022 15:42:36 +0000 (17:42 +0200)]
read_https_request_body(): End more log messages with periods.
Fabian Keil [Thu, 5 May 2022 15:42:26 +0000 (17:42 +0200)]
read_http_request_body(): End more log messages with periods.
Fabian Keil [Thu, 5 May 2022 15:39:45 +0000 (17:39 +0200)]
privoxy-log-parser: Highlight 'Buffering encrypted client body. Prepared to read up to 2236 bytes.'
Fabian Keil [Thu, 21 Apr 2022 10:10:01 +0000 (12:10 +0200)]
receive_and_send_encrypted_post_data(): Add periods to a couple of log messages
Fabian Keil [Thu, 21 Apr 2022 10:09:17 +0000 (12:09 +0200)]
privoxy-log-parser: Highlight 'Forwarding 157 bytes of encrypted request body.'
Fabian Keil [Thu, 21 Apr 2022 10:08:00 +0000 (12:08 +0200)]
privoxy-log-parser: Highlight 'Prepared to read up to 157 bytes of encrypted request body from the client.'
Fabian Keil [Thu, 21 Apr 2022 09:53:46 +0000 (11:53 +0200)]
send_https_request(): Add periods to a couple of log messages
Fabian Keil [Sun, 17 Apr 2022 15:49:42 +0000 (17:49 +0200)]
Bump copyright
Fabian Keil [Sun, 17 Apr 2022 15:48:54 +0000 (17:48 +0200)]
Add OpenSSL to the list of libraries that may be licensed under the Apache 2.0 license
... in which case the linked Privoxy binary has to be
distributed under the GPLv3 or later.
Fabian Keil [Sat, 3 Apr 2021 10:57:32 +0000 (12:57 +0200)]
Factor send_server_headers() out of handle_established_connection()
Fabian Keil [Wed, 31 Mar 2021 10:14:36 +0000 (12:14 +0200)]
remove_chunked_transfer_coding(): Refuse to de-chunk invalid data
Previously the data could get corrupted even further.
Now we simply pass the unmodified data to the client.
Fabian Keil [Mon, 29 Mar 2021 09:44:35 +0000 (11:44 +0200)]
Improve the handling of chunk-encoded responses
... by buffering the data even if filters are disabled and
properly keeping track of where the various chunks are supposed
to start and end.
Previously Privoxy would merely check the last bytes received
to see if they looked like the last-chunk.
This failed to work if the last-chunk wasn't received in one
read and could also result in actual data being misdetected
as last-chunk.
Should fix: SF support request #1739
Reported by: withoutname
Fabian Keil [Tue, 26 Apr 2022 14:55:45 +0000 (16:55 +0200)]
Rebuild docs
Fabian Keil [Tue, 26 Apr 2022 14:55:39 +0000 (16:55 +0200)]
Rebuild AUTHORS
Fabian Keil [Thu, 14 Apr 2022 11:10:22 +0000 (13:10 +0200)]
user-manual: Bump copyright
Fabian Keil [Thu, 20 May 2021 09:16:20 +0000 (11:16 +0200)]
Add documentation for the client-body-tagger action
Sponsored by: Robert Klemme
Fabian Keil [Tue, 23 Mar 2021 14:45:54 +0000 (15:45 +0100)]
Add a client-body-tagger action
... which creates tags based on the content of the request body.
Sponsored by: Robert Klemme
Fabian Keil [Sat, 27 Mar 2021 07:20:59 +0000 (08:20 +0100)]
When client body filters are enabled, buffer the whole request
... before opening a connection to the server.
Makes it less likely that the server connection times out
and we don't open a connection if the buffering fails anyway.
Sponsored by: Robert Klemme
Roland Rosenfeld [Sun, 24 Apr 2022 13:39:41 +0000 (15:39 +0200)]
Merge Debian 3.0.33-2 (UNRELEASED) changes.
Fabian Keil [Fri, 26 Mar 2021 16:19:20 +0000 (17:19 +0100)]
receive_and_send_encrypted_post_data(): Improve a log message to make the origin more clear
Fabian Keil [Fri, 26 Mar 2021 16:19:01 +0000 (17:19 +0100)]
read_https_request_body(): Improve a couple of log messages
... to make their origin more clear.
Sponsored by: Robert Klemme
Fabian Keil [Fri, 26 Mar 2021 13:14:12 +0000 (14:14 +0100)]
receive_and_send_encrypted_post_data(): Additionally check for data being available
Previously we relied on the TLS library reading more data from
the wire than we read in which case the is_ssl_pending() check
worked.
Sponsored by: Robert Klemme
Fabian Keil [Fri, 17 Dec 2021 07:06:09 +0000 (08:06 +0100)]
ssl_send_certificate_error(): Don't crash if there's no certificate information available
This is only relevant when Privoxy is built with wolfSSL 5.0.0 or later.
Earlier wolfSSL versions or the other TLS backends
don't seem to trigger the crash.
Fabian Keil [Sun, 17 Apr 2022 08:23:26 +0000 (10:23 +0200)]
Bump copyright
Fabian Keil [Sun, 17 Apr 2022 08:23:22 +0000 (10:23 +0200)]
Bump copyright
Fabian Keil [Tue, 16 Mar 2021 18:34:52 +0000 (19:34 +0100)]
FEATURE_STATISTICS: Include all requests in the statistics
... if mutexes are available.
Previously in case of reused connections only the last request
got counted. The statistics still aren't perfect but it's an
improvement.
Fabian Keil [Tue, 16 Mar 2021 18:09:24 +0000 (19:09 +0100)]
Rename the mutex used to protect the block reason statistics
... to be more precise so I can use the previous name
in a following commit.
Fabian Keil [Sun, 17 Apr 2022 01:33:22 +0000 (03:33 +0200)]
privoxy-log-parser: Highlight 'The socks connection timed out after 60 seconds.'
Fabian Keil [Wed, 10 Mar 2021 11:34:16 +0000 (12:34 +0100)]
Add read_socks_reply() and start using it in socks5_connect()
... to apply the socket timeout more consistently.
Fabian Keil [Tue, 9 Mar 2021 19:10:47 +0000 (20:10 +0100)]
Bump copyright
Fabian Keil [Tue, 9 Mar 2021 17:50:13 +0000 (18:50 +0100)]
socks5_connect(): Deal with domain names in the socks reply
Fabian Keil [Tue, 9 Mar 2021 14:27:23 +0000 (15:27 +0100)]
socks5_connect(): Add support for target hosts specified as IPv4 address
Previouly the IP address was sent as domain.
Fabian Keil [Tue, 9 Mar 2021 14:24:00 +0000 (15:24 +0100)]
Move host_is_ip_address() to miscutil.c
... so I can use it in gateway.c as well.
Fabian Keil [Thu, 27 Aug 2020 13:11:02 +0000 (15:11 +0200)]
create_server_ssl_connection(): Add comment about optimization possibility
Fabian Keil [Thu, 25 Mar 2021 10:06:54 +0000 (11:06 +0100)]
receive_client_request(): Reject https URLs without CONNECT request
Fabian Keil [Sat, 27 Mar 2021 09:16:00 +0000 (10:16 +0100)]
handle_established_connection(): Check for pending TLS data from the client
... before checking if data is available on the connection.
The TLS library may have already consumed all the data from the client
response in which case poll() and select() will not detect that data is
available to be read.
Sponsored by: Robert Klemme
Fabian Keil [Fri, 26 Mar 2021 14:34:40 +0000 (15:34 +0100)]
receive_client_request(): Improve error message
Fabian Keil [Wed, 31 Mar 2021 06:54:47 +0000 (08:54 +0200)]
remove_chunked_transfer_coding(): Improve two log messages
Fabian Keil [Tue, 29 Mar 2022 13:58:20 +0000 (15:58 +0200)]
Bump copyright
Fabian Keil [Tue, 29 Mar 2022 13:56:02 +0000 (15:56 +0200)]
Add Celejar as contributor
Fabian Keil [Wed, 10 Feb 2021 03:48:51 +0000 (04:48 +0100)]
gif_deanimate(): Minor style fixes
Fabian Keil [Tue, 9 Feb 2021 20:11:04 +0000 (21:11 +0100)]
Bump copyright
Fabian Keil [Tue, 9 Feb 2021 19:20:34 +0000 (20:20 +0100)]
gif_deanimate(): Tolerate multiple image extensions in a row
This allows to deanimate all the gifs on:
https://commons.wikimedia.org/wiki/Category:Animated_smilies
Fixes SF bug #795 reported by Celejar.
Fabian Keil [Tue, 29 Mar 2022 12:40:24 +0000 (14:40 +0200)]
Disable filter{banners-by-link} for .eff.org/
Fabian Keil [Fri, 11 Mar 2022 14:58:23 +0000 (15:58 +0100)]
Add www.betrugstest.com as Bronze sponsor again
Fabian Keil [Sat, 5 Feb 2022 08:23:01 +0000 (09:23 +0100)]
Add Andrew Savchenko as contributor
Fabian Keil [Tue, 25 Jan 2022 03:51:22 +0000 (04:51 +0100)]
Block requests to odb.outbrain.com/