privoxy.git
4 years agoBump copyright
Fabian Keil [Tue, 25 Feb 2020 15:27:09 +0000 (16:27 +0100)]
Bump copyright

4 years agoDeal with invalid certificates in case of forwarded requests
Fabian Keil [Tue, 25 Feb 2020 12:37:22 +0000 (13:37 +0100)]
Deal with invalid certificates in case of forwarded requests

... by sending the details of the verification failure
and the certificates.

Sponsored by: Robert Klemme

4 years agocreate_server_ssl_connection(): If the certificate is invalid, log the details
Fabian Keil [Sun, 23 Feb 2020 12:00:04 +0000 (13:00 +0100)]
create_server_ssl_connection(): If the certificate is invalid, log the details

Sponsored by: Robert Klemme

4 years agoRemove obsolete comment
Fabian Keil [Tue, 25 Feb 2020 12:35:37 +0000 (13:35 +0100)]
Remove obsolete comment

4 years agofree_server_ssl_structures(): Mark the correct socket as invalid
Fabian Keil [Tue, 25 Feb 2020 12:23:32 +0000 (13:23 +0100)]
free_server_ssl_structures(): Mark the correct socket as invalid

Sponsored by: Robert Klemme

4 years agoAdd a missing 'the' to a log message
Fabian Keil [Tue, 25 Feb 2020 12:20:54 +0000 (13:20 +0100)]
Add a missing 'the' to a log message

4 years agoAdd receive_and_send_encrypted_post_data()
Fabian Keil [Mon, 24 Feb 2020 12:12:39 +0000 (13:12 +0100)]
Add receive_and_send_encrypted_post_data()

... to deal with POST data that isn't read together
with the request headers.

Sponsored by: Robert Klemme

4 years agossl_send_data(): Log the data before writing
Fabian Keil [Tue, 25 Feb 2020 11:52:39 +0000 (12:52 +0100)]
ssl_send_data(): Log the data before writing

Sponsored by: Robert Klemme

4 years agossl_recv_data(): Log the received data
Fabian Keil [Tue, 25 Feb 2020 11:50:48 +0000 (12:50 +0100)]
ssl_recv_data(): Log the received data

Sponsored by: Robert Klemme

4 years agoFix a comment typo
Fabian Keil [Sun, 23 Feb 2020 11:13:40 +0000 (12:13 +0100)]
Fix a comment typo

4 years agoFix a comment typo
Fabian Keil [Sun, 23 Feb 2020 11:07:26 +0000 (12:07 +0100)]
Fix a comment typo

4 years agoReduce spaces
Fabian Keil [Sat, 22 Feb 2020 22:19:02 +0000 (23:19 +0100)]
Reduce spaces

4 years agoFix a comment typo
Fabian Keil [Sat, 22 Feb 2020 21:56:32 +0000 (22:56 +0100)]
Fix a comment typo

4 years agoImprove a comment
Fabian Keil [Sat, 22 Feb 2020 21:50:27 +0000 (22:50 +0100)]
Improve a comment

4 years agoBump copyright
Fabian Keil [Sat, 22 Feb 2020 21:49:01 +0000 (22:49 +0100)]
Bump copyright

4 years agossl_send_data(): Consistently return -1 in case of errors
Fabian Keil [Sat, 22 Feb 2020 21:02:16 +0000 (22:02 +0100)]
ssl_send_data(): Consistently return -1 in case of errors

... instead of passing on the MBEDTLS_ERR_* value which
the caller doesn't need to know.

Sponsored by: Robert Klemme

4 years agossl_recv_data(): Properly handle MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY
Fabian Keil [Sat, 22 Feb 2020 19:53:48 +0000 (20:53 +0100)]
ssl_recv_data(): Properly handle MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY

Previously ssl_recv_data() would pass it to the caller
which would treat it as an error.

Sponsored by: Robert Klemme

4 years agoUnbreak the build without FEATURE_HTTPS_FILTERING
Fabian Keil [Sat, 22 Feb 2020 16:28:31 +0000 (17:28 +0100)]
Unbreak the build without FEATURE_HTTPS_FILTERING

4 years agoDon't crash when blocking a CONNECT request with https filtering enabled
Fabian Keil [Sat, 22 Feb 2020 13:38:16 +0000 (14:38 +0100)]
Don't crash when blocking a CONNECT request with https filtering enabled

Previously ssl_send_data() was called before the TLS context was
setup which resulted in a segfault in mbedtls_ssl_get_max_frag_len().

4 years agoBump copyright
Fabian Keil [Fri, 21 Feb 2020 15:48:51 +0000 (16:48 +0100)]
Bump copyright

4 years agoRegenerate docs
Fabian Keil [Fri, 21 Feb 2020 15:41:33 +0000 (16:41 +0100)]
Regenerate docs

4 years agoProperly link to the TLS section of the config file
Fabian Keil [Fri, 21 Feb 2020 15:40:47 +0000 (16:40 +0100)]
Properly link to the TLS section of the config file

4 years agoFix links to the enable-https-filtering action
Fabian Keil [Fri, 21 Feb 2020 15:35:23 +0000 (16:35 +0100)]
Fix links to the enable-https-filtering action

4 years agoAdd a missing anchor
Fabian Keil [Fri, 21 Feb 2020 15:32:35 +0000 (16:32 +0100)]
Add a missing anchor

4 years agoRebuild config file
Fabian Keil [Thu, 20 Feb 2020 16:38:54 +0000 (17:38 +0100)]
Rebuild config file

4 years agoRebuild docs
Fabian Keil [Thu, 20 Feb 2020 16:37:19 +0000 (17:37 +0100)]
Rebuild docs

4 years agoconfig: Fix typo
Fabian Keil [Fri, 21 Feb 2020 14:49:20 +0000 (15:49 +0100)]
config: Fix typo

4 years agoconfig: Mention that the certificate-directory is only used when https filtering
Fabian Keil [Fri, 21 Feb 2020 14:48:29 +0000 (15:48 +0100)]
config: Mention that the certificate-directory is only used when https filtering

4 years agoconfig: Improve the description of the ca-cert-file directive
Fabian Keil [Fri, 21 Feb 2020 14:44:35 +0000 (15:44 +0100)]
config: Improve the description of the ca-cert-file directive

4 years agoconfig: Note that Privoxy does not automatically clear website certiificates
Fabian Keil [Thu, 20 Feb 2020 16:31:52 +0000 (17:31 +0100)]
config: Note that Privoxy does not automatically clear website certiificates

... when the CA key and certificate are changed.

4 years agoBump coypright
Fabian Keil [Wed, 19 Feb 2020 16:36:25 +0000 (17:36 +0100)]
Bump coypright

4 years agoNote that access to certificate-directory and ca-directory should be limited
Fabian Keil [Wed, 19 Feb 2020 14:01:45 +0000 (15:01 +0100)]
Note that access to certificate-directory and ca-directory should be limited

... to Privoxy and the Privoxy admin.

4 years agogenerate_key(): Change argument order to be more consistent
Fabian Keil [Wed, 19 Feb 2020 12:17:16 +0000 (13:17 +0100)]
generate_key(): Change argument order to be more consistent

4 years agopcrs.h: Add copyright and license
Fabian Keil [Fri, 21 Feb 2020 14:30:55 +0000 (15:30 +0100)]
pcrs.h: Add copyright and license

4 years agoChange license for pcrs.c to GPLv2+
Fabian Keil [Tue, 18 Feb 2020 16:23:33 +0000 (17:23 +0100)]
Change license for pcrs.c to GPLv2+

... after getting the permission from Andreas.

This allows to redistribute Privoxy under the GPLv3
which is required when linking to mbedTLS which is
licensed under the Apache 2.0 license.

4 years agoRegenerate docs
Fabian Keil [Mon, 17 Feb 2020 23:19:22 +0000 (00:19 +0100)]
Regenerate docs

4 years agoRemove cooltechzone.com from the sponsor list
Fabian Keil [Tue, 18 Feb 2020 11:36:04 +0000 (12:36 +0100)]
Remove cooltechzone.com from the sponsor list

They were unhappy with the link change.

4 years agoRevert "Clarify that Privoxy can also be used under the terms of a license later...
Fabian Keil [Mon, 17 Feb 2020 23:17:56 +0000 (00:17 +0100)]
Revert "Clarify that Privoxy can also be used under the terms of a license later than the GPLv2"

The current license of pcrs.c actually prevents the license upgrade.

This reverts commit d74933268d8eee2037691f5db776b2103eb13945.

4 years agoChange 'GIT' to 'Git'
Fabian Keil [Sun, 16 Feb 2020 17:44:15 +0000 (18:44 +0100)]
Change 'GIT' to 'Git'

4 years agoBump copyright
Fabian Keil [Sat, 15 Feb 2020 13:15:03 +0000 (14:15 +0100)]
Bump copyright

4 years agoBump copyright
Fabian Keil [Sat, 15 Feb 2020 13:14:26 +0000 (14:14 +0100)]
Bump copyright

4 years agoRebuild docs with updated license info
Fabian Keil [Sat, 15 Feb 2020 13:02:18 +0000 (14:02 +0100)]
Rebuild docs with updated license info

4 years agoClarify that Privoxy can also be used under the terms of a license later than the...
Fabian Keil [Sat, 15 Feb 2020 12:56:08 +0000 (13:56 +0100)]
Clarify that Privoxy can also be used under the terms of a license later than the GPLv2

4 years agoRegenerate developer manual
Fabian Keil [Fri, 14 Feb 2020 13:32:55 +0000 (14:32 +0100)]
Regenerate developer manual

4 years agoDeveloper manual: Bump copyright
Fabian Keil [Fri, 14 Feb 2020 13:22:14 +0000 (14:22 +0100)]
Developer manual: Bump copyright

4 years agoDeveloper manual: Document how ot access the git repository through https
Fabian Keil [Fri, 14 Feb 2020 13:21:19 +0000 (14:21 +0100)]
Developer manual: Document how ot access the git repository through https

4 years agoStrip trailing whitespace
Fabian Keil [Fri, 23 Jun 2017 18:27:37 +0000 (20:27 +0200)]
Strip trailing whitespace

4 years agoStrip trailing whitespace
Fabian Keil [Fri, 23 Jun 2017 18:27:37 +0000 (20:27 +0200)]
Strip trailing whitespace

4 years agofree_certificate_chain(): Fix memset() target
Fabian Keil [Wed, 5 Feb 2020 16:02:37 +0000 (17:02 +0100)]
free_certificate_chain(): Fix memset() target

4 years agoRemove SourceForge references in copyright headers
Fabian Keil [Thu, 30 Jan 2020 15:49:10 +0000 (16:49 +0100)]
Remove SourceForge references in copyright headers

4 years agoUpgrade a bunch of links to the homepage to https://
Fabian Keil [Thu, 30 Jan 2020 15:46:10 +0000 (16:46 +0100)]
Upgrade a bunch of links to the homepage to https://

4 years agoDeclare generate_webpage_certificate() static
Fabian Keil [Wed, 11 Dec 2019 12:05:24 +0000 (13:05 +0100)]
Declare generate_webpage_certificate() static

4 years agoFix comment typos
Fabian Keil [Mon, 2 Dec 2019 12:06:29 +0000 (13:06 +0100)]
Fix comment typos

4 years agoRegenerate homepage with silver sponsor https://www.vpnranks.com/
Fabian Keil [Mon, 3 Feb 2020 16:38:39 +0000 (17:38 +0100)]
Regenerate homepage with silver sponsor https://vpnranks.com/

4 years agoAdd https://www.vpnranks.com/ as silver sponsor
Fabian Keil [Mon, 3 Feb 2020 16:37:43 +0000 (17:37 +0100)]
Add https://www.vpnranks.com/ as silver sponsor

4 years agoAdjust cooltechzone.com sponsor link to look less manipulative
Fabian Keil [Mon, 3 Feb 2020 16:39:29 +0000 (17:39 +0100)]
Adjust cooltechzone.com sponsor link to look less manipulative

4 years agoRebuild homepage
Fabian Keil [Thu, 30 Jan 2020 12:43:43 +0000 (13:43 +0100)]
Rebuild homepage

4 years agoAdjust cooltechzone.com sponsor link to look less manipulative
Fabian Keil [Thu, 30 Jan 2020 12:43:28 +0000 (13:43 +0100)]
Adjust cooltechzone.com sponsor link to look less manipulative

4 years agoRegenerate homepage with new sponsor cooltechzone.com
Fabian Keil [Fri, 27 Dec 2019 11:03:50 +0000 (12:03 +0100)]
Regenerate homepage with new sponsor cooltechzone.com

4 years agoAdd cooltechzone.com as sponsor
Fabian Keil [Fri, 27 Dec 2019 11:02:47 +0000 (12:02 +0100)]
Add cooltechzone.com as sponsor

4 years agoAdapt Debian patches to git development branch.
Roland Rosenfeld [Sat, 30 Nov 2019 17:32:10 +0000 (18:32 +0100)]
Adapt Debian patches to git development branch.

4 years agoApply Debian package changes 3.0.28-1 and 3.0.28-2
Roland Rosenfeld [Sat, 30 Nov 2019 11:37:22 +0000 (12:37 +0100)]
Apply Debian package changes 3.0.28-1 and 3.0.28-2

4 years agoRemove a couple of spaces
Fabian Keil [Wed, 27 Nov 2019 12:28:58 +0000 (13:28 +0100)]
Remove a couple of spaces

4 years agoMove config.h include higher
Fabian Keil [Wed, 27 Nov 2019 12:15:32 +0000 (13:15 +0100)]
Move config.h include higher

4 years agoDon't clear the buffer passed to mbedtls_strerror()
Fabian Keil [Tue, 26 Nov 2019 12:35:30 +0000 (13:35 +0100)]
Don't clear the buffer passed to mbedtls_strerror()

mbedtls_strerror() clears the buffer itself.

4 years agossl_verify_callback(): Use malloc_or_die()
Fabian Keil [Tue, 26 Nov 2019 12:05:12 +0000 (13:05 +0100)]
ssl_verify_callback(): Use malloc_or_die()

4 years agomake_certs_path(): Use zalloc_or_die()
Fabian Keil [Tue, 26 Nov 2019 12:02:18 +0000 (13:02 +0100)]
make_certs_path(): Use zalloc_or_die()

4 years agowrite_private_key(): Use zalloc_or_die()
Fabian Keil [Tue, 26 Nov 2019 12:01:22 +0000 (13:01 +0100)]
write_private_key(): Use zalloc_or_die()

4 years agoFix comment indentation
Fabian Keil [Tue, 26 Nov 2019 11:41:29 +0000 (12:41 +0100)]
Fix comment indentation

4 years agoRemove a couple of spaces
Fabian Keil [Tue, 26 Nov 2019 11:40:57 +0000 (12:40 +0100)]
Remove a couple of spaces

4 years agoFix typo
Fabian Keil [Mon, 25 Nov 2019 13:06:01 +0000 (14:06 +0100)]
Fix typo

4 years agoFix typo
Fabian Keil [Mon, 25 Nov 2019 13:01:16 +0000 (14:01 +0100)]
Fix typo

4 years agoFix spelling in comment
Fabian Keil [Thu, 21 Nov 2019 12:15:25 +0000 (13:15 +0100)]
Fix spelling in comment

4 years agoFix spelling in comment
Fabian Keil [Thu, 21 Nov 2019 11:49:58 +0000 (12:49 +0100)]
Fix spelling in comment

4 years agoFix indentation
Fabian Keil [Tue, 19 Nov 2019 14:37:00 +0000 (15:37 +0100)]
Fix indentation

4 years agoMove LIMIT_MUTEX_NUMBER definition to project.h
Fabian Keil [Tue, 19 Nov 2019 13:53:14 +0000 (14:53 +0100)]
Move LIMIT_MUTEX_NUMBER definition to project.h

... as it is also used in other files.

4 years agoFix indentation
Fabian Keil [Tue, 19 Nov 2019 13:51:41 +0000 (14:51 +0100)]
Fix indentation

4 years agoRemove a bunch of spaces
Fabian Keil [Tue, 19 Nov 2019 13:48:04 +0000 (14:48 +0100)]
Remove a bunch of spaces

4 years agoAdd a missing space
Fabian Keil [Tue, 19 Nov 2019 13:33:09 +0000 (14:33 +0100)]
Add a missing space

4 years agoMove two typedefs from project.h to ssl.c
Fabian Keil [Tue, 19 Nov 2019 13:31:26 +0000 (14:31 +0100)]
Move two typedefs from project.h to ssl.c

4 years agoRebuild config file
Fabian Keil [Mon, 18 Nov 2019 13:23:50 +0000 (14:23 +0100)]
Rebuild config file

4 years agoDocument the use of IP_FREEBIND
Fabian Keil [Mon, 18 Nov 2019 10:56:14 +0000 (11:56 +0100)]
Document the use of IP_FREEBIND

Based on a patch by Sam Varshavchik.

4 years agoUse the IP_FREEBIND socket option, if defined
Fabian Keil [Mon, 18 Nov 2019 10:54:17 +0000 (11:54 +0100)]
Use the IP_FREEBIND socket option, if defined

This allows Privoxy to bind to not-yet assigned IP addresses
which is useful in failover environments.

Patch by Sam Varshavchik.

4 years agoBump copyright
Fabian Keil [Tue, 12 Nov 2019 12:09:11 +0000 (13:09 +0100)]
Bump copyright

4 years agoFix an invalid free introduced in d01bb4028a9
Fabian Keil [Tue, 12 Nov 2019 11:44:41 +0000 (12:44 +0100)]
Fix an invalid free introduced in d01bb4028a9

5 years agoAdd a missing 'client-specific-tag' directive
Fabian Keil [Mon, 11 Nov 2019 19:01:54 +0000 (20:01 +0100)]
Add a missing 'client-specific-tag' directive

5 years agoBump MAX_AF_FILES to 100
Fabian Keil [Mon, 11 Nov 2019 11:20:08 +0000 (12:20 +0100)]
Bump MAX_AF_FILES to 100

Sponsored by: Robert Klemme

5 years agoFix a couple of function description comments
Fabian Keil [Wed, 30 Oct 2019 22:25:28 +0000 (23:25 +0100)]
Fix a couple of function description comments

5 years agoRebuild config file
Fabian Keil [Wed, 30 Oct 2019 10:15:24 +0000 (11:15 +0100)]
Rebuild config file

5 years agoRebuild docs
Fabian Keil [Wed, 30 Oct 2019 10:14:03 +0000 (11:14 +0100)]
Rebuild docs

5 years agoBump copyright
Fabian Keil [Sun, 27 Oct 2019 15:18:21 +0000 (16:18 +0100)]
Bump copyright

5 years agoLet error_response() handle FORWARD_WEBSERVER
Fabian Keil [Tue, 22 Oct 2019 20:08:09 +0000 (22:08 +0200)]
Let error_response() handle FORWARD_WEBSERVER

5 years agoBump copyright
Fabian Keil [Sat, 21 Sep 2019 13:03:33 +0000 (15:03 +0200)]
Bump copyright

5 years agoBump copyright
Fabian Keil [Fri, 20 Sep 2019 13:03:19 +0000 (15:03 +0200)]
Bump copyright

5 years agoRegenerate AUTHORS
Fabian Keil [Fri, 20 Sep 2019 12:54:37 +0000 (14:54 +0200)]
Regenerate AUTHORS

5 years agoAdd Václav Švec as contributor
Fabian Keil [Fri, 20 Sep 2019 12:19:30 +0000 (14:19 +0200)]
Add Václav Švec as contributor

5 years agoBump copyright
Fabian Keil [Mon, 26 Aug 2019 13:53:02 +0000 (15:53 +0200)]
Bump copyright

5 years agoBump copyright
Fabian Keil [Thu, 11 Apr 2019 14:52:51 +0000 (16:52 +0200)]
Bump copyright

5 years agoEstablish encrypted client connection earlier ...
Fabian Keil [Thu, 24 Jan 2019 12:24:15 +0000 (13:24 +0100)]
Establish encrypted client connection earlier ...

... so that we can parse and filter the encrypted
request before deciding if it gets forwarded.

This commit is incomplete and hasn't been tested
yet with large POST requests.

Sponsored by: Robert Klemme

5 years agoShow the FEATURE_HTTPS_FILTERING status on the show-status page
Fabian Keil [Thu, 24 Jan 2019 12:24:14 +0000 (13:24 +0100)]
Show the FEATURE_HTTPS_FILTERING status on the show-status page