privoxy.git
9 years agoAdd CVEs for Privoxy 3.0.23
Fabian Keil [Fri, 27 Mar 2015 12:41:57 +0000 (12:41 +0000)]
Add CVEs for Privoxy 3.0.23

9 years agolisten_loop(): Add number of active threads to a couple of log messages
Fabian Keil [Fri, 27 Mar 2015 12:40:08 +0000 (12:40 +0000)]
listen_loop(): Add number of active threads to a couple of log messages

9 years agodecompress_iob(): Refine the log message emitted when the iob is too small
Fabian Keil [Fri, 27 Mar 2015 12:39:44 +0000 (12:39 +0000)]
decompress_iob(): Refine the log message emitted when the iob is too small

9 years agoUnblock .deutschlandradiokultur.de/
Fabian Keil [Sat, 21 Feb 2015 18:56:34 +0000 (18:56 +0000)]
Unblock .deutschlandradiokultur.de/

Reported by u302320 in #924.

9 years agoAdd two fast-redirect exceptions for yandex.ru
Fabian Keil [Sat, 21 Feb 2015 18:55:53 +0000 (18:55 +0000)]
Add two fast-redirect exceptions for yandex.ru

9 years agoImport last-minute changes
Fabian Keil [Mon, 26 Jan 2015 11:26:16 +0000 (11:26 +0000)]
Import last-minute changes

9 years agoFix contributor name
Fabian Keil [Mon, 26 Jan 2015 11:25:45 +0000 (11:25 +0000)]
Fix contributor name

9 years agoRegenerate docs for Privoxy 3.0.23 stable
Fabian Keil [Sat, 24 Jan 2015 16:44:43 +0000 (16:44 +0000)]
Regenerate docs for Privoxy 3.0.23 stable

9 years agoRegenerate config file for Privoxy 3.0.23
Fabian Keil [Sat, 24 Jan 2015 16:44:20 +0000 (16:44 +0000)]
Regenerate config file for Privoxy 3.0.23

9 years agoImport changelog for Privoxy 3.0.23
Fabian Keil [Sat, 24 Jan 2015 16:44:08 +0000 (16:44 +0000)]
Import changelog for Privoxy 3.0.23

9 years agoAdd CVEs for Privoxy 3.0.22 stable
Fabian Keil [Sat, 24 Jan 2015 16:43:45 +0000 (16:43 +0000)]
Add CVEs for Privoxy 3.0.22 stable

9 years agoAdd changes for 3.0.23 stable
Fabian Keil [Sat, 24 Jan 2015 16:43:34 +0000 (16:43 +0000)]
Add changes for 3.0.23 stable

9 years agoDeclare 3.0.23 'stable'
Fabian Keil [Sat, 24 Jan 2015 16:43:21 +0000 (16:43 +0000)]
Declare 3.0.23 'stable'

9 years agoAdd Basil Hussain as contributor
Fabian Keil [Sat, 24 Jan 2015 16:43:11 +0000 (16:43 +0000)]
Add Basil Hussain as contributor

9 years agoPrevent parse errors after failing to deliver a client request with body
Fabian Keil [Sat, 24 Jan 2015 16:42:57 +0000 (16:42 +0000)]
Prevent parse errors after failing to deliver a client request with body

For now we err on the safe side and simply throw all the following
requests under the bus, even if no client body has been buffered.
A compliant client will repeat the dropped requests on an untainted
connection.

The proper fix is to discard the no longer needed client body
in the buffer (if there is one) and to continue parsing the
bytes that follow. This is less trivial and will have to wait
until the next release.

Reported by Basil Hussain.

9 years agoAdd Matthew Daley as contributor
Fabian Keil [Sat, 24 Jan 2015 16:42:23 +0000 (16:42 +0000)]
Add Matthew Daley as contributor

9 years agoEmphasize that Privoxy is serious business
Fabian Keil [Sat, 24 Jan 2015 16:42:13 +0000 (16:42 +0000)]
Emphasize that Privoxy is serious business

9 years agoAdd parse_time_header(), a wrapper around parse_header_time()
Fabian Keil [Sat, 24 Jan 2015 16:41:51 +0000 (16:41 +0000)]
Add parse_time_header(), a wrapper around parse_header_time()

... which skips the header name for the callers which means
they can't get it wrong. Previously two callers did. This could
result in 'invalid read of size X' issues in case of value-less
headers.

On the systems I tested, X was always 1 and nobody but valgrind
cared, but with different malloc() implementations Privoxy might
be less lucky and segfault.

Partially discovered with afl-fuzz.

9 years agochunked_body_is_complete(): Check input more carefully
Fabian Keil [Sat, 24 Jan 2015 16:41:20 +0000 (16:41 +0000)]
chunked_body_is_complete(): Check input more carefully

Previously a nul-chunk without mandatory trailing "\r\n" would
not be rejected as invalid. When compiled with assertions enabled,
this would cause Privoxy to abort().

Reported by Matthew Daley.

9 years agopcrs_compile_replacement(): Fix multiple segfaults and memory leaks
Fabian Keil [Sat, 24 Jan 2015 16:40:59 +0000 (16:40 +0000)]
pcrs_compile_replacement(): Fix multiple segfaults and memory leaks

... and report errors more reliably. Previously some invalid
pcrs commands were silently accepted but didn't work as expected.

Partially discovered with afl-fuzz.

9 years agoAdd ElectroBSD to the list of BSDs Privoxy is known to run on
Fabian Keil [Sat, 24 Jan 2015 16:40:47 +0000 (16:40 +0000)]
Add ElectroBSD to the list of BSDs Privoxy is known to run on

9 years agoFix comment typo
Fabian Keil [Sat, 24 Jan 2015 16:40:37 +0000 (16:40 +0000)]
Fix comment typo

9 years agoProperly explain why the pcrs job couldn't be compiled
Fabian Keil [Sat, 24 Jan 2015 16:40:21 +0000 (16:40 +0000)]
Properly explain why the pcrs job couldn't be compiled

9 years agoGrammar fixes for the dok-tidy description
Fabian Keil [Sat, 24 Jan 2015 16:40:07 +0000 (16:40 +0000)]
Grammar fixes for the dok-tidy description

9 years agoAdd a web-user-manual target that uses rsync
Fabian Keil [Sat, 24 Jan 2015 16:39:53 +0000 (16:39 +0000)]
Add a web-user-manual target that uses rsync

9 years agoRemove #84 as it's a duplicate of #51
Fabian Keil [Fri, 19 Dec 2014 12:36:06 +0000 (12:36 +0000)]
Remove #84 as it's a duplicate of #51

Rephrase #51 to make it more obvious.

9 years agoFix spelling in #126
Fabian Keil [Fri, 19 Dec 2014 12:35:30 +0000 (12:35 +0000)]
Fix spelling in #126

9 years agoRegenerate documentation
Fabian Keil [Fri, 19 Dec 2014 12:32:15 +0000 (12:32 +0000)]
Regenerate documentation

9 years agoAdd the Paypal address
Fabian Keil [Fri, 19 Dec 2014 12:31:46 +0000 (12:31 +0000)]
Add the Paypal address

9 years agoRemove CVS $Log
Fabian Keil [Fri, 19 Dec 2014 12:31:28 +0000 (12:31 +0000)]
Remove CVS $Log

9 years agoUnblock .amnesty.de/
Fabian Keil [Fri, 19 Dec 2014 12:31:10 +0000 (12:31 +0000)]
Unblock .amnesty.de/

9 years agoDitch previously missed 'Bookmarklets' section in the templates
Fabian Keil [Fri, 19 Dec 2014 12:30:53 +0000 (12:30 +0000)]
Ditch previously missed 'Bookmarklets' section in the templates

9 years agoDeemphasize the existence of the SF support trackers which have been broken for months
Fabian Keil [Fri, 19 Dec 2014 12:30:38 +0000 (12:30 +0000)]
Deemphasize the existence of the SF support trackers which have been broken for months

9 years agoStop pretending that default.action updates are made available on their own
Fabian Keil [Fri, 19 Dec 2014 12:29:53 +0000 (12:29 +0000)]
Stop pretending that default.action updates are made available on their own

9 years agoRemove the 'Request New Features' section
Fabian Keil [Fri, 19 Dec 2014 12:29:39 +0000 (12:29 +0000)]
Remove the 'Request New Features' section

The tracker has been broken for months and the TODO list is long
enough anyway.

9 years agoAdd +limit-cookie-lifetime{} to the list of avilable actions
Fabian Keil [Fri, 19 Dec 2014 12:29:20 +0000 (12:29 +0000)]
Add +limit-cookie-lifetime{} to the list of avilable actions

9 years agoFix comment typos
Fabian Keil [Fri, 19 Dec 2014 12:28:10 +0000 (12:28 +0000)]
Fix comment typos

9 years agoExplicitly mention that Tor's port may deviate from the default
Fabian Keil [Fri, 28 Nov 2014 14:26:35 +0000 (14:26 +0000)]
Explicitly mention that Tor's port may deviate from the default

... when using a bundle.

Reported by Andrew on ijbswa-users@.

9 years agoStop blocking .sify.com/
Fabian Keil [Fri, 28 Nov 2014 14:13:22 +0000 (14:13 +0000)]
Stop blocking .sify.com/

It's not actually a pure tracking site (anymore?).

Reported by Andrew on ijbswa-users@.

9 years agoBump version to 3.0.23 UNRELEASED
Fabian Keil [Fri, 28 Nov 2014 14:13:02 +0000 (14:13 +0000)]
Bump version to 3.0.23 UNRELEASED

9 years agoAdd Kai Raven to the list of contributors
Fabian Keil [Thu, 20 Nov 2014 15:30:38 +0000 (15:30 +0000)]
Add Kai Raven to the list of contributors

9 years agoUpdate the announcement for 3.0.22
Fabian Keil [Thu, 20 Nov 2014 15:30:14 +0000 (15:30 +0000)]
Update the announcement for 3.0.22

9 years agoAdd a bunch of missing test levels
Fabian Keil [Thu, 20 Nov 2014 15:29:57 +0000 (15:29 +0000)]
Add a bunch of missing test levels

Prevents test failures when the action file editor has
been disabled or isn't available.

9 years agoAdd FEATURE_CGI_EDIT_ACTIONS dependency for test level 12
Fabian Keil [Thu, 20 Nov 2014 15:29:36 +0000 (15:29 +0000)]
Add FEATURE_CGI_EDIT_ACTIONS dependency for test level 12

9 years agoRebuild docs
Fabian Keil [Tue, 18 Nov 2014 14:22:36 +0000 (14:22 +0000)]
Rebuild docs

9 years agoNote that --disable-force is known to be broken
Fabian Keil [Tue, 18 Nov 2014 14:22:17 +0000 (14:22 +0000)]
Note that --disable-force is known to be broken

9 years agoSkip test level 13 unless the keep-alive-timeout is above 20
Fabian Keil [Tue, 18 Nov 2014 14:21:56 +0000 (14:21 +0000)]
Skip test level 13 unless the keep-alive-timeout is above 20

The tests are expected to fail with lower values, for example
the 5 seconds specified in the default config file.

Reported by Lee.

9 years agoMake the FORCE_PREFIX define always visible
Fabian Keil [Sun, 16 Nov 2014 18:43:48 +0000 (18:43 +0000)]
Make the FORCE_PREFIX define always visible

Fixes a compile error when configured with --disable-force in
which case the define is still required for the show-status page.

Reported by Kai Raven.

9 years agoFix a ChangeLog entry
Fabian Keil [Fri, 14 Nov 2014 13:50:51 +0000 (13:50 +0000)]
Fix a ChangeLog entry

9 years agoRevert r1.54 "Add range-related tests for external-filter{}"
Fabian Keil [Fri, 14 Nov 2014 12:59:11 +0000 (12:59 +0000)]
Revert r1.54 "Add range-related tests for external-filter{}"

When configured with the defaults, Privoxy does not accept
the external-filter{} action. Privoxy should probably be
changed to silently ignore the action, but this will have
to wait until the next release.

9 years agoRebuild HTML docs
Fabian Keil [Fri, 14 Nov 2014 11:32:27 +0000 (11:32 +0000)]
Rebuild HTML docs

9 years agoRebuild text docs
Fabian Keil [Fri, 14 Nov 2014 11:32:05 +0000 (11:32 +0000)]
Rebuild text docs

9 years agoRebuild config file for 3.0.22 stable
Fabian Keil [Fri, 14 Nov 2014 11:31:53 +0000 (11:31 +0000)]
Rebuild config file for 3.0.22 stable

9 years agoUpdate SGML ChangeLog
Fabian Keil [Fri, 14 Nov 2014 11:31:41 +0000 (11:31 +0000)]
Update SGML ChangeLog

9 years agoPrevent leading and trailing whitespace in quotes
Fabian Keil [Fri, 14 Nov 2014 11:31:24 +0000 (11:31 +0000)]
Prevent leading and trailing whitespace in quotes

9 years agoChangeLog cosmetic
Fabian Keil [Fri, 14 Nov 2014 11:31:11 +0000 (11:31 +0000)]
ChangeLog cosmetic

9 years agoDeclare 3.0.22 'stable'
Fabian Keil [Fri, 14 Nov 2014 11:30:59 +0000 (11:30 +0000)]
Declare 3.0.22 'stable'

9 years agoChangeLog cosmetic
Fabian Keil [Fri, 14 Nov 2014 10:40:50 +0000 (10:40 +0000)]
ChangeLog cosmetic

9 years agoUpdate ChangeLog to reflect recent changes
Fabian Keil [Fri, 14 Nov 2014 10:40:40 +0000 (10:40 +0000)]
Update ChangeLog to reflect recent changes

9 years agoFix memory leak in rfc2553_connect_to()
Fabian Keil [Fri, 14 Nov 2014 10:40:24 +0000 (10:40 +0000)]
Fix memory leak in rfc2553_connect_to()

CID 66382.

9 years agopcrs_execute(): Consistently set *result to NULL in case of errors
Fabian Keil [Fri, 14 Nov 2014 10:40:10 +0000 (10:40 +0000)]
pcrs_execute(): Consistently set *result to NULL in case of errors

Should make use-after-free in the caller less likely.

CID 66391, CID 66376.

9 years agounmap(): Prevent use-after-free if the map only consists of one item
Fabian Keil [Fri, 14 Nov 2014 10:39:49 +0000 (10:39 +0000)]
unmap(): Prevent use-after-free if the map only consists of one item

CID 66394.

9 years agoMake sure csp flags have unique values
Fabian Keil [Wed, 12 Nov 2014 12:00:41 +0000 (12:00 +0000)]
Make sure csp flags have unique values

Previously CSP_FLAG_CRUNCHED and CSP_FLAG_CLIENT_CONNECTION_HEADER_SET
shared the same bit which obviously wasn't intentional.

The only negative effect was that Privoxy potentially reused less
connections than it could have, which explains why the problem hasn't
been noticed for seven years and was only found by manual code
inspection.

9 years agoLink to the 'Would you like to donate?' FAQ
Fabian Keil [Wed, 12 Nov 2014 12:00:10 +0000 (12:00 +0000)]
Link to the 'Would you like to donate?' FAQ

... instead of repeating parts of it while leaving out the rest.

9 years agoLet server_keep_alive() always remove the Keep-Alive header
Fabian Keil [Wed, 12 Nov 2014 11:59:47 +0000 (11:59 +0000)]
Let server_keep_alive() always remove the Keep-Alive header

Not forwarding the header to the client is a MUST and
non-compliance has no advantage here.

Fixes Co-Advisor test case rfc2616/hopHdr-Keep-Alive-toClt.

9 years agoUpdate URL of Polipo's website
Fabian Keil [Tue, 11 Nov 2014 12:19:52 +0000 (12:19 +0000)]
Update URL of Polipo's website

9 years agoDisable banners-by-size for kggp.de/
Fabian Keil [Tue, 11 Nov 2014 12:19:38 +0000 (12:19 +0000)]
Disable banners-by-size for kggp.de/

10 years agoPreserve negative HTTP status numbers
Fabian Keil [Mon, 3 Nov 2014 14:41:12 +0000 (14:41 +0000)]
Preserve negative HTTP status numbers

While they are technically invalid, "supporting" them doesn't
hurt and this gets the recently added curl test 1430 "working".

10 years agoAdd two consenting donors to the list of contributors
Fabian Keil [Mon, 3 Nov 2014 14:40:53 +0000 (14:40 +0000)]
Add two consenting donors to the list of contributors

10 years agoAdd changes for 3.0.22 stable
Fabian Keil [Mon, 3 Nov 2014 14:40:25 +0000 (14:40 +0000)]
Add changes for 3.0.22 stable

10 years agoAdd a couple of contributors
Fabian Keil [Mon, 3 Nov 2014 14:39:37 +0000 (14:39 +0000)]
Add a couple of contributors

10 years agoRegenerate docs
Fabian Keil [Tue, 21 Oct 2014 15:31:49 +0000 (15:31 +0000)]
Regenerate docs

10 years agoAdd #138: Bring back the scripts to provide actions file feedback
Fabian Keil [Tue, 21 Oct 2014 15:31:32 +0000 (15:31 +0000)]
Add #138: Bring back the scripts to provide actions file feedback

10 years agoBump copyright
Fabian Keil [Tue, 21 Oct 2014 15:31:16 +0000 (15:31 +0000)]
Bump copyright

10 years agoFix web-actions target
Fabian Keil [Tue, 21 Oct 2014 15:31:05 +0000 (15:31 +0000)]
Fix web-actions target

10 years agoGarbage-collect bookmarklets section
Fabian Keil [Tue, 21 Oct 2014 15:30:52 +0000 (15:30 +0000)]
Garbage-collect bookmarklets section

Most of the bookmarklets can't possible work due to not using a
trusted referer header and the rest of them can be replaced with
common bookmarks.

10 years agoFormally declare the scripts in doc/webserver/actions/ out of action
Fabian Keil [Tue, 21 Oct 2014 15:30:27 +0000 (15:30 +0000)]
Formally declare the scripts in doc/webserver/actions/ out of action

They haven't worked in years and the docs no longer reference them.

10 years agoAdd a web-faq target that only updates the FAQ on the webserver
Fabian Keil [Tue, 21 Oct 2014 15:30:06 +0000 (15:30 +0000)]
Add a web-faq target that only updates the FAQ on the webserver

10 years agoRemove already-commented-out non-portable DOSFILTER alternatives
Fabian Keil [Tue, 21 Oct 2014 15:29:46 +0000 (15:29 +0000)]
Remove already-commented-out non-portable DOSFILTER alternatives

10 years agoRemove the obsolete targets dok-put and dok-get
Fabian Keil [Tue, 21 Oct 2014 15:29:34 +0000 (15:29 +0000)]
Remove the obsolete targets dok-put and dok-get

10 years agoAdd a sf-shell target
Fabian Keil [Tue, 21 Oct 2014 15:29:20 +0000 (15:29 +0000)]
Add a sf-shell target

10 years agoRegenerate FAQ
Fabian Keil [Tue, 21 Oct 2014 12:05:55 +0000 (12:05 +0000)]
Regenerate FAQ

10 years agoMention more stuff donations may be used for
Fabian Keil [Tue, 21 Oct 2014 12:05:12 +0000 (12:05 +0000)]
Mention more stuff donations may be used for

10 years agoBump FAQ copyright
Fabian Keil [Tue, 21 Oct 2014 12:02:16 +0000 (12:02 +0000)]
Bump FAQ copyright

10 years agoFix comment typos in free_map()'s description
Fabian Keil [Tue, 21 Oct 2014 12:01:59 +0000 (12:01 +0000)]
Fix comment typos in free_map()'s description

10 years agoRemove #138. Coverity scan results are analyzed
Fabian Keil [Sat, 18 Oct 2014 11:32:07 +0000 (11:32 +0000)]
Remove #138. Coverity scan results are analyzed

10 years agoLet new_map() exit if the new map can't be allocated
Fabian Keil [Sat, 18 Oct 2014 11:31:52 +0000 (11:31 +0000)]
Let new_map() exit if the new map can't be allocated

This is not expected to happen in the real world
and it makes life easier for the callers.

10 years agoAdd missing return check in dispatch_known_cgi()
Fabian Keil [Sat, 18 Oct 2014 11:31:25 +0000 (11:31 +0000)]
Add missing return check in dispatch_known_cgi()

CID 66354.

10 years agoreceive_client_request(): Don't ignore list_append_list_unique()'s return value
Fabian Keil [Sat, 18 Oct 2014 11:31:12 +0000 (11:31 +0000)]
receive_client_request(): Don't ignore list_append_list_unique()'s return value

CID 66360.

10 years agoFix error handling in server_content_type()
Fabian Keil [Sat, 18 Oct 2014 11:30:56 +0000 (11:30 +0000)]
Fix error handling in server_content_type()

CID 66369.

10 years agojb_err_to_string(): Only check for internal errors once
Fabian Keil [Sat, 18 Oct 2014 11:30:40 +0000 (11:30 +0000)]
jb_err_to_string(): Only check for internal errors once

Silences a Coverity complaint about unreachable code.

CID 66387.

10 years agoThe filter file array can't be NULL so don't bother checking
Fabian Keil [Sat, 18 Oct 2014 11:30:24 +0000 (11:30 +0000)]
The filter file array can't be NULL so don't bother checking

The intention was checking whether or not filters are available,
but that's a premature optimization for an unlikely scenario,
so the bogus checks can be dropped without replacement.

CID 66389, CID 66385, CID 66375.

10 years agoserver_content_encoding(): Check for enabled content filters properly
Fabian Keil [Sat, 18 Oct 2014 11:30:04 +0000 (11:30 +0000)]
server_content_encoding(): Check for enabled content filters properly

Previously external filters and gif deanimation weren't considered.

CID 66374.

10 years agoFix error handling in edit_write_file()
Fabian Keil [Sat, 18 Oct 2014 11:29:48 +0000 (11:29 +0000)]
Fix error handling in edit_write_file()

CID 66359.

10 years agoFix error handling in edit_read_file()
Fabian Keil [Sat, 18 Oct 2014 11:29:22 +0000 (11:29 +0000)]
Fix error handling in edit_read_file()

CID 66359.

10 years agoedit_read_file(): Remove bogus NULL check and use strdup_or_die() instead
Fabian Keil [Sat, 18 Oct 2014 11:29:06 +0000 (11:29 +0000)]
edit_read_file(): Remove bogus NULL check and use strdup_or_die() instead

CID 66372.

10 years agoFix memory leak in cgi_show_file()
Fabian Keil [Sat, 18 Oct 2014 11:28:49 +0000 (11:28 +0000)]
Fix memory leak in cgi_show_file()

CID 66362.

10 years agoUse strdup_or_die() if the duplicated string is tiny
Fabian Keil [Sat, 18 Oct 2014 11:28:36 +0000 (11:28 +0000)]
Use strdup_or_die() if the duplicated string is tiny

Fixes a theoretical memory leak in trust_url() reported by Coverity.

CID 66364.

10 years agobind_port(): Fix file descriptor leak in error path
Fabian Keil [Sat, 18 Oct 2014 11:28:05 +0000 (11:28 +0000)]
bind_port(): Fix file descriptor leak in error path

CID 66368.

10 years agoIn bind_port(), check if the socket is valid before marking it CLOSEEXEC
Fabian Keil [Sat, 18 Oct 2014 11:27:43 +0000 (11:27 +0000)]
In bind_port(), check if the socket is valid before marking it CLOSEEXEC