From: Fabian Keil <fk@fabiankeil.de>
Date: Tue, 25 Feb 2020 21:07:41 +0000 (+0100)
Subject: Rename +enable-https-filtering to +https-inspection
X-Git-Tag: v_3_0_29~478
X-Git-Url: http://www.privoxy.org/gitweb/%22https:/@default-cgi@edit-actions-add-url-form?a=commitdiff_plain;h=662c02e3ab1cab69b67f869aba490c147fc7741e;p=privoxy.git
Rename +enable-https-filtering to +https-inspection
... which is more precise.
Sponsored by: Robert Klemme
---
diff --git a/actionlist.h b/actionlist.h
index b21a1ef4..5f94ea4f 100644
--- a/actionlist.h
+++ b/actionlist.h
@@ -73,9 +73,6 @@ DEFINE_ACTION_STRING ("delay-response", ACTION_DELAY_RESPONSE,
DEFINE_CGI_PARAM_NO_RADIO("delay-response", ACTION_DELAY_RESPONSE, ACTION_STRING_DELAY_RESPONSE, "100")
DEFINE_CGI_PARAM_RADIO ("deanimate-gifs", ACTION_DEANIMATE, ACTION_STRING_DEANIMATE, "last", 1)
DEFINE_ACTION_BOOL ("downgrade-http-version", ACTION_DOWNGRADE)
-#ifdef FEATURE_HTTPS_INSPECTION
-DEFINE_ACTION_BOOL ("enable-https-filtering", ACTION_ENABLE_HTTPS_FILTER)
-#endif
#ifdef FEATURE_EXTERNAL_FILTERS
DEFINE_ACTION_MULTI ("external-filter", ACTION_MULTI_EXTERNAL_FILTER)
#endif
@@ -111,6 +108,7 @@ DEFINE_CGI_PARAM_CUSTOM ("hide-referrer", ACTION_HIDE_REFERER,
DEFINE_ACTION_STRING ("hide-user-agent", ACTION_HIDE_USER_AGENT, ACTION_STRING_USER_AGENT)
DEFINE_CGI_PARAM_NO_RADIO("hide-user-agent", ACTION_HIDE_USER_AGENT, ACTION_STRING_USER_AGENT, "Privoxy " VERSION)
#ifdef FEATURE_HTTPS_INSPECTION
+DEFINE_ACTION_BOOL ("https-inspection", ACTION_HTTPS_INSPECTION)
DEFINE_ACTION_BOOL ("ignore-certificate-errors", ACTION_IGNORE_CERTIFICATE_ERRORS)
#endif
DEFINE_ACTION_STRING ("limit-connect", ACTION_LIMIT_CONNECT, ACTION_STRING_LIMIT_CONNECT)
diff --git a/doc/source/p-config.sgml b/doc/source/p-config.sgml
index 2c3a9cf4..e2b205bc 100644
--- a/doc/source/p-config.sgml
+++ b/doc/source/p-config.sgml
@@ -4008,8 +4008,8 @@ forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t</title>
</para>
<para>
The file is used by &my-app; to generate website certificates
- when https filtering is enabled with the
- <literal><ulink url="actions-file.html#ENABLE-HTTPS-FILTERING">enable-https-filtering</ulink></literal>
+ when https inspection is enabled with the
+ <literal><ulink url="actions-file.html#HTTPS-INSPECTION">https-inspection</ulink></literal>
action.
</para>
<para>
@@ -4195,9 +4195,9 @@ forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t</title>
<listitem>
<para>
This directive specifies the directory where generated
- TLS/SSL keys and certificates are saved when https filtering
+ TLS/SSL keys and certificates are saved when https inspection
is enabled with the
- <literal><ulink url="actions-file.html#ENABLE-HTTPS-FILTERING">enable-https-filtering</ulink></literal>
+ <literal><ulink url="actions-file.html#HTTPS-INSPECTION">https-inspection</ulink></literal>
action.
</para>
<para>
diff --git a/doc/source/user-manual.sgml b/doc/source/user-manual.sgml
index a2a02b81..dc9c3d8e 100644
--- a/doc/source/user-manual.sgml
+++ b/doc/source/user-manual.sgml
@@ -3802,77 +3802,6 @@ problem-host.example.com</screen>
</sect3>
-<!-- ~~~~~ New section ~~~~~ -->
-<sect3 renderas="sect4" id="enable-https-filtering">
-<title>enable-https-filtering</title>
-
-<variablelist>
- <varlistentry>
- <term>Typical use:</term>
- <listitem>
- <para>Filter encrypted requests and responses</para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term>Effect:</term>
- <listitem>
- <para>
- Encrypted requests are decrypted, filtered and forwarded encrypted.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term>Type:</term>
- <!-- boolean, parameterized, Multi-value -->
- <listitem>
- <para>Boolean.</para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term>Parameter:</term>
- <listitem>
- <para>
- N/A
- </para>
- </listitem>
- </varlistentry>
-
-<varlistentry>
- <term>Notes:</term>
- <listitem>
- <para>
- This action allows &my-app; to filter encrypted requests and responses.
- For this to work &my-app; has to generate a certificate and send it
- to the client which has to accept it.
- </para>
- <para>
- Before this works the directives in the
- <literal><ulink url="config.html#TLS">TLS section</ulink></literal>
- of the config file have to be configured.
- </para>
- <para>
- Note that the action has to be enabled based on the CONNECT
- request which doesn't contain a path. Enabling it based on
- a pattern with path doesn't work as the path is only seen
- by &my-app; if the action is already enabled.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term>Example usage (section):</term>
- <listitem>
- <screen>{+enable-https-filtering}
-www.example.com</screen>
- </listitem>
- </varlistentry>
-
-</variablelist>
-</sect3>
-
<!-- ~~~~~ New section ~~~~~ -->
<sect3 renderas="sect4" id="external-filter">
<title>external-filter</title>
@@ -5218,6 +5147,78 @@ new action
</sect3>
+<!-- ~~~~~ New section ~~~~~ -->
+<sect3 renderas="sect4" id="https-inspection">
+<title>https-inspection</title>
+
+<variablelist>
+ <varlistentry>
+ <term>Typical use:</term>
+ <listitem>
+ <para>Filter encrypted requests and responses</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Effect:</term>
+ <listitem>
+ <para>
+ Encrypted requests are decrypted, filtered and forwarded encrypted.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Type:</term>
+ <!-- boolean, parameterized, Multi-value -->
+ <listitem>
+ <para>Boolean.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Parameter:</term>
+ <listitem>
+ <para>
+ N/A
+ </para>
+ </listitem>
+ </varlistentry>
+
+<varlistentry>
+ <term>Notes:</term>
+ <listitem>
+ <para>
+ This action allows &my-app; to filter encrypted requests and responses.
+ For this to work &my-app; has to generate a certificate and send it
+ to the client which has to accept it.
+ </para>
+ <para>
+ Before this works the directives in the
+ <literal><ulink url="config.html#TLS">TLS section</ulink></literal>
+ of the config file have to be configured.
+ </para>
+ <para>
+ Note that the action has to be enabled based on the CONNECT
+ request which doesn't contain a path. Enabling it based on
+ a pattern with path doesn't work as the path is only seen
+ by &my-app; if the action is already enabled.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Example usage (section):</term>
+ <listitem>
+ <screen>{+https-inspection}
+www.example.com</screen>
+ </listitem>
+ </varlistentry>
+
+</variablelist>
+</sect3>
+
+
<!-- ~~~~~ New section ~~~~~ -->
<sect3 renderas="sect4" id="ignore-certificate-errors">
<title>ignore-certificate-errors</title>
@@ -5261,7 +5262,7 @@ new action
<listitem>
<para>
When the
- <link linkend="ENABLE-HTTPS-FILTERING"><quote>+enable-https-filtering</quote></link>
+ <link linkend="HTTPS-INSPECTION"><quote>+https-inspection</quote></link>
action is used &my-app; by default verifies that the remote site uses a valid
certificate.
</para>
diff --git a/jcc.c b/jcc.c
index fc8db3d9..a5174b30 100644
--- a/jcc.c
+++ b/jcc.c
@@ -2403,7 +2403,7 @@ static void handle_established_connection(struct client_state *csp)
csp->ssl_with_server_is_opened = 0;
csp->ssl_with_client_is_opened = 0;
- if (csp->http->ssl && !(csp->action->flags & ACTION_ENABLE_HTTPS_FILTER))
+ if (csp->http->ssl && !(csp->action->flags & ACTION_HTTPS_INSPECTION))
{
/* Pass encrypted content without filtering. */
use_ssl_tunnel = 1;
@@ -3573,7 +3573,7 @@ static void chat(struct client_state *csp)
* Setting flags to use old solution with SSL tunnel and to disable
* certificates verification.
*/
- if (csp->http->ssl && !(csp->action->flags & ACTION_ENABLE_HTTPS_FILTER))
+ if (csp->http->ssl && !(csp->action->flags & ACTION_HTTPS_INSPECTION))
{
use_ssl_tunnel = 1;
}
diff --git a/project.h b/project.h
index c0f69a8e..1720e768 100644
--- a/project.h
+++ b/project.h
@@ -572,8 +572,8 @@ struct iob
#define ACTION_LIMIT_COOKIE_LIFETIME 0x08000000UL
/** Action bitmap: Delay writes */
#define ACTION_DELAY_RESPONSE 0x10000000UL
-/** Action bitmap: Turn https filtering on */
-#define ACTION_ENABLE_HTTPS_FILTER 0x20000000UL
+/** Action bitmap: Turn https inspection on */
+#define ACTION_HTTPS_INSPECTION 0x20000000UL
/** Action bitmap: Turn certificates verification off */
#define ACTION_IGNORE_CERTIFICATE_ERRORS 0x40000000UL