Fabian Keil [Tue, 4 Jan 2022 21:02:39 +0000 (22:02 +0100)]
 
uagen: Stop using sparc64 as FreeBSD architecture
It hasn't been supported for a while now.
Fabian Keil [Fri, 7 Jan 2022 16:22:00 +0000 (17:22 +0100)]
 
uagen: Bump version
Fabian Keil [Wed, 29 Dec 2021 11:33:51 +0000 (12:33 +0100)]
 
Rebuild developer-manual and tidy with 'HTML Tidy for FreeBSD version 5.8.0'
Ian Silvester [Mon, 27 Dec 2021 18:23:56 +0000 (13:23 -0500)]
 
Update developer manual with new macOS packaging instructions
Ian Silvester [Mon, 27 Dec 2021 18:15:19 +0000 (13:15 -0500)]
 
Update macOS packaging instructions
Fabian Keil [Tue, 21 Dec 2021 14:23:32 +0000 (15:23 +0100)]
 
Makefile: Add a 'dok' target
... that depends on the 'error' target to show the
"You are not using GNU make or did nor run configure"
message.
Fabian Keil [Tue, 14 Dec 2021 17:51:15 +0000 (18:51 +0100)]
 
Disable fast-redirects for .hagalil.com/
Fabian Keil [Mon, 20 Dec 2021 14:27:11 +0000 (15:27 +0100)]
 
Rebuild docs for 3.0.34 UNRELEASED
Fabian Keil [Mon, 20 Dec 2021 09:18:06 +0000 (10:18 +0100)]
 
Update RSS feed to include a detached signature for the macOS packages for Privoxy 3.0.33
... and drop the "Privoxy 3.0.33 64 bit.pkg.gpg" file which is gone.
Fabian Keil [Sat, 27 Mar 2021 07:34:18 +0000 (08:34 +0100)]
 
can_filter_request_body(): Fix a log message that contained a spurious u
Fabian Keil [Sun, 19 Dec 2021 07:53:33 +0000 (08:53 +0100)]
 
Update RSS feed to include the macOS packages for Privoxy 3.0.33
Fabian Keil [Tue, 14 Dec 2021 09:00:50 +0000 (10:00 +0100)]
 
Bump SMGL entities for 3.0.34 UNRELEASED
Fabian Keil [Fri, 26 Mar 2021 08:32:50 +0000 (09:32 +0100)]
 
configure: Fix --with-msan option
Also (probably) reported by Andrew Savchenko.
Fabian Keil [Mon, 13 Dec 2021 10:57:05 +0000 (11:57 +0100)]
 
Bump version to 3.0.34 UNRELEASED
Roland Rosenfeld [Thu, 9 Dec 2021 15:37:12 +0000 (16:37 +0100)]
 
Merge Debian 3.0.33-1 changes.
Fabian Keil [Thu, 9 Dec 2021 11:32:54 +0000 (12:32 +0100)]
 
Update RSS feed for the 3.0.33 releases
Fabian Keil [Thu, 9 Dec 2021 11:12:01 +0000 (12:12 +0100)]
 
Rebuild docs with corrected spelling
Fabian Keil [Thu, 9 Dec 2021 11:11:19 +0000 (12:11 +0100)]
 
Fix spelling
Fabian Keil [Thu, 9 Dec 2021 11:11:12 +0000 (12:11 +0100)]
 
Fix spelling
Fabian Keil [Thu, 9 Dec 2021 11:11:02 +0000 (12:11 +0100)]
 
Fix spelling
Fabian Keil [Wed, 8 Dec 2021 11:27:32 +0000 (12:27 +0100)]
 
Update announcement for 3.0.33 stable
Obviously this should have happened before 3.0.33 was tagged ...
Fabian Keil [Wed, 8 Dec 2021 11:25:17 +0000 (12:25 +0100)]
 
Fix spelling
Fabian Keil [Tue, 7 Dec 2021 14:39:39 +0000 (15:39 +0100)]
 
Rebuild HTML man page
Fabian Keil [Tue, 7 Dec 2021 14:38:54 +0000 (15:38 +0100)]
 
Rebuild privoxy man page
Fabian Keil [Tue, 7 Dec 2021 14:36:39 +0000 (15:36 +0100)]
 
Rebuild docs with updated ChangeLog
Fabian Keil [Tue, 7 Dec 2021 14:32:49 +0000 (15:32 +0100)]
 
Update smgl ChangeLog
Fabian Keil [Tue, 7 Dec 2021 14:25:32 +0000 (15:25 +0100)]
 
Minor ChangeLog improvements
Fabian Keil [Tue, 7 Dec 2021 14:16:13 +0000 (15:16 +0100)]
 
ChangeLog: Add entries for the security fixes
Fabian Keil [Tue, 7 Dec 2021 14:04:10 +0000 (15:04 +0100)]
 
ChangeLog: Mention the update of the OSXPackageBuilder repository
Fabian Keil [Thu, 4 Nov 2021 20:37:08 +0000 (21:37 +0100)]
 
Bump copyright
Joshua Rogers [Fri, 19 Nov 2021 16:32:23 +0000 (17:32 +0100)]
 
get_url_spec_param(): Free memory of compiled pattern spec before bailing
OVE-
20211201-0003. CVE-2021-44540.
Joshua Rogers [Fri, 19 Nov 2021 17:31:59 +0000 (18:31 +0100)]
 
process_encrypted_request_headers(): Free header memory when failing
... to get the request destination.
OVE-
20211201-0002. CVE-2021-44541.
Joshua Rogers [Fri, 19 Nov 2021 17:57:26 +0000 (18:57 +0100)]
 
send_http_request(): Prevent memory leaks when handling errors
OVE-
20211201-0001. CVE-2021-44542.
Fabian Keil [Tue, 2 Nov 2021 11:11:37 +0000 (12:11 +0100)]
 
cgi_error_no_template(): Encode the template name to prevent XSS
OVE-
20211102-0001. CVE-2021-44543.
Reported by: Artem Ivanov
Fabian Keil [Mon, 6 Dec 2021 13:34:45 +0000 (14:34 +0100)]
 
Rebuild docs with updated ChangeLog entries
Fabian Keil [Mon, 6 Dec 2021 13:34:25 +0000 (14:34 +0100)]
 
Update SGML changelog
Fabian Keil [Mon, 6 Dec 2021 12:39:12 +0000 (13:39 +0100)]
 
FAQ: Explicitly mention that sponsors can get a proper invoice
Fabian Keil [Fri, 3 Dec 2021 07:37:41 +0000 (08:37 +0100)]
 
Update ChangeLog for changes up to 
87385058b7e6
Fabian Keil [Thu, 2 Dec 2021 10:49:34 +0000 (11:49 +0100)]
 
Unblock adv-archiv.dfn-cert.de/ properly
... by relocating the pattern and test that were added
in 
e637f5ac37 further below.
Test failure pointed out by Roland.
Roland Rosenfeld [Thu, 2 Dec 2021 08:13:37 +0000 (09:13 +0100)]
 
privoxy-log-parser: fix typo in milliseconds.
Roland Rosenfeld [Thu, 2 Dec 2021 08:05:51 +0000 (09:05 +0100)]
 
Merge Debian 3.0.32-3 changes.
Fabian Keil [Wed, 1 Dec 2021 16:05:32 +0000 (17:05 +0100)]
 
Rebuild docs
Fabian Keil [Wed, 1 Dec 2021 10:08:50 +0000 (11:08 +0100)]
 
Bump SMGL entities for 3.0.33 stable
Fabian Keil [Wed, 1 Dec 2021 10:06:47 +0000 (11:06 +0100)]
 
Rebuild config file
Fabian Keil [Sat, 6 Nov 2021 12:48:41 +0000 (13:48 +0100)]
 
Rebuild AUTHORS
Fabian Keil [Tue, 2 Nov 2021 11:17:56 +0000 (12:17 +0100)]
 
Add Artem Ivanov as contributor
Fabian Keil [Sat, 6 Nov 2021 12:50:49 +0000 (13:50 +0100)]
 
Regenerate config file
Fabian Keil [Sat, 6 Nov 2021 12:46:29 +0000 (13:46 +0100)]
 
config: Explicitly mention that the CGI pages disclosing the ca-password can be blocked
... and upgrade the disclosure paragraphs to a warning.
Fabian Keil [Thu, 4 Nov 2021 20:35:45 +0000 (21:35 +0100)]
 
uagen: Bump copyright
Fabian Keil [Wed, 31 Mar 2021 11:33:17 +0000 (13:33 +0200)]
 
privoxy-log-parser: Highlight 'Socket timeout 3 reached: 127.0.0.1:20000/no-filter/chunked-content/36'
Fabian Keil [Thu, 25 Mar 2021 14:45:53 +0000 (15:45 +0100)]
 
privoxy-log-parser: Improve documentation for inactivity-detection mode
Fabian Keil [Wed, 24 Mar 2021 06:55:54 +0000 (07:55 +0100)]
 
privoxy-log-parser: Detect date changes when looking for inactivity
Fabian Keil [Fri, 26 Nov 2021 12:18:23 +0000 (13:18 +0100)]
 
uagen: Bump BROWSER_REVISION to match Firefox version to 91 (ESR)
Regression introduced in 
077333a08de.
Lee [Wed, 24 Nov 2021 21:18:32 +0000 (16:18 -0500)]
 
put all the requested debug options in the config
Section 11.1 of the Privoxy user manual lists all the debug options that
should be enabled when reporting problems or requesting support.
Make it easier for users to do the right thing by having all those
options present in the config.
Fabian Keil [Fri, 12 Nov 2021 08:55:06 +0000 (09:55 +0100)]
 
Disable fast-redirects for .zeit.de/zustimmung
Fabian Keil [Thu, 11 Nov 2021 09:59:35 +0000 (10:59 +0100)]
 
Update #184 to note that it will (hopefully) appear after the 3.0.34 release
Fabian Keil [Mon, 8 Nov 2021 13:46:43 +0000 (14:46 +0100)]
 
Unblock adv-archiv.dfn-cert.de/
Fabian Keil [Sat, 6 Nov 2021 17:02:25 +0000 (18:02 +0100)]
 
configure: Bump SOURCE_DATE_EPOCH
Fabian Keil [Sat, 6 Nov 2021 17:01:22 +0000 (18:01 +0100)]
 
Declare 3.0.33 stable
Lee [Thu, 11 Nov 2021 12:02:30 +0000 (07:02 -0500)]
 
nit: put all the '--enable-xxx' options together
Lee [Thu, 11 Nov 2021 11:59:10 +0000 (06:59 -0500)]
 
update the build script to use mbed tls version 2.6.11
Lee [Thu, 11 Nov 2021 11:54:23 +0000 (06:54 -0500)]
 
update build script to use the final 8.45 pcre library
https://www.pcre.org/
Version 8.45 is expected to be the final release of the older PCRE library, and new
projects should use PCRE2 instead.
Fabian Keil [Sat, 13 Mar 2021 10:17:38 +0000 (11:17 +0100)]
 
regression-tests.action: Add fetch test for p.p/wpad.dat
Bump for-privoxy-version to 3.0.33 which introduced the wpad.dat support.
Fabian Keil [Fri, 5 Mar 2021 10:32:03 +0000 (11:32 +0100)]
 
Bump copyright
Fabian Keil [Fri, 5 Mar 2021 08:44:43 +0000 (09:44 +0100)]
 
Add Richard Schneidt to the list of contributors
Fabian Keil [Mon, 1 Mar 2021 11:22:06 +0000 (12:22 +0100)]
 
Add a CGI handler for /wpad.dat
... that returns a Proxy Auto-Configuration (PAC) file.
Among other things, it can be used to instruct clients
through DHCP to use Privoxy as proxy.
For example with the dnsmasq option:
dhcp-option=252,http://config.privoxy.org/wpad.dat
Initial patch by Richard Schneidt.
Fabian Keil [Sat, 13 Feb 2021 12:43:02 +0000 (13:43 +0100)]
 
listen_loop(): When shutting down gracefully, close listening ports
... before waiting for the threads to exit.
Allows to start a second Privoxy with the same config file
while the first Privoxy is still running.
Fabian Keil [Sun, 7 Feb 2021 15:44:52 +0000 (16:44 +0100)]
 
GNUmakefile.in: Fix typo
Fabian Keil [Sat, 6 Feb 2021 21:38:04 +0000 (22:38 +0100)]
 
Add more tests for the '/send-banner' code
Fabian Keil [Sat, 6 Feb 2021 09:35:17 +0000 (10:35 +0100)]
 
Add test for OVE-
20210203-0001
Fabian Keil [Sat, 6 Feb 2021 09:16:17 +0000 (10:16 +0100)]
 
Add a test for CVE-2021-20217
Fabian Keil [Thu, 21 Jan 2021 13:16:51 +0000 (14:16 +0100)]
 
Bump copyright
Fabian Keil [Mon, 11 Jan 2021 13:16:12 +0000 (14:16 +0100)]
 
privoxy-log-parser: Add a --passed-request-statistics-threshold option
That can be set to get statistics for requests that
were passed.
Fabian Keil [Sun, 21 Mar 2021 17:52:32 +0000 (18:52 +0100)]
 
privoxy-log-parser: Add a "inactivity detection" mode
Which can be useful for debugging purposes.
Fabian Keil [Sun, 21 Mar 2021 17:58:03 +0000 (18:58 +0100)]
 
privoxy-log-parser: Bump version to 0.9.4
Fabian Keil [Tue, 23 Mar 2021 07:25:02 +0000 (08:25 +0100)]
 
action_render_string_actions_template(): Reposition an asterisk
Fabian Keil [Tue, 23 Mar 2021 07:22:36 +0000 (08:22 +0100)]
 
cgi_edit_process_string_action(): Fix an error message
Maxim Antonov [Mon, 14 Dec 2020 09:48:32 +0000 (16:48 +0700)]
 
Allow to edit the add-header action through the CGI editor
.. by generalizing the code that got added with the
suppress-tag action.
Closes: SF patch request #146
Fabian Keil [Thu, 25 Mar 2021 11:52:00 +0000 (12:52 +0100)]
 
Update max-client-connections's description
On modern systems other than Windows Privoxy should
use poll() in which case the FD_SETSIZE value isn't
releveant.
Fabian Keil [Thu, 25 Mar 2021 11:58:00 +0000 (12:58 +0100)]
 
Add a warning that the socket-timeout does not apply to operations done by TLS libraries
Fabian Keil [Thu, 25 Mar 2021 15:02:07 +0000 (16:02 +0100)]
 
privoxy-log-parser: Only run print_intro() and print_outro() when syntax highlighting
Fabian Keil [Thu, 25 Mar 2021 15:03:45 +0000 (16:03 +0100)]
 
privoxy-log-parser: Rephrase a sentence in the documentation
Fabian Keil [Fri, 26 Mar 2021 18:44:08 +0000 (19:44 +0100)]
 
process_encrypted_request(): Improve a log message
The function only processes request headers and there
may still be unread request body data left to process.
Fabian Keil [Fri, 26 Mar 2021 19:12:38 +0000 (20:12 +0100)]
 
privoxy-log-parser: Highlight 'Client socket 7 is no longer usable. The server socket has been closed.'
Fabian Keil [Sat, 27 Mar 2021 04:49:05 +0000 (05:49 +0100)]
 
read_http_request_body(): Fix two error messages that used an incorrect variable
Fabian Keil [Sat, 27 Mar 2021 06:46:00 +0000 (07:46 +0100)]
 
chat(): Log the applied actions before deciding how to forward the request
Fabian Keil [Sat, 27 Mar 2021 10:07:12 +0000 (11:07 +0100)]
 
parse_time_header(): Silence a coverity complaint when building without assertions
Fabian Keil [Sat, 27 Mar 2021 14:45:48 +0000 (15:45 +0100)]
 
Rename process_encrypted_request() to process_encrypted_request_headers()
... and update the comment.
Fabian Keil [Sat, 27 Mar 2021 14:44:10 +0000 (15:44 +0100)]
 
Rename receive_encrypted_request() to receive_encrypted_request_headers()
... and update the comment description.
Fabian Keil [Mon, 29 Mar 2021 10:31:00 +0000 (12:31 +0200)]
 
Block requests to eu-tlp01.kameleoon.eu/
Fabian Keil [Fri, 2 Apr 2021 08:48:47 +0000 (10:48 +0200)]
 
Block requests to fpa-events.arstechnica.com/
Fabian Keil [Fri, 2 Apr 2021 15:15:32 +0000 (17:15 +0200)]
 
receive_encrypted_request_headers(): Improve a log message
Fabian Keil [Thu, 4 Nov 2021 20:24:44 +0000 (21:24 +0100)]
 
uagen: Bump version to 1.2.3
Fabian Keil [Thu, 4 Nov 2021 20:23:48 +0000 (21:23 +0100)]
 
uagen: Bump generated Firefox version to 91 (ESR)
Lee [Wed, 7 Jul 2021 03:15:34 +0000 (23:15 -0400)]
 
nit: remove compiler warnings
"log_error(LOG_LEVEL_FATAL, ..." doesn't return but apparently the compiler doesn't know that.
Get rid of several "this statement may fall through [-Wimplicit-fallthrough=]" warnings.
i686-w64-mingw32-gcc -c -Imbedtls/include -pipe -O2 -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wall -Wextra -Wno-missing-field-initializers -Wno-sign-compare -Wno-type-limits -Wno-unused-parameter -Wno-unused-but-set-variable -Wformat=2 -Wlogical-op -Wshadow -DNDEBUG -DWINVER=0x501  -I/source/pcre-8.44/ -I/source/mbedtls-2.16.10/include -I/source/brotli-1.0.9/c/include  -mwindows -Wall  jcc.c -o jcc.o
jcc.c: In function ‘bind_port_helper’:
jcc.c:5820:13: warning: this statement may fall through [-Wimplicit-fallthrough=]
 5820 |             log_error(LOG_LEVEL_FATAL,
      |             ^~~~~~~~~~~~~~~~~~~~~~~~~~
 5821 |                "can't bind to %s:%d: There may be another Privoxy "
      |                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 5822 |                "or some other proxy running on port %d",
      |                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 5823 |                bind_address, hport, hport);
      |                ~~~~~~~~~~~~~~~~~~~~~~~~~~~
jcc.c:5825:10: note: here
 5825 |          case -2:
      |          ^~~~
Lee [Wed, 7 Jul 2021 02:53:52 +0000 (22:53 -0400)]
 
nit: note expected behavior
If building for Windows with -Wimplicit-fallthrough you'll get a warning message about
"this statement may fall through."  Make it clear this is expected.
i686-w64-mingw32-gcc -c -Imbedtls/include -pipe -O2 -fstack-protector-strong -D_FORTIFY_SOURCE=2 -march=native -Wall -Wextra -Wno-missing-field-initializers -Wno-sign-compare -Wno-type-limits -Wno-unused-parameter -Wno-unused-but-set-variable -Wformat=2 -Wno-format-nonliteral -Wlogical-op -Wshadow -Wuninitialized -Winit-self -DNDEBUG -DWINVER=0x501  -I/source/pcre-8.44/ -I/source/mbedtls-2.16.10/include -I/source/brotli-1.0.9/c/include  -mwindows -Wall  w32log.c -o w32log.o
w32log.c: In function ‘LogWindowProc’:
w32log.c:1190:27: warning: this statement may fall through [-Wimplicit-fallthrough=]
 1190 |          g_bShowLogWindow = wParam;
      |          ~~~~~~~~~~~~~~~~~^~~~~~~~
w32log.c:1191:7: note: here
 1191 |       case WM_SIZE:  /* note: implicit-fallthrough */
      |       ^~~~
Fabian Keil [Wed, 30 Jun 2021 12:58:12 +0000 (14:58 +0200)]
 
mbedTLS get_ciphersuites_from_string(): Use strlcpy() instead of strncpy()
Previously the terminating NUL wasn't copied which resulted
in a compiler warning. This didn't cause actual problems as
the target buffer was initialized by zalloc_or_die() so the
last byte of the target buffer was NUL already.
Actually copying the terminating NUL seems clearer, though.
Reported by: Lee
Fabian Keil [Wed, 24 Mar 2021 09:54:32 +0000 (10:54 +0100)]
 
privoxy-log-parser: Clarify --statistics output
... by explicitly mentioning that the status codes
sent by the server may differ from the ones in
"debug 512" messages.
Fabian Keil [Tue, 23 Mar 2021 14:06:55 +0000 (15:06 +0100)]
 
privoxy-log-parser: Fix typo in the --statistics output
Fabian Keil [Tue, 23 Mar 2021 16:53:24 +0000 (17:53 +0100)]
 
Mark #87 as work in progress