Fabian Keil [Fri, 26 Feb 2016 12:33:08 +0000 (12:33 +0000)]
 
Add #146: Let user specify how long they want to be tagged
Fabian Keil [Fri, 26 Feb 2016 12:32:56 +0000 (12:32 +0000)]
 
Bump copyright range
Fabian Keil [Fri, 26 Feb 2016 12:32:39 +0000 (12:32 +0000)]
 
FAQ: Explain why 'ping config.privoxy.org' is not expected to reach a local Privoxy installation
Fabian Keil [Fri, 26 Feb 2016 12:32:26 +0000 (12:32 +0000)]
 
get_number_param(): Simplify code by using strtol()
Fabian Keil [Fri, 26 Feb 2016 12:32:09 +0000 (12:32 +0000)]
 
cgi_die(): Consistently use CGI_PREFIX
Fabian Keil [Fri, 26 Feb 2016 12:31:57 +0000 (12:31 +0000)]
 
doc/webserver/.htaccess: Remove references to privoxy.com which we don't actually control
Fabian Keil [Fri, 26 Feb 2016 12:31:47 +0000 (12:31 +0000)]
 
include/Makefile: Consistently use privoxy.org when linking to the website
Fabian Keil [Fri, 26 Feb 2016 12:31:38 +0000 (12:31 +0000)]
 
doc/webserver/config/index.php: Link to the 'contact' section of the user manual instead of to the broken SF tracker
Fabian Keil [Fri, 26 Feb 2016 12:31:28 +0000 (12:31 +0000)]
 
doc/webserver/config/index.php: Remove obsolete section about 'new' web interface address
Fabian Keil [Fri, 26 Feb 2016 12:31:12 +0000 (12:31 +0000)]
 
clear_iob(): Remove a stray semicolon
Fabian Keil [Fri, 26 Feb 2016 12:30:59 +0000 (12:30 +0000)]
 
load_config(): Remove a stray semicolon
Fabian Keil [Fri, 26 Feb 2016 12:30:46 +0000 (12:30 +0000)]
 
loaders: Use strdup_or_die() more often
Fabian Keil [Fri, 26 Feb 2016 12:29:39 +0000 (12:29 +0000)]
 
Start using zalloc_or_die()
While at it, get rid of lots of pointless explicit casts.
Fabian Keil [Fri, 26 Feb 2016 12:29:17 +0000 (12:29 +0000)]
 
Add zalloc_or_die()
... which will allow to simplify code paths were zalloc()
failures don't need to be handled gracefully.
Fabian Keil [Fri, 26 Feb 2016 12:27:32 +0000 (12:27 +0000)]
 
Bump SGML entities to 3.0.25 UNRELEASED
Fabian Keil [Sat, 13 Feb 2016 11:18:27 +0000 (11:18 +0000)]
 
Improve wording in the donation section
Fabian Keil [Sat, 13 Feb 2016 11:18:15 +0000 (11:18 +0000)]
 
Remove #132 (onion service for the website) as it's done
Fabian Keil [Sat, 13 Feb 2016 11:18:02 +0000 (11:18 +0000)]
 
Fix a comment typo
Roland Rosenfeld [Sat, 6 Feb 2016 12:29:54 +0000 (12:29 +0000)]
 
Add all Debian changes from 3.0.19-2 to 3.0.24-1
Fabian Keil [Tue, 2 Feb 2016 13:13:23 +0000 (13:13 +0000)]
 
Note that donations done through Zwiebelfreunde e.V. can't be checked automatically
Fabian Keil [Tue, 2 Feb 2016 13:13:08 +0000 (13:13 +0000)]
 
Add Eduard Wulff as donor
Fabian Keil [Tue, 2 Feb 2016 13:12:58 +0000 (13:12 +0000)]
 
Add J. Momberger as donor
Fabian Keil [Tue, 2 Feb 2016 13:12:33 +0000 (13:12 +0000)]
 
Register donor interest for #16, #100 and #122
... after going through the bank statement provided
by Zwiebelfreunde e.V.
Fabian Keil [Tue, 2 Feb 2016 13:08:55 +0000 (13:08 +0000)]
 
Replace pointless 'Test reports' section with a placeholder comment
The referenced "test form" at SourceForge no longer exists
so there's no point to document how it should be used.
Fabian Keil [Tue, 2 Feb 2016 13:08:17 +0000 (13:08 +0000)]
 
Bump version to 3.0.25 UNRELEASED
Fabian Keil [Tue, 2 Feb 2016 13:08:03 +0000 (13:08 +0000)]
 
Let rsync skip files if the checksums match
Ian Silvester [Tue, 26 Jan 2016 17:12:14 +0000 (17:12 +0000)]
 
Altered MACH kernel thread id modification to guarantee uniqueness
Fabian Keil [Sat, 23 Jan 2016 14:13:09 +0000 (14:13 +0000)]
 
Rebuild docs with updated OS X instructions
Ian Silvester [Sat, 23 Jan 2016 13:57:17 +0000 (13:57 +0000)]
 
Updated section regarding starting Privoxy under OS X
Fabian Keil [Sat, 23 Jan 2016 12:00:40 +0000 (12:00 +0000)]
 
Rebuild docs with recent changes
Fabian Keil [Sat, 23 Jan 2016 12:00:21 +0000 (12:00 +0000)]
 
Rebuild man page for 3.0.24
Looks like this hasn't been done since 3.0.21. Oops.
Fabian Keil [Sat, 23 Jan 2016 12:00:04 +0000 (12:00 +0000)]
 
Improve generic start instructions for Unix derivates
Suggest to use the --user option and mention that
binary packages usually contain a mechanism to
start Privoxy upon boot.
Fabian Keil [Sat, 23 Jan 2016 11:59:20 +0000 (11:59 +0000)]
 
Use dedicated start instructions for FreeBSD and ElectroBSD
Fabian Keil [Sat, 23 Jan 2016 11:58:58 +0000 (11:58 +0000)]
 
Remove release instructions for AIX
They haven't been working for years and unsurprisingly
nobody seems to care.
Fabian Keil [Sat, 23 Jan 2016 11:58:18 +0000 (11:58 +0000)]
 
Remove obsolete reference to the solaris-dist target
Fabian Keil [Sat, 23 Jan 2016 11:58:05 +0000 (11:58 +0000)]
 
Update the release instructions for FreeBSD
Fabian Keil [Sat, 23 Jan 2016 11:57:50 +0000 (11:57 +0000)]
 
Remove unfinished release instructions for Amiga OS and HP-UX 11
Fabian Keil [Fri, 22 Jan 2016 18:22:00 +0000 (18:22 +0000)]
 
Rebuild developer manual with updated Cygwin instructions
Lee [Fri, 22 Jan 2016 12:14:51 +0000 (12:14 +0000)]
 
bump copyright date
Lee [Fri, 22 Jan 2016 12:11:58 +0000 (12:11 +0000)]
 
Add a pointer to the Cygwin Time Machine for getting the last release of
Cygwin version 1.5 to use for building Privoxy on Windows.
Fabian Keil [Fri, 22 Jan 2016 11:31:15 +0000 (11:31 +0000)]
 
Remove the obsolete announce target
... which has been commented out years ago.
Fabian Keil [Fri, 22 Jan 2016 10:21:02 +0000 (10:21 +0000)]
 
Rebuild docs with CVEs for 3.0.24
Fabian Keil [Fri, 22 Jan 2016 10:20:48 +0000 (10:20 +0000)]
 
Add CVEs for Privoxy 3.0.24
Ian Silvester [Thu, 21 Jan 2016 20:53:01 +0000 (20:53 +0000)]
 
Correct the comment regarding MACH thread id modification
Fabian Keil [Thu, 21 Jan 2016 15:57:30 +0000 (15:57 +0000)]
 
Rephrase #140 which was accidentally commited as part of the previous commit
Fabian Keil [Thu, 21 Jan 2016 15:57:16 +0000 (15:57 +0000)]
 
Two trivial ChangeLog edits
Fabian Keil [Thu, 21 Jan 2016 15:56:58 +0000 (15:56 +0000)]
 
Update CVS ids in footers
Fabian Keil [Thu, 21 Jan 2016 15:56:38 +0000 (15:56 +0000)]
 
Rebuild homepage with recent changes
Fabian Keil [Thu, 21 Jan 2016 15:56:27 +0000 (15:56 +0000)]
 
Mention that the website is also available as onion service
Fabian Keil [Thu, 21 Jan 2016 15:56:15 +0000 (15:56 +0000)]
 
Change formatting of the SourceForge reference on the homepage
Stop centering it, remove a strange dividing line in the middle
of the paragraph and use a text link instead of an image located
on another domain (which is inconvenient for the onion service).
Fabian Keil [Thu, 21 Jan 2016 15:55:49 +0000 (15:55 +0000)]
 
Adjust SGML entities to note that 3.0.24 is a 'stable' release
Fabian Keil [Thu, 21 Jan 2016 14:06:20 +0000 (14:06 +0000)]
 
Add #147: Improve 'Building from Source' section in the user manual
Ian Silvester [Thu, 21 Jan 2016 13:02:10 +0000 (13:02 +0000)]
 
Ameliorate a compiler warning. Though the value concerned might get truncated the effect is not serious. Still, no harm in avoiding the warning.
Fabian Keil [Sun, 17 Jan 2016 18:54:16 +0000 (18:54 +0000)]
 
Remove superfluous check again
As pointed out by Lee, it still caused a compiler warning
on Windows and AddressSanitizer seems to confirm that it's
not actually required to fix the crashes.
Fabian Keil [Sun, 17 Jan 2016 14:33:26 +0000 (14:33 +0000)]
 
Rebuild HTML docs for 3.0.24
Fabian Keil [Sun, 17 Jan 2016 14:33:03 +0000 (14:33 +0000)]
 
Update config
Fabian Keil [Sun, 17 Jan 2016 14:32:49 +0000 (14:32 +0000)]
 
Update INSTALL
Fabian Keil [Sun, 17 Jan 2016 14:32:40 +0000 (14:32 +0000)]
 
Update README
Fabian Keil [Sun, 17 Jan 2016 14:32:30 +0000 (14:32 +0000)]
 
Update AUTHORS
Fabian Keil [Sun, 17 Jan 2016 14:32:19 +0000 (14:32 +0000)]
 
Bump p-version in SGML sources
Fabian Keil [Sun, 17 Jan 2016 14:31:59 +0000 (14:31 +0000)]
 
Fix compiler warnings
Fabian Keil [Sun, 17 Jan 2016 14:31:47 +0000 (14:31 +0000)]
 
Fix a compiler warning when building without zlib support
Fabian Keil [Sun, 17 Jan 2016 14:31:33 +0000 (14:31 +0000)]
 
Import ChangeLog
Fabian Keil [Sun, 17 Jan 2016 14:31:21 +0000 (14:31 +0000)]
 
Update announcement for Privoxy 3.0.24 stable
Fabian Keil [Sun, 17 Jan 2016 14:30:54 +0000 (14:30 +0000)]
 
Add ChangeLog for 3.0.24 stable
Fabian Keil [Sun, 17 Jan 2016 14:30:38 +0000 (14:30 +0000)]
 
Bump copyright year
Fabian Keil [Sat, 16 Jan 2016 12:33:45 +0000 (12:33 +0000)]
 
Bump copyright year
Fabian Keil [Sat, 16 Jan 2016 12:33:16 +0000 (12:33 +0000)]
 
Declare 3.0.24 'stable'
Fabian Keil [Sat, 16 Jan 2016 12:33:03 +0000 (12:33 +0000)]
 
Remove non-standard Proxy-Agent headers in HTTP snipplets
They serve no real purpose and the fact that the headers
included the Privoxy version made testing inconvient.
Fabian Keil [Sat, 16 Jan 2016 12:32:18 +0000 (12:32 +0000)]
 
get_destination_from_headers(): Merge two log messages into one
Fabian Keil [Sat, 16 Jan 2016 12:31:40 +0000 (12:31 +0000)]
 
get_destination_from_headers(): Remove comment about code duplication
While there's similar code elsewhere, it's not exactly the same.
Fabian Keil [Sat, 16 Jan 2016 12:30:58 +0000 (12:30 +0000)]
 
Document forward-webserver
Fabian Keil [Sat, 16 Jan 2016 12:30:43 +0000 (12:30 +0000)]
 
Introduce the new forwarding type 'forward-webserver'
Currently it is only supported by the forward-override{}
action and there's no config directive with the same
name.
The forwarding type is similar to 'forward', but the
request line only contains the path instead of the
complete URL.
This makes it more convenient to use Privoxy to make
existing websites available as onion services as well.
Many websites serve content with hardcoded URLs and
can't be easily adjusted to change the domain based
on the one used by the client.
Putting Privoxy between Tor and the webserver (or an stunnel
that forwards to the webserver) allows to rewrite headers and
content to make client and server happy at the same time.
Fabian Keil [Sat, 16 Jan 2016 12:30:28 +0000 (12:30 +0000)]
 
Extend comment explaining SOCKS_NONE
Fabian Keil [Sat, 16 Jan 2016 12:30:05 +0000 (12:30 +0000)]
 
Note that someone is currently working on updating the CGI templates
Fabian Keil [Sat, 16 Jan 2016 12:29:51 +0000 (12:29 +0000)]
 
Note donor interest for #16, #144 and #145
Fabian Keil [Sat, 16 Jan 2016 12:29:40 +0000 (12:29 +0000)]
 
Add Gregory Seidman as contributor
Fabian Keil [Sat, 16 Jan 2016 12:29:30 +0000 (12:29 +0000)]
 
load_one_actions_file(): Prevent invalid read if the buffer is too short
Found with afl-fuzz and AddressSanitizer.
Fabian Keil [Sat, 16 Jan 2016 12:29:17 +0000 (12:29 +0000)]
 
remove_chunked_transfer_coding(): Reject invalid input sooner
Prevents invalid reads in case of corrupt input.
Bug discovered with alf-fuzz and ASAN.
Fabian Keil [Sat, 16 Jan 2016 12:29:00 +0000 (12:29 +0000)]
 
client_host(): Remove empty host headers
Previously they would result in invalid reads and crashes
when compiled with AddressSanitizer. Bug found with afl-fuzz.
Fabian Keil [Sat, 16 Jan 2016 12:28:43 +0000 (12:28 +0000)]
 
pcre: Fix invalid reads in internal and outdated pcre code
Fabian Keil [Sat, 16 Jan 2016 12:28:21 +0000 (12:28 +0000)]
 
Disable filter{banners-by-size} for .black-mosquito.org/
Fabian Keil [Sat, 16 Jan 2016 12:28:09 +0000 (12:28 +0000)]
 
Disable fast-redirects for disqus.com/
Fabian Keil [Sat, 16 Jan 2016 12:27:56 +0000 (12:27 +0000)]
 
uagen: Update OS data for FreeBSD
alpha is no longer supported.
Fabian Keil [Mon, 28 Dec 2015 18:56:36 +0000 (18:56 +0000)]
 
Fix the documented type of the forward-override{} action
... which is obviously 'parameterized'.
Fabian Keil [Mon, 28 Dec 2015 18:56:19 +0000 (18:56 +0000)]
 
Correctly document the action type for a bunch of "multi-value" actions
... that were incorrectly documented to be "parameterized".
Reported by Gregory Seidman on ijbswa-users@.
Fabian Keil [Mon, 28 Dec 2015 18:56:05 +0000 (18:56 +0000)]
 
Add Robert Klemme as contributor (donor)
Fabian Keil [Mon, 28 Dec 2015 18:55:49 +0000 (18:55 +0000)]
 
Check requests more carefully before serving them forcefully
... when blocks aren't enforced.
Privoxy always adds the force token at the beginning
of the path, but would previously accept it anywhere
in the request line.
This could result in requests being served that should
be blocked. For example in case of pages that were
loaded with force and contained JavaScript to create
additionally requests that embed the origin URL
(thus inheriting the force prefix).
The bug is not considered a security issue and the
fix does not make it harder for remote sites to
intentionally circumvent blocks if Privoxy isn't
configured to enforce them.
Fixes #1695 reported by Korda.
Fabian Keil [Sun, 27 Dec 2015 16:41:17 +0000 (16:41 +0000)]
 
Fix a typo in #146
Fabian Keil [Sun, 27 Dec 2015 16:40:54 +0000 (16:40 +0000)]
 
Block a bunch of criteo domains
Reported by Black Rider.
Fabian Keil [Sun, 27 Dec 2015 16:40:40 +0000 (16:40 +0000)]
 
Block abs.proxistore.com/abe/
Reported by Black Rider.
Fabian Keil [Sun, 27 Dec 2015 16:40:20 +0000 (16:40 +0000)]
 
Fix a regression test
The intent was to verify that the URL is blocked and the keyword for
this is "Blocked URL" which does not depend on the currently active
"Sticky Actions" which may change in the future.
Fabian Keil [Sun, 27 Dec 2015 13:32:02 +0000 (13:32 +0000)]
 
Add missing word in #143
Fabian Keil [Sun, 27 Dec 2015 13:31:48 +0000 (13:31 +0000)]
 
Add Korda as contributor
Fabian Keil [Sun, 27 Dec 2015 13:31:36 +0000 (13:31 +0000)]
 
Add Guybrush Threepwood as contributor
Fabian Keil [Sun, 27 Dec 2015 13:31:25 +0000 (13:31 +0000)]
 
Add Pak Chan as contributor
Fabian Keil [Sun, 27 Dec 2015 13:31:15 +0000 (13:31 +0000)]
 
Add Rustam Abdullaev as contributor
Fabian Keil [Sun, 27 Dec 2015 12:56:33 +0000 (12:56 +0000)]
 
Add #144-#146: Allow to pre-define tags that are set for clients that want them
Fabian Keil [Sun, 27 Dec 2015 12:56:04 +0000 (12:56 +0000)]
 
Add #143: Add support OpenBSD's pledge feature
Fabian Keil [Sun, 27 Dec 2015 12:54:12 +0000 (12:54 +0000)]
 
client_host_adder(): Reject the request if the destination host is unknown
Previously the request would fail later on.
While at it, use a less silly log message.