To be filled.
Explain release numbers. major, minor. developer releases. etc.
Remove any existing rpm with rpm -e
Remove any file that was left over. This includes (but is not limited to)
/var/log/privoxy
/etc/privoxy
/usr/sbin/privoxy
/etc/init.d/privoxy
/usr/doc/privoxy*
Install the rpm. Any error messages?
start,stop,status Privoxy with the specific script (e.g. /etc/rc.d/init/privoxy stop). Reboot your machine. Does autostart work?
Start browsing. Does Privoxy work? Logfile written?
Remove the rpm. Any error messages? All files removed?
If you compiled, packaged or merely installed Privoxy, it is recommended to run Privoxy-Regression-Test to verify that at least the tested parts of Privoxy are working as expected.
This is actually pretty easy. For details, please see perldoc privoxy-regression-test.pl.
To make fuzzing more convenient, Privoxy can be configured with --enable-fuzz which will result in the --fuzz option becoming available.
Example (tested on ElectroBSD):
# Compile Privoxy with instrumentation for afl
$ export CC=afl-clang
$ export CFLAGS="-fsanitize=address -ggdb"
$ export CPPFLAGS=-I/usr/local/include/
$ export LDFLAGS="-fsanitize=address -L/usr/local/lib"
$ export AFL_USE_ASAN=1
$ export AFL_HARDEN=1
$ ./configure --with-debug --enable-extended-host-patterns --enable-accept-filter --enable-no-gifs --enable-compression --enable-strptime-sanity-checks --enable-external-filters --enable-fuzz
$ ./privoxy --fuzz
Privoxy version 3.0.24 (http://www.privoxy.org/)
Usage: ./privoxy [--config-test] [--chroot] [--help] [--no-daemon] [--pidfile pidfile] [--pre-chroot-nslookup hostname] [--user user[.group]] [--version] [configfile]
./privoxy --fuzz fuzz-mode ./path/to/fuzzed/input [--stfu]
Supported fuzz modes and the expected input:
action: Text to parse as action file.
client-request: Client request to parse. Currently incomplete
client-header: Client header to parse.
chunked-transfer-encoding: Chunk-encoded data to dechunk.
deflate: deflate-compressed data to decompress.
filter: Text to parse as filter file.
gif: gif to deanimate.
gzip: gzip-compressed data to decompress.
pcrs-substitute: A pcrs-substitute to compile. Not a whole pcrs job! Example: Bla $1 bla C $3 blah.
server-header: Server header to parse.
server-response: Server response to parse.
The following fuzz modes read data from stdin if the 'file' is '-'
client-request
client-header
chunked-transfer-encoding
deflate
gif
gzip
pcrs-substitute
server-header
server-response
Aborting
$ export ASAN_OPTIONS='abort_on_error=1'
$ mkdir input output
$ echo '$1 bla fasel $2' > input/pcrs
$ afl-fuzz -i input -o output -m none ~/git/privoxy/privoxy --fuzz pcrs-substitute - --stfu
$ cat >input/pcrs.txt
FILTER: bla fasel
s@(.{1})[432](\d+)@$1$2$hostname@UgisT
$ afl-fuzz -i input/ -o output/ -f bla.filter -m none privoxy --fuzz filter bla.filter --stfu
|