X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=project.h;h=943e66da729ea0a79fd77749420ca1b519b18a52;hp=20f693ac2af6f8b8b1bf901675df9ac065829cdb;hb=bbf03939e49397937cc8b10943c19a3c8ce26b0c;hpb=2ce0e12445718fed0b44598b70dd18525fb6620b diff --git a/project.h b/project.h index 20f693ac..943e66da 100644 --- a/project.h +++ b/project.h @@ -9,7 +9,7 @@ * (though it does declare some macros). * * Copyright : Written by and Copyright (C) 2001-2014 the - * Privoxy team. http://www.privoxy.org/ + * Privoxy team. https://www.privoxy.org/ * * Based on the Internet Junkbuster originally written * by and Copyright (C) 1997 Anonymous Coders and @@ -44,7 +44,7 @@ /* Needed for pcre choice */ #include "config.h" -#ifdef FEATURE_HTTPS_FILTERING +#ifdef FEATURE_HTTPS_INSPECTION #ifdef FEATURE_PTHREAD # include typedef pthread_mutex_t privoxy_mutex_t; @@ -175,7 +175,7 @@ typedef enum privoxy_err jb_err; /** * This macro is used to free a pointer that may be NULL. * It also sets the variable to NULL after it's been freed. - * The paramater should be a simple variable without side effects. + * The parameter should be a simple variable without side effects. */ #define freez(X) { if(X) { free((void*)X); X = NULL ; } } @@ -276,7 +276,7 @@ struct map_entry /** * A map from a string to another string. - * This is used for the paramaters passed in a HTTP GET request, and + * This is used for the parameters passed in a HTTP GET request, and * to store the exports when the CGI interface is filling in a template. */ struct map @@ -287,7 +287,7 @@ struct map struct map_entry *last; }; -#ifdef FEATURE_HTTPS_FILTERING +#ifdef FEATURE_HTTPS_INSPECTION /* * Struct of attributes necessary for TLS/SSL connection */ @@ -319,7 +319,7 @@ struct http_request char *ocmd; /**< Backup of original cmd for CLF logging */ char *gpc; /**< HTTP method: GET, POST, ... */ char *url; /**< The URL */ - char *ver; /**< Protocol version */ + char *version; /**< Protocol version */ int status; /**< HTTP Status */ char *host; /**< Host part of URL */ @@ -337,52 +337,24 @@ struct http_request int dcount; /**< How many parts to this domain? (length of dvec) */ #endif /* ndef FEATURE_EXTENDED_HOST_PATTERNS */ -#ifdef FEATURE_HTTPS_FILTERING - int client_ssl; /**< Flag if we should comunicate with slient over ssl */ - int server_ssl; /**< Flag if we should comunicate with server over ssl */ +#ifdef FEATURE_HTTPS_INSPECTION + int client_ssl; /**< Flag if we should communicate with client over ssl */ + int server_ssl; /**< Flag if we should communicate with server over ssl */ unsigned char hash_of_host_hex[(HASH_OF_HOST_BUF_SIZE * 2) + 1]; /**< chars for hash in hex string and one for '\0' */ unsigned char hash_of_host[HASH_OF_HOST_BUF_SIZE+1]; /**< chars for bytes of hash and one for '\0' */ #endif }; -#ifdef FEATURE_HTTPS_FILTERING -/* - * Properties of cert for generating - */ -typedef struct{ - char *issuer_crt; /* filename of the issuer certificate */ - char *subject_key; /* filename of the subject key file */ - char *issuer_key; /* filename of the issuer key file */ - const char *subject_pwd; /* password for the subject key file */ - const char *issuer_pwd; /* password for the issuer key file */ - char *output_file; /* where to store the constructed key file */ - const char *subject_name; /* subject name for certificate */ - char issuer_name[ISSUER_NAME_BUF_SIZE]; /* issuer name for certificate */ - const char *not_before; /* validity period not before */ - const char *not_after; /* validity period not after */ - const char *serial; /* serial number string */ - int is_ca; /* is a CA certificate */ - int max_pathlen; /* maximum CA path length */ -} cert_options; - -/* - * Properties of key for generating - */ -typedef struct{ - mbedtls_pk_type_t type; /* type of key to generate */ - int rsa_keysize; /* length of key in bits */ - char *key_file_path; /* filename of the key file */ -} key_options; - +#ifdef FEATURE_HTTPS_INSPECTION /* * Struct for linked list containing certificates */ typedef struct certs_chain { - char text_buf[CERT_INFO_BUF_SIZE]; /* text info about properties of certificate */ + char info_buf[CERT_INFO_BUF_SIZE]; /* text info about properties of certificate */ char file_buf[CERT_FILE_BUF_SIZE]; /* buffer for whole certificate - format to save in file */ struct certs_chain *next; /* next certificate in chain of trust */ -}certs_chain_t; +} certs_chain_t; #endif /** @@ -595,8 +567,8 @@ struct iob #define ACTION_LIMIT_COOKIE_LIFETIME 0x08000000UL /** Action bitmap: Delay writes */ #define ACTION_DELAY_RESPONSE 0x10000000UL -/** Action bitmap: Turn https filtering on */ -#define ACTION_ENABLE_HTTPS_FILTER 0x20000000UL +/** Action bitmap: Turn https inspection on */ +#define ACTION_HTTPS_INSPECTION 0x20000000UL /** Action bitmap: Turn certificates verification off */ #define ACTION_IGNORE_CERTIFICATE_ERRORS 0x40000000UL @@ -678,7 +650,7 @@ struct current_action_spec unsigned long flags; /** - * Paramaters for those actions that require them. + * Parameters for those actions that require them. * Each entry is valid if & only if the corresponding entry in "flags" is * set. */ @@ -950,7 +922,7 @@ struct reusable_connection #define CSP_FLAG_UNSUPPORTED_CLIENT_EXPECTATION 0x02000000U /** - * Flag for csp->flags: Set if we answered the request ourselve. + * Flag for csp->flags: Set if we answered the request ourselves. */ #define CSP_FLAG_CRUNCHED 0x04000000U @@ -981,7 +953,7 @@ struct reusable_connection * Maximum number of actions/filter files. This limit is arbitrary - it's just used * to size an array. */ -#define MAX_AF_FILES 30 +#define MAX_AF_FILES 100 /** * Maximum number of sockets to listen to. This limit is arbitrary - it's just used @@ -1043,7 +1015,7 @@ struct client_state /* XXX: should be renamed to server_iob */ struct iob iob[1]; -#ifdef FEATURE_HTTPS_FILTERING +#ifdef FEATURE_HTTPS_INSPECTION mbedtls_connection_attr mbedtls_server_attr; /* attributes for connection to server */ mbedtls_connection_attr mbedtls_client_attr; /* attributes for connection to client */ #endif @@ -1060,7 +1032,7 @@ struct client_state /** List of all headers for this request */ struct list headers[1]; -#ifdef FEATURE_HTTPS_FILTERING +#ifdef FEATURE_HTTPS_INSPECTION /** List of all encrypted headers for this request */ struct list https_headers[1]; #endif @@ -1116,7 +1088,7 @@ struct client_state */ char *error_message; -#ifdef FEATURE_HTTPS_FILTERING +#ifdef FEATURE_HTTPS_INSPECTION /* Result of server certificate verification */ uint32_t server_cert_verification_result; @@ -1133,7 +1105,7 @@ struct client_state /* * Server certificate chain of trust including strings with certificates - * informations and string with whole certificate file + * information and string with whole certificate file */ struct certs_chain server_certs_chain; #endif @@ -1561,7 +1533,7 @@ struct configuration_spec /** Nonzero if we need to bind() to the new port. */ int need_bind; -#ifdef FEATURE_HTTPS_FILTERING +#ifdef FEATURE_HTTPS_INSPECTION /** Password for proxy ca file **/ char * ca_password; @@ -1631,6 +1603,7 @@ struct configuration_spec * INCLUDES the trailing slash. */ #define CGI_PREFIX "http://" CGI_SITE_2_HOST CGI_SITE_2_PATH "/" +#define CGI_PREFIX_HTTPS "https://" CGI_SITE_2_HOST CGI_SITE_2_PATH "/" #endif /* ndef PROJECT_H_INCLUDED */