privoxy.git
20 months agocgi_show_status: Don't leak memory when no filter files are specified
Fabian Keil [Sun, 30 Aug 2020 07:24:48 +0000 (09:24 +0200)]
cgi_show_status: Don't leak memory when no filter files are specified

Sponsored by: Robert Klemme

20 months agochat(): Don't log process_encrypted_request() failures
Fabian Keil [Fri, 28 Aug 2020 13:05:08 +0000 (15:05 +0200)]
chat(): Don't log process_encrypted_request() failures

.. as parse errors.

process_encrypted_request() already logs errors with
a more precise explanation.

Sponsored by: Robert Klemme

20 months agoprivoxy-log-parser.pl: Accept and highlight 'Data arrived in time on client socket...
Fabian Keil [Fri, 28 Aug 2020 08:34:40 +0000 (10:34 +0200)]
privoxy-log-parser.pl: Accept and highlight 'Data arrived in time on client socket ...'

Sponsored by: Robert Klemme

20 months agoFix style in dispatch_known_cgi()
Fabian Keil [Fri, 28 Aug 2020 08:34:00 +0000 (10:34 +0200)]
Fix style in dispatch_known_cgi()

Sponsored by: Robert Klemme

20 months agoRebuild docs
Fabian Keil [Tue, 1 Sep 2020 09:40:57 +0000 (11:40 +0200)]
Rebuild docs

20 months agoAdd Maxim Antonov to the list of contributors
Fabian Keil [Fri, 28 Aug 2020 07:57:00 +0000 (09:57 +0200)]
Add Maxim Antonov to the list of contributors

Sponsored by: Robert Klemme

20 months agoFix style in host_matches()
Fabian Keil [Fri, 28 Aug 2020 07:53:42 +0000 (09:53 +0200)]
Fix style in host_matches()

Sponsored by: Robert Klemme

20 months agoDon't set the ssl_debug_callback() which does nothing
Fabian Keil [Fri, 28 Aug 2020 07:33:15 +0000 (09:33 +0200)]
Don't set the ssl_debug_callback() which does nothing

Sponsored by: Robert Klemme

20 months agoRemove references to #54 (Git migration) which no longer exists
Fabian Keil [Thu, 27 Aug 2020 23:21:22 +0000 (01:21 +0200)]
Remove references to #54 (Git migration) which no longer exists

20 months agolisten_loop(): Use a dedicated variable for the pthread_create() return code
Fabian Keil [Thu, 27 Aug 2020 22:32:40 +0000 (00:32 +0200)]
listen_loop(): Use a dedicated variable for the pthread_create() return code

... instead of clobbering errno.

Sponsored by: Robert Klemme

20 months agoRemove #18 'Add keep-alive support with +https-inspection' which is done
Fabian Keil [Thu, 27 Aug 2020 19:15:32 +0000 (21:15 +0200)]
Remove #18 'Add keep-alive support with +https-inspection' which is done

20 months agoDitch a couple of spaces in pointer declarations
Fabian Keil [Wed, 26 Aug 2020 23:09:35 +0000 (01:09 +0200)]
Ditch a couple of spaces in pointer declarations

Sponsored by: Robert Klemme

20 months agocreate_server_ssl_connection(): Improve the error message
Fabian Keil [Wed, 26 Aug 2020 20:17:59 +0000 (22:17 +0200)]
create_server_ssl_connection(): Improve the error message

... that is emitted when the certificate validation fails.

Sponsored by: Robert Klemme

20 months agosend_crunch_response(): Include the full URL in a log message
Fabian Keil [Wed, 26 Aug 2020 17:07:05 +0000 (19:07 +0200)]
send_crunch_response(): Include the full URL in a log message

Sponsored by: Robert Klemme

20 months agoExplicitly prevent use of FEATURE_CONNECTION_SHARING without FEATURE_CONNECTION_KEEP_...
Fabian Keil [Wed, 26 Aug 2020 14:59:36 +0000 (16:59 +0200)]
Explicitly prevent use of FEATURE_CONNECTION_SHARING without FEATURE_CONNECTION_KEEP_ALIVE

It makes no sense and does not compile anyway.

Sponsored by: Robert Klemme

20 months agoFix build without FEATURE_CONNECTION_KEEP_ALIVE
Fabian Keil [Wed, 26 Aug 2020 14:48:07 +0000 (16:48 +0200)]
Fix build without FEATURE_CONNECTION_KEEP_ALIVE

Sponsored by: Robert Klemme

20 months agoAdd keep-alive support for https-inspected connections
Fabian Keil [Tue, 25 Aug 2020 13:06:07 +0000 (15:06 +0200)]
Add keep-alive support for https-inspected connections

If a connection to the server has been established it
is reused.

If the previous request was blocked and no connection to
the server is open the connection is dropped so the client
can retry on a fresh connection.

Forwarding settings are currently ignored when handling
https-inspected requests on an already established connection.

Sponsored by: Robert Klemme

20 months agossl_send_certificate_error(): Emit CLF and CRUNCH messages
Fabian Keil [Wed, 26 Aug 2020 19:31:05 +0000 (21:31 +0200)]
ssl_send_certificate_error(): Emit CLF and CRUNCH messages

Sponsored by: Robert Klemme

20 months agoDowngrade the 'Graceful termination requested' message to LOG_LEVEL_INFO
Fabian Keil [Wed, 26 Aug 2020 09:40:39 +0000 (11:40 +0200)]
Downgrade the 'Graceful termination requested' message to LOG_LEVEL_INFO

... as it isn't an error.

Sponsored by: Robert Klemme

20 months agoFix documented return code for clear_iob()
Fabian Keil [Tue, 25 Aug 2020 21:43:23 +0000 (23:43 +0200)]
Fix documented return code for clear_iob()

Sponsored by: Robert Klemme

20 months agoRemove the unused IOB_PEEK() macro
Fabian Keil [Tue, 25 Aug 2020 17:29:28 +0000 (19:29 +0200)]
Remove the unused IOB_PEEK() macro

Sponsored by: Robert Klemme

20 months agoDeclare get_last_url() static
Fabian Keil [Tue, 25 Aug 2020 15:15:22 +0000 (17:15 +0200)]
Declare get_last_url() static

Sponsored by: Robert Klemme

20 months agoFix comment typo
Fabian Keil [Tue, 25 Aug 2020 12:53:46 +0000 (14:53 +0200)]
Fix comment typo

Sponsored by: Robert Klemme

20 months agoprivoxy-log-parser: Let handle_loglevel_re_filter() accept the no-content message
Fabian Keil [Mon, 24 Aug 2020 10:13:36 +0000 (12:13 +0200)]
privoxy-log-parser: Let handle_loglevel_re_filter() accept the no-content message

Sponsored by: Robert Klemme

20 months agodecompress_iob(): Downgrade the no-content message to LOG_LEVEL_RE_FILTER
Fabian Keil [Mon, 24 Aug 2020 10:09:15 +0000 (12:09 +0200)]
decompress_iob(): Downgrade the no-content message to LOG_LEVEL_RE_FILTER

While at it, fix a typo in a comment.

Sponsored by: Robert Klemme

20 months agoRebuild config file
Fabian Keil [Tue, 1 Sep 2020 09:41:48 +0000 (11:41 +0200)]
Rebuild config file

20 months agoChange the suggested default-server-timeout to 5
Fabian Keil [Mon, 24 Aug 2020 10:02:03 +0000 (12:02 +0200)]
Change the suggested default-server-timeout to 5

... to match the suggested keep-alive-timeout.

Otherwise using the defaults would result in Privoxy
reducing the default-server-timeout and logging an
error message.

Sponsored by: Robert Klemme

20 months agoChange ca-key-file default suggestion to cakey.pem
Fabian Keil [Sun, 23 Aug 2020 12:40:45 +0000 (14:40 +0200)]
Change ca-key-file default suggestion to cakey.pem

... to match the openssl command in the previous section.

Sponsored by: Robert Klemme

20 months agoBlock requests to .pixel.parsely.com/ as image
Fabian Keil [Sat, 22 Aug 2020 20:35:17 +0000 (22:35 +0200)]
Block requests to .pixel.parsely.com/ as image

20 months agorfc2553_connect_to(): When failing set errno later
Fabian Keil [Sun, 23 Aug 2020 16:26:19 +0000 (18:26 +0200)]
rfc2553_connect_to(): When failing set errno later

... to reduce the chances that it gets cloberred before
the caller has a chance to read it.

Previously Privoxy could send a "Connection failure" message
instead of the "DNS failure" message.

Sponsored by: Robert Klemme

20 months agossl_verify_callback(): Handle html_encode() failures
Fabian Keil [Wed, 26 Aug 2020 13:45:08 +0000 (15:45 +0200)]
ssl_verify_callback(): Handle html_encode() failures

Sponsored by: Robert Klemme

20 months agossl_store_cert(): Fix format specifier and typo in an error message
Fabian Keil [Fri, 28 Aug 2020 08:42:02 +0000 (10:42 +0200)]
ssl_store_cert(): Fix format specifier and typo in an error message

Sponsored by: Robert Klemme

20 months agoFix error messages in generate_webpage_certificate()
Fabian Keil [Thu, 27 Aug 2020 13:45:50 +0000 (15:45 +0200)]
Fix error messages in generate_webpage_certificate()

Sponsored by: Robert Klemme

20 months agogenerate_key(): Check return code of BN_set_word()
Fabian Keil [Thu, 27 Aug 2020 13:22:08 +0000 (15:22 +0200)]
generate_key(): Check return code of BN_set_word()

Sponsored by: Robert Klemme

20 months agossl_store_cert(): Fix two error messages
Fabian Keil [Thu, 27 Aug 2020 12:53:19 +0000 (14:53 +0200)]
ssl_store_cert(): Fix two error messages

Sponsored by: Robert Klemme

20 months agoDon't claim that ssl_store_cert() is a callback
Fabian Keil [Wed, 26 Aug 2020 13:49:56 +0000 (15:49 +0200)]
Don't claim that ssl_store_cert() is a callback

Sponsored by: Robert Klemme

20 months agossl_store_cert(): Handle html_encode() failures
Fabian Keil [Wed, 26 Aug 2020 13:45:47 +0000 (15:45 +0200)]
ssl_store_cert(): Handle html_encode() failures

Sponsored by: Robert Klemme

20 months agossl_send_data(): Prevent endless loop
Fabian Keil [Tue, 25 Aug 2020 18:09:04 +0000 (20:09 +0200)]
ssl_send_data(): Prevent endless loop

... if BIO_write() consistently returns 0.

Sponsored by: Robert Klemme

20 months agocreate_server_ssl_connection(): Improve the error message emitted when the handshake...
Fabian Keil [Mon, 24 Aug 2020 13:02:52 +0000 (15:02 +0200)]
create_server_ssl_connection(): Improve the error message emitted when the handshake fails

Sponsored by: Robert Klemme

20 months agocreate_client_ssl_connection(): Improve the error message emitted when the handshake...
Fabian Keil [Mon, 24 Aug 2020 09:23:28 +0000 (11:23 +0200)]
create_client_ssl_connection(): Improve the error message emitted when the handshake fails

Sponsored by: Robert Klemme

20 months agolog_ssl_errors(): Refer to TLS/SSL errors instead of just SSL errors
Fabian Keil [Mon, 24 Aug 2020 09:13:04 +0000 (11:13 +0200)]
log_ssl_errors(): Refer to TLS/SSL errors instead of just SSL errors

Sponsored by: Robert Klemme

20 months agossl_send_certificate_error(): Fix spelling in the error message
Fabian Keil [Fri, 21 Aug 2020 11:45:49 +0000 (13:45 +0200)]
ssl_send_certificate_error(): Fix spelling in the error message

Sponsored by: Robert Klemme

20 months agoExpand Source tag
Fabian Keil [Thu, 20 Aug 2020 21:33:29 +0000 (23:33 +0200)]
Expand Source tag

Sponsored by: Robert Klemme

20 months agoAdjust Source tags
Fabian Keil [Thu, 20 Aug 2020 21:32:00 +0000 (23:32 +0200)]
Adjust Source tags

Sponsored by: Robert Klemme

20 months agossl_store_cert(): Fix typo in an error message
Fabian Keil [Wed, 26 Aug 2020 09:25:02 +0000 (11:25 +0200)]
ssl_store_cert(): Fix typo in an error message

20 months agocreate_server_ssl_connection(): Mimic SSL_set1_host() if it does not exist
Fabian Keil [Wed, 26 Aug 2020 08:31:23 +0000 (10:31 +0200)]
create_server_ssl_connection(): Mimic SSL_set1_host() if it does not exist

Sponsored by: Robert Klemme

20 months agossl_store_cert(): Only use X509_get0_tbs_sigalg() on more recent OpenSSL versions
Fabian Keil [Wed, 26 Aug 2020 08:30:36 +0000 (10:30 +0200)]
ssl_store_cert(): Only use X509_get0_tbs_sigalg() on more recent OpenSSL versions

... so the function compiles with OpenSSL 1.0.2.

Sponsored by: Robert Klemme

20 months agoAdd defines for some more X509 functions
Fabian Keil [Wed, 26 Aug 2020 08:17:50 +0000 (10:17 +0200)]
Add defines for some more X509 functions

... that don't exist when using OpenSSL 1.0.2.

Sponsored by: Robert Klemme

20 months agoUse X509_set_notBefore() and X509_set_notAfter()
Fabian Keil [Thu, 20 Aug 2020 20:01:32 +0000 (22:01 +0200)]
Use X509_set_notBefore() and X509_set_notAfter()

... when compiling with OpenSSL versions earlier than 1.1.0.

Sponsored by: Robert Klemme

20 months agoRemove 'const' from set_x509_ext()'s value parameter
Fabian Keil [Thu, 20 Aug 2020 19:31:46 +0000 (21:31 +0200)]
Remove 'const' from set_x509_ext()'s value parameter

Silences the following warning when compiling with OpenSSL 1.0.2t.

     openssl.c:1213:47: warning: passing 'const char *' to parameter of type 'char *' discards qualifiers [-Wincompatible-pointer-types-discards-qualifiers]
        ext = X509V3_EXT_conf_nid(NULL, &ctx, nid, value);
                                                   ^~~~~
     /usr/include/openssl/x509v3.h:627:43: note: passing argument to parameter 'value' here
                                         char *value);
                                               ^
Sponsored by: Robert Klemme

20 months agoAdd copyright header for Vaclav and me
Fabian Keil [Thu, 20 Aug 2020 12:15:52 +0000 (14:15 +0200)]
Add copyright header for Vaclav and me

... as the file is based on ssl.c

Sponsored by: Robert Klemme

20 months agoFix a comment typo
Fabian Keil [Thu, 27 Aug 2020 10:59:40 +0000 (12:59 +0200)]
Fix a comment typo

Sponsored by: Robert Klemme

20 months agoFix a couple of 'Parameters' comment sections
Fabian Keil [Thu, 27 Aug 2020 11:04:11 +0000 (13:04 +0200)]
Fix a couple of 'Parameters' comment sections

Sponsored by: Robert Klemme

20 months agoRemove bogus spaces in the ssl_base64_encode() prototype
Fabian Keil [Wed, 26 Aug 2020 17:35:47 +0000 (19:35 +0200)]
Remove bogus spaces in the ssl_base64_encode() prototype

Sponsored by: Robert Klemme

20 months agoRemove commented-out mbedTLS-specific code in the OpenSSL section
Fabian Keil [Tue, 1 Sep 2020 10:07:39 +0000 (12:07 +0200)]
Remove commented-out mbedTLS-specific code in the OpenSSL section

20 months agoStyle fixes for the OpenSSL-specific code
Fabian Keil [Thu, 20 Aug 2020 10:48:56 +0000 (12:48 +0200)]
Style fixes for the OpenSSL-specific code

Sponsored by: Robert Klemme

20 months agoReplace a stray reference to mbedtls with OpenSSL
Fabian Keil [Thu, 20 Aug 2020 10:48:11 +0000 (12:48 +0200)]
Replace a stray reference to mbedtls with OpenSSL

Sponsored by: Robert Klemme

20 months agoAdd OpenSSL support
Maxim Antonov [Mon, 3 Aug 2020 11:11:37 +0000 (18:11 +0700)]
Add OpenSSL support

To enable it, configure with "--with-openssl".

This is mainly useful for platforms that ship with
OpenSSL in the base so the "special exception" from
section 3 of the GPLv2 applies.

The author (Maxim Antonov) reports about 100% more requests
per second when using OpenSSL instead of MbedTLS which the
committer could confirm. For details see:
https://sourceforge.net/p/ijbswa/patches/143/

This commit has a couple of issues that will be addressed
in follow-up commits.

21 months agoget_block_reason_statistics_table(): Add new lines between table rows
Fabian Keil [Mon, 10 Aug 2020 15:55:15 +0000 (17:55 +0200)]
get_block_reason_statistics_table(): Add new lines between table rows

Sponsored by: Robert Klemme

21 months agoRemove references to 'pcrs-suppport' in the show-status template
Fabian Keil [Sun, 9 Aug 2020 10:30:38 +0000 (12:30 +0200)]
Remove references to 'pcrs-suppport' in the show-status template

It no longer exists, pcrs support has been mandatory for a while.

21 months agoRemove reference to 'redirect-url' in the show-status template
Fabian Keil [Sun, 9 Aug 2020 10:14:57 +0000 (12:14 +0200)]
Remove reference to 'redirect-url' in the show-status template

21 months agoRemove reference to 'sourceversions' in the show-status template
Fabian Keil [Sun, 9 Aug 2020 10:12:00 +0000 (12:12 +0200)]
Remove reference to 'sourceversions' in the show-status template

21 months agoGather statistics for block reasons
Fabian Keil [Fri, 7 Aug 2020 09:08:23 +0000 (11:08 +0200)]
Gather statistics for block reasons

... if FEATURE_EXTENDED_STATISTICS is enabled.

Sponsored by: Robert Klemme

21 months agoBump copyright
Fabian Keil [Fri, 7 Aug 2020 08:40:15 +0000 (10:40 +0200)]
Bump copyright

21 months agoAdd FEATURE_EXTENDED_STATISTICS to gather filter statistics
Fabian Keil [Thu, 6 Aug 2020 09:52:19 +0000 (11:52 +0200)]
Add FEATURE_EXTENDED_STATISTICS to gather filter statistics

Sponsored by: Robert Klemme

21 months agoFix indentation of --fuzz description.
Fabian Keil [Fri, 7 Aug 2020 13:27:09 +0000 (15:27 +0200)]
Fix indentation of --fuzz description.

Sponsored by: Robert Klemme

21 months agoFix indentation of --enable-pcre-host-patterns description
Fabian Keil [Fri, 7 Aug 2020 13:24:41 +0000 (15:24 +0200)]
Fix indentation of --enable-pcre-host-patterns description

Sponsored by: Robert Klemme

21 months agoChange two block reasons that previsouly were the same
Fabian Keil [Fri, 7 Aug 2020 10:30:22 +0000 (12:30 +0200)]
Change two block reasons that previsouly were the same

Sponsored by: Robert Klemme

21 months agoRemove www.betrugstest.com from the list of sponsors
Fabian Keil [Fri, 7 Aug 2020 08:17:40 +0000 (10:17 +0200)]
Remove betrugstest.com from the list of sponsors

21 months agoFix typo in error message
Fabian Keil [Thu, 6 Aug 2020 08:44:08 +0000 (10:44 +0200)]
Fix typo in error message

Sponsored by: Robert Klemme

21 months agoRemove #80 which is done
Fabian Keil [Wed, 5 Aug 2020 09:28:44 +0000 (11:28 +0200)]
Remove #80 which is done

21 months agoRegenerate docs
Fabian Keil [Wed, 5 Aug 2020 10:53:56 +0000 (12:53 +0200)]
Regenerate docs

21 months agoDocument the 'PCRE-HOST-PATTERN:' prefix
Fabian Keil [Wed, 5 Aug 2020 10:53:00 +0000 (12:53 +0200)]
Document the 'PCRE-HOST-PATTERN:' prefix

Sponsored by: Robert Klemme

21 months agotools/url-pattern-translator.pl: Detect a couple of pattern prefixes case-insensitively
Fabian Keil [Wed, 5 Aug 2020 10:48:35 +0000 (12:48 +0200)]
tools/url-pattern-translator.pl: Detect a couple of pattern prefixes case-insensitively

Sponsored by: Robert Klemme

21 months agotools/url-pattern-translator.pl: Skip CLIENT-TAG patterns
Fabian Keil [Wed, 5 Aug 2020 10:34:13 +0000 (12:34 +0200)]
tools/url-pattern-translator.pl: Skip CLIENT-TAG patterns

Sponsored by: Robert Klemme

21 months agotools/url-pattern-translator.pl: Skip patterns that have already been converted
Fabian Keil [Wed, 5 Aug 2020 09:23:06 +0000 (11:23 +0200)]
tools/url-pattern-translator.pl: Skip patterns that have already been converted

It should now be safe to "convert" a file multiple times.

Sponsored by: Robert Klemme

21 months agotools/url-pattern-translator.pl: Add the new 'PCRE-HOST-PATTERN:' prefix
Fabian Keil [Wed, 5 Aug 2020 09:21:06 +0000 (11:21 +0200)]
tools/url-pattern-translator.pl: Add the new 'PCRE-HOST-PATTERN:' prefix

Sponsored by: Robert Klemme

21 months agoUpdate configure description of FEATURE_PCRE_HOST_PATTERNS
Fabian Keil [Wed, 5 Aug 2020 09:15:47 +0000 (11:15 +0200)]
Update configure description of FEATURE_PCRE_HOST_PATTERNS

Sponsored by: Robert Klemme

21 months agoRename FEATURE_EXTENDED_HOST_PATTERNS to FEATURE_PCRE_HOST_PATTERNS
Fabian Keil [Wed, 5 Aug 2020 09:13:49 +0000 (11:13 +0200)]
Rename FEATURE_EXTENDED_HOST_PATTERNS to FEATURE_PCRE_HOST_PATTERNS

Sponsored by: Robert Klemme

21 months agoBump copyright
Fabian Keil [Mon, 3 Aug 2020 13:20:52 +0000 (15:20 +0200)]
Bump copyright

21 months agoAllow to use extended host patterns and vanilla host patterns at the same time
Fabian Keil [Mon, 3 Aug 2020 11:12:32 +0000 (13:12 +0200)]
Allow to use extended host patterns and vanilla host patterns at the same time

... by prefixing extended host patterns with "PCRE-HOST-PATTERN:".

Sponsored by: Robert Klemme

21 months agoCollapse two if blocks into one
Fabian Keil [Thu, 23 Jul 2020 12:00:53 +0000 (14:00 +0200)]
Collapse two if blocks into one

Sponsored by: Robert Klemme

21 months agoInstall the GPLv3 with the "install" target
Fabian Keil [Wed, 22 Jul 2020 18:55:32 +0000 (20:55 +0200)]
Install the GPLv3 with the "install" target

... and include it in the tar ball created with the "gen-dist" target.

21 months agoRebuild man page
Fabian Keil [Wed, 22 Jul 2020 12:26:13 +0000 (14:26 +0200)]
Rebuild man page

21 months agoRegenerate docs
Fabian Keil [Wed, 22 Jul 2020 10:27:27 +0000 (12:27 +0200)]
Regenerate docs

21 months agoImprove the "ignore-certificate-errors" description
Fabian Keil [Wed, 22 Jul 2020 12:45:49 +0000 (14:45 +0200)]
Improve the "ignore-certificate-errors" description

21 months agoClarify that Privoxy is licensed under GPLv2 or later
Fabian Keil [Wed, 22 Jul 2020 13:50:30 +0000 (15:50 +0200)]
Clarify that Privoxy is licensed under GPLv2 or later

21 months agoBump copyright
Fabian Keil [Wed, 22 Jul 2020 12:25:30 +0000 (14:25 +0200)]
Bump copyright

21 months agolicense.sgml: Explain that Privoxy has to be distributed under the GPLv3 (or later...
Fabian Keil [Wed, 22 Jul 2020 12:10:06 +0000 (14:10 +0200)]
license.sgml: Explain that Privoxy has to be distributed under the GPLv3 (or later) when linked with mbedTLS

21 months agoInclude the GPLv3 in the user manual
Fabian Keil [Wed, 22 Jul 2020 10:25:41 +0000 (12:25 +0200)]
Include the GPLv3 in the user manual

... and mention that it applies when Privoxy is linked
with mbedTLS.

21 months agoImport the GNU GPLv3
Fabian Keil [Wed, 22 Jul 2020 08:52:22 +0000 (10:52 +0200)]
Import the GNU GPLv3

It can be used when Privoxy is linked to mbedTLS
whose recent versions are only distributed under the
Apache 2.0 license which is incompatible with the
GPLv2 but compatible with the GPLv3.

21 months agopcrs.3: Update pcrs license
Fabian Keil [Wed, 22 Jul 2020 12:00:32 +0000 (14:00 +0200)]
pcrs.3: Update pcrs license

21 months agopcrs.3: Change URL to https://
Fabian Keil [Wed, 22 Jul 2020 11:56:32 +0000 (13:56 +0200)]
pcrs.3: Change URL to https://

21 months agoClarify FEATURE_FORCE_LOAD description
Fabian Keil [Wed, 22 Jul 2020 10:21:27 +0000 (12:21 +0200)]
Clarify FEATURE_FORCE_LOAD description

It allows to bypass blocking not filtering and only
does it if blocks aren't enforced.

Reported by: Robert Klemme

21 months agoOnly use the Subject Alternative Name extension if it isn't an IP address
Fabian Keil [Mon, 20 Jul 2020 13:10:16 +0000 (15:10 +0200)]
Only use the Subject Alternative Name extension if it isn't an IP address

Sponsored by: Robert Klemme

21 months agoRegenerate config file
Fabian Keil [Sun, 19 Jul 2020 12:52:24 +0000 (14:52 +0200)]
Regenerate config file

21 months agoRegenerate docs
Fabian Keil [Sun, 19 Jul 2020 12:45:01 +0000 (14:45 +0200)]
Regenerate docs

21 months agoFix typo
Fabian Keil [Sun, 19 Jul 2020 12:42:29 +0000 (14:42 +0200)]
Fix typo

21 months agoconfig: Rename 'TLS/SSL' section to 'TLS/SSL Inspection'
Fabian Keil [Sun, 19 Jul 2020 12:39:59 +0000 (14:39 +0200)]
config: Rename 'TLS/SSL' section to 'TLS/SSL Inspection'

Suggested by: Lee

22 months agoreceive_encrypted_request(): Use the socket-timeout when waiting for new data
Fabian Keil [Sat, 18 Jul 2020 12:04:11 +0000 (14:04 +0200)]
receive_encrypted_request(): Use the socket-timeout when waiting for new data

Previously the keep-alive-timeout was being used which
was inappropriate as we are waiting for data that belongs
to the same request.

Sponsored by: Robert Klemme