privoxy.git
2 years agoReorder gateway_host in struct forward_spec to save memory
Fabian Keil [Thu, 21 Jan 2021 10:22:26 +0000 (11:22 +0100)]
Reorder gateway_host in struct forward_spec to save memory

2 years agoReorder need_bind in struct configuration_spec to save memory
Fabian Keil [Thu, 21 Jan 2021 10:20:12 +0000 (11:20 +0100)]
Reorder need_bind in struct configuration_spec to save memory

2 years agoReorder dcount in the url_spec struct to save memory
Fabian Keil [Thu, 21 Jan 2021 10:13:19 +0000 (11:13 +0100)]
Reorder dcount in the url_spec struct to save memory

2 years agoOptimize debian/rules clean to restore pristine state.
Roland Rosenfeld [Wed, 20 Jan 2021 18:56:07 +0000 (19:56 +0100)]
Optimize debian/rules clean to restore pristine state.

2 years agoPrepare Debian release 3.0.30-1~pp-1.
Roland Rosenfeld [Wed, 20 Jan 2021 18:45:14 +0000 (19:45 +0100)]
Prepare Debian release 3.0.30-1~pp-1.

2 years agoRebuild HTML man page for Privoxy 3.0.30 stable
Fabian Keil [Wed, 20 Jan 2021 15:21:20 +0000 (16:21 +0100)]
Rebuild HTML man page for Privoxy 3.0.30 stable

2 years agoRebuild privoxy.1 for Privoxy 3.0.30 stable
Fabian Keil [Wed, 20 Jan 2021 15:20:31 +0000 (16:20 +0100)]
Rebuild privoxy.1 for Privoxy 3.0.30 stable

2 years agoRebuild docs
Fabian Keil [Wed, 20 Jan 2021 15:18:51 +0000 (16:18 +0100)]
Rebuild docs

2 years agoBump SMGL entities for 3.0.30 stable
Fabian Keil [Wed, 20 Jan 2021 15:17:54 +0000 (16:17 +0100)]
Bump SMGL entities for 3.0.30 stable

2 years agoAdd ChangeLog entries for changes from 91f9e616645 to 2ecae81f1
Fabian Keil [Wed, 20 Jan 2021 15:10:15 +0000 (16:10 +0100)]
Add ChangeLog entries for changes from 91f9e616645 to 2ecae81f1

2 years agojs-annoyances filter: Remove a duplicate pcrs command
Fabian Keil [Tue, 19 Jan 2021 19:29:34 +0000 (20:29 +0100)]
js-annoyances filter: Remove a duplicate pcrs command

2 years agossl_send_certificate_error(): Send the error message with status code 403 instead...
Fabian Keil [Mon, 18 Jan 2021 17:33:11 +0000 (18:33 +0100)]
ssl_send_certificate_error(): Send the error message with status code 403 instead of 200

2 years agoBump copyright
Fabian Keil [Mon, 18 Jan 2021 15:08:53 +0000 (16:08 +0100)]
Bump copyright

2 years agoRename slackware/rc.privoxy.orig to slackware/rc.privoxy.in
Fabian Keil [Mon, 18 Jan 2021 15:01:59 +0000 (16:01 +0100)]
Rename slackware/rc.privoxy.orig to slackware/rc.privoxy.in

... as suggested by Roland. This shold silence complaints
when building Debian packages and hopefully still works
on Slackware ...

2 years agoDeveloper manual: Optimize Debian build instructions.
Roland Rosenfeld [Tue, 19 Jan 2021 21:41:38 +0000 (22:41 +0100)]
Developer manual: Optimize Debian build instructions.

2 years agoFix typo
Fabian Keil [Tue, 19 Jan 2021 10:51:41 +0000 (11:51 +0100)]
Fix typo

2 years agoAdd #186: Privoxy should handle "OPTIONS *" requests properly
Fabian Keil [Tue, 19 Jan 2021 10:51:31 +0000 (11:51 +0100)]
Add #186: Privoxy should handle "OPTIONS *" requests properly

2 years agoFix comment typo
Fabian Keil [Tue, 19 Jan 2021 10:18:24 +0000 (11:18 +0100)]
Fix comment typo

2 years agoAdd a period to the 'Graceful termination requested' message
Fabian Keil [Tue, 19 Jan 2021 09:39:57 +0000 (10:39 +0100)]
Add a period to the 'Graceful termination requested' message

2 years agoLog a message right before exiting gracefully
Fabian Keil [Tue, 19 Jan 2021 09:10:46 +0000 (10:10 +0100)]
Log a message right before exiting gracefully

2 years agoRebuild docs
Fabian Keil [Mon, 18 Jan 2021 14:12:59 +0000 (15:12 +0100)]
Rebuild docs

2 years agoMention the imdb filter in the user-manual
Fabian Keil [Mon, 18 Jan 2021 14:10:19 +0000 (15:10 +0100)]
Mention the imdb filter in the user-manual

2 years agoMention the sourceforge filter in the user-manual
Fabian Keil [Mon, 18 Jan 2021 14:09:23 +0000 (15:09 +0100)]
Mention the sourceforge filter in the user-manual

2 years agoMention the github filter in the user-manual
Fabian Keil [Mon, 18 Jan 2021 14:08:17 +0000 (15:08 +0100)]
Mention the github filter in the user-manual

2 years agoBump copyright
Fabian Keil [Mon, 18 Jan 2021 13:37:48 +0000 (14:37 +0100)]
Bump copyright

2 years agoAdd an imdb filter
Fabian Keil [Mon, 18 Jan 2021 13:57:22 +0000 (14:57 +0100)]
Add an imdb filter

2 years agoAdd a sourceforge filter
Fabian Keil [Mon, 18 Jan 2021 13:52:58 +0000 (14:52 +0100)]
Add a sourceforge filter

... that reduces the amount of ads for proprietary software.

2 years agoAdd a github filter
Fabian Keil [Mon, 18 Jan 2021 13:49:39 +0000 (14:49 +0100)]
Add a github filter

... that removes the annoying "Sign-Up" banner and the Cookie disclaimer.

2 years agoDeclare Privoxy 3.0.30 stable
Fabian Keil [Mon, 18 Jan 2021 19:21:20 +0000 (20:21 +0100)]
Declare Privoxy 3.0.30 stable

2 years agoprivoxy-log-parser: Highlight 'Sending data on socket 33 over TLS/SSL failed: no...
Fabian Keil [Mon, 18 Jan 2021 14:01:55 +0000 (15:01 +0100)]
privoxy-log-parser: Highlight 'Sending data on socket 33 over TLS/SSL failed: no TLS/SSL errors detected'

2 years agoAdd ChangeLog entries for changes from 639c42d7ab7 to 91f9e616645
Fabian Keil [Mon, 18 Jan 2021 18:27:44 +0000 (19:27 +0100)]
Add ChangeLog entries for changes from 639c42d7ab7 to 91f9e616645

2 years agoRebuild developer manual
Fabian Keil [Mon, 18 Jan 2021 10:49:45 +0000 (11:49 +0100)]
Rebuild developer manual

2 years agodeveloper-manual: Bump copyright
Fabian Keil [Mon, 18 Jan 2021 12:45:17 +0000 (13:45 +0100)]
developer-manual: Bump copyright

2 years agodeveloper-manual: Add more build instructions for Debian
Fabian Keil [Mon, 18 Jan 2021 10:48:41 +0000 (11:48 +0100)]
developer-manual: Add more build instructions for Debian

... as submitted by Roland to privoxy-devel@ with some
markup added.

2 years agoRelocate CERT_INFO_PREFIX to ssl.c
Fabian Keil [Mon, 18 Jan 2021 03:31:09 +0000 (04:31 +0100)]
Relocate CERT_INFO_PREFIX to ssl.c

The OpenSSL code doesn't use it.

2 years agombedTLS ssl_crt_verify_info(): Ditch trailing new line
Fabian Keil [Mon, 18 Jan 2021 00:59:40 +0000 (01:59 +0100)]
mbedTLS ssl_crt_verify_info(): Ditch trailing new line

It's not needed for the certificate-error page and it
messed up the "Crunch:" message by splitting it in two.

While at it, remove the leading space which serves no
obvious purpose.

2 years agoUpdate #184: Add ETA for the wolfSSL support
Fabian Keil [Mon, 18 Jan 2021 00:11:34 +0000 (01:11 +0100)]
Update #184: Add ETA for the wolfSSL support

2 years agoAdd #185: generate_host_certificate() should only be called when necessary
Fabian Keil [Mon, 18 Jan 2021 00:10:13 +0000 (01:10 +0100)]
Add #185: generate_host_certificate() should only be called when necessary

2 years agoDisable fast-redirects for .gravater.com/
Fabian Keil [Sun, 17 Jan 2021 16:53:23 +0000 (17:53 +0100)]
Disable fast-redirects for .gravater.com/

... instead of secure.gravatar.com/.

2 years agoBump copyright
Fabian Keil [Sun, 17 Jan 2021 13:42:22 +0000 (14:42 +0100)]
Bump copyright

2 years agoenforce_sane_certificate_state(): Also deal with certificates without key
Fabian Keil [Mon, 18 Jan 2021 02:49:39 +0000 (03:49 +0100)]
enforce_sane_certificate_state(): Also deal with certificates without key

... by removing the certificate.

2 years agoFactor out enforce_sane_certificate_state()
Fabian Keil [Sat, 16 Jan 2021 13:52:55 +0000 (14:52 +0100)]
Factor out enforce_sane_certificate_state()

2 years agoOpenSSL ssl_store_cert(): Fix an error message
Fabian Keil [Fri, 15 Jan 2021 16:57:43 +0000 (17:57 +0100)]
OpenSSL ssl_store_cert(): Fix an error message

2 years agombedTLS: Rename generate_webpage_certificate() to generate_host_certificate()
Fabian Keil [Sat, 16 Jan 2021 08:12:45 +0000 (09:12 +0100)]
mbedTLS: Rename generate_webpage_certificate() to generate_host_certificate()

The generated certificate is host-specific not page-specific.

2 years agoOpenSSL: Rename generate_webpage_certificate() to generate_host_certificate()
Fabian Keil [Sat, 16 Jan 2021 08:12:00 +0000 (09:12 +0100)]
OpenSSL: Rename generate_webpage_certificate() to generate_host_certificate()

The generated certificate is host-specific not page-specific.

2 years agoOpenSSL: Save memory allocations in generate_key()
Fabian Keil [Sat, 16 Jan 2021 08:39:45 +0000 (09:39 +0100)]
OpenSSL: Save memory allocations in generate_key()

... if the key already exists.

2 years agoOpenSSL ssl_base64_encode(): Fix buffer size check
Fabian Keil [Thu, 14 Jan 2021 10:58:12 +0000 (11:58 +0100)]
OpenSSL ssl_base64_encode(): Fix buffer size check

In practice it didn't matter because Privoxy always
provides a sufficiently-sized buffer.

2 years agoOpenSSL ssl_certificate_is_invalid(): Remove a log message
Fabian Keil [Wed, 13 Jan 2021 15:24:55 +0000 (16:24 +0100)]
OpenSSL ssl_certificate_is_invalid(): Remove a log message

... if the certificate can't be read.

ssl_certificate_load() already emits an error message.

2 years agoRegenerate config file
Fabian Keil [Sat, 16 Jan 2021 19:42:11 +0000 (20:42 +0100)]
Regenerate config file

2 years agoRegenerate user-manual
Fabian Keil [Sat, 16 Jan 2021 19:41:28 +0000 (20:41 +0100)]
Regenerate user-manual

2 years agoExplicitly mention that the CA key is used to sign certificates
Fabian Keil [Sat, 16 Jan 2021 16:50:56 +0000 (17:50 +0100)]
Explicitly mention that the CA key is used to sign certificates

2 years agoprivoxy-log-parser: Properly deal with 'Certificate error' crunches
Fabian Keil [Mon, 18 Jan 2021 00:29:42 +0000 (01:29 +0100)]
privoxy-log-parser: Properly deal with 'Certificate error' crunches

Previously the error description was highlighted as 'host'.

2 years agoprivoxy-log-parser: Highlight: 'Flushed 3153 bytes of request body'
Fabian Keil [Tue, 12 Jan 2021 10:07:33 +0000 (11:07 +0100)]
privoxy-log-parser: Highlight: 'Flushed 3153 bytes of request body'

2 years agoprivoxy-log-parser: Highlight 'The last 12078 bytes of the request body have been...
Fabian Keil [Mon, 11 Jan 2021 07:48:39 +0000 (08:48 +0100)]
privoxy-log-parser: Highlight 'The last 12078 bytes of the request body have been read'

2 years agoRebuild docs
Fabian Keil [Fri, 11 Dec 2020 06:24:24 +0000 (07:24 +0100)]
Rebuild docs

2 years agoAdd Aaron Linville as contributor
Fabian Keil [Thu, 10 Dec 2020 20:14:42 +0000 (21:14 +0100)]
Add Aaron Linville as contributor

2 years agoAdd new 'allow-autocompletion' filter
Fabian Keil [Thu, 10 Dec 2020 20:10:47 +0000 (21:10 +0100)]
Add new 'allow-autocompletion' filter

... which changes autocomplete="off" to "on" on input fields to
allow autocompletion.

Requested by Jamie Zawinski in #370.
Filter based on a submission by Aaron Linville.

2 years agoGit snapshot "release".
Roland Rosenfeld [Sun, 17 Jan 2021 12:40:14 +0000 (13:40 +0100)]
Git snapshot "release".
Update all patches to new version.
39_show-status and 40_redirect-ssl are now incorporated upstream.

2 years agoMerge Debian version 3.0.29-2
Roland Rosenfeld [Sun, 17 Jan 2021 12:31:42 +0000 (13:31 +0100)]
Merge Debian version 3.0.29-2

2 years agoMerge Debian 3.0.29-1 version.
Roland Rosenfeld [Sun, 17 Jan 2021 12:28:07 +0000 (13:28 +0100)]
Merge Debian 3.0.29-1 version.

2 years agoOpenSSL ssl_recv_data(): Include the actual fd in an error message
Fabian Keil [Tue, 12 Jan 2021 08:38:50 +0000 (09:38 +0100)]
OpenSSL ssl_recv_data(): Include the actual fd in an error message

2 years agoopenssl.c: Fix comment typo
Fabian Keil [Tue, 12 Jan 2021 12:25:44 +0000 (13:25 +0100)]
openssl.c: Fix comment typo

2 years agoconfigure: Clarify comments about OpenSSL and mbedTLS support
Fabian Keil [Tue, 12 Jan 2021 07:03:28 +0000 (08:03 +0100)]
configure: Clarify comments about OpenSSL and mbedTLS support

They aren't both required, enabling either one is sufficient
to get https inspection working.

2 years agoconfigure.in: Bail out if OpenSSL and mbedTLS are enabled at the same time
Fabian Keil [Tue, 12 Jan 2021 06:46:07 +0000 (07:46 +0100)]
configure.in: Bail out if OpenSSL and mbedTLS are enabled at the same time

2 years agoconfigure.in: Remove left-over OS/2 code
Fabian Keil [Tue, 12 Jan 2021 06:43:41 +0000 (07:43 +0100)]
configure.in: Remove left-over OS/2 code

2 years agoNote that #18 is work in progress
Fabian Keil [Wed, 13 Jan 2021 08:53:51 +0000 (09:53 +0100)]
Note that #18 is work in progress

2 years agoTODO #1: Add another reference
Fabian Keil [Tue, 12 Jan 2021 05:14:59 +0000 (06:14 +0100)]
TODO #1: Add another reference

2 years agoprivoxy-log-parser: Log truncated LOG_LEVEL_CLF messages more gracefully
Fabian Keil [Mon, 11 Jan 2021 13:23:52 +0000 (14:23 +0100)]
privoxy-log-parser: Log truncated LOG_LEVEL_CLF messages more gracefully

... and note that the statistics will be inprecise.

2 years agoBlock requests to api.theadex.com/
Fabian Keil [Mon, 11 Jan 2021 12:21:40 +0000 (13:21 +0100)]
Block requests to api.theadex.com/

2 years agoBlock requests to ih.adscale.de/
Fabian Keil [Mon, 11 Jan 2021 12:13:40 +0000 (13:13 +0100)]
Block requests to ih.adscale.de/

2 years agoBlock requests to .s400.meetrics.net/
Fabian Keil [Mon, 11 Jan 2021 12:11:08 +0000 (13:11 +0100)]
Block requests to .s400.meetrics.net/

2 years agoBlock requests for pp.lp4.io/
Fabian Keil [Mon, 11 Jan 2021 12:04:46 +0000 (13:04 +0100)]
Block requests for pp.lp4.io/

2 years agoDisable fast-redirects for .ksta.de/
Fabian Keil [Mon, 11 Jan 2021 11:49:33 +0000 (12:49 +0100)]
Disable fast-redirects for .ksta.de/

2 years agoRebuild user manual
Fabian Keil [Thu, 7 Jan 2021 15:09:07 +0000 (16:09 +0100)]
Rebuild user manual

2 years agouser-manual: Bump copyright
Fabian Keil [Thu, 7 Jan 2021 15:19:55 +0000 (16:19 +0100)]
user-manual: Bump copyright

2 years agouser-manual: Note that actions aren't updated after rewrites
Fabian Keil [Fri, 8 Jan 2021 20:50:23 +0000 (21:50 +0100)]
user-manual: Note that actions aren't updated after rewrites

2 years agouser-manual: Explicitly mention that upgrading from http to https with a client-heade...
Fabian Keil [Thu, 7 Jan 2021 15:07:40 +0000 (16:07 +0100)]
user-manual: Explicitly mention that upgrading from http to https with a client-header filter is not supported

2 years agouser-manual: Note that protocol and host have to be added
Fabian Keil [Wed, 6 Jan 2021 15:51:36 +0000 (16:51 +0100)]
user-manual: Note that protocol and host have to be added

... when rewriting the destination host for https-inspected requests.

2 years agoAdd #184: Add support for wolfSSL
Fabian Keil [Fri, 8 Jan 2021 00:35:25 +0000 (01:35 +0100)]
Add #184: Add support for wolfSSL

2 years agoAdd #183: Properly deal with proxy responses that arrive in multiple pieces
Fabian Keil [Wed, 6 Jan 2021 20:49:28 +0000 (21:49 +0100)]
Add #183: Properly deal with proxy responses that arrive in multiple pieces

2 years agochange_encrypted_request_destination(): Keep the original port instead of defaulting...
Fabian Keil [Thu, 7 Jan 2021 13:13:55 +0000 (14:13 +0100)]
change_encrypted_request_destination(): Keep the original port instead of defaulting to 443

... when the rewritten request line does not contain a host and port.

2 years agofilter_header(): Break a couple of long lines
Fabian Keil [Sun, 10 Jan 2021 02:55:34 +0000 (03:55 +0100)]
filter_header(): Break a couple of long lines

2 years agoparse_client_request(): Fix status code in a LOG_LEVEL_CLF message
Fabian Keil [Sun, 10 Jan 2021 07:46:35 +0000 (08:46 +0100)]
parse_client_request(): Fix status code in a LOG_LEVEL_CLF message

2 years agochange_encrypted_request_destination(): Plug a memory leak if the rewritten request...
Fabian Keil [Thu, 7 Jan 2021 14:30:59 +0000 (15:30 +0100)]
change_encrypted_request_destination(): Plug a memory leak if the rewritten request line is invalid

2 years agoprocess_encrypted_request(): Improve error message
Fabian Keil [Thu, 7 Jan 2021 13:48:10 +0000 (14:48 +0100)]
process_encrypted_request(): Improve error message

... emitted when the rewritten request line is invalid.

While at it, emit a LOG_LEVEL_CLF message.

2 years agoprocess_encrypted_request(): Use the MESSED_UP_REQUEST_RESPONSE when the rewritten...
Fabian Keil [Thu, 7 Jan 2021 13:44:24 +0000 (14:44 +0100)]
process_encrypted_request(): Use the MESSED_UP_REQUEST_RESPONSE when the rewritten request line is invalid

2 years agochange_request_destination(): Reject rewrites from http to https
Fabian Keil [Thu, 7 Jan 2021 13:41:17 +0000 (14:41 +0100)]
change_request_destination(): Reject rewrites from http to https

... as they currently aren't supported.

Previously we would wait for the client to establish
an encrypted connection which obviously would not happen.

2 years agochat(): Use client_use_ssl(csp) instead of http->ssl
Fabian Keil [Wed, 6 Jan 2021 16:52:38 +0000 (17:52 +0100)]
chat(): Use client_use_ssl(csp) instead of http->ssl

... in a place where it is more appropriate.

Currently the difference doesn't matter, but it will
when we start supporting upgrading the protocol from
http to https behind the client's back.

2 years agoAdd Pragma header to the client-header-order example
Fabian Keil [Tue, 5 Jan 2021 17:34:38 +0000 (18:34 +0100)]
Add Pragma header to the client-header-order example

2 years agoredirect_url(): Silence a bogus use-after-free warning
Fabian Keil [Tue, 5 Jan 2021 00:03:25 +0000 (01:03 +0100)]
redirect_url(): Silence a bogus use-after-free warning

... emitted by ccc-analyzer from llvm80.

2 years agossl_store_cert(): Check BIO_get_mem_data() return code
Fabian Keil [Tue, 5 Jan 2021 00:12:04 +0000 (01:12 +0100)]
ssl_store_cert(): Check BIO_get_mem_data() return code

2 years agoenforce_header_order(): Save a couple of memory allocations
Fabian Keil [Mon, 4 Jan 2021 22:27:04 +0000 (23:27 +0100)]
enforce_header_order(): Save a couple of memory allocations

2 years agosed(): Don't call enforce_header_order() if a filter removed the request line
Fabian Keil [Tue, 5 Jan 2021 13:32:50 +0000 (14:32 +0100)]
sed(): Don't call enforce_header_order() if a filter removed the request line

... as enforce_header_order() asserts that the request line is present.

Without the request line the request will be rejected as invalid
later on anyway, so sorting the headers first is pointless.

2 years agoAdd #182: Before enforcing the client-header-order, check that the client headers...
Fabian Keil [Tue, 5 Jan 2021 02:59:13 +0000 (03:59 +0100)]
Add #182: Before enforcing the client-header-order, check that the client headers actually need sorting

2 years agoRebuild docs
Fabian Keil [Mon, 4 Jan 2021 20:28:06 +0000 (21:28 +0100)]
Rebuild docs

2 years agoRebuild config file
Fabian Keil [Mon, 4 Jan 2021 20:24:12 +0000 (21:24 +0100)]
Rebuild config file

2 years agoBump copyright
Fabian Keil [Mon, 4 Jan 2021 20:25:05 +0000 (21:25 +0100)]
Bump copyright

2 years agoBump copyright
Fabian Keil [Sun, 3 Jan 2021 20:32:32 +0000 (21:32 +0100)]
Bump copyright

2 years agoNote that client-header-order works for encrypted headers if https-inspection is...
Fabian Keil [Sun, 3 Jan 2021 13:19:51 +0000 (14:19 +0100)]
Note that client-header-order works for encrypted headers if https-inspection is enabled

2 years agoAdd three additional headers to the client-header-order example
Fabian Keil [Sun, 3 Jan 2021 13:18:02 +0000 (14:18 +0100)]
Add three additional headers to the client-header-order example