privoxy.git
3 years agoMake the second pcrs job of the img-reorder filter greedy again
Fabian Keil [Sat, 20 Feb 2021 04:30:08 +0000 (05:30 +0100)]
Make the second pcrs job of the img-reorder filter greedy again

The ungreedy version caused breakage like:
-<img width=888 height=573 src=socket.png>
+<img src=s width=888 height=573ocket.png>
on http://bulk.fefe.de/scalability/.

3 years agoAdd #196: Investigate if it's worth adding an optional mutex for the CGI handler
Fabian Keil [Sat, 20 Feb 2021 03:22:36 +0000 (04:22 +0100)]
Add #196: Investigate if it's worth adding an optional mutex for the CGI handler

3 years agoAdd #195: We should probably cache the server TLS contexts
Fabian Keil [Sat, 20 Feb 2021 03:18:17 +0000 (04:18 +0100)]
Add #195: We should probably cache the server TLS contexts

3 years agoUpdate #184
Fabian Keil [Fri, 19 Feb 2021 14:28:04 +0000 (15:28 +0100)]
Update #184

3 years agoAdd #194: There should be a way to force gif deanimation
Fabian Keil [Fri, 19 Feb 2021 13:45:36 +0000 (14:45 +0100)]
Add #194: There should be a way to force gif deanimation

3 years agoAdd #193: Use SHA256 instead of MD5 for the host hash
Fabian Keil [Fri, 19 Feb 2021 12:17:09 +0000 (13:17 +0100)]
Add #193: Use SHA256 instead of MD5 for the host hash

3 years agossl_send_certificate_error(): Respect HEAD requests by not sending a body
Fabian Keil [Wed, 10 Feb 2021 02:39:23 +0000 (03:39 +0100)]
ssl_send_certificate_error(): Respect HEAD requests by not sending a body

3 years agossl_send_certificate_error(): End body with a single new line
Fabian Keil [Wed, 10 Feb 2021 02:33:46 +0000 (03:33 +0100)]
ssl_send_certificate_error(): End body with a single new line

3 years agoserve(): Increase the chances that the host is logged
Fabian Keil [Mon, 15 Feb 2021 15:47:03 +0000 (16:47 +0100)]
serve(): Increase the chances that the host is logged

... when closing a server socket.

3 years agoOpenSSL: Log the TLS version and the the cipher used
Fabian Keil [Sat, 13 Feb 2021 21:36:51 +0000 (22:36 +0100)]
OpenSSL: Log the TLS version and the the cipher used

3 years agoBump copyright
Fabian Keil [Sun, 14 Feb 2021 14:08:04 +0000 (15:08 +0100)]
Bump copyright

3 years agoUnblock requests to adri*.
Fabian Keil [Sun, 14 Feb 2021 14:02:05 +0000 (15:02 +0100)]
Unblock requests to adri*.

3 years agombedTLS: Log the TLS version and cipher suite
Fabian Keil [Sat, 13 Feb 2021 21:49:18 +0000 (22:49 +0100)]
mbedTLS: Log the TLS version and cipher suite

3 years agoprivoxy-log-parser: Highlight: "Evaluating tag 'change-tor-socks-port' for client...
Fabian Keil [Fri, 12 Feb 2021 20:46:26 +0000 (21:46 +0100)]
privoxy-log-parser: Highlight: "Evaluating tag 'change-tor-socks-port' for client 127.0.0.1. End of life 1613162302."

3 years agoprivoxy-log-parser: Highlight: "Tag 'change-tor-socks-port' for client 127.0.0.1...
Fabian Keil [Fri, 12 Feb 2021 20:42:26 +0000 (21:42 +0100)]
privoxy-log-parser: Highlight: "Tag 'change-tor-socks-port' for client 127.0.0.1 expired 1 seconds ago. Deleting it."

3 years agoOpenSSL ssl_store_cert(): Fix two error messages
Fabian Keil [Fri, 12 Feb 2021 17:00:34 +0000 (18:00 +0100)]
OpenSSL ssl_store_cert(): Fix two error messages

3 years agoBlock requests for trc*.taboola.com/
Fabian Keil [Thu, 11 Feb 2021 17:26:54 +0000 (18:26 +0100)]
Block requests for trc*.taboola.com/

3 years agoDisable fast-redirects for .linkedin.com/
Fabian Keil [Thu, 11 Feb 2021 17:21:44 +0000 (18:21 +0100)]
Disable fast-redirects for .linkedin.com/

3 years agoprivoxy-regression-test: Bump version to 0.7.3
Fabian Keil [Thu, 11 Feb 2021 11:35:09 +0000 (12:35 +0100)]
privoxy-regression-test: Bump version to 0.7.3

3 years agoprivoxy-regression-test: Add the --check-bad-ssl option to the --help output
Fabian Keil [Thu, 11 Feb 2021 11:34:48 +0000 (12:34 +0100)]
privoxy-regression-test: Add the --check-bad-ssl option to the --help output

3 years agoTerminate the body of the HTTP snipplets with a single new line instead of \r\n
Fabian Keil [Tue, 9 Feb 2021 15:59:51 +0000 (16:59 +0100)]
Terminate the body of the HTTP snipplets with a single new line instead of \r\n

3 years agoOpenSSL ssl_store_cert(): Fix a format specifier
Fabian Keil [Tue, 9 Feb 2021 15:13:03 +0000 (16:13 +0100)]
OpenSSL ssl_store_cert(): Fix a format specifier

3 years agoFix a couple of format specifiers
Fabian Keil [Tue, 9 Feb 2021 15:12:42 +0000 (16:12 +0100)]
Fix a couple of format specifiers

3 years agolog_error(): Treat LOG_LEVEL_FATAL as fatal even when --stfu is being used
Fabian Keil [Mon, 8 Feb 2021 14:58:03 +0000 (15:58 +0100)]
log_error(): Treat LOG_LEVEL_FATAL as fatal even when --stfu is being used

Reported by: Joshua Rogers (Opera).

3 years agoUpdate cgi_send_banner()'s comment header
Fabian Keil [Sat, 6 Feb 2021 21:36:23 +0000 (22:36 +0100)]
Update cgi_send_banner()'s comment header

Logo support has been removed in 2002 (2fd9e77391d).

3 years agofuzz_server_header(): Fix compiler warning
Fabian Keil [Sat, 6 Feb 2021 10:07:13 +0000 (11:07 +0100)]
fuzz_server_header(): Fix compiler warning

3 years agofuzz_client_header(): Fix compiler warning
Fabian Keil [Sat, 6 Feb 2021 10:07:03 +0000 (11:07 +0100)]
fuzz_client_header(): Fix compiler warning

3 years agoprivoxy-log-parser.pl: Let highlight_request_line() tolerate 'Failed reading chunked...
Fabian Keil [Fri, 5 Feb 2021 04:27:38 +0000 (05:27 +0100)]
privoxy-log-parser.pl: Let highlight_request_line() tolerate 'Failed reading chunked client body'

3 years agoprivoxy-log-parser.pl: Let gather_loglevel_clf_stats() tolerate another 'invalid...
Fabian Keil [Fri, 5 Feb 2021 04:13:29 +0000 (05:13 +0100)]
privoxy-log-parser.pl: Let gather_loglevel_clf_stats() tolerate another 'invalid' log message

3 years agolist_is_valid(): Remove '#if 1' block around the function body
Fabian Keil [Thu, 4 Feb 2021 18:05:35 +0000 (19:05 +0100)]
list_is_valid(): Remove '#if 1' block around the function body

The function can be disabled by compiling with NDEBUG now.

3 years agoconfigure: Bump copyright
Fabian Keil [Thu, 4 Feb 2021 12:54:28 +0000 (13:54 +0100)]
configure: Bump copyright

3 years agoconfigure: Add --with-assertions option and only enable assertions when it is used
Fabian Keil [Thu, 4 Feb 2021 12:54:07 +0000 (13:54 +0100)]
configure: Add --with-assertions option and only enable assertions when it is used

3 years agodecompress_iob(): Silence compiler warning when compiling with NDEBUG
Fabian Keil [Thu, 4 Feb 2021 12:43:37 +0000 (13:43 +0100)]
decompress_iob(): Silence compiler warning when compiling with NDEBUG

3 years agoOnly compile list_is_valid() when NDEBUG is undefined
Fabian Keil [Thu, 4 Feb 2021 12:40:42 +0000 (13:40 +0100)]
Only compile list_is_valid() when NDEBUG is undefined

3 years agolog_error(): Silence a warning when compiling with NDEBUG
Fabian Keil [Thu, 4 Feb 2021 12:38:09 +0000 (13:38 +0100)]
log_error(): Silence a warning when compiling with NDEBUG

3 years agowindows build: have to include extra libraries for a mingw build
Lee [Sun, 21 Feb 2021 13:47:26 +0000 (08:47 -0500)]
windows build: have to include extra libraries for a mingw build

or maybe it's the way I build the stand-alone library?  dunno, but
building with mingw also needs "-lbrotlicommon -lbrotlienc" added
to $LIBS

3 years agowindows build: default build now uses --with-brotli
Lee [Sun, 21 Feb 2021 13:43:03 +0000 (08:43 -0500)]
windows build: default build now uses  --with-brotli

3 years agowindows build: default is now --with-mbedtls
Lee [Sun, 21 Feb 2021 13:39:40 +0000 (08:39 -0500)]
windows build:  default is now  --with-mbedtls

3 years agowindows: static link privoxy with an external pcre library
Lee [Thu, 18 Feb 2021 17:56:51 +0000 (12:56 -0500)]
windows: static link privoxy with an external pcre library

The pcre code included with Privoy is very old.  This at
least gets us up to the current PCRE 8.X library code.

3 years agowindows: enable dynamic error checking
Lee [Thu, 18 Feb 2021 17:53:36 +0000 (12:53 -0500)]
windows: enable dynamic error checking

I decided it was silly to have this stuff turned on just for testing
or turned on just for me.

3 years agoallow building privoxy with a statically linked external pcre library on windows
Lee [Thu, 18 Feb 2021 16:22:38 +0000 (11:22 -0500)]
allow building privoxy with a statically linked external pcre library on windows

see /usr/i686-w64-mingw32/sys-root/mingw/include/pcre.h line 54
  #if defined(_WIN32) && !defined(PCRE_STATIC)
  #  ifndef PCRE_EXP_DECL
  #    define PCRE_EXP_DECL  extern __declspec(dllimport)
  #  endif
If you want to statically link a program against a PCRE library in the form of
a non-dll .a file, you must define PCRE_STATIC before including pcre.h or
pcrecpp.h, otherwise the pcre_malloc() and pcre_free() exported functions will
be declared __declspec(dllimport), with unwanted results.

3 years agodon't assume NSIS is in privoxy git
Lee [Thu, 18 Feb 2021 16:17:37 +0000 (11:17 -0500)]
don't assume NSIS is in privoxy git

I wanted NSIS included with Privoxy
Fabian didn't want binaries in the git tree
So install NSIS outside of the Privoxy source code and stop
having to remember to update the location of the NSIS code
when releasing a new version of Privoxy.

3 years agoAdd #192: The client TLS contexts should probably be shared among threads
Fabian Keil [Thu, 18 Feb 2021 02:24:26 +0000 (03:24 +0100)]
Add #192: The client TLS contexts should probably be shared among threads

3 years agoAdd #191: The cipher-list directive should be split
Fabian Keil [Fri, 12 Feb 2021 13:35:07 +0000 (14:35 +0100)]
Add #191: The cipher-list directive should be split

3 years agoAdd #190: The socks5 authentication code should send user name an password seperately
Fabian Keil [Sun, 7 Feb 2021 14:17:55 +0000 (15:17 +0100)]
Add #190: The socks5 authentication code should send user name an password seperately

3 years agoTODO #170: Fix typo
Fabian Keil [Sat, 6 Feb 2021 14:28:47 +0000 (15:28 +0100)]
TODO #170: Fix typo

3 years agoAdd #189: Bring back binary packages for macOS
Fabian Keil [Sun, 7 Feb 2021 13:32:16 +0000 (14:32 +0100)]
Add #189: Bring back binary packages for macOS

3 years agoprivoxy-log-parser: Highlight 'Complete client request followed by 59 bytes of pipeli...
Fabian Keil [Sat, 6 Feb 2021 21:30:05 +0000 (22:30 +0100)]
privoxy-log-parser: Highlight 'Complete client request followed by 59 bytes of pipelined data received.'

3 years agoAdd CVEs for security issues fixed in 3.0.31
Fabian Keil [Thu, 4 Feb 2021 15:43:35 +0000 (16:43 +0100)]
Add CVEs for security issues fixed in 3.0.31

3 years agohandle_established_connection(): Add parentheses to clarify an expression
Fabian Keil [Tue, 2 Feb 2021 11:13:39 +0000 (12:13 +0100)]
handle_established_connection(): Add parentheses to clarify an expression

Suggested by: David Binderman

3 years agoAdd CVEs for security issues fixed in 3.0.29
Fabian Keil [Tue, 2 Feb 2021 10:22:03 +0000 (11:22 +0100)]
Add CVEs for security issues fixed in 3.0.29

3 years agocontinue_https_chat(): Explicitly unset CSP_FLAG_CLIENT_CONNECTION_KEEP_ALIVE
Fabian Keil [Mon, 1 Feb 2021 12:14:16 +0000 (13:14 +0100)]
continue_https_chat(): Explicitly unset CSP_FLAG_CLIENT_CONNECTION_KEEP_ALIVE

... if process_encrypted_request() fails.

This makes it more obvious that the connection will not be reused.
Previously serve() relied on CSP_FLAG_SERVER_CONTENT_LENGTH_SET
and CSP_FLAG_CHUNKED being unset.

Inspired by a patch from Joshua Rogers.

3 years agodecompress_iob(): Improve a comment
Fabian Keil [Fri, 29 Jan 2021 11:16:22 +0000 (12:16 +0100)]
decompress_iob(): Improve a comment

3 years agodecompress_iob(): Add periods to a couple of log messages
Fabian Keil [Thu, 28 Jan 2021 20:10:28 +0000 (21:10 +0100)]
decompress_iob(): Add periods to a couple of log messages

3 years agodeveloper-manual: Add pushing the created tag to the release steps
Fabian Keil [Thu, 28 Jan 2021 10:58:07 +0000 (11:58 +0100)]
developer-manual: Add pushing the created tag to the release steps

3 years agocgi_send_user_manual(): Also reject requests if the user-manual
Fabian Keil [Tue, 26 Jan 2021 09:28:48 +0000 (10:28 +0100)]
cgi_send_user_manual(): Also reject requests if the user-manual

... directive specifies a https:// URL.

Previously Privoxy would try and fail to open a local file.

3 years agoRebuild HTML man page for 3.0.32 UNRELEASED
Fabian Keil [Wed, 3 Feb 2021 10:10:34 +0000 (11:10 +0100)]
Rebuild HTML man page for 3.0.32 UNRELEASED

3 years agoRebuild man page for 3.0.32 UNRELEASED
Fabian Keil [Wed, 3 Feb 2021 10:09:51 +0000 (11:09 +0100)]
Rebuild man page for 3.0.32 UNRELEASED

3 years agoRebuild docs for 3.0.32 UNRELEASED
Fabian Keil [Wed, 3 Feb 2021 10:09:17 +0000 (11:09 +0100)]
Rebuild docs for 3.0.32 UNRELEASED

3 years agoBump SMGL entities for 3.0.32 UNRELEASED
Fabian Keil [Wed, 3 Feb 2021 10:05:46 +0000 (11:05 +0100)]
Bump SMGL entities for 3.0.32 UNRELEASED

3 years agoBump version to 3.0.32 UNRELEASED
Fabian Keil [Tue, 2 Feb 2021 10:59:05 +0000 (11:59 +0100)]
Bump version to 3.0.32 UNRELEASED

3 years agoUpdate RSS feed for the 3.0.31 releases
Fabian Keil [Sun, 31 Jan 2021 09:40:31 +0000 (10:40 +0100)]
Update RSS feed for the 3.0.31 releases

3 years agoDebian: Merge 3.0.31 release and prepare 3.0.32 GIT snapshot.
Roland Rosenfeld [Sat, 30 Jan 2021 21:04:14 +0000 (22:04 +0100)]
Debian: Merge 3.0.31 release and prepare 3.0.32 GIT snapshot.

3 years agodebian/copyright updated to new version.
Roland Rosenfeld [Sat, 30 Jan 2021 21:05:02 +0000 (22:05 +0100)]
debian/copyright updated to new version.

3 years agoremember to configure the locally installed docs in config.txt
Lee [Sat, 30 Jan 2021 19:13:16 +0000 (14:13 -0500)]
remember to configure the locally installed docs in config.txt

3 years agoRegenerate config file for 3.0.31 stable v_3_0_31
Fabian Keil [Sat, 30 Jan 2021 16:58:12 +0000 (17:58 +0100)]
Regenerate config file for 3.0.31 stable

3 years agoRegenerate HTML man page
Fabian Keil [Sat, 30 Jan 2021 16:56:52 +0000 (17:56 +0100)]
Regenerate HTML man page

3 years agoRebuild man page for 3.0.31 stable
Fabian Keil [Sat, 30 Jan 2021 16:54:34 +0000 (17:54 +0100)]
Rebuild man page for 3.0.31 stable

3 years agoUpdate announcement for Privoxy 3.0.31 stable
Fabian Keil [Sat, 30 Jan 2021 16:46:55 +0000 (17:46 +0100)]
Update announcement for Privoxy 3.0.31 stable

3 years agoRebuild docs for 3.0.31 stable
Fabian Keil [Sat, 30 Jan 2021 16:34:42 +0000 (17:34 +0100)]
Rebuild docs for 3.0.31 stable

3 years agoBump SMGL entities for 3.0.31 stable
Fabian Keil [Sat, 30 Jan 2021 16:36:42 +0000 (17:36 +0100)]
Bump SMGL entities for 3.0.31 stable

3 years agoAdd Joshua Rogers as contributor
Fabian Keil [Sat, 30 Jan 2021 16:33:19 +0000 (17:33 +0100)]
Add Joshua Rogers as contributor

3 years agoImport changes for Privoxy 3.0.31 stable
Fabian Keil [Sat, 30 Jan 2021 16:31:33 +0000 (17:31 +0100)]
Import changes for Privoxy 3.0.31 stable

3 years agoAdd ChangeLog entries for 3.0.31 stable
Fabian Keil [Sat, 30 Jan 2021 16:10:55 +0000 (17:10 +0100)]
Add ChangeLog entries for 3.0.31 stable

3 years agodecompress_iob(): Fix a memory leak
Fabian Keil [Thu, 28 Jan 2021 17:02:56 +0000 (18:02 +0100)]
decompress_iob(): Fix a memory leak

... when decompression fails "unexpectedly".

OVE-20210128-0001.

3 years agodecompress_iob(): Fix detection of insufficient data
Fabian Keil [Thu, 28 Jan 2021 15:26:45 +0000 (16:26 +0100)]
decompress_iob(): Fix detection of insufficient data

Instead of checking the size of the iob we have to
check the size of the actual data.

Previously Privoxy could try to work on uninitialized data.

3 years agoparse_cgi_parameters(): Make sure the maximum number of segments is large enough
Fabian Keil [Sat, 30 Jan 2021 14:04:17 +0000 (15:04 +0100)]
parse_cgi_parameters(): Make sure the maximum number of segments is large enough

... for ssplit() to succeed.

Prevents an assertion from getting triggered. OVE-20210130-0001.

Reported by: Joshua Rogers (Opera)

3 years agoBump version to 3.0.31 stable
Fabian Keil [Sat, 30 Jan 2021 16:02:48 +0000 (17:02 +0100)]
Bump version to 3.0.31 stable

3 years agoDebian: Support nodoc build option.
Roland Rosenfeld [Fri, 29 Jan 2021 16:50:02 +0000 (17:50 +0100)]
Debian: Support nodoc build option.

3 years agodebian/source/lintian-overrides: Remove unused override.
Roland Rosenfeld [Fri, 29 Jan 2021 16:49:28 +0000 (17:49 +0100)]
debian/source/lintian-overrides: Remove unused override.

3 years agoFix debian version number.
Roland Rosenfeld [Thu, 28 Jan 2021 20:56:00 +0000 (21:56 +0100)]
Fix debian version number.

3 years agoRebuild config file v_3_0_30
Fabian Keil [Thu, 28 Jan 2021 10:35:49 +0000 (11:35 +0100)]
Rebuild config file

3 years agoAdd missing actionsfile directive
Fabian Keil [Thu, 28 Jan 2021 10:34:51 +0000 (11:34 +0100)]
Add missing actionsfile directive

3 years agowindows: Enable extended statistics and pcre host patterns
Fabian Keil [Wed, 27 Jan 2021 16:43:04 +0000 (17:43 +0100)]
windows: Enable extended statistics and pcre host patterns

... when configuring.

No objections from: Lee

3 years agoRebuild HTML man page
Fabian Keil [Tue, 26 Jan 2021 08:08:51 +0000 (09:08 +0100)]
Rebuild HTML man page

3 years agoRebuild man page
Fabian Keil [Tue, 26 Jan 2021 08:08:02 +0000 (09:08 +0100)]
Rebuild man page

3 years agoRebuild docs
Fabian Keil [Tue, 26 Jan 2021 08:06:58 +0000 (09:06 +0100)]
Rebuild docs

3 years agoAdd two new ChangeLog entries
Fabian Keil [Tue, 26 Jan 2021 08:05:45 +0000 (09:05 +0100)]
Add two new ChangeLog entries

3 years agoannouncement: Add two new ChangeLog entries
Fabian Keil [Tue, 26 Jan 2021 08:02:54 +0000 (09:02 +0100)]
announcement: Add two new ChangeLog entries

3 years agoAdd two more ChangeLog entries
Fabian Keil [Tue, 26 Jan 2021 08:00:52 +0000 (09:00 +0100)]
Add two more ChangeLog entries

3 years agoBump copyright
Fabian Keil [Tue, 26 Jan 2021 06:57:38 +0000 (07:57 +0100)]
Bump copyright

3 years agoLet the uninstall target remove the config file if DESTDIR is set
Fabian Keil [Tue, 26 Jan 2021 06:29:37 +0000 (07:29 +0100)]
Let the uninstall target remove the config file if DESTDIR is set

... and properly announce the deletion of the configuration files.

Apparently I broke this in 2008 (cc77d4eec4).

3 years agoUpdate MAN_DEST to use man section 8
Fabian Keil [Tue, 26 Jan 2021 06:21:15 +0000 (07:21 +0100)]
Update MAN_DEST to use man section 8

3 years agoFix a regression test
Fabian Keil [Mon, 25 Jan 2021 20:33:01 +0000 (21:33 +0100)]
Fix a regression test

Even with FEATURE_GRACEFUL_TERMINATION enabled the request
for http://p.p/die will result in status code 403 as no
trusted Referer is set.

3 years agoOnly compile ssl_release() when FEATURE_GRACEFUL_TERMINATION is enabled
Fabian Keil [Mon, 25 Jan 2021 17:55:06 +0000 (18:55 +0100)]
Only compile ssl_release() when FEATURE_GRACEFUL_TERMINATION is enabled

3 years agoFix build with LibreSSL 3.3.1
Fabian Keil [Mon, 25 Jan 2021 15:56:29 +0000 (16:56 +0100)]
Fix build with LibreSSL 3.3.1

3 years agoannouncement: Add Windows 10 to the list of supported operating systems
Fabian Keil [Mon, 25 Jan 2021 13:35:13 +0000 (14:35 +0100)]
announcement: Add Windows 10 to the list of supported operating systems

3 years agoannouncement: Use the participate and donate redirect links
Fabian Keil [Mon, 25 Jan 2021 13:34:13 +0000 (14:34 +0100)]
announcement: Use the participate and donate redirect links

3 years agoUpdate announcement for 3.0.30 stable
Fabian Keil [Mon, 25 Jan 2021 13:32:50 +0000 (14:32 +0100)]
Update announcement for 3.0.30 stable

3 years agoRebuild user manual with changes for 3.0.30 stable
Fabian Keil [Mon, 25 Jan 2021 13:17:17 +0000 (14:17 +0100)]
Rebuild user manual with changes for 3.0.30 stable