privoxy.git
3 years agoprivoxy-regression-test: Add a --check-bad-ssl option
Fabian Keil [Sun, 24 Jan 2021 11:25:54 +0000 (12:25 +0100)]
privoxy-regression-test: Add a --check-bad-ssl option

... that can be used to verify that Privoxy detects
certificate problems when accessing the test sites
from badssl.com.

3 years agossl_send_certificate_error(): Update the LOG_LEVEL_CLF message to use status code 403
Fabian Keil [Sun, 24 Jan 2021 11:00:45 +0000 (12:00 +0100)]
ssl_send_certificate_error(): Update the LOG_LEVEL_CLF message to use status code 403

Follow-up for f048c3c93d1.

3 years agoMinor ChangeLog improvements
Fabian Keil [Sat, 23 Jan 2021 18:37:20 +0000 (19:37 +0100)]
Minor ChangeLog improvements

3 years agoAdd ChangeLog entries for changes from 2ecae81f1 to ee191563e8
Fabian Keil [Sat, 23 Jan 2021 15:55:25 +0000 (16:55 +0100)]
Add ChangeLog entries for changes from 2ecae81f1 to ee191563e8

3 years agoprivoxy-log-parser: Highlight: 'Chunk size 291 exceeds buffered data left. Already...
Fabian Keil [Sat, 23 Jan 2021 13:41:07 +0000 (14:41 +0100)]
privoxy-log-parser: Highlight: 'Chunk size 291 exceeds buffered data left. Already digested 69894 of 69957 buffered bytes.'

3 years agoprivoxy-log-parser: Highlight: "filtering request body from client 127.0.0.1 (size...
Fabian Keil [Sat, 23 Jan 2021 13:08:12 +0000 (14:08 +0100)]
privoxy-log-parser: Highlight: "filtering request body from client 127.0.0.1 (size 958) with 'null-filter' produced 0 hits (new size 958)."

3 years agopcrs_filter_impl(): Improve wording of a log message
Fabian Keil [Sat, 23 Jan 2021 13:00:10 +0000 (14:00 +0100)]
pcrs_filter_impl(): Improve wording of a log message

3 years agoreceive_chunked_client_request_body(): Fix language of an error message
Fabian Keil [Sat, 23 Jan 2021 12:55:07 +0000 (13:55 +0100)]
receive_chunked_client_request_body(): Fix language of an error message

3 years agoBlock requests for trc-events.taboola.com/
Fabian Keil [Fri, 22 Jan 2021 12:23:07 +0000 (13:23 +0100)]
Block requests for trc-events.taboola.com/

3 years agolisten_loop(): Split long line in two
Fabian Keil [Fri, 22 Jan 2021 12:02:50 +0000 (13:02 +0100)]
listen_loop(): Split long line in two

3 years agolisten_loop(): Delay the call to ssl_release()
Fabian Keil [Fri, 22 Jan 2021 12:01:35 +0000 (13:01 +0100)]
listen_loop(): Delay the call to ssl_release()

... and only release the TLS backend resources if there
are no active connections left.

Prevents crashes when exiting "gracefully" at the wrong time.

3 years agosig_handler(): Split a long line in two
Fabian Keil [Fri, 22 Jan 2021 11:58:46 +0000 (12:58 +0100)]
sig_handler(): Split a long line in two

3 years agoprivoxy-log-parser: Highlight "Client tag 'forward-directly' matches"
Fabian Keil [Fri, 22 Jan 2021 10:12:40 +0000 (11:12 +0100)]
privoxy-log-parser: Highlight "Client tag 'forward-directly' matches"

3 years agoprivoxy-log-parser: Higlight "Enlisting tag 'forward-directly' for client 127.0.0.1."
Fabian Keil [Fri, 22 Jan 2021 10:11:41 +0000 (11:11 +0100)]
privoxy-log-parser: Higlight "Enlisting tag 'forward-directly' for client 127.0.0.1."

3 years agoAdd periods to a couple of tagging-related log messages
Fabian Keil [Fri, 22 Jan 2021 10:17:50 +0000 (11:17 +0100)]
Add periods to a couple of tagging-related log messages

3 years agoFix documented error code of host_to_hash()
Fabian Keil [Fri, 22 Jan 2021 08:15:01 +0000 (09:15 +0100)]
Fix documented error code of host_to_hash()

3 years agoMbedTLS: Use mbedtls_md5_ret() instead of mbedtls_md5()
Fabian Keil [Fri, 22 Jan 2021 08:13:14 +0000 (09:13 +0100)]
MbedTLS: Use mbedtls_md5_ret() instead of mbedtls_md5()

As Roland pointed out the latter has been deprecated
years ago and causes a warning on Debian GNU/Linux.

3 years agoLet the crude-parental filter provide a short reason when blocking
Fabian Keil [Thu, 21 Jan 2021 14:05:08 +0000 (15:05 +0100)]
Let the crude-parental filter provide a short reason when blocking

While at it, add new lines at the end of the block page.

3 years ago15_mansection8 and 35_man-spelling are now incorporated upstream.
Roland Rosenfeld [Thu, 21 Jan 2021 17:52:20 +0000 (18:52 +0100)]
15_mansection8 and 35_man-spelling are now incorporated upstream.

3 years agoAdd #187: There should be a convenient way to see the versions of the libraries Privo...
Fabian Keil [Wed, 20 Jan 2021 17:54:44 +0000 (18:54 +0100)]
Add #187: There should be a convenient way to see the versions of the libraries Privoxy is using

3 years agoRegenerate developer manual with the updated man page reference
Fabian Keil [Wed, 20 Jan 2021 17:44:34 +0000 (18:44 +0100)]
Regenerate developer manual with the updated man page reference

3 years agoprivoxy-regression-test: Update Privoxy man page reference now that the section is 8
Fabian Keil [Wed, 20 Jan 2021 17:43:33 +0000 (18:43 +0100)]
privoxy-regression-test: Update Privoxy man page reference now that the section is 8

3 years agouagen: Update Privoxy man page reference now that the section is 8
Fabian Keil [Wed, 20 Jan 2021 17:43:16 +0000 (18:43 +0100)]
uagen: Update Privoxy man page reference now that the section is 8

3 years agoprivoxy-log-parser: Update Privoxy man page reference now that the section is 8
Fabian Keil [Wed, 20 Jan 2021 17:43:07 +0000 (18:43 +0100)]
privoxy-log-parser: Update Privoxy man page reference now that the section is 8

3 years agop-authors.sgml: Update man page section which has been changed to 8
Fabian Keil [Wed, 20 Jan 2021 17:41:23 +0000 (18:41 +0100)]
p-authors.sgml: Update man page section which has been changed to 8

3 years agodeveloper-manual: Update man page section which has been changed to 8
Fabian Keil [Wed, 20 Jan 2021 17:41:07 +0000 (18:41 +0100)]
developer-manual: Update man page section which has been changed to 8

3 years agoRename privoxy.1 to privoxy.8
Fabian Keil [Wed, 20 Jan 2021 17:35:51 +0000 (18:35 +0100)]
Rename privoxy.1 to privoxy.8

Suggested by Roland.

3 years agoMove man page from man section 1 to man section 8.
Roland Rosenfeld [Mon, 21 Apr 2003 09:11:31 +0000 (11:11 +0200)]
Move man page from man section 1 to man section 8.

3 years agoprivoxy-log-parser: Fix perldoc typo
Roland Rosenfeld [Sun, 1 May 2016 12:21:22 +0000 (14:21 +0200)]
privoxy-log-parser: Fix perldoc typo

3 years agoChange wildcard_dst to short to reduce the size of struct access_control_list
Fabian Keil [Thu, 21 Jan 2021 10:48:52 +0000 (11:48 +0100)]
Change wildcard_dst to short to reduce the size of struct access_control_list

3 years agoRearrange struct client_state to reduce memory on amd64
Fabian Keil [Thu, 21 Jan 2021 10:41:47 +0000 (11:41 +0100)]
Rearrange struct client_state to reduce memory on amd64

Move content_type up and change ssl_with_server_is_opened
and ssl_with_client_is_opened to short.

3 years agoRearrange members of struct http_request to reduce padding on amd64
Fabian Keil [Thu, 21 Jan 2021 10:28:24 +0000 (11:28 +0100)]
Rearrange members of struct http_request to reduce padding on amd64

While at it, change member 'ssl' to short to save memory.

3 years agoRearrange members of struct reusable_connection
Fabian Keil [Thu, 21 Jan 2021 10:25:39 +0000 (11:25 +0100)]
Rearrange members of struct reusable_connection

... to save 4 bytes of padding on amd64.

3 years agoReorder gateway_host in struct forward_spec to save memory
Fabian Keil [Thu, 21 Jan 2021 10:22:26 +0000 (11:22 +0100)]
Reorder gateway_host in struct forward_spec to save memory

3 years agoReorder need_bind in struct configuration_spec to save memory
Fabian Keil [Thu, 21 Jan 2021 10:20:12 +0000 (11:20 +0100)]
Reorder need_bind in struct configuration_spec to save memory

3 years agoReorder dcount in the url_spec struct to save memory
Fabian Keil [Thu, 21 Jan 2021 10:13:19 +0000 (11:13 +0100)]
Reorder dcount in the url_spec struct to save memory

3 years agoOptimize debian/rules clean to restore pristine state.
Roland Rosenfeld [Wed, 20 Jan 2021 18:56:07 +0000 (19:56 +0100)]
Optimize debian/rules clean to restore pristine state.

3 years agoPrepare Debian release 3.0.30-1~pp-1.
Roland Rosenfeld [Wed, 20 Jan 2021 18:45:14 +0000 (19:45 +0100)]
Prepare Debian release 3.0.30-1~pp-1.

3 years agoRebuild HTML man page for Privoxy 3.0.30 stable
Fabian Keil [Wed, 20 Jan 2021 15:21:20 +0000 (16:21 +0100)]
Rebuild HTML man page for Privoxy 3.0.30 stable

3 years agoRebuild privoxy.1 for Privoxy 3.0.30 stable
Fabian Keil [Wed, 20 Jan 2021 15:20:31 +0000 (16:20 +0100)]
Rebuild privoxy.1 for Privoxy 3.0.30 stable

3 years agoRebuild docs
Fabian Keil [Wed, 20 Jan 2021 15:18:51 +0000 (16:18 +0100)]
Rebuild docs

3 years agoBump SMGL entities for 3.0.30 stable
Fabian Keil [Wed, 20 Jan 2021 15:17:54 +0000 (16:17 +0100)]
Bump SMGL entities for 3.0.30 stable

3 years agoAdd ChangeLog entries for changes from 91f9e616645 to 2ecae81f1
Fabian Keil [Wed, 20 Jan 2021 15:10:15 +0000 (16:10 +0100)]
Add ChangeLog entries for changes from 91f9e616645 to 2ecae81f1

3 years agojs-annoyances filter: Remove a duplicate pcrs command
Fabian Keil [Tue, 19 Jan 2021 19:29:34 +0000 (20:29 +0100)]
js-annoyances filter: Remove a duplicate pcrs command

3 years agossl_send_certificate_error(): Send the error message with status code 403 instead...
Fabian Keil [Mon, 18 Jan 2021 17:33:11 +0000 (18:33 +0100)]
ssl_send_certificate_error(): Send the error message with status code 403 instead of 200

3 years agoBump copyright
Fabian Keil [Mon, 18 Jan 2021 15:08:53 +0000 (16:08 +0100)]
Bump copyright

3 years agoRename slackware/rc.privoxy.orig to slackware/rc.privoxy.in
Fabian Keil [Mon, 18 Jan 2021 15:01:59 +0000 (16:01 +0100)]
Rename slackware/rc.privoxy.orig to slackware/rc.privoxy.in

... as suggested by Roland. This shold silence complaints
when building Debian packages and hopefully still works
on Slackware ...

3 years agoDeveloper manual: Optimize Debian build instructions.
Roland Rosenfeld [Tue, 19 Jan 2021 21:41:38 +0000 (22:41 +0100)]
Developer manual: Optimize Debian build instructions.

3 years agoFix typo
Fabian Keil [Tue, 19 Jan 2021 10:51:41 +0000 (11:51 +0100)]
Fix typo

3 years agoAdd #186: Privoxy should handle "OPTIONS *" requests properly
Fabian Keil [Tue, 19 Jan 2021 10:51:31 +0000 (11:51 +0100)]
Add #186: Privoxy should handle "OPTIONS *" requests properly

3 years agoFix comment typo
Fabian Keil [Tue, 19 Jan 2021 10:18:24 +0000 (11:18 +0100)]
Fix comment typo

3 years agoAdd a period to the 'Graceful termination requested' message
Fabian Keil [Tue, 19 Jan 2021 09:39:57 +0000 (10:39 +0100)]
Add a period to the 'Graceful termination requested' message

3 years agoLog a message right before exiting gracefully
Fabian Keil [Tue, 19 Jan 2021 09:10:46 +0000 (10:10 +0100)]
Log a message right before exiting gracefully

3 years agoRebuild docs
Fabian Keil [Mon, 18 Jan 2021 14:12:59 +0000 (15:12 +0100)]
Rebuild docs

3 years agoMention the imdb filter in the user-manual
Fabian Keil [Mon, 18 Jan 2021 14:10:19 +0000 (15:10 +0100)]
Mention the imdb filter in the user-manual

3 years agoMention the sourceforge filter in the user-manual
Fabian Keil [Mon, 18 Jan 2021 14:09:23 +0000 (15:09 +0100)]
Mention the sourceforge filter in the user-manual

3 years agoMention the github filter in the user-manual
Fabian Keil [Mon, 18 Jan 2021 14:08:17 +0000 (15:08 +0100)]
Mention the github filter in the user-manual

3 years agoBump copyright
Fabian Keil [Mon, 18 Jan 2021 13:37:48 +0000 (14:37 +0100)]
Bump copyright

3 years agoAdd an imdb filter
Fabian Keil [Mon, 18 Jan 2021 13:57:22 +0000 (14:57 +0100)]
Add an imdb filter

3 years agoAdd a sourceforge filter
Fabian Keil [Mon, 18 Jan 2021 13:52:58 +0000 (14:52 +0100)]
Add a sourceforge filter

... that reduces the amount of ads for proprietary software.

3 years agoAdd a github filter
Fabian Keil [Mon, 18 Jan 2021 13:49:39 +0000 (14:49 +0100)]
Add a github filter

... that removes the annoying "Sign-Up" banner and the Cookie disclaimer.

3 years agoDeclare Privoxy 3.0.30 stable
Fabian Keil [Mon, 18 Jan 2021 19:21:20 +0000 (20:21 +0100)]
Declare Privoxy 3.0.30 stable

3 years agoprivoxy-log-parser: Highlight 'Sending data on socket 33 over TLS/SSL failed: no...
Fabian Keil [Mon, 18 Jan 2021 14:01:55 +0000 (15:01 +0100)]
privoxy-log-parser: Highlight 'Sending data on socket 33 over TLS/SSL failed: no TLS/SSL errors detected'

3 years agoAdd ChangeLog entries for changes from 639c42d7ab7 to 91f9e616645
Fabian Keil [Mon, 18 Jan 2021 18:27:44 +0000 (19:27 +0100)]
Add ChangeLog entries for changes from 639c42d7ab7 to 91f9e616645

3 years agoRebuild developer manual
Fabian Keil [Mon, 18 Jan 2021 10:49:45 +0000 (11:49 +0100)]
Rebuild developer manual

3 years agodeveloper-manual: Bump copyright
Fabian Keil [Mon, 18 Jan 2021 12:45:17 +0000 (13:45 +0100)]
developer-manual: Bump copyright

3 years agodeveloper-manual: Add more build instructions for Debian
Fabian Keil [Mon, 18 Jan 2021 10:48:41 +0000 (11:48 +0100)]
developer-manual: Add more build instructions for Debian

... as submitted by Roland to privoxy-devel@ with some
markup added.

3 years agoRelocate CERT_INFO_PREFIX to ssl.c
Fabian Keil [Mon, 18 Jan 2021 03:31:09 +0000 (04:31 +0100)]
Relocate CERT_INFO_PREFIX to ssl.c

The OpenSSL code doesn't use it.

3 years agombedTLS ssl_crt_verify_info(): Ditch trailing new line
Fabian Keil [Mon, 18 Jan 2021 00:59:40 +0000 (01:59 +0100)]
mbedTLS ssl_crt_verify_info(): Ditch trailing new line

It's not needed for the certificate-error page and it
messed up the "Crunch:" message by splitting it in two.

While at it, remove the leading space which serves no
obvious purpose.

3 years agoUpdate #184: Add ETA for the wolfSSL support
Fabian Keil [Mon, 18 Jan 2021 00:11:34 +0000 (01:11 +0100)]
Update #184: Add ETA for the wolfSSL support

3 years agoAdd #185: generate_host_certificate() should only be called when necessary
Fabian Keil [Mon, 18 Jan 2021 00:10:13 +0000 (01:10 +0100)]
Add #185: generate_host_certificate() should only be called when necessary

3 years agoDisable fast-redirects for .gravater.com/
Fabian Keil [Sun, 17 Jan 2021 16:53:23 +0000 (17:53 +0100)]
Disable fast-redirects for .gravater.com/

... instead of secure.gravatar.com/.

3 years agoBump copyright
Fabian Keil [Sun, 17 Jan 2021 13:42:22 +0000 (14:42 +0100)]
Bump copyright

3 years agoenforce_sane_certificate_state(): Also deal with certificates without key
Fabian Keil [Mon, 18 Jan 2021 02:49:39 +0000 (03:49 +0100)]
enforce_sane_certificate_state(): Also deal with certificates without key

... by removing the certificate.

3 years agoFactor out enforce_sane_certificate_state()
Fabian Keil [Sat, 16 Jan 2021 13:52:55 +0000 (14:52 +0100)]
Factor out enforce_sane_certificate_state()

3 years agoOpenSSL ssl_store_cert(): Fix an error message
Fabian Keil [Fri, 15 Jan 2021 16:57:43 +0000 (17:57 +0100)]
OpenSSL ssl_store_cert(): Fix an error message

3 years agombedTLS: Rename generate_webpage_certificate() to generate_host_certificate()
Fabian Keil [Sat, 16 Jan 2021 08:12:45 +0000 (09:12 +0100)]
mbedTLS: Rename generate_webpage_certificate() to generate_host_certificate()

The generated certificate is host-specific not page-specific.

3 years agoOpenSSL: Rename generate_webpage_certificate() to generate_host_certificate()
Fabian Keil [Sat, 16 Jan 2021 08:12:00 +0000 (09:12 +0100)]
OpenSSL: Rename generate_webpage_certificate() to generate_host_certificate()

The generated certificate is host-specific not page-specific.

3 years agoOpenSSL: Save memory allocations in generate_key()
Fabian Keil [Sat, 16 Jan 2021 08:39:45 +0000 (09:39 +0100)]
OpenSSL: Save memory allocations in generate_key()

... if the key already exists.

3 years agoOpenSSL ssl_base64_encode(): Fix buffer size check
Fabian Keil [Thu, 14 Jan 2021 10:58:12 +0000 (11:58 +0100)]
OpenSSL ssl_base64_encode(): Fix buffer size check

In practice it didn't matter because Privoxy always
provides a sufficiently-sized buffer.

3 years agoOpenSSL ssl_certificate_is_invalid(): Remove a log message
Fabian Keil [Wed, 13 Jan 2021 15:24:55 +0000 (16:24 +0100)]
OpenSSL ssl_certificate_is_invalid(): Remove a log message

... if the certificate can't be read.

ssl_certificate_load() already emits an error message.

3 years agoRegenerate config file
Fabian Keil [Sat, 16 Jan 2021 19:42:11 +0000 (20:42 +0100)]
Regenerate config file

3 years agoRegenerate user-manual
Fabian Keil [Sat, 16 Jan 2021 19:41:28 +0000 (20:41 +0100)]
Regenerate user-manual

3 years agoExplicitly mention that the CA key is used to sign certificates
Fabian Keil [Sat, 16 Jan 2021 16:50:56 +0000 (17:50 +0100)]
Explicitly mention that the CA key is used to sign certificates

3 years agoprivoxy-log-parser: Properly deal with 'Certificate error' crunches
Fabian Keil [Mon, 18 Jan 2021 00:29:42 +0000 (01:29 +0100)]
privoxy-log-parser: Properly deal with 'Certificate error' crunches

Previously the error description was highlighted as 'host'.

3 years agoprivoxy-log-parser: Highlight: 'Flushed 3153 bytes of request body'
Fabian Keil [Tue, 12 Jan 2021 10:07:33 +0000 (11:07 +0100)]
privoxy-log-parser: Highlight: 'Flushed 3153 bytes of request body'

3 years agoprivoxy-log-parser: Highlight 'The last 12078 bytes of the request body have been...
Fabian Keil [Mon, 11 Jan 2021 07:48:39 +0000 (08:48 +0100)]
privoxy-log-parser: Highlight 'The last 12078 bytes of the request body have been read'

3 years agoRebuild docs
Fabian Keil [Fri, 11 Dec 2020 06:24:24 +0000 (07:24 +0100)]
Rebuild docs

3 years agoAdd Aaron Linville as contributor
Fabian Keil [Thu, 10 Dec 2020 20:14:42 +0000 (21:14 +0100)]
Add Aaron Linville as contributor

3 years agoAdd new 'allow-autocompletion' filter
Fabian Keil [Thu, 10 Dec 2020 20:10:47 +0000 (21:10 +0100)]
Add new 'allow-autocompletion' filter

... which changes autocomplete="off" to "on" on input fields to
allow autocompletion.

Requested by Jamie Zawinski in #370.
Filter based on a submission by Aaron Linville.

3 years agoGit snapshot "release".
Roland Rosenfeld [Sun, 17 Jan 2021 12:40:14 +0000 (13:40 +0100)]
Git snapshot "release".
Update all patches to new version.
39_show-status and 40_redirect-ssl are now incorporated upstream.

3 years agoMerge Debian version 3.0.29-2
Roland Rosenfeld [Sun, 17 Jan 2021 12:31:42 +0000 (13:31 +0100)]
Merge Debian version 3.0.29-2

3 years agoMerge Debian 3.0.29-1 version.
Roland Rosenfeld [Sun, 17 Jan 2021 12:28:07 +0000 (13:28 +0100)]
Merge Debian 3.0.29-1 version.

3 years agoOpenSSL ssl_recv_data(): Include the actual fd in an error message
Fabian Keil [Tue, 12 Jan 2021 08:38:50 +0000 (09:38 +0100)]
OpenSSL ssl_recv_data(): Include the actual fd in an error message

3 years agoopenssl.c: Fix comment typo
Fabian Keil [Tue, 12 Jan 2021 12:25:44 +0000 (13:25 +0100)]
openssl.c: Fix comment typo

3 years agoconfigure: Clarify comments about OpenSSL and mbedTLS support
Fabian Keil [Tue, 12 Jan 2021 07:03:28 +0000 (08:03 +0100)]
configure: Clarify comments about OpenSSL and mbedTLS support

They aren't both required, enabling either one is sufficient
to get https inspection working.

3 years agoconfigure.in: Bail out if OpenSSL and mbedTLS are enabled at the same time
Fabian Keil [Tue, 12 Jan 2021 06:46:07 +0000 (07:46 +0100)]
configure.in: Bail out if OpenSSL and mbedTLS are enabled at the same time

3 years agoconfigure.in: Remove left-over OS/2 code
Fabian Keil [Tue, 12 Jan 2021 06:43:41 +0000 (07:43 +0100)]
configure.in: Remove left-over OS/2 code

3 years agoNote that #18 is work in progress
Fabian Keil [Wed, 13 Jan 2021 08:53:51 +0000 (09:53 +0100)]
Note that #18 is work in progress

3 years agoTODO #1: Add another reference
Fabian Keil [Tue, 12 Jan 2021 05:14:59 +0000 (06:14 +0100)]
TODO #1: Add another reference