privoxy.git
3 years agoUnblock adguard.com/
Fabian Keil [Fri, 12 Mar 2021 12:36:00 +0000 (13:36 +0100)]
Unblock adguard.com/

3 years agoAdd #200: Add a config directive that causes Privoxy to remove all host certificates...
Fabian Keil [Sat, 27 Feb 2021 00:54:19 +0000 (01:54 +0100)]
Add #200: Add a config directive that causes Privoxy to remove all host certificates before exiting

3 years agoAdd #199: In actions.c the "#define DEFINE_ACTION_ALIAS 0" lines should probably...
Fabian Keil [Fri, 26 Feb 2021 08:13:20 +0000 (09:13 +0100)]
Add #199: In actions.c the "#define DEFINE_ACTION_ALIAS 0" lines should probably be changed

3 years agoRemove support for the obsolete pcre code
Fabian Keil [Fri, 26 Feb 2021 09:34:13 +0000 (10:34 +0100)]
Remove support for the obsolete pcre code

The actual code will be removed in a seperate commit.

3 years agoOpenSSL ssl_store_cert(): Translate EVP_PKEY_EC to a string
Fabian Keil [Mon, 15 Feb 2021 13:11:48 +0000 (14:11 +0100)]
OpenSSL ssl_store_cert(): Translate EVP_PKEY_EC to a string

3 years agoOpenSSL ssl_store_cert(): Remove pointless variable initialization
Fabian Keil [Sun, 14 Feb 2021 19:32:51 +0000 (20:32 +0100)]
OpenSSL ssl_store_cert(): Remove pointless variable initialization

3 years agoOpenSSL ssl_store_cert(): Initialize pointer with NULL instead of 0
Fabian Keil [Sun, 14 Feb 2021 19:32:11 +0000 (20:32 +0100)]
OpenSSL ssl_store_cert(): Initialize pointer with NULL instead of 0

3 years agohandle_established_connection(): Slightly improve a comment
Fabian Keil [Fri, 12 Mar 2021 11:14:13 +0000 (12:14 +0100)]
handle_established_connection(): Slightly improve a comment

3 years agohandle_established_connection(): Skip the poll()/select() calls
Fabian Keil [Wed, 10 Mar 2021 16:50:53 +0000 (17:50 +0100)]
handle_established_connection(): Skip the poll()/select() calls

... if TLS data is pending on the server socket.

The TLS library may have already consumed all the data from the server
response in which case poll() and select() will not detect that data is
available to be read.

Fixes SF bug #926 reported by Wen Yue.

3 years agohandle_established_connection(): Fix a comment
Fabian Keil [Wed, 10 Mar 2021 16:13:08 +0000 (17:13 +0100)]
handle_established_connection(): Fix a comment

3 years agoload_config(): Add a space that was missing in a log message
Fabian Keil [Wed, 10 Mar 2021 15:08:52 +0000 (16:08 +0100)]
load_config(): Add a space that was missing in a log message

3 years agosocks5_connect(): Fix indentation
Fabian Keil [Tue, 9 Mar 2021 14:01:41 +0000 (15:01 +0100)]
socks5_connect(): Fix indentation

3 years agoAdd Wen Yue as contributor
Fabian Keil [Sat, 6 Mar 2021 17:15:24 +0000 (18:15 +0100)]
Add Wen Yue as contributor

3 years agoEstablish the TLS connection with the client earlier
Fabian Keil [Sat, 6 Mar 2021 16:34:39 +0000 (17:34 +0100)]
Establish the TLS connection with the client earlier

... and decide how to route the request afterwards.

This allows to change the forwarding settings based
on information from the https-inspected request,
for example the path.

Adjust build_request_line() to create a CONNECT
request line when https-inspecting and forwarding
to a HTTP proxy.

Fixes SF bug #925 reported by Wen Yue.

3 years agohandle_established_connection(): Improve an error message
Fabian Keil [Sat, 6 Mar 2021 13:17:44 +0000 (14:17 +0100)]
handle_established_connection(): Improve an error message

3 years agoserve(): Close the client socket as well
Fabian Keil [Sat, 6 Mar 2021 10:52:10 +0000 (11:52 +0100)]
serve(): Close the client socket as well

... if the server socket for an inspected connection has been closed.

Privoxy currently can't establish a new server connection
when the client socket is reused and would drop the connection
in continue_https_chat() anyway.

3 years agocontinue_https_chat(): Update csp->server_connection.request_sent
Fabian Keil [Sat, 6 Mar 2021 09:28:59 +0000 (10:28 +0100)]
continue_https_chat(): Update csp->server_connection.request_sent

... after sending the request to make sure the latency is
calculated correctly.

Previously https connections were not reused after timeout
seconds after the first request made on the connection.

3 years agoDon't disable redirect checkers in redirect_url()
Fabian Keil [Fri, 26 Feb 2021 08:27:57 +0000 (09:27 +0100)]
Don't disable redirect checkers in redirect_url()

Disable them in handle_established_connection() instead.

Doing it in redirect_url() prevented the +redirect{} and
+fast-redirects{} actions from being logged with LOG_LEVEL_ACTIONS.

3 years agoAdd CVEs for security issues fixed in 3.0.32 stable
Fabian Keil [Sat, 6 Mar 2021 08:47:17 +0000 (09:47 +0100)]
Add CVEs for security issues fixed in 3.0.32 stable

3 years agoRebuild docs for 3.0.33 UNRELEASED
Fabian Keil [Fri, 5 Mar 2021 06:02:35 +0000 (07:02 +0100)]
Rebuild docs for 3.0.33 UNRELEASED

3 years agoreadme: Bump copyright
Fabian Keil [Fri, 26 Feb 2021 09:05:43 +0000 (10:05 +0100)]
readme: Bump copyright

3 years agocontacting: Remove obsolete reference to announce.sgml
Fabian Keil [Fri, 26 Feb 2021 08:57:07 +0000 (09:57 +0100)]
contacting: Remove obsolete reference to announce.sgml

3 years agocontacting: Request that the browser cache is cleared before producing a log file...
Fabian Keil [Fri, 26 Feb 2021 08:55:50 +0000 (09:55 +0100)]
contacting: Request that the browser cache is cleared before producing a log file for submission

3 years agoFix comment typos
Fabian Keil [Fri, 26 Feb 2021 07:55:49 +0000 (08:55 +0100)]
Fix comment typos

3 years agofree_pattern_spec(): Don't try to free an invalid pointer
Maxim Antonov [Thu, 4 Mar 2021 15:31:32 +0000 (22:31 +0700)]
free_pattern_spec(): Don't try to free an invalid pointer

... when unloading an action file with a TAG pattern while
Privoxy has been compiled without FEATURE_PCRE_HOST_PATTERNS.

   Thread 1 received signal SIGSEGV, Segmentation fault.
   0x00000008015a8bab in regfree (preg=0x800000000) at pcreposix.c:248
   248 pcreposix.c: No such file or directory.
   (gdb) where
   #0  0x00000008015a8bab in regfree (preg=0x800000000) at pcreposix.c:248
   #1  0x000000000045783a in free_pattern_spec (pattern=0x8029b9110) at urlmatch.c:1284
   #2  0x000000000040705f in unload_actions_file (file_data=0x8029b9070) at actions.c:1006
   #3  0x000000000044a146 in sweep () at loaders.c:248
   #4  0x0000000000439bfa in listen_loop () at jcc.c:6230
   #5  0x0000000000439456 in main (argc=3, argv=0x7fffffffe728) at jcc.c:5726
   (gdb) f 1
   #1  0x000000000045783a in free_pattern_spec (pattern=0x8029b9110) at urlmatch.c:1284
   1284       regfree(pattern->pattern.tag_regex);
   (gdb) p *pattern
   $1 = {spec = 0x0, pattern = {url_spec = {dcount = 0, dbuffer = 0x0, dvec = 0x0, unanchored = 0, port_list = 0x0, preg = 0x0}, tag_regex = 0x800000000}, flags = 16}

Closes: SF patch request #147

3 years agocreate_pattern_spec(): Fix ifdef indentation
Fabian Keil [Thu, 4 Mar 2021 13:07:47 +0000 (14:07 +0100)]
create_pattern_spec(): Fix ifdef indentation

3 years agoSponsor FAQ: Note that Privoxy users may follow sponsor links without Referer header set
Fabian Keil [Thu, 4 Mar 2021 17:29:01 +0000 (18:29 +0100)]
Sponsor FAQ: Note that Privoxy users may follow sponsor links without Referer header set

3 years agonewfeatures: Clarify that https inspection also allows to filter https responses
Fabian Keil [Thu, 4 Mar 2021 17:18:00 +0000 (18:18 +0100)]
newfeatures: Clarify that https inspection also allows to filter https responses

3 years agoFAQ: Bump copyright
Fabian Keil [Thu, 4 Mar 2021 17:12:13 +0000 (18:12 +0100)]
FAQ: Bump copyright

3 years agoprivoxy-regression-test: Remove duplicated word in a comment
Fabian Keil [Sun, 28 Feb 2021 11:14:24 +0000 (12:14 +0100)]
privoxy-regression-test: Remove duplicated word in a comment

3 years agoDisable fast-redirects for .microsoftonline.com/
Fabian Keil [Thu, 4 Mar 2021 11:15:10 +0000 (12:15 +0100)]
Disable fast-redirects for .microsoftonline.com/

3 years agoDisable fast-redirects for idp.springer.com/
Fabian Keil [Sun, 28 Feb 2021 10:07:32 +0000 (11:07 +0100)]
Disable fast-redirects for idp.springer.com/

3 years agoMention that the functions in the file use OpenSSL (or LibreSSL)
Fabian Keil [Fri, 26 Feb 2021 19:48:46 +0000 (20:48 +0100)]
Mention that the functions in the file use OpenSSL (or LibreSSL)

3 years agoMention that the functions in the file use mbedTLS
Fabian Keil [Fri, 26 Feb 2021 19:48:09 +0000 (20:48 +0100)]
Mention that the functions in the file use mbedTLS

3 years agodeveloper-manual: Mention that announce.txt should be updated when doing a release
Fabian Keil [Thu, 25 Feb 2021 18:52:28 +0000 (19:52 +0100)]
developer-manual: Mention that announce.txt should be updated when doing a release

3 years agoBump SMGL entities for 3.0.33 UNRELEASED
Fabian Keil [Fri, 5 Mar 2021 05:58:42 +0000 (06:58 +0100)]
Bump SMGL entities for 3.0.33 UNRELEASED

3 years agoBump version to 3.0.33 UNRELEASED
Fabian Keil [Fri, 26 Feb 2021 16:04:33 +0000 (17:04 +0100)]
Bump version to 3.0.33 UNRELEASED

3 years agoRebuild user manual with updated changes
Fabian Keil [Sun, 28 Feb 2021 09:07:53 +0000 (10:07 +0100)]
Rebuild user manual with updated changes

3 years agoSync changelog.sgml with recent ChangeLog fixes
Fabian Keil [Sun, 28 Feb 2021 09:07:03 +0000 (10:07 +0100)]
Sync changelog.sgml with recent ChangeLog fixes

3 years agoSync announcement with recent ChangeLog fixes
Fabian Keil [Sun, 28 Feb 2021 09:05:50 +0000 (10:05 +0100)]
Sync announcement with recent ChangeLog fixes

3 years agoRemove a duplicated period in the ChangeLog
Fabian Keil [Sun, 28 Feb 2021 09:02:49 +0000 (10:02 +0100)]
Remove a duplicated period in the ChangeLog

3 years agoRemove a duplicated word in the ChangeLog
Fabian Keil [Sun, 28 Feb 2021 09:01:25 +0000 (10:01 +0100)]
Remove a duplicated word in the ChangeLog

3 years agoUpdate RSS feed for the 3.0.33 releases
Fabian Keil [Sun, 28 Feb 2021 08:31:28 +0000 (09:31 +0100)]
Update RSS feed for the 3.0.33 releases

3 years agoDebian: Merge 3.0.32 release and prepare 3.0.33 GIT snapshot.
Roland Rosenfeld [Thu, 25 Feb 2021 21:30:48 +0000 (22:30 +0100)]
Debian: Merge 3.0.32 release and prepare 3.0.33 GIT snapshot.

3 years agoUpdate the announcement for Privoxy 3.0.32 stable v_3_0_32
Fabian Keil [Thu, 25 Feb 2021 18:10:45 +0000 (19:10 +0100)]
Update the announcement for Privoxy 3.0.32 stable

3 years agoRebuild user manual
Fabian Keil [Thu, 25 Feb 2021 15:47:51 +0000 (16:47 +0100)]
Rebuild user manual

3 years agoMention zlib in the 'Third-party licenses and copyrights' section
Fabian Keil [Thu, 25 Feb 2021 15:46:19 +0000 (16:46 +0100)]
Mention zlib in the 'Third-party licenses and copyrights' section

3 years agoRegenerate config file
Fabian Keil [Thu, 25 Feb 2021 15:30:43 +0000 (16:30 +0100)]
Regenerate config file

3 years agoRebuild documentation with updated changelog
Fabian Keil [Thu, 25 Feb 2021 14:46:05 +0000 (15:46 +0100)]
Rebuild documentation with updated changelog

3 years agoImport changes for Privoxy 3.0.32 stable
Fabian Keil [Thu, 25 Feb 2021 14:28:44 +0000 (15:28 +0100)]
Import changes for Privoxy 3.0.32 stable

3 years agoBump copyright
Fabian Keil [Thu, 25 Feb 2021 14:29:09 +0000 (15:29 +0100)]
Bump copyright

3 years agoUpdate ChangeLog
Fabian Keil [Thu, 25 Feb 2021 14:24:04 +0000 (15:24 +0100)]
Update ChangeLog

3 years agouser-manual: Add 'Third-party licenses and copyrights' section
Fabian Keil [Thu, 25 Feb 2021 14:49:08 +0000 (15:49 +0100)]
user-manual: Add 'Third-party licenses and copyrights' section

3 years agoAdd #198: Add a config directive that prevent's IP addresses from being logged
Fabian Keil [Thu, 25 Feb 2021 09:59:55 +0000 (10:59 +0100)]
Add #198: Add a config directive that prevent's IP addresses from being logged

3 years agoObsolete pcre: Prevent invalid memory accesses
Fabian Keil [Mon, 22 Feb 2021 08:17:30 +0000 (09:17 +0100)]
Obsolete pcre: Prevent invalid memory accesses

... with an invalid pattern passed to pcre_compile().

   ==22377== Invalid write of size 1
   ==22377==    at 0x466E37: compile_branch (pcre.c:2001)
   ==22377==    by 0x45FA64: compile_regex (pcre.c:2164)
   ==22377==    by 0x45EE77: pcre_compile (pcre.c:3077)
   ==22377==    by 0x467B6D: regcomp (pcreposix.c:206)
   ==22377==    by 0x456FFF: compile_pattern (urlmatch.c:667)
   ==22377==    by 0x4571F3: compile_url_pattern (urlmatch.c:752)
   ==22377==    by 0x456E46: create_pattern_spec (urlmatch.c:1243)
   ==22377==    by 0x4241DF: get_url_spec_param (cgiedit.c:1870)
   ==22377==    by 0x42448D: cgi_edit_actions_add_url (cgiedit.c:3587)
   ==22377==    by 0x40FCE9: dispatch_known_cgi (cgi.c:588)
   ==22377==    by 0x40FA7A: dispatch_cgi (cgi.c:383)
   ==22377==    by 0x43C511: crunch_response_triggered (jcc.c:920)
   ==22377==  Address 0x7177469 is 4 bytes after a block of size 1,125 alloc'd
   ==22377==    at 0x4C26A44: malloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
   ==22377==    by 0x45ED5C: pcre_compile (pcre.c:3054)
   ==22377==    by 0x467B6D: regcomp (pcreposix.c:206)
   ==22377==    by 0x456FFF: compile_pattern (urlmatch.c:667)
   ==22377==    by 0x4571F3: compile_url_pattern (urlmatch.c:752)
   ==22377==    by 0x456E46: create_pattern_spec (urlmatch.c:1243)
   ==22377==    by 0x4241DF: get_url_spec_param (cgiedit.c:1870)
   ==22377==    by 0x42448D: cgi_edit_actions_add_url (cgiedit.c:3587)
   ==22377==    by 0x40FCE9: dispatch_known_cgi (cgi.c:588)
   ==22377==    by 0x40FA7A: dispatch_cgi (cgi.c:383)
   ==22377==    by 0x43C511: crunch_response_triggered (jcc.c:920)
   ==22377==    by 0x43ADDB: chat (jcc.c:4241)

   ==22377== Invalid read of size 1
   ==22377==    at 0x466FCC: compile_branch (pcre.c:2053)
   ==22377==    by 0x45FA64: compile_regex (pcre.c:2164)
   ==22377==    by 0x45EE77: pcre_compile (pcre.c:3077)
   ==22377==    by 0x467B6D: regcomp (pcreposix.c:206)
   ==22377==    by 0x456FFF: compile_pattern (urlmatch.c:667)
   ==22377==    by 0x4571F3: compile_url_pattern (urlmatch.c:752)
   ==22377==    by 0x456E46: create_pattern_spec (urlmatch.c:1243)
   ==22377==    by 0x4241DF: get_url_spec_param (cgiedit.c:1870)
   ==22377==    by 0x42448D: cgi_edit_actions_add_url (cgiedit.c:3587)
   ==22377==    by 0x40FCE9: dispatch_known_cgi (cgi.c:588)
   ==22377==    by 0x40FA7A: dispatch_cgi (cgi.c:383)
   ==22377==    by 0x43C511: crunch_response_triggered (jcc.c:920)
   ==22377==  Address 0x7176fb1 is 0 bytes after a block of size 1,057 alloc'd
   ==22377==    at 0x4C26A44: malloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
   ==22377==    by 0x44C3F0: malloc_or_die (miscutil.c:194)
   ==22377==    by 0x456FBB: compile_pattern (urlmatch.c:662)
   ==22377==    by 0x4571F3: compile_url_pattern (urlmatch.c:752)
   ==22377==    by 0x456E46: create_pattern_spec (urlmatch.c:1243)
   ==22377==    by 0x4241DF: get_url_spec_param (cgiedit.c:1870)
   ==22377==    by 0x42448D: cgi_edit_actions_add_url (cgiedit.c:3587)
   ==22377==    by 0x40FCE9: dispatch_known_cgi (cgi.c:588)
   ==22377==    by 0x40FA7A: dispatch_cgi (cgi.c:383)
   ==22377==    by 0x43C511: crunch_response_triggered (jcc.c:920)
   ==22377==    by 0x43ADDB: chat (jcc.c:4241)
   ==22377==    by 0x439DA5: serve (jcc.c:4778)

OVE-20210222-0001.

pcre 8.44 does not seem to be affected.

Reported by: Joshua Rogers (Opera)

3 years agosocks5_connect(): Don't try to send credentials when none are configured
Fabian Keil [Sun, 7 Feb 2021 12:24:15 +0000 (13:24 +0100)]
socks5_connect(): Don't try to send credentials when none are configured

Fixes a crash due to a NULL-pointer dereference when
the socks server misbehaves.

OVE-20210207-0001.

Reported by: Joshua Rogers (Opera)

3 years agocgi_send_banner(): Overrule invalid image types
Fabian Keil [Sat, 6 Feb 2021 19:43:06 +0000 (20:43 +0100)]
cgi_send_banner(): Overrule invalid image types

Prevents a crash with a crafted CGI request if
Privoxy is toggled off.

OVE-20210206-0001.

Reported by: Joshua Rogers (Opera)

3 years agochunked_body_is_complete(): Prevent invalid read of size two
Fabian Keil [Fri, 5 Feb 2021 04:06:56 +0000 (05:06 +0100)]
chunked_body_is_complete(): Prevent invalid read of size two

OVE-20210205-0001.

Reported by: Joshua Rogers (Opera)

3 years agossplit(): Remove an assertion
Fabian Keil [Wed, 3 Feb 2021 18:08:20 +0000 (19:08 +0100)]
ssplit(): Remove an assertion

... that could be triggered with a crafted CGI request.

This reverts dc4e311bcf.

OVE-20210203-0001.

Reported by: Joshua Rogers (Opera)

3 years agoRebuild HTML man page for 3.0.32 stable
Fabian Keil [Wed, 24 Feb 2021 01:41:41 +0000 (02:41 +0100)]
Rebuild HTML man page for 3.0.32 stable

3 years agoRebuild docs for 3.0.32 stable
Fabian Keil [Wed, 24 Feb 2021 01:39:50 +0000 (02:39 +0100)]
Rebuild docs for 3.0.32 stable

3 years agoRebuild man page
Fabian Keil [Wed, 24 Feb 2021 01:38:42 +0000 (02:38 +0100)]
Rebuild man page

3 years agoBump SMGL entities for 3.0.32 stable
Fabian Keil [Wed, 24 Feb 2021 01:38:15 +0000 (02:38 +0100)]
Bump SMGL entities for 3.0.32 stable

3 years agocontacting: Bump copyright
Fabian Keil [Mon, 22 Feb 2021 15:01:03 +0000 (16:01 +0100)]
contacting: Bump copyright

3 years agoOpenSSL ssl_store_cert(): Remove a superfluous space before the serial number
Fabian Keil [Mon, 22 Feb 2021 14:49:07 +0000 (15:49 +0100)]
OpenSSL ssl_store_cert(): Remove a superfluous space before the serial number

3 years agoprivoxy-log-parser: Clarify the --statistics ouput
Fabian Keil [Mon, 22 Feb 2021 13:26:27 +0000 (14:26 +0100)]
privoxy-log-parser: Clarify the --statistics ouput

The shown "Reused connections" are server connections so
name them appropriately.

3 years agoconfigure: Bump SOURCE_DATE_EPOCH
Fabian Keil [Mon, 22 Feb 2021 11:16:36 +0000 (12:16 +0100)]
configure: Bump SOURCE_DATE_EPOCH

3 years agoDeclare Privoxy 3.0.32 stable
Fabian Keil [Mon, 22 Feb 2021 11:15:42 +0000 (12:15 +0100)]
Declare Privoxy 3.0.32 stable

3 years agoprivoxy-log-parser: Bump version to 0.9.3
Fabian Keil [Mon, 22 Feb 2021 11:01:59 +0000 (12:01 +0100)]
privoxy-log-parser: Bump version to 0.9.3

3 years agoAdd ChangeLog entries for Changes between v_3_0_31 and f018685d6
Fabian Keil [Mon, 22 Feb 2021 10:58:53 +0000 (11:58 +0100)]
Add ChangeLog entries for Changes between v_3_0_31 and f018685d6

3 years agocontacting: Clarify that 'debug 32768' should be used in addition to the other debug...
Fabian Keil [Mon, 22 Feb 2021 10:46:21 +0000 (11:46 +0100)]
contacting: Clarify that 'debug 32768' should be used in addition to the other debug directives

3 years agoAdd #197: Investigate if parts of Privoxy should get optional replacements written...
Fabian Keil [Mon, 22 Feb 2021 10:37:50 +0000 (11:37 +0100)]
Add #197: Investigate if parts of Privoxy should get optional replacements written in Rust

3 years agodecompress_iob(): Prevent reading of uninitialized data
Fabian Keil [Sun, 7 Feb 2021 16:52:58 +0000 (17:52 +0100)]
decompress_iob(): Prevent reading of uninitialized data

Reported by: Joshua Rogers (Opera).

3 years agodecompress_iob(): Don't advance cur past eod
Fabian Keil [Mon, 8 Feb 2021 09:59:23 +0000 (10:59 +0100)]
decompress_iob(): Don't advance cur past eod

... when looking for the end of the file name and comment.

I could not come up with a test case where the previous
behaviour resulted in reading of uninitialized data but
advancing past eod still seems wrong.

3 years agodecompress_iob(): Cast value to unsigned char before shifting
Fabian Keil [Fri, 5 Feb 2021 12:27:13 +0000 (13:27 +0100)]
decompress_iob(): Cast value to unsigned char before shifting

Prevents a left-shift of a negative value which is undefined behavior.

Reported by: Joshua Rogers (Opera)

3 years agogif_deanimate(): Confirm that that we have enough data
Fabian Keil [Tue, 9 Feb 2021 10:19:08 +0000 (11:19 +0100)]
gif_deanimate(): Confirm that that we have enough data

... before doing any work.

Fixes a crash when fuzzing with an empty document.

Reported by: Joshua Rogers (Opera).

3 years agogif_deanimate(): Confirm we've got an image before trying to write it
Fabian Keil [Sat, 6 Feb 2021 11:13:32 +0000 (12:13 +0100)]
gif_deanimate(): Confirm we've got an image before trying to write it

Saves a pointless buf_copy() call.

3 years agobuf_copy(): Fail if there's no data to write or nothing to do
Fabian Keil [Sat, 6 Feb 2021 10:52:37 +0000 (11:52 +0100)]
buf_copy(): Fail if there's no data to write or nothing to do

Prevents undefined behaviour "applying zero offset to null pointer".

Reported by: Joshua Rogers (Opera)

3 years agoBump copyright
Fabian Keil [Sat, 6 Feb 2021 09:42:17 +0000 (10:42 +0100)]
Bump copyright

3 years agoConvert GIF spec URL to https
Fabian Keil [Wed, 10 Feb 2021 03:51:47 +0000 (04:51 +0100)]
Convert GIF spec URL to https

3 years agoprivoxy-log-parser: Higlight 'Dropping the client connection on socket 23 with server...
Fabian Keil [Mon, 15 Feb 2021 17:21:25 +0000 (18:21 +0100)]
privoxy-log-parser: Higlight 'Dropping the client connection on socket 23 with server socket 24 connected to reddit.com. The forwarder has changed.'

3 years agoconfigure.in: Add warning that the obsolete pcre code is scheduled to be removed...
Fabian Keil [Fri, 19 Feb 2021 04:28:36 +0000 (05:28 +0100)]
configure.in: Add warning that the obsolete pcre code is scheduled to be removed before the 3.0.33 release

3 years agoDisable fast-redirects for .golem.de/
Fabian Keil [Fri, 19 Feb 2021 12:45:36 +0000 (13:45 +0100)]
Disable fast-redirects for .golem.de/

3 years agoAdjust a couple of asterisks
Fabian Keil [Tue, 16 Feb 2021 02:34:14 +0000 (03:34 +0100)]
Adjust a couple of asterisks

3 years agoDeclare save_connection_destination() static
Fabian Keil [Mon, 15 Feb 2021 15:42:26 +0000 (16:42 +0100)]
Declare save_connection_destination() static

3 years agoOpenSSL ssl_base64_encode(): Remove superfluous space
Fabian Keil [Mon, 15 Feb 2021 10:18:55 +0000 (11:18 +0100)]
OpenSSL ssl_base64_encode(): Remove superfluous space

3 years agoOpenSSL: Fix white-space
Fabian Keil [Sun, 14 Feb 2021 19:33:46 +0000 (20:33 +0100)]
OpenSSL: Fix white-space

3 years agoload_config(): Properly parse the client-tag-lifetime directive
Fabian Keil [Wed, 10 Feb 2021 09:47:46 +0000 (10:47 +0100)]
load_config(): Properly parse the client-tag-lifetime directive

Previously it was not accepted as an obsolete hash value was
being used.

Reported by: Joshua Rogers (Opera)

3 years agoRespect DESTDIR when considering whether or not to install config files
Fabian Keil [Fri, 5 Feb 2021 11:02:26 +0000 (12:02 +0100)]
Respect DESTDIR when considering whether or not to install config files

... with ".new" extension.

3 years agoBump copyright on the homepage
Fabian Keil [Sat, 20 Feb 2021 16:44:17 +0000 (17:44 +0100)]
Bump copyright on the homepage

3 years agoMake the second pcrs job of the img-reorder filter greedy again
Fabian Keil [Sat, 20 Feb 2021 04:30:08 +0000 (05:30 +0100)]
Make the second pcrs job of the img-reorder filter greedy again

The ungreedy version caused breakage like:
-<img width=888 height=573 src=socket.png>
+<img src=s width=888 height=573ocket.png>
on http://bulk.fefe.de/scalability/.

3 years agoAdd #196: Investigate if it's worth adding an optional mutex for the CGI handler
Fabian Keil [Sat, 20 Feb 2021 03:22:36 +0000 (04:22 +0100)]
Add #196: Investigate if it's worth adding an optional mutex for the CGI handler

3 years agoAdd #195: We should probably cache the server TLS contexts
Fabian Keil [Sat, 20 Feb 2021 03:18:17 +0000 (04:18 +0100)]
Add #195: We should probably cache the server TLS contexts

3 years agoUpdate #184
Fabian Keil [Fri, 19 Feb 2021 14:28:04 +0000 (15:28 +0100)]
Update #184

3 years agoAdd #194: There should be a way to force gif deanimation
Fabian Keil [Fri, 19 Feb 2021 13:45:36 +0000 (14:45 +0100)]
Add #194: There should be a way to force gif deanimation

3 years agoAdd #193: Use SHA256 instead of MD5 for the host hash
Fabian Keil [Fri, 19 Feb 2021 12:17:09 +0000 (13:17 +0100)]
Add #193: Use SHA256 instead of MD5 for the host hash

3 years agossl_send_certificate_error(): Respect HEAD requests by not sending a body
Fabian Keil [Wed, 10 Feb 2021 02:39:23 +0000 (03:39 +0100)]
ssl_send_certificate_error(): Respect HEAD requests by not sending a body

3 years agossl_send_certificate_error(): End body with a single new line
Fabian Keil [Wed, 10 Feb 2021 02:33:46 +0000 (03:33 +0100)]
ssl_send_certificate_error(): End body with a single new line

3 years agoserve(): Increase the chances that the host is logged
Fabian Keil [Mon, 15 Feb 2021 15:47:03 +0000 (16:47 +0100)]
serve(): Increase the chances that the host is logged

... when closing a server socket.

3 years agoOpenSSL: Log the TLS version and the the cipher used
Fabian Keil [Sat, 13 Feb 2021 21:36:51 +0000 (22:36 +0100)]
OpenSSL: Log the TLS version and the the cipher used