Commit Graph

787 Commits

Author SHA1 Message Date
Vladimir Dubrovin
74081c8146
use PCRE_STATIC 2025-03-14 17:55:09 +03:00
Vladimir Dubrovin
c71370ec03
Update c-cpp.yml
Do not try to install on mac
2025-03-14 17:04:42 +03:00
Vladimir Dubrovin
b1b64972c5
Update c-cpp.yml
add more targets
2025-03-14 17:02:05 +03:00
Vladimir Dubrovin
db7ef4ba2f
Update c-cpp.yml 2025-03-14 16:52:11 +03:00
Vladimir Dubrovin
51fc2f6dcb
Update c-cpp.yml 2025-03-14 16:38:47 +03:00
Vladimir Dubrovin
16bd55a074
Update c-cpp.yml 2025-03-14 16:28:40 +03:00
Vladimir Dubrovin
0ca9030520
Update c-cpp.yml 2025-03-14 16:27:16 +03:00
Vladimir Dubrovin
87255a8201
Create c-cpp.yml 2025-03-14 16:22:13 +03:00
Vladimir Dubrovin
d80889474b
Update README 2025-03-10 14:07:43 +03:00
Vladimir Dubrovin
8133480b11
Update README 2025-03-10 14:06:29 +03:00
z3apa3a
f23fc4fc44 mention https:// proxy in README 2025-03-10 00:51:43 +03:00
z3apa3a
3668634781 Update readme for 0.9.5 2025-03-10 00:46:46 +03:00
Vladimir Dubrovin
46a230ebd3 Merge branch 'master' of https://github.com/3proxy/3proxy 2025-03-10 00:37:18 +03:00
z3apa3a
e8e1bdfbf1 switch windows / arm to DLL version of OpenSSL 2025-03-10 00:36:05 +03:00
Vladimir Dubrovin
a5f1f08b60 Use non-static openssl libs for windows arm64 2025-03-09 20:55:23 +03:00
z3apa3a
926ef71ba0 Fix Makefile.Linux 2025-03-09 19:51:17 +03:00
z3apa3a
bc92819572 Fix tlspr for compatibility with older compileres 2025-03-09 19:16:35 +03:00
z3apa3a
a76dd93e86 Add tlspr to install section 2025-03-09 18:38:04 +03:00
z3apa3a
2900b80d88 Prepare for 0.9.5 release 2025-03-09 17:29:17 +03:00
z3apa3a
d7b0061626 Fix ssl_plugin for windows building 2025-03-09 17:26:50 +03:00
z3apa3a
74134db09e Fix ssl_plugin for Windows 2025-03-09 17:22:18 +03:00
Vladimir Dubrovin
878025598b tlspr (SNI proxy) documented 2025-03-09 15:03:06 +03:00
Vladimir Dubrovin
6387bed4f2 Replace strcpy with memmove for overlapping regions 2024-12-20 14:38:58 +03:00
Vladimir Dubrovin
cb6a4166b7 Use -fPIC instead of -fPIE 2024-09-11 18:34:40 +03:00
Vladimir Dubrovin
cf6946cc8b Fix: IPv6 address may be invalid on some plafrorms for SOCKSv5 UDP ASSOCIATE 2024-07-18 12:50:59 +03:00
Vladimir Dubrovin
ab8db00b1f Fix type for ssl_poll 2024-06-04 19:26:34 +03:00
Vladimir Dubrovin
94dfa195db char * / unsigned char * conversions fixed 2024-05-31 19:53:28 +03:00
Vladimir Dubrovin
fb4ab5d07f Remove accidentely added binary 2024-05-20 13:44:50 +03:00
Vladimir Dubrovin
57f11d8a0f Add tlspr binary to git ignore 2024-05-20 13:41:55 +03:00
Vladimir Dubrovin
013d4bc333 tlspr (SNI proxy) implemented
Options -cN - level of TLS check
default - allow non-TLS traffic
1 - require TLS, only check client HELLO packet
2 - require TLS, check both client and server HELLO
3 - require TLS, check server send certificate (not compatible with TLS 1.3)
4 - require mutual TLS, check server send certificate request and client sends certificate (not compatible with TLS 1.3)
-P - default port

examples:

1.
tlspr -p1443 -P443 -c1
(port 1443 may be used to redirect traffic to destination port 143). SNI is used to find destination host

2.
allow * * * 80
parent 1000 http 0.0.0.0 0
allow * * * * CONNECT
parent 1000 tls 0.0.0.0 0
deny * * some.not.allowed.host
allow *
socks

attempts to take destination hostname from SNI in SOCKS
2024-05-20 13:01:38 +03:00
Vladimir Dubrovin
29ef226b3c Обновлена документация 2024-03-10 17:01:54 +03:00
Vladimir Dubrovin
d347f0a058 More TLS commands added, ssl_srvkey / ssl_srvfile renamed
ssl_server_cert - certificate for SSL server (rename from ssl_srvkey)
ssl_server_key - key for ssl_server_cert of generated mirm certificate (renamed from ssl_srvkey)
ssl_server_ca_file - CA file for mitm
ssl_server_ca_key - key for mitm CA
ssl_client_ca_file, ssl_client_ca_dir, ssl_client_ca_store - locations for root CAs used with ssl_client_verify for TLS client
ssl_certcache is not optional, if ssl_server_ca_file / ssl_server_ca_key are configured
2024-03-10 16:20:42 +03:00
Vladimir Dubrovin
a316622a85 Added multiple TLS configuration parameters for SSLPlugin
ssl_client_ciphersuites - TLS client ciphers for TLS 1.3, e.g. ssl_client_ciphersuites TLS_AES_128_GCM_SHA256
ssl_server_ciphersuites - TLS server ciphers for TLS 1.3
ssl_client_cipher_list - TLS client ciphers for TLS 1.2 and below , e.g. ssl_client_cipher_list ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
ssl_server_cipher_list - TLS server ciphers for TLS 1.2 and below
ssl_client_min_proto_version - TLS client min TLS version (e.g. TLSv1.2)
ssl_server_min_proto_version - TLS server min TLS version (e.g. TLSv1.2)
ssl_client_max_proto_version - TLS client max TLS version (e.g. TLSv1.2)
ssl_server_max_proto_version - TLS server max TLS version (e.g. TLSv1.2)
ssl_client_verify - verify certificate for upstream server in TLS client functionality
ssl_client_no_verify - do not verify certificate for upstream server in TLS client functionality (default)
2024-03-10 13:36:40 +03:00
Vladimir Dubrovin
d87241c487 Keep TLS server context 2024-03-09 18:37:44 +03:00
Vladimir Dubrovin
144af547fb Keep TLS client context between requests 2024-03-09 16:23:03 +03:00
Vladimir Dubrovin
35d1de6f5e Ffix use-after-free in freeparam 2024-02-22 17:30:50 +03:00
Vladimir Dubrovin
a592f07783 Update SSLPlugin documentation 2024-02-19 00:13:08 +03:00
Vladimir Dubrovin
161cbbd452 fix crash on insufficient memory 2024-02-18 23:54:31 +03:00
Vladimir Dubrovin
067fdd7f95 support ssl_serv / ssl_noserv commands
example:
plugin /path/to/SSLPlugin.so ssl_plugin
ssl_srvcert path_to_cert
ssl_srvkey path_to_key
ssl_serv
proxy -p33128
ssl_noserv
proxy -p3128
2024-02-18 23:42:09 +03:00
Vladimir Dubrovin
d77e528847 minor fixes 2024-02-18 20:18:31 +03:00
Vladimir Dubrovin
2b4d8e67e4 Do not store CA cert subject 2024-02-18 19:53:35 +03:00
Vladimir Dubrovin
375e3a74d0 call local socket function 2024-02-18 19:41:45 +03:00
Vladimir Dubrovin
6dc145b16b initial commit to TLS refactoring 2024-02-18 19:07:09 +03:00
Vladimir Dubrovin
d162ad5c38 Fix windows issues 2024-02-17 18:53:58 +03:00
Vladimir Dubrovin
8198db8617 adding state to socket functions 2024-02-17 17:31:25 +03:00
Vladimir Dubrovin
d83c1f47f8 Rollback commit in the wrong branch 2024-02-17 13:18:14 +03:00
Vladimir Dubrovin
20a929ca53 Add per-service sockfuncs 2024-02-17 12:57:36 +03:00
Vladimir Dubrovin
a80bef9ecf
Merge pull request #978 from tautschnig/fix-decls
Fix plugin declarations of hashindex and nametohash
2023-10-11 17:00:48 +03:00
Michael Tautschnig
687ebafb1b Fix plugin declarations of hashindex and nametohash
Plugins using these would fail to provide the required arguments.
2023-10-11 10:00:47 +00:00
Vladimir Dubrovin
5e2b2a399e clean up warnings 2023-07-13 15:29:26 +03:00