bughz/3proxy
1
0
Fork 0
mirror of https://github.com/3proxy/3proxy.git synced 2026-02-25 21:52:26 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
847 Commits 6 Branches 30 Tags 2.7 MiB
b85a6b3862
Commit Graph

523 Commits

Author SHA1 Message Date
jendis
b85a6b3862
Merge 983df6f7ae into 12c9039ea4 2026-02-11 02:54:29 +03:00
Vladimir Dubrovin
12c9039ea4 Fixed: crash on invalid configuration file
Some checks failed
C/C++ CI / ${{ matrix.target }} (macos-15) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-latest) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (windows-2022) (push) Has been cancelled
Details
2026-01-28 19:40:58 +03:00
Vladimir Dubrovin
1a970c5c98 Fixed: memory corruptions on config parsing 2026-01-28 19:13:41 +03:00
Vladimir Dubrovin
fdeee233de ssl_client_mode added, code cleanup
Some checks failed
C/C++ CI / ${{ matrix.target }} (macos-15) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-latest) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (windows-2022) (push) Has been cancelled
Details 
ssl_client_mode
0 (default) - handshake immediately after connect() (with first parent or with destination if there is no parent)
1 - handshake with destination server (handshake after connection via parents is established)
2 - handshake after data channel is established (e.g. after CONNECT)
 2025-12-31 19:56:52 +03:00
Vladimir Dubrovin
aab8531072 ssl_client_alpn added 2025-12-31 13:47:31 +03:00
Vladimir Dubrovin
d014bb1149 Use SSL_connect / SSL_accept in non-blocking mode
Some checks are pending
C/C++ CI / ${{ matrix.target }} (macos-15) (push) Waiting to run
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
Details
C/C++ CI / ${{ matrix.target }} (windows-2022) (push) Waiting to run
Details
2025-12-30 17:57:23 +03:00
Vladimir Dubrovin
730fd96fb0 Fixed: allow ssl server and client on the same service 2025-12-30 15:40:03 +03:00
Vladimir Dubrovin
b5ab5b8906 client_sni command added; do not send hostname from request as SNI in SSL client configuration
Some checks failed
C/C++ CI / ${{ matrix.target }} (macos-15) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-latest) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (windows-2022) (push) Has been cancelled
Details
2025-12-12 19:08:26 +03:00
Vladimir Dubrovin
ec7004cd6f Close SSL on shutdown 2025-12-12 18:25:40 +03:00
Vladimir Dubrovin
fe53378596 maxseg / TCP_MAXSEG support added
Some checks failed
C/C++ CI / ${{ matrix.target }} (macos-15) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-latest) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (windows-2022) (push) Has been cancelled
Details
2025-11-29 15:05:29 +03:00
Vladimir Dubrovin
5450ca4cdf Fixed: invalid config value initializers 2025-11-29 14:46:01 +03:00
Alexey Suslov
7a1ca8d341
Fix HTTPS proxy for HTTPS addresses (#1175) 2025-11-17 15:31:54 +03:00
Vladimir Dubrovin
c5ba790d13 Fix: -P option for tlspr
Some checks failed
C/C++ CI / ${{ matrix.target }} (macos-15) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-latest) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (windows-2022) (push) Has been cancelled
Details
2025-10-03 17:06:11 +03:00
Vladimir Dubrovin
fe617048f1 Fix: WSAPoll fail in some Windows versions after e525ce913e
Some checks failed
C/C++ CI / ${{ matrix.target }} (macos-15) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-latest) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (windows-2022) (push) Has been cancelled
Details
2025-08-13 17:53:19 +03:00
Vladimir Dubrovin
724946a834 Fixed: ssl_server_cert doesn't read full certificate chain 2025-08-10 14:36:00 +03:00
Vladimir Dubrovin
2966836dfa Fixed: CONNECT does not work in standalone 'proxy' binary
Some checks failed
C/C++ CI / ${{ matrix.target }} (macos-15) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-latest) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (windows-2022) (push) Has been cancelled
Details
2025-08-05 17:39:11 +03:00
Vladimir Dubrovin
e525ce913e Fixed: Failed connect may result in success response on some Windows versions 2025-08-05 17:38:38 +03:00
Vladimir Dubrovin
db618f780b Fixed: invalid timeout in socksendto / sockrecvfrom 2025-08-05 15:07:50 +03:00
Vladimir Dubrovin
a3e13d8211 Convert PAMAUTH.TXT to UTF-8 2025-06-23 19:24:27 +03:00
Vladimir Dubrovin
dc4e8d3427 Fixed service name detection for auto / tlspr
Some checks failed
C/C++ CI / ${{ matrix.target }} (macos-15) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-latest) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (windows-2022) (push) Has been cancelled
Details
2025-05-06 18:59:04 +03:00
Vladimir Dubrovin
57841074b9 Avoid sleep on service thread sync
Some checks failed
C/C++ CI / ${{ matrix.target }} (macos-15) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-latest) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (windows-2022) (push) Has been cancelled
Details
2025-04-16 21:29:48 +03:00
Vladimir Dubrovin
7320094c11 SOCKSTRACE fixed
Some checks failed
C/C++ CI / ${{ matrix.target }} (macos-15) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-latest) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (windows-2022) (push) Has been cancelled
Details
2025-04-15 19:51:01 +03:00
Vladimir Dubrovin
43d48adeb9 ssl_server_verify, ssl_server_ca_dir, ssl_server_ca_store added, ssl_server / ssl_client aliases added to ssl_serv / ssl_cli 2025-04-15 19:18:14 +03:00
Vladimir Dubrovin
6355f9659b ssl_noserv fixed, ssl_cli/ssl_nocli/ssl_client_cert/ssl_client_key added
Some checks are pending
C/C++ CI / ${{ matrix.target }} (macos-15) (push) Waiting to run
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
Details
C/C++ CI / ${{ matrix.target }} (windows-2022) (push) Waiting to run
Details
2025-04-14 21:40:59 +03:00
Vladimir Dubrovin
7aad0205e1 Remove legacy NTLMv1 code
Some checks failed
C/C++ CI / ${{ matrix.target }} (macos-15) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-latest) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (windows-2022) (push) Has been cancelled
Details
2025-03-17 19:44:48 +03:00
Vladimir Dubrovin
89b45b1b2a Support HAProxy proxy v1 protocol
Some checks failed
C/C++ CI / ${{ matrix.target }} (macos-15) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-latest) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (windows-2022) (push) Has been cancelled
Details 
Added:
-H option - expect HAProxy proxy v1 header, e.g. `proxy -H`

parent ha type - send HAProxy proxy v1 header (must be last in redirection), e.g.

allow *
parent 1000 ha
parent 1000 proxy 1.2.3.4 3128
socks
 2025-03-15 15:54:29 +03:00
Vladimir Dubrovin
7888502cd5 Support tlspr in auto 2025-03-15 13:02:46 +03:00
Vladimir Dubrovin
e6f5f7b5e0 make compatible with openssl 1.x 2025-03-14 20:14:57 +03:00
Vladimir Dubrovin
d48f24ac84 rsa.h not required 2025-03-14 19:56:58 +03:00
Vladimir Dubrovin
4de45ff3a8
Use PCRE_STATIC pcre_plugin.c 2025-03-14 18:03:26 +03:00
Vladimir Dubrovin
74081c8146
use PCRE_STATIC 2025-03-14 17:55:09 +03:00
z3apa3a
bc92819572 Fix tlspr for compatibility with older compileres 2025-03-09 19:16:35 +03:00
z3apa3a
2900b80d88 Prepare for 0.9.5 release 2025-03-09 17:29:17 +03:00
z3apa3a
74134db09e Fix ssl_plugin for Windows 2025-03-09 17:22:18 +03:00
Jan Smutny
983df6f7ae Extend SOCKS for AnyIP utilization 
Introduce '-k' parameter that overwrites the -e parameter (if given) and
uses the IP for the external connection that corresponds to the current client
connection. The benefit arises when the parameter '-i0.0.0.0' or '-i::' in case
of IPv6 is set. This allows the entire range configured as local on the system
to receive connections and establish connections to the target server using the
IP address to which the client connected.
Note: This feature is not applicable for Windows.
 2025-02-06 13:23:03 +01:00
Vladimir Dubrovin
6387bed4f2 Replace strcpy with memmove for overlapping regions 2024-12-20 14:38:58 +03:00
Vladimir Dubrovin
cf6946cc8b Fix: IPv6 address may be invalid on some plafrorms for SOCKSv5 UDP ASSOCIATE 2024-07-18 12:50:59 +03:00
Vladimir Dubrovin
ab8db00b1f Fix type for ssl_poll 2024-06-04 19:26:34 +03:00
Vladimir Dubrovin
94dfa195db char * / unsigned char * conversions fixed 2024-05-31 19:53:28 +03:00
Vladimir Dubrovin
013d4bc333 tlspr (SNI proxy) implemented 
Options -cN - level of TLS check
default - allow non-TLS traffic
1 - require TLS, only check client HELLO packet
2 - require TLS, check both client and server HELLO
3 - require TLS, check server send certificate (not compatible with TLS 1.3)
4 - require mutual TLS, check server send certificate request and client sends certificate (not compatible with TLS 1.3)
-P - default port

examples:

1.
tlspr -p1443 -P443 -c1
(port 1443 may be used to redirect traffic to destination port 143). SNI is used to find destination host

2.
allow * * * 80
parent 1000 http 0.0.0.0 0
allow * * * * CONNECT
parent 1000 tls 0.0.0.0 0
deny * * some.not.allowed.host
allow *
socks

attempts to take destination hostname from SNI in SOCKS
 2024-05-20 13:01:38 +03:00
Vladimir Dubrovin
d347f0a058 More TLS commands added, ssl_srvkey / ssl_srvfile renamed 
ssl_server_cert - certificate for SSL server (rename from ssl_srvkey)
ssl_server_key - key for ssl_server_cert of generated mirm certificate (renamed from ssl_srvkey)
ssl_server_ca_file - CA file for mitm
ssl_server_ca_key - key for mitm CA
ssl_client_ca_file, ssl_client_ca_dir, ssl_client_ca_store - locations for root CAs used with ssl_client_verify for TLS client
ssl_certcache is not optional, if ssl_server_ca_file / ssl_server_ca_key are configured
 2024-03-10 16:20:42 +03:00
Vladimir Dubrovin
a316622a85 Added multiple TLS configuration parameters for SSLPlugin 
ssl_client_ciphersuites - TLS client ciphers for TLS 1.3, e.g. ssl_client_ciphersuites TLS_AES_128_GCM_SHA256
ssl_server_ciphersuites - TLS server ciphers for TLS 1.3
ssl_client_cipher_list - TLS client ciphers for TLS 1.2 and below , e.g. ssl_client_cipher_list ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
ssl_server_cipher_list - TLS server ciphers for TLS 1.2 and below
ssl_client_min_proto_version - TLS client min TLS version (e.g. TLSv1.2)
ssl_server_min_proto_version - TLS server min TLS version (e.g. TLSv1.2)
ssl_client_max_proto_version - TLS client max TLS version (e.g. TLSv1.2)
ssl_server_max_proto_version - TLS server max TLS version (e.g. TLSv1.2)
ssl_client_verify - verify certificate for upstream server in TLS client functionality
ssl_client_no_verify - do not verify certificate for upstream server in TLS client functionality (default)
 2024-03-10 13:36:40 +03:00
Vladimir Dubrovin
d87241c487 Keep TLS server context 2024-03-09 18:37:44 +03:00
Vladimir Dubrovin
144af547fb Keep TLS client context between requests 2024-03-09 16:23:03 +03:00
Vladimir Dubrovin
35d1de6f5e Ffix use-after-free in freeparam 2024-02-22 17:30:50 +03:00
Vladimir Dubrovin
161cbbd452 fix crash on insufficient memory 2024-02-18 23:54:31 +03:00
Vladimir Dubrovin
067fdd7f95 support ssl_serv / ssl_noserv commands 
example:
plugin /path/to/SSLPlugin.so ssl_plugin
ssl_srvcert path_to_cert
ssl_srvkey path_to_key
ssl_serv
proxy -p33128
ssl_noserv
proxy -p3128
 2024-02-18 23:42:09 +03:00
Vladimir Dubrovin
d77e528847 minor fixes 2024-02-18 20:18:31 +03:00
Vladimir Dubrovin
2b4d8e67e4 Do not store CA cert subject 2024-02-18 19:53:35 +03:00
Vladimir Dubrovin
375e3a74d0 call local socket function 2024-02-18 19:41:45 +03:00