bughz/3proxy
1
0
Fork 0
mirror of https://github.com/3proxy/3proxy.git synced 2026-04-28 23:20:12 +08:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity
919 Commits 5 Branches 31 Tags 3.5 MiB
e088a5d7f9
Commit Graph

91 Commits

Author SHA1 Message Date
Vladimir Dubrovin
f01c8bfee9 Code cleanup 2026-04-27 19:58:34 +03:00
Vladimir Dubrovin
d52701518d udppm switched to hashtable and supports multiple connections; no standalone udppm 2026-04-27 15:12:39 +03:00
Vladimir Dubrovin
760a521df8 remove pwl_mutex
Some checks are pending
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
Details
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
Details
C/C++ CI MacOS / ${{ matrix.target }} (macos-15) (push) Waiting to run
Details
C/C++ CI Windows / ${{ matrix.target }} (windows-2022) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (macos-15) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (windows-2022) (push) Waiting to run
Details
2026-04-26 20:43:13 +03:00
Vladimir Dubrovin
62ceb36157 Use hashtables for password lists 2026-04-26 20:38:58 +03:00
Vladimir Dubrovin
6b61cfde4c Fix for older Windows (7 and below) / VC 2026-04-24 17:04:03 +03:00
Vladimir Dubrovin
e6c3427cab fix hashtable init
Some checks failed
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Has been cancelled
Details
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-latest) (push) Has been cancelled
Details
C/C++ CI MacOS / ${{ matrix.target }} (macos-15) (push) Has been cancelled
Details
C/C++ CI Windows / ${{ matrix.target }} (windows-2022) (push) Has been cancelled
Details
C/C++ CI cmake / ${{ matrix.target }} (macos-15) (push) Has been cancelled
Details
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Has been cancelled
Details
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-latest) (push) Has been cancelled
Details
C/C++ CI cmake / ${{ matrix.target }} (windows-2022) (push) Has been cancelled
Details
2026-04-22 12:02:20 +03:00
Vladimir Dubrovin
4f0f3c81e1 add 'cacheacl' auth type, dstaddr, dstport, dsthost, dstoper, srvaddr and srvport authcache types; allow to configure authcache by service 
'auth cacheacl ...' is identical to 'auth cache ...' except ACL is not checked for cached authentication. dstaddr, dstport, dsthost and dstoper (operation) are intended to be used with cacheacl. For example

authcache user,ip,password,dstaddr 600
auth cacheacl iponly strong

allows user to access destination ip without ACL/password revalidation if he has cached attempt to the same ip from the same ip with the same username and password.

srvaddr, srvport are useful to only match with cached attempts to the same `internal` address / service port.
 2026-04-21 21:49:52 +03:00
Vladimir Dubrovin
68ef9dcc59 Fix Windows compilation 2026-04-21 16:10:17 +03:00
Vladimir Dubrovin
083a70393f Minor hashtable refactor 2026-04-20 10:40:38 +03:00
Vladimir Dubrovin
7102afe856 authcache switched to hashtables, overflow fixed 
- authcache switched to use hashtables, size parameter added
- overflow fixed on hashinit
- hashtable prefers new values on insert if table is full
- hashtable is able to compact/grow
 2026-04-19 19:16:33 +03:00
Vladimir Dubrovin
a1a65c3fd5 ssl_client_mode = 3 added, allow 'secure' parent types ending with 's': https, tcps, socks5s, connect+s, etc. 
example:

plugin SSLPlugin.ld.so ssl_plugin

allow user1
parent 1000 http 1.1.1.1 1111
allow user2
parent 1000 https 2.2.2.2 2222
ssl_client_mode 3
ssl_client
proxy

With ssl_client_mode 3 TLS is only handshaked for https parent type and is not handshaked for http parent.
 2026-04-13 20:53:38 +03:00
Vladimir Dubrovin
878a432481 Support unix socket for parent and tcppm; abstract (fileless) unix sockets for linux support
Some checks are pending
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
Details
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
Details
C/C++ CI MacOS / ${{ matrix.target }} (macos-15) (push) Waiting to run
Details
C/C++ CI Windows / ${{ matrix.target }} (windows-2022) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (macos-15) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (windows-2022) (push) Waiting to run
Details 
Use unix:/path/to/socket, e.g.

tcppm 1234 unix:/path/to/socket 1234

Under linux abstract sockets are supported with '@' prefix, e.g.

parent 1000 http unix:@virtual.3proxy.socket 1111

Destination port numbers are not used in tcppm/parent, but you must specify any positive value to match the syntaxis.
 2026-04-12 19:18:15 +03:00
Vladimir Dubrovin
2d6eeff5f3 FIx typos, update documentation 2026-04-12 13:58:42 +03:00
Vladimir Dubrovin
c206349ee2 Support unix sockets for internal and -i 
Example configuration:

log
auto -iunix:/path/to/3proxy.sock

test with

curl --unix-socket /path/to/3proxy.sock https://3proxy.ru
 2026-04-12 00:30:35 +03:00
Vladimir Dubrovin
a2641cb103 Push as 0.9.6 2026-04-11 13:06:43 +03:00
Vladimir Dubrovin
825563ad85 Detailed warnings for 'plugin' command errors 2026-04-10 19:30:22 +03:00
Vladimir Dubrovin
8cb8be1be8 Fix warnings 2026-04-08 21:13:45 +03:00
Vladimir Dubrovin
483542b914 Use uint32_t/uint16_t instead of unsigned long / unsigned short where required 2026-04-08 21:13:18 +03:00
Vladimir Dubrovin
251660940e Fixed: crash on invalid configuration file 2026-04-08 19:21:26 +03:00
Vladimir Dubrovin
7e4504997e Fixed: memory corruptions on config parsing 2026-04-08 19:21:26 +03:00
Vladimir Dubrovin
2cd0a34fd5 maxseg / TCP_MAXSEG support added 2026-04-08 19:21:26 +03:00
Vladimir Dubrovin
2508b89d96 Avoid sleep on service thread sync 2026-04-08 19:21:25 +03:00
Vladimir Dubrovin
7e7a0d4336 Support HAProxy proxy v1 protocol 
Added:
-H option - expect HAProxy proxy v1 header, e.g. `proxy -H`

parent ha type - send HAProxy proxy v1 header (must be last in redirection), e.g.

allow *
parent 1000 ha
parent 1000 proxy 1.2.3.4 3128
socks
 2026-04-08 19:21:25 +03:00
Vladimir Dubrovin
013d4bc333 tlspr (SNI proxy) implemented 
Options -cN - level of TLS check
default - allow non-TLS traffic
1 - require TLS, only check client HELLO packet
2 - require TLS, check both client and server HELLO
3 - require TLS, check server send certificate (not compatible with TLS 1.3)
4 - require mutual TLS, check server send certificate request and client sends certificate (not compatible with TLS 1.3)
-P - default port

examples:

1.
tlspr -p1443 -P443 -c1
(port 1443 may be used to redirect traffic to destination port 143). SNI is used to find destination host

2.
allow * * * 80
parent 1000 http 0.0.0.0 0
allow * * * * CONNECT
parent 1000 tls 0.0.0.0 0
deny * * some.not.allowed.host
allow *
socks

attempts to take destination hostname from SNI in SOCKS
 2024-05-20 13:01:38 +03:00
Vladimir Dubrovin
5e2b2a399e clean up warnings 2023-07-13 15:29:26 +03:00
Vladimir Dubrovin
13979b5df4 Allow hostnames in parent 2023-04-26 15:05:47 +03:00
Daniel Winzen
b94e1fc01f
Few more changes 2022-11-08 16:02:47 +01:00
Daniel Winzen
9a6908e623
Add backlog config option 2022-11-08 15:04:19 +01:00
Vladimir Dubrovin
fb56b7d307 "auto" command added 2022-10-18 17:58:52 +03:00
Vladimir Dubrovin
461fae12e7 set logfunc after configuration reload 2021-10-29 19:12:03 +03:00
z3apa3a
e1b4e50242 Copyright update 2021-07-02 11:50:33 +03:00
z3apa3a
bad85a3d51 Support IPv6 subnets in parent extip 2021-04-21 20:39:57 +03:00
Vladimir Dubrovin
681182b1e5 Fix: '-' sign incorrectly parsed in hostname ACL, bandlim race condition on configuration reload 2021-04-15 12:26:34 +03:00
z3APA3A
cbe0c2f511 parentretries command added 2021-01-19 14:40:18 +03:00
z3APA3A
129d26475e Fixed: counters incorectly shown in webadmin, contall/nocountall are not applied 2020-12-02 20:08:03 +03:00
z3APA3A
99a744abda Few bugfixes 2020-11-18 16:10:07 +03:00
z3APA3A
ff67464aa1 Do not fail users without argument 2020-11-11 17:35:06 +03:00
z3APA3A
c1c5875356 better memory allocation errors handling, countall/nocountall corrected 2020-11-03 02:05:18 +03:00
z3APA3A
b81089f22e More correct handling of insufficient memory 2020-11-02 18:59:13 +03:00
z3APA3A
a8b000b7f1 Allow to specify binding address for RADIUS 2020-10-15 12:21:46 +03:00
z3APA3A
d0725163d1 countall / nocountall ssupport added 2020-10-06 14:29:08 +03:00
z3APA3A
c30b4637a5 Do not resolve hostname to IP on ACL destination 2020-08-06 17:57:50 +03:00
z3APA3A
859713d10f Fail if can not bind to device 2020-06-17 16:05:23 +03:00
z3APA3A
041134007d Correct ip/network/hostname parsing in ACLs 2020-04-11 09:58:47 +03:00
z3APA3A
e7e7d2fddf "limit" support in authcache to bind sessions to ip 2019-08-21 15:20:43 +03:00
z3APA3A
02d52e89e9 Fix: config change may stop log rotation 2019-01-15 11:51:10 +03:00
z3APA3A
d7373be071 Revert "Fixed: logrotation may stop after config change" 
This reverts commit ede4aee619.
 2019-01-14 20:14:08 +03:00
z3APA3A
ede4aee619 Fixed: logrotation may stop after config change 2019-01-14 18:02:16 +03:00
z3APA3A
a0591c9786 Fix: $ is ignored in the begginning of quoted line 2018-12-05 14:21:03 +03:00
z3APA3A
68fed46ea0 fix 'radius' is not applied correctly on configuration reload 2018-05-11 16:23:05 +03:00