[Privoxy-devel] HTTPS filtering in Privoxy

Fabian Keil fk at fabiankeil.de
Wed May 17 13:41:36 UTC 2017 

<va.svec at gmail.com> wrote:

> I have implemented SSL filtering support, webserver certificate 
> validation (and sending info about invalid certificate), host 
> certificate generating and basic configuration for Privoxy. Library mbed 
> TLS has been used for SSL connections. The implementation doesn't 
> support (mainly due to lack of time): 
> 
> - certificate revocation - Not necessary for use and not a critical 
> security error. 
> - outgoing requests filtering - In my opinion, this functionality 
> would require many changes in the chat function or the header parsing 
> functions. I have decided not to implement this functionality yet. 
> - SSL connections caching - Not necessary for use. 
> - subject alternate name - This parameter is required by new version 
> of Google Chrome web browser. mbed TLS doesn't support writing this 
> parameter into generated certificates. Should be available in next 
> library versions. 
> 
> My implementation changes the following files: jcc.c, jcc.h, parsers.c, 
> project.h and loadcfg.c. New files ssl.c and ssl.h have been added. 
> 
> I'd be happy if you are interested in this implementation and its 
> potential publication in official Privoxy sources. Please tell me what I 
> should do next (How and in what form can I send you my source codes). 
> I will be happy to answer any questions. 

Sounds great.

Please send the patches to this list for review, preferably with
an explicit statement that you are contributing the code under the
GNU GPLv2 or later (or optionally a less restrictive license as long
as it's a free software license). If you haven't already, please add
a license header to the files you added.

If you are using git, the "git format-patch" output would be the
preferred form, if there is a public repository you could also
post its URL instead.

If you are using diff manually, please use the -u option.

Thanks,
Fabian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.privoxy.org/pipermail/privoxy-devel/attachments/20170517/9bbb53e4/attachment.bin>

More information about the Privoxy-devel mailing list