[Privoxy-devel] HTTPS filtering in Privoxy

Vašek Švec va.svec at gmail.com
Wed May 17 19:27:30 UTC 2017 

Hello,
file with patches (git format-patch) is in attachment. I hereby release
this code under the GNU GPLv2 or later.

Used SSL library can be downloaded here: https://tls.mbed.org/code/releases/
(implementation was tested with version 2.4.0-gpl)

Václav Švec

On Wed, May 17, 2017 at 3:41 PM, Fabian Keil <fk at fabiankeil.de> wrote:

> <va.svec at gmail.com> wrote:
>
> > I have implemented SSL filtering support, webserver certificate
> > validation (and sending info about invalid certificate), host
> > certificate generating and basic configuration for Privoxy. Library mbed
> > TLS has been used for SSL connections. The implementation doesn't
> > support (mainly due to lack of time):
> >
> > - certificate revocation - Not necessary for use and not a critical
> > security error.
> > - outgoing requests filtering - In my opinion, this functionality
> > would require many changes in the chat function or the header parsing
> > functions. I have decided not to implement this functionality yet.
> > - SSL connections caching - Not necessary for use.
> > - subject alternate name - This parameter is required by new version
> > of Google Chrome web browser. mbed TLS doesn't support writing this
> > parameter into generated certificates. Should be available in next
> > library versions.
> >
> > My implementation changes the following files: jcc.c, jcc.h, parsers.c,
> > project.h and loadcfg.c. New files ssl.c and ssl.h have been added.
> >
> > I'd be happy if you are interested in this implementation and its
> > potential publication in official Privoxy sources. Please tell me what I
> > should do next (How and in what form can I send you my source codes).
> > I will be happy to answer any questions.
>
> Sounds great.
>
> Please send the patches to this list for review, preferably with
> an explicit statement that you are contributing the code under the
> GNU GPLv2 or later (or optionally a less restrictive license as long
> as it's a free software license). If you haven't already, please add
> a license header to the files you added.
>
> If you are using git, the "git format-patch" output would be the
> preferred form, if there is a public repository you could also
> post its URL instead.
>
> If you are using diff manually, please use the -u option.
>
> Thanks,
> Fabian
>

More information about the Privoxy-devel mailing list