[Privoxy-devel] HTTPS filtering in Privoxy

Vašek Švec va.svec at gmail.com
Mon Jun 1 19:00:35 UTC 2020 

Hello,

about the return value of ssl_send_data_delayed(), you are right. My
version is incorrect. Thank you.

I absolutely agree, that it's better to make a thorough review before
importing those changes.

My decision to use LibreSSL was based on the recommendation of one teacher
in my university. I was checking the license and I didn't find any reason
not to use it, but I'm not very good at licenses. I've chosen this library
also because it supports SubjectAlternativeName parameter in generated
certificates, so web browsers mark them as valid. It also supports APLN for
HTTP/2. If it's not possible to use it due to license, do you have any
preferred crypto library, which would support SubjectAlternativeName and
which could be used instead?

On Mon, Jun 1, 2020 at 12:12 PM Fabian Keil <fk at fabiankeil.de> wrote:

> Fabian Keil <fk at fabiankeil.de> wrote:
>
> > Fabian Keil <fk at fabiankeil.de> wrote:
> >
> > > Vašek Švec <va.svec at gmail.com> wrote:
> >
> > > > So there is tar of patch files in the attachment and I hereby release
> > > > this code under the GNU GPLv2 or later.
> > >
> > > Apparently Mailman didn't like the attachment and removed it.
> > > Can you please send it to me directly?
> >
> > Never mind, Mailman forwarded me a copy as part of the
> > approval mail.
> >
> > I removed the first patch which contained vanilla Privoxy 3.0.28,
> > stripped the "privoxy-3.0.28-stable/" prefix and put the patch set
> > on the web.
> [...]
> > I have not yet looked at the patches in detail.
>
> I've now looked at the patches and imported a modified version
> of ssl_send_data_delayed():
>
> https://www.privoxy.org/gitweb/?p=privoxy.git;a=commitdiff;h=c0ee8dc3a526fc3090a50e9559a3ceab938dbfb2
> Your version seems to return an incorrect return code when
> it is delaying the response.
>
> I have looked at the connection-sharing patches but think we
> wait until the next release before we consider importing them.
>
> The current git version of Privoxy seems to be in good condition
> and I would like to do a release in the near future.
>
> I'm unsure about the LibreSSL support because parts of LibreSSL
> seem to still be under the OpenSSL license which is incompatible
> with the GNU GPLv2.
>
> Can you comment on why you added the LibreSSL support?
>
> Thanks a lot for sending those patches.
>
> Fabian
> _______________________________________________
> Privoxy-devel mailing list
> Privoxy-devel at lists.privoxy.org
> https://lists.privoxy.org/mailman/listinfo/privoxy-devel
>

More information about the Privoxy-devel mailing list