repo: tlswrap
action: shortlog
revision: 
path_from: 
revision_from: refs/heads/master/:
path_to: 
revision_to:

git.thebackupbox.net

git clone git://git.thebackupbox.net/tlswrap

as feed:

2025-07-28 two different attempts at trying to keep tlswrap from getting stuck on SSL_accept. at once. why not?

2025-06-18 redid all of the syslog messages again and use openlog() now to put the PID is a normal spot in the messages

2025-06-18 added more binary files to gitignore

2025-06-18 added a missing declaration to ja3.h that was throwing a warning

2025-06-18 put PIDs into all of the syslog messages, and attempting a new method of cleaning up children processes that uses prctl. likely broken on BSD now though.

2025-04-19 moved the ja3 code into its own file

2025-04-19 tlswrap puts the whole client certificate into an ENV var now.

2025-04-19 combined tlswrap.c and nontlswrap.c into one file

2025-02-27 changed nontlswrap to remove the stupid recv peek

2025-02-27 changed tlswrap.c to add traffic logging, close stdio, remove the stupid recv peek that was breaking shit

2024-12-17 close file descriptors before trying to reap so shit doesn't hang for 15s. also log mesg priority got changed for reap info

2024-09-19 made a compile-time version check to decide on EVP_Q_digest vs MD5

2024-09-19 tlswrap-no-shutdown.c symlink added so you can test what happens when no shutdown happens

2024-09-09 changed how the md5 is generated from deprecated functions to non-deprecated. also a few log messages got src and dst added.

2024-04-08 some cleanup and moved a bunch of messages to DEBUG from ERR because I do not want to see all of those all of the time

2024-04-08 note about how to setup the per-SNI certs

2024-04-08 added the ability to pick per-servername certs based on SNI.

2024-04-08 added a variation of tlswrap that does not properly shutdown. so people can test against it.

2024-04-08 set the process group on the first child instead of ourself so when we kill that group, we do not also commit suicide.

2023-12-20 Merge branch 'master' of ssh://git.thebackupbox.net/tlswrap

2023-12-20 tlswrap got pid grouping so it can kill off all children. also made a version that does not actually do any TLS to do /just/ the pid grouping and killing.

2023-10-16 copyright information added

2023-06-01 added subprocess cleanup and ignore a set of errors

2023-04-03 hacked in some optional ja3 support

2023-02-24 added TLS disconnection detection. hopefully it wont break things somehow.

2023-02-01 I was closing stdin and stdout too soon. SSL shutdown was failing because of that.

2022-11-16 forgot the README

2022-11-16 stupid size_t being unsigned and me not using int like I should have

2022-09-10 made buffer larger, setvbuf on stdio just in case it mattered. shouldnt hurt. extra deubg output to whatever is connected to tlswrap. close the associated filedescriptors when the read end has EOFd

2022-06-17 added flags to set varify-mode, help, and more logging

2022-03-08 I had left the debug messages as LOG_ERR from when I was testing.. fixt

2022-03-08 more logging from write error checks, not doing continue anymore so everything select finds get done

2022-03-04 added SERVER_URL, REMOTE_URL, and changed the main loop to actually finish sending data before quitting

2022-03-03 more useful error message on failing to accept

2022-03-03 added REMOTE_ADDR, REMOTE_PORT, SERVER_ADDR, and SERVER_PORT to subprocess env, and use that info in some log messages

2022-03-01 forgot to include the sha256: bit of the client hash

2022-02-28 set appropriate log levels for all of the syslog messages. I think.

2022-02-28 tlswrap now sends the stderr of the child process to syslog

2022-02-28 removed ssl_deinit.. I expected it to be longer than one line when I made it

2022-02-28 renamed to tlswrap

2022-02-28 first