On 4/7/20 7:22 AM, Bjorn Ketelaars wrote:
On Mon 06/04/2020 10:47, Renaud Allard wrote:Hello, Here is a port of sniproxy 0.6.0It does Name-based proxying of HTTPS without decrypting traffic. It's quite lighter than some other alternatives when you only need this feature. Any comments? OK?Upstream has a branch, which provides OpenBSD-specific bits: https://github.com/dlundquist/sniproxy/tree/openbsd. Did you know about this branch? If so, why are your patches better?
Hi,I didn't notice that branch. It's marked as stale, but I suppose it won't need huge changes any time soon as it defines all the STAIL_* functions. I don't know if my patch is better or not, but I have been testing sniproxy with HD streaming with my patch and didn't get any problems. And my patch avoids redefining functions OpenBSD choose to not have.
All the m4 stuff is not really needed as it's handled within the CFLAGS. So, honestly, I don't know which one is best, what is your opinion?Concerning the failed test, it seems it's in the regex handler for the tables. But I must admit I don't know why it fails with a core dump and I have been using regexes in my config without issues.
I have attached here a corrected version with all your suggestions (apart from the patches).
Thanks
sniproxy.tgz
Description: application/compressed-tar
smime.p7s
Description: S/MIME Cryptographic Signature
