Soner Tari
Soner Tari
We call evdns_base_new(), which calls evutil_secure_rng_init(), which in turn calls arc4random(). arc4random() is the function that fails with the warning "Unable to seed random number generator; DNS can't run." in...
I see that you have a proxyspec like `autossl 172.29.148.11 10025` in your sslsplit command line, but then you also use the same IP:port pair `172.29.148.11:10025` as the proxy in...
@droe should review this.
Fixed on the develop branch, thanks.
I have updated my tls13 branch with the changes in the develop branch, and merged your changes to it. If you want to submit further changes, please do them against...
It's @droe who should review this pr, not me. Sorry.
Afaik, there shouldn't be any such difference between debug and daemon modes. Can you enable the DEBUG_PROXY switch in GNUmakefile, recompile, try and see if it provides further info?
In autossl mode, when we detect a ClientHello on the ingress path, we upgrade that TCP connection to SSL/TLS. Also see [the documentation](https://github.com/droe/sslsplit/blob/9bac829b7f62252a8958b60c96f8f4b11125fcc9/ssl.c#L1978) of ssl_tls_clienthello_parse() in ssl.c. So, frankly, I...
This is not related with autossl. Why did you mention autossl in your first post? You are asking if we can decrypt multiple encryption layers. To achieve that, you could...
Yes, you can find such cases where we don't check the return values of system calls. Perhaps we should check them too.