## smithproxy

### 0.9.31

07021fb Merge PR #42 from DimitriPapadopoulos/codespell
c8cd8d4 don't update neighbors with internal connections
13bd565 protect staticcontent with a lock and clear previous
        properties once done
30fc735 nltemplate - allow access to properties
38c2a8f debian11 - add apparmor to suggests too
8ce0cb4 packaging maintenance
968f1a6 remove potential deadlock condition
8c32715 Add global instance OID to webhook ping
8966b11 Report all live proxy OIDs on ping
3f2c55e  decouple object API from HTTP API
bc3e0e2 fix FLTO to run in parallel
075fcad add targets to repoman
971b460 fix size_t formatting
a518b21 infra: add wip repoman - repository file generator
8376eac infra: drop latest files, script unused code and test
        existence of built package
04ed8b8 Merge remote-tracking branch 'origin/master'
cfb55ed fix again changelog, add synopsis
fd6b647 fix again changelog, add synopsis
e317cf9 let's revert and use - instead of *
e6b47e7 less spacing in debian changelog
d02864f fix trailing / in path, don't write into changelog on error
b1820a8 fix changelog generator names
fba1894 changelog changes (wip) - unfortunately nothing will be
        tested until it's in repo
c98d7ed introduce new changelog generator (wip)
6edee68 debian building script will now upload packages to `ARCH`
        specific directory
76e1432 Update ReleaseNotes.md and introduce a new
        QuickHowto-Webhook.md
67cdff8 don't use cmake fetchcontent
2384ed8 add PYTHONPATH to snapcraft.yaml
3e544f9 add a possibility to load fullchain.pem for custom
        certificates
944f679 QuickInstall-Mitm.md typos and wording
1be1c7d add QuickInstall-Mitm.md to document bootstrapping mitm
        capturing scenario
5c743be add localtime to debug and release crashlog
ba130b4 mitm - stop filtering if set dead by a filter
d2bb116 mitm - don't proxy if marked dead
8f11390 access filter - mark connection dead if rejected
e650006 add response to `to_json`, later added to `connection-info`
        webhook
0904207 upgrade schema
b96fc7a remove unused parameter
1d6a372 add synchronous webhook emit versions
a204eaf improve 'connection-close' webhook - add interface
        ApplicationData::requests_all() to fetch all requests
        detected   in the session. - apply socle
fedb545 introduce L7 history
d389b5a engine improvements
27b754a Fix misspellings found by codespell
f09855a remove unused parameter
66965b3 move event "id" to root of the json sent with webhook
6926983 make webhook detail a static string key
52cf7ff add support for toggling packet checksum calculation on
        traffic export
651aa78 fix issue with saving upgraded schema into config file
617fbda webhook improvements
553f47c add boot_time random number
c65da5f utilize ClassChar from baseHostCX and don't do expensive
        dynamic_cast
310a236 don't send empty connection-info webhooks
c8df8d4 fix a bug where policy features are applied only if
        auth-profile is also configured
4632ac2 change neighbor action from too generic "new" to "neighbor"
de42484 save disabled status only if it's configured (not if policy
        is error-disabled)
b6dee62 create a mechanism to warn if parts of the configuration
        were not loaded
c7ca357 fix policy feature save problem
011ab98 enable "statistics" filter and make it available in config
208f438 webhooks - create generic webhook send_action; args:
        action_name, details_json
7fc8ad3 improve proxy filters, add to_json functions
758bf87 FlowAnalysis::aggregate: aggregate ratios to (default)
        1000ms bucket
82c016f add StatsFilter, which computes entropy, skew and similar
        metadata
d6d3c60 mitmproxy: add qol 'to_connection_label' function
8ca3127 make mechanism to proxy filters update states
eb3b66c apply socle fixes
93f4ba8 use lazy_ptr and move values to a struct for a better
        organization
ae1b6e1 add utility Singleton and lazy_ptr classes - lazy_ptr
        creates underlying object only if accessed   object must be
        default constructible   Good for profiles, which must exist
        on access,   but not necessarily earlier.
30420f6 sync in socle and lmhpp
a0784a4 re-do connection closing logging to further implement
        webhook here
4d358ed use portal certificate for API service (instead of default
        server cert)
a5217d2 make webhooks a little bit nicer, create "ping" webhook
dcf5a37 change KB limit defaults, allow infinite KB logging
60a5598 add first practical webhook action when new neighbor is
        detected
1c75190 add webhook infrastructure + CLI testing command
a18fe0d Update build-ubuntu-22.04.yml
3275141 Delete flawfinder-analysis.yml
0529fea Delete codeql-analysis.yml
6a6913e Create build-ubuntu-22.04.yml
beaa2a7 debhelper: set compatibility level to 12
7b4ba51 add procps package to debian build dependencies
a197e82 add docker builders for debian:12
b61140a add debian 12 support for creating deb packages
23bfba1 createdeb - fix multitude of security and reliability issues
10bdab2 add --branch to sx-builder tool to override config file
        setting
d2ae1d6 fix few shell issues in createdeb tool
a6f3320 add a curl-based, light HTTP Request class
de68f06 add utility thread pool - to handle short-lived, synchronous
        tasks to not affect proxy operation
2600044 improve debian from sources build
19865f5 add neighborhood lru database
003a6dd apply lmhttp: timeout wating on empty POST request
b8b56e7 apply socle: don't access event details without a lock!
e7db3e8 update deb compat and control
52965ad apply socle + adapt CLI commands
c794a40 socle - fix uninitialized certificate chain array
087a028 apply socle changes and fix broken starttls
2bd3a3c add socle changes + adapt CLI
a6b6259 apply socle - fix custom certificates
1c92ea3 fix sx-network exceptions for local addresses
54df293 apply UDP fixes in socle
24d9cef fix annoying replacement HTML formatting issue
90f0fd3 apply socle
ba7778f fix datagram - don't allocate negative sizes
50900fc fix incorrect logging
aee1d11 Merge pull request #39 from astibal/load_db_filter
362509f update readme and release notes
d9227d5 add `features` tag list into policy
84a0302 filter objects should be easy to create and tweak
672ee4e fix index out of bounds read when arguments are filtered out
e23b423 they say `using` better
0e21187 rework proxy filters
7c127db unify proxy logging category
94c482a remove ugly locked_ code, use standard lock_guards
965172b add another custom certificate mechanism - target IP address
438e21e apply socle + change cli `diag ssl` to `diag tls`
cad79c0 implement custom server certificates (based on SNI from
        client)
d5af518 apply socle changes
4fcdbb8 fix snapcraft.yaml version

### 0.9.30

b488160 set snapcraft.yaml branch to release-0.9.31
e43dc08 update Release Notes
4014cb9 update Release Notes
bc7f302 don't generate crashlogs on program exit for Release builds
2e8fe35 consider status as terminated when proxies are down
e04e323 don't join threads from CLI thread
16f71a1 slash matters!
2dd1abc enable KTLS for kernel-assisted crypto in OpenSSL 3.x
cdfa705 introduce CA single-file bundle support
1cd9ba1 improve sx-builder.py to use ssh-keys and different ssh user
68fd625 re-add nlohmann::json as a fetched project from cmake
db0c916 add modern cmake to ubuntu 18.04 build
9757c67 UB ASAN should not be enabled by default
a8d4876 add UB ASAN build support
c456a63 add UB ASAN build support
58d1f5d apply UB fixes in socle
0b320f7 fix UB - use of moved object
fe62c3e remove remnants of --tenant-index options (deprecated
        already)
512c9ff build support improvement
5266c08 add script running docker images
2fcf772 add docker images based on compiled .deb packages
04bd488 if enabled, make ASAN to display leaks each 30s
3192932 remove -i option and add mandatory argument for -t
c1d2fa7 add clang support
7ba1339 fix clang reported warnings (errors with -Werror)
8d6794a fix incorrect processing of -o and -c arguments (issue #32)
8f195cb ok - remove timestamp from build
e373053 disable string truncation warning
a287545 refactor init_syslog - use AddressInfo
29f9681 C++20 requirements
51499ac print foreground statistics
0f7114e adapt socle changes - loglevel level and topic atomicity
aba028f fix compile errors on armhf platforms
6b62315 apply socle changes
7f64791 kb initialization fix - asan reported issues
1b3b930 apply socle changes
ebd6b05 better SIGINT handling
bf6b185 well, let's not forget TCP/UDP are L4 protocols :)
0c37340 FqdnAddress - don't lock DNS cache
e6b4687 don't call sock5_handoff for UDP in proxy message handler
b33bfb9 Add 'Coverity' cmake build type
0a1c344 proxymaker - use smart pointers
a03e27b code improvements and modernization
fcabd29 apply socle changes
0d57cae const-fu in CLI code + apply socle changes
2a5ee33 Service::abort_sleep() now uses thread_safe nanosleep()
        instead of sleep()
9b9283e rework and improve DNS refresh/expiry thread
77cbe1b adding forgotten patches for DNS server list
3274c9b when receiving DNS response, don't create epoll context when
        timeout is zero
fc63343 fix crash when no DNS response is received, or destination
        is somehow empty
6c9ca19 DNS nameserver lookups improvements
624fed4 DNS - use buffer::set_at
4646fff fix sock5 premature proxying
7b675e4 socks5 - add is_ssl flag for future use
a81c559 add routing setup - destination is now changed if routing
        profile is present
a98641b add missing includes
07a3a3f cli/cfg - if new entry is added, add also 'name' and
        'routing' entries
187dc9d Socks5 - replace SockInfo with AddrInfo
47d1288 apply socle changes (decouple SockInfo src and dst
        structures)
42fa84d current session counter
3608127 socks5 - improvements
96a00d2 apply socle changes
40aa840 apply socle changes
25eabd7 evolve and modernize lockable class
bbda0e2 mitmproxy - don't continue with proxy() if from buffer is
        empty()
66d7b9c to_read returns now lockbuffer now
26f8ab3 keep core18 and core20 snapcraft files for reference
a1695aa snapcraft - use core22
f11bf65 drop request when:
853f965 configurable option to compiler to unroll short loops
f4175a6 add UDP optional data for session tracking
13c6213 socks5 code rearrangements
29676b4 apply socle changes
0a16526 extend poll timeout even further
5498e36 use new generic response mechanism and respond with a string
        (raw response)
6f07ab1 add more generics into http server processing
ce39531 apply socle changes
2863589 fix GET responses
baefd9f add some generalization to http responder
8ed671d use compatible variable time_t types + const-fu
d4cd405 first UDP SOCKS5 feature implementation - incomplete
dc948f1 apply all good changes in socle
c91cb8f add socks5 udp receiver stats into 'diag worker list'
b3ff203 set -Werror and -Wno-unused-variable
0b04a50 apply socle changes
8c50d5b remove MitmHostCX "final" restriction
8371957 fix SOCKS5 UDP thread startup
657a696 fix malformed connect response
83218af handle UDP associate socks5 request
c9f2d70 tidy a bit socks code
d8047eb infrastructure for udp socks5 support
088f999 better protocol visibility; set protocol from inspectors and
        also set sub-protocol for DoH
bc8603f apply socle changes
834c2a7 apply socle changes
2e82a9a apply socle
f07a284 supposedly innocent conversion fixes
6a699e8 build only Debug tests
d7ec109 add cli 'end' command to return up, to parent section
4de1b9a fix compile errors when USE_PAM is disabled (it's enabled by
        default)
c7b5a9b config syntax change - address_object 'type' attribute set
        to string: "fqdn" or "cidr"
6301f6f improve a bit policy list in CLI
bd53c7a HTTPS API improvements
4e51390 enable CLI user login
6c5cf0c move enable password from CliState to CfgFactory
83a5323 add libpam (and its distro name variations into build
        dependencies)
082bdb5 add admin group mechanism
7288aa2 add test for group membership if PAM is used
f8fadfe enable system level authentication using PAM (WIP, don't
        use)
acdd62e refactor duplicate code into separate functions
1adeb22 small api fix
58d8874 API server changes II
7f05433 API server changes
b276d68 move all http handlers out from httpd code to separate
        module
b66ae3e code beautification :)
b40310e add 'ips' into optional 'diag proxy session list' command
99d351f few code improvements
46d396d apply socle changes
7239776 const-fu
7870c33 apply socle changes
5e13263 apply socle changes
67bb313 rename/refactor SNI access functions
478c2c9 eliminate expensive dynamic_cast in starttls
c65688b eliminate expensive dynamic_cast
230e2fd apply socle SSLCom makeup
9a97e3e apply logging redux in socle
2aed73c apply socle fix UDP bind->connect data race
e4bd038 remove google default dns servers - complain if config is
        missing nameservers setting instead
c39cbb8 http api - add /api/config/uni/get controller retrieving
        configuration parts in JSON
1b74e55 add libconfig::Setting -> nlohnman::json conversion function
        into jsonize namespace
76f7552 httpd api - add example query parameters
d759ed6 implement API for 'set' operations
ede13ae refactor some cli-cfg code to be generic to be usable with
        API
51eaeed cli - additional fix for config change by current update
        subscriber
3706443 updateboard - add mechanism to recognize current client
        changed the config
e158108 refactor and generalize cli-to-config code to be reusable by
        API (and others)
b5e095d reload CLI when config changes, sync with socle
bca3688 CfgFactory::save_config - return bool, not int
bb51f2c cli - mark config change on UpdateBoard when element is
        removed
a524bf6 cfgapi - add more robust change/save detection
900f60d cli - add warning if config is changed on the background
        (ie. using API)
ab07a9e api: add universal config element controller
7186d50 fix cfg_status_response
65b8890 add configurable option whether API should listen on all
        addresses or loopback only
93f0027 move convenience params and response to jsonize.hpp
33d3bea pass HTTP request body data to controller handlers
e977f61 make TimedOptional::expired_at const (and return by value)
3d8e0cc add simple CLI command to display http API database
0989686 decouple CLI from config changes for ADD operations
401cf56 move config change from CliState (now removed) to CFGFactory
b8f89c6 cli add refactor - working wip
1b6761c wip - httpd - oops, default timout should be 3600s
7ba0040 wip - httpd - token timeout mechanism added
d7e1cad wip - httpd - log message wording
934bef3 wip - httpd: add http access keys support to smithproxy
28d0962 wip - httpd: log access and request violations
4fc97d3 wip - don't allow in empty tokens if db is empty
27dcb16 wip - tokens are now taken from CRNG via openssl
923c5ff wip - webserver refactor names ... to be shorter/nicer
89128aa wip - add access-level controller decorators
1b0a3a8 wip - httpd updates
c7b5b61 wip - make http server data infrastructure
3f031de adart to lmhttpd changes
80a0552 use socle and refactored virtual SSLCom::ssl_error_details()
452aade implement logging event details data and its CLI support
e670469 mitmproxy - refactor id policy apply code
42311dd small code cleanups
968d33d adapt to socle commit: modernize SSLFactory class
30dc095 smaller code cleanups
cb027db adapt socle changes in TYPENAME_ macros II
ef39271 adapt socle changes in TYPENAME_ macros
be971fc apply socle
8329774 remove old FIXME comments, prevent lgtm to complain
2be39fb smarter kb/node quota management
f701496 less demanding http/1 engine signature
4f619c9 make mitmhostcx final + code cleanups
f0ecf35 add to auth thread also timeout checks
7ef3e1c socksproxy code cleanup
9b98bb5 fix http/2 frame parser boundary checks
5736ae3 smarter kb/node quota management
a2cedd0 make KB and Node infrastructure to clean older entries +
        code improvements
2193d36 add basic CLI KB tools into exec tree
6d03895 watch your back and nullptr
6570e70 rename some kb files to node_*
4869d4e rename some kb files to node_*
10b14c4 add kb tree infrastructure + tests
c2e3145 add config variables for engine and kb control
320ecd4 fix incorrect formatting literal
64d60df add events on smithproxy start and config save/upgrade
538b2bc add more events + socle sync
d4e1c7e add some CLI commands to see/clear event list
d1faba3 apply socle changes
efc0fe9 apply socle changes
20a7369 set devel flag
76a0615 update release notes with 0.9.30 info (!)
c06d00f removed OpenSSL 3.0.0 stuff 2
7e86fcc removed OpenSSL 3.0.0 stuff
2eb2377 more changes needed for ubuntu 22.04
ea7aaf6 fix silly typo
d8b9d28 build script - dependency for ubuntu22.04
3be1015 WIP merge release and debug build scripts + add ubuntu22.04
        build
89353ba update readme

### 0.9.29

2477289 version bump
65685d4 code cleanups
ca7c9f7 code cleanups
828e6f1  fix http2 frame parser crash (uncaught exception)
2589ea2 fix http2 headers parser crash (uncaught exception)
8714f06 hostcx - code cleanups + socle sync
62ee116 logrotate.d fix
4c60a2a deamon - fix harmless leak on exit + append crashlog
d4e511e empty buffer processing guards + socle sync
e4d8bf8 set dev flag
7866a3b set dev flag
13d6de5 make http/2+DoH use of a new AppHostCX::MODE_CONTINUOUS
84ac61a http/2 + DoH work (wip)
446d054 ApplicationData abstraction now holds generic key-value
        properties member
911686e dns proto - const-fu in various places
57f50d6 don't link with libz  - fix debian10 build
3ee5441 few fixes in snap and config reload
d0514e6 update release notes - ... and snapcraft.yaml

### 0.9.28

6bd3191 bump version
bbd1ade introduce http2 engine in release code
d076539 apply socle
4603faf rename flow member element from flow_ to data_  - original
        name was confusing when called with flow().flow() from user
        classes
0d6065b add some more http/2 code (inactive atm)
d1d6349 don't enable http/2 yet
17b5a3c Merge remote-tracking branch 'origin/master'
29730fd refactor http v1 engine to use buffers and string_views
22397e1 apply socle cleanups and add CT warning
c572340 code cleanup
ce6a95b remove a redundant shutdown call
d033ff2 standing behind Ukraine
8c7ec0f accomodate socle changes
93e2099 ehm. no redis and use pool in cmake
f63112e cmakelists - enable asan based on cmake variable
ee9fd13 hpack - fix mem leak
d650cbd sync with socle
5818de8 more hpack rewriting + tests
1a81e2f http/2 engine improvements
01c21d3 hpack - adapt to new header storage
f9438cd hpack - change test suite to use header multi-value
dc5c734 headers can have multiple values (ie cookie), use header
        string map to vector of values
5791318 hpack - fix testing suite data
e377a02 fix use after free bug
bccb898 beautify and rework tables (tables freshly copied from RFC)
8853c5d fix table size typo (+ tidy)
06afb18 logging capture tweak to compile with gcc 7.5
90e5895 ... of course disable http2 engine atm
5650144 more appropriate debug messages order
14b6917 hpack fix huffman table, tests
897f364 refactor HTTP1 code add add wip-grade HTTP2 engine (off in
        cmake)
e679c8b socle sync
b0d6302 add hpack - WIP - note it requires lot of work
606aacd refactor http1 engine into new sub-namespace and directory
627b9af replace logging level not dependant on host cx
fdaf8a5 sync with socle
d173163 add crlf when hex_dump debug info
79e8776 add boilerplate code for redis support
a04663a Socks5 IPv6 features
57ee468 fix CLI payload dump, print limited-size chunks until 20k
        cap
6d155e0 add mitmproxy 'com.proxy.payload' logan
2ec65d9 add logging context filtering feature
d660851 apply socle logan_attached wipe
227544c optimize and call authentication handler only on session
        start
7995321 fix total bytes counter broken by previous buffer fastlane
        patch
98bc5ce sync with socle
c0d3a23 socle - optimize buffer handling: after certain volume move
        whole buffers
0959e34 reflect recent socle changes
80606d2 socle sync
6830c43 apply important socle fixes + some logging discrepancies
c11986c fix forgotten unique_ptr proxies occurrence
6092bbd apply socle fix
378c4cf apply socle UDP TLC and add diag to see UDP connection cache
6c9c04c clear acceptor proxies when stopping smithproxy instance
022d789 netservice: fix missing unique_ptr return types from
        prepare_listener
3ec5599 asyncdns uses smart pointers
6da5a38 minor cleanups
d7313f3 fix dns inspector to loop unnecessarily
81be765 refactor bootstrapping code to use smart pointers
407131d add forgotten MEMPOOL_DISABLE
fffbc0f rename ptr caches to suit cli debug parameter setting
38abe82 add a new development option to workaround mempool
        allocation
eb2a8fb add extra debug option to cmake
6cdbbaa mitmproxy cleanups
0df8d15 mitmproxy - use identity_ unique_ptr
3d00a6a sync with socle
0528d3e sync with socle
bcd45b4 sync with socle
2a763ff don't inspect ipv4 broadcast and ipv6 local multicast
b3302e4 socle: rename mempool_bad_alloc to mempool_error
59d077d toggle mempool exceptions support via MEMPOOL_NOEXCEPT
        define
6f44545 fix few coverity issues
5eb1b12 apply socle data race fixes
5b5464b adapt socle logan changes
8357f53 we cannot copy unique_ptr
c986732 apply socle changes in logan
14b0edf apply socle changes in masterproxy
094ab46 apply libcli and socle
ab38989 shutdown: join all child workers
458e5ff join correctly all CLI children threads on exit
d84ee50 return created callback entry reference
e7c790d socle changes
28f3149 MasterProxy: apply changes due to persistent thread spraying
        in masterproxy
7c82b17 add settings/tuning section
7741157 socle: for compatibility reasons remove arguments for
        nodiscard
cb0e1ab apply socle changes
f6fac2e improve some diag commands
3f2a19d make 'diag proxy session list' print SNI if it's available
632790c apply socle changes
6b50705 make DatagramCom database created on demand on heap, not in
        global static storage
b1065bc add experimental framework
8722e97 add helper facility to install git hooks on cmake run
2025111 flag should be in double-quotes
06e3c03 add support for experimental code which won't appear in
        official packages
2b4bd67 more fixes regarding /var/smithproxy
8e052a1 fix also apparmor
4e9374d set also captures/local/dir to new default capture
        destination directory
e030b4a prepare a ground for privilege separation
49cd76b set default capture directory to /var/smithproxy
2d7aefc modify smithproxy to log into /var/log/smithproxy/ directory
071bc6f cmake: add helper to create directory, create
        /var/log/smithproxy/ on install
abc7cf0 disable python by default, it's not doing anything useful
        atm
b065ecb improve significantly CMakeLists.txt - USE_ flags are now
        easily tunable
7af41b3 improve 'show status' CLI command
1802cde fix linking problem with SmithProxy::create_api_thread if
        USE_LMHPP is not set
773e47c fix null pointer dereference
26562fb improve cfgapi apply code to not contain raw pointers
8a1fb52 fix python script profile which won't compile in
937d373 set dev flag
02dc8da remove last uses of NULL
340b7bd code cleanups in diag_cmds
e49d29e sync with socle changes
4dce1fb add CURL_UPLOAD_OPTS support also into createdeb-debug
0ec67a8 update Release Notes

### 0.9.27

d4a43bd hotfix release 0.9.28
540dd25 add CURL_UPLOAD_OPTS ARG to Dockerfiles
11892be honor CURL_UPLOAD_OPTS config to support custom curl upload
        arguments
60455c8 set dev flag
34fe584 update readme

### 0.9.26

b76bcb9 bump versions to 0.9.27
9bd6a6b fix previous rushed patch
d7d21b0 perform schema upgrade from versions with no schema support
b0efd9e snap support improvements
f964948 gre export: refactor and install exporter also to
        pcap_single instance
94b71b4 pcaplog: fix IPv6 file captures
8aeb6bc apply socle fixes
073dd70 apply socle fixes
2b9b7f5 pcapapi: change ip hook API and use classic interface-like
        approach
0a2b4b3 apply socle changes
5f9bd81 add support for "remote" capture only
e34d6dc default config: add captures section
b9ad738 deb postinst: another shell script-fu
ba4cd9d deb postinst: don't use bash double sq brackets
773e7dd deb postinst: create default capture directory
1f41b50 make default capture.local.file_suffix empty
d53cdfa cfgapi: remove "tun_src" which is now no-op (it can be added
        later if needed)
b4a134b add an option to capture to remote GRE
2a010e6 fix missing character in variable name
970342c sync with socle updates
5e16177 improve file prefix/suffix logic   - filename extension is
        added automatically   - suffix is added to filename base at
        its end, before extension   - it's OK if file_suffix and
        file_prefix are ""
d0322c0 capture profiles - add helper to retreive file sufix
88a4908 separate routing setup
978157e update schema version
c5a2dbc add captures.remote attributes
f0c7e06 allow ":" in existing object values
d7afe45 upgrade schema to move local capture options in a new config
        section
9fcb72b fix cligen - don't mask all variables if exact match is
        found
7e97e47 add 'captures' section in the CLI - II
94d414a add 'captures' section in the CLI
a6648bb apply socle changes
3cd901b code cleanups in proxymaker
5b98f6a fix debug section was actually not loading
4303f5c move capture variables into separate structs and save new
        config section
6217b6a apply pcap TTL sanity socle fix
afe4634 decouple config schema upgrade from version string
5685479 add socle changes into smithproxy
7863723 add socle dev flag
2271702 apply socle
af72c47 deb: make postinst detect if systemctl is not present
f0512e2 use https to download from github
2251bc7 fix copy-paste typo in createdeb II :-D
f00c429 fix copy-paste typo in createdeb
7d3abef add source tarball upload
dec8d71 install system units and enable them on .deb install
7102e6c fix smaller tenancy issue in network startup script
26c54e2 don't install init script on debian and derivatives
47d4c3e set devel flag
b8cae59 add systemd units
c6bad62 sync with socle
9c8e56b cfgapi code cleanups
0f7cc27 move statement 'using namespace libconfig' from headers
5c82c46 update Readme and Release Notes

### 0.9.25

516bb5a make a new release
2637d64 add more mempool tests
babf1c5 add mempool test + fix data race
aa56628 add mempool test + fix data race
e43c155 add dnat routing l3 and l4 scheme
60f8b64 add routing profile ability ... route
13a34d9 some cleanups
dc01bac cli prompt shows tenant name if non-default
9578156 add new function to expand addresses based on list of
        address_objects and protocol family
9419a36 make a little trick and let CIDR_PROTO match AF_FAMILY
        values
0f37ac8 write pidfile also if running in foreground
c7a45c5 tenant index is unsigned
ab0f7c8 check pointer, thread joinable state before actually calling
        join
dab9628 fix tenant cli - operates on base + index port
d5ea6c7 clean return instead of exit()
b9c9834 support loading smithproxy.tenants.cfg
f3f7c87 add facility to read smithproxy.tenants.cfg
2100452 dns - refactor and cleanups
5dd8121 DNS inspection - erase cached response if received
722563d refactor address object handling code - less free form
        allocations, more RAII
f944622 add forgotten policy rule constant
fae5442 refactor CfgFactory
b8c2f3a refactor PolicyRule
991148c add convenience RAII 'allocated' wrapper with deleter
        calling free for malloc legacy allocated elements
f3d85c0 add policy tests in CMakeLists.txt
8023840 add some policy unit tests
b09fa94 use raw::allocated for strings from cidr:: legacy code,
        avoid manual free() calls
2c96aa3 const ref - fu
4b015b0 sx-builder: add --cleanup option to purge host system docker
4791d9c sync with socle
b853e04 don't copy logans
2d08dc3 mark dev
60d4d69 add a new building tool sx-builder.py
8e1ce83 update snap
90c12a3 update 0.9.25 release notes

### 0.9.24

b618d00 bump version
1a4cee7 hotfix: fix 0.9.24 startup issue
ca500b1 update 0.9.24 release notes

### 0.9.23

67918bb bump version
17b207a udpcom: fix heap use after free
064ac2b apply socle changes and set dev flag
49fa9a6 improve TLS profile application + support wildcard domain
        name in policy match TLS bypass (configured in tls_profile >
        sni_filter_bypass)
6ff2226 update socle
9f7728e don't create logans on each profile apply function
5f366b2 add SNI bypass FQDN address object
e25dc63 fix missing error message if routing fails
3ad7903 introduce routing feature
6c76b19 fix CLI crash on edit policy if non-number is entered
b903078 add facility to easily t-proxy all UDP traffic (disabled by
        default)
2179ba0 use proxymaker on transparent UDP proxy
474f98a make proxymaker more generic
c8771b6 - fix minor leak if TlsProfile is not loaded with success,
        but it's not destructed
ae7b102 - fix 'add' command on empty section   side effect: 'edit'
        and 'remove' are present too, but are no-op, since there is
        no args available
6341114 add routing profile, and config section
d8acf11 apply socle fixes
9c9c8d2 update README

### 0.9.21

c1ffbbb remove dev flag
f302cd5 update Release Notes
f9f7d33 pcap filesize quota set to megabytes (instead of bytes)
4c694b6 fix logfile permissions to 600
d2257fd add logrotate script
ad3fca9 refactor proxy setup procedure I
0d9f466 to get session list, don't walk sobject db
24e4a4f add debian 11 docker builds
39d5706 add few more items to rest ping response
a5549b0 open wide CORS policy
33f4612 fix new pcap file permissions
a9cac05 update Release Notes
787af70 add proxy oid to json response + allow to find session by
        oid
3b07de5 apply socle
20eb7fd move json producing code into specific jsonize namespace +
        introduce proxy list JSON API
e915802 small tidy-up
7f01075 use new socle changes
7f38d6a move cli thread components under service/ dir where it makes
        more sense
73f17d9 json diag ssl cert print
d3f4eb7 create generic json responder
36a1666 bump version
ebc2fb3 json ping response
c1747da add possibility to set response parameters and option to
        listen on loopback
d83d04b add license and include guard
f471ed8 create dummy http server
1221aa3 add optional terminate check handler
323f987 build dev snaps now on again
10958b0 allow snapcraft to build 0.9.21 from master tree
87c31cb update Release Notes
a930009 update Release Notes
b3c4c6f make Dockerfiles support custom branch build
4176ebf Create codeql-analysis.yml
7201646 add libmicrohttpd dependency
101c251 some more buffer len control in external libcidr
7230c58 add jlohmann json header
534ed7d use strncpy in external libcidr
6213c2f Create flawfinder-analysis.yml
c78961b update info files

### 0.9.20

bac27e2 add custom branch support to build Dockerfiles
af9f345 fix pcap file rollover race
5393ae6 branch out release-0.9.20
63ec5d9 apply socle

### 0.9.18

86c964c bump versions
23b9f7e this single line makes config not load with misleading
        warning:    Fatal    - [service]: Setting not found:
        .starttls_signatures
1633d87 make pcap_single default writer output
5cb7813 pcap: close the file before rolling over
fdf5d94 apply socle
886ba40 simplify and remove redundant code
b37e9bf make host and proxy label a bit nicer
633631e add more writer comments
ae88771 actually write cached response
b36fd9e add API to dump cached responses (affects both smcap and
        pcap writers)
c6fca27 apply socle improvements
859363c implement support for PCAP_SINGLE file automatic rollover
6681a67 make more robust capture options structure (don't keep it in
        members directly)
7883a02 cli: rework value filter to support very large integers
10483f3 allow pcap_single file rollover using CLI command
06335f9 introduce httpd service which is not yet even compiled in -
        disabled on cmake
f37e435 introduce httpd service which is not yet even compiled in -
        disabled on cmake
45919ce add lmhpp module (not used)
1fcf3ce add socle changes
3842422 remove unreachable code
c896d2b be more expressive
24e97b1 apply socle fixes
f37d2e2 update snapcraft.yaml
d186016 fix signature save issue
4eee996 apply socle fix
0a7b4c9 socle changes
9405859 apply socle changes
e162c8a update Release Notes
74789c0 apply socle
2b49ebd bump versions
43494ce add CLI support for content write format
359d4ff apply socle
9bc69ce WIP - make pcap_single work too
fedd2a9 content profile - fix typo
2e64744 apply socle changes
1da8869 add option to hex_dump to add CR before LF
37ebc9f apply socle fix
d053010 WIP - pcapng files are now created, but content dump is not
        correct - TBA
cf1754a apply socle
cb72e88 refactor and rename traflog to SmcapLog
42d4f14 apply socle changes
61449fa dramatically simplify and a bit improve threaded file writer
2f464eb socle updates
41ef1f7 save write_format into the config file
0eae6bb add needed mechanism for config file versioning
8b38aea prepare mitmproxy to switch traffic dumper based on format
        type set in content profile
6717307 hold unique ptr of base class
4e412a9 socle::raw RAII guards
54f3850 socle update
93af1b0 traflog refactor
6e4728f mitmproxy - code cleanups
4d39331 apply socle changes
6a9b893 add pcapng writer support (including comment options)
6549d1c apply socle
d02fe52 apply socle
df74919 add pcap writer initial test coverage
89df149 apply change in traflog header in socle
f733054 cmake - use backward compatible 'add_definitions'
f55772a make project compile with GCC 11
c0ca984 apply fresh socle
a2750f2 ignore SIGPIPE
02583a8 apply socle changes
af531bf epoll minor refactor
e2ed5f9 logger improvements
16b4952 apply socle
4166d21 refactor rename 'logger' to 'LogMux' and LogOutput to 'Log'
d053bcd fix type conversion: writecrash - size_t is never negative
3be231f remove -Og which broke my debug sessions
9d9ce1d socle bump
4999110 more type conversion and return type improvements (breaks
        API)
670a72a socle sync
bb5c067 add peering tests into cmake
75a9895 no peering.hpp yet
b8619ce no dohinspector yet please
e833322 handle better epoll_wait errored sockets

### 0.9.17

98780e4 fix diag sig list - should display all signatures, not only
        base() and tls()
9e45b8d better diag info about engine and signature match
03f6fa0 wip - refactor mitmhost to support engines in process_in()
        call
63b3718 apply socle
f41e457 bump version due to API change
c42d1e9 socle API changes
00d84c9 refactor http1 engine start function
0f97bd6 add some (compatible) optimizations into debug builds
84af228 fix incorrectly saving signatures (introduced with signature
        groups - 0.9.13 not affected)
1df27d0 refactor on_www_detected to more generic engine approach
437df96 add 'engine' signature attribute to trigger custom code
        (engine)
0f783f8 add basic http/2 start signature (prior knowledge)
c5e4ee5 add configuration variable into TLS profile to control ALPN
        block
5f5af86 apply socle
37083f7 apply socle
bc3ad8d display alpn in 'diag proxy session tls-info'
9a27131 add TLS parsing test suite
110a06b DNS fixes and improvements
73baf6f DNS fixes and improvements
868ad12 platform independent size string formatters (fix compiler
        warnings on ARM)
21a2aec cli 'test dns' : don't use 'select()' in 2021
49de5f2 add DNS tests + fix string tests which were broken before
c27ab14 dns: changes code cleanups II
dcd59c5 dns: add convenience to-string functions
6cdd104 code cleanups

### 0.9.13

e97ace7 socle and version bump
3b6ff97 socle and version bump
b8e4825 CfgFactory change II - fix previously related patch
        leftovers
5f8dd8a create DaemonFactory instance on healp instead in static
        storage
73e7f07 CfgFactory now uses init() to initialize - API change
2fdbf9e logger internal change + API change - now it initilizes with
        init() - call LogOutput::init() at start of main
197ea1d close ony valid crashlog fd
eb13bcc socle bump
1a3b132 code cleanups in inet namespace
af7ac86 signatures - fix logic error in returning signature group
93adad0 add 'diag proxy session active' command to display only
        active sessions
b262a34 apply current socle
ecadf0b detect starttls only on first 10 client/server data
        exchanges
971551b signatures - add mechanism to enabling custom groups
a088f15 wip - signatures are now separated based on their group
0d58807 signature tree overhaul - phase 1
8d76b75 update socle and add "group" and "enables" signature
        attributes
ead6c0d update readme with API change
7282361 bump and apply socle changes
2408543 apply socle changes
b1b4bba add strong stack protector to Release builds
3c57711 add Release build docker host script
88d055b release notes update (about skipped version)
bf05f50 apply socle changes
fd27daa class logging name refactor - API change
6781e79 optimize-out some debug outputs using _if_deb
5ffc0b6 remove unnecessary inheritance
1aaf674 remove raw pointers from mitmhostcx
c7c5aef apply small API changes in AppHostCX
ac8e3a7 remove empty interface methods and their calls
0f512d8 add DoH signature
a4d816f dns code cleanups
5dff223 use unique_ptr for com_ in hostCX
ac6a8e2 apply socle changes
1965ae4 add dev todo file
49756af remove unreachable code
c95cb25 move global loglevels into their own namespace
        socle::log::level
f2cb10c apply socle changes
531e216 huge -Wextra and -Wpedantic readiness code cleanup
d44af65 code cleanup in appdata
7f37a5a apply socle changes
df24d6d apply socle changes
e446dcd make staticcontent clean its pointers on dtor
4f60124 smithdc tool code cleanup and fix most of the issues
4358355 apply sigslot removal changes in socle
5c15b03 remove sigslot library (used only in smithdc) and use C++17
        lambdas
e831026 apply socle version
db77334 bump version due to API changes
b7f0bd8 fix incorrect copy assignment operator
5539184 remove default argument from virtual to_string(int=iINF)
        from all places
55253bc Release_Notes update
8d640c8 apply socle changes
4574931 remove deprecated logging macros + code cleanup
7c3f4f9 apply socle changes
f35e238 move socle::meters to baseProxy
6c7761a introduce cli 'toggle' command
c0c3e0d refactor and add more generic CliCallback interface
c96d355 refactor return value (not needed)
fbe2e45 update release notes (to work around -0 version)

### 0.9.12

270703d update release information
710d7bb use new socle version
7d1d055 log changes in Release_Notes.md
30b3f75 apply socle changes
0f86b27 fix - dns inspection: add NS as allowed type in response
        authority section
a339333 fix few coverity issues
7782c94 bump and snap
428401b simplify snapcraft.yaml
f5b1b2b snapcraft: build a 'release' release
f2ada48 release notes and snapcraft changes
3f212f1 code cleanup - refactored libcidr into its own namespace
6c72fbc add diag command to clear tls session cache
17acd62 apply socle and bump snap
09bfca0 improve some stats and list commands related to ssl
ba9ad0e update release notes
c3e6c7a print session info only for ticket and sessionid
0080bfe fix coverity issues
4c811f2 Merge pull request #24 from astibal/cache_up
093f54d switch to libcli/main and apply socle changes
05aff81 refactor ptr_cache DataBlock stored as a unique_ptr instead
        of value
0e99821 instantiate pool as a first thing in main()
c62a015 use lru-mode ptr_cache as certificate store - seems to work
        ok!
d0d85ed initial, counter-only lru implementation into ptr_cache
a878fed refactor socle ptr_cache + some coverage tests
7bf4864 bump and snap
2c90a74 Merge pull request #23 from astibal/portal-split
d04f764 add back pyparsing to pip3 deps (pylibconfig2 requires it)
1c3c723 note in README.md that since >0.9.12 is smithproxy_auth
        optional package
4eb72b6 remove m2crypto and swig from alpine part of linux-deps.sh
9a84b02 compile clihelp.cpp also on alpine (include libgen)
92af056 compile cfgapi.cpp with newer libconfig
539b63f fix linux-deps for debian10
7e1e6a7 fix control files II.
11b05e7 fix control files
b9dd50f remove unnecessary -dev package dependencies and invalid
        compat level
46facd1 remove some unneeded deps or move pip deps to apt deps
5985032 fix createdeb to download desired branch and not always
        master
a712373 use local askbot
878389c move askbot functions to core python scripts
bb15829 remove unnecessary pip packages from postinst
381f8e3 remove python posix_ipc dependency in core package
01b9446 remove python lxml dependency in core package
055d9ff remove spyne
c2d9088 remove zeep dep
f484ff6 remove python-ldap dependency
e1d2c2d remove docker/_attic
d1d1899 remove pyparsing and fix debian/control
512f3ea remove old deb building scripts
9eaf4fb fix some typos
068b220 docs/ directory desperately outdated - atm remove old stuff
        and add link to help resources
b20c843 remove portal from smithproxy
092db0d revert back build script
cf33153 count releases from 1 because of debian rules

### 0.9.11

a6bfee4 0.9.12 release
a6cf78b release candidate 2
56b6ec2 release candidate 2
275935e fix missing 'add' and 'remove' capabilities for most of
        profiles
04475b6 fix cli issue when 'set' command appears in sections with
        dynamic groups
49433dc add more CLI string convenience functions
9a570fb correctly propagate policy allow_* exceptions also for
        config without replacements
a2afe8e correctly propagate policy allow_* exceptions also for
        config without replacements
57e6d25 correctly propagate policy allow_* exceptions also for
        config without replacements
bab0c3e fix #22: honor tls_profile allow_* options
b9e3795 fix override redirects - redirected always to /, which is
        not necessary
55131aa strings version upgrade (keeping 0.9.11 git tag until final
        release)
175f786 apply socle: fix cpu spikes when right connection waits for
        left's ClientHello peek
fd42bf1 fix copy-paste mistake
8323fb1 bump and snap
a6de054 add suggestion generators for set commands
a1a0453 add convenience cli string functions
5f115b7 generate set commands for editable templated entries
533a94e bump and snap
9420413 add rest of settings + proto_objects, port_objects and some
        policy value checks
87d9f68 construct CidrAddress out from string directly
37522e6 fix regression: replacement of course can be an empty string
9bfcb92 add some test coverage to addrobj.hpp
6a43880 bump and snap
bfd3c24 when smithproxy starts in the foreground, print out listener
        count to not stay totally silent
86de5e6 avoid std::cout use in library code unless necessary
ef8c7fc pid file handling and smaller tidy-ups
cfa7b45 cmake - run gtest only if present
5d6c844 add coverage for sx::str namespace
7f6947a fix sx::str::string_replace_all busy loop
958573e fix stupid typo
a6f1dff separate debug and release .dpkg builds
9ccb67c bump and snap
e9cb095 update release notes
6f6315d improve cli value filters: now filters can be chained and
        modify the value
bd685d2 rename cli/ directory to cmd/
4533233 mark bailing on smithproxy normal exit to not deadlock
        mempool
5a3c3f0 don't use libunwind for release builds
ddfa7ce solve ugly crashdumps - now they are beautiful
b65b040 let's not use copies of DaemonFactory singleton, please.
efd84b4 add cli 'execute shutdown' to terminate running smithproxy
        process
65048c7 make openssl allocation calls via mempool if MEMPOOL_ALL is
        defined
efbc897 move crypto mem check from release builds
48ced10 SSLFactory - pass pointers as values, store with smart
        deleter CertCacheEntry
a05ab9d bump and snap
4f7ac8b add facility MEMPOOL_ALL to replace global new/delete to
        mempool
863f197 IMPORTANT FIX: memory leak in sobjectdb
7fbfd97 tidy args
c0e8689 use malloc_allocator for MEMPOOL_DEBUG map
71216b0 for modes without MEMPOOL_ALL return to crash-less terminate
f81f946 canary.hpp missing include guardians
a37c836 add MEMPOOL_ALL experimental option
d2df45b apply socle
2520e9e add various compile-time options tags to 'show status'
04d5d01 rename _private namespace to deleters + add ::free deleter
        for specific non-new/delete use
5c90174 bump and snap
8af81d6 Merge remote-tracking branch 'origin/master'
a6eabc3 use utils/ + generate chain of all options for cli 'set
        list_variable [a1, a2 .. aN]'
036f654 use utils/ + generate chain of all options for cli 'set
        list_variable [a1, a2 .. aN]'
339c397 add whole lot of utils
83af416 bump and snap
677e2c8 fix policy removal
2f01e6e on element removal, remove also 'remove' command
b2095d8 when adding a new element, also save cli_command
9433092 migrate CliState to thread_local storage (all cli_* are
        invalidated on thread exit)
d237e01 generate commands: add also callbacks when adding section
        cli_commands
d009b65 apply libcli
4065c8e report running config change only only once
6157c7a apply socle changes
8b4b536 CLI improvements
4cb658d new download server links
9ad48e8 update ctlog download script with the new server link
0031747 dockerfiles should initialize build args
69badeb build dockerfiles - add proxy into apt config if
        'http_proxy' build-arg is present
da749df bump and snap
8d37e18 add better facility to check values before they are set in
        the config
773838c time being, remove possibility to delete or add signatures
        (they need a different handling)
8dc0282 add to codebase function searching for cli callback for
        templated objects
21831b5 snapcraft.yaml version update
d370000 cli - make new policies editable and others removable
58d196e cfgapi loads now policy correctly when profiles names have
        empty string
d453048 move commands use separate function
d282fb8 add hacky code to allow moving newly created policies
9374309 allow empty string values and return true
9a79901 fix small issue in generating checksum for latest dpkg
4014f30 various smaller improvements
81b4adc add CLI 'policy move X' commands up, down, top, bottom
053e099 snap version
7700e64 fix: cli editing works only in first cli session
f8d4cd0 snapcraft bump
a2bd484 cli improvements
92206e3 Release Notes update
3380f9a make move cli command really move policy
bce58e6 refactor and some some cfg operations from cli to CfgFactory
53ba647 add policy 'move' command
6dd4efd version fix in snapcraft.yaml
9daf339 fix header git version checker
1b20704 new policy now can be added via CLI
9e97d49 don't allow trying remove nonexisting elements
ff344ea add 'disabled' and 'name' attributes into the policy
342572a fix logging protocol reference
7233bee add --shm-size to startup script to avoid sigbus crashes
1736dbd build script - ubuntu: more apt less pip3
aa4f5d5 build script - alpine: use more apk in favor of pip3
b5cd572 rewrite parts of CLI, mainly add/remove/edit
fa002be add 'remove' support for policy section
46b8e03 add policy map also to the list - this is change needed to
        generalize policy to be used as a standard CfgElement
d76fb21 update deps script and Release Notes
8ef81d2 update Release Notes
cdfaa13 code cleanup
6428430 add cli 'remove' command check for element usage - used
        element cannot be removed
61a67f0 make all dynamic configuration groups generic CfgElement
        maps
950c04e make proto and dport CfgElements + make usage weak refs on
        load
c22db48 rename dependencies -> usages which better fit the idea
de5bc4f add more infra to dependency checks + move around some code
fa9bd3e mention 'remove' in Release Notes
100db64 use CfgElement for all config items in the policy
5e5e581 make AddressObject child of CfgElement
3d5410d reject reserved names starting with __ in 'add' cli command
7046940 ignore reserved names starting with __
08f4621 refactor profiles and inherit from new CfgElement parent
        class
e4c6b3f refactor and move policy profiles to its own header
42372bd 'remove' cli command works without reference check
c7fe8c5 add dummy tls_ca cleanup in cfgfactory
dfd5fc2 generate add even if section is empty
171d23c add 'remove' command hooks
0edfb52 cfgapi add dummy tls_ca handlers
c53587c refactor and move CliState to its own header
e78b6a2 add 'add' CLI command to Release Notes
bdb00e2 improve policy match and add fix l4 protocol match
3d84ccc add into policy match in cfgfactory also policyrule context
        log message
d96e7a2 code readability improvements
c66c38d improve 'add' cli command handling
1e094f0 addset default ... to default :)
7646e59 add the add command into CLI - new objects can be created
        with default values - wip
c36eeb2 add methods creating default instances of most CfgFactory
        objects
a82e6f0 remove unused cxxopts.hpp
c5a528b remove unused argparse
c945f77 be more strict on pidfile removal - it must contain value of
        non-existing process
da2d463 don't remove unowned pid file - fixes various issues with
        startup
c1f796a daemonize: move exit() from master after fork to main() so
        we can better cleanup
78ce4ab improve smithproxy startup
5a43302 change project read me - technical information will move to
        docs
e72c480 fix underscore issue in snapcraft.yaml
2401864 add CT support into snap release
bf92586 add CT support reference into Release Notes
930cebd add CT support reference into Release Notes
ce41489 add save/load/apply support for tls profile CT support
c8d82af add SCT debug info to 'diag proxy session tls-info 8'
235fd42 apply socle - add some more CT logic
4a390fe add some more CT logic
5564b8c use BioMemory in CT debugs
a1acece add certificate transparency feature from socle
124e4c2 remove no longer existing testing docker tag
21892e1 Release_Notes.md updates
9e71429 actually we always want to overwrite Release_Notes.md
2576fe4 add Release Notes and sha256sum package upload
46276a7 cmake split
ed944a3 handle 'cannot bind' situation correctly
9e4674f testing tag no longer exists
ecb62f3 add debian build Dockerfile
1d684c1 docker hub dance
63ba9de reorganize structure according to working examples on the
        net
f280b99 docker hub build override 2
64bec86 change hook variable
2f233c5 fixing github build hook 1
99689ac add forgotten shebang to the docker build hook
3996da9 add forgotten shebang to the docker build hook
373a18f add hook/build to support hub.docker.com build variables
        handling
c77ad56 add Ubuntu 18.04 into automatized builds
262362c remove remnants of old building system and add ubuntu20.04
        fully automatized build docker image
96b918e better package building script
9d644e4 apply socle changes

### 0.9.10

c48684e bump version due to important fixes in socle
4ba4bea move regex compiled strings to static storage and fix
        alpine/musl issues

### 0.9.7

cf7e596 bump versions after io2 merge
df9cc07 Merge branch 'io2'
3f9af66 Merge branch 'master' into 'io2' to resolve conflicts (use
        already merged  socle/master)
66b501d fix crash on smithproxy exit due to destructing un-joined
        thread
be95141 make "show status" cli aware of new acceptor x workers
        mechanics
9622c09 improve startup scripts + make them follow new accept_*
        directives in cfg file
884140c introduce new switch to enable incoming acceptors
d8344eb bump socle
9cb8d0b move generic worker initialization to (another) parent class
6baf147 fix wrong workercount argument passing plain setting to tls
b317089 socle updates
a75e415 socle updates
4555dfb Merge branch 'io2' of ssh://github.com/astibal/smithproxy
        into io2
58c5b7b socle bump - fix some theoretical deadlocks (never
        reproduced, detected by sanitizers)
2799d8e fix socket handling in SOCKS proxy code + ARM fixes
36f326c improve cli 'diag worker list' and don't lock across
        cli_prints, to prevent dead-locking on CLI socket I/O.
7558bc7 add cli 'diag worker list' which will traverse acceptors,
        workers and their proxies.
9638653 fix: add worker threads to list as intended
0ee8745 refactor and adapt proxy_type enum class into regular type
        with to_string method
c8e4e9c fix and improve incorrect "diag ssl verify list" output
83bd280 apply socle fixes
39b5155 add canary check, enabled if MEMPOOL_DEBUG is defined
b9379f3 create canary class to better handle with canary checks
7c49114 reserve vector sizes to avoid many reallocations
9681a55 adapt CLI to mempool 2.0
29ed6ee UDPCom::shutdown add extra check and remove virtual sockets
        from in_virt_set
e6fd8ea udp - log when writing to pool without real socket (io2
        branch relies on it).
8ba4eae DNS inspector - if response is not cached, reset previous
        cached state
3373fb7 UDPCom::shutdown add extra check and remove virtual sockets
        from in_virt_set
ee3ab99 fix memory pool resource leak in receiver (udp) worker
        thread
787cfc9 apply socle
6012549 apply socle
18cfdf7 tiny tidy
f4d6481 adapt to changes in mempool
5c68daf udp changes
2cb2229 baseProxy com() operations on virtual socket also applied on
        real socket if present
5d5aad1 better logic to udpcom::in_readset
2dba09c add udp entries stats to CLI
1839e5a make redirected udp work
ff38deb remove libcli dependencies  (we use own libcli fork)
d0b0dad get rid of all unneeded libcli tooling
52e6682 wip - don't use - don't idle out bind_sockets (they wait for
        incoming connections)
a0fd337 wip - don't use - revert back testing redir script
4a2f449 use epoll() on linux instead of clunky select()
fbf6ea2 wip - don't use - add idle check to baseProxy::run_timers()
8de2f50 make udp work
eff4ff1 refactor sockaddr_storage helpers and merge them with
        packet_info into new SocketInfo struct
0e99bcf wip - don't use - move embryonic state from datagram entry
        to udpcom.hpp
f598afa wip - don't use - removing some unused code and template
        args
7fcec3d move CLI thread start at the very beginning
c790206 fix old on_left_new_raw version
296e4dd we have to max out opened file descriptors (proxy can have
        opened many files/sockets!)
f40bf96 wip (don't use) - whole a lot of changes to make work N:M
        acceptor:worker design
c6d7c9c wip (don't use) - likely contains data races - sync with
        socle - UDP doesn't work (to be rewritten totally)
8e3c189 wip (don't use) - likely contains data races - sync with
        socle - UDP doesn't work (to be rewritten totally)
bb212ad wip (don't use) - likely contains data races - UDP doesn't
        work (to be rewritten totally)
3d220fb wip (don't use) - likely contains data races - sync with
        socle - UDP doesn't work (to be rewritten totally)
c230eea wip (don't use) - likely contains data races - sync with
        socle - UDP doesn't work (to be rewritten totally)
134198b wip (don't use) - likely contains data races - mutex-protect
        bind_sockets against concurrent accept() calls
93fecd0 wip (don't use) - likely contains data races - fdqueue
        wrapper mix-in class FdQueueHandler
b302d55 wip (don't use) - likely contains data races - shared socket
        queue
28b3223 wip (don't use) - contains data race for udp (and possibly
        also elsewhere)
c9a15a0 wip (don't use) - fix immediate crash on dangling reference
c0a3b88 wip (don't use) - make acceptor thread a vector of threads
dbfb0bd some rearrangements in socle
39e0273 create custom mutex container
11931c5 baseProxy - adding listen() call, creating cx for already
        existing socket

### 0.9.6

f9ad8a2 bump version due to important fixes
86b9c3f fix socket handling in SOCKS proxy code + ARM fixes
6e0926f bump snapcraft version
6831452 apply memory pool exhaustion fix from io2 branch
7dbce9e moving files and moving to ubuntu20.04 as devel platform
92c7e32 moved, unchanged docker launchers
b62fce7 add debugsx.sh to docker extras
b3b908d better way to build and run local src debug docker
c88e921 ubuntu18.04 flat debug build
1b2328a ubuntu20.04 flat dockerfile
e2585c2 ubuntu18.04 flat dockerfile
ce56f15 fedora flat dockerfile
0ad6410 debian flat dockerfile
e69ca98 openssl package was missing in alpine
9f79312 alpine flat dockerfile
f92311b bump socle submodule
6241ab3 fix SNI bypass
083f48b replace sref with shared_ptr to hold sni bypass filter
56c1be5 don't create DNS_Inspector with each session + policy apply
        logs
686e28e don't send data if marked dead (possibly due proxy is
        dropped for reason)
ab1da9d fix broken dockerfile deps - one-step build
5f89081 DNS inspection - use smart pointers
b6cb4e7 protect socket set with mutex
8a09961 deploy new snap version

### 0.9.5

bb6d38f use fixed 0.9.6 candidate
0ea3b3f fix a typo
0496851 0.9.6 - fixing various issues with capture saves and ipv6
651dea4 add ipv6 into policies to follow same defaults like ipv4
19f2b58 include ipv6 into redirected traffic
7c9c4b0 add post-refresh hook to update certificates

### 0.9.4

90e54b3 bump version to 0.9.5
06f1b63 sync with socle
15d0e11 add more sanitizers (commented out)
761313a use new baseHostCX::io_write() and break possible recursion
        back to apply_verdict()
3125eae snapcraft mask out some unneeded snap commands
c565f71 fix crashing crash handler, please! :/
952c90b use correct std::string constructor (and fix heap overflow)

### 0.9.3

bbb5dd7 bump version due changes in config file variable and its
        default value
b57875a make .deb generator great again and fix build/postinst
eb7fdef beware: important cfg entry name and default value changed
79adf9c improve snap description

### 0.9.2

bc3d7ef bump versions to 0.9.3
13406e6 craft the snapcraft.yaml I.
e67485b another snapcraft to add lxml to python deps
9cbf68e snapcraft - try to install dev libs for other platforms
9f334ac fix root ID detection
33df1f5 working snap with few cludges and missing features
3b6045e fix double free in dns code
5cefe45 fix *many* data races
bd3ede1 add commented-out lines for thread-sanitizer
475978c fix a typo ...
cdda678 adapt to even stricter rules when 'id -u root' is not
        returning anything (assuming 0)
2915561 add more python deps
3af4a8f call user id with number, not with name (some versions don't
        like it)
c587f1d add libffi-dev to support arm platforms
b30ef1f push socle submodule hash
d71fc43 ocspinvoker demo (commented out - wip)
1cb6c28 cfgapi run cleanup in d-tor
2e9960f unlink pidfile in destructor
60b5a26 make cli server gracefully finish on
        smithproxy.terminate_flag
4ee4571 fix cli mempool trace output (if enabled)
54309b7 prevent rare mem leak in DNS inspector
98bd322 cleanup SSLFactory code
d841dc4 improve snapcraft.yaml (still wip)
3ba5341 fix cmakelists: add debug flags properly and don't overwrite
        existing certificates on install
e527b05 fix typo with wrong redirect port for dns redirect
f37cbeb snapcraft changes
d42b78b this compiles, but paths are wrong
c6d2566 some more work on snap
cb8e47a improve startup scripts and tools
ed73d27 some cosmetic changes
fa206c0 fix CMakeLists.txt
9362531 snapcraft requirements
3cfba69 working (surprisingly) snapcraft.yaml
6e27395 add snapcraft.yaml
6b6a99a remove redundant code block
b4777f3 after setting 'other' value to ttl, we have to save it to
        settings profile to actually use it!
1549d09 commit socle submodule
3ec9930 improve sxyca and cert generator
9d6e988 add simple sx_certinfo util to display CA cert
0045389 add 35k and 50k pages to mempool (remove "big" pool, which
        was no-op)
e0e6da4 set default nat type on policy to auto (interface mode)
ee33578 fix error flags according to changes in baseProxy
63b295c apply socle changes
cd85b3d add ocsp invoker to CMakeLists.txt
4ab6b46 add factory class AsyncOcspInvoker which should make use of
        AsyncOCSP even easier
8844844 asynocsp - fix typo and yield string of yield, not fsm state
a8a703d add some logging + don't iterate behind end of map
2f28400 small rearrangements

### 0.9.1

f352e98 adapt linux-deps.sh script improvements into separate
        distro.sh (needed somewhere else, where don't need
        inter-file dependency to avoid source duplication)
07f5276 bump version
cb6c4bc re-add back debian binary package scripts
4c13970 building from sources notes
0e6d84d automatic expired dns cache entries removal (interval
        between 10-300s based on min TTL entry in cache)
fe8cd91 clean-up in certstore
57fbc8e rework/refactor ptr_cache as a container of std::shared_ptrs
4f9bc6d travis: well, it's gonna work, someday
81daf42 travis: not using sudo -i
ffb037a rework dockerfiles; supported OSes: debian, ubuntu, alpine,
        fedora
259d9e3 use generic linux-deps.sh script
d484dfe add libunwind and improve description a bit
3cf4d7f using --recursive clone
5a0a9b0 install pip3 instead of pip2
bc9aa18 add symlink sx_cli for smithproxy_cli
a8414d6 add kali detection
b9f44f8 add fedora support to linux-deps.sh + NOTES.md
f0e4c89 work around some compiler issues with UxCom virtual
        destructor
6057df6 code beatification
f9b79bb sudo II
5a10306 travis - enable sudo
0738f98 making it work in stupid /bin/sh
e4597b3 remove too smart bash features to make all work on travis :(
b10159a travis ...
86ca549 back to basics - travis
f713231 upgrade pip once it's installed
81597b5 wrong variable ...
ee3c8b8 /bin/sh is just fine (not all distros have bash by default)
f0a7325 link or not to link, that's the question!
fbbb531 add Alpine Linux support (edge)
78466fa reflect libconfig++ API change in versions >= 1.7.0
180de0e add select include to compile in alpine
e9d7a7a some innocent formatting and const-ify
7b0000f some innocent formatting
5a0d580 boolean default value in config was string ... was failing
        on arm platform only 8-|
223ac8b reflect previous changes in CLI in config
88571b8 use all cores :)
bfda61e typo in arch64 machine detection on debian
a051ea2 make smithproxy run on arm I - work around libconfig issue
e9fd1ca make smithproxy deps script install correctly python3 lxml
        on debian arm
555d082 make smithproxy link correctly on ARM platforms (add atomic
        library)
c7033d3 include string into clihelp.hpp
9c96926 make dependency script work for debians
e1876eb make dependency script to detect distro IIb
21323fc make dependency script to detect distro IIa
cbbaf00 make dependency script to detect distro II
809a6de make dependency script to detect distro
1eb5f20 make dependency script ubuntu version aware
d5f1424 improve a bit ubuntu20 dep script
930cf50 create build script (to be used in install, travis and
        docker scripts)
f8034d7 changes in dir structure
2fed80e travis for amd64, arm64 for precise and xenial
acc8201 add ubuntu 20.04 docker file
09a254d update dependencies script for ubuntu20.04 (spyne vs. python
        >= 3.7)
ab0f086 update dependencies script for ubuntu20.04
03b428d add dependencies script for ubuntu20.04
0ec6478 add dependencies script for ubuntu20.04
f635ab5 use relative path for submodules which should make to work
        both ssh and https when cloning
5f44aae initial (not working) travis support
4ad6cbb minor fixes based on sonar
d3d611e libsmcap - still for python2 ... stage1 with moving to p3
        (wip)
a5daab9 mempool - make some counters atomic and remove them from
        critical sections
3ac5287 get rid of (some) unused variables
5e669a2 avoid using global namespace: extensions to spoof by
        certstore
e6246c6 refactor logging facility and get rid of global variables
        (use singleton with smart pointers)
aca2dd6 fix various minor issues
8d7aeae ad project name to CMakeLists.txt
cdd64d6 fix proxy com dependency tree on starttls
fef712e enhance 'diag proxy session tls-info' with verify
        information, SNI, SCT and http Host: header check
ff84e65 async cleanup (commented out example code in
        MitmProxy::handle_com_response_ssl - will be removed later)
c5112c7 reflect new 60s average in meters
1a869df mitmproxy meters change - session meter is 10s average,
        total meter is 60s average
a44438b code cleanups
7201974 introducing new CLI command 'diag proxy session tls-info'
1095054 add GNU/GPL v3 license
4a5ce04 forbid SHA1 issuer signatures
7d38981 forgotten type fix
c404c81 splitting cmdserver.cpp - got a bit too big (to be
        continued...)
48f8608 code cleanups
e5ffd23 logging on steroids now
ab3e5f1 fix - don't pass non-trivial object to variadic template
        functions
3340718 code bautification
03b9e4b improve asynchronous OCSP state machine
53ebed0 wait only 3s, instead of 10s to let smithproxy start up in
        the container (could be set even lower in the future).
a224ef6 big certificate verify overhaul
70fe58f AsyncOCSP inherits from sobject
e5dc7cd fix variable type potential mismatch
67752cf untap on finish - patch fix
b6d6e59 add convenience function translating state values to strings
e2ebbc2 untap when finished
88c560a create simple WithID class providing incrementing object
        atomic ID
64b94e1 logging wording change
2d5e446 change some logging levels
8cfb245 rework resolve_identity logging
8541033 split tap() into two functions
f7010b8 change half-open timeout to 5s (was 30s)
79412bc fix ioctl accepting int (not unsigned int)
2278d26 fix async dns update logic - wait for real answer, don't
        respond with null answer
47cac94 move Service class to its header and source files
664af25 move terminate_flag to Service class
ce73ee2 some refactoring touches + making smithd start (smithd is
        not being used atm)
30e606e some code clean-ups
43bb3e0 remove legacy cfgtable global variable
51edbfb feature: smithproxy will generate fresh portal certificate
        on (re)start
6b9caa4 python code cleanups
d3cc4d7 code cleanups
880502b fixes to compile flawlessly on armhf platform
7f7fe03 fix semaphore segv in racy environments
5d0ce5f fix armhf platform glibc behavior on fstat (segv with
        nullptr arg)
e9afc39 fix dockerfile and compiler version symlinks
d4d2269 well, this should have been a number anyway
2edb786 add total sessions statistics
5f3a8ef tiny code cleanups
6057dda add valgrind to debug docker image
43546f2 add support for high number threads to valgrind service
7516e35 fix - don't reset uptime on config reload + add total bytes
        transferred to CLI "show status"
7f73882 wip - CLI improvements III
2111ed1 wip - CLI improvements II
c0d9d07 add new default certificates to make traffic work with
        newest Google Chrome
a5e3acf python certificate generator scripts improvements
58e6564 wip - create set command argument validation
9dfbc39 wip - CLI improvements - add hook to check variable value
a1ac5b8 wip - add signatures to CLI
d54eec3 wip - CLI improvements - policy support
cdb0c28 wip - CLI improvements/code generalization III
aa82df3 wip - CLI improvements/code generalization II
ce0120a wip - CLI improvements/code generalization
d738c4c wip - CLI improvements/code generalization
1b3d38f wip - generalize callback setup functions II (not working,
        don't use).
e619ac7 cli refactors and rearrangements - VII.
866e727 wip - cli refactors and rearrangements VI.
9dabdb7 wip - cli refactors and rearrangements V.
e99b13d wip - cli refactors and rearrangements IV.
2c9d8fb wip - cli refactors and rearrangements III.
d4fbca9 wip - cli refactors and rearrangements II.
e6f0d13 wip - cli refactors and rearrangements
5afb54a wip - generalize callback setup functions I.
515606a cli code cleanups
1752f10 cli improvements (and cli related fixups)
a8be642 add array as a compound value directly editable by 'set'
        (finished)
f1f5019 wip - add array as a compound value directly editable by
        'set' - I
a669467 config file - fix overusing of lists in favor to arrays
a90bbc6 docker: run smithproxy in isolated container (ie. when
        traffic is not to be tested)
06a9860 small to-const refactor
b188b3b fixes ocsp sigabort, epoll fd leak
58b80cb use cache for debug-localsrc if possible (argument for
        docker build are accepted as parameter)
830d2b3 fix AppHostCX::to_string
47d0e10 use argparse module
a41d0a7 change argparse module - original one was not really working
        well
c3ac444 make own value variables in AppHostCX::to_string - for
        better debugging
e05d73c increase initial read buffer, truncating longer UDP packets!
c725d12 make debug build optimized
d71f8ef fix typo in mktemp
b908713 add and improve some docker utility scripts
a62568d add script redirecting non-root host-originated traffic to
        smithproxy redirect ports
34e34db Merge branch 'master' of ssh://github.com/astibal/smithproxy
2024502 wip - debian dockerfiles
90c471d add some more mode docker support (wip)
5c778ab typo in docker CMD
8b61d2b Merge pull request #10 from astibal/redirworkers
af8f046 receiver redirect map - prefill it with nameservers
c3064ac set default udp/redirect listen port to 51053 - to suggest
        it's DNS-only
6795835 wip - ThreadedReceiver - if REDIRECTed, use google dns (to
        be changed)
743ea47 prepare redirect workers for udp
785fc5c make redirect n output work for tcp/ssl
8c467d4 adding infrastructure to recognize proxyy type (tproxy,
        redirect, socks, etc)
37c3ff5 verbosier error
d6bf614 small update in VerifyStatus
a2d68c3 fix: cache also failed ocsp attempts, which were erroneously
        reported with REVOKED status
372eb06 startup script interface auto-detection
993dd05 shared_ptr in subprofiles
17a7c46 more rules to apparmor profile
c787178 shared pointers for address object db
742e581 Merge pull request #9 from astibal/apparmor
b5555ad apparmor profile - works in enforce mode with default
        installation
ee0482f wip - use shared pointers in policy code IV
284fabb wip - use shared pointers in policy code II
9f02b06 wip - use shared pointers in policy code II
85ee2af wip - use shared pointers in policy code
6024ba4 refactor signatures as std::vector of shared pointers II
c805acc refactor signatures as std::vector of shared pointers
36b9db6 search for string start to match apply_setting
1ab74a3 better error log if OCSP fails to connect
b479598 new docker image tags
cfe3b14 ubuntu 18.04, ubuntu 19.10 and debian 10 build-system
        dockers
36e2f91 wip - smithproxy 0.9 new build system V
32512d9 wip - smithproxy 0.9 new build system IV
6f12a3f wip - smithproxy 0.9 new build system III
0b1aa28 wip - new 0.9 build system II
fa89058 wip - dockerfile fixes + new 0.9 build system
9e37146 dockerfile fixes
e941780 build scripts for all versions are now maintained in master
        branch only
77935d4 add back dockerfiles for 0.8
5ddc028 move infra to src/
622959a man page rewamp I
b55019e docker files structure changes for 0.9 and later
650fc55 fix smithproxy_version.h generator file paths
b5ff188 Merge pull request #8 from astibal/move2src
6d7d79d wip moving files V - fix/remove testing async OCSP code
68d4da2 wip moving files IV - fix unwanted daemon->service changes
        in string literals
c175adc wip moving files III
73b6a11 wip moving files II
31daf79 wip moving files into src/ directory and cleaning a bit
        source structure
6da47ca refactor/generalize ocsp_result cache into verify result
        cache
62c8606 implement, improve and fix asynchronous OCSP querier
748fe74 cli - allow to set all debug variables at once in 'debug set
        ...' command
a8a66c6 remove lock in place where it's not necessary
0bd4388 fix code consecutively locking 2 mutexes (without releasing)
        which leads to deadlock
602c33a fix crash when processing incomplete ClientHello
a2d1fb0 async socket implementation
b75bc4f async socket processing preparation
f4442a9 wip - CLI config/save II
64d64ab wip - CLI config/save
2ec0a47 add SigFactory
080c048 fix signal handlers
4206cca refactor/generalize ocsp_result cache into verify result
        cache
d979f83 cached OCSP verify responses now reflect TTL from response
7003275 refactor SSL certificate validation status names
0ef2512 add merge strategy to submodule update
bae4d85 cli improvements:
c68c185 Merge pull request #2 from astibal/submod
33eeb1d make socle a git submodule compatible
69a0461 add initial preparation for python scripting

### 0.9.0

bbe996c 0.9.1 version + dev flag
d25a651 use socketpair instead of pipe (should be faster),
        experimental: use 4 threads per core (2 per cpu-thread)
b4463c3 use LTO gcc optimizer (should produce a bit faster code)
e21ed95 Create another exception, prepare catch block in MasterProxy
2b015de multiple coverity fixes
646e4fc lockable improvements
963e422 Update FUNDING.yml
30bafa3 Create FUNDING.yml
d09502f Delete ccpp.yml
6c33853 Update ccpp.yml
e95bdb7 Update ccpp.yml
0a4c72c Create ccpp.yml

### Unreleased Changes



## socle

### 0.9.30

c33acbb fix FLTO to run in parallel
2b40f1a add a possibility to load fullchain.pem for custom
        certificates
21f2628 log SNI in quotes if hostname check fails
3cc5496 IP and TCP checksums are now on NOT calculated by default
268e9bf don't malloc in l4hdr_cksum, use `alloca`
2e779e4 socle - avoid expensive dynamic_cast in baseHostCX child
        tree
282c40a make blocking `send` to non-blocking with recovery attempts
091dee4 apphostcx: move flow to the heap
1705f2d add little logging level condition macro - QoL
52ace53 use portal certificate for API service (instead of default
        server cert)
f91c3c6 don't access event details without a lock!
bd410a7 make mitm and custom certificates separate caches
83a2a29 fix uninitialized certificate chain array
7e0170a make cert chain nicer as an array
46ec2ed file convenience type
73da539 rework again custom certificates - now having ability to
        custom set cert chain
8b32468 don't run init_server() more than needed
fd70ed0 raw::var add some convenience stuff
5ba4cdf rework certificate cache + support custom contexts
d81a043 certificate must be loaded first by SSLCom::init_server()
6bdc945 fix previously broken UDP receiver in 73c02ec
73c02ec fix datagram - don't allocate negative sizes
d6ef96d unify proxy logging category
87c681c make standard functions from virtuals - virtuals not needed,
        sparing cycles!
0853345 buffer - simplify dealloc code, add assign(std::string_view)
e5d3116 remove ugly locked_ code, use standard lock_guards
ac096bf add another custom certificate mechanism - target IP address
ef92f8f add infrastructure to perform SNI based certificate cache
        check
4e35822 don't fast-track server certificate  - wait for the one from
        server (peer cx)
6ab4ed1 logger type-fu, cleanup
3a108bb baseproxy will unbind peers on shutdown, but destroys cx on
        destruction
286d323 don't call on_new_socket() when accept not successful
0146e9f don't shutdown when not appropriate
2f2a872 allow peer() to reset peering if nullptr is supplied
1d05aec set sub-proxies dead if master is dead
06a4139 enable KTLS for kernel-assisted crypto in OpenSSL 3.x
caa40db introduce CA single-file bundle support
2a13bd0 add UB ASAN build support
67ace74 fix UB in threaded proxy parents
62becb2 add dynamic_cast cache into raw:: namespace
eecf4c5 make clang happier with ASAN enabled
f3d10c6 add clang support
e4fb421 fix clang reported warnings (errors with -Werror)
da8f1dc C++20 requirements
758c1ef const fu - older openssl doesn't accept const*
c2e722a loglevel - make level and topic atomic uints
cabc5e4 fdq workerpipe - fix asan reported data race
0825dd3 don't allow memPool::tryhard_available to over allocate
aa2dc90 fix smaller issue in mempool stats
ad74457 epoll fixes - asan reported problems
a01929f revamp mempool code
50423eb Add 'Coverity' cmake build type
ddce50a improve SSLFactory code
0048a1b proxymaker - use smart pointers
6af24d6 code improvements and modernization
58b0aa3 few fixes in vars, add unique::release()
8a3986d AddressInfo now has convenient constructors
5b5febd buffer - add templated convenience set_at
a5329c9 SockInfo - decouple src and dst structures
f848dd2 add utility introspecting `as_v4` and `as_v6` functions
        family into SocketInfo
d3d5f58 buffer - add utility copy_from<SZ>(index)
07a6935 evolve and modernize lockable class
d2676c3 SSLCom::read() - fix misleading debug logging message
6a6d991 to_read returns now lockbuffer now
ed0c96c baseproxy - when processing socket I/O, erase socket from
        real socket-set
8b63c66 socle should not return google nameservers as default values
ba02cc3 configurable option to compiler to unroll short loops
e9361ba remove unsupported 'z' printing formatter
d639394 refactor baseProxy::run_poll
8064bbb extend poll timeout even further
4f1fdef cosmetic changes
b371af5 remove smaller logging, formatting and conversion issues
42cb28a prevent ugly bugs in the future and lay strict rules on
        templated buffer::append()
39676e9 expiring_ptr has virtual function, therefore we should add
        also virtual d-tor
ed88174 small, quick error reporting fix - log (only) non-zero
        certificate verify results
3754990 set -Werror and -Wno-unused-variable
16b3036 small fixes in read/write limiting II
88c15bf fix read_limit() minor bugs
5bcfa51 cosmetic changes (typos, debug messages and formatting)
19127e0 apply socle changes
afc9a60 socket poller waits longer unless rescan sockets are
        enqueued
095532e socket scheduler -> worker improvements
db18027 mempool std classes variants - add mp::multiset
95f9440 fd queue scheduler smaller refactor
25471b5 make read limiting more value-safe (making it std::size_t
        optional)
314b7fc rearrangements around host::read
6089be0 some safe values and types
b76037f smaller type corrections
cbc24e6 supposedly innocent conversion fixes
8a4344a improvements in numeric system
c3c6553 some more numops II -heavy wip
0ac50c5 some more numops -heavy wip
b301a90 add again some number safety features - warning: heavy wip
9af7815 add few improvements to convert and  tests
58d0f15 fix forgotten comparison
57d4a18 improve convert.hpp
6c0fa65 let's convert numbers better and safer
8283db9 SSLFactory updates
f91e088 cleanup - remove old, commented-out code
a6ebac3 few code tidy-ups
950d44f const-fu
b9e2454 logan tweaks
259b147 remove dynamic cast and add event log when client
        certificate is requested
b9c99cc remove redundant code after previous changes
051b962 on ClientHello parse, change SNI also on the other party
afeeb39 rename/refactor SNI access functions
b7f05d7 add better reporting and handling of SSL_ERROR_SYSCALL
960c40c refactor SSLCom old code into slightly better
a353cc6 add alpn to sslcom::to_string
da7b03a logging redux
c7c8f27 fix UDP bind->connect data race
b2fc9e5 make socketinfo more usable (refactor out socket ops)
fda425c remove commented-out code
1f02126 remove deprecated calls if OpenSSL 3.x.x is used
6535897 add a small convenience string_escape feature (escape
        spaces)
b0cf7f6 refactor SSLCom::cert_detail() to virtual
        SSLCom::ssl_error_details()
03a552b implement logging event details data
db5ad0f modernize SSLFactory class
26792b5 replace guards with scope locks
fe76984 adapt socle changes in TYPENAME_ macros
dca63d4 loggermac - TYPENAME_ macro tidying   - remove static member
        variable and return class-name string directly from function
9edd61d baseProxy code cleanup - remove unused connect() blocking
        parameter
f80093b baseProxy code cleanup II - remove unused sleep code
7ddd31f baseProxy code cleanup I
a23e6c0 remove old FIXME comments, prevent lgtm to complain
6c1d6a9 flow - implement validity status, don't append more than max
        bytes
8ebe116 flow refactor 1
67fa8e1 fix dtor walking incorrect iterator  - three years old
        memory corruption on flowmatch dtor  - this is hotfix,
        vector should contain smart pointers
e4a0f2d add more events (OCSP)
ef68319 event for certificate issues
f5b67a7 introduce log events ring buffer
e62fe73 helper functions in SSLCom code in separate namespace
        socle::com::ssl
97568cf make detect bytes size smaller, 2k is just fine to trigger a
        sig or engine
d501408 set devel flag
d703120 detect OpenSSL >= 3.0.0

### 0.9.29

feccaf8 version bump
47f11f9 code cleanups
aee0b1d fix an overlooked typo in function name
e716dbc hostcx - code cleanups + socle sync
c236385 hostcx - fix name(int, bool) potential thread lock
ae734ef hostcx - don't call process_in() and process_out() on
        already seen bytes
ae71bad set dev flag
efdbaef introduce AppHostCX MODE_CONTINUOUS
70a067d smaller socle changes
66397b5 buffer::view const-fu

### 0.9.28

30d6eb4 bump version
2699937 fix peek_all
06f74ef pre_read: attempt to peek all data if reached buffer limit
a45f27f smaller changes
c4ca822 rename flow member element from flow_ to data_  - original
        name was confusing when called with flow().flow() from user
        classes
7704786 code cleanup
2e1336d buffer: add release() function
43ea396 several logan fixes
8e5546a don't allocate memory if mempool is not used
0477002 threaded worker - use smart pointers
be35e6b cmakelists - enable asan based on cmake variable
3eddfcf threads - remove on_run_round
b503d2f threads - remove on_run_round
b2846bc logging level tweaks
0151f5d signatures - use 'flow' and 'flow.match' log label
b4526ae buffer add convenience view(n) creating view from n-th byte
        to the end of the buffer
9912ba2 revert some refactoring relicts
870f470 don't add too many exchanges even thy didn't reached max
        byte limit
5070b51 add crlf when hex_dump debug info
4e6e9e9 replace hex_dump with its C++ variant
75f08a6 allow hex_print to print fake data position offset
7072725 add side_t mapping to angle brackets
cabbe45 add logan_lite context filtering feature
8e16c32 small log level change
fc88ef1 mega logan cleanup
73ba3b3 scope exit helpers
e4ba0a9 tweaks in UDP for IPv6
b080828 socle - optimize buffer handling: after certain volume move
        whole buffers
34726db hostcx: don't return view, return ref to buffer instead
56832ed code clean-ups
7f4e325 fix TCP connection vs state race
3b6a71e some mistakes have been made - fix socket to key conversion
e805f57 UDPCom tender loving care
e8a65ae Revert "refactor bootstrapping code to use smart pointers"
77282f9 refactor bootstrapping code to use smart pointers
44c1d5c add a new development option to workaround mempool
        allocation
c501a8b epoller improvements
f829d72 minor code cleanups
dcbfd7f ptr_cache refactor
27e6a33 even more shmtable cleanups
6fecb8d code cleanup in shmtable
85c8e1b signature flow data now uses unique_ptr
f5f7441 nicer function name
83a4f65 refactor tunables and add mechanism to better handle
        in-progress connect
b6e3a21 unique_ptr instead of raw pointer
47ba0e3 fix - remove orphaned UDP sockets from baseProxy::run_poll()
aa58a02 acceptors: catch more generic socle error exceptions
925e548 create_session_key: enforce positive/negative bit based on
        parameter
71f6085 rename mempool_bad_alloc to mempool_error
50aff63 toggle mempool exceptions support via MEMPOOL_NOEXCEPT
        define
c4e8b04 fix few coverity issues
dab6f5f prevent udp data race and protect also in_virt_set lock
08e7a85 epoll - don't create handler if it's nullptr
41a70a9 mark in_progress from calling thread
21a9097 convert logan singleton raw pointer to smart pointer
da03236 logan improvements
00874f6 masterproxy improvements
dc9d64d shutdown: join all child workers
c430461 make fetch_add call directly from variable
58b1c30 MasterProxy: sub-proxy spraying is now persistent
9237a3e MasterProxy: introduce sub-proxy thread spraying
7db3200 baseProxy: make `handle_socket_once` re-entrant
dfae11c add custom RAII scope variable guard
ca56486 baseHostCX: make define constants static tunables
5fe407e for compatibility reasons remove arguments for nodiscard
5459402 cosmetic improvement of proxy to_string
1c292c7 set nodiscard message on flag_set, which is not writing to
        the argument, but result is returned by value
5e680c8 make DatagramCom database created on demand on heap, not in
        global static storage
dc95abc ipv6 headers with IPV6_ORIGDSTADDR & Co are actually
        available already
899aa84 set dev flag
f7020e0 remove last uses of NULL
85aa112 actually we cannot get around reinterpret_cast
a9bf061 smaller tidy-ups
202a676 make hex_print more relaxed about arguments using templates
3a092c3 add temporary buffer helpers which allocate from mempool

### 0.9.27

b0ef94c bump stable version due to ipv6+udp hotfix
11737ce fix IPv6 UDP reverse connection binding problem preventing
        connection actually happen
4a3bcec set dev flag

### 0.9.26

5a39cb5 socle: make release 0.9.27
239b7d6 pcaplog: fix IPv6 file captures
f5dcec0 fix IPv6 transparency
01fedf3 pcapapi: write() - don't modify singleton ip hook to self
86b304d pcapapi: make IP packet hook a std::weak_ptr
54eb850 pcapapi: change ip hook API and use classic interface-like
        approach
e3174cd add support for "remote" capture only
743d11b add missing license headers
d268ea7 add gre exporter facility to set tunnel TTL
ae39800 pcaplog: add GreExporter functor struct compatible with
        pcaplog ip hook API
b2c6e4e pcaplog: change packet hook API to contain besides packet
        itslf also packet details/metadata
751b5ef pcaplog: implement packet hook mechanism
c67a3b0 rearrange writer code to be nicer
aefb4f1 pcapapi test improvement - make tun interface up
3cbc7c5 improve tainted::var
72eaed4 pcapapi: make default ttl sane (32 for inner/bare IP, 1 for
        GRE tunnels)
f1b3073 add test for sending IPv6-in-IPv4/GRE into raw socket
e753852 refactor packet builder code
40c5530 fix awkward direction in test packet builder
1672be4 add dev flag
86f7678 test also gre tunnel src/dst
815ab77 pcap encapsulation into GRE tunnel can set now src/dst
        addresses
3e5ea7a add convenience un/pack() functions
8b9ff53 add pcapng API ability to write packets inside GRE

### 0.9.24

423a248 make a new release
57e9eca add more mempool tests
8720a58 remove unused struct member
17fcb88 use std::move, use const ref
7360cb7 const ref - fu
a3515e1 add convenience RAII 'allocated' wrapper with deleter
        calling free for malloc legacy allocated elements
6913dbe don't copy logans
13a8f9c bump and mark dev

### 0.9.23

6b719a2 bump version
dd27236 udpcom: fix heap use after free
801bf53 set dev flag
69decc7 improve UDP receiver - don't call on_left_new() under
        DatagramCom::lock
72686ac improve semaphore init
8b7f7f2 fix diag message crash - format string mistake
e2b1ddf support wildcard SNI bypass notation
21c6341 add SNI bypass FQDN address object
5ee3cbc pcapapi - improve buffer handling
29f902e fix 2 crashes in debug mode

### 0.9.21

ea08f20 remove dev flag
dc9b371 bump version
1630094 fix logfile permissions to 600
f781860 fix pcaplog related crashes on exit
ae3876d fix new pcap file permissions
257707e save_XYZ_value II
d0731bf add safe_val equivalent for ull format
1961888 expose com shortname() to public
4b79fc7 bump version
40b4778 fix pcap file rollover race

### 0.9.20

85a0d63 fix pcap file rollover race

### 0.9.18

c3c674a bump versions
3ee4ea3 pcap: close the file before rolling over
3396b00 make host and proxy label a bit nicer
9536a9a pcap: comment frames on connection close
a761db2 pcap: split too large tcp segments into predefined max size
074ccf3 implement support for PCAP_SINGLE file automatic rollover
7994c82 allow pcap_single file rollover using CLI command
a92dfe9 udpcom - check and report if connect failed
fabea6f don't run so_ on negative sockets
7400fb9 make 'behind_read_warn' const value
3b19220 add convenience mkdir wrapper with logging
1147db8 stringformat - be polite and don't throw
c1a0d13 don't iterate if only first is returned
f281bf0 mempool don't copy chunk
20441f0 logan noexcept ctor (moving string only)
e4c88e4 introduce simple tainted value filter
9eeecd7 don't use buffers from fast proxy buffers (mempool)
d8986b8 fix L4 checksums + its test coverage
53a7a53 socketinfo - convenience to-inet conversions
52d58f1 stringformat.hpp - throw when realloc fails
aaf9eea fix tcp sequence number calculation
df0218c pcaplog - add support for proxy comments
a64a951 pcaplog - don't write tcp handshake if the stream was
        recreated in the meantime
3cbf60d create a new file if the currently used has been deleted
4e9e25e bump versions
24b4a07 WIP - make pcap_single work too
b6a4973 WIP - we can now write semi-correct separate PCAP files
2554574 threaded file writer - run only single worker-thread
f0ddc90 socketinfo - add to-string convenience functions
d4f31cb fix typo
47a66aa pre-allocate correct sizein save_NG*
fbc7ddd add option to hex_dump to add CR before LF
94813f8 fix nullptr reference in pool writer
d00624a WIP - pcapng files are now created, but content dump is not
        correct - TBA
6f9a853 traflog refactor next
e1c654e refactor and rename traflog to SmcapLog
4e42923 add easy non-crypto non-critical only prng
a9a1190 add missing include
6f01f08 don't waste resources on shared_ptr and use unique_ptr
        instead
c511b22 protect poolwriter ofstream by mutex
97952f5 dramatically simplify and a bit improve threaded file writer
58dd642 first and shy raw::lax use
bc24bfc file writer interface now must implement write for buffer
        too
1a901ab some buffer code cleanup
1bb5be6 add buffer ostream operator (it took so long)
1edf2b2 basetraflog must have virtual dtor
dca8951 socle::raw RAII guards
bc2eb89 traflog refactor
03db236 const-fu
e36e67b add forgotten test coverage for pcapng
9fb4d46 add pcapng writer support (including comment options)
71911df test_pcapapi - use mempool
85ab124 host cx ctor buffer initialization tweak - don't copy, just
        adjust capacity
1a7125a buffer convenience + fixes
2df1fc4 add UDP and checksum support
0bc8fa4 pcap writer major refactoring + ipv6 support
ab13960 sslcom: fix parsing rare ClientHello without extensions
        (allowed for < tls.1.3)
6316e5f WIP - add initial pcap writer
d4f815a refactor traffic and file writers
961d068 make project compile with GCC 11
195aee9 udpcom::write_to_pool - fix return value type
98ba826 SSLCom alpn callback - load this from ssl external data
        storage
2daf052 rearrange logan_lite ctors
5ca84f7 pre-create lite logans in SSLCom
7401a59 epoll minor refactor
31146a2 minor sslcom refactor 1
8b682c8 refactor tcpcom::connect to fix rare fd leak and code
        readability
7b7f147 logger improvements
e9c586d sslcom: fix and improve alpn callback
c41dd9e refactor rename 'logger' to 'LogMux' and LogOutput to 'Log'
911591a don't call hr(), it can trigger recursion
17d822c make loglevel ctors noexcept
c85433a mempool smaller tweaks
d205fd8 fix tests: LogOutput::init is missing
55adda5 initialize timeval attributes and fix types in log_if_error
9e6e5c2 update Socle README/github frontpage with API changes info
224ae8a improve tests for new peering code
ed680d4 adjust some logging levels
dd9d548 remove -Og which broke my debug sessions
6ad6f9a fix escape function inefficient string handling
d4dbff6 more type conversion and return type improvements (breaks
        API)
0435034 change IO virtual functions return type (breaks API)
3837645 peering testing more checks
9d9d27e move lock acquisition close to return
7006c1d add initial, thread safe peering infrastructure
84dd5a4 no peering.hpp yet
b6108b6 handle better epoll_wait errored sockets
2932d93 fix some coverity issues

### 0.9.17

fd9a483 fix unclosed ifdef
cde5129 bump version due to API change
d6f7a4e socle API changes
0873182 smaller com improvements
d9e81f0 use sockaddr_storage when ::accept()
459798e add string_error for custom code - don't use strerr which is
        not thread safe
558bbdf add some (compatible) optimizations into debug builds
1299211 add variable to control alpn block (filtering alpn out
        on/off); default is off
299a34f add ALPN support
03f59bd detect ALPN and prepare its support into SSLCom
62e607d add TLS parsing test suite
9cc2318 SSLCom: fix orphaned com (no owner CX) calling hr()
        triggering infinite recursion
48b4ec4 adjust poller timeout constants type to be compatible with
        std::chrono
3547027 code cleanups

### 0.9.13

9d578ce code cleanup, add socket ops convenience functions, add few
        comments and bump
9c5000e few typo-matic changes
7f16edc logger internal change + API change - now it initilizes with
        init() - call LogOutput::init() at start of main
85490b0 sanity check logoutput resource
bf80776 report setsockopt errors in TCPCom::bind
80e3e74 close socket on error
32f2bef add more tests and more cleanups into inet namespace
39f3042 code cleanups in inet namespace
ac938ee signatures - fix logic error in returning signature group
d8d04a5 expose metering info as const reference
8f4457d detect starttls only on plaintext TCP (and save few CPU
        cycles)
f86c9bc detect starttls only on first 10 client/server data
        exchanges
b93d600 wip - signatures are now separated based on their group
47aa133 signature tree overhaul - phase 1
a5f4f1c speed up signature zipping into apphostcx
a7845e4 allow apphostcx to iterate all enabled signature vectors
787e21c fix issues in SignatureTree
b8c250b bump socle version
169f609 Add SignatureTree into apphostcx
84a00a7 add strong stack protector to Release builds
0cb8c18 rearrangements in baseProxy bottleneck-handling code
d352126 few minor optimizations in baseProxy
30cf808 some baseProxy code cleanup
cb2a0fa class logging name refactor - API change
e549751 optimize-out some debug outputs using _if_deb
d121b56 remove empty interface methods and their calls
c8bc760 use unique_ptr for com_ in hostCX
ef397b6 make code clearer when ClientHello cannot be parsed
3394d95 regex - actually check return value an spare some cycles if
        no match is found
005aa46 move global loglevels into their own namespace
        socle::log::level
af90a63 remove few [[maybe_unused]] to follow previous patch
        guidelines
fa45ff0 huge -Wextra and -Wpedantic readiness code cleanup
21c5947 code cleanup in timeops
8cff287 pass log level as a reference
85d4bc2 baseHostCX adds unhandle() to remove itself from pollers on
        shutdown
c784af6 fix logger leak - should clean up target profiles in dtor
2d9b762 remove sigslot library (used only in smithdc) and use C++17
        lambdas
0eb84f0 bump version due to API changes
08bcc35 optimize some crl and ocsp ops
02fa362 fix incorrect copy assignment operator
0d72b61 constexpr values in baseProxy
3b3996a remove default argument from virtual to_string(int=iINF)
        from all places
4ff5f91 proxy - avoid calling virtual shutdown() call in destructor
7e10a5f remove deprecated logging macros
62534d1 remove deprecated logging macros + code cleanup
197d7a0 use re-entrant posix localtime_r if available
06d231c logan improvements and cleanup
8165411 fix logan copy constructor
8f1b6e1 move socle::meters to baseProxy
1694c20 improve socle::meter metering
d008097 use unsigned types in socle::meter
0ca6a62 remove UB - delete instead of free in ltventry
99fea19 comment-mark false positive memory leak for LGTM static code
        analyzer
07453ed fix traflog memory leak

### 0.9.12

d9f2492 bump to new release version
46bd8d4 memory sizing - introduce SX_MEMSIZE environmental control
        variable
2fc816c fix few coverity issues
32eb47c improve SSL_SESSION storing - fix leak on copying
45cb46f store sessionid into sslcom object
c3777de ptr_cache new contructor with MODE spec
11f89a2 introduce sizing variables
0c40328 remove CACHE_SERVER flag
6e8ff28 don't include msg and info ssl callbacks in RELEASE builds
29ab5c7 fix also signedness of poll timers
25369a7 toggle development flag in socle
8904bce fix coverity issues
9e40404 Merge pull request #6 from astibal/cache_up
756cc17 cleanup unused code
3fa22f1 refactor ptr_cache DataBlock stored as a unique_ptr instead
        of value
a40af5b fix unintentional raw formatting in print_cert()
8934abe fix DataBlock age(), ctor dtor cleanup
b08d359 tiny tidy
0c3acb1 no, debug values should not go into prod
42c8917 use lru-mode ptr_cache as certificate store - seems to work
        ok!
8bba0e2 bit better LRU refresh method, but unfortunately with lot of
        changes
e376af2 initial, counter-only lru implementation into ptr_cache
3d53328 ptr_cache - add erase test
44803b8 refactor socle ptr_cache + some coverage tests

### 0.9.11

977ee3b 0.9.12 release
ff9c60b release candidate 2
5d85e5f new readme - remove outdated information, keep it simple
dc38097 correctly propagate policy allow_* exceptions also for
        config without replacements
4efcddf correctly propagate policy allow_* exceptions also for
        config without replacements
f6358a3 strings version upgrade (keeping 0.9.11 git tag until final
        release)
057b0d6 fix cpu spikes when right connection waits for left's
        ClientHello peek
c4c31c3 avoid std::cout use in library code unless necessary
9fc067f reallocation on bailing from pool is potentially risky,
        allocate via ::malloc
122eac4 SSLFactory - pass pointers as values, store with smart
        deleter CertCacheEntry
2503d17 don't let handler_db grow - really remove entry on cleanup
ed081d0 reserve some subproxy entries in masterproxy
195fbb9 use std::map instead unordered map
bb37c2d mode post is deprecated, but detect properly at least if
        ever used
4e0c81c make static initialization properly
0aa6f98 add facility MEMPOOL_ALL to replace global new/delete to
        mempool
2bd7c81 fix crash on exit due introduced by previous fix
eb869c0 IMPORTANT FIX: memory leak in sobjectdb
d852ca5 use malloc_allocator for MEMPOOL_DEBUG map
1ea50fc for modes without MEMPOOL_ALL return to crash-less terminate
f6d98b4 mperror.hpp was missing include guardians
6bb8f8f mpallocator.hpp - move include inside guardians
6fc8cba canary.hpp missing include guardians
473e673 add MEMPOOL_ALL experimental option
a7d1555 move debug-level logging to BUILD_RELEASE only (this might
        be reverted)
305922b move templated version of string_printf to .hpp
3b27cf7 add new string_format_heap function to help troubleshoot
        mempool (and not use mempool_*)
03b09ec use std::tolower
c40ad1b add some more CT logic
3e389f4 use BioMemory in CT debugs
07c996c add into socle easy interface to openssl mem-based BIO
        (class BioMemory)
942f251 add certificate transparency support for outbound
        connections

### 0.9.10

6352195 check truncating result
bfd8942 bump version due to important fixes
50e2964 fix sigbus error due to empty mapped file

### 0.9.6

f617d91 bump versions after io2 merge
4f4bbe2 Merge pull request #5 from astibal/io2
64fb980 Merge branch 'master' into io2
334fb01 prev patch log and comments cleanup
ebc47aa move generic worker initialization to (another) parent class
7081cba make proxyType::to_string const
edad4ed delete default FdQueue ctor
07316fe small api readability improvement
5b801e3 don't call hint_socket() multiple times (it loads atomic)
90c9813 make epoll socket variable atomic (it can be modified from
        different threads)
bcb03f9 fix some theoretical deadlocks (never reproduced, detected
        by sanitizers)
4d54ee4 protect masterproxy child proxies list with a mutex
366e299 add methods to threadedreceiver
669cdae refactor and adapt proxy_type enum class into regular type
        with to_string method
15aee54 fix: reorganize embryonic info in udpcom to prevent socket
        leak
948b524 fix socket leak when removing datagram entry from proxy
3287f27 fix socket leak on embryonic already existing session
22df387 smaller cleanups
39a9b35 add canary check, enabled if MEMPOOL_DEBUG is defined
45747da create canary class to better handle with canary checks
0ff757d reserve vector sizes to avoid many reallocations
a7e18b7 use auto
c833cd0 mempool version 2.0
1743447 udp - log when writing to pool without real socket (io2
        branch relies on it).
f6f4e61 fix udp race
5756aaa fix typo
a0052b9 UDPCom::shutdown add extra check and remove virtual sockets
        from in_virt_set
b033a86 fix memory pool resource leak in receiver (udp) worker
        thread
c5eea31 cleanup
b062486 don't copy self into self
a935375 fix mempool mpdata::map() entry leak in mempool_realloc
2f97be0 logging level changes
626071d mempool improvements
6be99e4 fix memory pool exhaustion bug
bf97102 fix memory pool exhaustion bug
77688a1 udp changes
a14d18c baseProxy com() operations on virtual socket also applied on
        real socket if present
d193ee6 definitely remove on_left_new_raw_old() from
        ThreadedReceiver
b513c38 tidy
968e667 better logic to udpcom::in_readset
50ab7e7 innocent typos
6db483c make redirected udp work
74df0bc wip - don't use - don't idle out bind_sockets (they wait for
        incoming connections)
12ee1f1 wip - don't use - add idle check to baseProxy::run_timers()
7f5bbc8 udp - don't create right socket in SocketInfo
8b1773d make udp work
4cc0708 change exceptions to inherit from std::runtime_error
8fcabbc fix small typo
2067360 refactor sockaddr_storage helpers and merge them with
        packet_info into new SocketInfo struct
7f5217c wip - don't use - move embryonic state from datagram entry
        to udpcom.hpp
24549fd wip - don't use - removing some unused code and template
        args
d4849c6 fix old on_left_new_raw version
e478ec8 commit add_first_datagrams() declaration ... oops
d02b1c3 baseProxy - print/peek content of hint socket if debug is on
3aec3c3 packetinfo.cpp - unblock socket on init
c509e87 now, with individual worker hint sockets, we must read out
        hint if session/socket is already stolen (to not enter loop)
844696a wip (don't use) - whole a lot of changes to make work N:M
        acceptor:worker design
2516e86 baseProxy - add generic proxy exception
c5e0f54 baseProxy - catch runtime exceptions and die
38b058d baseProxy - don't add hint socket back to inset
5aed29d wip (don't use) - likely contains data races - sync with
        socle - UDP doesn't work (to be rewritten totally)
2dc20ef wip (don't use) - likely contains data races - UDP doesn't
        work (to be rewritten totally)
441a3c5 wip (don't use) - likely contains data races - UDP doesn't
        work (to be rewritten totally)
a51d54d smaller labels for ipv4, ipv6 and other protocols
a30062f add convenience _cons and log_simple overload for
        stringstream
e2181bd wip (don't use) - likely contains data races - sync with
        socle - UDP doesn't work (to be rewritten totally)
222ff2f wip (don't use) - likely contains data races - sync with
        socle - UDP doesn't work (to be rewritten totally)
ce08938 wip (don't use) - likely contains data races - sync with
        socle - UDP doesn't work (to be rewritten totally)
f2c7f06 wip (don't use) - likely contains data races - UDP doesn't
        work (being rewritten)
69d15be wip (don't use) - likely contains data races - mutex-protect
        bind_sockets against concurrent accept() calls
119ad28 wip (don't use) - likely contains data races - fix data race
        in protected_set in cost of copying sets via temporary
        objects
6f639db wip (don't use) - likely contains data races - fdqueue
        wrapper mix-in class FdQueueHandler
43ddf5a wip (don't use) - likely contains data races - shared socket
        queue
c79760f some rearrangements in socle
285801a create custom mutex container
b51fc66 baseProxy - adding listen() call, creating cx for already
        existing socket
3c0f9eb rename handle_cx_new to handle_sockets_accept - it better
        reflects reality
292d836 fix SNI bypass
f0bef52 replace sref with shared_ptr to hold sni bypass filter
11d8fbf formatting only (spointer and sref will be deprecated)
bb5a302 nullptr, not zero
94794e8 protect socket set with mutex
073c60f mempool - throw mempool_bad_alloc if buffers are depleted
e777e9b remove virtual sockets without handler immediately

### 0.9.5

1a48aef fix serious issue in traffic dumper
943253d 0.9.6 - fixing various issues with capture saves and ipv6
b57a5e4 fixed IPv6 issue with redirected connections via OUTPUT
ab52bfc fix strange capture file/dir permissions - allow read only
        owner and group

### 0.9.4

84a899d bump version to 0.9.5
070c6e0 allow memory allocation if bailing, cleanups need to
        allocate :/
d5a8150 add more sanitizers (commented out)
a474e45 ! while it's convenient to troubleshoot by reading from
        stdout, it might have also unwanted results   always comment
        out/remove all _cons() calls
7e14373 make UDP receivers packetized - each single session read
        won't be appended to buffer, but buffers are "chained" and
        sent separately.
80ddaa7 introduce io_read() and io_write() convenience wrapper
        methods
b948d06 prepare virtual socket feedback for queue re-run

### 0.9.3

f4ac0a1 bump version due changes in config file variable and its
        default value

### 0.9.2

3e4f2dd bump versions to 0.9.3
42efed6 fix *many* data races
839be4f add commented-out lines for thread-sanitizer
1efbd2f cleanup SSLFactory code
e08c0df improve mempool: dealloc on exit and add allocation origin
        (pool/heap)
756fa7a logan smaller code cleanups
7e04ae0 fix cmakelists: add debug flags properly and don't overwrite
        existing certificates on install
2845591 add 35k and 50k pages to mempool (remove "big" pool, which
        was no-op)
be3b8fd optimize lock by moving it closer to critical section in
        memPool::acquire()
65417ee fix rare deadlock condition in mempool_free
bda1ab9 add stats of created and deleted objects in total
ad02533 make name_ inline static
c05ff03 code cleanup and some logging minor touches
05a8ecf Merge remote-tracking branch 'origin/master'
f47267e ptr_cache: lock before erasing iterator
1d56f1c ptr_cache - lock when erasing with iterator
de3eb6f ptr_cache: override erase to take iterator as an argument
2a162f1 small rearrangements

### 0.9.1

644a060 bump version
acf6a98 clean-up in certstore
a3bb1e2 ...
6b75086 work around some compiler issues with UxCom virtual
        destructor
4a6853e uxcom doesnt have to virtual inherit
e691867 code beautification
e6be429 mempool - make some counters atomic and remove them from
        critical sections
1487974 refactor logger_level to loglevel
40c2d93 get rid of (some) unused variables
51e93e8 move old OpensSSL 1.0.0 threading setup code to
        CompatThreading class (making it untested)
cf97ed3 epoll - replace ftime with std::chrono features
105575b avoid using global namespace: extensions to spoof by
        certstore
7030db5 avoid using global namespace: crc32
73417a4 refactor logging facility and get rid of global variables
        (use singleton with smart pointers)
d624b10 fix micro-seconds in logs
4edd6b4 ad project name to CMakeLists.txt
c54c7b6 exploit the new possibility to enforce socket read with
        set_enforce(fd)
a2e094d fix smaller issue in meter - don't count incomplete score in
        curr_counter
7b3701d baseHostCX - when changing com() object, always delete
        previous one
f85e680 add a mechanism to reliably reiterate read() operation on
        socket
2ae727c add verify origin into SSLCom for better diagnostics
9922e65 remove mutexes
b538281 improve meters with scoreboard
e9b20b9 code cleanups
eaa4549 code cleanups
169857f fix non-trivial object use in variadic args
a10c0fc remove formatter lock (not needed anymore)
ba45fa9 add SSL* getter ...
a12f169 add LGPL v3 license file
42f0b2c forbid SHA1 issuer signatures
5e9726b code cleanups
00c8dfc remove forgotten logging defs
1288d95 logging on steroids now
5ad9bbb avoid __ (reserved)
370fc7c avoid __ (reserved)
93781ed don't use uninitialized variables
e33dd55 fix - don't pass non-trivial object to variadic template
        functions
35c5493 code bautification :)
8f1ff68 improve asynchronous OCSP state machine
82e27a2 big certificate verify overhaul
2cf644f monitor write when socket_state is OPENING
238bb59 big strings - move, don't copy
13db527 add convenience functions returning string representation of
        status values
17590e4 non-blocking connect should not hard-fail
802e649 fix logging
18d4b18 fix - check if ocsp response is null
4825684 cast uint to int
b01eed8 error if peercom doesn't exist
5c66e85 fix string formatting - missing .c_str()
4e7c73b epoll - remove semicolons, remove returning const-iness
4ef7b30 change some logging levels in baseproxy
d570200 add flag testing functions
75b1663 log reference could be const
750e9b9 code cleanups
992c254 fixes to compile flawlessly on armhf platform
d0589c1 fix semaphore segv in racy environments
06b6a84 remove unnecessary legacy include
2619e48 fix signed integer casting and sizes on different platforms
        I
2cb4e7d fix armhf platform glibc behavior on fstat (segv with
        nullptr arg)
dc89f90 tiny code cleanups
5efffe9 convenience "total" counter to metering class
c26f7f7 fix tolower
0527404 small to-const refactor
627089f fixes ocsp sigabort, epoll fd leak
4a16d2a Merge branch 'master' of ssh://github.com/astibal/socle
4cde00c fix AppHostCX::to_string
4fa5d1c make own value variables in AppHostCX::to_string - for
        better debugging
ab6feeb increase initial read buffer, truncating longer UDP packets!
39c1328 make debug build optimized
0add166 fix to major extent problem with UDP clashed sessions
0dac6b6 Merge pull request #4 from astibal/redirworkers
c8bf312 correct message debug level
60c75e7 make redirect map as a singleton
207b00b wip - ThreadedReceiver - if REDIRECTed, use google dns (to
        be changed)
db8eb31 trivial code cleanup
fb9ffa4 make redirect n output work for tcp/ssl
ca64507 adding infrastructure to recognize proxyy type (tproxy,
        redirect, socks, etc)
082399d Merge branch 'master' of ssh://github.com/astibal/socle
bedcab3 threadedProxyWorker interface class
994859a don't use threading yield - unnecesarry scheduling?
8764fba trivial local change in ocsp error message
9bfc706 verbosier error
cc57372 small update in VerifyStatus
9192467 fix: cache also failed ocsp attempts, which were erroneously
        reported with REVOKED status
207bc98 Merge pull request #3 from astibal/sharedsig
26afdc8 refactor signatures as std::vector of shared pointers II
44a8192 refactor signatures as std::vector of shared pointers
297b01b better error log if OCSP fails to connect
26e791d verifycert - struct .revoked attribute should be int, not
        bool
7f13643 implement, improve and fix asynchronous OCSP querier
873a970 further improve SSL performace and reliability
a19cad9 fix TLS handshake bottleneck!
1af73c0 cleanup baseCom derivates from redundant socket variables
8a335e1 fix crash when processing incomplete ClientHello
6faea54 async socket processing preparation
ee0e30a refactor/generalize ocsp_result cache into verify result
        cache
6912251 cached OCSP verify responses now reflect TTL from response
cf89eae refactor SSL certificate validation status names
0cbab43 make socle a git submodule compatible

### Unreleased Changes



## libcli

### Unreleased Changes



## lmhpp

### Unreleased Changes