Skip to content

fix: mmtls#37

Merged
joshrmcdaniel merged 6 commits into
developfrom
fix/websocket
May 30, 2026
Merged

fix: mmtls#37
joshrmcdaniel merged 6 commits into
developfrom
fix/websocket

Conversation

@joshrmcdaniel

@joshrmcdaniel joshrmcdaniel commented May 30, 2026

Copy link
Copy Markdown
Owner
  • add mmtls tunneling
  • timeout websocket after a certain time

@joshrmcdaniel joshrmcdaniel self-assigned this May 30, 2026
@joshrmcdaniel joshrmcdaniel mentioned this pull request May 30, 2026
Merged
@zeropath-ai

zeropath-ai Bot commented May 30, 2026
edited
Loading

Copy link
Copy Markdown

No security or compliance issues detected. Reviewed everything up to efc096a.

Security Overview
Detected Code Changes
Change Type Relevant files
Bug Fix CHANGELOG.md
    Fix WebSocket / protocol-upgrade connections hanging
    Exclude hosts performing a plain-HTTP protocol upgrade from blind-tunneling
    Warn when opaque upgrade is seen for non-excluded host
privaxy/src/server/proxy/mitm.rs
    Tunnel HTTP upgrade for excluded hosts
privaxy/src/server/proxy/serve.rs
    Forward upstream's actual response if not 101 Switching Protocols
Configuration changes Dockerfile
    Add COMPILE_MODE argument to Dockerfile
privaxy/src/resources/proxy.pac.tera
    Add host IP address check for DIRECT rule in PAC file
Refactor filterlists-api/src/lib.rs
    Simplify filter ID extraction
privaxy/src/server/lib.rs
    Add connect timeout and keepalive to HTTP connector
    Disable idle pooling for Hyper client
privaxy/src/server/proxy/mitm.rs
    Extract is_opaque_upgrade helper function
    Implement tunnel_http_upgrade function
    Implement bridge_http_upgrade function
    Implement read_past_response_headers function
    Implement pipe function
privaxy/src/server/proxy/serve.rs
    Add logging for upgrade failures
    Add logging for upstream upgrade request failures

@joshrmcdaniel joshrmcdaniel merged commit 53b6102 into develop May 30, 2026
16 of 17 checks passed
@joshrmcdaniel joshrmcdaniel deleted the fix/websocket branch May 30, 2026 20:51
joshrmcdaniel added a commit that referenced this pull request May 30, 2026
@joshrmcdaniel
0.7.1 (#29)
ec2de20 
* add mipsbe (#26)

* add mips be

* release ci

* tag

* ci

* v4

* ci

* fix: correct adblock request typing, trim report-only CSP, and package MIPS debs/rpms (#27)

* request type from Sec-Fetch-Dest; capped block log line; report-only CSP no longer augmented

* request_type threaded into the engine check

* mips

* format

* fix host blocking

* keep filters on reload

* fix: cookie not invalidated (#28)

* fix auth

* fix blocking button

* bump to 0.7.1

* doh (#30)

* doh

* fmt

* Feature/doh (#31)

* doh

* fmt

* Forgot doh lol

* http2 adaptive window, add connect timeout (#32)

* filter validation (#33)

* docs: update docs (#34)

* docs

* ci

* feature/fix: css scriptlet, fix js scriptlet (#35)

* add css support, fix scriptlets

* debug setting entry

* changelog

* debug frontned

* feature: logging (#36)

* add css support, fix scriptlets

* debug setting entry

* changelog

* debug frontned

* logging

* changelog

* fix: mmtls (#37)

* mmtls tunneling

* timeout socket

* docs

* pac optimization

* buildmode arg

* lint rule
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@joshrmcdaniel joshrmcdaniel

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@joshrmcdaniel