Open laoshaw opened 3 years ago
basic info:
sslsplit -V SSLsplit 0.5.5 (built 2020-11-17) Copyright (c) 2009-2019, Daniel Roethlisberger <daniel@roe.ch> https://www.roe.ch/SSLsplit Build info: V:FILE HDIFF:0 N:83c4edf Features: -DHAVE_NETFILTER -DWITHOUT_MIRROR NAT engines: netfilter* tproxy netfilter: IP_TRANSPARENT IP6T_SO_ORIGINAL_DST Local process info support: no compiled against OpenSSL 1.1.1h 22 Sep 2020 (1010108f) rtlinked against OpenSSL 1.1.1h 22 Sep 2020 (1010108f) OpenSSL has support for TLS extensions TLS Server Name Indication (SNI) supported OpenSSL is thread-safe with THREADID OpenSSL has engine support Using SSL_MODE_RELEASE_BUFFERS SSL/TLS protocol availability: tls10 tls11 tls12 SSL/TLS algorithm availability: !SHA0 RSA DSA ECDSA DH ECDH EC OpenSSL option availability: SSL_OP_NO_COMPRESSION SSL_OP_NO_TICKET SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION SSL_OP_TLS_ROLLBACK_BUG compiled against libevent 2.1.11-stable rtlinked against libevent 2.1.11-stable 1 CPU cores detected uname Linux kernel 5.4.75 mips GNU/Linux openssl version: 1.1.11h libevent version: 2.1.11
Debug mode works as expected on the router, daemon mode always gave ssl-certificate warnings.
Afaik, there shouldn't be any such difference between debug and daemon modes. Can you enable the DEBUG_PROXY switch in GNUmakefile, recompile, try and see if it provides further info?
basic info:
Debug mode works as expected on the router, daemon mode always gave ssl-certificate warnings.