|
0.9.7
+ PCRE2 and SSL/TLS code moved from plugins into main 3proxy binary; dynamic linking with ssl/pcre by default, STATIC/LIBSTATIC options for static linking
+ Unix sockets support for parent proxies, tcppm, internal listeners and -i option; abstract (fileless) unix sockets on Linux
+ ssl_client_mode = 3 to use 'secure' parent types: https, tcps, socks5s, connect+s, etc.
+ New authcache types: cacheacl, dstaddr, dstport, dsthost, dstoper, srvaddr, srvport; authcache is now configurable per service
+ Hashtables for password lists and authcache, faster password lookups
+ 3proxy_crypt: new internal password hashing replacing mycrypt
+ udppm switched to hashtables and supports multiple connections
+ SOCKSv5 UDP parent support; -Ne/-Ni NAT options
+ Docker images for more platforms, signed; DLLs signed; public cert added to build
+ Grace sleep and linger on connection close; correctly process half-closed connections
+ Allow setting internal/external network namespaces on Linux
- icqpr/OSCAR code removed
! Fix: invalid error in SSL server handshake could break service state
! Fix: invalid offset in datafilters
! Fix: invalid socket in poll() could break sockmap() on Windows
! Fix: deadlock in ftppr
! Fix: crash on standalone services
! Fix: non-initialized mutex crash under Windows
! Fix: socks v5 parent with no auth
! Fix: hanging connections in sockmap; unneeded poll in sockmap
! Fix: symbols collision with OpenSSL could lead to crash
! Fix: compatibility with older SSL versions and older Windows (7 and below)
! Multiple minor bugfixes and code cleanup
0.9.6
+ ssl_client and multiple configuration options added to SSLPlugin, SSLPlugin code significantly improved and bugfixed. See https://github.com/3proxy/3proxy/wiki/SSLPlugin. 3proxy can now be used as stunnel replacement for many scenarios.
+ HAProxy proxy protocol v1 support as client and server, add -H option for service to expect HA proxy v1 protocol header, use ha parent type: parent 1000 ha 0.0.0.0 0 to send v1 header.
+ tlspr is supported in auto
+ tlspr supports -s option, it breaks HELLO packet to prevent some DPIs from detecting SNI
+ maxseg configuration option and TCP_MAXSEG socket flag support added. It sets maximum size of TCP segment to fix PathMTU discovery problems
+ -Ne / -Ni options added to specify external / internal NAT address for SOCKSv5
+ cmake environment added
! External pcre2 (pcre2-8) library is used for PCRE, pcre code is removed from 3proxy
! Multiple minor bugfixes%
0.9.5
!!Security fix: proxy can potentially crash on on some platforms due to overlapping regions in strcpy()
+ new proxy service type: tlspr - SNI proxy, may also be used as parent tls type, sniffs hostname from TLS handhake, read more
+ new proxy service type: auto - autodetect proxy type between proxy and socks
+ SSLPlugin is rewritten, production-ready, supports TLS (SSL) server (may be used to create https:// type proxy), certificates checks and cypher options, read more
+ -g option is added for grace delay to reduce CPU load, read more
! Multiple minor bugfixes
! More supported sockets options
0.9.4
! Fix: invalid handling of '-' character in ACL hostname
! Fix: minor bugfixes and improvements
+ parentretry command added (defaults to 2) to retry connections to parent proxies
- icqpr related code (OSCAR proxy) removed, due to drop of OSCAR support by messengers
0.9.3
Bugfixes:
Fixed: systemd description file (proxy may fail to start after reboot or via systemctl)
Fixed: group/account creation in installation scripts
Fixed: countall/nocounall do not work in some configurations
Fixed: counters do not work if counter file is not specified
Fixed: counters without rotation (type N) are incorrectly shown in web admin interface
Fixed: %n may be incomplete or missed in long log records
Fixed: connect back functionality does not work
Improvements:
+ Docker builds
0.9.2
Bugfixes:
Fixed: bandwidth limiters (once again)
Fixed: data filtering plugins (PCREPlugin, SSLPlugin). SSLPlugin use on Linux requires to disable splice (-s0)
FIxed: standalone proxies do not react on HUP (Ctrl+C) in Linux/Unix
Fixed: few minor bugs
Improvements:
+ deb for arm platforms (experimental)
+ Openssl 1.1 support for SSLPlugin
0.9.1 - bugfix release
Bugfixes:
Fixed: socket may be closed before all data received/sent
Fixed: bandlimin non-working
Fixed: countall/nocountall
Fixed: few race conditions
0.9 intoduces socket options including interface binding for Linux, connection limits and connection ratelimits, user session binding to IP,
zero-copy mode for Linux, multiple IPv6 improvements, preliminary RADIUS support, ARM support for Windows.
It's recommended to update to 0.9 branch from any older versions.
0.9 now is a stable branch, 10 is a development branch, security-related fixes will be backported to 0.8 branch.
Download: http://3proxy.ru/download/
|