From: Renaud Allard Subject: Re: Fwd: [update] net/sniproxy 0.7.0 To: ports@openbsd.org Date: Wed, 1 Oct 2025 15:32:41 +0200 On 10/1/25 3:27 PM, Stuart Henderson wrote: > On 2025/10/01 12:47, Stuart Henderson wrote: >> On 2025/10/01 13:34, Renaud Allard wrote: >>> >>> >>> On 10/1/25 1:23 PM, Stuart Henderson wrote: >>>>> -CONFIGURE_ARGS = --disable-rpath >>>>> +CONFIGURE_ARGS = --disable-rpath --enable-dns >>>> >>>> separate line for each CONFIGURE_ARGS entry please >>>> >>> I have done that >>> >>>> pcre dependency needs changing >>>> >>>> sniproxy-0.7.0(net/sniproxy): >>>> Missing lib: pcre2-8.0 (/usr/local/sbin/sniproxy) (NOT REACHABLE) >>>> Extra: pcre.3 >>>> >>> >>> It seems that if you build on a system with both pcre and pcre2 installed, >>> it does this. >>> LIB_DEPENDS lists pcre, not pcre2. >>> How can I restrict it to pcre and not pcre2? >> >> You can't do this via the port. You will either have to patch or pass >> the relevant info to autoconf. >> >> devel/pcre is EoL anyway though. >> >> "The older, but still widely deployed PCRE library, originally released >> in 1997, is at version 8.45. This version of PCRE is now at end of life, >> and is no longer being actively maintained. Version 8.45 is expected to >> be the final release of the older PCRE library, and new projects should >> use PCRE2 instead. However, it's still found in various legacy systems >> and some platforms, including certain services that continue to use the >> original PCRE for compatibility reasons." >> > > also noticed, there isn't really much difference between your fork and > the original upstream developer's version, especially if we ignore the > non-OpenBSD-related change (IP_TRANSPARENT).. it would feel a bit better > to me if it used the original but with the changes required for OpenBSD > added in port patches instead... > Yes, it used to be a little bit more different, but the original version has now merged most of the changes, except OpenBSD related ones. > diff -wur dlundquist-sniproxy-0.7.0/ChangeLog renaud-sniproxy-0.7.0/ChangeLog > --- dlundquist-sniproxy-0.7.0/ChangeLog 2025-09-05 03:52:46.000000000 +0100 > +++ renaud-sniproxy-0.7.0/ChangeLog 2025-09-25 10:50:11.000000000 +0100 > @@ -1,20 +1,58 @@ > -2025-09-04 Dustin Lundquist > +2025-09-04 Renaud Allard > 0.7.0 Release > > - * Deprecate project > * Cleanup autoconf > * Require autoconf 2.71 > * Require explicit --enable-dns for DNS resolution functionality > - * Add support for libpcre2 as an alternative to the older libpcre3 > * Relax HTTP header parsing to accept CRLF or plain LF > * Fix missing stdlib.h include > * Fix various warnings reported by gcc 14 and clang 19 compilers > > -2023-03-16 Dustin Lundquist > - 0.6.1 Release > +2023-01-31 Renaud Allard > + 0.6.8 Release > > * Fix buffer overflow in address module > - * Fix tests > + * Fix tests in Debian 11 > + > +2023-01-31 Renaud Allard > + 0.6.7 Release > + > + * Fix a warning with clang15 and update old functions > + > +2023-01-30 Renaud Allard > + 0.6.6 Release > + > + * Make proper error codes for unveil > + > +2021-03-11 Renaud Allard > + 0.6.5 Release > + > + * Add cpath and unix to plegde call for OpenBSD > + * Add unveil protections for OpenBSD > + * Remove -Wpedantic as it fails on OpenBSD base-gcc > + > +2021-03-01 Renaud Allard > + 0.6.4 Release > + > + * Add wpath and unix to plegde call for OpenBSD > + * fix ipv6 transparent proxy > + > +2021-02-24 Renaud Allard > + 0.6.3 Release > + > + * Accept CRLF and LF in HTTP headers, fix buffer overflow error. > + * Add plegde call for OpenBSD > + > +2021-02-20 Renaud Allard > + 0.6.2 Release > + > + * Change the default user/group > + > +2021-02-20 Renaud Allard > + 0.6.1 Release > + > + * Fixes for some security issues > + * Fix for compilation with modern compilers > > 2018-12-05 Dustin Lundquist > 0.6.0 Release > diff -wur dlundquist-sniproxy-0.7.0/README renaud-sniproxy-0.7.0/README > --- dlundquist-sniproxy-0.7.0/README 2025-09-05 03:52:46.000000000 +0100 > +++ renaud-sniproxy-0.7.0/README 2025-09-25 10:50:11.000000000 +0100 > @@ -166,3 +166,12 @@ > UDNS uses a single UDP socket for all queries, so it is recommended you use a > local caching DNS resolver (with a single socket each DNS query is protected by > spoofing by a single 16 bit query ID, which makes it relatively easy to spoof). > + > + > +OpenBSD specific behaviour > +-------------------------- > + > +On OpenBSD, sniproxy is protected by pledge(2) and unveil(2). > +Therefore, the configuration file must be /etc/sniproxy.conf, unix sockets > +must be in /var/www/sockets and logs must be in /var/log. Also, sniproxy PID > +file must be /var/run/sniproxy.pid > diff -wur dlundquist-sniproxy-0.7.0/README.md renaud-sniproxy-0.7.0/README.md > --- dlundquist-sniproxy-0.7.0/README.md 2025-09-05 03:52:46.000000000 +0100 > +++ renaud-sniproxy-0.7.0/README.md 2025-09-25 10:50:11.000000000 +0100 > @@ -166,3 +166,12 @@ > UDNS uses a single UDP socket for all queries, so it is recommended you use a > local caching DNS resolver (with a single socket each DNS query is protected by > spoofing by a single 16 bit query ID, which makes it relatively easy to spoof). > + > + > +OpenBSD specific behaviour > +-------------------------- > + > +On OpenBSD, sniproxy is protected by pledge(2) and unveil(2). > +Therefore, the configuration file must be /etc/sniproxy.conf, unix sockets > +must be in /var/www/sockets and logs must be in /var/log. Also, sniproxy PID > +file must be /var/run/sniproxy.pid > diff -wur dlundquist-sniproxy-0.7.0/configure.ac renaud-sniproxy-0.7.0/configure.ac > --- dlundquist-sniproxy-0.7.0/configure.ac 2025-09-05 03:52:46.000000000 +0100 > +++ renaud-sniproxy-0.7.0/configure.ac 2025-09-25 10:50:11.000000000 +0100 > @@ -3,6 +3,8 @@ > > AC_PREREQ([2.71]) > AC_INIT([sniproxy],[0.7.0]) > +AC_CONFIG_SRCDIR([src/sniproxy.c]) > +AC_CONFIG_MACRO_DIR([m4]) > AM_INIT_AUTOMAKE([subdir-objects]) > AM_SILENT_RULES([yes]) > AC_USE_SYSTEM_EXTENSIONS > diff -wur dlundquist-sniproxy-0.7.0/debian/changelog renaud-sniproxy-0.7.0/debian/changelog > --- dlundquist-sniproxy-0.7.0/debian/changelog 2025-09-05 03:52:46.000000000 +0100 > +++ renaud-sniproxy-0.7.0/debian/changelog 2025-09-25 10:50:11.000000000 +0100 > @@ -9,14 +9,55 @@ > * Fix missing stdlib.h include > * Fix various warnings reported by gcc 14 and clang 19 compilers > > - -- Dustin Lundquist Thu, 04 Sep 2025 16:37:25 -0700 > + -- Renaud Allard Thu, 25 Sep 2025 11:48:00 +0200 > > -sniproxy (0.6.1) unstable; urgency=high > +sniproxy (0.6.8) unstable; urgency=high > > * Fix buffer overflow in address module > - * Fix tests > + * Fix tests in Debian 11 > > - -- Dustin Lundquist Thu, 16 Mar 2023 21:53:48 -0700 > +sniproxy (0.6.7) unstable; urgency=low > + > + * Fix a warning with clang15 and update old functions > + > +sniproxy (0.6.6) unstable; urgency=low > + > + * Print proper unveil errors (no influence for linux) > + > +sniproxy (0.6.5) unstable; urgency=medium > + > + * Add cpath and unix to plegde call for OpenBSD > + * Add unveil protections for OpenBSD > + * Remove -Wpedantic as it fails on OpenBSD base-gcc > + > + -- Renaud Allard Wed, 11 Mar 2021 12:00:00 +0200 > + > +sniproxy (0.6.4) unstable; urgency=medium > + > + * Add wpath and unix to plegde call for OpenBSD > + * fix ipv6 transparent proxy > + > + -- Renaud Allard Wed, 01 Mar 2021 14:10:00 +0200 > + > +sniproxy (0.6.3) unstable; urgency=medium > + > + * Accept CRLF and LF in HTTP headers, fix buffer overflow error. > + * Add plegde call for OpenBSD > + > + -- Renaud Allard Wed, 24 Feb 2021 13:50:00 +0200 > + > +sniproxy (0.6.2) unstable; urgency=medium > + > + * Change the default user/group > + > + -- Renaud Allard Sat, 22 Feb 2021 09:00:00 +0200 > + > +sniproxy (0.6.1) unstable; urgency=medium > + > + * Fixes for some security issues > + * Fix for compilation with modern compilers > + > + -- Renaud Allard Sat, 22 Feb 2021 09:00:00 +0200 > > sniproxy (0.6.0) unstable; urgency=medium > > diff -wur dlundquist-sniproxy-0.7.0/redhat/sniproxy.spec renaud-sniproxy-0.7.0/redhat/sniproxy.spec > --- dlundquist-sniproxy-0.7.0/redhat/sniproxy.spec 2025-09-05 03:52:46.000000000 +0100 > +++ renaud-sniproxy-0.7.0/redhat/sniproxy.spec 2025-09-25 10:50:11.000000000 +0100 > @@ -5,7 +5,7 @@ > > Group: System Environment/Daemons > License: BSD > -URL: https://github.com/dlundquist/sniproxy > +URL: https://github.com/renaudallard/sniproxy > Source0: %{name}-%{version}.tar.gz > BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) > > @@ -43,22 +43,41 @@ > %{_mandir}/man8/sniproxy.8.gz > %{_mandir}/man5/sniproxy.conf.5.gz > > - > - > %changelog > -* Thu Sep 4 2024 Dustin Lundquist 0.7.0-1 > -- Deprecate project > +* Thu Sep 25 2025 Renaud Allard 0.7.0 > - Cleanup autoconf > - Require autoconf 2.71 > - Require explicit --enable-dns for DNS resolution functionality > -- Add support for libpcre2 as an alternative to the older libpcre3 > - Relax HTTP header parsing to accept CRLF or plain LF > - Fix missing stdlib.h include > - Fix various warnings reported by gcc 14 and clang 19 compilers > > -* Thu Mar 16 2023 Dustin Lundquist 0.6.1-1 > +* Tue, 31 Jan 2023 Renaud Allard 0.6.8 > - Fix buffer overflow in address module > -- Fix tests > +- Fix tests in Debian 11 > +* Tue, 31 Jan 2023 Renaud Allard 0.6.7 > +- Fix a warning with clang15 and update old functions > +* Mon, 30 Jan 2023 Renaud Allard 0.6.6 > +- Print proper unveil errors (no influence for linux) > +* Mon, 11 Mar 2021 Renaud Allard 0.6.5 > +- Add cpath and unix to plegde call for OpenBSD > +- Add unveil protections for OpenBSD > +- Remove -Wpedantic as it fails on OpenBSD base-gcc > + > +* Mon, 01 Mar 2021 Renaud Allard 0.6.4 > +- Add wpath and unix to plegde call for OpenBSD > +- fix ipv6 transparent proxy > + > +* Wed, 24 Feb 2021 Renaud Allard 0.6.3 > +- Accept CRLF and LF in HTTP headers, fix buffer overflow error > +- Add plegde call for OpenBSD > + > +* Sat 22 Feb 2021 Renaud Allard 0.6.2 > +- Change the default user/group > + > +* Sat 22 Feb 2021 Renaud Allard 0.6.1 > +- Fixes for some security issues > +- Fix for compilation with modern compilers > > * Wed Dec 5 2018 Dustin Lundquist 0.6.0-1 > - PROXY v1 protocol support > diff -wur dlundquist-sniproxy-0.7.0/sniproxy.conf renaud-sniproxy-0.7.0/sniproxy.conf > --- dlundquist-sniproxy-0.7.0/sniproxy.conf 2025-09-05 03:52:46.000000000 +0100 > +++ renaud-sniproxy-0.7.0/sniproxy.conf 2025-09-25 10:50:11.000000000 +0100 > @@ -2,8 +2,8 @@ > # lines that start with # are comments > # lines with only white space are ignored > > -user nobody > -group nogroup > +user _sniproxy > +group _sniproxy > > # PID file, needs to be placed in directory writable by user > pidfile /var/run/sniproxy.pid > @@ -47,7 +47,7 @@ > # Global access log for all listeners > access_log { > # Same options as error_log > - filename /tmp/sniproxy-access.log > + filename /var/log/sniproxy-access.log > } > > # blocks are delimited with {...} > diff -wur dlundquist-sniproxy-0.7.0/src/Makefile.am renaud-sniproxy-0.7.0/src/Makefile.am > --- dlundquist-sniproxy-0.7.0/src/Makefile.am 2025-09-05 03:52:46.000000000 +0100 > +++ renaud-sniproxy-0.7.0/src/Makefile.am 2025-09-25 10:50:11.000000000 +0100 > @@ -1,4 +1,5 @@ > -AM_CFLAGS = -fno-strict-aliasing -Wall -Wextra -Wpedantic -Wwrite-strings > +AM_CPPFLAGS = $(LIBEV_CFLAGS) $(LIBPCRE_CFLAGS) $(LIBUDNS_CFLAGS) > +AM_CFLAGS = -fno-strict-aliasing -Wall -Wextra -Wwrite-strings > > sbin_PROGRAMS = sniproxy > > diff -wur dlundquist-sniproxy-0.7.0/src/cfg_tokenizer.c renaud-sniproxy-0.7.0/src/cfg_tokenizer.c > --- dlundquist-sniproxy-0.7.0/src/cfg_tokenizer.c 2025-09-05 03:52:46.000000000 +0100 > +++ renaud-sniproxy-0.7.0/src/cfg_tokenizer.c 2025-09-25 10:50:11.000000000 +0100 > @@ -62,7 +62,7 @@ > default: > /* Rewind one byte, so next_word() can fetch from > * the beginning of the word */ > - fseek(config, -1, SEEK_CUR); > + fseeko(config, -1, SEEK_CUR); > > token_len = next_word(config, buffer, buffer_len); > if (token_len <= 0) > @@ -116,7 +116,7 @@ > if (quoted == 0) { > /* rewind the file one character, so we don't eat > * part of the next token */ > - fseek(file, -1, SEEK_CUR); > + fseeko(file, -1, SEEK_CUR); > > buffer[len] = '\0'; > len++; > diff -wur dlundquist-sniproxy-0.7.0/src/config.c renaud-sniproxy-0.7.0/src/config.c > --- dlundquist-sniproxy-0.7.0/src/config.c 2025-09-05 03:52:46.000000000 +0100 > +++ renaud-sniproxy-0.7.0/src/config.c 2025-09-25 10:50:11.000000000 +0100 > @@ -238,13 +238,13 @@ > } > > if (parse_config(config, file, global_grammar) <= 0) { > - intmax_t whence = ftell(file); > + off_t whence = ftello(file); > char line[256]; > > - err("error parsing %s at %jd near:", filename, whence); > - fseek(file, -20, SEEK_CUR); > + err("error parsing %s at %jd near:", filename, (intmax_t)whence); > + fseeko(file, -20, SEEK_CUR); > for (int i = 0; i < 5; i++) > - err(" %jd\t%s", ftell(file), fgets(line, sizeof(line), file)); > + err(" %jd\t%s", (intmax_t)ftello(file), fgets(line, sizeof(line), file)); > > free_config(config, loop); > config = NULL; > diff -wur dlundquist-sniproxy-0.7.0/src/connection.c renaud-sniproxy-0.7.0/src/connection.c > --- dlundquist-sniproxy-0.7.0/src/connection.c 2025-09-05 03:52:46.000000000 +0100 > +++ renaud-sniproxy-0.7.0/src/connection.c 2025-09-25 10:50:11.000000000 +0100 > @@ -635,8 +635,45 @@ > if (con->listener->transparent_proxy && > con->client.addr.ss_family == con->server.addr.ss_family) { > #ifdef IP_TRANSPARENT > + int result; > + /* Make an IPv6 socket if necessary and purge ::ffff: from the v6-mapped address > + * We need to take out the ffff because otherwise it'll be IPv4 on the wire. > + * The result is a connection from IPv6 address ::, > + * The return traffic can be marked with nftables in ip6 mangle PREROUTING: > + * socket transparent 1 mark set 0x1 > + * and then routed to sniproxy using a separate routing table (e.g table 100): > + * ip -6 rule add fwmark 0x1 lookup 100 > + * ip -6 route add local ::/96 dev lo table 100 > + */ > + struct in6_addr *saddr = &((struct sockaddr_in6 *)&con->client.addr)->sin6_addr; > + if (con->client.addr.ss_family == AF_INET6 && > + con->server.addr.ss_family == AF_INET6) > + if (saddr->s6_addr[0] == 0 && > + saddr->s6_addr[1] == 0 && > + saddr->s6_addr[2] == 0 && > + saddr->s6_addr[3] == 0 && > + saddr->s6_addr[4] == 0 && > + saddr->s6_addr[5] == 0 && > + saddr->s6_addr[6] == 0 && > + saddr->s6_addr[7] == 0 && > + saddr->s6_addr[8] == 0 && > + saddr->s6_addr[9] == 0 && > + saddr->s6_addr[10] == 0xff && > + saddr->s6_addr[11] == 0xff) { > + > + /* Turn (e.g.) IPv4 ::ffff:192.0.2.1 into IPv6 ::192.0.2.1 */ > + saddr->s6_addr[10] = 0; > + saddr->s6_addr[11] = 0; > + } > + > + /* We want an IPv6 transparent socket */ > int on = 1; > - int result = setsockopt(sockfd, SOL_IP, IP_TRANSPARENT, &on, sizeof(on)); > + result = setsockopt(sockfd, SOL_IPV6, IPV6_TRANSPARENT, &on, sizeof(on)); > + } else { > + /* We want an IPv4 transparent socket */ > + int on = 1; > + result = setsockopt(sockfd, SOL_IP, IP_TRANSPARENT, &on, sizeof(on)); > + } > #else > int result = -EPERM; > /* XXX error: not implemented would be better, but this shouldn't be > @@ -812,13 +849,13 @@ > con->query_handle = NULL; > con->use_proxy_header = 0; > > - con->client.buffer = new_buffer(4096, loop); > + con->client.buffer = new_buffer(16384, loop); > if (con->client.buffer == NULL) { > free_connection(con); > return NULL; > } > > - con->server.buffer = new_buffer(4096, loop); > + con->server.buffer = new_buffer(16384, loop); > if (con->server.buffer == NULL) { > free_connection(con); > return NULL; > diff -wur dlundquist-sniproxy-0.7.0/src/sniproxy.c renaud-sniproxy-0.7.0/src/sniproxy.c > --- dlundquist-sniproxy-0.7.0/src/sniproxy.c 2025-09-05 03:52:46.000000000 +0100 > +++ renaud-sniproxy-0.7.0/src/sniproxy.c 2025-09-25 10:50:11.000000000 +0100 > @@ -71,6 +71,35 @@ > rlim_t max_nofiles = 65536; > int opt; > > + #ifdef __OpenBSD__ > + if (unveil("/etc/sniproxy.conf", "r") != 0) { > + perror("unveil /etc/sniproxy.conf"); > + exit(1); > + } > + if (unveil("/var/run/sniproxy.pid", "rwc") != 0) { > + perror("unveil /var/run/sniproxy.pid"); > + exit(1); > + } > + if (unveil("/var/log", "rwc") != 0) { > + perror("unveil /var/log"); > + exit(1); > + } > + if (unveil("/var/www/sockets", "rw") != 0) { > + perror("unveil /var/www/sockets"); > + exit(1); > + } > + if (unveil(NULL, NULL) != 0) { > + perror("unveil"); > + exit(1); > + } > + > + if (pledge("stdio getpw inet dns rpath proc id" > + " wpath cpath unix", NULL) == -1) { > + fprintf(stderr, "%s: pledge: %s\n", argv[0], strerror(errno)); > + exit(1); > + } > + #endif > + > while ((opt = getopt(argc, argv, "fc:n:V")) != -1) { > switch (opt) { > case 'c': > diff -wur dlundquist-sniproxy-0.7.0/src/tls.c renaud-sniproxy-0.7.0/src/tls.c > --- dlundquist-sniproxy-0.7.0/src/tls.c 2025-09-05 03:52:46.000000000 +0100 > +++ renaud-sniproxy-0.7.0/src/tls.c 2025-09-25 10:50:11.000000000 +0100 > @@ -201,7 +201,7 @@ > /* Check if it's a server name extension */ > if (data[pos] == 0x00 && data[pos + 1] == 0x00) { > /* There can be only one extension of each type, so we break > - our state and move p to beinnging of the extension here */ > + our state and move p to beginning of the extension here */ > if (pos + 4 + len > data_len) > return -5; > return parse_server_name_extension(data + pos + 4, len, hostname); > diff -wur dlundquist-sniproxy-0.7.0/tests/bad_dns_request_test renaud-sniproxy-0.7.0/tests/bad_dns_request_test > --- dlundquist-sniproxy-0.7.0/tests/bad_dns_request_test 2025-09-05 03:52:46.000000000 +0100 > +++ renaud-sniproxy-0.7.0/tests/bad_dns_request_test 2025-09-25 10:50:11.000000000 +0100 > @@ -60,7 +60,7 @@ > $socket->send($request); > > my $buffer; > - $socket->recv($buffer, 4096); > + $socket->recv($buffer, 16388); > > $socket->close(); > > diff -wur dlundquist-sniproxy-0.7.0/tests/bad_request_test renaud-sniproxy-0.7.0/tests/bad_request_test > --- dlundquist-sniproxy-0.7.0/tests/bad_request_test 2025-09-05 03:52:46.000000000 +0100 > +++ renaud-sniproxy-0.7.0/tests/bad_request_test 2025-09-25 10:50:11.000000000 +0100 > @@ -282,7 +282,7 @@ > $socket->send($request); > > my $buffer; > - $socket->recv($buffer, 4096); > + $socket->recv($buffer, 16384); > > $socket->close(); > > diff -wur dlundquist-sniproxy-0.7.0/tests/buffer_test.c renaud-sniproxy-0.7.0/tests/buffer_test.c > --- dlundquist-sniproxy-0.7.0/tests/buffer_test.c 2025-09-05 03:52:46.000000000 +0100 > +++ renaud-sniproxy-0.7.0/tests/buffer_test.c 2025-09-25 10:50:11.000000000 +0100 > @@ -127,7 +127,7 @@ > struct Buffer *buffer; > int read_fd, write_fd; > > - buffer = new_buffer(4096, EV_DEFAULT); > + buffer = new_buffer(16384, EV_DEFAULT); > > read_fd = open("/dev/zero", O_RDONLY); > if (read_fd < 0) { > @@ -155,7 +155,7 @@ > char output[sizeof(input)]; > int len; > > - buffer = new_buffer(4096, EV_DEFAULT); > + buffer = new_buffer(16384, EV_DEFAULT); > len = buffer_push(buffer, input, sizeof(input)); > assert(len == sizeof(input)); > > diff -wur dlundquist-sniproxy-0.7.0/tests/connection_reset_test renaud-sniproxy-0.7.0/tests/connection_reset_test > --- dlundquist-sniproxy-0.7.0/tests/connection_reset_test 2025-09-05 03:52:46.000000000 +0100 > +++ renaud-sniproxy-0.7.0/tests/connection_reset_test 2025-09-25 10:50:11.000000000 +0100 > @@ -42,8 +42,8 @@ > "\r\n"); > > # Send a bunch of data (more that will be buffered by the kernel > - for (my $i = 0; $i < 4096; $i++) { > - $client->send('x' x 4096); > + for (my $i = 0; $i < 16384; $i++) { > + $client->send('x' x 16384); > } > $client->close(); > exit; > @@ -76,9 +76,9 @@ > "\r\n"); > > my $buffer; > - $socket->recv($buffer, 4096); > - $socket->recv($buffer, 4096); > - $socket->recv($buffer, 4096); > + $socket->recv($buffer, 16384); > + $socket->recv($buffer, 16384); > + $socket->recv($buffer, 16384); > > $socket->close(); > > diff -wur dlundquist-sniproxy-0.7.0/tests/fallback_test renaud-sniproxy-0.7.0/tests/fallback_test > --- dlundquist-sniproxy-0.7.0/tests/fallback_test 2025-09-05 03:52:46.000000000 +0100 > +++ renaud-sniproxy-0.7.0/tests/fallback_test 2025-09-25 10:50:11.000000000 +0100 > @@ -56,7 +56,7 @@ > $socket->send("GET /$path HTTP/1.0\r\n\r\n"); > > my $buffer; > - $socket->recv($buffer, 4096); > + $socket->recv($buffer, 16384); > > $socket->close(); > > diff -wur dlundquist-sniproxy-0.7.0/tests/slow_client_test renaud-sniproxy-0.7.0/tests/slow_client_test > --- dlundquist-sniproxy-0.7.0/tests/slow_client_test 2025-09-05 03:52:46.000000000 +0100 > +++ renaud-sniproxy-0.7.0/tests/slow_client_test 2025-09-25 10:50:11.000000000 +0100 > @@ -46,7 +46,7 @@ > } > > my $buffer; > - $socket->recv($buffer, 4096); > + $socket->recv($buffer, 16384); > > $socket->close(); > >