mirror of
https://github.com/moparisthebest/sslh
synced 2024-11-28 20:12:24 -05:00
v1.13: 18MAY2012
Write PID file before dropping privileges. Added --background, which overrides 'foreground' configuration file setting. Added example systemd service file from Archlinux in scripts/ https://projects.archlinux.org/svntogit/community.git/tree/trunk/sslh.service?h=packages/sslh (Sbastien Luttringer)
This commit is contained in:
parent
9bcb2cdd7a
commit
5cd1fa1875
11
ChangeLog
11
ChangeLog
@ -1,3 +1,14 @@
|
|||||||
|
v1.13: 18MAY2012
|
||||||
|
Write PID file before dropping privileges.
|
||||||
|
|
||||||
|
Added --background, which overrides 'foreground'
|
||||||
|
configuration file setting.
|
||||||
|
|
||||||
|
Added example systemd service file from Archlinux in
|
||||||
|
scripts/
|
||||||
|
https://projects.archlinux.org/svntogit/community.git/tree/trunk/sslh.service?h=packages/sslh
|
||||||
|
(Sébastien Luttringer)
|
||||||
|
|
||||||
v1.12: 08MAY2012
|
v1.12: 08MAY2012
|
||||||
Added support for configuration file.
|
Added support for configuration file.
|
||||||
|
|
||||||
|
4
Makefile
4
Makefile
@ -1,6 +1,6 @@
|
|||||||
# Configuration
|
# Configuration
|
||||||
|
|
||||||
VERSION="v1.12"
|
VERSION="v1.13b"
|
||||||
USELIBCONFIG=1 # Use libconfig? (necessary to use configuration files)
|
USELIBCONFIG=1 # Use libconfig? (necessary to use configuration files)
|
||||||
USELIBWRAP= # Use libwrap?
|
USELIBWRAP= # Use libwrap?
|
||||||
COV_TEST= # Perform test coverage?
|
COV_TEST= # Perform test coverage?
|
||||||
@ -73,7 +73,7 @@ clean:
|
|||||||
rm -f sslh-fork sslh-select echosrv $(MAN) *.o *.gcov *.gcno *.gcda *.png *.html *.css *.info
|
rm -f sslh-fork sslh-select echosrv $(MAN) *.o *.gcov *.gcno *.gcda *.png *.html *.css *.info
|
||||||
|
|
||||||
tags:
|
tags:
|
||||||
ctags -T *.[ch]
|
ctags --globals -T *.[ch]
|
||||||
|
|
||||||
test:
|
test:
|
||||||
./t
|
./t
|
||||||
|
19
README
19
README
@ -10,7 +10,24 @@ inside a corporate firewall, which almost never block port
|
|||||||
|
|
||||||
==== Compile and install ====
|
==== Compile and install ====
|
||||||
|
|
||||||
If you're lucky, the Makefile will work for you:
|
sslh uses libconfig (http://www.hyperrealm.com/libconfig/)
|
||||||
|
and libwrap.
|
||||||
|
|
||||||
|
For Debian, these are contained in packages libwrap0-dev and
|
||||||
|
libconfig8-dev.
|
||||||
|
|
||||||
|
For OpenSUSE, these are contained in packages libconfig9 and
|
||||||
|
libconfig-dev in repository
|
||||||
|
http://download.opensuse.org/repositories/multimedia:/libs/openSUSE_12.1/
|
||||||
|
|
||||||
|
For Fedora, this package should work:
|
||||||
|
https://admin.fedoraproject.org/pkgdb/acls/name/libconfig
|
||||||
|
(feedback from Fedorans appreciated).
|
||||||
|
|
||||||
|
If you can't find libconfig, or just don't want a
|
||||||
|
configuration file, set 'USELIBCONFIG=' in the Makefile.
|
||||||
|
|
||||||
|
After this, the Makefile should work:
|
||||||
|
|
||||||
make install
|
make install
|
||||||
|
|
||||||
|
1
common.c
1
common.c
@ -24,6 +24,7 @@ int verbose = 0;
|
|||||||
int probing_timeout = 2;
|
int probing_timeout = 2;
|
||||||
int inetd = 0;
|
int inetd = 0;
|
||||||
int foreground = 0;
|
int foreground = 0;
|
||||||
|
int background = 0;
|
||||||
int numeric = 0;
|
int numeric = 0;
|
||||||
const char *user_name, *pid_file, *rule_filename;
|
const char *user_name, *pid_file, *rule_filename;
|
||||||
|
|
||||||
|
2
common.h
2
common.h
@ -100,7 +100,7 @@ int start_listen_sockets(int *sockfd[], struct addrinfo *addr_list);
|
|||||||
int defer_write(struct queue *q, void* data, int data_size);
|
int defer_write(struct queue *q, void* data, int data_size);
|
||||||
int flush_defered(struct queue *q);
|
int flush_defered(struct queue *q);
|
||||||
|
|
||||||
extern int probing_timeout, verbose, inetd, foreground, numeric;
|
extern int probing_timeout, verbose, inetd, foreground, background, numeric;
|
||||||
extern struct sockaddr_storage addr_ssl, addr_ssh, addr_openvpn;
|
extern struct sockaddr_storage addr_ssl, addr_ssh, addr_openvpn;
|
||||||
extern struct addrinfo *addr_listen;
|
extern struct addrinfo *addr_listen;
|
||||||
extern const char* USAGE_STRING;
|
extern const char* USAGE_STRING;
|
||||||
|
9
scripts/systemd.sslh.service
Normal file
9
scripts/systemd.sslh.service
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=SSL/SSH multiplexer
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
EnvironmentFile=/etc/conf.d/sslh
|
||||||
|
ExecStart=/usr/bin/sslh --foreground $DAEMON_OPTS
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
14
sslh-main.c
14
sslh-main.c
@ -1,5 +1,6 @@
|
|||||||
/*
|
/*
|
||||||
# main: processing of config file, command line options and start the main loop.
|
# main: processing of config file, command line options and start the main
|
||||||
|
# loop.
|
||||||
#
|
#
|
||||||
# Copyright (C) 2007-2012 Yves Rutschle
|
# Copyright (C) 2007-2012 Yves Rutschle
|
||||||
#
|
#
|
||||||
@ -51,6 +52,7 @@ const char* USAGE_STRING =
|
|||||||
static struct option const_options[] = {
|
static struct option const_options[] = {
|
||||||
{ "inetd", no_argument, &inetd, 1 },
|
{ "inetd", no_argument, &inetd, 1 },
|
||||||
{ "foreground", no_argument, &foreground, 1 },
|
{ "foreground", no_argument, &foreground, 1 },
|
||||||
|
{ "background", no_argument, &background, 1 },
|
||||||
{ "numeric", no_argument, &numeric, 1 },
|
{ "numeric", no_argument, &numeric, 1 },
|
||||||
{ "verbose", no_argument, &verbose, 1 },
|
{ "verbose", no_argument, &verbose, 1 },
|
||||||
{ "user", required_argument, 0, 'u' },
|
{ "user", required_argument, 0, 'u' },
|
||||||
@ -428,6 +430,10 @@ next_arg:
|
|||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Did command-line override foreground setting? */
|
||||||
|
if (background)
|
||||||
|
foreground = 0;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
int main(int argc, char *argv[])
|
int main(int argc, char *argv[])
|
||||||
@ -471,12 +477,12 @@ int main(int argc, char *argv[])
|
|||||||
|
|
||||||
setup_signals();
|
setup_signals();
|
||||||
|
|
||||||
if (user_name)
|
|
||||||
drop_privileges(user_name);
|
|
||||||
|
|
||||||
if (pid_file)
|
if (pid_file)
|
||||||
write_pid_file(pid_file);
|
write_pid_file(pid_file);
|
||||||
|
|
||||||
|
if (user_name)
|
||||||
|
drop_privileges(user_name);
|
||||||
|
|
||||||
/* Open syslog connection */
|
/* Open syslog connection */
|
||||||
setup_syslog(argv[0]);
|
setup_syslog(argv[0]);
|
||||||
|
|
||||||
|
7
sslh.pod
7
sslh.pod
@ -165,6 +165,13 @@ Runs in foreground. The server will not fork and will remain connected
|
|||||||
to the terminal. Messages normally sent to B<syslog> will also be sent
|
to the terminal. Messages normally sent to B<syslog> will also be sent
|
||||||
to I<stderr>.
|
to I<stderr>.
|
||||||
|
|
||||||
|
=item B<--background>
|
||||||
|
|
||||||
|
Runs in background. This overrides B<foreground> if set in
|
||||||
|
the configuration file (or on the command line, but there is
|
||||||
|
no point setting both on the command line unless you have a
|
||||||
|
personality disorder).
|
||||||
|
|
||||||
=back
|
=back
|
||||||
|
|
||||||
=head1 FILES
|
=head1 FILES
|
||||||
|
Loading…
Reference in New Issue
Block a user