1
0
mirror of https://github.com/moparisthebest/sslh synced 2024-12-12 02:32:15 -05:00
Commit Graph

112 Commits

Author SHA1 Message Date
Yves Rutschle
5998c9ec1a Do not require --listen when --inetd is specified 2014-01-06 22:21:44 +01:00
Yves Rutschle
45996cc1ee minor typesetting fix to manual page 2014-01-06 22:07:33 +01:00
Yves Rutschle
56944e4d38 Generate version tag based on file modification date if git is not present 2013-11-23 16:46:54 +01:00
yrutschle
9c3a838cc5 Merge pull request #8 from nbraud/readme
Markdownify the README
2013-11-05 23:10:24 -08:00
Nicolas Braud-Santoni
b24f9820f9 Markdownify the README 2013-11-05 22:34:48 +01:00
Sebastian Schmidt
009faa64b7 Implement libcap support
Use libcap for saving CAP_NET_ADMIN (if --transparent is given) over a
setuid(). We don’t need CAP_NET_BIND_SERVICE as the listening sockets
are established before dropping root.
2013-10-20 21:16:56 +02:00
Yves Rutschle
3f386b6541 initiated TODO list 2013-10-06 12:09:52 +02:00
Yves Rutschle
fb0760dd72 Probes made resilient to packets that are too short, or
contain NULLs.
2013-09-28 21:39:00 +02:00
Yves Rutschle
f2ca4c13a6 ChangeLog entry for the branch 2013-09-28 21:38:33 +02:00
Yves Rutschle
96f5d6387e new test for PROBE_AGAIN; changed deferred_data to begin_deferred_data where appropriate 2013-09-28 21:33:25 +02:00
Ondrej Kuznk
025545aee3 Fix typos and type warnings 2013-09-28 20:49:46 +02:00
Ondřej Kuzník
d14dcdee5c Fix build issues when version.h doesn't exist yet 2013-09-28 20:44:08 +02:00
Ondřej Kuzník
66c7d674a0 is a bashism 2013-09-28 20:42:05 +02:00
Ondřej Kuzník
e4fb8b8496 defered -> deferred 2013-09-28 20:42:04 +02:00
Ondřej Kuzník
d7bbec0dc7 Simplify function signatures 2013-09-28 20:21:48 +02:00
Ondřej Kuzník
bcad6fbade Enable the PROBE_AGAIN return code 2013-09-28 20:21:47 +02:00
Ondřej Kuzník
dbafd6510d Allow probes to say they cannot decide yet 2013-09-28 20:21:47 +02:00
Ondřej Kuzník
c84a6af847 Introduce the probe return codes. 2013-09-28 20:21:47 +02:00
Ondřej Kuzník
c5cd91d92c Let defer_write accumulate data 2013-09-28 20:21:47 +02:00
Ondřej Kuzník
708c3b0177 Make probes work even in the face of arbitrary data 2013-09-28 20:21:47 +02:00
Yves Rutschle
ce170814f5 fix genver.sh shell version to bash 2013-09-19 09:25:35 +02:00
Yves Rutschle
a168461f46 Merged Makefile LDFLAGS changes 2013-09-17 11:04:37 +02:00
Yves Rutschle
5952ca4aaf Make version.h before any other object 2013-09-17 11:01:05 +02:00
Yves Rutschle
a54cc1aa83 Make version.h before any other object 2013-09-17 08:41:10 +02:00
Mike Frysinger
2d23cdc9f4 check asprintf return value
The current asprintf usage triggers many warnings like:

sslh-main.c: In function 'print_usage':
sslh-main.c:86:17: warning: ignoring return value of 'asprintf',
	declared with attribute warn_unused_result [-Wunused-result]

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
2013-09-17 00:26:44 -04:00
Mike Frysinger
b8ea0699c4 drop_privileges: fix setuid check
The code attempts to check the return of setuid, but forgets to assign
the result variable.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
2013-09-17 00:23:26 -04:00
Mike Frysinger
c54e232673 sslh-main: fix config_lookup_int call
This func takes an int, not a long.  The current code triggers a warning:

sslh-main.c: In function 'config_parse':
sslh-main.c:275:5: warning: passing argument 3 of 'config_lookup_int' from incompatible pointer type [enabled by default]
     if (config_lookup_int(&config, "timeout", &timeout) == CONFIG_TRUE) {
                                               ^
In file included from sslh-main.c:26:0:
/usr/include/libconfig.h:266:12: note: expected 'int *' but argument is of type 'long int *'
 extern LIBCONFIG_API int config_lookup_int(const config_t *config,

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
2013-09-17 00:21:37 -04:00
Mike Frysinger
8252ecf307 Makefile: fix CPPFLAGS handling
This code doesn't respect CPPFLAGS at all.  Fix that and move the
existing -D flags to the right variable.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
2013-09-17 00:18:15 -04:00
Mike Frysinger
4fafb3d376 Makefile: fix LDFLAGS handling
We need these flags to come before all the objects, not after.
Otherwise, flags that impact handling of input objects do not
show up in time.

This also matches standard build system behavior (e.g. autotools).

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
2013-09-17 00:17:23 -04:00
Jason Cooper
7008a1ede4 cscope: add cscope tagging support
Signed-off-by: Jason Cooper <jason@lakedaemon.net>
2013-09-16 22:02:29 +02:00
Jason Cooper
820e31bfc0 Makefile: add distclean target, remove tags file
Signed-off-by: Jason Cooper <jason@lakedaemon.net>
2013-09-16 22:01:47 +02:00
Jason Cooper
f36eb7be39 version.h: dynamically create version number based on git
When building the source from a checked out tag, eg v1.15, VERSION will
equal v1.15.  However, when building from anything other than a tagged
version, you get 'v1.15-4-g50432d5-dirty' meaning I was 4 patches in
front of v1.15, particularly '50432d5' was my current HEAD, and I had
uncommited changes, '-dirty'.

Very useful for folks submitting bug reports on versions they compiled
themselves.

Signed-off-by: Jason Cooper <jason@lakedaemon.net>
2013-09-16 21:56:45 +02:00
Jason Cooper
c6adb6a1e1 remove unneeded executable permissions on source files
Signed-off-by: Jason Cooper <jason@lakedaemon.net>
2013-09-16 21:56:38 +02:00
Jason Cooper
97ffa562ce git: add .gitignore file
Signed-off-by: Jason Cooper <jason@lakedaemon.net>
2013-09-16 21:55:26 +02:00
yrutschle
7afccc6565 Merge pull request #4 from julthomas/jth/rhel-init
MINOR: init: Review RH/CentOS init script
2013-08-30 02:53:18 -07:00
yrutschle
22f4a4bc47 Merge pull request #3 from julthomas/jth/config-transparent
MINOR: config: Option --transparent can be set via configuration file
2013-08-30 02:52:24 -07:00
Yves Rutschle
f3c5f098ca fixed getpeername causing sslh to quit 2013-08-29 12:15:50 +02:00
Julien Thomas
5ae9ba184c MINOR: init: Review RH/CentOS init script
This is an update of the init scripts originally written by Andre
Krajnik. It is quite similar to other init scripts brought by common
packages in RH/CentOS. This commit also introduces a pretty straight
forward sysconfig file.
2013-08-26 21:11:17 +02:00
Julien Thomas
43a9bc8fd9 MINOR: config: Option --transparent can be set via configuration file
This patch allows to set option --transparent in an SSLH configuration
file. Without it, transparent mode is only possible by passing the
option on the command line.
2013-08-26 21:07:27 +02:00
yrutschle
569c71f6b1 Merge pull request #1 from cicku/patch-1
Fix for RPM distdir build
2013-08-10 01:22:08 -07:00
Christopher Meng
bde20dbaa5 Fix for RPM
- RPM doesn't support root, so for the chroot environment we must define a destdir of RPM %{buildroot}.

- Preserve the timestamp.
2013-08-10 15:06:49 +08:00
Yves Rutschle
c60696a6d5 Updated Fedora package requirements 2013-08-09 20:18:22 +02:00
Yves Rutschle
c02e2d7aee v1.15 release 2013-07-27 16:25:04 +02:00
Yves Rutschle
59c9be54ad Set FD_SETSIZE to 4096 on Cygwin 2013-07-26 18:42:22 +01:00
Yves Rutschle
e3159409c0 check fd < FD_SETSIZE 2013-07-25 21:35:27 +02:00
Yves Rutschle
536f7dee83 Changed SOL_IP to more-portable IPPROTO_IP 2013-07-25 21:33:07 +02:00
Yves Rutschle
2781c75ff9 Added tranparent proyxing 2013-07-21 13:46:45 +02:00
Yves Rutschle
d02ffcd154 Fixed bug in sslh-select: if socket dropped while defered_data was present, sslh-select would crash. 2013-07-20 00:45:33 +02:00
Yves Rutschle
f842e2e081 v1.14: 21DEC2012
Corrected OpenVPN probe to support pre-shared secret
	mode (OpenVPN port-sharing code is... wrong). Thanks
	to Kai Ellinger for help in investigating and
	testing.

	Added an actual TLS/SSL probe.

	Added configurable --on-timeout protocol
	specification.

	Added a --anyprot protocol probe (equivalent to what
	--ssl was).

	Makefile respects the user's compiler and CFLAG
	choices (falling back to the current values if
	undefined), as well as LDFLAGS.
	(Michael Palimaka)

	Added "After" and "KillMode" to systemd.sslh.service
	(Thomas Weischuh).

	Added LSB tags to etc.init.d.sslh
	(Thomas Varis).
2013-07-10 23:19:33 +02:00
Yves Rutschle
5cd1fa1875 v1.13: 18MAY2012
Write PID file before dropping privileges.

	Added --background, which overrides 'foreground'
	configuration file setting.

	Added example systemd service file from Archlinux in
	scripts/
	https://projects.archlinux.org/svntogit/community.git/tree/trunk/sslh.service?h=packages/sslh
	(Sbastien Luttringer)
2013-07-10 23:16:50 +02:00