moparisthebest
/
sslh
mirror of https://github.com/moparisthebest/sslh
1
0
Fork 0
Code Issues Releases Wiki Activity
112 Commits 1 Branch 17 Tags 380 KiB
Commit Graph

112 Commits

Author SHA1 Message Date
Yves Rutschle 5998c9ec1a Do not require --listen when --inetd is specified 2014-01-06 22:21:44 +01:00
Yves Rutschle 45996cc1ee minor typesetting fix to manual page 2014-01-06 22:07:33 +01:00
Yves Rutschle 56944e4d38 Generate version tag based on file modification date if git is not present 2013-11-23 16:46:54 +01:00
yrutschle 9c3a838cc5 Merge pull request #8 from nbraud/readme 
Markdownify the README
 2013-11-05 23:10:24 -08:00
Nicolas Braud-Santoni b24f9820f9 Markdownify the README 2013-11-05 22:34:48 +01:00
Sebastian Schmidt 009faa64b7 Implement libcap support 
Use libcap for saving CAP_NET_ADMIN (if --transparent is given) over a
setuid(). We don’t need CAP_NET_BIND_SERVICE as the listening sockets
are established before dropping root.
 2013-10-20 21:16:56 +02:00
Yves Rutschle 3f386b6541 initiated TODO list 2013-10-06 12:09:52 +02:00
Yves Rutschle fb0760dd72 Probes made resilient to packets that are too short, or 
contain NULLs.
 2013-09-28 21:39:00 +02:00
Yves Rutschle f2ca4c13a6 ChangeLog entry for the branch 2013-09-28 21:38:33 +02:00
Yves Rutschle 96f5d6387e new test for PROBE_AGAIN; changed deferred_data to begin_deferred_data where appropriate 2013-09-28 21:33:25 +02:00
Ondrej Kuznk 025545aee3 Fix typos and type warnings 2013-09-28 20:49:46 +02:00
Ondřej Kuzník d14dcdee5c Fix build issues when version.h doesn't exist yet 2013-09-28 20:44:08 +02:00
Ondřej Kuzník 66c7d674a0 is a bashism 2013-09-28 20:42:05 +02:00
Ondřej Kuzník e4fb8b8496 defered -> deferred 2013-09-28 20:42:04 +02:00
Ondřej Kuzník d7bbec0dc7 Simplify function signatures 2013-09-28 20:21:48 +02:00
Ondřej Kuzník bcad6fbade Enable the PROBE_AGAIN return code 2013-09-28 20:21:47 +02:00
Ondřej Kuzník dbafd6510d Allow probes to say they cannot decide yet 2013-09-28 20:21:47 +02:00
Ondřej Kuzník c84a6af847 Introduce the probe return codes. 2013-09-28 20:21:47 +02:00
Ondřej Kuzník c5cd91d92c Let defer_write accumulate data 2013-09-28 20:21:47 +02:00
Ondřej Kuzník 708c3b0177 Make probes work even in the face of arbitrary data 2013-09-28 20:21:47 +02:00
Yves Rutschle ce170814f5 fix genver.sh shell version to bash 2013-09-19 09:25:35 +02:00
Yves Rutschle a168461f46 Merged Makefile LDFLAGS changes 2013-09-17 11:04:37 +02:00
Yves Rutschle 5952ca4aaf Make version.h before any other object 2013-09-17 11:01:05 +02:00
Yves Rutschle a54cc1aa83 Make version.h before any other object 2013-09-17 08:41:10 +02:00
Mike Frysinger 2d23cdc9f4 check asprintf return value 
The current asprintf usage triggers many warnings like:

sslh-main.c: In function 'print_usage':
sslh-main.c:86:17: warning: ignoring return value of 'asprintf',
	declared with attribute warn_unused_result [-Wunused-result]

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
 2013-09-17 00:26:44 -04:00
Mike Frysinger b8ea0699c4 drop_privileges: fix setuid check 
The code attempts to check the return of setuid, but forgets to assign
the result variable.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
 2013-09-17 00:23:26 -04:00
Mike Frysinger c54e232673 sslh-main: fix config_lookup_int call 
This func takes an int, not a long.  The current code triggers a warning:

sslh-main.c: In function 'config_parse':
sslh-main.c:275:5: warning: passing argument 3 of 'config_lookup_int' from incompatible pointer type [enabled by default]
     if (config_lookup_int(&config, "timeout", &timeout) == CONFIG_TRUE) {
                                               ^
In file included from sslh-main.c:26:0:
/usr/include/libconfig.h:266:12: note: expected 'int *' but argument is of type 'long int *'
 extern LIBCONFIG_API int config_lookup_int(const config_t *config,

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
 2013-09-17 00:21:37 -04:00
Mike Frysinger 8252ecf307 Makefile: fix CPPFLAGS handling 
This code doesn't respect CPPFLAGS at all.  Fix that and move the
existing -D flags to the right variable.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
 2013-09-17 00:18:15 -04:00
Mike Frysinger 4fafb3d376 Makefile: fix LDFLAGS handling 
We need these flags to come before all the objects, not after.
Otherwise, flags that impact handling of input objects do not
show up in time.

This also matches standard build system behavior (e.g. autotools).

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
 2013-09-17 00:17:23 -04:00
Jason Cooper 7008a1ede4 cscope: add cscope tagging support 
Signed-off-by: Jason Cooper <jason@lakedaemon.net>
 2013-09-16 22:02:29 +02:00
Jason Cooper 820e31bfc0 Makefile: add distclean target, remove tags file 
Signed-off-by: Jason Cooper <jason@lakedaemon.net>
 2013-09-16 22:01:47 +02:00
Jason Cooper f36eb7be39 version.h: dynamically create version number based on git 
When building the source from a checked out tag, eg v1.15, VERSION will
equal v1.15.  However, when building from anything other than a tagged
version, you get 'v1.15-4-g50432d5-dirty' meaning I was 4 patches in
front of v1.15, particularly '50432d5' was my current HEAD, and I had
uncommited changes, '-dirty'.

Very useful for folks submitting bug reports on versions they compiled
themselves.

Signed-off-by: Jason Cooper <jason@lakedaemon.net>
 2013-09-16 21:56:45 +02:00
Jason Cooper c6adb6a1e1 remove unneeded executable permissions on source files 
Signed-off-by: Jason Cooper <jason@lakedaemon.net>
 2013-09-16 21:56:38 +02:00
Jason Cooper 97ffa562ce git: add .gitignore file 
Signed-off-by: Jason Cooper <jason@lakedaemon.net>
 2013-09-16 21:55:26 +02:00
yrutschle 7afccc6565 Merge pull request #4 from julthomas/jth/rhel-init 
MINOR: init: Review RH/CentOS init script
 2013-08-30 02:53:18 -07:00
yrutschle 22f4a4bc47 Merge pull request #3 from julthomas/jth/config-transparent 
MINOR: config: Option --transparent can be set via configuration file
 2013-08-30 02:52:24 -07:00
Yves Rutschle f3c5f098ca fixed getpeername causing sslh to quit 2013-08-29 12:15:50 +02:00
Julien Thomas 5ae9ba184c MINOR: init: Review RH/CentOS init script 
This is an update of the init scripts originally written by Andre
Krajnik. It is quite similar to other init scripts brought by common
packages in RH/CentOS. This commit also introduces a pretty straight
forward sysconfig file.
 2013-08-26 21:11:17 +02:00
Julien Thomas 43a9bc8fd9 MINOR: config: Option --transparent can be set via configuration file 
This patch allows to set option --transparent in an SSLH configuration
file. Without it, transparent mode is only possible by passing the
option on the command line.
 2013-08-26 21:07:27 +02:00
yrutschle 569c71f6b1 Merge pull request #1 from cicku/patch-1 
Fix for RPM distdir build
 2013-08-10 01:22:08 -07:00
Christopher Meng bde20dbaa5 Fix for RPM 
- RPM doesn't support root, so for the chroot environment we must define a destdir of RPM %{buildroot}.

- Preserve the timestamp.
 2013-08-10 15:06:49 +08:00
Yves Rutschle c60696a6d5 Updated Fedora package requirements 2013-08-09 20:18:22 +02:00
Yves Rutschle c02e2d7aee v1.15 release 2013-07-27 16:25:04 +02:00
Yves Rutschle 59c9be54ad Set FD_SETSIZE to 4096 on Cygwin 2013-07-26 18:42:22 +01:00
Yves Rutschle e3159409c0 check fd < FD_SETSIZE 2013-07-25 21:35:27 +02:00
Yves Rutschle 536f7dee83 Changed SOL_IP to more-portable IPPROTO_IP 2013-07-25 21:33:07 +02:00
Yves Rutschle 2781c75ff9 Added tranparent proyxing 2013-07-21 13:46:45 +02:00
Yves Rutschle d02ffcd154 Fixed bug in sslh-select: if socket dropped while defered_data was present, sslh-select would crash. 2013-07-20 00:45:33 +02:00
Yves Rutschle f842e2e081 v1.14: 21DEC2012 
Corrected OpenVPN probe to support pre-shared secret
	mode (OpenVPN port-sharing code is... wrong). Thanks
	to Kai Ellinger for help in investigating and
	testing.

	Added an actual TLS/SSL probe.

	Added configurable --on-timeout protocol
	specification.

	Added a --anyprot protocol probe (equivalent to what
	--ssl was).

	Makefile respects the user's compiler and CFLAG
	choices (falling back to the current values if
	undefined), as well as LDFLAGS.
	(Michael Palimaka)

	Added "After" and "KillMode" to systemd.sslh.service
	(Thomas Weischuh).

	Added LSB tags to etc.init.d.sslh
	(Thomas Varis).
 2013-07-10 23:19:33 +02:00
Yves Rutschle 5cd1fa1875 v1.13: 18MAY2012 
Write PID file before dropping privileges.

	Added --background, which overrides 'foreground'
	configuration file setting.

	Added example systemd service file from Archlinux in
	scripts/
	https://projects.archlinux.org/svntogit/community.git/tree/trunk/sslh.service?h=packages/sslh
	(Sbastien Luttringer)
 2013-07-10 23:16:50 +02:00