When we're watching multiple sockets, we don't want to just close
the active one we got a connection on before launching the shoveler.
If we want to restart the daemon, we run into problems because the
socket is still in use. Instead, close all the sockets we were
listening on.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Use libcap for saving CAP_NET_ADMIN (if --transparent is given) over a
setuid(). We don’t need CAP_NET_BIND_SERVICE as the listening sockets
are established before dropping root.
The current asprintf usage triggers many warnings like:
sslh-main.c: In function 'print_usage':
sslh-main.c:86:17: warning: ignoring return value of 'asprintf',
declared with attribute warn_unused_result [-Wunused-result]
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
This func takes an int, not a long. The current code triggers a warning:
sslh-main.c: In function 'config_parse':
sslh-main.c:275:5: warning: passing argument 3 of 'config_lookup_int' from incompatible pointer type [enabled by default]
if (config_lookup_int(&config, "timeout", &timeout) == CONFIG_TRUE) {
^
In file included from sslh-main.c:26:0:
/usr/include/libconfig.h:266:12: note: expected 'int *' but argument is of type 'long int *'
extern LIBCONFIG_API int config_lookup_int(const config_t *config,
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
This code doesn't respect CPPFLAGS at all. Fix that and move the
existing -D flags to the right variable.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
We need these flags to come before all the objects, not after.
Otherwise, flags that impact handling of input objects do not
show up in time.
This also matches standard build system behavior (e.g. autotools).
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
When building the source from a checked out tag, eg v1.15, VERSION will
equal v1.15. However, when building from anything other than a tagged
version, you get 'v1.15-4-g50432d5-dirty' meaning I was 4 patches in
front of v1.15, particularly '50432d5' was my current HEAD, and I had
uncommited changes, '-dirty'.
Very useful for folks submitting bug reports on versions they compiled
themselves.
Signed-off-by: Jason Cooper <jason@lakedaemon.net>
This is an update of the init scripts originally written by Andre
Krajnik. It is quite similar to other init scripts brought by common
packages in RH/CentOS. This commit also introduces a pretty straight
forward sysconfig file.
This patch allows to set option --transparent in an SSLH configuration
file. Without it, transparent mode is only possible by passing the
option on the command line.