1
0
mirror of https://github.com/moparisthebest/sslh synced 2024-11-12 04:05:05 -05:00
Commit Graph

86 Commits

Author SHA1 Message Date
yrutschle
b6f4c04c36 Merge pull request #25 from guikcd/remove_cant_bind_address_test
Disable Can't bind to address test since IP_FREEBIND allow us to do that
2014-12-25 19:57:47 +01:00
Yves Rutschle
b9ddfb4c7a Support RFC5952-style IPv6 addresses 2014-12-22 18:19:02 +01:00
Guillaume Delacour
21a6d3c3ae Disable Can't bind to address test since IP_FREEBIND allow us to do that 2014-07-15 16:22:37 +02:00
Yves Rutschle
9a0a9b9492 Clarified that sslh uses LOG_AUTH facility for logging in manual page 2014-07-15 11:26:16 +02:00
Yves Rutschle
d10b539a5a fixed obsolete README reference to -o option 2014-04-19 13:10:12 +02:00
Yves Rutschle
48d4d81e0c minor corrections to usage string 2014-04-19 10:41:17 +02:00
Yves Rutschle
36e05640c0 added -F description to man page 2014-04-19 10:40:53 +02:00
Ondřej Kuzník
7876bddff3 Fix regex probes always matching (#19) 2014-04-09 19:18:52 +01:00
Yves Rutschle
6fb234f85e added fail2ban configuration examples 2014-03-30 18:51:21 +02:00
Yves Rutschle
7d6cac73d4 added transparent option to man page and help 2014-03-30 18:25:03 +02:00
Yves Rutschle
621f0718dd added license file 2014-03-30 18:09:16 +02:00
Yves Rutschle
426797f9c0 call setgroups before setgid 2014-03-30 17:28:00 +02:00
Yves Rutschle
53550ff21e fix errors in previous commit... 2014-02-24 17:52:58 +01:00
Yves Rutschle
9beacc63f9 use directory version when compiling from a tarball without git 2014-02-23 10:41:47 +01:00
Jason Cooper
62cbb55b8e genver.sh: use /bin/sh for portability
Signed-off-by: Jason Cooper <jason@lakedaemon.net>
2014-02-17 19:08:02 +01:00
yrutschle
27567c4804 Merge pull request #14 from belobrov-andrey/fd_leak_fix
Fixed possible file descriptor leak.
2014-02-16 13:11:19 +01:00
Belobrov Andrey
ff070a6b46 Fixed possible file descriptor leak. 2014-02-14 08:32:38 +04:00
Yves Rutschle
9d2deff6ad Changelog prepared for v1.16 2014-02-11 22:06:01 +01:00
Yves Rutschle
6bcb5c83f2 libcap support: print out process capabilities at startup if verbose 2014-02-09 21:39:27 +01:00
Yves Rutschle
2d3b6c4abd fix Markdown documentation for libcap 2014-02-09 20:50:03 +01:00
Yves Rutschle
4dfa694e8a Merged libcap patch 2014-02-09 20:34:26 +01:00
yrutschle
e6318ddde0 Merge pull request #12 from vapier/master
sslh-fork: close all listening sockets in shoveler
2014-02-09 13:59:10 +01:00
Yves Rutschle
67c34a7460 set IP_FREEBIND if available to bind to non-existent interfaces 2014-02-09 13:29:49 +01:00
Mike Frysinger
71ce82815c sslh-fork: close all listening sockets in shoveler
When we're watching multiple sockets, we don't want to just close
the active one we got a connection on before launching the shoveler.
If we want to restart the daemon, we run into problems because the
socket is still in use.  Instead, close all the sockets we were
listening on.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
2014-01-09 10:16:42 -05:00
Yves Rutschle
5998c9ec1a Do not require --listen when --inetd is specified 2014-01-06 22:21:44 +01:00
Yves Rutschle
45996cc1ee minor typesetting fix to manual page 2014-01-06 22:07:33 +01:00
Yves Rutschle
56944e4d38 Generate version tag based on file modification date if git is not present 2013-11-23 16:46:54 +01:00
yrutschle
9c3a838cc5 Merge pull request #8 from nbraud/readme
Markdownify the README
2013-11-05 23:10:24 -08:00
Nicolas Braud-Santoni
b24f9820f9 Markdownify the README 2013-11-05 22:34:48 +01:00
Sebastian Schmidt
009faa64b7 Implement libcap support
Use libcap for saving CAP_NET_ADMIN (if --transparent is given) over a
setuid(). We don’t need CAP_NET_BIND_SERVICE as the listening sockets
are established before dropping root.
2013-10-20 21:16:56 +02:00
Yves Rutschle
3f386b6541 initiated TODO list 2013-10-06 12:09:52 +02:00
Yves Rutschle
fb0760dd72 Probes made resilient to packets that are too short, or
contain NULLs.
2013-09-28 21:39:00 +02:00
Yves Rutschle
f2ca4c13a6 ChangeLog entry for the branch 2013-09-28 21:38:33 +02:00
Yves Rutschle
96f5d6387e new test for PROBE_AGAIN; changed deferred_data to begin_deferred_data where appropriate 2013-09-28 21:33:25 +02:00
Ondrej Kuznk
025545aee3 Fix typos and type warnings 2013-09-28 20:49:46 +02:00
Ondřej Kuzník
d14dcdee5c Fix build issues when version.h doesn't exist yet 2013-09-28 20:44:08 +02:00
Ondřej Kuzník
66c7d674a0 is a bashism 2013-09-28 20:42:05 +02:00
Ondřej Kuzník
e4fb8b8496 defered -> deferred 2013-09-28 20:42:04 +02:00
Ondřej Kuzník
d7bbec0dc7 Simplify function signatures 2013-09-28 20:21:48 +02:00
Ondřej Kuzník
bcad6fbade Enable the PROBE_AGAIN return code 2013-09-28 20:21:47 +02:00
Ondřej Kuzník
dbafd6510d Allow probes to say they cannot decide yet 2013-09-28 20:21:47 +02:00
Ondřej Kuzník
c84a6af847 Introduce the probe return codes. 2013-09-28 20:21:47 +02:00
Ondřej Kuzník
c5cd91d92c Let defer_write accumulate data 2013-09-28 20:21:47 +02:00
Ondřej Kuzník
708c3b0177 Make probes work even in the face of arbitrary data 2013-09-28 20:21:47 +02:00
Yves Rutschle
ce170814f5 fix genver.sh shell version to bash 2013-09-19 09:25:35 +02:00
Yves Rutschle
a168461f46 Merged Makefile LDFLAGS changes 2013-09-17 11:04:37 +02:00
Yves Rutschle
5952ca4aaf Make version.h before any other object 2013-09-17 11:01:05 +02:00
Yves Rutschle
a54cc1aa83 Make version.h before any other object 2013-09-17 08:41:10 +02:00
Mike Frysinger
2d23cdc9f4 check asprintf return value
The current asprintf usage triggers many warnings like:

sslh-main.c: In function 'print_usage':
sslh-main.c:86:17: warning: ignoring return value of 'asprintf',
	declared with attribute warn_unused_result [-Wunused-result]

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
2013-09-17 00:26:44 -04:00
Mike Frysinger
b8ea0699c4 drop_privileges: fix setuid check
The code attempts to check the return of setuid, but forgets to assign
the result variable.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
2013-09-17 00:23:26 -04:00