yrutschle
b6f4c04c36
Merge pull request #25 from guikcd/remove_cant_bind_address_test
...
Disable Can't bind to address test since IP_FREEBIND allow us to do that
2014-12-25 19:57:47 +01:00
Yves Rutschle
b9ddfb4c7a
Support RFC5952-style IPv6 addresses
2014-12-22 18:19:02 +01:00
Guillaume Delacour
21a6d3c3ae
Disable Can't bind to address test since IP_FREEBIND allow us to do that
2014-07-15 16:22:37 +02:00
Yves Rutschle
9a0a9b9492
Clarified that sslh uses LOG_AUTH facility for logging in manual page
2014-07-15 11:26:16 +02:00
Yves Rutschle
d10b539a5a
fixed obsolete README reference to -o option
2014-04-19 13:10:12 +02:00
Yves Rutschle
48d4d81e0c
minor corrections to usage string
2014-04-19 10:41:17 +02:00
Yves Rutschle
36e05640c0
added -F description to man page
2014-04-19 10:40:53 +02:00
Ondřej Kuzník
7876bddff3
Fix regex probes always matching ( #19 )
2014-04-09 19:18:52 +01:00
Yves Rutschle
6fb234f85e
added fail2ban configuration examples
2014-03-30 18:51:21 +02:00
Yves Rutschle
7d6cac73d4
added transparent option to man page and help
2014-03-30 18:25:03 +02:00
Yves Rutschle
621f0718dd
added license file
2014-03-30 18:09:16 +02:00
Yves Rutschle
426797f9c0
call setgroups before setgid
2014-03-30 17:28:00 +02:00
Yves Rutschle
53550ff21e
fix errors in previous commit...
2014-02-24 17:52:58 +01:00
Yves Rutschle
9beacc63f9
use directory version when compiling from a tarball without git
2014-02-23 10:41:47 +01:00
Jason Cooper
62cbb55b8e
genver.sh: use /bin/sh for portability
...
Signed-off-by: Jason Cooper <jason@lakedaemon.net>
2014-02-17 19:08:02 +01:00
yrutschle
27567c4804
Merge pull request #14 from belobrov-andrey/fd_leak_fix
...
Fixed possible file descriptor leak.
2014-02-16 13:11:19 +01:00
Belobrov Andrey
ff070a6b46
Fixed possible file descriptor leak.
2014-02-14 08:32:38 +04:00
Yves Rutschle
9d2deff6ad
Changelog prepared for v1.16
2014-02-11 22:06:01 +01:00
Yves Rutschle
6bcb5c83f2
libcap support: print out process capabilities at startup if verbose
2014-02-09 21:39:27 +01:00
Yves Rutschle
2d3b6c4abd
fix Markdown documentation for libcap
2014-02-09 20:50:03 +01:00
Yves Rutschle
4dfa694e8a
Merged libcap patch
2014-02-09 20:34:26 +01:00
yrutschle
e6318ddde0
Merge pull request #12 from vapier/master
...
sslh-fork: close all listening sockets in shoveler
2014-02-09 13:59:10 +01:00
Yves Rutschle
67c34a7460
set IP_FREEBIND if available to bind to non-existent interfaces
2014-02-09 13:29:49 +01:00
Mike Frysinger
71ce82815c
sslh-fork: close all listening sockets in shoveler
...
When we're watching multiple sockets, we don't want to just close
the active one we got a connection on before launching the shoveler.
If we want to restart the daemon, we run into problems because the
socket is still in use. Instead, close all the sockets we were
listening on.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
2014-01-09 10:16:42 -05:00
Yves Rutschle
5998c9ec1a
Do not require --listen when --inetd is specified
2014-01-06 22:21:44 +01:00
Yves Rutschle
45996cc1ee
minor typesetting fix to manual page
2014-01-06 22:07:33 +01:00
Yves Rutschle
56944e4d38
Generate version tag based on file modification date if git is not present
2013-11-23 16:46:54 +01:00
yrutschle
9c3a838cc5
Merge pull request #8 from nbraud/readme
...
Markdownify the README
2013-11-05 23:10:24 -08:00
Nicolas Braud-Santoni
b24f9820f9
Markdownify the README
2013-11-05 22:34:48 +01:00
Sebastian Schmidt
009faa64b7
Implement libcap support
...
Use libcap for saving CAP_NET_ADMIN (if --transparent is given) over a
setuid(). We don’t need CAP_NET_BIND_SERVICE as the listening sockets
are established before dropping root.
2013-10-20 21:16:56 +02:00
Yves Rutschle
3f386b6541
initiated TODO list
2013-10-06 12:09:52 +02:00
Yves Rutschle
fb0760dd72
Probes made resilient to packets that are too short, or
...
contain NULLs.
2013-09-28 21:39:00 +02:00
Yves Rutschle
f2ca4c13a6
ChangeLog entry for the branch
2013-09-28 21:38:33 +02:00
Yves Rutschle
96f5d6387e
new test for PROBE_AGAIN; changed deferred_data to begin_deferred_data where appropriate
2013-09-28 21:33:25 +02:00
Ondrej Kuznk
025545aee3
Fix typos and type warnings
2013-09-28 20:49:46 +02:00
Ondřej Kuzník
d14dcdee5c
Fix build issues when version.h doesn't exist yet
2013-09-28 20:44:08 +02:00
Ondřej Kuzník
66c7d674a0
is a bashism
2013-09-28 20:42:05 +02:00
Ondřej Kuzník
e4fb8b8496
defered -> deferred
2013-09-28 20:42:04 +02:00
Ondřej Kuzník
d7bbec0dc7
Simplify function signatures
2013-09-28 20:21:48 +02:00
Ondřej Kuzník
bcad6fbade
Enable the PROBE_AGAIN return code
2013-09-28 20:21:47 +02:00
Ondřej Kuzník
dbafd6510d
Allow probes to say they cannot decide yet
2013-09-28 20:21:47 +02:00
Ondřej Kuzník
c84a6af847
Introduce the probe return codes.
2013-09-28 20:21:47 +02:00
Ondřej Kuzník
c5cd91d92c
Let defer_write accumulate data
2013-09-28 20:21:47 +02:00
Ondřej Kuzník
708c3b0177
Make probes work even in the face of arbitrary data
2013-09-28 20:21:47 +02:00
Yves Rutschle
ce170814f5
fix genver.sh shell version to bash
2013-09-19 09:25:35 +02:00
Yves Rutschle
a168461f46
Merged Makefile LDFLAGS changes
2013-09-17 11:04:37 +02:00
Yves Rutschle
5952ca4aaf
Make version.h before any other object
2013-09-17 11:01:05 +02:00
Yves Rutschle
a54cc1aa83
Make version.h before any other object
2013-09-17 08:41:10 +02:00
Mike Frysinger
2d23cdc9f4
check asprintf return value
...
The current asprintf usage triggers many warnings like:
sslh-main.c: In function 'print_usage':
sslh-main.c:86:17: warning: ignoring return value of 'asprintf',
declared with attribute warn_unused_result [-Wunused-result]
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
2013-09-17 00:26:44 -04:00
Mike Frysinger
b8ea0699c4
drop_privileges: fix setuid check
...
The code attempts to check the return of setuid, but forgets to assign
the result variable.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
2013-09-17 00:23:26 -04:00