[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
PR/48320 CVS commit: pkgsrc/net/sslh
The following reply was made to PR pkg/48320; it has been noted by GNATS.
From: "OBATA Akio" <obache%netbsd.org@localhost>
Subject: PR/48320 CVS commit: pkgsrc/net/sslh
Date: Fri, 8 Nov 2013 13:33:55 +0000
Module Name: pkgsrc
Committed By: obache
Date: Fri Nov 8 13:33:55 UTC 2013
pkgsrc/net/sslh: Makefile PLIST distinfo
pkgsrc/net/sslh/patches: patch-echosrv.c patch-sslh-main.c
Upate sslh to 1.15.
Based on PR pkg/48320 by Nils Ratusznik.
* add startup script.
Added --transparent option for transparent proxying.
See README for iptables magic and capability
Fixed bug in sslh-select: if number of opened file
descriptor became bigger than FD_SETSIZE, bad things
Fixed bug in sslh-select: if socket dropped while
defered_data was present, sslh-select would crash.
Increased FD_SETSIZE for Cygwin, as the default 64
is too low for even moderate load.
Corrected OpenVPN probe to support pre-shared secret
mode (OpenVPN port-sharing code is... wrong). Thanks
to Kai Ellinger for help in investigating and
Added an actual TLS/SSL probe.
Added configurable --on-timeout protocol
Added a --anyprot protocol probe (equivalent to what
Makefile respects the user's compiler and CFLAG
choices (falling back to the current values if
undefined), as well as LDFLAGS.
Added "After" and "KillMode" to systemd.sslh.service
Added LSB tags to etc.init.d.sslh
Write PID file before dropping privileges.
Added --background, which overrides 'foreground'
configuration file setting.
Added example systemd service file from Archlinux in
Added support for configuration file.
New protocol probes can be defined using regular
expressions that match the first packet sent by the
sslh now connects timed out connections to the first
configured protocol instead of 'ssh' (just make sure
ssh is the first defined protocol).
sslh now tries protocols in the order in which they
are defined (just make sure sslh is the last defined
WARNING: defaults have been removed for --user and
--pidfile options, update your start-up scripts!
No longer stop sslh when reverse DNS requests fail
Added HTTP probe.
No longer create new session if running in
No longer default to changing user to 'nobody'. If
--user isn't specified, just run as current user.
No longer create PID file by default, it should be
explicitely set with --pidfile.
No longer log to syslog if in foreground. Logs are
instead output to stderr.
The four changes above make it straightforward to
integrate sslh with systemd, and should help with
Fixed calls referring to sockaddr length so they work
Try target addresses in turn until one works if
there are several (e.g. "localhost:22" resolves to
an IPv6 address and an IPv4 address and sshd does
not listen on IPv6).
Fixed sslh-fork so killing the head process kills
the listener processes.
Heavily cleaned up test suite. Added stress test
t_load script. Added coverage (requires lcov).
Support for XMPP (Arnaud Gendre).
Updated README.MacOSX (Aaron Madlon-Kay).
WARNING: This version does not work with FreeBSD and
WARNING: Options changed, you'll need to update your
start-up scripts! Log format changed, you'll need to
update log processing scripts!
Now supports IPv6 throughout (both on listening and
Logs now contain IPv6 addresses, local forwarding
address, and resolves names (unless --numeric is
Introduced long options.
Options -l, -s and -o replaced by their long
Defaults for SSL and SSH options suppressed (it's
legitimate to want to use sslh to mux OpenVPN and
tinc while not caring about SSH nor SSL).
Bind to multiple addresses with multiple -p options.
Support for tinc VPN (experimental).
Numeric logging option.
Changed log format to make it possible to link
connections to subsequent logs from other services.
Updated CentOS init.d script (Andre Krajnik).
Fixed zombie issue with OpenBSD (The SA_NOCLDWAIT flag is not
propagated to the child process, so we set up signals after
the fork.) (François FRITZ)
Added -o "OpenVPN" and OpenVPN probing and support.
Added single-threaded, select(2)-based version.
Added support for "Bold" SSH clients (clients that speak first)
Thanks to Guillaume Ricaud for spotting a regression
Added -f "foreground" option.
Added test suite. (only tests connexions. No test for libwrap,
setsid, setuid and so on) and corresponding 'make
Added README.MacOSX (thanks Aaron Madlon-Kay)
Documented use with proxytunnel and corkscrew in
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/net/sslh/Makefile
cvs rdiff -u -r1.1 -r1.2 pkgsrc/net/sslh/PLIST pkgsrc/net/sslh/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/net/sslh/files/sslh.sh
cvs rdiff -u -r0 -r1.1 pkgsrc/net/sslh/patches/patch-echosrv.c \
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Main Index |
Thread Index |