pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/net/sslh

Module Name:    pkgsrc
Committed By:   obache
Date:           Fri Nov  8 13:33:55 UTC 2013

Modified Files:
        pkgsrc/net/sslh: Makefile PLIST distinfo
Added Files:
        pkgsrc/net/sslh/patches: patch-echosrv.c patch-sslh-main.c

Log Message:
Upate sslh to 1.15.
Based on PR pkg/48320 by Nils Ratusznik.

Pkgsrc change:
* add startup script.

v1.15:  27JUL2013
        Added --transparent option for transparent proxying.
        See README for iptables magic and capability

        Fixed bug in sslh-select: if number of opened file
        descriptor became bigger than FD_SETSIZE, bad things
        would happen.

        Fixed bug in sslh-select: if socket dropped while
        defered_data was present, sslh-select would crash.

        Increased FD_SETSIZE for Cygwin, as the default 64
        is too low for even moderate load.

v1.14: 21DEC2012
        Corrected OpenVPN probe to support pre-shared secret
        mode (OpenVPN port-sharing code is... wrong). Thanks
        to Kai Ellinger for help in investigating and

        Added an actual TLS/SSL probe.

        Added configurable --on-timeout protocol

        Added a --anyprot protocol probe (equivalent to what
        --ssl was).

        Makefile respects the user's compiler and CFLAG
        choices (falling back to the current values if
        undefined), as well as LDFLAGS.
        (Michael Palimaka)

        Added "After" and "KillMode" to systemd.sslh.service
        (Thomas Wei�schuh).

        Added LSB tags to etc.init.d.sslh
        (Thomas Varis).

v1.13: 18MAY2012
        Write PID file before dropping privileges.

        Added --background, which overrides 'foreground'
        configuration file setting.

        Added example systemd service file from Archlinux in
        (S�bastien Luttringer)

v1.12: 08MAY2012
        Added support for configuration file.

        New protocol probes can be defined using regular
        expressions that match the first packet sent by the

        sslh now connects timed out connections to the first
        configured protocol instead of 'ssh' (just make sure
        ssh is the first defined protocol).

        sslh now tries protocols in the order in which they
        are defined (just make sure sslh is the last defined

v1.11: 21APR2012
        WARNING: defaults have been removed for --user and
        --pidfile options, update your start-up scripts!

        No longer stop sslh when reverse DNS requests fail
        for logging.

        Added HTTP probe.

        No longer create new session if running in

        No longer default to changing user to 'nobody'. If
        --user isn't specified, just run as current user.

        No longer create PID file by default, it should be
        explicitely set with --pidfile.

        No longer log to syslog if in foreground. Logs are
        instead output to stderr.

        The four changes above make it straightforward to
        integrate sslh with systemd, and should help with

v1.10: 27NOV2011
        Fixed calls referring to sockaddr length so they work
        with FreeBSD.

        Try target addresses in turn until one works if
        there are several (e.g. "localhost:22" resolves to
        an IPv6 address and an IPv4 address and sshd does
        not listen on IPv6).

        Fixed sslh-fork so killing the head process kills
        the listener processes.

        Heavily cleaned up test suite. Added stress test
        t_load script. Added coverage (requires lcov).

        Support for XMPP (Arnaud Gendre).

        Updated README.MacOSX (Aaron Madlon-Kay).

v1.9: 02AUG2011
        WARNING: This version does not work with FreeBSD and

        WARNING: Options changed, you'll need to update your
        start-up scripts! Log format changed, you'll need to
        update log processing scripts!

        Now supports IPv6 throughout (both on listening and

        Logs now contain IPv6 addresses, local forwarding
        address, and resolves names (unless --numeric is

        Introduced long options.

        Options -l, -s and -o replaced by their long

        Defaults for SSL and SSH options suppressed (it's
        legitimate to want to use sslh to mux OpenVPN and
        tinc while not caring about SSH nor SSL).

        Bind to multiple addresses with multiple -p options.

        Support for tinc VPN (experimental).

        Numeric logging option.

v1.8: 15JUL2011
        Changed log format to make it possible to link
        connections to subsequent logs from other services.

        Updated CentOS init.d script (Andre Krajnik).

        Fixed zombie issue with OpenBSD (The SA_NOCLDWAIT flag is not
        propagated to the child process, so we set up signals after
        the fork.) (Fran�ois FRITZ)

        Added -o "OpenVPN" and OpenVPN probing and support.

        Added single-threaded, select(2)-based version.

        Added support for "Bold" SSH clients (clients that speak first)
        Thanks to Guillaume Ricaud for spotting a regression

        Added -f "foreground" option.

        Added test suite. (only tests connexions. No test for libwrap,
        setsid, setuid and so on) and corresponding 'make
        test' target.

        Added README.MacOSX (thanks Aaron Madlon-Kay)

        Documented use with proxytunnel and corkscrew in

To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/net/sslh/Makefile
cvs rdiff -u -r1.1 -r1.2 pkgsrc/net/sslh/PLIST pkgsrc/net/sslh/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/net/sslh/files/
cvs rdiff -u -r0 -r1.1 pkgsrc/net/sslh/patches/patch-echosrv.c \

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Home | Main Index | Thread Index | Old Index