third-party-mirrors/sslh
1
0
Fork 0
mirror of https://github.com/yrutschle/sslh.git synced 2025-04-15 08:30:34 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #323 from milkpirate/feat/resolve-on-connect

Browse Source 
Feat/resolve on connect
This commit is contained in:
Yves Rutschle 2022-03-23 21:26:25 +01:00 committed by GitHub
commit a71de786d6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 17 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
common.c
View File

@ -319,6 +319,11 @@ int connect_addr(struct connection *cnx, int fd_from, connect_blocking blocking)
res = getpeername(fd_from, from.ai_addr, &from.ai_addrlen); res = getpeername(fd_from, from.ai_addr, &from.ai_addrlen);
CHECK_RES_RETURN(res, "getpeername", res); CHECK_RES_RETURN(res, "getpeername", res);
if (cnx->proto->resolve_on_forward) {
resolve_split_name(&(cnx->proto->saddr), cnx->proto->host,
cnx->proto->port);
}
for (a = cnx->proto->saddr; a; a = a->ai_next) { for (a = cnx->proto->saddr; a; a = a->ai_next) {
/* When transparent, make sure both connections use the same address family */ /* When transparent, make sure both connections use the same address family */
if (transparent && a->ai_family != from.ai_addr->sa_family) if (transparent && a->ai_family != from.ai_addr->sa_family)

2
example.cfg
View File

@ -60,6 +60,8 @@ listen:
# fork: Should a new process be forked for this protocol? # fork: Should a new process be forked for this protocol?
# (only useful for sslh-select) # (only useful for sslh-select)
# tfo_ok: Set to true if the server supports TCP FAST OPEN # tfo_ok: Set to true if the server supports TCP FAST OPEN
# resolve_on_forward: Set to true if server address should be resolved on
# (every) newly incoming connection (again)
# transparent: Set to true to proxy this protocol # transparent: Set to true to proxy this protocol
# transparently (server sees the remote client IP # transparently (server sees the remote client IP
# address). Same as the global option, but per-protocol # address). Same as the global option, but per-protocol

9
sslh-main.c
View File

@ -124,8 +124,13 @@ static void config_protocols()
int i; int i;
for (i = 0; i < cfg.protocols_len; i++) { for (i = 0; i < cfg.protocols_len; i++) {
struct sslhcfg_protocols_item* p = &(cfg.protocols[i]); struct sslhcfg_protocols_item* p = &(cfg.protocols[i]);
if (resolve_split_name(&(p->saddr), p->host, p->port)) {
print_message(msg_config_error, "cannot resolve %s:%s\n", p->host, p->port); if (
!p->resolve_on_forward &&
resolve_split_name(&(p->saddr), p->host, p->port)
) {
print_message(msg_config_error, "cannot resolve %s:%s\n",
p->host, p->port);
exit(4); exit(4);
} }

4
sslhconf.cfg
View File

@ -108,8 +108,10 @@ config: {
{ name: "fork"; type: "bool"; default: false }, { name: "fork"; type: "bool"; default: false },
{ name: "tfo_ok"; type: "bool"; default: false; { name: "tfo_ok"; type: "bool"; default: false;
description: "Set to true if this protocol supports TCP FAST OPEN" }, description: "Set to true if this protocol supports TCP FAST OPEN" },
{ name: "transparent"; type: "bool"; default: false; { name: "transparent"; type: "bool"; default: false;
description: "Set to proxy this protocol transparently" }, description: "Set to proxy this protocol transparently" },
{ name: "resolve_on_forward"; type: "bool"; default: false;
description: "Set to true if server address should be resolved on (every) newly incoming connection (again)" },
{ name: "log_level"; type: "int"; default: 1 }, { name: "log_level"; type: "int"; default: 1 },
{ name: "keepalive"; type: "bool"; default: false }, { name: "keepalive"; type: "bool"; default: false },
{ name: "sni_hostnames", { name: "sni_hostnames",