diff --git a/common.c b/common.c index 71c8076..79ad8b4 100644 --- a/common.c +++ b/common.c @@ -278,9 +278,8 @@ int connect_addr(struct connection *cnx, int fd_from) cnx->proto->name, strerror(errno)); } else { one = 1; - // indicate desire to use TCP Fast Open setsockopt(fd, IPPROTO_TCP, TCP_FASTOPEN_CONNECT, &one, sizeof(one)); - // no need to check return value; if it's not supported, that's okay + /* no need to check return value; if it's not supported, that's okay */ if (cfg.transparent) { res = bind_peer(fd, fd_from); @@ -288,9 +287,16 @@ int connect_addr(struct connection *cnx, int fd_from) } res = connect(fd, a->ai_addr, a->ai_addrlen); if (res == -1) { - log_message(LOG_ERR, "forward to %s failed:connect: %s\n", - cnx->proto->name, strerror(errno)); - close(fd); + switch (errno) { + case EINPROGRESS: + /* Can't be done yet, or TFO already done */ + break; + + default: + log_message(LOG_ERR, "forward to %s failed:connect: %s\n", + cnx->proto->name, strerror(errno)); + close(fd); + } } else { if (cnx->proto->keepalive) { res = setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, (char*)&one, sizeof(one)); diff --git a/sslh-conf.c b/sslh-conf.c index 08bf7ca..7888010 100644 --- a/sslh-conf.c +++ b/sslh-conf.c @@ -1,5 +1,5 @@ /* Generated by conf2struct (https://www.rutschle.net/tech/conf2struct/README) - * on Sun Mar 10 09:37:57 2019. */ + * on Sun Mar 10 09:52:17 2019. */ #define _GNU_SOURCE #include @@ -655,6 +655,7 @@ int sslhcfg_cl_parse(int argc, char* argv[], struct sslhcfg_item* cfg) { group->port = calloc(1, param_len + 1); memcpy(group->port, sslhcfg_ssh->sval [cl_i]+pmatch[2].rm_so, param_len); group->fork = *((char*)"1") - '0'; + group->tfo_ok = *((char*)"1") - '0'; } #define MAX_MATCH 10 for (cl_i = 0; cl_i < sslhcfg_tls->count; cl_i++) { @@ -704,6 +705,7 @@ int sslhcfg_cl_parse(int argc, char* argv[], struct sslhcfg_item* cfg) { param_len = pmatch[2].rm_eo - pmatch[2].rm_so; group->port = calloc(1, param_len + 1); memcpy(group->port, sslhcfg_tls->sval [cl_i]+pmatch[2].rm_so, param_len); + group->tfo_ok = *((char*)"1") - '0'; } #define MAX_MATCH 10 for (cl_i = 0; cl_i < sslhcfg_openvpn->count; cl_i++) { @@ -753,6 +755,7 @@ int sslhcfg_cl_parse(int argc, char* argv[], struct sslhcfg_item* cfg) { param_len = pmatch[2].rm_eo - pmatch[2].rm_so; group->port = calloc(1, param_len + 1); memcpy(group->port, sslhcfg_openvpn->sval [cl_i]+pmatch[2].rm_so, param_len); + group->tfo_ok = *((char*)"1") - '0'; } #define MAX_MATCH 10 for (cl_i = 0; cl_i < sslhcfg_tinc->count; cl_i++) { @@ -802,6 +805,7 @@ int sslhcfg_cl_parse(int argc, char* argv[], struct sslhcfg_item* cfg) { param_len = pmatch[2].rm_eo - pmatch[2].rm_so; group->port = calloc(1, param_len + 1); memcpy(group->port, sslhcfg_tinc->sval [cl_i]+pmatch[2].rm_so, param_len); + group->tfo_ok = *((char*)"1") - '0'; } #define MAX_MATCH 10 for (cl_i = 0; cl_i < sslhcfg_xmpp->count; cl_i++) { diff --git a/sslh-conf.h b/sslh-conf.h index 05477bd..5aafa73 100644 --- a/sslh-conf.h +++ b/sslh-conf.h @@ -1,5 +1,5 @@ /* Generated by conf2struct (https://www.rutschle.net/tech/conf2struct/README) - * on Sun Mar 10 09:37:57 2019. */ + * on Sun Mar 10 09:52:17 2019. */ #ifndef C2S_SSLHCFG_H #define C2S_SSLHCFG_H diff --git a/sslhconf.cfg b/sslhconf.cfg index 40ca38b..dd29bc8 100644 --- a/sslhconf.cfg +++ b/sslhconf.cfg @@ -120,7 +120,7 @@ cl_groups: ( { path: "name"; value: "ssh" }, { path: "host"; value: "$1" }, { path: "port"; value: "$2" }, - { path: "fork"; value: 1 } + { path: "fork"; value: 1 }, { path: "tfo_ok"; value: 1 } ); }, @@ -131,7 +131,7 @@ cl_groups: ( targets: ( { path: "name"; value: "tls" }, { path: "host"; value: "$1" }, - { path: "port"; value: "$2" } + { path: "port"; value: "$2" }, { path: "tfo_ok"; value: 1 } ); }, @@ -142,7 +142,7 @@ cl_groups: ( targets: ( { path: "name"; value: "openvpn" }, { path: "host"; value: "$1" }, - { path: "port"; value: "$2" } + { path: "port"; value: "$2" }, { path: "tfo_ok"; value: 1 } ); }, @@ -153,7 +153,7 @@ cl_groups: ( targets: ( { path: "name"; value: "openvpn" }, { path: "host"; value: "$1" }, - { path: "port"; value: "$2" } + { path: "port"; value: "$2" }, { path: "tfo_ok"; value: 1 } ); },