third-party-mirrors/sslh
1
0
Fork 0
mirror of https://github.com/yrutschle/sslh.git synced 2025-04-13 07:37:15 +03:00
Code Issues Packages Projects Releases Wiki Activity

reintroduce --ssl as alias to --tls

Browse Source
This commit is contained in:
Yves Rutschle 2024-01-02 21:38:23 +01:00
parent b65f1e8b26
commit ed0ab12a16
4 changed files with 43 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@ -2,6 +2,8 @@ vNEXT:
Support for the Landlock LSM. After initial setup, Support for the Landlock LSM. After initial setup,
sslh gives up all local file access rights. sslh gives up all local file access rights.
Reintroduced --ssl as an alias to --tls.
v2.0.1: v2.0.1:
Fix resolve_on_forward setting, which would crash Fix resolve_on_forward setting, which would crash
sslh reliably. sslh reliably.

31
sslh-conf.c
View File

@ -1,5 +1,5 @@
/* Generated by conf2struct (https://www.rutschle.net/tech/conf2struct/README) /* Generated by conf2struct (https://www.rutschle.net/tech/conf2struct/README)
* on Sun Sep 11 21:43:25 2022. * on Tue Jan 2 21:25:47 2024.
# conf2struct: generate libconf parsers that read to structs # conf2struct: generate libconf parsers that read to structs
# Copyright (C) 2018-2021 Yves Rutschle # Copyright (C) 2018-2021 Yves Rutschle
@ -365,7 +365,7 @@ static int clcpy(config_type type, void* target, const void* cl_arg)
return 0; return 0;
} }
/* Copy the value of a string argument to arbitrary memory /* Copy the value of a string argument to arbitary memory
* location that must be large enough, converting on the way * location that must be large enough, converting on the way
* (i.e. CFG_INT gets atoi() and so on) */ * (i.e. CFG_INT gets atoi() and so on) */
/* 0: success /* 0: success
@ -471,6 +471,7 @@ struct arg_file* sslhcfg_conffile;
struct arg_str* sslhcfg_listen; struct arg_str* sslhcfg_listen;
struct arg_str* sslhcfg_ssh; struct arg_str* sslhcfg_ssh;
struct arg_str* sslhcfg_tls; struct arg_str* sslhcfg_tls;
struct arg_str* sslhcfg_ssl;
struct arg_str* sslhcfg_openvpn; struct arg_str* sslhcfg_openvpn;
struct arg_str* sslhcfg_tinc; struct arg_str* sslhcfg_tinc;
struct arg_str* sslhcfg_wireguard; struct arg_str* sslhcfg_wireguard;
@ -1333,6 +1334,15 @@ static struct compound_cl_target sslhcfg_openvpn_targets [] = {
{ 0 } { 0 }
}; };
static struct compound_cl_target sslhcfg_ssl_targets [] = {
{ & table_sslhcfg_protocols[0], 0, .value.def_string = "tls" },
{ & table_sslhcfg_protocols[1], 1, .value.def_string = "0" },
{ & table_sslhcfg_protocols[2], 2, .value.def_string = "0" },
{ & table_sslhcfg_protocols[10], 0, .value.def_int = 1 },
{ & table_sslhcfg_protocols[7], 0, .value.def_bool = 1 },
{ 0 }
};
static struct compound_cl_target sslhcfg_tls_targets [] = { static struct compound_cl_target sslhcfg_tls_targets [] = {
{ & table_sslhcfg_protocols[0], 0, .value.def_string = "tls" }, { & table_sslhcfg_protocols[0], 0, .value.def_string = "tls" },
{ & table_sslhcfg_protocols[1], 1, .value.def_string = "0" }, { & table_sslhcfg_protocols[1], 1, .value.def_string = "0" },
@ -1395,6 +1405,18 @@ static struct compound_cl_arg compound_cl_args[] = {
.override_const = "tls", .override_const = "tls",
}, },
{ /* arg: ssl */
.regex = "(.+):(\\w+)",
.arg_cl = & sslhcfg_ssl,
.base_entry = & table_sslhcfg [26],
.targets = sslhcfg_ssl_targets,
.override_desc = & table_sslhcfg_protocols [0],
.override_matchindex = 0,
.override_const = "tls",
},
{ /* arg: openvpn */ { /* arg: openvpn */
.regex = "(.+):(\\w+)", .regex = "(.+):(\\w+)",
.arg_cl = & sslhcfg_openvpn, .arg_cl = & sslhcfg_openvpn,
@ -1818,7 +1840,7 @@ static int set_target_fields(void* target_addr, struct compound_cl_arg* arg, con
if (pmatch[pmatch_cnt].rm_so == -1) { if (pmatch[pmatch_cnt].rm_so == -1) {
/* This should not happen as regexec() did /* This should not happen as regexec() did
* match before, unless there is a * match before, unless there is a
* discrepancy between the regex and the * discrepency between the regex and the
* number of backreferences */ * number of backreferences */
return 0; return 0;
} }
@ -2111,7 +2133,7 @@ static void scalar_to_string(char** strp, config_setting_t* s)
/* Typesets all the settings in a configuration as a /* Typesets all the settings in a configuration as a
* newly-allocated string. The string management is caller's * newly-allocated string. The string management is caller's
* responsibility. * responsability.
* Returns the number of scalars in the configuration */ * Returns the number of scalars in the configuration */
static int cfg_as_string(config_setting_t* parent, const char* path, char** strp) static int cfg_as_string(config_setting_t* parent, const char* path, char** strp)
{ {
@ -2199,6 +2221,7 @@ int sslhcfg_cl_parse(int argc, char* argv[], struct sslhcfg_item* cfg)
sslhcfg_listen = arg_strn("p", "listen", "<host:port>", 0, 10, "Listen on host:port"), sslhcfg_listen = arg_strn("p", "listen", "<host:port>", 0, 10, "Listen on host:port"),
sslhcfg_ssh = arg_strn(NULL, "ssh", "<host:port>", 0, 10, "Set up ssh target"), sslhcfg_ssh = arg_strn(NULL, "ssh", "<host:port>", 0, 10, "Set up ssh target"),
sslhcfg_tls = arg_strn(NULL, "tls", "<host:port>", 0, 10, "Set up TLS/SSL target"), sslhcfg_tls = arg_strn(NULL, "tls", "<host:port>", 0, 10, "Set up TLS/SSL target"),
sslhcfg_ssl = arg_strn(NULL, "ssl", "<host:port>", 0, 10, "Set up TLS/SSL target"),
sslhcfg_openvpn = arg_strn(NULL, "openvpn", "<host:port>", 0, 10, "Set up OpenVPN target"), sslhcfg_openvpn = arg_strn(NULL, "openvpn", "<host:port>", 0, 10, "Set up OpenVPN target"),
sslhcfg_tinc = arg_strn(NULL, "tinc", "<host:port>", 0, 10, "Set up tinc target"), sslhcfg_tinc = arg_strn(NULL, "tinc", "<host:port>", 0, 10, "Set up tinc target"),
sslhcfg_wireguard = arg_strn(NULL, "wireguard", "<host:port>", 0, 10, "Set up WireGuard target"), sslhcfg_wireguard = arg_strn(NULL, "wireguard", "<host:port>", 0, 10, "Set up WireGuard target"),

2
sslh-conf.h
View File

@ -1,5 +1,5 @@
/* Generated by conf2struct (https://www.rutschle.net/tech/conf2struct/README) /* Generated by conf2struct (https://www.rutschle.net/tech/conf2struct/README)
* on Sun Sep 11 21:43:25 2022. * on Tue Jan 2 21:25:47 2024.
# conf2struct: generate libconf parsers that read to structs # conf2struct: generate libconf parsers that read to structs
# Copyright (C) 2018-2021 Yves Rutschle # Copyright (C) 2018-2021 Yves Rutschle

13
sslhconf.cfg
View File

@ -186,6 +186,19 @@ cl_groups: (
{ path: "tfo_ok"; value: 1 } { path: "tfo_ok"; value: 1 }
); );
}, },
# Redundant with the --tls setting before, for backwards compatibility
{ name: "ssl"; pattern: "(.+):(\w+)"; description: "Set up TLS/SSL target";
list: "protocols";
override: "name";
argdesc: "<host:port>";
targets: (
{ path: "name"; value: "tls" },
{ path: "host"; value: "$1" },
{ path: "port"; value: "$2" },
{ path: "log_level"; value: 1 },
{ path: "tfo_ok"; value: 1 }
);
},
{ name: "openvpn"; pattern: "(.+):(\w+)"; description: "Set up OpenVPN target"; { name: "openvpn"; pattern: "(.+):(\w+)"; description: "Set up OpenVPN target";
list: "protocols"; list: "protocols";
override: "name"; override: "name";