third-party-mirrors/sslh
1
0
Fork 0
mirror of https://github.com/yrutschle/sslh.git synced 2025-04-12 07:10:03 +03:00
Code Issues Packages Projects Releases Wiki Activity
859 Commits 3 Branches 42 Tags
Commit Graph

127 Commits

Author SHA1 Message Date
Yves Rutschle
ef6f698d86 document proxyprotocol 2025-04-03 21:30:34 +02:00
Yves Rutschle
416a82fcc6 code cleanup 2025-03-29 17:34:25 +01:00
Yves Rutschle
24c3bb07a0 add support for proxyprotocol v1 on backend server side 2025-03-09 18:49:17 +01:00
Yves Rutschle
5a0897c5cb refactor: connect_addr() update the *cnx object upon connecting to backend server, instead of each caller doing it 2025-03-09 09:43:41 +01:00
yrutschle
22a8ba9ef5 move libbsd support to autoconf detection 2025-02-19 09:25:59 +01:00
yrutschle
dcfa3fa2db move libcap support to autoconf detection 2025-02-19 09:01:01 +01:00
yrutschle
fabf0a121c actually include config.h 2025-02-19 08:59:17 +01:00
yrutschle
3a1c31d8cb move tcp wrapper support to autoconf detection 2025-02-18 10:09:12 +01:00
Yves Rutschle
710807fd3b Fix possible file descriptor leak (fix #485) 2025-01-05 18:37:12 +01:00
Yves Rutschle
2e9f23a2f4 remove unix socket before binding 2024-12-23 17:25:40 +01:00
Yves Rutschle
bf082292c2 new is_unix field to create listen unix sockets 2024-12-22 23:54:14 +01:00
Yves Rutschle
59d89e34f0 refactor: move inet code to its own function 2024-12-22 21:58:51 +01:00
Yves Rutschle
cac7f48fa7 new is_unix field to connect to unix socket target servers 2024-12-22 16:17:47 +01:00
Yves Rutschle
9e6b4fae29 refactor: isolate inet connection 2024-12-22 00:06:54 +01:00
Yves Rutschle
5f55f7d76a SOL_IP is Linux-specific, replace with portable IPPROTO_IP (fix #481) 2024-12-08 21:49:04 +01:00
ftasnetamot
d6041c93c4 added missing 3rd argument to CHECK_RES_RESULT 2024-08-15 23:02:54 +02:00
ftasnetamot
2e2701de55 Changed a CHECK_RES_DIE to CHECK_RES_RETURN, as the real problem will 
occur at connect!
 2024-08-15 23:02:54 +02:00
ftasnetamot
70a9b97f81 optimized setsockopt() options for better 
cooperation between different transparent-ip applications.
See: https://blog.cloudflare.com/how-to-stop-running-out-of-ephemeral-ports-and-start-to-love-long-lived-connections
for an explanation for those changes.
 2024-08-15 23:02:54 +02:00
Sergey Ponomarev
ae7530e33f Fix Narrowing conversion from 'ssize_t' to signed type 'int' is implementation-defined 2024-04-13 20:25:18 +02:00
Sergey Ponomarev
b3c770898a
Ignore opts (#436) 
* Be less strict about args at startup

Ignore unknown options.

* Don't fail if pid file is accessible
 2024-04-13 11:03:54 +02:00
Yves Rűtschlé
736b108a75 dont log error when remote client drops connection on Windows (fix #427) 2024-03-13 16:58:09 +01:00
Yves Rutschle
6f949419d1 fix comment to reflect reality 2024-01-05 10:34:29 +01:00
Yves Rutschle
dab5df7409 clarify where the name resolution error comes from 2024-01-05 10:32:41 +01:00
Latchezar Tzvetkoff
7499c26e9e
Cleanup error checking logic in bind_peer() (#412) 
Thanks for the cleanup!
 2023-11-15 22:02:21 +01:00
Preston Crow
81eed9d56a Transparent mode in a multi-stage chain will fail after the first step 
because the (ip,port) is already bound.  With this change, the bind is
retried with a different port to at least keep the same IP address, which
for most uses is all that is needed.  I've tested this on my own system
where sslh is used downstream from stunnel, with both in transparent mode.
 2023-10-06 17:50:25 -04:00
Yves Rutschle
3707c5b8a6 fix file descriptor leak if bind_peer fails 2023-05-13 23:18:07 +02:00
Paul Schroeder
78bc954769
review 
Signed-off-by: Paul Schroeder <milkpirate@users.noreply.github.com>
 2022-03-19 23:18:29 +01:00
Paul Schroeder
87577ae5f6
add functionality 
Signed-off-by: Paul Schroeder <milkpirate@users.noreply.github.com>
 2022-03-18 17:59:54 +01:00
yrutschle
17313100b5 print cnx type when dumping it 2021-11-01 18:48:26 +01:00
yrutschle
0cde3d794a check return values (fix #61) 2021-10-02 21:27:31 +02:00
yrutschle
4277d27063 migrate last messages to new log system 2021-09-27 13:16:30 +02:00
yrutschle
66caf8a31b remove log_message 2021-09-27 12:51:37 +02:00
yrutschle
4d3cc9c925 migrate some more common.c to new log system 2021-09-27 12:46:51 +02:00
yrutschle
e6cbbe9511 migrate common.c to new logging system 2021-09-26 15:53:21 +02:00
yrutschle
e5f16b93ce hexdump writes to parametrable msg_info 2021-09-19 21:54:47 +02:00
yrutschle
5e27806545 new logging system: now with message classes 2021-09-19 15:13:04 +02:00
yrutschle
317c08604b move logging code to its own file 2021-09-15 21:51:11 +02:00
yrutschle
a704c7f7f5 fix #302 2021-08-28 16:03:58 +02:00
yrutschle
1ad450a444 sslh-select sets O_NONBLOCK *before* calling connect, which prevents hanging on an unresposive server (fix #258) 2021-05-28 13:38:45 +02:00
yrutschle
c41ec489e0 changed CAP_NET_ADMIN to CAP_NET_RAW as it's enough 2021-05-11 06:44:27 +02:00
yrutschle
030ef64b99 refactor: purified set_capabilities, told to keep or drop CAP_NET_ADMIN instead of deciding for itself 2021-05-09 15:39:14 +02:00
yrutschle
905ac95ca1 do not drop CAP_NET_ADMIN if any of the protocols require transparent proxying 2021-05-08 07:44:39 +02:00
yrutschle
987643878f when verbose, precise which listen sockets are udp 2021-05-01 16:15:34 +02:00
yrutschle
adb27aa4a3 add a per-protocol transparent proxy option 2021-02-21 21:03:01 +01:00
yrutschle
a3d9df87cb fix typo and explicit a test 2020-12-02 22:48:17 +01:00
yrutschle
247d60d8e6 dump deferred data when dying from unexpected fd activity 2020-12-02 22:05:09 +01:00
yrutschle
7d820049a2 preliminary udp support: forwards incoming packets, no return yet 2020-11-29 15:51:04 +01:00
yrutschle
c12f7a1ade abstract listening sockets so we have protocol information alongside the socket 2020-11-07 22:31:49 +01:00
yrutschle
ebeabb6c18 add is_udp option and listen to UDP ports 2020-11-07 21:29:09 +01:00
yrutschle
8a1dae8c22 refactor: move local address resolution into start_listen_socket 2020-11-07 18:55:04 +01:00