because the (ip,port) is already bound. With this change, the bind is
retried with a different port to at least keep the same IP address, which
for most uses is all that is needed. I've tested this on my own system
where sslh is used downstream from stunnel, with both in transparent mode.
Add USE_LIBEV to avoid the following build failure without libev raised
since version 2.0 and
711c11c820:
sslh-ev.c:24:10: fatal error: ev.h: Aucun fichier ou dossier de ce type
24 | #include <ev.h>
| ^~~~~~
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Problem:
IPv6 addresses are 4 bytes long and don't fit inside a `sockaddr`, so
`recvfrom` will truncate the address to the first half.
When generating a reply, the remaining half of the address is filled
with garbage and the packet is subsequently delivered to the wrong host,
if not immediately dropped.
Solution:
replace `sockaddr` with `sockaddr_storage`, the latter is guaranteed to
be large enough to hold an IPv6 address and pointers can be cast to
`sockaddr *` when needed.
Commit 5635dc5142aa ("Enable --transparent mode for docker") made a
little bit of a mess of the Dockerfile and container-entrypoint.sh.
A few issues are, but not limited to; trailing whitespaces, incorrect
indentation, removed final newline, component sortability just to name a
few.
This MR fixes that and cleans up those files again.
One thing not touched was the enable/disablement of `set +e` to exit the
script on error. It is nicer/cleaner to solve this in a different way,
but that adds to much complexity.
While here, make the container architecture and alpine version
configurable, allowing us to build multi-arch images from the CI in the
future.
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
