Fabrice Fontaine
b5d8b2d199
fix version extraction when building in a larger git tree
...
sslh uses host git to extract its own version number. In buildroot, this
is an issue since extracted information is conflicting with buildroot git
status if we use git as VCS for buildroot.
Since these git calls are legitimate only if git is used for the sslh
subtree only, this patch adds a check : a .git directory has to exist at
the root of the project to enable git-extracted version string.
Signed-off-by: David Bachelart <david.bachelart@bbright.com>
[yann.morin.1998@free.fr: fix troll character U+c2a0]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Retrieved from:
https://git.buildroot.net/buildroot/tree/package/sslh/0001-secure-version-while-building-sslh-in-a-larger-git-t.patch ]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2019-04-05 23:05:25 +02:00
yrutschle
e528f519bc
relax address matching rule so it matches more than just 'localhost'
2019-03-11 22:21:56 +01:00
yrutschle
b529069029
print a synthetic test report
2019-03-11 21:31:24 +01:00
yrutschle
67eb471c6f
Merge branch 'tfo'
2019-03-10 10:12:33 +01:00
yrutschle
2705face30
TCP_FASTOPEN changelog
2019-03-10 10:11:28 +01:00
yrutschle
4e725e1520
added TFO for listening socket
2019-03-10 10:11:06 +01:00
yrutschle
b0c3c8fdbc
manage TFO already done in connect call
2019-03-10 09:53:52 +01:00
yrutschle
15f733e572
add tfo_ok configuration setting
2019-03-10 09:46:06 +01:00
yrutschle
ff91f94315
Merge client TFO setting
2019-03-10 09:39:48 +01:00
Craig Andrews
0a880ea607
Use TCP Fast Open for client sockets
...
Set the TCP_FASTOPEN_CONNECT option on client sockets to signal desire to use TCP Fast Open.
See https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=19f6d3f3c8422d65b5e3d2162e30ef07c6e21ea2
2019-03-09 21:18:36 -05:00
yrutschle
e0312b4a9d
make ssh fork when on command line as used to be the case before
2019-03-09 12:36:57 +01:00
yrutschle
5a213c9650
c2s fix: initialise root config structure even if no config file is specified
2019-03-09 11:36:24 +01:00
yrutschle
7baf7f724c
Move config dump to stderr and verbose > 4
2019-02-08 22:45:16 +01:00
yrutschle
848b107f2b
document conf2struct dependency
2019-02-03 21:13:37 +01:00
yrutschle
a7b4462c6e
Added 'minlength' option
2019-02-03 14:45:14 +01:00
yrutschle
5b309a9b97
update c2f output
2019-01-27 18:53:36 +01:00
yrutschle
d2b64c7f38
Merge pull request #211 from licaon-kter/patch-1
...
Update verbose option in examples
2019-01-19 08:22:10 +01:00
Licaon_Kter
d647b4eb55
And here
2019-01-19 00:27:11 +00:00
Licaon_Kter
a584348a55
Update verbose option in examples
2019-01-19 00:26:06 +00:00
yrutschle
530acc7c72
Moved command line parsing to conf2struct
2019-01-12 21:33:44 +01:00
yrutschle
dbc0667ad3
removed obsolete declarations
2018-12-08 22:55:03 +01:00
yrutschle
e8654da78c
Moved configuration file parsing to conf2struct, which
...
abstract all the tedious bits of reading the settings from
the file into a structure.
2018-12-07 08:41:40 +01:00
yrutschle
343b0a0fbf
reactivate tests
2018-12-07 08:40:30 +01:00
yrutschle
ad0adfb0e1
re-integrate command line support
2018-12-07 08:32:36 +01:00
yrutschle
33ab9d535d
code cleanup and adaptation of regex probe
2018-12-04 23:11:04 +01:00
yrutschle
d3d4fd657a
moved config parse to c2s code
2018-12-03 11:02:20 +01:00
yrutschle
e2fddf17fc
updated description to better match our maturity
2018-11-29 18:31:55 +01:00
yrutschle
e7ce929020
config file now read to struct with c2s; command line no longer works
2018-11-29 11:56:33 +01:00
yrutschle
7af31c45c9
fix tests so that fragmented tests actually work
2018-11-29 11:52:25 +01:00
Yves Rutschle
4ae2e62d25
v1.20
2018-11-20 22:58:41 +01:00
yrutschle
8ec9799ca0
fix ssl tests
2018-11-04 22:59:01 +01:00
yrutschle
80ad31aec0
refactoring: replace magic constants with symbols
2018-11-04 22:25:16 +01:00
yrutschle
d6c714166a
only try to parse TLS extensions if settings are actually set
2018-09-30 21:35:45 +02:00
yrutschle
aa77922ffd
turn ssl setting from command line to tls (ssl no longer exists)
2018-09-30 21:34:22 +02:00
yrutschle
2ee0088c5f
turn ssl setting from configuration file to tls (ssl no longer exists)
2018-09-30 20:20:06 +02:00
yrutschle
f480eb6c7d
refactoring: simpler TLS extension parsing algorithm
2018-09-28 13:58:33 +02:00
yrutschle
6431bb7e35
refactoring: changed magic numbers for use_alpn to named bitfields
2018-09-23 22:29:25 +02:00
yrutschle
6d6ea50066
Merge branch 'master' of https://github.com/yrutschle/sslh
2018-09-23 21:57:16 +02:00
yrutschle
71265a8477
Merge pull request #201 from astiob/probe-strlen
...
Fix incorrect strncmp length in HTTP method probing
2018-09-23 21:56:51 +02:00
yrutschle
0003680137
remove old tls and ssl targets, only use alpn/sni probe also for TLS with no extensions
2018-09-23 12:07:06 +02:00
Oleg Oshmyan
e8f0d3ea53
Fix HTTP method probing
2018-09-22 15:50:40 +03:00
yrutschle
a5d00568b5
Merge pull request #199 from rom1dep/sni_alpn_errmatching
...
tls: proposed fix for incorrect SNI/ALPN matching
2018-08-30 23:16:28 +02:00
yrutschle
ffe9971624
test suite for SNI/ALPN with multiple targets and all combinations covered
2018-08-30 19:50:53 +02:00
Yves Rutschle
1693436cc3
automatic test for SNI/ALPN (single target)
2018-08-29 19:18:23 +02:00
Romain DEP.
e42f670112
tls: proposed fix for incorrect SNI/ALPN matching
2018-08-21 22:36:01 +02:00
Yves Rutschle
60df92c2b2
prevent repeated reads on broken sockets
2018-08-14 23:05:49 +02:00
Yves Rutschle
8ad32816a6
last_p might be used uninitialised if last probe has no probe set (which I don't think might happen, but anyhow...)
2018-08-14 22:52:52 +02:00
Yves Rutschle
677e385fec
new probing algorithm
2018-08-13 22:29:09 +02:00
Yves Rutschle
b6db83a701
also test probes when no fragmentation occurs
2018-08-12 21:45:42 +02:00
Yves Rutschle
3a17bd6832
removed obsolete tests
2018-08-12 21:35:42 +02:00
