Static build with pcre is broken since version 1.19b and
cb90cc97ae
because -lpcre has been replaced by -lpcreposix which will result in
the following static build failure:
/srv/storage/autobuild/run/instance-1/output-1/host/bin/mipsel-linux-gcc -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -static -static -o echosrv echosrv.o probe.o common.o tls.o -lpcreposix -lconfig -lcap
/srv/storage/autobuild/run/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/mipsel-buildroot-linux-uclibc/8.3.0/../../../../mipsel-buildroot-linux-uclibc/bin/ld: /srv/storage/autobuild/run/instance-1/output-1/host/mipsel-buildroot-linux-uclibc/sysroot/usr/lib/libpcreposix.a(libpcreposix_la-pcreposix.o): in function `regfree':
pcreposix.c:(.text+0x120): undefined reference to `pcre_free'
So append -lpcre after -lpcreposix
Fixes:
- http://autobuild.buildroot.org/results/a601824fc0c205a6a940e0f9f079ce2c39840605
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
as libpcre has to better binary support.
Note, just linking libpcre only has no effect, the posix functions are
provided by libpcreposix.
Use "make USELIBPCRE=" to turn libpcre off and link POSIX library.
version.h is included by some .o files, but it is generated. As such, it
must be a dependency of those .o files.
Rather than filter exactly which .o file needs it, just add a generic
dependency for all .o files on version.h.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Use libcap for saving CAP_NET_ADMIN (if --transparent is given) over a
setuid(). We don’t need CAP_NET_BIND_SERVICE as the listening sockets
are established before dropping root.
This code doesn't respect CPPFLAGS at all. Fix that and move the
existing -D flags to the right variable.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
We need these flags to come before all the objects, not after.
Otherwise, flags that impact handling of input objects do not
show up in time.
This also matches standard build system behavior (e.g. autotools).
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
When building the source from a checked out tag, eg v1.15, VERSION will
equal v1.15. However, when building from anything other than a tagged
version, you get 'v1.15-4-g50432d5-dirty' meaning I was 4 patches in
front of v1.15, particularly '50432d5' was my current HEAD, and I had
uncommited changes, '-dirty'.
Very useful for folks submitting bug reports on versions they compiled
themselves.
Signed-off-by: Jason Cooper <jason@lakedaemon.net>
Corrected OpenVPN probe to support pre-shared secret
mode (OpenVPN port-sharing code is... wrong). Thanks
to Kai Ellinger for help in investigating and
testing.
Added an actual TLS/SSL probe.
Added configurable --on-timeout protocol
specification.
Added a --anyprot protocol probe (equivalent to what
--ssl was).
Makefile respects the user's compiler and CFLAG
choices (falling back to the current values if
undefined), as well as LDFLAGS.
(Michael Palimaka)
Added "After" and "KillMode" to systemd.sslh.service
(Thomas Weischuh).
Added LSB tags to etc.init.d.sslh
(Thomas Varis).
Added support for configuration file.
New protocol probes can be defined using regular
expressions that match the first packet sent by the
client.
sslh now connects timed out connections to the first
configured protocol instead of 'ssh' (just make sure
ssh is the first defined protocol).
sslh now tries protocols in the order in which they
are defined (just make sure sslh is the last defined
protocol).
WARNING: defaults have been removed for --user and
--pidfile options, update your start-up scripts!
No longer stop sslh when reverse DNS requests fail
for logging.
Added HTTP probe.
No longer create new session if running in
foreground.
No longer default to changing user to 'nobody'. If
--user isn't specified, just run as current user.
No longer create PID file by default, it should be
explicitely set with --pidfile.
No longer log to syslog if in foreground. Logs are
instead output to stderr.
The four changes above make it straightforward to
integrate sslh with systemd, and should help with
launchd.
Fixed calls referring to sockaddr length so they work
with FreeBSD.
Try target addresses in turn until one works if
there are several (e.g. "localhost:22" resolves to
an IPv6 address and an IPv4 address and sshd does
not listen on IPv6).
Fixed sslh-fork so killing the head process kills
the listener processes.
Heavily cleaned up test suite. Added stress test
t_load script. Added coverage (requires lcov).
Support for XMPP (Arnaud Gendre).
Updated README.MacOSX (Aaron Madlon-Kay).
