109 Commits

Author	SHA1	Message	Date
Sergey Ponomarev	ae7530e33f	Fix Narrowing conversion from 'ssize_t' to signed type 'int' is implementation-defined	2024-04-13 20:25:18 +02:00
Sergey Ponomarev	b3c770898a	Ignore opts (#436) ... * Be less strict about args at startup Ignore unknown options. * Don't fail if pid file is accessible	2024-04-13 11:03:54 +02:00
Yves Rűtschlé	736b108a75	dont log error when remote client drops connection on Windows (fix #427)	2024-03-13 16:58:09 +01:00
Yves Rutschle	6f949419d1	fix comment to reflect reality	2024-01-05 10:34:29 +01:00
Yves Rutschle	dab5df7409	clarify where the name resolution error comes from	2024-01-05 10:32:41 +01:00
Latchezar Tzvetkoff	7499c26e9e	Cleanup error checking logic in bind_peer() (#412) ... Thanks for the cleanup!	2023-11-15 22:02:21 +01:00
Preston Crow	81eed9d56a	Transparent mode in a multi-stage chain will fail after the first step ... because the (ip,port) is already bound. With this change, the bind is retried with a different port to at least keep the same IP address, which for most uses is all that is needed. I've tested this on my own system where sslh is used downstream from stunnel, with both in transparent mode.	2023-10-06 17:50:25 -04:00
Yves Rutschle	3707c5b8a6	fix file descriptor leak if bind_peer fails	2023-05-13 23:18:07 +02:00
Paul Schroeder	78bc954769	review ... Signed-off-by: Paul Schroeder <milkpirate@users.noreply.github.com>	2022-03-19 23:18:29 +01:00
Paul Schroeder	87577ae5f6	add functionality ... Signed-off-by: Paul Schroeder <milkpirate@users.noreply.github.com>	2022-03-18 17:59:54 +01:00
yrutschle	17313100b5	print cnx type when dumping it	2021-11-01 18:48:26 +01:00
yrutschle	0cde3d794a	check return values (fix #61)	2021-10-02 21:27:31 +02:00
yrutschle	4277d27063	migrate last messages to new log system	2021-09-27 13:16:30 +02:00
yrutschle	66caf8a31b	remove log_message	2021-09-27 12:51:37 +02:00
yrutschle	4d3cc9c925	migrate some more common.c to new log system	2021-09-27 12:46:51 +02:00
yrutschle	e6cbbe9511	migrate common.c to new logging system	2021-09-26 15:53:21 +02:00
yrutschle	e5f16b93ce	hexdump writes to parametrable msg_info	2021-09-19 21:54:47 +02:00
yrutschle	5e27806545	new logging system: now with message classes	2021-09-19 15:13:04 +02:00
yrutschle	317c08604b	move logging code to its own file	2021-09-15 21:51:11 +02:00
yrutschle	a704c7f7f5	fix #302	2021-08-28 16:03:58 +02:00
yrutschle	1ad450a444	sslh-select sets O_NONBLOCK *before* calling connect, which prevents hanging on an unresposive server (fix #258)	2021-05-28 13:38:45 +02:00
yrutschle	c41ec489e0	changed CAP_NET_ADMIN to CAP_NET_RAW as it's enough	2021-05-11 06:44:27 +02:00
yrutschle	030ef64b99	refactor: purified set_capabilities, told to keep or drop CAP_NET_ADMIN instead of deciding for itself	2021-05-09 15:39:14 +02:00
yrutschle	905ac95ca1	do not drop CAP_NET_ADMIN if any of the protocols require transparent proxying	2021-05-08 07:44:39 +02:00
yrutschle	987643878f	when verbose, precise which listen sockets are udp	2021-05-01 16:15:34 +02:00
yrutschle	adb27aa4a3	add a per-protocol transparent proxy option	2021-02-21 21:03:01 +01:00
yrutschle	a3d9df87cb	fix typo and explicit a test	2020-12-02 22:48:17 +01:00
yrutschle	247d60d8e6	dump deferred data when dying from unexpected fd activity	2020-12-02 22:05:09 +01:00
yrutschle	7d820049a2	preliminary udp support: forwards incoming packets, no return yet	2020-11-29 15:51:04 +01:00
yrutschle	c12f7a1ade	abstract listening sockets so we have protocol information alongside the socket	2020-11-07 22:31:49 +01:00
yrutschle	ebeabb6c18	add is_udp option and listen to UDP ports	2020-11-07 21:29:09 +01:00
yrutschle	8a1dae8c22	refactor: move local address resolution into start_listen_socket	2020-11-07 18:55:04 +01:00
yrutschle	6c94bf71b8	refactor: move code to listen to a single address out of start_listen_sockets	2020-11-01 21:21:26 +01:00
yrutschle	c5b0932bad	syslog_facility 'none' disables syslog	2020-06-19 23:39:25 +02:00
yrutschle	408c5741f8	rewind logged messages so it does not crash...	2020-06-19 23:01:25 +02:00
Yves Rutschle	c595aadb4d	log to syslog even if in foreground	2020-05-28 10:13:54 +00:00
yrutschle	98807771e0	clarify error message for setsockopt IP_TRANSPARENT	2020-01-26 21:35:09 +01:00
Jonas Mueller	125458df51	Fix warnings for return-type	2019-11-05 20:06:23 +01:00
Niobos	0380a4309f	Change process name to indicate task of process	2019-09-05 16:40:59 +02:00
yrutschle	3aa245efa5	separate connection information creationg from log emission	2019-09-05 15:48:33 +02:00
yrutschle	d5baed3f18	Fix fd2fd return value which should not be -1 on error	2019-05-13 15:21:22 +02:00
yrutschle	4e725e1520	added TFO for listening socket	2019-03-10 10:11:06 +01:00
yrutschle	b0c3c8fdbc	manage TFO already done in connect call	2019-03-10 09:53:52 +01:00
Craig Andrews	0a880ea607	Use TCP Fast Open for client sockets ... Set the TCP_FASTOPEN_CONNECT option on client sockets to signal desire to use TCP Fast Open. See https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=19f6d3f3c8422d65b5e3d2162e30ef07c6e21ea2	2019-03-09 21:18:36 -05:00
yrutschle	ad0adfb0e1	re-integrate command line support	2018-12-07 08:32:36 +01:00
yrutschle	33ab9d535d	code cleanup and adaptation of regex probe	2018-12-04 23:11:04 +01:00
yrutschle	e7ce929020	config file now read to struct with c2s; command line no longer works	2018-11-29 11:56:33 +01:00
Yves Rutschle	a1cc399ae5	fix syslog facility name check	2018-07-03 12:22:03 +02:00
Michael Santos	8ce2b2ea05	Check memory allocations succeed	2018-06-18 10:35:28 -04:00
Michael Santos	5cf591a254	Avoid segfault with malformed IPv6 address ... A literal IPv6 address without a trailing bracket will result in a write past the end of the address buffer: ~~~ segfault.conf protocols: ( { name: "tls"; host: "["; port: "8443"; } ); ~~~ ~~~ $ sslh-select -p 127.0.0.1:443 --foreground -F./segfault.conf [: no closing bracket in IPv6 address? Segmentation fault (core dumped) ~~~	2018-06-18 10:35:28 -04:00