third-party-mirrors/sslh
1
0
Fork 0
mirror of https://github.com/yrutschle/sslh.git synced 2025-04-13 23:57:14 +03:00
Code Issues Packages Projects Releases Wiki Activity
779 Commits 3 Branches 42 Tags
Commit Graph

779 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sergio C
5f1c1b1b61
Update README.md (#431) 
Updated tproxy.md location
v2.1.1 		2024-03-24 08:33:34 +01:00
Yves Rutschle
58783af410 For MacOS, do not have multiple identicat cases in switch 2024-03-23 09:53:01 +01:00
Yves Rutschle
1957be1dc3 v.2.1.0 2024-03-22 16:41:50 +01:00
Yves Rűtschlé
ecca78bde7 for MacOS, define unknown symbols to equivalent values 2024-03-21 18:54:03 +01:00
Yves Rűtschlé
b94060ad76 undef FD_SETSIZE to avoid compiler warning upon redefine 2024-03-15 15:09:39 +01:00
Yves Rűtschlé
736b108a75 dont log error when remote client drops connection on Windows (fix #427) 2024-03-13 16:58:09 +01:00
Yves Rutschle
7ca567fcd9 clarify the difficulty of transparent proxying 2024-03-12 22:07:17 +01:00
Yves Rutschle
3117c15fbd when sslh-fork accept() fails with some errors, retry accept instead of dying 2024-01-11 21:32:39 +01:00
Yves Rutschle
e428fc505c prevent children from continuing the parent's work in case of failure 2024-01-11 21:24:19 +01:00
Yves Rutschle
4dfb4d300a add default LANDLOCK_ACCESS_FS_REFER define for Ubuntu (fix #420) 2024-01-06 11:56:57 +01:00
Yves Rutschle
39184b5622 enable landlock access to files to allow forking and name resolution 2024-01-05 13:21:55 +01:00
Yves Rutschle
940461de18 check name resolution error to avoid segfault 2024-01-05 11:15:53 +01:00
Yves Rutschle
6f949419d1 fix comment to reflect reality 2024-01-05 10:34:29 +01:00
Yves Rutschle
dab5df7409 clarify where the name resolution error comes from 2024-01-05 10:32:41 +01:00
Yves Rutschle
402ca5219b fix warnings on sockaddr storage 2024-01-04 23:22:44 +01:00
Yves Rutschle
046401148d add ./configure stage to docker build 2024-01-04 23:04:26 +01:00
Yves Rutschle
780e536aeb use autoconf to crete build scripts depending on landlock presence (fix #417) 2024-01-04 22:45:10 +01:00
Yves Rutschle
ed0ab12a16 reintroduce --ssl as alias to --tls 2024-01-02 21:38:23 +01:00
Yves Rutschle
b65f1e8b26 Merged Landlock feature 2023-12-09 14:13:07 +01:00
Konstantin
91b649daa0
Set image tag to use github in docker-compose example (#414) 
Change image tag of the docker-compose example from ```sslh:latest``` to ```ghcr.io/yrutschle/sslh:latest```
 2023-11-19 20:43:13 +01:00
Latchezar Tzvetkoff
7499c26e9e
Cleanup error checking logic in bind_peer() (#412) 
Thanks for the cleanup!
 2023-11-15 22:02:21 +01:00
Yves Rutschle
90a55b6f9d document Windows build and docker repositories 2023-11-15 21:49:44 +01:00
Yves Rutschle
1f66e2e093 add sslh-ev 2023-11-15 21:46:42 +01:00
Yves Rutschle
92d2326016
Merge pull request #408 from pcrow/master 
Fix transparent mode in a multi-stage chain
 2023-10-07 21:15:58 +02:00
Preston Crow
81eed9d56a Transparent mode in a multi-stage chain will fail after the first step 
because the (ip,port) is already bound.  With this change, the bind is
retried with a different port to at least keep the same IP address, which
for most uses is all that is needed.  I've tested this on my own system
where sslh is used downstream from stunnel, with both in transparent mode.
 2023-10-06 17:50:25 -04:00
Yves Rutschle
490a44723b fix install to build sslh-fork (fix #407) 2023-10-05 11:53:09 +02:00
Yves Rutschle
23fb1eba6f remove obsolete intermediate sslh target 2023-10-03 09:34:38 +02:00
Yves Rutschle
be66848e2d
Merge pull request #406 from ffontaine/master 
Makefile: add USE_LIBEV
 2023-10-03 09:32:42 +02:00
Fabrice Fontaine
3e93c1d43d Makefile: add USE_LIBEV 
Add USE_LIBEV to avoid the following build failure without libev raised
since version 2.0 and
711c11c820:

sslh-ev.c:24:10: fatal error: ev.h: Aucun fichier ou dossier de ce type
   24 | #include <ev.h>
      |          ^~~~~~

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
 2023-10-01 18:53:43 +02:00
Yves Rutschle
1b26eb50a5 Changelog for resolve_on_forward fix v2.0.1 2023-09-24 09:25:52 +02:00
Yves Rutschle
e0f15a31b7 resolve name at connection time for UDP too 2023-09-12 21:39:51 +02:00
Yves Rutschle
c2551c011e update to Conf::Libconfig 1.0.3 API 2023-09-12 21:35:23 +02:00
Yves Rutschle
e2c3ed61a8 update to Conf::Libconfig 1.0.3 API 2023-09-12 21:35:10 +02:00
Yves Rutschle
1b0c6d0b8d add resolve_on_forward in tests 2023-09-06 18:01:52 +02:00
Yves Rutschle
0562eb4b07 fix resolve_on_forward use (fix #405) 2023-09-06 15:48:13 +02:00
Yves Rutschle
93600d1fb1
Merge pull request #299 from amake/patch-1 
Allow supplying additional CFLAGS
v2.0.0 v2.0 		2023-08-31 15:26:42 +02:00
Yves Rutschle
04f258e705
Merge branch 'master' into patch-1 2023-08-31 15:26:22 +02:00
Yves Rutschle
1fb888bbf2 remove magic numbers with correct sizeof 2023-08-31 15:18:22 +02:00
Yves Rutschle
1f0cab2aee
Merge pull request #342 from utoni/fix/ovpn-probe-read-overflow 
fix possible buffer overflow
 2023-08-31 15:15:50 +02:00
Yves Rutschle
ff9328fa6c Merge branch 'utoni-fix/cppcheck-complains' 2023-08-31 15:13:57 +02:00
Yves Rutschle
e941e8dd2e fix cppcheck complains 2023-08-31 15:10:53 +02:00
Yves Rűtschlé
8930ec395e Initial support for the landlock LSM 2023-08-29 17:20:51 +02:00
Yves Rutschle
54fe4b2f47
Merge pull request #401 from rnhmjoj/master 
fix handling of IPv6 UDP connections
 2023-08-26 21:32:22 +02:00
rnhmjoj
33129481cf
fix handling of IPv6 UDP connections 
Problem:
IPv6 addresses are 4 bytes long and don't fit inside a `sockaddr`, so
`recvfrom` will truncate the address to the first half.
When generating a reply, the remaining half of the address is filled
with garbage and the packet is subsequently delivered to the wrong host,
if not immediately dropped.

Solution:
replace `sockaddr` with `sockaddr_storage`, the latter is guaranteed to
be large enough to hold an IPv6 address and pointers can be cast to
`sockaddr *` when needed.
 2023-08-22 11:44:09 +02:00
Yves Rűtschlé
4cc0867753 remove dependency of sslh-conf.c to sslhconf.cfg (fix #283) 2023-08-13 10:38:39 +02:00
Yves Rutschle
4728730abc
Merge pull request #392 from klementng/docker/transparent-patch 
Docker: ipv6 transparent patch
 2023-08-10 08:21:39 +02:00
clement
9e7b4b751f sync and resolve merge conflict 2023-08-09 23:36:01 +08:00
Clement
b11f2620ab
Add clarification on --transparent mode for docker 2023-08-09 22:57:47 +08:00
Yves Rutschle
056c283145
Merge pull request #393 from oliv3r/dev/cleanup 
container: Cleanup some style issues
 2023-08-09 08:25:22 +02:00
Olliver Schinagl
00beb9595d
container: Cleanup some style issues 
Commit 5635dc5142aa ("Enable --transparent mode for docker") made a
little bit of a mess of the Dockerfile and container-entrypoint.sh.

A few issues are, but not limited to; trailing whitespaces, incorrect
indentation, removed final newline, component sortability just to name a
few.

This MR fixes that and cleans up those files again.

One thing not touched was the enable/disablement of `set +e` to exit the
script on error. It is nicer/cleaner to solve this in a different way,
but that adds to much complexity.

While here, make the container architecture and alpine version
configurable, allowing us to build multi-arch images from the CI in the
future.

Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
 2023-08-08 09:01:51 +02:00