pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/net/sslh Upate sslh to 1.15.



details:   https://anonhg.NetBSD.org/pkgsrc/rev/4c30c05f6a5c
branches:  trunk
changeset: 626347:4c30c05f6a5c
user:      obache <obache%pkgsrc.org@localhost>
date:      Fri Nov 08 13:33:55 2013 +0000

description:
Upate sslh to 1.15.
Based on PR pkg/48320 by Nils Ratusznik.

Pkgsrc change:
* add startup script.

ChangeLog:
v1.15:  27JUL2013
        Added --transparent option for transparent proxying.
        See README for iptables magic and capability
        management.

        Fixed bug in sslh-select: if number of opened file
        descriptor became bigger than FD_SETSIZE, bad things
        would happen.

        Fixed bug in sslh-select: if socket dropped while
        defered_data was present, sslh-select would crash.

        Increased FD_SETSIZE for Cygwin, as the default 64
        is too low for even moderate load.

v1.14: 21DEC2012
        Corrected OpenVPN probe to support pre-shared secret
        mode (OpenVPN port-sharing code is... wrong). Thanks
        to Kai Ellinger for help in investigating and
        testing.

        Added an actual TLS/SSL probe.

        Added configurable --on-timeout protocol
        specification.

        Added a --anyprot protocol probe (equivalent to what
        --ssl was).

        Makefile respects the user's compiler and CFLAG
        choices (falling back to the current values if
        undefined), as well as LDFLAGS.
        (Michael Palimaka)

        Added "After" and "KillMode" to systemd.sslh.service
        (Thomas Weißschuh).

        Added LSB tags to etc.init.d.sslh
        (Thomas Varis).

v1.13: 18MAY2012
        Write PID file before dropping privileges.

        Added --background, which overrides 'foreground'
        configuration file setting.

        Added example systemd service file from Archlinux in
        scripts/
        https://projects.archlinux.org/svntogit/community.git/tree/trunk/sslh.service?h=packages/sslh
        (Sébastien Luttringer)

v1.12: 08MAY2012
        Added support for configuration file.

        New protocol probes can be defined using regular
        expressions that match the first packet sent by the
        client.

        sslh now connects timed out connections to the first
        configured protocol instead of 'ssh' (just make sure
        ssh is the first defined protocol).

        sslh now tries protocols in the order in which they
        are defined (just make sure sslh is the last defined
        protocol).

v1.11: 21APR2012
        WARNING: defaults have been removed for --user and
        --pidfile options, update your start-up scripts!

        No longer stop sslh when reverse DNS requests fail
        for logging.

        Added HTTP probe.

        No longer create new session if running in
        foreground.

        No longer default to changing user to 'nobody'. If
        --user isn't specified, just run as current user.

        No longer create PID file by default, it should be
        explicitely set with --pidfile.

        No longer log to syslog if in foreground. Logs are
        instead output to stderr.

        The four changes above make it straightforward to
        integrate sslh with systemd, and should help with
        launchd.

v1.10: 27NOV2011
        Fixed calls referring to sockaddr length so they work
        with FreeBSD.

        Try target addresses in turn until one works if
        there are several (e.g. "localhost:22" resolves to
        an IPv6 address and an IPv4 address and sshd does
        not listen on IPv6).

        Fixed sslh-fork so killing the head process kills
        the listener processes.

        Heavily cleaned up test suite. Added stress test
        t_load script. Added coverage (requires lcov).

        Support for XMPP (Arnaud Gendre).

        Updated README.MacOSX (Aaron Madlon-Kay).

v1.9: 02AUG2011
        WARNING: This version does not work with FreeBSD and
        derivatives!

        WARNING: Options changed, you'll need to update your
        start-up scripts! Log format changed, you'll need to
        update log processing scripts!

        Now supports IPv6 throughout (both on listening and
        forwarding)

        Logs now contain IPv6 addresses, local forwarding
        address, and resolves names (unless --numeric is
        specified).

        Introduced long options.

        Options -l, -s and -o replaced by their long
        counterparts.

        Defaults for SSL and SSH options suppressed (it's
        legitimate to want to use sslh to mux OpenVPN and
        tinc while not caring about SSH nor SSL).

        Bind to multiple addresses with multiple -p options.

        Support for tinc VPN (experimental).

        Numeric logging option.

v1.8: 15JUL2011
        Changed log format to make it possible to link
        connections to subsequent logs from other services.

        Updated CentOS init.d script (Andre Krajnik).

        Fixed zombie issue with OpenBSD (The SA_NOCLDWAIT flag is not
        propagated to the child process, so we set up signals after
        the fork.) (François FRITZ)

        Added -o "OpenVPN" and OpenVPN probing and support.

        Added single-threaded, select(2)-based version.

        Added support for "Bold" SSH clients (clients that speak first)
        Thanks to Guillaume Ricaud for spotting a regression
        bug.

        Added -f "foreground" option.

        Added test suite. (only tests connexions. No test for libwrap,
        setsid, setuid and so on) and corresponding 'make
        test' target.

        Added README.MacOSX (thanks Aaron Madlon-Kay)

        Documented use with proxytunnel and corkscrew in
        README.

diffstat:

 net/sslh/Makefile                  |  31 ++++++++++++++++++++++++-------
 net/sslh/PLIST                     |  15 +++++++++++++--
 net/sslh/distinfo                  |  10 ++++++----
 net/sslh/files/sslh.sh             |  28 ++++++++++++++++++++++++++++
 net/sslh/patches/patch-echosrv.c   |  15 +++++++++++++++
 net/sslh/patches/patch-sslh-main.c |  24 ++++++++++++++++++++++++
 6 files changed, 110 insertions(+), 13 deletions(-)

diffs (164 lines):

diff -r f1441b1960a1 -r 4c30c05f6a5c net/sslh/Makefile
--- a/net/sslh/Makefile Fri Nov 08 13:11:55 2013 +0000
+++ b/net/sslh/Makefile Fri Nov 08 13:33:55 2013 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.2 2012/10/23 17:19:10 asau Exp $
+# $NetBSD: Makefile,v 1.3 2013/11/08 13:33:55 obache Exp $
 #
 
-DISTNAME=      sslh-1.7a
+DISTNAME=      sslh-1.15
 CATEGORIES=    net
 MASTER_SITES=  http://www.rutschle.net/tech/
 
@@ -10,14 +10,31 @@
 COMMENT=       Multiplex ssl and ssh connections on the same port
 LICENSE=       gnu-gpl-v2
 
-USE_TOOLS=     gmake pod2man
+USE_TOOLS+=    gmake gzip pod2man
 USE_LANGUAGES= c
 
-INSTALLATION_DIRS=     sbin ${PKGMANDIR}/man8
+MAKE_FLAGS+=   USELIBWRAP=1
+
+EGDIR=         ${PREFIX}/share/examples/sslh
+DOCDIR=                share/doc/sslh
+
+CONF_FILES=    ${EGDIR}/basic.cfg ${PKG_SYSCONFDIR}/sslh.cfg
+RCD_SCRIPTS=   sslh
+
+AUTO_MKDIRS=   yes
 
 do-install:
-       ${INSTALL_PROGRAM} ${WRKSRC}/sslh ${DESTDIR}${PREFIX}/sbin/.
-       ${INSTALL_MAN} ${WRKSRC}/sslh.8.gz \
-               ${DESTDIR}${PREFIX}/${PKGMANDIR}/man8/.
+       ${INSTALL_PROGRAM} ${WRKSRC}/sslh-fork ${DESTDIR}${PREFIX}/sbin/sslh
+       ${INSTALL_PROGRAM} ${WRKSRC}/sslh-select ${DESTDIR}${PREFIX}/sbin
+       ${INSTALL_MAN} ${WRKSRC}/sslh.8.gz ${DESTDIR}${PREFIX}/${PKGMANDIR}/man8
+       ${INSTALL_DATA} ${WRKSRC}/scripts/* ${DESTDIR}${EGDIR}/scripts
+       ${INSTALL_DATA} ${WRKSRC}/example.cfg ${DESTDIR}${EGDIR}
+       ${INSTALL_DATA} ${WRKSRC}/basic.cfg ${DESTDIR}${EGDIR}
+       ${INSTALL_DATA} ${WRKSRC}/README ${DESTDIR}${PREFIX}/${DOCDIR}
+       ${INSTALL_DATA} ${WRKSRC}/README.MacOSX ${DESTDIR}${PREFIX}/${DOCDIR}
+       ${INSTALL_DATA} ${WRKSRC}/ChangeLog ${DESTDIR}${PREFIX}/${DOCDIR}
 
+.include "../../devel/libconfig/buildlink3.mk"
+.include "../../devel/libgetopt/buildlink3.mk"
+.include "../../security/tcp_wrappers/buildlink3.mk"
 .include "../../mk/bsd.pkg.mk"
diff -r f1441b1960a1 -r 4c30c05f6a5c net/sslh/PLIST
--- a/net/sslh/PLIST    Fri Nov 08 13:11:55 2013 +0000
+++ b/net/sslh/PLIST    Fri Nov 08 13:33:55 2013 +0000
@@ -1,3 +1,14 @@
-@comment $NetBSD: PLIST,v 1.1 2010/07/31 17:04:47 apb Exp $
+@comment $NetBSD: PLIST,v 1.2 2013/11/08 13:33:55 obache Exp $
+man/man8/sslh.8
 sbin/sslh
-man/man8/sslh.8
+sbin/sslh-select
+share/doc/sslh/ChangeLog
+share/doc/sslh/README
+share/doc/sslh/README.MacOSX
+share/examples/rc.d/sslh
+share/examples/sslh/basic.cfg
+share/examples/sslh/example.cfg
+share/examples/sslh/scripts/etc.default.sslh
+share/examples/sslh/scripts/etc.init.d.sslh
+share/examples/sslh/scripts/etc.rc.d.init.d.sslh.centos
+share/examples/sslh/scripts/systemd.sslh.service
diff -r f1441b1960a1 -r 4c30c05f6a5c net/sslh/distinfo
--- a/net/sslh/distinfo Fri Nov 08 13:11:55 2013 +0000
+++ b/net/sslh/distinfo Fri Nov 08 13:33:55 2013 +0000
@@ -1,5 +1,7 @@
-$NetBSD: distinfo,v 1.1 2010/07/31 17:04:47 apb Exp $
+$NetBSD: distinfo,v 1.2 2013/11/08 13:33:55 obache Exp $
 
-SHA1 (sslh-1.7a.tar.gz) = 11bcb9fd4285b06819d16db638ca111d8d43577a
-RMD160 (sslh-1.7a.tar.gz) = 79a156469ba4b10c493851be28d15898eaef4731
-Size (sslh-1.7a.tar.gz) = 9733 bytes
+SHA1 (sslh-1.15.tar.gz) = eaf255fcbc0aa35f1274240e619636ad3af2e3b2
+RMD160 (sslh-1.15.tar.gz) = 03fb637fe06c5b1e4010547017ef39d7265ae503
+Size (sslh-1.15.tar.gz) = 33241 bytes
+SHA1 (patch-echosrv.c) = d235b5053aa597746f4cc8d1b13b8fc20ffa9c4f
+SHA1 (patch-sslh-main.c) = 39e9de71028c28de3e6bc5510b395409c99b73d1
diff -r f1441b1960a1 -r 4c30c05f6a5c net/sslh/files/sslh.sh
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/sslh/files/sslh.sh    Fri Nov 08 13:33:55 2013 +0000
@@ -0,0 +1,28 @@
+#!@RCD_SCRIPTS_SHELL@
+#
+# $NetBSD: sslh.sh,v 1.1 2013/11/08 13:33:55 obache Exp $
+#
+# PROVIDE: sslh
+# REQUIRE: DAEMON
+
+if [ -f /etc/rc.subr ]; then
+       . /etc/rc.subr
+fi
+
+name="sslh"
+rcvar=$name
+command="@PREFIX@/sbin/${name}"
+pidfile="@VARBASE@/run/${name}.pid"
+command_args="-P ${pidfile}"
+
+if [ -f @PKG_SYSCONFDIR@/sslh.cfg ]; then
+       command_args="${command_args} -F @PKG_SYSCONFDIR@/sslh.cfg"
+fi
+
+if [ -f /etc/rc.subr -a -f /etc/rc.conf -a -f /etc/rc.d/DAEMON ]; then
+       load_rc_config $name
+       run_rc_command "$1"
+else
+       echo -n " ${name}"
+       ${command} ${command_args}
+fi
diff -r f1441b1960a1 -r 4c30c05f6a5c net/sslh/patches/patch-echosrv.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/sslh/patches/patch-echosrv.c  Fri Nov 08 13:33:55 2013 +0000
@@ -0,0 +1,15 @@
+$NetBSD: patch-echosrv.c,v 1.1 2013/11/08 13:33:55 obache Exp $
+
+* getopt_long_only does not exist on NetBSD getopt.
+
+--- echosrv.c.orig     2013-07-27 14:25:04.000000000 +0000
++++ echosrv.c
+@@ -64,7 +64,7 @@ void parse_cmdline(int argc, char* argv[
+     };
+     struct addrinfo **a;
+ 
+-    while ((c = getopt_long_only(argc, argv, "l:p:", options, NULL)) != -1) {
++    while ((c = getopt_long(argc, argv, "l:p:", options, NULL)) != -1) {
+         if (c == 0) continue;
+ 
+         switch (c) {
diff -r f1441b1960a1 -r 4c30c05f6a5c net/sslh/patches/patch-sslh-main.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/sslh/patches/patch-sslh-main.c        Fri Nov 08 13:33:55 2013 +0000
@@ -0,0 +1,24 @@
+$NetBSD: patch-sslh-main.c,v 1.1 2013/11/08 13:33:55 obache Exp $
+
+* getopt_long_only does not exist on NetBSD getopt.
+
+--- sslh-main.c.orig   2013-07-27 14:25:04.000000000 +0000
++++ sslh-main.c
+@@ -337,7 +337,7 @@ static void cmdline_config(int argc, cha
+ #ifdef LIBCONFIG
+     optind = 1;
+     opterr = 0; /* we're missing protocol options at this stage so don't output errors */
+-    while ((c = getopt_long_only(argc, argv, optstr, all_options, NULL)) != -1) {
++    while ((c = getopt_long(argc, argv, optstr, all_options, NULL)) != -1) {
+         if (c == 'F') {
+             config_filename = optarg;
+             /* find the end of the listen list */
+@@ -362,7 +362,7 @@ static void parse_cmdline(int argc, char
+     optind = 1;
+     opterr = 1;
+ next_arg:
+-    while ((c = getopt_long_only(argc, argv, optstr, all_options, NULL)) != -1) {
++    while ((c = getopt_long(argc, argv, optstr, all_options, NULL)) != -1) {
+         if (c == 0) continue;
+ 
+         if (c >= PROT_SHIFT) {



Home | Main Index | Thread Index | Old Index