Overview Repositories Revisions Requests Users Attributes Meta

Revisions of sslh

Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1174775 from Michael Vetter's avatar Michael Vetter (jubalh) (revision 12) 
- Update to 2.1.2:
  * Fix inetd
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1161275 from Michael Vetter's avatar Michael Vetter (jubalh) (revision 11) 
- Update to 2.1.1:
  * Fix MacOS build error
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1157812 from Michael Vetter's avatar Michael Vetter (jubalh) (revision 10) 
- Update to 2.1.0:
  * Support for the Landlock LSM. After initial setup,
    sslh gives up all local file access rights.
  * Reintroduced --ssl as an alias to --tls.
  * Introduce autoconf to adapt to landlock presence.
  * Close connexion without error message if remote
    client forcefully closes connexion, for Windows.
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1138229 from Michael Vetter's avatar Michael Vetter (jubalh) (revision 9) 
- Update to 2.0.1:
  * New semver-compatible version number
  * New sslh-ev: this is functionaly equivalent to sslh-select
    (mono-process, only forks for specified protocols), but based
    on libev, which should make it scalable to large numbers
    of connections.
  * New log system: instead of –verbose with arbitrary levels,
    there are now several message classes. Each message class
    can be set to go to stderr, syslog, or both. Classes are
    documented in example.cfg.
  * UDP connections are now managed in a hash to avoid linear
    searches. The downside is that the number of UDP connections
    is a hard limit, configurable with the ‘udp_max_connections’,
    which defaults to 1024. Timeouts are managed with lists.
  * inetd merges stderr output to what is sent to the client,
    which is a security issue as it might give information to an
    attacker. When inetd is activated, stderr is forcibly closed.
  * New protocol-level option resolve_on_forward, requests that
    target names are resolved at each connection instead of at
    startup. Useful for dynamic DNS situations.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 976089 from Factory Maintainer's avatar Factory Maintainer (factory-maintainer) (revision 8) 
Automatic submission by obs-autosubmit
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 916996 from Michael Vetter's avatar Michael Vetter (jubalh) (revision 7) 
- Update to 1.22c:
  * Fix invalid size (#302)
  * Test aborted connections (#285)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 914168 from Michael Vetter's avatar Michael Vetter (jubalh) (revision 6) 
- Update to 1.22b:
  * do not timeout TCP connections (fix #300) 
  * remove obsolete usage string and added lost version option
  * be more defensive when allocating and extending gap

- Update to 1.22:
  * sslh-select now supports UDP protocols.
    Probes specified in the `protocols`
    configuration entry are tried on incoming packets,
    TCP or UDP, and forwarded based on the input
    protocol (an incoming TCP connection will be
    forwarded as TCP, and same with UDP).
    This has been tested with DNS as shown in udp.cfg:
    incoming packets that contain my domain name are
    assumed to be a DNS request and forwarded
    accordingly. Note this could cause problems if
    combined with incoming TLS with SNI.  UDP clients
    and servers need to agree on the IPv4/IPv6 they use:
    use the same protocol on all sides! Often, this
    means explicitely using 'ip4-localhost'.
    UDP sender-receiver pairs (connections, so to speak)
    are kept for 60s, which can be changed with
    `udp_timeout` in the configuration.
 * Added probes for UDP protocols QUICK and Teamspeak.
 * Added probes for syslog protocol.
 * sslh-select refactored to change linear searches
   through connections to linear searches through
   fd_set.
 * Fixed a libconfig call to support libconfig 1.7.3.
 * Added symbol to support libconfig 1.4.9, still in
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 823701 from Michael Vetter's avatar Michael Vetter (jubalh) (revision 4) 
- Update to 1.21c:
  * Removed support for 'ssl' and fix a related segfault bug.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 821821 from Michael Vetter's avatar Michael Vetter (jubalh) (revision 3) 
- Update to 1.21b:
  * Moved configuration and command-line management to
    use conf2struct. Changes are:
    - command line option <-F|--config> no longer defaults to
	  /etc/sslh.cfg, so you have to specify it explicitly.
	- command line option <-v|--verbose> takes a mandatory
	  integer parameter
  * Changed exit code for illegal command line parameter
	from 1 to 6 (for testing purposes)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 765434 from Richard Brown's avatar Richard Brown (RBrownSUSE) (revision 1) 
Tidied up, now submitting again
Displaying all 12 revisions
openSUSE Build Service is sponsored by
Places