Hello community, here is the log from the commit of package sslh for openSUSE:Factory checked in at 2020-07-31 16:00:12 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/sslh (Old) and /work/SRC/openSUSE:Factory/.sslh.new.3592 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "sslh" Fri Jul 31 16:00:12 2020 rev:4 rq:823701 version:1.21c Changes: -------- --- /work/SRC/openSUSE:Factory/sslh/sslh.changes 2020-07-20 21:05:16.741330637 +0200 +++ /work/SRC/openSUSE:Factory/.sslh.new.3592/sslh.changes 2020-07-31 16:07:46.288833320 +0200 @@ -1,0 +2,6 @@ +Fri Jul 31 08:40:11 UTC 2020 - Michael Vetter <[email protected]> + +- Update to 1.21c: + * Removed support for 'ssl' and fix a related segfault bug. + +------------------------------------------------------------------- Old: ---- sslh-v1.21b.tar.gz New: ---- sslh-v1.21c.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ sslh.spec ++++++ --- /var/tmp/diff_new_pack.pIav3M/_old 2020-07-31 16:07:48.328835065 +0200 +++ /var/tmp/diff_new_pack.pIav3M/_new 2020-07-31 16:07:48.332835068 +0200 @@ -18,7 +18,7 @@ Name: sslh -Version: 1.21b +Version: 1.21c Release: 0 Summary: SSL/SSH multiplexer License: GPL-2.0-or-later ++++++ sslh-v1.21b.tar.gz -> sslh-v1.21c.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/sslh-v1.21b/ChangeLog new/sslh-v1.21c/ChangeLog --- old/sslh-v1.21b/ChangeLog 2020-07-19 21:05:36.000000000 +0200 +++ new/sslh-v1.21c/ChangeLog 2020-07-30 09:45:50.000000000 +0200 @@ -1,4 +1,12 @@ v1.21: 11JUL2020 + WARNING: + Moved configuration and command-line management to + use conf2struct. Changes are: + * `--ssl` and using `name: 'ssl'` in config file is no longer supported, use `tls` instead. + * command line option <-F|--config> no longer defaults to /etc/sslh.cfg, so you have to + specify it explicitly. + * command line option <-v|--verbose> takes a mandatory integer parameter + Added TCP_FASTOPEN support for client sockets (if tfo_ok is specified in their configuration) and for listenint socket, if all client protocols support it. @@ -8,12 +16,6 @@ than that many bytes have been received (mostly for regex) - Moved configuration and command-line management to - use conf2struct. Changes are: - * command line option <-F|--config> no longer defaults to /etc/sslh.cfg, so you have to - specify it explicitly. - * command line option <-v|--verbose> takes a mandatory integer parameter - Update Let's Encrypt entry in example.cfg for tls-alpn-01 challenges; tls-sni-* challenges are now deprecated. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/sslh-v1.21b/Makefile new/sslh-v1.21c/Makefile --- old/sslh-v1.21b/Makefile 2020-07-19 21:05:36.000000000 +0200 +++ new/sslh-v1.21c/Makefile 2020-07-30 09:45:50.000000000 +0200 @@ -1,6 +1,8 @@ -# Configuration VERSION=$(shell ./genver.sh -r) + +# Configuration -- you probably need to `make clean` if you +# change any of these ENABLE_REGEX=1 # Enable regex probes USELIBCONFIG=1 # Use libconfig? (necessary to use configuration files) USELIBPCRE=1 # Use libpcre? (needed for regex on musl) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/sslh-v1.21b/doc/INSTALL.md new/sslh-v1.21c/doc/INSTALL.md --- old/sslh-v1.21b/doc/INSTALL.md 2020-07-19 21:05:36.000000000 +0200 +++ new/sslh-v1.21c/doc/INSTALL.md 2020-07-30 09:45:50.000000000 +0200 @@ -42,7 +42,7 @@ If you want to rebuild `sslh-conf.c` (after a `make distclean` for example), you will also need to add [conf2struct](https://www.rutschle.net/tech/conf2struct/README.html) -(v1.3) to your path. +(v1.4) to your path. Compilation ----------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/sslh-v1.21b/probe.c new/sslh-v1.21c/probe.c --- old/sslh-v1.21b/probe.c 2020-07-19 21:05:36.000000000 +0200 +++ new/sslh-v1.21c/probe.c 2020-07-30 09:45:50.000000000 +0200 @@ -53,7 +53,6 @@ { "xmpp", is_xmpp_protocol }, { "http", is_http_protocol }, { "tls", is_tls_protocol }, - { "ssl", is_tls_protocol }, { "adb", is_adb_protocol }, { "socks5", is_socks5_protocol }, { "anyprot", is_true } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/sslh-v1.21b/sslh-conf.c new/sslh-v1.21c/sslh-conf.c --- old/sslh-v1.21b/sslh-conf.c 2020-07-19 21:05:36.000000000 +0200 +++ new/sslh-v1.21c/sslh-conf.c 2020-07-30 09:45:50.000000000 +0200 @@ -1,5 +1,5 @@ /* Generated by conf2struct (https://www.rutschle.net/tech/conf2struct/README) - * on Sun Jul 19 16:59:51 2020. + * on Wed Jul 29 22:51:16 2020. # conf2struct: generate libconf parsers that read to structs # Copyright (C) 2018-2019 Yves Rutschle @@ -30,9 +30,12 @@ #define _GNU_SOURCE #include <string.h> -#include <libconfig.h> +#ifdef LIBCONFIG +# include <libconfig.h> +#endif #include <stdlib.h> #include <stddef.h> +#include <stdio.h> #include "sslh-conf.h" #include "argtable3.h" #ifdef LIBPCRE @@ -56,18 +59,7 @@ CFG_ARRAY, CFG_LIST, } config_type; - -typedef int (*lookup_fn)(const config_setting_t*, const char*, void*); -lookup_fn lookup_fns[] = { - (lookup_fn)config_setting_lookup_bool, - (lookup_fn)config_setting_lookup_int, - (lookup_fn)config_setting_lookup_int64, - (lookup_fn)config_setting_lookup_float, - (lookup_fn)config_setting_lookup_string, - NULL, /* CFG_GROUP */ - NULL, /* CFG_ARRAY */ - NULL, /* CFG_LIST */ -}; +/* /config_type */ const char* type2str[] = { "boolean", @@ -80,8 +72,6 @@ "list", }; -/* /config_type */ - typedef union { int def_bool; int def_int; @@ -90,6 +80,97 @@ char* def_string; } any_val; +struct config_desc { + const char* name; + int type; + struct config_desc * sub_group; /* Table for compound types (list and group) */ + void* arg_cl; /* command-line argument for this setting */ + void* base_addr; /* Base of the structure (filled at runtime). Probably not useable for list elements */ + size_t offset; /* Offset of setting in the structure */ + size_t offset_len; /* Offset of *_len field, for arrays and lists */ + size_t offset_present; /* offset of *_is_present field, for optional settings */ + size_t size; /* Size of element, or size of group for groups and lists */ + int array_type; /* type of array elements, when type == CFG_ARRAY */ + int mandatory; + int optional; + any_val default_val; +}; + +#ifndef LIBCONFIG +/* Stubs in case you don't want libconfig */ + +typedef void config_setting_t; +typedef int config_t; +#define CONFIG_TRUE 1 +#define CONFIG_FALSE 0 + +#define make_config_setting_lookup(type) \ + int config_setting_lookup_##type(const config_setting_t* a, const char* b, void* c) { \ + return 0; \ + } + +#define make_config_setting_get(type, ret_type) \ + ret_type config_setting_get_##type(const config_setting_t* a) { \ + return 0; \ + } + +make_config_setting_lookup(bool); +make_config_setting_lookup(int); +make_config_setting_lookup(int64); +make_config_setting_lookup(float); +make_config_setting_lookup(string); + +make_config_setting_get(bool, int); +make_config_setting_get(int, int); +make_config_setting_get(int64, int); +make_config_setting_get(float, double); +make_config_setting_get(string, char*); + +config_setting_t* config_lookup(config_t* c, const char* b) { + return NULL; +} + +void config_init(config_t* c) { + return; +} + +config_setting_t* config_setting_lookup(config_setting_t* a, char* b) { + return NULL; +} + +int config_setting_length(config_setting_t* a) { + return 0; +} + +config_setting_t* config_setting_get_elem(config_setting_t* a, int i) { + return NULL; +} + +int config_read_file(config_t* a, const char* b) { + return CONFIG_TRUE; +} + +int config_error_line(config_t* c) { + return 0; +} + +char* config_error_text(config_t* c) { + return NULL; +} +#endif + +typedef int (*lookup_fn)(const config_setting_t*, const char*, void*); +lookup_fn lookup_fns[] = { + (lookup_fn)config_setting_lookup_bool, + (lookup_fn)config_setting_lookup_int, + (lookup_fn)config_setting_lookup_int64, + (lookup_fn)config_setting_lookup_float, + (lookup_fn)config_setting_lookup_string, + NULL, /* CFG_GROUP */ + NULL, /* CFG_ARRAY */ + NULL, /* CFG_LIST */ +}; + /* Copy an any_val to arbitrary memory location */ /* 0: success * <0: error */ @@ -253,22 +334,6 @@ } -struct config_desc { - const char* name; - int type; - struct config_desc * sub_group; /* Table for compound types (list and group) */ - void* arg_cl; /* command-line argument for this setting */ - void* base_addr; /* Base of the structure (filled at runtime). Probably not useable for list elements */ - size_t offset; /* Offset of setting in the structure */ - size_t offset_len; /* Offset of *_len field, for arrays and lists */ - size_t offset_present; /* offset of *_is_present field, for optional settings */ - size_t size; /* Size of element, or size of group for groups and lists */ - int array_type; /* type of array elements, when type == CFG_ARRAY */ - int mandatory; - int optional; - any_val default_val; -}; - /* Element to describe the target of a compound element * element: which config entry is being changed * match: if >0, index in pmatch to set @@ -831,7 +896,7 @@ }; static struct compound_cl_target sslhcfg_tinc_targets [] = { - { & table_sslhcfg_protocols[0], 0, .value.def_string = "openvpn" }, + { & table_sslhcfg_protocols[0], 0, .value.def_string = "tinc" }, { & table_sslhcfg_protocols[1], 1, .value.def_string = "0" }, { & table_sslhcfg_protocols[2], 2, .value.def_string = "0" }, { & table_sslhcfg_protocols[6], 0, .value.def_int = 1 }, @@ -931,7 +996,7 @@ .override_desc = & table_sslhcfg_protocols [0], .override_matchindex = 0, - .override_const = "openvpn", + .override_const = "tinc", }, { /* arg: xmpp */ @@ -1099,7 +1164,7 @@ if (setting) len = config_setting_length(setting); } - block = malloc(desc->size * len); + block = calloc(len, desc->size); *(size_t*)(((char*)target) + desc->offset_len) = len; *(void**)(((char*)target) + desc->offset) = block; @@ -1107,7 +1172,7 @@ break; case CFG_GROUP: - block = malloc(desc->size); + block = calloc(1, desc->size); *(void**)(((char*)target) + desc->offset) = block; TRACE_READ((" sizing for %zu elems ", len)); break; @@ -1488,7 +1553,9 @@ char* errmsg; config_setting_t* s; void* argtable[] = { - sslhcfg_conffile = arg_filen("F", "config", "<file>", 0, 1, "Specify configuration file"), + #ifdef LIBCONFIG + sslhcfg_conffile = arg_filen("F", "config", "<file>", 0, 1, "Specify configuration file"), + #endif sslhcfg_verbose = arg_intn("v", "verbose", "<n>", 0, 1, ""), sslhcfg_foreground = arg_litn("f", "foreground", 0, 1, "Run in foreground instead of as a daemon"), sslhcfg_inetd = arg_litn("i", "inetd", 0, 1, "Run in inetd mode: use stdin/stdout instead of network listen"), diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/sslh-v1.21b/sslh-conf.h new/sslh-v1.21c/sslh-conf.h --- old/sslh-v1.21b/sslh-conf.h 2020-07-19 21:05:36.000000000 +0200 +++ new/sslh-v1.21c/sslh-conf.h 2020-07-30 09:45:50.000000000 +0200 @@ -1,5 +1,5 @@ /* Generated by conf2struct (https://www.rutschle.net/tech/conf2struct/README) - * on Sun Jul 19 16:59:51 2020. + * on Wed Jul 29 22:51:16 2020. # conf2struct: generate libconf parsers that read to structs # Copyright (C) 2018-2019 Yves Rutschle @@ -30,7 +30,9 @@ #ifndef C2S_SSLHCFG_H #define C2S_SSLHCFG_H -#include <libconfig.h> +#ifdef LIBCONFIG +# include <libconfig.h> +#endif #include "probe.h" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/sslh-v1.21b/sslh-main.c new/sslh-v1.21c/sslh-main.c --- old/sslh-v1.21b/sslh-main.c 2020-07-19 21:05:36.000000000 +0200 +++ new/sslh-v1.21c/sslh-main.c 2020-07-30 09:45:50.000000000 +0200 @@ -115,36 +115,9 @@ } -/* To be removed in v1.21 */ -const char* ssl_err_msg = "Usage of 'ssl' setting is deprecated and will be removed in v1.21. Please use 'tls' instead\n"; -void ssl_to_tls(char* setting) -{ - if (!strcmp(setting, "ssl")) { - strcpy(setting, "tls"); /* legacy configuration */ - log_message(LOG_INFO, ssl_err_msg); - } -} - - -/* Turn 'ssl' command line option to 'tls'. To be removed in v1.21 */ -void cmd_ssl_to_tls(int argc, char* argv[]) -{ - int i; - for (i = 0; i < argc; i++) { - if (!strcmp(argv[i], "--ssl")) { - strcpy(argv[i], "--tls"); - /* foreground option not parsed yet, syslog not open, just print on - * stderr and hope for the best */ - fprintf(stderr, "%s", ssl_err_msg); - } - } -} - - /* Extract configuration on addresses and ports on which to listen. * out: newly allocated list of addrinfo to listen to */ -#ifdef LIBCONFIG static int config_resolve_listen(struct addrinfo **listen) { int i, res; @@ -164,12 +137,11 @@ } return 0; } -#endif -#ifdef LIBCONFIG static void setup_regex_probe(struct sslhcfg_protocols_item *p) +#ifdef LIBCONFIG { int num_patterns, i, res; regex_t** pattern_list; @@ -196,6 +168,10 @@ } } } +#else +{ + return; +} #endif /* For each protocol in the configuration, resolve address and set up protocol diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/sslh-v1.21b/sslhconf.cfg new/sslh-v1.21c/sslhconf.cfg --- old/sslh-v1.21b/sslhconf.cfg 2020-07-19 21:05:36.000000000 +0200 +++ new/sslh-v1.21c/sslhconf.cfg 2020-07-30 09:45:50.000000000 +0200 @@ -162,7 +162,7 @@ override: "name"; argdesc: "<host:port>"; targets: ( - { path: "name"; value: "openvpn" }, + { path: "name"; value: "tinc" }, { path: "host"; value: "$1" }, { path: "port"; value: "$2" }, { path: "log_level"; value: 1 },
