v1.13: 18MAY2012

Write PID file before dropping privileges. Added --background, which overrides 'foreground' configuration file setting. Added example systemd service file from Archlinux in scripts/ https://projects.archlinux.org/svntogit/community.git/tree/trunk/sslh.service?h=packages/sslh (Sébastien Luttringer)
zard777 · Jul 10, 2013 · 5cd1fa1 · 5cd1fa1
1 parent 9bcb2cd
commit 5cd1fa1
Show file tree

Hide file tree

Showing 8 changed files with 59 additions and 8 deletions.
diff --git a/ChangeLog b/ChangeLog
@@ -1,3 +1,14 @@
+v1.13: 18MAY2012
+	Write PID file before dropping privileges.
+
+	Added --background, which overrides 'foreground'
+	configuration file setting.
+
+	Added example systemd service file from Archlinux in
+	scripts/
+	https://projects.archlinux.org/svntogit/community.git/tree/trunk/sslh.service?h=packages/sslh
+	(S�bastien Luttringer)
+
 v1.12: 08MAY2012
 	Added support for configuration file.
 

diff --git a/Makefile b/Makefile
@@ -1,6 +1,6 @@
 # Configuration
 
-VERSION="v1.12"
+VERSION="v1.13b"
 USELIBCONFIG=1	# Use libconfig? (necessary to use configuration files)
 USELIBWRAP=	# Use libwrap?
 COV_TEST= 	# Perform test coverage?
@@ -73,7 +73,7 @@ clean:
 	rm -f sslh-fork sslh-select echosrv $(MAN) *.o *.gcov *.gcno *.gcda *.png *.html *.css *.info 
 
 tags:
-	ctags -T *.[ch]
+	ctags --globals -T *.[ch]
 
 test:
 	./t

diff --git a/README b/README
@@ -10,7 +10,24 @@ inside a corporate firewall, which almost never block port
 
 ==== Compile and install ====
 
-If you're lucky, the Makefile will work for you:
+sslh uses libconfig (http://www.hyperrealm.com/libconfig/)
+and libwrap.
+
+For Debian, these are contained in packages libwrap0-dev and
+libconfig8-dev.  
+
+For OpenSUSE, these are contained in packages libconfig9 and
+libconfig-dev in repository
+http://download.opensuse.org/repositories/multimedia:/libs/openSUSE_12.1/
+
+For Fedora, this package should work:
+https://admin.fedoraproject.org/pkgdb/acls/name/libconfig
+(feedback from Fedorans appreciated).
+
+If you can't find libconfig, or just don't want a
+configuration file, set 'USELIBCONFIG=' in the Makefile.
+
+After this, the Makefile should work:
 
 make install
 

diff --git a/common.c b/common.c
@@ -24,6 +24,7 @@ int verbose = 0;
 int probing_timeout = 2;
 int inetd = 0;
 int foreground = 0;
+int background = 0;
 int numeric = 0;
 const char *user_name, *pid_file, *rule_filename;
 

diff --git a/common.h b/common.h
@@ -100,7 +100,7 @@ int start_listen_sockets(int *sockfd[], struct addrinfo *addr_list);
 int defer_write(struct queue *q, void* data, int data_size);
 int flush_defered(struct queue *q);
 
-extern int probing_timeout, verbose, inetd, foreground, numeric;
+extern int probing_timeout, verbose, inetd, foreground, background, numeric;
 extern struct sockaddr_storage addr_ssl, addr_ssh, addr_openvpn;
 extern struct addrinfo *addr_listen;
 extern const char* USAGE_STRING;

diff --git a/scripts/systemd.sslh.service b/scripts/systemd.sslh.service
@@ -0,0 +1,9 @@
+[Unit]
+Description=SSL/SSH multiplexer
+
+[Service]
+EnvironmentFile=/etc/conf.d/sslh
+ExecStart=/usr/bin/sslh --foreground $DAEMON_OPTS
+
+[Install]
+WantedBy=multi-user.target
diff --git a/sslh-main.c b/sslh-main.c
@@ -1,5 +1,6 @@
 /*
-# main: processing of config file, command line options and start the main loop.
+# main: processing of config file, command line options and start the main
+# loop.
 #
 # Copyright (C) 2007-2012  Yves Rutschle
 # 
@@ -51,6 +52,7 @@ const char* USAGE_STRING =
 static struct option const_options[] = {
     { "inetd",      no_argument,            &inetd,         1 },
     { "foreground", no_argument,            &foreground,    1 },
+    { "background", no_argument,            &background,    1 },
     { "numeric",    no_argument,            &numeric,       1 },
     { "verbose",    no_argument,            &verbose,       1 },
     { "user",       required_argument,      0,              'u' },
@@ -428,6 +430,10 @@ static void parse_cmdline(int argc, char* argv[], struct proto* prots)
         exit(1);
     }
 
+    /* Did command-line override foreground setting? */
+    if (background)
+        foreground = 0;
+
 }
 
 int main(int argc, char *argv[])
@@ -471,12 +477,12 @@ int main(int argc, char *argv[])
 
    setup_signals();
 
-   if (user_name)
-       drop_privileges(user_name);
-
    if (pid_file)
        write_pid_file(pid_file);
 
+   if (user_name)
+       drop_privileges(user_name);
+
    /* Open syslog connection */
    setup_syslog(argv[0]);
 

diff --git a/sslh.pod b/sslh.pod
@@ -165,6 +165,13 @@ Runs in foreground. The server will not fork and will remain connected
 to the terminal. Messages normally sent to B<syslog> will also be sent
 to I<stderr>.
 
+=item B<--background>
+
+Runs in background. This overrides B<foreground> if set in
+the configuration file (or on the command line, but there is
+no point setting both on the command line unless you have a
+personality disorder).
+
 =back
 
 =head1 FILES