[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-ports
Subject:    Re: UPDATE net/sslh
From:       Klemens Nanni <kl3 () posteo ! org>
Date:       2018-01-31 10:12:21
Message-ID: 20180131101221.iaxtp4ovypdwg3ok () x230 ! example ! com
[Download RAW message or body]

On Wed, Jan 31, 2018 at 11:01:20AM +0100, Björn Ketelaars wrote:
> On Wed 31/01/2018 09:54, Klemens Nanni wrote:
> > On Wed, Jan 31, 2018 at 06:34:19AM +0100, Björn Ketelaars wrote:
> > > A new version of sslh is available that fixes an IPv6 parse bug.
> > Which bug? Does it work for you now?
> 
> The new release has been announced on the sslh mailinglist [0], and
> tries to explain why it has been released. The fix for the mentioned bug
> is on github [1].
> 
> The reason that I didn't notice the issue with IPv6 before is because
> I'm not using sslh in combination with it. However, before sending the
> diff to ports@ I did some testing:
> 
>   - v1.19
> 
> $ doas sslh-fork -vf --listen [::1]:443 --ssh [::1]:22
> sslh-fork(94193) in free(): modified chunk-pointer 0xefd21aeeb81
> Abort trap (core dumped)
> 
>   - v1.19b
> 
> $ doas sslh-fork -vf --listen [::1]:443 --ssh [::1]:22
> ssh addr: localhost:ssh. libwrap service: sshd log_level: 1 family 24 24 [] [fork]
> listening on:
>         localhost:443  []
> timeout: 2
> on-timeout: ssh
> listening to 1 addresses
> sslh-fork v1.19b started
> 
> A telnet session to ::1 443 showed:
> 
> accepted fd 4
> timed out, connect to ssh
> connecting to localhost:ssh family 24 len 28
> ssh:connection from localhost:40131 to localhost:443 forwarded from localhost:34533 to localhost:ssh
> flushing deferred data to fd 3
> 
> Answer to you second question: IPv6 now works.
> 
> Does the above answer your questions?
Yes, quite well so. Thanks!

> [0] http://rutschle.net/pipermail/sslh/2018-January/000661.html
> [1] https://github.com/yrutschle/sslh/commit/1a6ba5edc0b4482182ec6603433435ff091f66b6
> 
> > > Upstream has decided to remove the v1.19 tarball to avoid encouraging
> > > use of a bad version, and has released v1.19b.
> > They also changed their homepage, see the redirection.
> 
> I did not notice that. Thank you!  New diff below.
> 
> 
> diff --git Makefile Makefile
> index 84caa75c02f..20427bdce13 100644
> --- Makefile
> +++ Makefile
> @@ -2,11 +2,11 @@
>  
>  COMMENT =	SSL/SSH multiplexer
>  
> -DISTNAME =	sslh-v1.19
> +DISTNAME =	sslh-v1.19b
>  PKGNAME =	${DISTNAME:S/-v/-/}
>  CATEGORIES =	security net
>  
> -HOMEPAGE =	https://www.rutschle.net/tech/sslh.shtml
> +HOMEPAGE =	https://www.rutschle.net/tech/sslh/README.html
>  
>  MAINTAINER =	Bjorn Ketelaars <bjorn.ketelaars@hydroxide.nl>
>  
> diff --git distinfo distinfo
> index e4dae567aea..400bbbb73b4 100644
> --- distinfo
> +++ distinfo
> @@ -1,2 +1,2 @@
> -SHA256 (sslh-v1.19.tar.gz) = 75yxg5baQEu3BbLEzUViql/rVU3m+b0HSyTnrEcTZpw=
> -SIZE (sslh-v1.19.tar.gz) = 57352
> +SHA256 (sslh-v1.19b.tar.gz) = EN/E3v+8qUw+91NdP3GyE6vHjVPtHpAIc9PKHMlDZZw=
> +SIZE (sslh-v1.19b.tar.gz) = 57369
> diff --git patches/patch-Makefile patches/patch-Makefile
> index 977a2e2329d..91dee1b9e7b 100644
> --- patches/patch-Makefile
> +++ patches/patch-Makefile
> @@ -3,7 +3,7 @@ $OpenBSD: patch-Makefile,v 1.6 2018/01/28 16:31:48 sthen Exp $
>  Index: Makefile
>  --- Makefile.orig
>  +++ Makefile
> -@@ -87,7 +83,7 @@ echosrv: version.h $(OBJS) echosrv.o
> +@@ -87,7 +87,7 @@ echosrv: version.h $(OBJS) echosrv.o
>   	$(CC) $(CFLAGS) $(LDFLAGS) -o echosrv echosrv.o probe.o common.o tls.o $(LIBS)
>   
>   $(MAN): sslh.pod Makefile
Looks good to me.

[prev in list] [next in list] [prev in thread] [next in thread]