On Wed 31/01/2018 09:54, Klemens Nanni wrote:
> On Wed, Jan 31, 2018 at 06:34:19AM +0100, Björn Ketelaars wrote:
> > A new version of sslh is available that fixes an IPv6 parse bug.
> Which bug? Does it work for you now?
The new release has been announced on the sslh mailinglist [0], and
tries to explain why it has been released. The fix for the mentioned bug
is on github [1].
The reason that I didn't notice the issue with IPv6 before is because
I'm not using sslh in combination with it. However, before sending the
diff to ports@ I did some testing:
- v1.19
$ doas sslh-fork -vf --listen [::1]:443 --ssh [::1]:22
sslh-fork(94193) in free(): modified chunk-pointer 0xefd21aeeb81
Abort trap (core dumped)
- v1.19b
$ doas sslh-fork -vf --listen [::1]:443 --ssh [::1]:22
ssh addr: localhost:ssh. libwrap service: sshd log_level: 1 family 24 24 []
[fork]
listening on:
localhost:443 []
timeout: 2
on-timeout: ssh
listening to 1 addresses
sslh-fork v1.19b started
A telnet session to ::1 443 showed:
accepted fd 4
timed out, connect to ssh
connecting to localhost:ssh family 24 len 28
ssh:connection from localhost:40131 to localhost:443 forwarded from
localhost:34533 to localhost:ssh
flushing deferred data to fd 3
Answer to you second question: IPv6 now works.
Does the above answer your questions?
[0] http://rutschle.net/pipermail/sslh/2018-January/000661.html
[1]
https://github.com/yrutschle/sslh/commit/1a6ba5edc0b4482182ec6603433435ff091f66b6
> > Upstream has decided to remove the v1.19 tarball to avoid encouraging
> > use of a bad version, and has released v1.19b.
> They also changed their homepage, see the redirection.
I did not notice that. Thank you! New diff below.
diff --git Makefile Makefile
index 84caa75c02f..20427bdce13 100644
--- Makefile
+++ Makefile
@@ -2,11 +2,11 @@
COMMENT = SSL/SSH multiplexer
-DISTNAME = sslh-v1.19
+DISTNAME = sslh-v1.19b
PKGNAME = ${DISTNAME:S/-v/-/}
CATEGORIES = security net
-HOMEPAGE = https://www.rutschle.net/tech/sslh.shtml
+HOMEPAGE = https://www.rutschle.net/tech/sslh/README.html
MAINTAINER = Bjorn Ketelaars <bjorn.ketela...@hydroxide.nl>
diff --git distinfo distinfo
index e4dae567aea..400bbbb73b4 100644
--- distinfo
+++ distinfo
@@ -1,2 +1,2 @@
-SHA256 (sslh-v1.19.tar.gz) = 75yxg5baQEu3BbLEzUViql/rVU3m+b0HSyTnrEcTZpw=
-SIZE (sslh-v1.19.tar.gz) = 57352
+SHA256 (sslh-v1.19b.tar.gz) = EN/E3v+8qUw+91NdP3GyE6vHjVPtHpAIc9PKHMlDZZw=
+SIZE (sslh-v1.19b.tar.gz) = 57369
diff --git patches/patch-Makefile patches/patch-Makefile
index 977a2e2329d..91dee1b9e7b 100644
--- patches/patch-Makefile
+++ patches/patch-Makefile
@@ -3,7 +3,7 @@ $OpenBSD: patch-Makefile,v 1.6 2018/01/28 16:31:48 sthen Exp $
Index: Makefile
--- Makefile.orig
+++ Makefile
-@@ -87,7 +83,7 @@ echosrv: version.h $(OBJS) echosrv.o
+@@ -87,7 +87,7 @@ echosrv: version.h $(OBJS) echosrv.o
$(CC) $(CFLAGS) $(LDFLAGS) -o echosrv echosrv.o probe.o common.o tls.o
$(LIBS)
$(MAN): sslh.pod Makefile
