File sslh.changes of Package sslh

Tue Mar 25 19:05:13 UTC 2014 -

- update to 1.16:
  + Probes made more resilient, to incoming data
    containing NULLs. Also made them behave properly
    when receiving too short packets to probe on the
    first incoming packet.
    (Ondrej Kuzník)
  + Libcap support: Keep only CAP_NET_ADMIN if started
    as root with transparent proxying and dropping
    priviledges (enable USELIBCAP in Makefile). This
    avoids having to mess with filesystem capabilities.
    (Sebastian Schmidt/yath)
  + Fixed bugs related to getpeername that would cause
    sslh to quit erroneously (getpeername can return
    actual errors if connections are dropped before
    getting to getpeername).
  + Set IP_FREEDBIND if available to bind to addresses
    that don't yet exist.
- compile with libcap support
- added missing-call-to-setgroups-before-setuid.patch
- removed patches fixed upstream:
  + sslh-asprintf.patch
  + sslh-chroot.patch

Sun Dec 22 14:50:15 UTC 2013 -

- added /etc/conf.d/sslh
  now the service actually starts when using systemd 

Wed Dec 11 19:20:54 UTC 2013 -

- update to 1.15:
  + Added --transparent option for transparent proxying. See README for iptables magic and capability management.
  + Fixed bug in sslh-select: if number of opened file descriptor became bigger than FD_SETSIZE, bad things would happen.
  + Fixed bug in sslh-select: if socket dropped while defered_data was present, sslh-select would crash.
  + Increased FD_SETSIZE for Cygwin, as the default 64 is too low for even moderate load.
    Thanks to Arnaud Gendre and Michael K. Avanessian for helping with investigation of the last three points.

Sun Jan  6 17:36:22 UTC 2013 -

- update to 1.14:
  + Corrected OpenVPN probe to support pre-shared secret
    mode (OpenVPN port-sharing code is... wrong). Thanks
    to Kai Ellinger for help in investigating and
  + Added an actual TLS/SSL probe.
  + Added configurable --on-timeout protocol
  + Added a --anyprot protocol probe (equivalent to what
    --ssl was).
  + Makefile respects the user's compiler and CFLAG
    choices (falling back to the current values if
    undefined), as well as LDFLAGS.
    (Michael Palimaka)
  + Added "After" and "KillMode" to systemd.sslh.service
    (Thomas Weißschuh).
- use upstream sslh.systemd.service instead of own one

Thu Aug 23 19:41:44 UTC 2012 -

- update to 1.13b:
  + WARNING: Options changed, you'll need to update your start-up 
    scripts! Log format changed, you'll need to update log 
    processing scripts
  + Added support for configuration file.
  + New protocol probes can be defined using regular expressions that 
    match the first packet sent by the client.
  + Added HTTP probe.
  + Now supports IPv6 throughout (both on listening and forwarding)
  + Logs now contain IPv6 addresses, local forwarding address, and 
    resolved names (unless --numeric is specified).
  + Introduced long options.
  + Bind to multiple addresses with multiple -p options.
  + Added -o "OpenVPN" and OpenVPN probing and support.
  + Added -f "foreground" option.
- adapted init script to new options
- added option for openVPN target address in sysconfig file
For openSUSE > 12.1:
- added config file /etc/default/sslh - but this needs to be enabled/
  added in SSLH_OPTS="" in /etc/sysconfig/sslh for now as the 
  sysconfig file already contains all variables
- added systemd file

Wed Aug 18 21:05:06 UTC 2010 -

- add special user sslh for sslh daemon
- fix typo in init script

Wed Aug 18 20:38:39 UTC 2010 -

- use /etc/sysconfig/sslh for configuration
- enhanced the init script

Mon Jun 28 07:16:35 UTC 2010 -

- specfile cleanup
- package docu and manpage
- create rcsslh symlink
- build with distribution optflags
- added sslh-1.7a-asprintf.patch 

Thu Feb 25 2010 Christian Debertshaeuser <>

- initial build

openSUSE Build Service is sponsored by