sslh-2.1.4-1.1 RPM for riscv64

From OpenSuSE Ports Tumbleweed for riscv64

sslh lets one accept both HTTPS and SSH connections on the same port. It makes
it possible to connect to an SSH server on port 443 (e.g. from inside a
corporate firewall) while still serving HTTPS on that port.

Provides

• sslh
• config(sslh)
• sslh(riscv-64)

Requires

• /bin/sh
• /bin/sh
• /bin/sh
• /bin/sh
• config(sslh) = 2.1.4-1.1
• group(nobody)
• ld-linux-riscv64-lp64d.so.1()(64bit)
• ld-linux-riscv64-lp64d.so.1(GLIBC_2.27)(64bit)
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.27)(64bit)
• libc.so.6(GLIBC_2.34)(64bit)
• libc.so.6(GLIBC_2.38)(64bit)
• libconfig.so.11()(64bit)
• libpcre2-8.so.0()(64bit)
• openssh
• openssl
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• systemd
• systemd
• systemd
• systemd

License

GPL-2.0-or-later

Changelog

* Mon Dec 16 2024 Michael Vetter <mvetter@suse.com>
  - Update to 2.1.4:
    * Fix release archive
* Mon Dec 16 2024 Michael Vetter <mvetter@suse.com>
  - Update to 2.1.3:
    * Landlock access fix
* Fri May 17 2024 Michael Vetter <mvetter@suse.com>
  - Update to 2.1.2:
    * Fix inetd
* Mon Mar 25 2024 Michael Vetter <mvetter@suse.com>
  - Update to 2.1.1:
    * Fix MacOS build error
* Thu Mar 14 2024 Michael Vetter <mvetter@suse.com>
  - Update to 2.1.0:
    * Support for the Landlock LSM. After initial setup,
      sslh gives up all local file access rights.
    * Reintroduced --ssl as an alias to --tls.
    * Introduce autoconf to adapt to landlock presence.
    * Close connexion without error message if remote
      client forcefully closes connexion, for Windows.
* Fri Jan 12 2024 Michael Vetter <mvetter@suse.com>
  - Update to 2.0.1:
    * New semver-compatible version number
    * New sslh-ev: this is functionaly equivalent to sslh-select
      (mono-process, only forks for specified protocols), but based
      on libev, which should make it scalable to large numbers
      of connections.
    * New log system: instead of –verbose with arbitrary levels,
      there are now several message classes. Each message class
      can be set to go to stderr, syslog, or both. Classes are
      documented in example.cfg.
    * UDP connections are now managed in a hash to avoid linear
      searches. The downside is that the number of UDP connections
      is a hard limit, configurable with the ‘udp_max_connections’,
      which defaults to 1024. Timeouts are managed with lists.
    * inetd merges stderr output to what is sent to the client,
      which is a security issue as it might give information to an
      attacker. When inetd is activated, stderr is forcibly closed.
    * New protocol-level option resolve_on_forward, requests that
      target names are resolved at each connection instead of at
      startup. Useful for dynamic DNS situations.
* Tue May 03 2022 Marcus Meissner <meissner@suse.com>
  - switch to https source url
* Mon Sep 06 2021 Michael Vetter <mvetter@suse.com>
  - Update to 1.22c:
    * Fix invalid size (#302)
    * Test aborted connections (#285)
* Wed Aug 25 2021 Michael Vetter <mvetter@suse.com>
  - Update to 1.22b:
    * do not timeout TCP connections (fix #300)
    * remove obsolete usage string and added lost version option
    * be more defensive when allocating and extending gap
* Wed Aug 18 2021 Michael Vetter <mvetter@suse.com>
  - Update to 1.22:
    * sslh-select now supports UDP protocols.
      Probes specified in the `protocols`
      configuration entry are tried on incoming packets,
      TCP or UDP, and forwarded based on the input
      protocol (an incoming TCP connection will be
      forwarded as TCP, and same with UDP).
      This has been tested with DNS as shown in udp.cfg:
      incoming packets that contain my domain name are
      assumed to be a DNS request and forwarded
      accordingly. Note this could cause problems if
      combined with incoming TLS with SNI.  UDP clients
      and servers need to agree on the IPv4/IPv6 they use:
      use the same protocol on all sides! Often, this
      means explicitely using 'ip4-localhost'.
      UDP sender-receiver pairs (connections, so to speak)
      are kept for 60s, which can be changed with
      `udp_timeout` in the configuration.
    * Added probes for UDP protocols QUICK and Teamspeak.
    * Added probes for syslog protocol.
    * sslh-select refactored to change linear searches
    through connections to linear searches through
    fd_set.
    * Fixed a libconfig call to support libconfig 1.7.3.
    * Added symbol to support libconfig 1.4.9, still in
    use in CentOS7.
    * Warn about unknown settings in the configuration
    file.
    * Added per-protocol `transparent` option. sslh-fork
    drops the capability after creating the server-side
    transparent socket. Transparent now uses CAP_NET_RAW
    instead of CAP_NET_ADMIN.
    * Removed compile-time option to use POSIX regex. Now
    regex must be PCRE2 (Perl-Compatible). This was in
    fact the case since v1.21, as PCRE are used to parse
    the config file.
  - Drop sslh-nopcreposix.patch:
    pcre2 is a hard dependency now
* Fri Apr 09 2021 Cristian Rodríguez <crrodriguez@opensuse.org>
  - remove unused tcpd-devel dependency
* Fri Apr 09 2021 Cristian Rodríguez <crrodriguez@opensuse.org>
  - sslh-nopcreposix.patch: Using pcreposix is the wrong thing
    to do on any glibc based system, avoid linking it.

Files

/etc/conf.d
/etc/conf.d/sslh
/etc/default/sslh
/usr/lib/systemd/system/sslh-select@.service
/usr/lib/systemd/system/sslh@.service
/usr/sbin/rcsslh
/usr/sbin/sslh
/usr/share/doc/packages/sslh
/usr/share/doc/packages/sslh/ChangeLog
/usr/share/doc/packages/sslh/README.md
/usr/share/man/man8/sslh.8.gz

Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Jan 10 00:13:42 2025