sshuttle

mirror of https://github.com/sshuttle/sshuttle.git synced 2024-11-25 09:23:48 +01:00

Author	SHA1	Message	Date
Scott Kuhl	286bd3fa80	Make setsid() call in firewall process optional. We previously called setsid() to ensure that the SIGINT generated by Ctrl+C went to the main sshuttle process instead of the firewall process. With the previous commit, we gracefully shutdown if either the sshuttle process or firewall process receives a SIGINT. Therefore, the setsid() call is optional. We still try calling setsid() since the preferred shutdown process involves having the signal go to the main sshuttle process. However, setsid() will fail if the firewall process is started with sudo and sudo is configured with the use_pty option.	2022-01-07 12:14:57 -05:00
Scott Kuhl	ae8af71886	Gracefully exit if firewall process receives Ctrl+C/SIGINT. Typically sshuttle exits by having the main sshuttle client process terminated. This closes file descriptors which the firewall process then sees and uses as a cue to cleanup the firewall rules. The firewall process ignored SIGINT/SIGTERM signals and used setsid() to prevent Ctrl+C from sending signals to the firewall process. This patch makes the firewall process accept SIGINT/SIGTERM signals and then in turn sends a SIGINT signal to the main sshuttle client process which then triggers a regular shutdown as described above. This allows a user to manually send a SIGINT/SIGTERM to either sshuttle process and have it exit gracefully. It also is needed if setsid() fails (known to occur if sudo's use_pty option is used) and then the Ctrl+C SIGINT signal goes to the firewall process. The PID of the sshuttle client process is sent to the firewall process. Using os.getppid() in the firewall process doesn't correctly return the sshuttle client PID.	2022-01-07 11:52:39 -05:00
Scott Kuhl	54b80e6ce2	Fix defunct process after flushing DNS cache. When we flush the DNS cache by calling resolvectl, we should wait for the process to finish. This ensures that the cache is actually flushed and prevents the process from showing up as defunct when processes are listed.	2022-01-07 10:45:17 -05:00
Brian May	b00f2e0a68	Merge pull request #710 from skuhl/tproxy-check-root Improve error message if tproxy method is used without running as root.	2022-01-06 10:26:27 +11:00
Scott Kuhl	15a8752cc6	Improve error message if tproxy method is used without running as root. When the tproxy method is used, sshuttle must be run as root: https://sshuttle.readthedocs.io/en/stable/tproxy.html Prior to this patch, sshuttle would encounter a exception and print a message about how a setsockopt() call had a "PermissionError: [Errno 1] Operation not permitted." With this patch, we catch this exception, print a more understandable error message, and exit. The lack of error message clarity caused at least one bug report: #136	2022-01-04 14:52:21 -05:00
Brian May	a2776cbbd9	Upgrade Sphinx version	2022-01-04 11:47:35 +11:00
Brian May	44b772d049	Add readthedocs config	2022-01-04 11:38:07 +11:00
Brian May	ae1faa7fa1	Merge pull request #709 from skuhl/tproxy-doc-fix Minor improvement to tproxy documentation.	2022-01-02 12:02:33 +11:00
Scott Kuhl	175da40db7	Fix typo in tproxy documentation. "IPv6 DNS" was listed twice.	2021-12-31 14:54:17 -05:00
Scott Kuhl	e11db3980f	Minor improvement to tproxy documentation. Previously, tproxy was unique in its support of IPv6. Now, many sshuttle methods support IPv6 and tproxy remains the only option that supports UDP.	2021-12-31 14:31:54 -05:00
Scott Kuhl	d6f75fae25	Allow use of sudo or doas. This is an alternative solution to pull request #611. Previously, sshuttle would use doas on OpenBSD and sudo on Linux. However, some Linux distributions are opting to use doas. This patch changes the logic so that there can be multiple attempts to elevate privilages. If the first command fails to run, it moves on to the next command. Part of the existing code looked like it might be attempting to do this, but it didn't work. It also looks for the presence of doas and sudo in the path. If we can find doas (but cannot find sudo) or if the platform is OpenBSD, we try doas first. Otherwise, we try sudo, then doas. We try all the options until one succeeds (including running the command without sudo or doas) regardless of what is in the path. I'm open to adjusting the logic here based on feedback. If systems have both sudo and doas, they might be configured to give different users different permissions. For example, if a user wishes to use doas on this system, sshuttle would try sudo first and the user would need to enter invalid passwords to eventually cause sudo to fail and cause sshuttle to then try doas. This might not be ideal, but it avoids implement another sshuttle argument that the user would need to specify. Perhaps machines actually using doas will not have sudo installed?	2021-12-31 14:20:50 -05:00
Brian May	354cbe6071	Merge pull request #705 from JohnHay/ipfw Make ipfw method work	2021-12-24 10:10:02 +11:00
JohnHay	922d827948	Flake8 does not like if we go over 79 characters on a line.	2021-12-22 06:04:25 +02:00
JohnHay	e6f076e1a5	Make flake8 happy.	2021-12-21 16:12:11 +02:00
JohnHay	2665b67926	Remove the ttl hack to allow the host and server to run on the same machine from the ipfw method.	2021-12-20 11:52:09 +02:00
JohnHay	0cfee0ba84	ipfw expects text.	2021-12-20 09:20:32 +02:00
JohnHay	f247853f39	Changed one place where the Exception text was still tproxy to ipfw.	2021-12-20 08:58:25 +02:00
JohnHay	7c1f2b08cf	Indent the else to the same level as its if.	2021-12-20 08:55:38 +02:00
JohnHay	f65a51bbee	Add fport and lport (unused) to the for that parse subnets. Otherwise python is unhappy with "ValueError: too many values to unpack (expected 4)"	2021-12-20 08:53:34 +02:00
JohnHay	b1ee4f1d65	check-state does not take extra options.	2021-12-20 08:37:15 +02:00
Brian May	4f20efd592	Merge pull request #702 from sshuttle/dependabot/github_actions/actions/setup-python-2.3.1 Bump actions/setup-python from 2.3.0 to 2.3.1	2021-12-01 08:44:47 +11:00
dependabot[bot]	fa0de2d1b7	Bump actions/setup-python from 2.3.0 to 2.3.1 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 2.3.0 to 2.3.1. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v2.3.0...v2.3.1) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-11-30 10:07:48 +00:00
Brian May	01415dc52e	Merge pull request #700 from sshuttle/dependabot/github_actions/actions/setup-python-2.3.0 Bump actions/setup-python from 2.2.2 to 2.3.0	2021-11-19 09:31:07 +11:00
dependabot[bot]	9257077b4e	Bump actions/setup-python from 2.2.2 to 2.3.0 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 2.2.2 to 2.3.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v2.2.2...v2.3.0) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2021-11-18 10:09:21 +00:00
Brian May	b896a4b7f3	Remove references to legacy PyXAPI socket_ext for recvmsg socket.recvmsg has been in Python since version 3.3 and we don't support anything older then 3.6 the server side.	2021-11-11 08:01:15 +11:00
Brian May	fca9bd6478	Merge pull request #695 from sshuttle/dependabot/github_actions/actions/checkout-2.4.0 Bump actions/checkout from 2.3.5 to 2.4.0	2021-11-04 07:57:40 +11:00
dependabot[bot]	42bb67b050	Bump actions/checkout from 2.3.5 to 2.4.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 2.3.5 to 2.4.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2.3.5...v2.4.0) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2021-11-03 10:08:19 +00:00
Brian May	b7800dadda	Merge pull request #694 from cclauss/patch-1 pythonpackage.yml: Add Python 3.10 to the testing	2021-11-02 16:59:58 +11:00
Christian Clauss	3de631abec	pythonpackage.yml: Add Python 3.10 to the testing	2021-11-01 19:35:57 +01:00
Brian May	35382a98a7	Merge pull request #689 from sshuttle/dependabot/github_actions/actions/checkout-2.3.5 Bump actions/checkout from 2.3.4 to 2.3.5	2021-10-19 07:50:09 +11:00
dependabot[bot]	bebfa45626	Bump actions/checkout from 2.3.4 to 2.3.5 Bumps [actions/checkout](https://github.com/actions/checkout) from 2.3.4 to 2.3.5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2.3.4...v2.3.5) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-10-18 10:11:32 +00:00
Brian May	387dd4775b	Merge pull request #687 from sshuttle/dependabot/pip/flake8-4.0.1 Bump flake8 from 4.0.0 to 4.0.1	2021-10-12 07:40:16 +11:00
dependabot[bot]	f5cf79893a	Bump flake8 from 4.0.0 to 4.0.1 Bumps [flake8](https://github.com/pycqa/flake8) from 4.0.0 to 4.0.1. - [Release notes](https://github.com/pycqa/flake8/releases) - [Commits](https://github.com/pycqa/flake8/compare/4.0.0...4.0.1) --- updated-dependencies: - dependency-name: flake8 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-10-11 20:38:33 +00:00
dependabot[bot]	86a651099e	Bump pyflakes from 2.3.1 to 2.4.0 Bumps [pyflakes](https://github.com/PyCQA/pyflakes) from 2.3.1 to 2.4.0. - [Release notes](https://github.com/PyCQA/pyflakes/releases) - [Changelog](https://github.com/PyCQA/pyflakes/blob/master/NEWS.rst) - [Commits](https://github.com/PyCQA/pyflakes/compare/2.3.1...2.4.0) --- updated-dependencies: - dependency-name: pyflakes dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2021-10-12 07:36:53 +11:00
dependabot[bot]	a42f6a5e67	Bump flake8 from 3.9.2 to 4.0.0 Bumps [flake8](https://github.com/pycqa/flake8) from 3.9.2 to 4.0.0. - [Release notes](https://github.com/pycqa/flake8/releases) - [Commits](https://github.com/pycqa/flake8/compare/3.9.2...4.0.0) --- updated-dependencies: - dependency-name: flake8 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2021-10-12 07:36:18 +11:00
Brian May	5c4c943db8	Merge pull request #683 from sshuttle/dependabot/pip/pytest-cov-3.0.0 Bump pytest-cov from 2.12.1 to 3.0.0	2021-10-05 08:00:42 +11:00
dependabot[bot]	ccf1c9f478	Bump pytest-cov from 2.12.1 to 3.0.0 Bumps [pytest-cov](https://github.com/pytest-dev/pytest-cov) from 2.12.1 to 3.0.0. - [Release notes](https://github.com/pytest-dev/pytest-cov/releases) - [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst) - [Commits](https://github.com/pytest-dev/pytest-cov/compare/v2.12.1...v3.0.0) --- updated-dependencies: - dependency-name: pytest-cov dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2021-10-04 10:12:27 +00:00
Brian May	9399cf10f6	Merge pull request #682 from a1346054/fixes Simple maintenance improvements	2021-09-23 08:49:18 +10:00
a1346054	b95c1f3357	Trim excess whitespace	2021-09-22 12:36:36 +00:00
a1346054	5257d9fd1b	Fix shellcheck warnings	2021-09-22 12:36:27 +00:00
a1346054	ef244a5490	Fix typos	2021-09-22 12:36:26 +00:00
Brian May	7fb0f0a81b	Merge pull request #678 from sshuttle/dependabot/pip/setuptools-scm-6.3.2 Bump setuptools-scm from 6.3.1 to 6.3.2	2021-09-14 07:45:18 +10:00
dependabot[bot]	e8653d444d	Bump setuptools-scm from 6.3.1 to 6.3.2 Bumps [setuptools-scm](https://github.com/pypa/setuptools_scm) from 6.3.1 to 6.3.2. - [Release notes](https://github.com/pypa/setuptools_scm/releases) - [Changelog](https://github.com/pypa/setuptools_scm/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pypa/setuptools_scm/compare/v6.3.1...v6.3.2) --- updated-dependencies: - dependency-name: setuptools-scm dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-09-13 10:11:54 +00:00
Brian May	83038f0472	Merge pull request #676 from balping/master add openSUSE install instructions	2021-09-07 08:57:25 +10:00
Balázs Dura-Kovács	9974ca17f8	add openSUSE install instructions	2021-09-06 23:47:12 +01:00
Brian May	e2f2fecc8a	Merge pull request #675 from sshuttle/dependabot/pip/setuptools-scm-6.3.1 Bump setuptools-scm from 6.1.1 to 6.3.1	2021-09-07 08:26:20 +10:00
dependabot[bot]	b59ce9c014	Bump setuptools-scm from 6.1.1 to 6.3.1 Bumps [setuptools-scm](https://github.com/pypa/setuptools_scm) from 6.1.1 to 6.3.1. - [Release notes](https://github.com/pypa/setuptools_scm/releases) - [Changelog](https://github.com/pypa/setuptools_scm/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pypa/setuptools_scm/compare/v6.1.1...v6.3.1) --- updated-dependencies: - dependency-name: setuptools-scm dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2021-09-06 10:10:44 +00:00
Brian May	aa50f762cc	Merge pull request #674 from sshuttle/dependabot/pip/pytest-6.2.5 Bump pytest from 6.2.4 to 6.2.5	2021-09-01 08:49:21 +10:00
dependabot[bot]	57640ea2d0	Bump pytest from 6.2.4 to 6.2.5 Bumps [pytest](https://github.com/pytest-dev/pytest) from 6.2.4 to 6.2.5. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pytest-dev/pytest/compare/6.2.4...6.2.5) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-08-31 10:09:42 +00:00
Brian May	e59cc3959c	Merge pull request #672 from sshuttle/dependabot/pip/setuptools-scm-6.1.1 Bump setuptools-scm from 6.0.1 to 6.1.1	2021-08-28 17:28:18 +10:00

... 2 3 4 5 6 ...

1051 Commits