Commit Graph

97 Commits

Author SHA1 Message Date
Christopher Wellons
4cb4fc6eac Use CPPFLAGS in the Makefile (closes #43)
Debian uses CPPFLAGS to pass arguments like -D_FORTIFY_SOURCE=2.
2020-02-16 10:10:14 -05:00
Christopher Wellons
8daa5992f1 Bump to version 1.1 2020-01-31 11:47:27 -05:00
Beat Bolli
ad7031f79a Enable logging to syslog with -s 2020-01-31 17:28:30 +01:00
Beat Bolli
5b7dc86a47 Route all logging through a function pointer
Prepare for a second logging function that logs to syslog.
2020-01-29 19:51:05 +01:00
Beat Bolli
e4f8c9f8f4 Limit the maximum log level settable from the command line 2020-01-29 19:49:11 +01:00
Beat Bolli
585a4b1d96 Rename all log levels
We're going to include <syslog.h> which #defines some of the same
identifiers to a numeric value. This will clash with the current usage
in the enum.
2020-01-29 19:47:25 +01:00
Christopher Wellons
2602caa459 Don't dereference NULL pointer on OOM
Fixes #37.
2019-12-30 13:11:02 -05:00
Christopher Wellons
715f30c3a7 Add public domain dedication to the source header 2019-08-06 20:31:35 -04:00
Nicolas Braud-Santoni
3d6aec6080 Prevent access to /run and /var in endlessh.service
Closes #34.
2019-08-06 20:23:11 -04:00
Nicolas Braud-Santoni
ae7473536e Add Documentation link in endlessh.service
Closes #33.
2019-08-06 20:18:39 -04:00
Christopher Wellons
33dff0cfc9 Balance list begin (.Bl) and end (.El) in man page
Ref: #35
2019-08-06 20:10:35 -04:00
Christopher Wellons
f465f2dcbb Tweak some macro formatting for consistency 2019-08-06 19:57:49 -04:00
arun
df0ffbf629 Use unveil(2) to restrict reading config file only
Closes #36.
2019-08-06 19:57:38 -04:00
arun
b2c811ecf7 Add pledge for OpenBSD
Closes #32.
2019-08-05 16:55:33 -04:00
Paavo-Einari Kaipila
a154fcaf43 better name for the config file 2019-05-14 21:05:48 +03:00
Paavo-Einari Kaipila
6b721e58ac config file location on FreeBSD 2019-05-14 18:56:01 +03:00
Cengiz Can
8ec96ea899
fix typo 2019-05-13 15:25:24 +03:00
Cengiz Can
44b3285bb2
PrivateUsers=true prevents privileged port mapping 2019-05-13 15:25:04 +03:00
Cengiz Can
4321fe93e5
add optional AmbientCapabilities to systemd unit
If a user wants to bind to a privileged port (<1024) our current systemd unit fails to provide enough capabilities to endlessh binary.

So, a user can modify `/etc/endlessh/config` to have `Port=22` or similar and then check out the systemd unit to enable the extra attribute.
2019-05-13 15:14:06 +03:00
Cengiz Can
964a860634
fix ConfigurationDirectory in systemd unit
`ConfigurationDirectory=endlessh` should be enough. Previous assignment throws a warning with systemd 237

```
May 13 08:57:18 kernelwtf systemd[1]: Started Endlessh SSH Tarpit.
May 13 08:58:20 kernelwtf systemd[1]: /etc/systemd/system/endlessh.service:25: ConfigurationDirectory= path is not valid, ignoring assignment: /etc/endlessh
```
2019-05-13 12:02:53 +03:00
Cengiz Can
8794f02d22
fix Exec value in systemd unit
Thanks for creating this wonderful tool! 

By default `make install` installs the binary into `/usr/local/bin` so I think this should be changed accordingly.

Cheers
2019-05-13 11:49:17 +03:00
Christopher Wellons
edf414caf6 Bump to version 1.0
Fixes #28.
2019-04-29 07:41:07 -04:00
Christopher Wellons
370cb5bdb7 Use correct format specifier when printing totals
Fixes #26.
2019-04-20 08:40:11 -04:00
Christopher Wellons
24bc7639d1 Always set standard output to line-buffered
When logging was enabled via the config file, standard output was left
fully buffered. Logs should never be fully buffered.

Thanks to Chang-Li for pointing this out.
2019-04-19 13:01:33 -04:00
Christopher Wellons
6f621b90b1 Tweak SIGUSR1 statistics totals logging
* Don't dynamically allocate the struct since that's not necessary.
* Use a more concise log message.
* Include current clients when counting the time.
* Print final statistics message *after* closing all clients.
* Don't include total connections in ACCEPT.
* Mention SIGUSR1 in the new man page, too.

Adjusts #24.
2019-04-12 18:49:04 -04:00
Christopher Wellons
c50585f759 Rename uepoch() to epochms()
It returns milliseconds, not microseconds.
2019-04-12 18:37:45 -04:00
Felix Kronlage
3473beb868 Gather statistics and LOG_INFO them upon SIGUSR1
Merges and closes #24.
2019-04-12 18:25:49 -04:00
Felix Kronlage
f8398093b1 Proper unix tools come with make install target
Merges and closes #22.
2019-04-12 18:09:08 -04:00
Felix Kronlage
f6ee532b50 A unix tool deserves a proper manual page 2019-04-12 18:06:33 -04:00
Felix Kronlage
95235af2fb
add rc.d script for openbsd 2019-04-12 23:08:56 +02:00
Christopher Wellons
38e35ad4c9 Add note about __EXTENSIONS__ to README (illumos) 2019-04-04 21:44:44 -04:00
Anton Rieger
8347377bb7
Merge pull request #1 from fkr/master
newlines for -4 and -6 help options
2019-04-04 21:51:33 +02:00
Felix Kronlage
9a0bfe683a newlines for -4 and -6 help options 2019-04-04 16:56:29 +02:00
Anton Rieger
badf3dd69e Added -4 -6 Switches and default tcp46
As *BSD defaults to use IPv6 only sockets and Linux to IPv4 mapped IPv6
sockets, switches to support explicit binding address families are required.

Now set explicitly if you want IPv6 only, IPv4 only or mapped IPv4.

Caveat:
OpenBSD explicitly states to not support IPv4 mapped IPv6 via setsock-API
2019-04-03 17:11:04 +02:00
yvoinov
cb7ee90cf5 Solaris SMF
Closes #18.
2019-03-28 10:53:13 -04:00
Christopher Wellons
494c68b8d7 Use _XOPEN_SOURCE instead of _POSIX_C_SOURCE
It seems this is required to get all the IPv6 definitions, though most
systems aren't very picky. NetBSD seems to be one of those picky
systems, though.
2019-03-27 09:40:20 -04:00
Christopher Wellons
9f4bdc123d Greatly simplify a bunch of things
1. If sockets are non-blocking, no need to use poll() on them. Just try
to write regardless and ignore the outcome. This means we don't need the
pollvec stuff anymore.

2. getline(3) is apparently still too new to POSIX that it's hard to use
portably. We don't really need it that badly anyway.

3. Don't use MSG_DONTWAIT. It's non-standard and apparently still hard
to use portably. Set sockets to non-blocking instead.

4. Since we're not polling on client sockets, the queue is a whole lot
simpler.
2019-03-26 20:30:03 -04:00
Christopher Wellons
b1c1599d32 Improve support for Solaris and its derivatives
Requires extensions to be enabled due to incomplete support for
POSIX.1-2008. However one of the now-exposed extensions is tragically
named "struct queue". This struct was been renamed to "struct fifo".

Thanks to @yvoinov for reporting this issue and collaborating on a
solution.

Closes #14, #17.
2019-03-26 18:23:15 -04:00
Dmitry Marakasov
a6d5425cba
Makefile: add all target 2019-03-26 19:45:00 +03:00
Christopher Wellons
e7c93c6664 Add link to main article in README 2019-03-25 09:37:34 -04:00
Christopher Wellons
a6d4565a10 Fix -V typo in usage documentation (#11) 2019-03-25 09:26:17 -04:00
Christopher Wellons
09e55cc553 Check for FreeBSD and adjust feature test macros
Fixes #2.
2019-03-25 09:24:44 -04:00
Christopher Wellons
44219a5e05 Add note about RHEL 6 / CentOS 6
Fixes #10.
2019-03-25 09:17:48 -04:00
Christopher Wellons
7fd15308dd Add -V switch (print version info) 2019-03-24 12:42:08 -04:00
ant
4ffc65b3eb Make final docker image smaller 2019-03-23 18:04:02 +00:00
Diego Casorran
94cf07e8ba Typo fix in README.md
Closes #6.
2019-03-23 13:03:53 -04:00
LGDan
82c746ede8
Create Dockerfile 2019-03-23 14:16:48 +00:00
Will Starms
548a7b1521 Add restart limit in case it gets stuck in a crash loop 2019-03-22 17:21:57 -05:00
Will Starms
922af308f2 Systemd service
Assuming an /opt/ install. For those unfamiliar, plop it into /etc/systemd/system (symlinks might not work, old systemd bug), run `systemctl daemon-reload`, and have it start on boot (and immediately) with `systemctl enable --now endlessh.service`
2019-03-22 17:13:56 -05:00
Christopher Wellons
ae76b41294 Add a log parsing utility 2019-02-06 15:18:09 -05:00