[arch-commits] Commit in sslh/repos/community-x86_64 (14 files)
Sébastien Luttringer
seblu at gemini.archlinux.org
Sun Sep 19 00:25:03 UTC 2021
Date: Sunday, September 19, 2021 @ 00:25:02
Author: seblu
Revision: 1017107
archrelease: copy trunk to community-x86_64
Added:
sslh/repos/community-x86_64/PKGBUILD
(from rev 1017106, sslh/trunk/PKGBUILD)
sslh/repos/community-x86_64/sslh-fork.service
(from rev 1017106, sslh/trunk/sslh-fork.service)
sslh/repos/community-x86_64/sslh-select.service
(from rev 1017106, sslh/trunk/sslh-select.service)
sslh/repos/community-x86_64/sslh.cfg
(from rev 1017106, sslh/trunk/sslh.cfg)
sslh/repos/community-x86_64/sslh.install
(from rev 1017106, sslh/trunk/sslh.install)
sslh/repos/community-x86_64/sslh.service
(from rev 1017106, sslh/trunk/sslh.service)
sslh/repos/community-x86_64/sslh.sysusers
(from rev 1017106, sslh/trunk/sslh.sysusers)
Deleted:
sslh/repos/community-x86_64/PKGBUILD
sslh/repos/community-x86_64/sslh-fork.service
sslh/repos/community-x86_64/sslh-select.service
sslh/repos/community-x86_64/sslh.cfg
sslh/repos/community-x86_64/sslh.install
sslh/repos/community-x86_64/sslh.service
sslh/repos/community-x86_64/sslh.sysusers
---------------------+
PKGBUILD | 141 +++++++++++++++++++++++++-------------------------
sslh-fork.service | 54 +++++++++----------
sslh-select.service | 54 +++++++++----------
sslh.cfg | 42 +++++++-------
sslh.install | 54 +++++++++----------
sslh.service | 50 ++++++++---------
sslh.sysusers | 2
7 files changed, 199 insertions(+), 198 deletions(-)
Deleted: PKGBUILD
===================================================================
--- PKGBUILD 2021-09-19 00:24:55 UTC (rev 1017106)
+++ PKGBUILD 2021-09-19 00:25:02 UTC (rev 1017107)
@@ -1,70 +0,0 @@
-# Maintainer: Sébastien "Seblu" Luttringer
-# Contributor: Le_suisse <lesuisse.dev+aur at gmail dot com>
-# Contributor: Jason Rodriguez <jason-aur at catloaf.net>
-
-pkgname=sslh
-_pkgver=1.22b
-pkgver=1.22.b
-pkgrel=1
-pkgdesc='SSL/SSH/OpenVPN/XMPP/tinc port multiplexer'
-arch=('x86_64')
-url='https://www.rutschle.net/tech/sslh/README.html'
-license=('GPL2')
-makedepends=('systemd')
-depends=('glibc' 'libcap' 'libconfig' 'pcre' 'systemd-libs')
-backup=('etc/sslh.cfg')
-install=$pkgname.install
-source=("https://www.rutschle.net/tech/sslh/$pkgname-v$_pkgver.tar.gz"{,.asc}
- 'sslh.cfg'
- 'sslh.service'
- 'sslh-select.service'
- 'sslh-fork.service')
-validpgpkeys=('CDDDBADBEA4B72748E007D326C056F7AC7934136') # Yves Rutschle <yves at rutschle.net>
-sha256sums=('5ef48dd9dacec8dc04c100f273952e534be9ae1ef02baa52708a8ecdbd4173cc'
- 'SKIP'
- '3feff7e2c096bc18d8f0073141c1017dccd4abbbc491fa16b55afd5c5ff6352c'
- '49ed1c88b0de079bc31a94e600b63edd7ea95b4aa9b5f533c15db1221d0892db'
- '5824ae86ced9142c37343367bd737661c2da826fba244cea7072685347be2250'
- 'd41f7cb8a3a3d8fc11608bc552014f03177ac3cdd8c5c6157d7d1a557d91cacb')
-
-prepare() {
- cd $pkgname-v$_pkgver
- # apply patch from the source array (should be a pacman feature)
- local src
- for src in "${source[@]}"; do
- src="${src%%::*}"
- src="${src##*/}"
- [[ $src = *.patch ]] || continue
- echo "Applying patch $src..."
- patch -Np1 < "../$src"
- done
-}
-
-build() {
- cd $pkgname-v$_pkgver
- make VERSION=\"v$pkgver\" USELIBCAP=1 USESYSTEMD=1 all systemd-sslh-generator
-}
-
-package() {
- # default arch config
- install -Dm 644 sslh.cfg "$pkgdir/etc/sslh.cfg"
- # manually install to have both ssl-fork and ssl-select
- cd $pkgname-v$_pkgver
- install -Dm 755 sslh-fork "$pkgdir/usr/bin/sslh-fork"
- install -Dm 755 sslh-select "$pkgdir/usr/bin/sslh-select"
- ln -s sslh-fork "$pkgdir/usr/bin/sslh"
- # install manpage
- install -Dm 644 sslh.8.gz "$pkgdir/usr/share/man/man8/sslh.8.gz"
- ln -s sslh.8.gz "$pkgdir/usr/share/man/man8/sslh-fork.8.gz"
- ln -s sslh.8.gz "$pkgdir/usr/share/man/man8/sslh-select.8.gz"
- # install examples files
- install -Dm 644 basic.cfg "$pkgdir/usr/share/doc/$pkgname/basic.cfg"
- install -Dm 644 example.cfg "$pkgdir/usr/share/doc/$pkgname/example.cfg"
- # systemd
- install -dm 755 "$pkgdir"/usr/lib/systemd/{system,system-generators}
- install -Dm 755 systemd-sslh-generator "$pkgdir/usr/lib/systemd/system-generators/systemd-sslh-generator"
- cd "$pkgdir"
- install -Dm 644 "$srcdir"/sslh{,-fork,-select}.service usr/lib/systemd/system
-}
-
-# vim:set ts=2 sw=2 et:
Copied: sslh/repos/community-x86_64/PKGBUILD (from rev 1017106, sslh/trunk/PKGBUILD)
===================================================================
--- PKGBUILD (rev 0)
+++ PKGBUILD 2021-09-19 00:25:02 UTC (rev 1017107)
@@ -0,0 +1,71 @@
+# Maintainer: Sébastien "Seblu" Luttringer
+# Contributor: Le_suisse <lesuisse.dev+aur at gmail dot com>
+# Contributor: Jason Rodriguez <jason-aur at catloaf.net>
+
+pkgname=sslh
+_pkgver=1.22c
+# Remember: 1.22a < 1.22b < 1.22
+pkgver=1.22.c
+pkgrel=1
+pkgdesc='SSL/SSH/OpenVPN/XMPP/tinc port multiplexer'
+arch=('x86_64')
+url='https://www.rutschle.net/tech/sslh/README.html'
+license=('GPL2')
+makedepends=('systemd')
+depends=('glibc' 'libcap' 'libconfig' 'pcre' 'systemd-libs')
+backup=('etc/sslh.cfg')
+install=$pkgname.install
+source=("https://www.rutschle.net/tech/sslh/$pkgname-v$_pkgver.tar.gz"{,.asc}
+ 'sslh.cfg'
+ 'sslh.service'
+ 'sslh-select.service'
+ 'sslh-fork.service')
+validpgpkeys=('CDDDBADBEA4B72748E007D326C056F7AC7934136') # Yves Rutschle <yves at rutschle.net>
+sha256sums=('8e3742d14edf4119350cfdc7bb96b89134d9218eb6d2a6e1f70891ca18a649b1'
+ 'SKIP'
+ '3feff7e2c096bc18d8f0073141c1017dccd4abbbc491fa16b55afd5c5ff6352c'
+ '49ed1c88b0de079bc31a94e600b63edd7ea95b4aa9b5f533c15db1221d0892db'
+ '5824ae86ced9142c37343367bd737661c2da826fba244cea7072685347be2250'
+ 'd41f7cb8a3a3d8fc11608bc552014f03177ac3cdd8c5c6157d7d1a557d91cacb')
+
+prepare() {
+ cd $pkgname-v$_pkgver
+ # apply patch from the source array (should be a pacman feature)
+ local src
+ for src in "${source[@]}"; do
+ src="${src%%::*}"
+ src="${src##*/}"
+ [[ $src = *.patch ]] || continue
+ echo "Applying patch $src..."
+ patch -Np1 < "../$src"
+ done
+}
+
+build() {
+ cd $pkgname-v$_pkgver
+ make VERSION=\"v$pkgver\" USELIBCAP=1 USESYSTEMD=1 all systemd-sslh-generator
+}
+
+package() {
+ # default arch config
+ install -Dm 644 sslh.cfg "$pkgdir/etc/sslh.cfg"
+ # manually install to have both ssl-fork and ssl-select
+ cd $pkgname-v$_pkgver
+ install -Dm 755 sslh-fork "$pkgdir/usr/bin/sslh-fork"
+ install -Dm 755 sslh-select "$pkgdir/usr/bin/sslh-select"
+ ln -s sslh-fork "$pkgdir/usr/bin/sslh"
+ # install manpage
+ install -Dm 644 sslh.8.gz "$pkgdir/usr/share/man/man8/sslh.8.gz"
+ ln -s sslh.8.gz "$pkgdir/usr/share/man/man8/sslh-fork.8.gz"
+ ln -s sslh.8.gz "$pkgdir/usr/share/man/man8/sslh-select.8.gz"
+ # install examples files
+ install -Dm 644 basic.cfg "$pkgdir/usr/share/doc/$pkgname/basic.cfg"
+ install -Dm 644 example.cfg "$pkgdir/usr/share/doc/$pkgname/example.cfg"
+ # systemd
+ install -dm 755 "$pkgdir"/usr/lib/systemd/{system,system-generators}
+ install -Dm 755 systemd-sslh-generator "$pkgdir/usr/lib/systemd/system-generators/systemd-sslh-generator"
+ cd "$pkgdir"
+ install -Dm 644 "$srcdir"/sslh{,-fork,-select}.service usr/lib/systemd/system
+}
+
+# vim:set ts=2 sw=2 et:
Deleted: sslh-fork.service
===================================================================
--- sslh-fork.service 2021-09-19 00:24:55 UTC (rev 1017106)
+++ sslh-fork.service 2021-09-19 00:25:02 UTC (rev 1017107)
@@ -1,27 +0,0 @@
-[Unit]
-Description=SSL/SSH multiplexer (fork mode)
-Conflicts=sslh-select.service sslh.socket
-After=network.target
-
-[Service]
-ExecStart=/usr/bin/sslh-fork --config /etc/sslh.cfg --foreground
-KillMode=process
-ProtectSystem=strict
-ProtectHome=true
-ProtectKernelModules=true
-ProtectKernelTunables=true
-ProtectControlGroups=true
-PrivateTmp=true
-PrivateDevices=true
-SecureBits=noroot-locked
-MountFlags=private
-NoNewPrivileges=true
-CapabilityBoundingSet=CAP_SETGID CAP_SETUID CAP_NET_BIND_SERVICE
-AmbientCapabilities=CAP_NET_BIND_SERVICE
-RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
-MemoryDenyWriteExecute=true
-User=sslh
-DynamicUser=true
-
-[Install]
-WantedBy=multi-user.target
Copied: sslh/repos/community-x86_64/sslh-fork.service (from rev 1017106, sslh/trunk/sslh-fork.service)
===================================================================
--- sslh-fork.service (rev 0)
+++ sslh-fork.service 2021-09-19 00:25:02 UTC (rev 1017107)
@@ -0,0 +1,27 @@
+[Unit]
+Description=SSL/SSH multiplexer (fork mode)
+Conflicts=sslh-select.service sslh.socket
+After=network.target
+
+[Service]
+ExecStart=/usr/bin/sslh-fork --config /etc/sslh.cfg --foreground
+KillMode=process
+ProtectSystem=strict
+ProtectHome=true
+ProtectKernelModules=true
+ProtectKernelTunables=true
+ProtectControlGroups=true
+PrivateTmp=true
+PrivateDevices=true
+SecureBits=noroot-locked
+MountFlags=private
+NoNewPrivileges=true
+CapabilityBoundingSet=CAP_SETGID CAP_SETUID CAP_NET_BIND_SERVICE
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
+MemoryDenyWriteExecute=true
+User=sslh
+DynamicUser=true
+
+[Install]
+WantedBy=multi-user.target
Deleted: sslh-select.service
===================================================================
--- sslh-select.service 2021-09-19 00:24:55 UTC (rev 1017106)
+++ sslh-select.service 2021-09-19 00:25:02 UTC (rev 1017107)
@@ -1,27 +0,0 @@
-[Unit]
-Description=SSL/SSH multiplexer (select mode)
-Conflicts=sslh-fork.service sslh.socket
-After=network.target
-
-[Service]
-ExecStart=/usr/bin/sslh-select --config /etc/sslh.cfg --foreground
-KillMode=process
-ProtectSystem=strict
-ProtectHome=true
-ProtectKernelModules=true
-ProtectKernelTunables=true
-ProtectControlGroups=true
-PrivateTmp=true
-PrivateDevices=true
-SecureBits=noroot-locked
-MountFlags=private
-NoNewPrivileges=true
-CapabilityBoundingSet=CAP_SETGID CAP_SETUID CAP_NET_BIND_SERVICE
-AmbientCapabilities=CAP_NET_BIND_SERVICE
-RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
-MemoryDenyWriteExecute=true
-User=sslh
-DynamicUser=true
-
-[Install]
-WantedBy=multi-user.target
Copied: sslh/repos/community-x86_64/sslh-select.service (from rev 1017106, sslh/trunk/sslh-select.service)
===================================================================
--- sslh-select.service (rev 0)
+++ sslh-select.service 2021-09-19 00:25:02 UTC (rev 1017107)
@@ -0,0 +1,27 @@
+[Unit]
+Description=SSL/SSH multiplexer (select mode)
+Conflicts=sslh-fork.service sslh.socket
+After=network.target
+
+[Service]
+ExecStart=/usr/bin/sslh-select --config /etc/sslh.cfg --foreground
+KillMode=process
+ProtectSystem=strict
+ProtectHome=true
+ProtectKernelModules=true
+ProtectKernelTunables=true
+ProtectControlGroups=true
+PrivateTmp=true
+PrivateDevices=true
+SecureBits=noroot-locked
+MountFlags=private
+NoNewPrivileges=true
+CapabilityBoundingSet=CAP_SETGID CAP_SETUID CAP_NET_BIND_SERVICE
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
+MemoryDenyWriteExecute=true
+User=sslh
+DynamicUser=true
+
+[Install]
+WantedBy=multi-user.target
Deleted: sslh.cfg
===================================================================
--- sslh.cfg 2021-09-19 00:24:55 UTC (rev 1017106)
+++ sslh.cfg 2021-09-19 00:25:02 UTC (rev 1017107)
@@ -1,21 +0,0 @@
-# Default Arch configuration
-# You can find more examples in /usr/share/doc/sslh
-
-timeout: 2;
-
-listen:
-(
- { host: "0.0.0.0"; port: "443"; }
-);
-
-protocols:
-(
- { name: "ssh"; service: "ssh"; host: "localhost"; port: "22"; probe: "builtin"; },
- { name: "openvpn"; host: "localhost"; port: "1194"; probe: "builtin"; },
- { name: "xmpp"; host: "localhost"; port: "5222"; probe: "builtin"; },
- { name: "http"; host: "localhost"; port: "80"; probe: "builtin"; },
- { name: "tls"; host: "localhost"; port: "8443"; probe: "builtin"; },
- { name: "anyprot"; host: "localhost"; port: "8443"; probe: "builtin"; }
-);
-
-# vim:set ts=4 sw=4 et:
Copied: sslh/repos/community-x86_64/sslh.cfg (from rev 1017106, sslh/trunk/sslh.cfg)
===================================================================
--- sslh.cfg (rev 0)
+++ sslh.cfg 2021-09-19 00:25:02 UTC (rev 1017107)
@@ -0,0 +1,21 @@
+# Default Arch configuration
+# You can find more examples in /usr/share/doc/sslh
+
+timeout: 2;
+
+listen:
+(
+ { host: "0.0.0.0"; port: "443"; }
+);
+
+protocols:
+(
+ { name: "ssh"; service: "ssh"; host: "localhost"; port: "22"; probe: "builtin"; },
+ { name: "openvpn"; host: "localhost"; port: "1194"; probe: "builtin"; },
+ { name: "xmpp"; host: "localhost"; port: "5222"; probe: "builtin"; },
+ { name: "http"; host: "localhost"; port: "80"; probe: "builtin"; },
+ { name: "tls"; host: "localhost"; port: "8443"; probe: "builtin"; },
+ { name: "anyprot"; host: "localhost"; port: "8443"; probe: "builtin"; }
+);
+
+# vim:set ts=4 sw=4 et:
Deleted: sslh.install
===================================================================
--- sslh.install 2021-09-19 00:24:55 UTC (rev 1017106)
+++ sslh.install 2021-09-19 00:25:02 UTC (rev 1017107)
@@ -1,27 +0,0 @@
-#!/bin/sh
-
-# arg 1: the new package version
-# arg 2: the old package version
-post_upgrade() {
- if (( "$(vercmp $2 1.14-1)" <= 0 )); then
- cat << EOF
-===> sslh systemd service has been splitted in sslh-fork.service and sslh-select.service
-EOF
- fi
- if (( "$(vercmp $2 1.16-3)" < 0 )); then
- cat << EOF
-===> sslh may runs as unprivileged sslh user. Check your setup.
-EOF
- fi
- if (( "$(vercmp $2 1.19b)" < 0 )); then
- cat << EOF
-===> Default config path is now /etc/sslh.cfg (as required by systemd generator)
-=====> Rename your /etc/sslh.conf into /etc/sslh.cfg
-===> sslh unit files security has been improved.
-=====> You may need to remove the PIDfile option in your /etc/sslh.cfg.
-===> sslh user is now created at unit startup (via DynamicUser)
-EOF
- fi
-}
-
-# vim:set ts=2 sw=2 ft=sh et:
Copied: sslh/repos/community-x86_64/sslh.install (from rev 1017106, sslh/trunk/sslh.install)
===================================================================
--- sslh.install (rev 0)
+++ sslh.install 2021-09-19 00:25:02 UTC (rev 1017107)
@@ -0,0 +1,27 @@
+#!/bin/sh
+
+# arg 1: the new package version
+# arg 2: the old package version
+post_upgrade() {
+ if (( "$(vercmp $2 1.14-1)" <= 0 )); then
+ cat << EOF
+===> sslh systemd service has been splitted in sslh-fork.service and sslh-select.service
+EOF
+ fi
+ if (( "$(vercmp $2 1.16-3)" < 0 )); then
+ cat << EOF
+===> sslh may runs as unprivileged sslh user. Check your setup.
+EOF
+ fi
+ if (( "$(vercmp $2 1.19b)" < 0 )); then
+ cat << EOF
+===> Default config path is now /etc/sslh.cfg (as required by systemd generator)
+=====> Rename your /etc/sslh.conf into /etc/sslh.cfg
+===> sslh unit files security has been improved.
+=====> You may need to remove the PIDfile option in your /etc/sslh.cfg.
+===> sslh user is now created at unit startup (via DynamicUser)
+EOF
+ fi
+}
+
+# vim:set ts=2 sw=2 ft=sh et:
Deleted: sslh.service
===================================================================
--- sslh.service 2021-09-19 00:24:55 UTC (rev 1017106)
+++ sslh.service 2021-09-19 00:25:02 UTC (rev 1017107)
@@ -1,25 +0,0 @@
-[Unit]
-Description=SSL/SSH multiplexer (socket mode)
-Conflicts=sslh-fork.service sslh-select.service
-Requires=sslh.socket
-PartOf=sslh.socket
-
-[Service]
-ExecStart=/usr/bin/sslh --config /etc/sslh.cfg --foreground
-KillMode=process
-ProtectSystem=strict
-ProtectHome=true
-ProtectKernelModules=true
-ProtectKernelTunables=true
-ProtectControlGroups=true
-PrivateTmp=true
-PrivateDevices=true
-SecureBits=noroot-locked
-MountFlags=private
-NoNewPrivileges=true
-CapabilityBoundingSet=CAP_SETGID CAP_SETUID CAP_NET_BIND_SERVICE
-AmbientCapabilities=CAP_NET_BIND_SERVICE
-RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
-MemoryDenyWriteExecute=true
-User=sslh
-DynamicUser=true
Copied: sslh/repos/community-x86_64/sslh.service (from rev 1017106, sslh/trunk/sslh.service)
===================================================================
--- sslh.service (rev 0)
+++ sslh.service 2021-09-19 00:25:02 UTC (rev 1017107)
@@ -0,0 +1,25 @@
+[Unit]
+Description=SSL/SSH multiplexer (socket mode)
+Conflicts=sslh-fork.service sslh-select.service
+Requires=sslh.socket
+PartOf=sslh.socket
+
+[Service]
+ExecStart=/usr/bin/sslh --config /etc/sslh.cfg --foreground
+KillMode=process
+ProtectSystem=strict
+ProtectHome=true
+ProtectKernelModules=true
+ProtectKernelTunables=true
+ProtectControlGroups=true
+PrivateTmp=true
+PrivateDevices=true
+SecureBits=noroot-locked
+MountFlags=private
+NoNewPrivileges=true
+CapabilityBoundingSet=CAP_SETGID CAP_SETUID CAP_NET_BIND_SERVICE
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
+MemoryDenyWriteExecute=true
+User=sslh
+DynamicUser=true
Deleted: sslh.sysusers
===================================================================
--- sslh.sysusers 2021-09-19 00:24:55 UTC (rev 1017106)
+++ sslh.sysusers 2021-09-19 00:25:02 UTC (rev 1017107)
@@ -1 +0,0 @@
-u sslh - - -
Copied: sslh/repos/community-x86_64/sslh.sysusers (from rev 1017106, sslh/trunk/sslh.sysusers)
===================================================================
--- sslh.sysusers (rev 0)
+++ sslh.sysusers 2021-09-19 00:25:02 UTC (rev 1017107)
@@ -0,0 +1 @@
+u sslh - - -
More information about the arch-commits
mailing list