[sslh] Configuration file format change (Was: SNI hostname based probe)
Yves Rutschle
yves at rutschle.net
Fri Jul 17 12:47:56 CEST 2015
On Wed, Jul 15, 2015 at 12:15:26PM -0400, moparisthebest wrote:
> I do like the changes to the config file, but I'd suggest one more,
> currently it seems to fall back to the first protocol defined in the
> list if none match? But for example I'd like my setup to fallback to
> the TLS protocol/probe, yet the sni probes must come first or they'll
> never be matched, so I'd suggest another config option like timeout,
> maybe 'fallback'?
That already exists under the name 'anyprot', typically
(from basic.cfg):
{ name: "anyprot"; host: "localhost"; port: "443"; probe: "builtin"; }
I'll go ahead with the new configuration file format.
> Also while the config code is changing someone pointed out on my github
> pull request that I don't check if malloc succeeded, and neither does
> the regex probe code, so that would be a good easy fix too.
Yes, I'll add that while I'm reworking the code, but that's
really not very important (it's upon loading the
configuration so has no security impact, and I've never ever
seen [mc]alloc() fail under Linux... in fact I don't think
that's even supposed to happen).
Y.
More information about the sslh
mailing list