Skip to content

Commit

Permalink
Add configuration parameter that allows to skip discovering interfaces
Browse files Browse the repository at this point in the history 
This adds a new configuration parameter that allows the user to completly
skip calling `is_same_machine` which is very expensive once the machine
has a critical mass of interfaces.

This comes with the downside of having to do more work in setting up
potential unnecessary binds.
  • Loading branch information
@fdellwing
fdellwing committed Nov 11, 2024
1 parent 9243a6e commit 135358b
Show file tree
Hide file tree
Showing 7 changed files with 51 additions and 20 deletions.
2 changes: 1 addition & 1 deletion common.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -265,7 +265,7 @@ int bind_peer(int fd, int fd_from)
CHECK_RES_RETURN(res, "getpeername", res);

/* if the destination is the same machine, there's no need to do bind */
if (is_same_machine(&from))
if (!cfg.no_discover_interfaces && is_same_machine(&from))
return 0;

#ifndef IP_BINDANY /* use IP_TRANSPARENT */
Expand Down
2 changes: 1 addition & 1 deletion echosrv-conf.c
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/* Generated by conf2struct (https://www.rutschle.net/tech/conf2struct/README)
* on Sun Sep 8 23:10:29 2024.
* on Mon Nov 11 20:36:23 2024.
# conf2struct: generate libconf parsers that read to structs
# Copyright (C) 2018-2024 Yves Rutschle
Expand Down
2 changes: 1 addition & 1 deletion echosrv-conf.h
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/* Generated by conf2struct (https://www.rutschle.net/tech/conf2struct/README)
* on Sun Sep 8 23:10:29 2024.
* on Mon Nov 11 20:36:23 2024.
# conf2struct: generate libconf parsers that read to structs
# Copyright (C) 2018-2024 Yves Rutschle
Expand Down
6 changes: 6 additions & 0 deletions example.cfg
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,12 @@ udp_max_connections: 16;
# "none" disables use of syslog
syslog_facility: "auth";

# Disable discovering of local interfaces (useful if you
# have a lot of interfaces and don't want to spend time
# probing them all)
# Default is false
#no-discover-interfaces: true;

# List of interfaces on which we should listen
# Options:
listen:
Expand Down
53 changes: 37 additions & 16 deletions sslh-conf.c
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/* Generated by conf2struct (https://www.rutschle.net/tech/conf2struct/README)
* on Sun Sep 8 23:10:29 2024.
* on Mon Nov 11 20:36:23 2024.
# conf2struct: generate libconf parsers that read to structs
# Copyright (C) 2018-2024 Yves Rutschle
Expand Down Expand Up @@ -483,6 +483,7 @@ struct arg_file* sslhcfg_conffile;
struct arg_str* sslhcfg_syslog_facility;
struct arg_str* sslhcfg_logfile;
struct arg_str* sslhcfg_on_timeout;
struct arg_lit* sslhcfg_no_discover_interfaces;
struct arg_str* sslhcfg_prefix;
struct arg_str* sslhcfg_listen;
struct arg_str* sslhcfg_ssh;
Expand Down Expand Up @@ -830,7 +831,7 @@ static struct config_desc table_sslhcfg_listen[] = {
},
{ 0 }
};

static struct config_desc table_sslhcfg[] = {


Expand Down Expand Up @@ -1234,6 +1235,22 @@ static struct config_desc table_sslhcfg[] = {
/* default_val*/ .default_val.def_string = "ssh"
},

{
/* name */ "no_discover_interfaces",
/* type */ CFG_BOOL,
/* sub_group*/ NULL,
/* arg_cl */ & sslhcfg_no_discover_interfaces,
/* base_addr */ NULL,
/* offset */ offsetof(struct sslhcfg_item, no_discover_interfaces),
/* offset_len */ 0,
/* offset_present */ 0,
/* size */ sizeof(int),
/* array_type */ -1,
/* mandatory */ 0,
/* optional */ 0,
/* default_val*/ .default_val.def_bool = 0
},

{
/* name */ "prefix",
/* type */ CFG_STRING,
Expand Down Expand Up @@ -1404,7 +1421,7 @@ static struct compound_cl_arg compound_cl_args[] = {
{ /* arg: listen */
.regex = "(.+):(\\w+)",
.arg_cl = & sslhcfg_listen,
.base_entry = & table_sslhcfg [26],
.base_entry = & table_sslhcfg [27],
.targets = sslhcfg_listen_targets,


Expand All @@ -1416,7 +1433,7 @@ static struct compound_cl_arg compound_cl_args[] = {
{ /* arg: ssh */
.regex = "(.+):(\\w+)",
.arg_cl = & sslhcfg_ssh,
.base_entry = & table_sslhcfg [27],
.base_entry = & table_sslhcfg [28],
.targets = sslhcfg_ssh_targets,


Expand All @@ -1428,7 +1445,7 @@ static struct compound_cl_arg compound_cl_args[] = {
{ /* arg: tls */
.regex = "(.+):(\\w+)",
.arg_cl = & sslhcfg_tls,
.base_entry = & table_sslhcfg [27],
.base_entry = & table_sslhcfg [28],
.targets = sslhcfg_tls_targets,


Expand All @@ -1440,7 +1457,7 @@ static struct compound_cl_arg compound_cl_args[] = {
{ /* arg: ssl */
.regex = "(.+):(\\w+)",
.arg_cl = & sslhcfg_ssl,
.base_entry = & table_sslhcfg [27],
.base_entry = & table_sslhcfg [28],
.targets = sslhcfg_ssl_targets,


Expand All @@ -1452,7 +1469,7 @@ static struct compound_cl_arg compound_cl_args[] = {
{ /* arg: openvpn */
.regex = "(.+):(\\w+)",
.arg_cl = & sslhcfg_openvpn,
.base_entry = & table_sslhcfg [27],
.base_entry = & table_sslhcfg [28],
.targets = sslhcfg_openvpn_targets,


Expand All @@ -1464,7 +1481,7 @@ static struct compound_cl_arg compound_cl_args[] = {
{ /* arg: tinc */
.regex = "(.+):(\\w+)",
.arg_cl = & sslhcfg_tinc,
.base_entry = & table_sslhcfg [27],
.base_entry = & table_sslhcfg [28],
.targets = sslhcfg_tinc_targets,


Expand All @@ -1476,7 +1493,7 @@ static struct compound_cl_arg compound_cl_args[] = {
{ /* arg: wireguard */
.regex = "(.+):(\\w+)",
.arg_cl = & sslhcfg_wireguard,
.base_entry = & table_sslhcfg [27],
.base_entry = & table_sslhcfg [28],
.targets = sslhcfg_wireguard_targets,


Expand All @@ -1488,7 +1505,7 @@ static struct compound_cl_arg compound_cl_args[] = {
{ /* arg: xmpp */
.regex = "(.+):(\\w+)",
.arg_cl = & sslhcfg_xmpp,
.base_entry = & table_sslhcfg [27],
.base_entry = & table_sslhcfg [28],
.targets = sslhcfg_xmpp_targets,


Expand All @@ -1500,7 +1517,7 @@ static struct compound_cl_arg compound_cl_args[] = {
{ /* arg: http */
.regex = "(.+):(\\w+)",
.arg_cl = & sslhcfg_http,
.base_entry = & table_sslhcfg [27],
.base_entry = & table_sslhcfg [28],
.targets = sslhcfg_http_targets,


Expand All @@ -1512,7 +1529,7 @@ static struct compound_cl_arg compound_cl_args[] = {
{ /* arg: adb */
.regex = "(.+):(\\w+)",
.arg_cl = & sslhcfg_adb,
.base_entry = & table_sslhcfg [27],
.base_entry = & table_sslhcfg [28],
.targets = sslhcfg_adb_targets,


Expand All @@ -1524,7 +1541,7 @@ static struct compound_cl_arg compound_cl_args[] = {
{ /* arg: socks5 */
.regex = "(.+):(\\w+)",
.arg_cl = & sslhcfg_socks5,
.base_entry = & table_sslhcfg [27],
.base_entry = & table_sslhcfg [28],
.targets = sslhcfg_socks5_targets,


Expand All @@ -1536,7 +1553,7 @@ static struct compound_cl_arg compound_cl_args[] = {
{ /* arg: syslog */
.regex = "(.+):(\\w+)",
.arg_cl = & sslhcfg_syslog,
.base_entry = & table_sslhcfg [27],
.base_entry = & table_sslhcfg [28],
.targets = sslhcfg_syslog_targets,


Expand All @@ -1548,7 +1565,7 @@ static struct compound_cl_arg compound_cl_args[] = {
{ /* arg: msrdp */
.regex = "(.+):(\\w+)",
.arg_cl = & sslhcfg_msrdp,
.base_entry = & table_sslhcfg [27],
.base_entry = & table_sslhcfg [28],
.targets = sslhcfg_msrdp_targets,


Expand All @@ -1560,7 +1577,7 @@ static struct compound_cl_arg compound_cl_args[] = {
{ /* arg: anyprot */
.regex = "(.+):(\\w+)",
.arg_cl = & sslhcfg_anyprot,
.base_entry = & table_sslhcfg [27],
.base_entry = & table_sslhcfg [28],
.targets = sslhcfg_anyprot_targets,


Expand Down Expand Up @@ -2250,6 +2267,7 @@ int sslhcfg_cl_parse(int argc, char* argv[], struct sslhcfg_item* cfg)
sslhcfg_syslog_facility = arg_strn(NULL, "syslog-facility", "<str>", 0, 1, "Facility to syslog to"),
sslhcfg_logfile = arg_strn(NULL, "logfile", "<str>", 0, 1, "Log messages to a file"),
sslhcfg_on_timeout = arg_strn(NULL, "on-timeout", "<str>", 0, 1, "Target to connect to when timing out"),
sslhcfg_no_discover_interfaces = arg_litn(NULL, "no-discover-interfaces", 0, 1, "Do not discover interfaces"),
sslhcfg_prefix = arg_strn(NULL, "prefix", "<str>", 0, 1, "Reserved for testing"),
sslhcfg_listen = arg_strn("p", "listen", "<host:port>", 0, 10, "Listen on host:port"),
sslhcfg_ssh = arg_strn(NULL, "ssh", "<host:port>", 0, 10, "Set up ssh target"),
Expand Down Expand Up @@ -2504,6 +2522,9 @@ void sslhcfg_fprint(
fprintf(out, "on_timeout: %s", sslhcfg->on_timeout);
fprintf(out, "\n");
indent(out, depth);
fprintf(out, "no_discover_interfaces: %d", sslhcfg->no_discover_interfaces);
fprintf(out, "\n");
indent(out, depth);
fprintf(out, "prefix: %s", sslhcfg->prefix);
fprintf(out, "\n");

Expand Down
3 changes: 2 additions & 1 deletion sslh-conf.h
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/* Generated by conf2struct (https://www.rutschle.net/tech/conf2struct/README)
* on Sun Sep 8 23:10:29 2024.
* on Mon Nov 11 20:36:23 2024.
# conf2struct: generate libconf parsers that read to structs
# Copyright (C) 2018-2024 Yves Rutschle
Expand Down Expand Up @@ -105,6 +105,7 @@ struct sslhcfg_item {
int logfile_is_present;
char* logfile;
char* on_timeout;
int no_discover_interfaces;
char* prefix;
size_t listen_len;
struct sslhcfg_listen_item* listen;
Expand Down
3 changes: 3 additions & 0 deletions sslhconf.cfg
View file
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,9 @@ config: {
{ name: "on-timeout"; type: "string"; default: "ssh";
description: "Target to connect to when timing out"; },

{ name: "no-discover-interfaces"; type: "bool"; default: false;
description: "Do not discover interfaces"; },

{ name: "prefix"; type: "string"; default: ""; description: "Reserved for testing" }, # For echosrv only, not sslh

{ name: "listen",
Expand Down

0 comments on commit 135358b

Please sign in to comment.