search

yrutschle / sslh

Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port)
https://www.rutschle.net/tech/sslh/README.html
GNU General Public License v2.0
4.52k stars 367 forks source link

SNI probe cannot correctly work #107

Closed niclau closed 7 years ago

niclau commented 7 years ago

Hi,

ubuntu 16.04 x64 sslh 1.17-2(install via apt-get)

I have two questions that I want to understand.

First, the protocols section must include [probe: "builtin"], otherwise all connections do redirect to the ssh server(the first service). Second, once sni_hostnames write into cfg, all https connections will forward to the first web server.

My configure file:

verbose: true; foreground: fales; inetd: false; numeric: false; transparent: false; timeout: 5; user: "nobody"; pidfile: "/var/run/sslh.pid";

listen: ( { host: "1.2.3.4"; port: "443"; } );

protocols: ( { name: "ssh"; service: "ssh"; host: "127.0.0.1"; port: "27777"; probe: "builtin"; },

{ name: "openvpn"; host: "localhost"; port: "1194"; },

 #{ name: "xmpp"; host: "localhost"; port: "5222"; },
 { name: "tls"; host: "127.0.0.1"; port: "4443"; sni_hostnames: [ "www.example.com" ]; probe: "builtin"; },    #caddy web server
 { name: "tls"; host: "127.0.0.1"; port: "4444"; probe: "builtin"; }, #ocserv server
 { name: "anyprot"; host: "127.0.0.1"; port: "5555"; probe: "builtin"; }

);

niclau commented 7 years ago

Hi, I compiled the v1.18 and solved the issue now, thanks.