Merge pull request #12280 from sgabe/sslh-transparent

sslh: add transparent proxy support

net/sslh/Makefile

@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=sslh
 PKG_VERSION:=v1.20
-PKG_RELEASE:=2
+PKG_RELEASE:=3
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://rutschle.net/tech/sslh/
@@ -26,7 +26,7 @@ define Package/sslh
   CATEGORY:=Network
   SUBMENU:=Routing and Redirection
   TITLE:=SSL/SSH multiplexer
-  DEPENDS:=+libconfig +USE_UCLIBC:libpcre +USE_MUSL:libpcre
+  DEPENDS:=+libconfig +libcap +USE_UCLIBC:libpcre +USE_MUSL:libpcre
   URL:=https://rutschle.net/tech/sslh/README.html
 endef
 
@@ -36,6 +36,7 @@ define Package/sslh/conffiles
 endef
 
 MAKE_FLAGS += \
+  USELIBCAP=1 \
   $(if $(CONFIG_USE_GLIBC),USELIBPCRE=,USELIBPCRE=1)
 
 define Package/sslh/install

net/sslh/files/sslh.config

@@ -10,9 +10,12 @@ config 'sslh' 'default'
 	# ssh defaults to 'localhost:22'
 	# --ssh <sshhost>:<sshport>
 	option 'ssh' ''
-	# ssl defaults to 'localhost:443'
+	# http defaults to 'localhost:80'
-	# --ssl <sslhost>:<sslport>
+	# --http <httphost>:<httpport>
-	option 'ssl' ''
+	option 'http' ''
+	# tls defaults to 'localhost:443'
+	# --tls <tlshost>:<tlsport>
+	option 'tls' ''
 	# openvpn defaults to 'localhost:1194'
 	# --openvpn <openvpnhost>:<openvpnport>
 	option 'openvpn' ''
@@ -28,5 +31,8 @@ config 'sslh' 'default'
 	# verbose defaults to off
 	# -v
 	option 'verbose' '0'
+	# transparent defaults to false
+	# --transparent
+	option 'transparent' '0'
 	# use external config file
 	# option configfile '/etc/sslh.conf'

net/sslh/files/sslh.init

@@ -22,9 +22,9 @@ start_instance() {
 	# B) ssh parameter
 	config_get val "${section}" ssh
 	[ -n "${val}" ] && append args "--ssh ${val}"
-	# C) ssl parameter
+	# C) tls parameter
-	config_get val "${section}" ssl
+	config_get val "${section}" tls
-	[ -n "${val}" ] && append args "--ssl ${val}"
+	[ -n "${val}" ] && append args "--tls ${val}"
 	# D) openvpn parameter
 	config_get val "${section}" openvpn
 	 [ -n "${val}" ] && append args "--openvpn ${val}"
@@ -47,6 +47,9 @@ start_instance() {
 	# J) http parameter
     config_get val "${section}" http
     [ -n "${val}" ] && append args "--http ${val}"
+	# K) transparent parameter
+	config_get_bool val "${section}" transparent 0
+	[ "${val}" -ne 0 ] && append args "--transparent"
 
 	# Defaults were removed for --user and --pidfile options
 	# in sslh 1.11; Define them here instead.