Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

sslh: Add support for external config file

Browse source 
This allows users to use an external config file if required (for
example matching packets based on SNI hostname or REGEX patterns).

Signed-off-by: Jonathan McCrohan <jmccrohan@gmail.com>
Signed-off-by: Mircea Horea IONICĂ <mionica@gmail.com>
This commit is contained in:
Mircea Horea IONICĂ 2017-03-31 19:33:24 +01:00 committed by Jonathan McCrohan
parent 16ac0e8205
commit 727cb7e6e7
4 changed files with 49 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
net/sslh/Makefile
View file

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=sslh PKG_NAME:=sslh
PKG_VERSION:=v1.18 PKG_VERSION:=v1.18
PKG_RELEASE:=1 PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://rutschle.net/tech/sslh/ PKG_SOURCE_URL:=http://rutschle.net/tech/sslh/
@ -24,12 +24,14 @@ define Package/sslh
CATEGORY:=Network CATEGORY:=Network
SUBMENU:=Routing and Redirection SUBMENU:=Routing and Redirection
TITLE:=SSL/SSH multiplexer TITLE:=SSL/SSH multiplexer
DEPENDS:=+libconfig +USE_UCLIBC:libpcre +USE_MUSL:libpcre
URL:=http://rutschle.net/tech/sslh.shtml URL:=http://rutschle.net/tech/sslh.shtml
PKG_MAINTAINER:=Jonathan McCrohan <jmccrohan@gmail.com> PKG_MAINTAINER:=Jonathan McCrohan <jmccrohan@gmail.com>
endef endef
define Package/sslh/conffiles define Package/sslh/conffiles
/etc/config/sslh /etc/config/sslh
/etc/sslh.conf
endef endef
define Build/Compile define Build/Compile
@ -37,10 +39,11 @@ define Build/Compile
CC="$(TARGET_CC)" \ CC="$(TARGET_CC)" \
CFLAGS="$(TARGET_CFLAGS)" \ CFLAGS="$(TARGET_CFLAGS)" \
LDFLAGS="$(TARGET_LDFLAGS)" \ LDFLAGS="$(TARGET_LDFLAGS)" \
ENABLE_REGEX= \ ENABLE_REGEX=1 \
USELIBCONFIG= \ USELIBCONFIG=1 \
USELIBWRAP= \ USELIBWRAP= \
USELIBPCRE= \ USELIBPCRE= \
$(if $(CONFIG_USE_GLIBC),USELIBPCRE=,USELIBPCRE=1)\
all all
endef endef
@ -51,6 +54,7 @@ define Package/sslh/install
$(INSTALL_BIN) files/$(PKG_NAME).init $(1)/etc/init.d/$(PKG_NAME) $(INSTALL_BIN) files/$(PKG_NAME).init $(1)/etc/init.d/$(PKG_NAME)
$(INSTALL_DIR) $(1)/etc/config $(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) files/$(PKG_NAME).config $(1)/etc/config/$(PKG_NAME) $(INSTALL_CONF) files/$(PKG_NAME).config $(1)/etc/config/$(PKG_NAME)
$(INSTALL_CONF) $(PKG_BUILD_DIR)/basic.cfg $(1)/etc/sslh.conf
endef endef
$(eval $(call BuildPackage,sslh)) $(eval $(call BuildPackage,sslh))

2
net/sslh/files/sslh.config
View file

@ -28,3 +28,5 @@ config 'sslh' 'default'
# verbose defaults to off # verbose defaults to off
# -v # -v
option 'verbose' '0' option 'verbose' '0'
# use external config file
# option configfile '/etc/sslh.conf'

13
net/sslh/files/sslh.init
View file

@ -26,12 +26,12 @@ start_instance() {
config_get val "${section}" ssl config_get val "${section}" ssl
[ -n "${val}" ] && append args "--ssl ${val}" [ -n "${val}" ] && append args "--ssl ${val}"
# D) openvpn parameter # D) openvpn parameter
config_get val "${section}" openvpn config_get val "${section}" openvpn
[ -n "${val}" ] && append args "--openvpn ${val}" [ -n "${val}" ] && append args "--openvpn ${val}"
# E) tinc parameter # E) tinc parameter
config_get val "${section}" tinc config_get val "${section}" tinc
[ -n "${val}" ] && append args "--tinc ${val}" [ -n "${val}" ] && append args "--tinc ${val}"
# F) xmpp parameter # F) xmpp parameter
config_get val "${section}" xmpp config_get val "${section}" xmpp
[ -n "${val}" ] && append args "--xmpp ${val}" [ -n "${val}" ] && append args "--xmpp ${val}"
# G) timeout (before a connection is considered to be SSH) # G) timeout (before a connection is considered to be SSH)
@ -41,6 +41,9 @@ start_instance() {
local verbosed local verbosed
config_get_bool verbosed "${section}" verbose 0 config_get_bool verbosed "${section}" verbose 0
[ "${verbosed}" -ne 0 ] && append args "-v" [ "${verbosed}" -ne 0 ] && append args "-v"
# I) sslh config file (cmd line args override file settings)
config_get val "${section}" configfile
[ -n "${val}" ] && append args "-F${val}"
# Defaults were removed for --user and --pidfile options # Defaults were removed for --user and --pidfile options
# in sslh 1.11; Define them here instead. # in sslh 1.11; Define them here instead.

32
net/sslh/patches/002-configfile-fix.patch Normal file
View file

@ -0,0 +1,32 @@
diff --git a/basic.cfg b/basic.cfg
index 54a799c..d938767 100644
--- a/basic.cfg
+++ b/basic.cfg
@@ -1,3 +1,7 @@
+# **** Attention OpenWRT/LEDE Users ****
+# sslh command line arguments override arguments defined in this
+# configuration file (UCI uses command line arguments)
+
# This is a basic configuration file that should provide
# sensible values for "standard" setup.
@@ -14,15 +18,16 @@ pidfile: "/var/run/sslh.pid";
# Change hostname with your external address name.
listen:
(
- { host: "thelonious"; port: "443"; }
+ { host: "0.0.0.0"; port: "443"; },
+ { host: "[::]"; port: "443"; }
);
protocols:
(
{ name: "ssh"; service: "ssh"; host: "localhost"; port: "22"; },
{ name: "openvpn"; host: "localhost"; port: "1194"; },
- { name: "xmpp"; host: "localhost"; port: "5222"; },
- { name: "http"; host: "localhost"; port: "80"; },
+# { name: "xmpp"; host: "localhost"; port: "5222"; },
+# { name: "http"; host: "localhost"; port: "80"; },
{ name: "ssl"; host: "localhost"; port: "443"; log_level: 0; },
{ name: "anyprot"; host: "localhost"; port: "443"; }
);