From 5a2fb492ae73f91f2d55c6e90694461721da8160 Mon Sep 17 00:00:00 2001 From: Toni Uhlig Date: Tue, 27 Sep 2022 18:34:52 +0200 Subject: sslh: use master branch Signed-off-by: Toni Uhlig --- net/sslh/Makefile | 67 +++++++++++++++++++++++++++++++++++++++++ net/sslh/files/sslh.config | 38 ++++++++++++++++++++++++ net/sslh/files/sslh.init | 74 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 179 insertions(+) create mode 100644 net/sslh/Makefile create mode 100644 net/sslh/files/sslh.config create mode 100644 net/sslh/files/sslh.init diff --git a/net/sslh/Makefile b/net/sslh/Makefile new file mode 100644 index 0000000..6e06fc5 --- /dev/null +++ b/net/sslh/Makefile @@ -0,0 +1,67 @@ +# +# Copyright (C) 2009-2018 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=sslh +PKG_VERSION:=v1.22c +PKG_RELEASE:=1 + +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL:=https://github.com/yrutschle/sslh.git +PKG_SOURCE_VERSION:=7e3f723699764a9d000902af55e15e0eb151281f +PKG_HASH:=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz +PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) + +PKG_MAINTAINER:=Jonathan McCrohan +PKG_LICENSE:=GPL-2.0-or-later +PKG_LICENSE_FILES:=COPYING + +include $(INCLUDE_DIR)/package.mk + +define Package/sslh + SECTION:=net + CATEGORY:=Network + SUBMENU:=Routing and Redirection + TITLE:=SSL/SSH multiplexer + DEPENDS:=+libconfig +libcap +libpcre2 + URL:=https://rutschle.net/tech/sslh/README.html +endef + +define Package/sslh/config + config SSLH_SELECT + bool "Use sslh-select" + depends on PACKAGE_sslh + help + Use sslh-select instead of sslh-fork. + default n +endef + +define Package/sslh/conffiles +/etc/config/sslh +/etc/sslh.conf +endef + +MAKE_FLAGS += \ + USELIBCAP=1 + +define Package/sslh/install + $(INSTALL_DIR) $(1)/usr/sbin +ifeq ($(CONFIG_SSLH_SELECT),y) + $(INSTALL_BIN) $(PKG_BUILD_DIR)/sslh-select $(1)/usr/sbin/sslh +else + $(INSTALL_BIN) $(PKG_BUILD_DIR)/sslh-fork $(1)/usr/sbin/sslh +endif + $(INSTALL_DIR) $(1)/etc/init.d/ + $(INSTALL_BIN) files/$(PKG_NAME).init $(1)/etc/init.d/$(PKG_NAME) + $(INSTALL_DIR) $(1)/etc/config + $(INSTALL_CONF) files/$(PKG_NAME).config $(1)/etc/config/$(PKG_NAME) + $(INSTALL_CONF) $(PKG_BUILD_DIR)/basic.cfg $(1)/etc/sslh.conf +endef + +$(eval $(call BuildPackage,sslh)) diff --git a/net/sslh/files/sslh.config b/net/sslh/files/sslh.config new file mode 100644 index 0000000..242c46c --- /dev/null +++ b/net/sslh/files/sslh.config @@ -0,0 +1,38 @@ +package 'sslh' + +config 'sslh' 'default' + # disable or enable + option 'enable' '1' + # listen defaults to '0.0.0.0:443' (all interfaces) + # multiple -p arguments may be supplied using a uci list + # -p : + option 'listen' '' + # ssh defaults to 'localhost:22' + # --ssh : + option 'ssh' '' + # http defaults to 'localhost:80' + # --http : + option 'http' '' + # tls defaults to 'localhost:443' + # --tls : + option 'tls' '' + # openvpn defaults to 'localhost:1194' + # --openvpn : + option 'openvpn' '' + # tinc defaults to 'localhost:655' + # --tinc : + option 'tinc' '' + # xmpp defaults to 'localhost:5222' + # --xmpp : + option 'xmpp' '' + # timeout (for ssh, then ssl is assumed) defaults to 2 + # -t + option 'timeout' '' + # verbose defaults to off + # -v + option 'verbose' '0' + # transparent defaults to false + # --transparent + option 'transparent' '0' + # use external config file + # option configfile '/etc/sslh.conf' diff --git a/net/sslh/files/sslh.init b/net/sslh/files/sslh.init new file mode 100644 index 0000000..bf5136d --- /dev/null +++ b/net/sslh/files/sslh.init @@ -0,0 +1,74 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2009-2017 OpenWrt.org + +START=95 + +# XXX: pid-files are useless because sslh forks after creating them +SERVICE_USE_PID= + +start_instance() { + local section="$1" + + # check if section is enabled (default) + local enable + config_get_bool enable "${section}" 'enable' '0' + [ ${enable} -gt 0 ] || return 1 + + local args="" + local val + # A) listen parameter + config_get vals "${section}" listen + [ -n "${vals}" ] && for val in $vals; do append args "-p${val}"; done + # B) ssh parameter + config_get val "${section}" ssh + [ -n "${val}" ] && append args "--ssh ${val}" + # C) tls parameter + config_get val "${section}" tls + [ -n "${val}" ] && append args "--tls ${val}" + # D) openvpn parameter + config_get val "${section}" openvpn + [ -n "${val}" ] && append args "--openvpn ${val}" + # E) tinc parameter + config_get val "${section}" tinc + [ -n "${val}" ] && append args "--tinc ${val}" + # F) xmpp parameter + config_get val "${section}" xmpp + [ -n "${val}" ] && append args "--xmpp ${val}" + # G) timeout (before a connection is considered to be SSH) + config_get val "${section}" timeout + [ -n "${val}" ] && append args "-t ${val}" + # H) verbose parameter + local verbosed + config_get_bool verbosed "${section}" verbose 0 + [ "${verbosed}" -ne 0 ] && append args "-v" + # I) sslh config file (cmd line args override file settings) + config_get val "${section}" configfile + [ -n "${val}" ] && append args "-F${val}" + # J) http parameter + config_get val "${section}" http + [ -n "${val}" ] && append args "--http ${val}" + # K) transparent parameter + config_get_bool val "${section}" transparent 0 + [ "${val}" -ne 0 ] && append args "--transparent" + + mkdir -p "/var/tmp/sslh" + + # Defaults were removed for --user and --pidfile options + # in sslh 1.11; Define them here instead. + append args "--user nobody" + append args "--pidfile /var/run/sslh.pid" + append args "-C /var/tmp/sslh" + + # XXX: allow more that one instance to run simultaneously + SERVICE_MATCH_NAME=1 SERVICE_NAME="sslh-dummy-$$" \ + service_start /usr/sbin/sslh ${args} +} + +start() { + config_load 'sslh' + config_foreach start_instance 'sslh' +} + +stop() { + service_stop /usr/sbin/sslh +} -- cgit v1.2.3