From 727cb7e6e7b809600d3488a3a5ab172ef0008330 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mircea=20Horea=20IONIC=C4=82?= <mionica@gmail.com>
Date: Fri, 31 Mar 2017 19:33:24 +0100
Subject: [PATCH] sslh: Add support for external config file
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This allows users to use an external config file if required (for
example matching packets based on SNI hostname or REGEX patterns).

Signed-off-by: Jonathan McCrohan <jmccrohan@gmail.com>
Signed-off-by: Mircea Horea IONICĂ <mionica@gmail.com>
---
 net/sslh/Makefile                         | 10 ++++---
 net/sslh/files/sslh.config                |  2 ++
 net/sslh/files/sslh.init                  | 13 +++++----
 net/sslh/patches/002-configfile-fix.patch | 32 +++++++++++++++++++++++
 4 files changed, 49 insertions(+), 8 deletions(-)
 create mode 100644 net/sslh/patches/002-configfile-fix.patch

diff --git a/net/sslh/Makefile b/net/sslh/Makefile
index de748cc83..b59ff5374 100644
--- a/net/sslh/Makefile
+++ b/net/sslh/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=sslh
 PKG_VERSION:=v1.18
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://rutschle.net/tech/sslh/
@@ -24,12 +24,14 @@ define Package/sslh
   CATEGORY:=Network
   SUBMENU:=Routing and Redirection
   TITLE:=SSL/SSH multiplexer
+  DEPENDS:=+libconfig +USE_UCLIBC:libpcre +USE_MUSL:libpcre
   URL:=http://rutschle.net/tech/sslh.shtml
   PKG_MAINTAINER:=Jonathan McCrohan <jmccrohan@gmail.com>
 endef
 
 define Package/sslh/conffiles
 /etc/config/sslh
+/etc/sslh.conf
 endef
 
 define Build/Compile
@@ -37,10 +39,11 @@ define Build/Compile
 		CC="$(TARGET_CC)" \
 		CFLAGS="$(TARGET_CFLAGS)" \
 		LDFLAGS="$(TARGET_LDFLAGS)" \
-		ENABLE_REGEX= \
-		USELIBCONFIG= \
+		ENABLE_REGEX=1 \
+		USELIBCONFIG=1 \
 		USELIBWRAP= \
 		USELIBPCRE= \
+		$(if $(CONFIG_USE_GLIBC),USELIBPCRE=,USELIBPCRE=1)\
 		all
 endef
 
@@ -51,6 +54,7 @@ define Package/sslh/install
 	$(INSTALL_BIN) files/$(PKG_NAME).init $(1)/etc/init.d/$(PKG_NAME)
 	$(INSTALL_DIR) $(1)/etc/config
 	$(INSTALL_CONF) files/$(PKG_NAME).config $(1)/etc/config/$(PKG_NAME)
+	$(INSTALL_CONF) $(PKG_BUILD_DIR)/basic.cfg $(1)/etc/sslh.conf
 endef
 
 $(eval $(call BuildPackage,sslh))
diff --git a/net/sslh/files/sslh.config b/net/sslh/files/sslh.config
index 07ed02b47..b9e047dc6 100644
--- a/net/sslh/files/sslh.config
+++ b/net/sslh/files/sslh.config
@@ -28,3 +28,5 @@ config 'sslh' 'default'
 	# verbose defaults to off
 	# -v
 	option 'verbose' '0'
+	# use external config file
+	# option configfile '/etc/sslh.conf'
diff --git a/net/sslh/files/sslh.init b/net/sslh/files/sslh.init
index c00257c8f..248ff0d37 100644
--- a/net/sslh/files/sslh.init
+++ b/net/sslh/files/sslh.init
@@ -26,12 +26,12 @@ start_instance() {
 	config_get val "${section}" ssl
 	[ -n "${val}" ] && append args "--ssl ${val}"
 	# D) openvpn parameter
-        config_get val "${section}" openvpn
-        [ -n "${val}" ] && append args "--openvpn ${val}"
+	config_get val "${section}" openvpn
+	 [ -n "${val}" ] && append args "--openvpn ${val}"
 	# E) tinc parameter
-        config_get val "${section}" tinc
-        [ -n "${val}" ] && append args "--tinc ${val}"
-	# F) xmpp parameter
+	config_get val "${section}" tinc
+	 [ -n "${val}" ] && append args "--tinc ${val}"
+	 # F) xmpp parameter
 	config_get val "${section}" xmpp
 	[ -n "${val}" ] && append args "--xmpp ${val}"
 	# G) timeout (before a connection is considered to be SSH)
@@ -41,6 +41,9 @@ start_instance() {
 	local verbosed
 	config_get_bool verbosed "${section}" verbose 0
 	[ "${verbosed}" -ne 0 ] && append args "-v"
+	 # I) sslh config file (cmd line args override file settings)
+	config_get val "${section}" configfile
+	[ -n "${val}" ] && append args "-F${val}"
 
 	# Defaults were removed for --user and --pidfile options
 	# in sslh 1.11; Define them here instead.
diff --git a/net/sslh/patches/002-configfile-fix.patch b/net/sslh/patches/002-configfile-fix.patch
new file mode 100644
index 000000000..3f48bd0c4
--- /dev/null
+++ b/net/sslh/patches/002-configfile-fix.patch
@@ -0,0 +1,32 @@
+diff --git a/basic.cfg b/basic.cfg
+index 54a799c..d938767 100644
+--- a/basic.cfg
++++ b/basic.cfg
+@@ -1,3 +1,7 @@
++# **** Attention OpenWRT/LEDE Users ****
++# sslh command line arguments override arguments defined in this
++# configuration file (UCI uses command line arguments)
++
+ # This is a basic configuration file that should provide
+ # sensible values for "standard" setup.
+ 
+@@ -14,15 +18,16 @@ pidfile: "/var/run/sslh.pid";
+ # Change hostname with your external address name.
+ listen:
+ (
+-    { host: "thelonious"; port: "443"; }
++    { host: "0.0.0.0"; port: "443"; },
++    { host: "[::]"; port: "443"; }
+ );
+ 
+ protocols:
+ (
+      { name: "ssh"; service: "ssh"; host: "localhost"; port: "22"; },
+      { name: "openvpn"; host: "localhost"; port: "1194"; },
+-     { name: "xmpp"; host: "localhost"; port: "5222"; },
+-     { name: "http"; host: "localhost"; port: "80"; },
++#    { name: "xmpp"; host: "localhost"; port: "5222"; },
++#    { name: "http"; host: "localhost"; port: "80"; },
+      { name: "ssl"; host: "localhost"; port: "443"; log_level: 0; },
+      { name: "anyprot"; host: "localhost"; port: "443"; }
+ );