From: jow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Date: Sun, 5 Feb 2012 16:14:00 +0000 (+0000)
Subject: [packages_10.03.2] sslh: merge r27624, r27625, r28331, r28338, r29091, r29428, r29429
X-Git-Url: http://git.archive.openwrt.org/?p=10.03%2Fpackages.git;a=commitdiff_plain;h=423527cb36a8aa6e461bbbd072f3ed3c07e8d82e

[packages_10.03.2] sslh: merge r27624, r27625, r28331, r28338, r29091, r29428, r29429

git-svn-id: svn://svn.openwrt.org/openwrt/branches/packages_10.03.2@30264 3c298f89-4303-0410-b956-a3cf2f4a3e73
---

diff --git a/net/sslh/Makefile b/net/sslh/Makefile
index aed2899..58e90c2 100644
--- a/net/sslh/Makefile
+++ b/net/sslh/Makefile
@@ -1,5 +1,5 @@
 # 
-# Copyright (C) 2009-2010 OpenWrt.org
+# Copyright (C) 2009-2011 OpenWrt.org
 #
 # This is free software, licensed under the GNU General Public License v2.
 # See /LICENSE for more information.
@@ -8,20 +8,26 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=sslh
-PKG_VERSION:=1.7a
+PKG_VERSION:=1.10
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://rutschle.net/tech/
-PKG_MD5SUM:=ee124654412198a5e11fe28acf10634d
+PKG_MD5SUM:=bc34e9a4770d634633e70589c72708cc
 
 include $(INCLUDE_DIR)/package.mk
 
 define Package/sslh
   SECTION:=net
   CATEGORY:=Network
+  SUBMENU:=Routing and Redirection
   TITLE:=SSL/SSH multiplexer
   URL:=http://rutschle.net/tech/sslh.shtml
+  MAINTAINER:=Matthias Buecher <mail@maddes.net>
+endef
+
+define Package/sslh/conffiles
+/etc/config/sslh
 endef
 
 define Build/Compile
@@ -34,7 +40,7 @@ endef
 
 define Package/sslh/install
 	$(INSTALL_DIR) $(1)/usr/sbin
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/sslh $(1)/usr/sbin/
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/sslh-fork $(1)/usr/sbin/sslh
 	$(INSTALL_DIR) $(1)/etc/init.d/
 	$(INSTALL_BIN) files/$(PKG_NAME).init $(1)/etc/init.d/$(PKG_NAME)
 	$(INSTALL_DIR) $(1)/etc/config
diff --git a/net/sslh/files/sslh.config b/net/sslh/files/sslh.config
index 53315fc..07ed02b 100644
--- a/net/sslh/files/sslh.config
+++ b/net/sslh/files/sslh.config
@@ -4,14 +4,24 @@ config 'sslh' 'default'
 	# disable or enable
 	option 'enable' '1'
 	# listen defaults to '0.0.0.0:443' (all interfaces)
+	# multiple -p arguments may be supplied using a uci list
 	# -p <listenaddr>:<listenport>
 	option 'listen' ''
 	# ssh defaults to 'localhost:22'
-	# -s <sshhost>:<sshport>
+	# --ssh <sshhost>:<sshport>
 	option 'ssh' ''
-	# ssl defaults to 'localhost:442'
-	# -l <sslhost>:<sslport>
+	# ssl defaults to 'localhost:443'
+	# --ssl <sslhost>:<sslport>
 	option 'ssl' ''
+	# openvpn defaults to 'localhost:1194'
+	# --openvpn <openvpnhost>:<openvpnport>
+	option 'openvpn' ''
+	# tinc defaults to 'localhost:655'
+	# --tinc <tinchost>:<tincport>
+	option 'tinc' ''
+	# xmpp defaults to 'localhost:5222'
+	# --xmpp <xmpphost>:<xmppport>
+	option 'xmpp' ''
 	# timeout (for ssh, then ssl is assumed) defaults to 2
 	# -t
 	option 'timeout' ''
diff --git a/net/sslh/files/sslh.init b/net/sslh/files/sslh.init
index 98b7d84..5ada97b 100644
--- a/net/sslh/files/sslh.init
+++ b/net/sslh/files/sslh.init
@@ -1,143 +1,57 @@
 #!/bin/sh /etc/rc.common
-# Copyright (C) 2009-2010 OpenWrt.org
+# Copyright (C) 2009-2011 OpenWrt.org
 
-NAME=sslh
-PROG=/usr/sbin/sslh
 START=95
-PIDCOUNT=0
-EXTRA_COMMANDS="killclients"
-EXTRA_HELP="	killclients Kill ${NAME} processes except servers and yourself"
 
-sslh_start()
-{
+# XXX: pid-files are useless because sslh forks after creating them
+SERVICE_USE_PID=
+
+start_instance() {
 	local section="$1"
 
 	# check if section is enabled (default)
 	local enabled
-	config_get_bool enabled "${section}" enable 1
-	[ "${enabled}" -eq 0 ] && return 1
-
-	# increase pid file count to handle multiple instances correctly
-	PIDCOUNT="$(( ${PIDCOUNT} + 1 ))"
+	config_get_bool enabled "${section}" 'enabled' '0'
+	[ ${enabled} -gt 0 ] || return 1
 
-	# prepare parameters (initialise with pid file)
-	local args="-P /var/run/${NAME}.${PIDCOUNT}.pid"
+	local args=""
 	local val
 	# A) listen parameter
-	config_get val "${section}" listen
-	[ -n "${val}" ] && append args "-p ${val}"
+	config_get vals "${section}" listen
+	[ -n "${vals}" ] && for val in $vals; do append args "-p ${val}"; done
 	# B) ssh parameter
 	config_get val "${section}" ssh
-	[ -n "${val}" ] && append args "-s ${val}"
+	[ -n "${val}" ] && append args "--ssh ${val}"
 	# C) ssl parameter
 	config_get val "${section}" ssl
-	[ -n "${val}" ] && append args "-l ${val}"
-	# D) timeout (for ssh, then ssl is assumed)
+	[ -n "${val}" ] && append args "--ssl ${val}"
+	# D) openvpn parameter
+        config_get val "${section}" openvpn
+        [ -n "${val}" ] && append args "--openvpn ${val}"
+	# E) tinc parameter
+        config_get val "${section}" tinc
+        [ -n "${val}" ] && append args "--tinc ${val}"
+	# F) xmpp parameter
+	config_get val "${section}" xmpp
+	[ -n "${val}" ] && append args "--xmpp ${val}"
+	# G) timeout (before a connection is considered to be SSH)
 	config_get val "${section}" timeout
 	[ -n "${val}" ] && append args "-t ${val}"
-	# E) verbose parameter
+	# H) verbose parameter
 	local verbosed
 	config_get_bool verbosed "${section}" verbose 0
 	[ "${verbosed}" -ne 0 ] && append args "-v"
 
-	# execute program and return its exit code
-	[ "${verbosed}" -ne 0 ] && echo "${initscript}: section ${section} started via ${PROG} ${args}"
-	${PROG} ${args}
-	return $?
+	# XXX: allow more that one instance to run simultaneously
+	SERVICE_MATCH_NAME=1 SERVICE_NAME="sslh-dummy-$$" \
+	service_start /usr/sbin/sslh ${args}
 }
 
-start()
-{
-	config_load "${NAME}"
-	config_foreach sslh_start sslh
+start() {
+	config_load 'sslh'
+	config_foreach start_instance 'sslh'
 }
 
-stop()
-{
-	local pidfile
-	local rc=0
-
-	# killing all server processes
-	for pidfile in `ls /var/run/${NAME}.*.pid`
-	 do
-		start-stop-daemon -q -K -s KILL -p "${pidfile}" -n "${NAME}"
-		[ $? -ne 0 ] && rc=1
-		rm -f "${pidfile}"
-	done
-	[ -z "${pidfile}" ] && echo "${initscript}: no pid files, if you get problems with start then try killclients"
-	[ ${rc} -ne 0 ] && echo "${initscript}: inconsistency in pid files, if you get problems with start then try killclients"
-}
-
-killclients()
-{
-	local ignore=''
-	local server
-	local pid
-	local connection
-	local proto
-	local address
-
-	# if this script is run from inside a client session, then ignore that session
-	pid="$$"
-	while [ "${pid}" -ne 0 ]
-	 do
-		# get parent process id
-		pid=`cut -d ' ' -f 4 "/proc/${pid}/stat"`
-		[ "${pid}" -eq 0 ] && break
-
-		# check if pid is connected to a client connection
-		# a) get established connection for pid
-		connection=`netstat -tupn 2>/dev/null | sed "s/[ ]\+/ /g" | grep -e "ESTABLISHED ${pid}/"`
-		[ -z "${connection}" ] && continue
-		#    get connection details for foreign address
-		proto=`echo ${connection} | cut -d ' ' -f 1`
-		address=`echo ${connection} | cut -d ' ' -f 5`
-
-		# b) get pid for foreign address, only possible if foreign address is from this machine itself
-		connection=`netstat -tupn 2>/dev/null | sed "s/[ ]\+/ /g" | grep -e "^${proto}.*${address}.*ESTABLISHED.*/${NAME}"`
-		[ -z "${connection}" ] && continue
-		#    check that the local address (field 4) corresponds to the foreign address of the previous connection
-		server=`echo ${connection} | cut -d ' ' -f 4`
-		[ "${server}" != "${address}" ] && continue
-		#    get pid from connection
-		server=`echo ${connection} | cut -d ' ' -f 7 | cut -d '/' -f 1`
-
-		# check if client connection
-		grep -F -q -e "${PROG}" "/proc/${server}/cmdline" && {
-			append ignore "${server}"
-			break
-		}
-	done
-
-	# get all server pids that should be ignored
-	for server in `cat /var/run/${NAME}.*.pid`
-	 do
-		append ignore "${server}"
-	done
-
-	# get all running pids and kill client connections
-	local skip
-	for pid in `pidof "${NAME}"`
-	 do
-		# check if correct program, otherwise process next pid
-		grep -F -q -e "${PROG}" "/proc/${pid}/cmdline" || {
-			continue
-		}
-
-		# check if pid should be ignored (servers, ourself)
-		skip=0
-		for server in ${ignore}
-		 do
-			if [ "${pid}" == "${server}" ]
-			 then
-				skip=1
-				break
-			fi
-		done
-		[ "${skip}" -ne 0 ] && continue
-
-		# kill process
-		echo "${initscript}: Killing ${pid}..."
-		kill -KILL ${pid}
-	done
+stop() {
+	service_stop /usr/sbin/sslh
 }
diff --git a/net/sslh/patches/001-no_sslh_select.patch b/net/sslh/patches/001-no_sslh_select.patch
new file mode 100644
index 0000000..a7ba881
--- /dev/null
+++ b/net/sslh/patches/001-no_sslh_select.patch
@@ -0,0 +1,29 @@
+--- a/Makefile
++++ b/Makefile
+@@ -32,16 +32,12 @@ all: sslh $(MAN) echosrv
+ 	$(CC) $(CFLAGS) -D'VERSION=$(VERSION)' -c $<
+ 
+ 
+-sslh: $(OBJS) sslh-fork sslh-select
++sslh: $(OBJS) sslh-fork
+ 
+ sslh-fork: $(OBJS) sslh-fork.o Makefile common.h
+ 	$(CC) $(CFLAGS) -D'VERSION=$(VERSION)' -o sslh-fork sslh-fork.o $(OBJS) $(LIBS)
+ 	#strip sslh-fork
+ 
+-sslh-select: $(OBJS) sslh-select.o Makefile common.h 
+-	$(CC) $(CFLAGS) -D'VERSION=$(VERSION)' -o sslh-select sslh-select.o $(OBJS) $(LIBS)
+-	#strip sslh-select
+-
+ echosrv: $(OBJS) echosrv.o
+ 	$(CC) $(CFLAGS) -o echosrv echosrv.o common.o $(LIBS)
+ 
+@@ -65,7 +61,7 @@ uninstall:
+ 	update-rc.d sslh remove
+ 
+ clean:
+-	rm -f sslh-fork sslh-select echosrv $(MAN) *.o *.gcov *.gcno *.gcda *.png *.html *.css *.info 
++	rm -f sslh-fork echosrv $(MAN) *.o *.gcov *.gcno *.gcda *.png *.html *.css *.info 
+ 
+ tags:
+ 	ctags -T *.[ch]
diff --git a/net/sslh/patches/001-no_strip.patch b/net/sslh/patches/001-no_strip.patch
deleted file mode 100644
index cf6e53d..0000000
--- a/net/sslh/patches/001-no_strip.patch
+++ /dev/null
@@ -1,10 +0,0 @@
---- a/Makefile
-+++ b/Makefile
-@@ -24,7 +24,6 @@ all: sslh $(MAN)
- 
- sslh: sslh.c Makefile
- 	$(CC) $(CFLAGS) -D'VERSION=$(VERSION)' -o sslh sslh.c $(LIBS)
--	strip sslh
- 
- $(MAN): sslh.pod Makefile
- 	pod2man --section=8 --release=$(VERSION) --center=" " sslh.pod | gzip -9 - > $(MAN)