gatling: Add procd files

This commit adds a uci configuration file and makes the gatling server
controllable by procd.

Co-authored-by: Moritz Warning <moritzwarning@web.de>
Signed-off-by: Martin Hübner <martin.hubner@web.de>

net/gatling/Makefile

@@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=gatling
 PKG_VERSION:=0.16
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=https://www.fefe.de/gatling/
@@ -32,9 +32,19 @@ define Package/gatling/description
   Gatling is particularly good in situations with very high load.
 endef
 
+define Package/gatling/conffiles
+/etc/config/gatling
+endef
+
 define Package/gatling/install
 	$(INSTALL_DIR) $(1)/usr/bin
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/gatling $(1)/usr/bin/
+
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_CONF) ./files/gatling.conf $(1)/etc/config/gatling
+
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) ./files/gatling.init $(1)/etc/init.d/gatling
 endef
 
 $(eval $(call BuildPackage,gatling))

net/gatling/files/gatling.conf

@@ -0,0 +1,28 @@
+
+config gatling 'v4'
+	option listen_http '0.0.0.0:80'
+	option virtual_hosting off
+	option ftp_server off
+	option ftp_port '21'
+	option logging off
+	option timeout 23
+	option switch_to_uid 'nobody'
+	option chroot_dir '/var/www/'
+	option tarpit_clients off
+	option tarpit_clients_at 50
+	option localhost_access_only off
+	option permit_access_ftp_uploads_immediately off
+
+config gatling 'v6'
+	option listen_http '[::]:80'
+	option virtual_hosting off
+	option ftp_server off
+	option ftp_port '21'
+	option logging off
+	option timeout 23
+	option switch_to_uid 'nobody'
+	option chroot_dir '/var/www/'
+	option tarpit_clients off
+	option tarpit_clients_at 50
+	option localhost_access_only off
+	option permit_access_ftp_uploads_immediately off

net/gatling/files/gatling.init

@@ -0,0 +1,101 @@
+#!/bin/sh /etc/rc.common
+
+# shellcheck shell=ash
+
+# Just looks for changes in the config-file and applies them with a
+# one-time-run.
+
+USE_PROCD=1
+# PROCD_DEBUG=1
+
+# taken from /etc/init.d/uhttpd
+append_arg() {
+	local cfg="$1"
+	local var="$2"
+	local opt="$3"
+	local def="$4"
+	local val
+
+	config_get val "$cfg" "$var"
+	[ -n "$val" -o -n "$def" ] && procd_append_param command "$opt" "${val:-$def}"
+}
+
+service_triggers() {
+	procd_add_reload_trigger "gatling"
+}
+
+start_instance() {
+
+	local cfg="$1"
+	local ftp_server
+	local enabled
+
+	config_get_bool enabled "$cfg" 'enabled' 1
+	[ $enabled -gt 0 ] || return
+
+	procd_open_instance
+
+	procd_set_param command /usr/bin/gatling
+	procd_set_param stdout 1
+	procd_set_param stderr 1
+	procd_set_param term_timeout 20
+
+	# get listen-address and slice it from back, to cut at port-delimiter
+	config_get listen_http "$cfg" 'listen_http'
+	port="${listen_http##*:}"
+	ip="${listen_http%:*}"
+	case "$ip" in
+		'['*']')  ip="${ip:1:-1}" ;;
+	esac
+
+	procd_append_param command -i "$ip"
+	procd_append_param command -p "$port"
+
+	append_arg "$cfg" switch_to_uid "-u"
+	append_arg "$cfg" chroot_dir "-c"
+	append_arg "$cfg" timeout "-T"
+
+	config_get_bool virtual_hosting "$cfg" 'virtual_hosting' 0
+	if [ "$virtual_hosting" -gt 0 ]; then
+		# enable virtual hosting
+		procd_append_param command -v
+	else
+		# disable
+		procd_append_param command -V
+	fi
+
+	config_get_bool ftp_server "$cfg" 'ftp_server' 0
+	if [ "$ftp_server" -gt 0 ]; then
+		procd_append_param command -f
+		append_arg "$cfg" ftp_port "-p"
+	else
+		procd_append_param command -F
+	fi
+
+	config_get_bool logging "$cfg" 'logging' 1
+	if [ "$logging" = 0 ]; then
+		procd_append_param command -n
+	fi
+
+	config_get_bool tarpit_clients "$cfg" 'tarpit_clients' 0
+	if [ "$tarpit_clients" -gt 0 ]; then
+		append_arg "$cfg" tarpit_clients_at "-A"
+	fi
+
+	config_get_bool localhost_access_only "$cfg" 'localhost_access_only' 0
+	if [ "$localhost_access_only" = 1 ]; then
+		procd_append_param command -L
+	fi
+
+	config_get_bool permit_access_ftp_uploads_immediately "$cfg" 'permit_access_ftp_uploads_immediately' 0
+	if [ "$permit_access_ftp_uploads_immediately" = 1 ]; then
+		procd_append_param command -a
+	fi
+
+	procd_close_instance
+}
+
+start_service() {
+	config_load gatling
+	config_foreach start_instance gatling
+}

net/gatling/patches/030-mbedtls-fix-compilation-with-3.0.0.patch

@@ -0,0 +1,100 @@
+From ef2adc3e464d9b774794b23bbd0d591ba32e998c Mon Sep 17 00:00:00 2001
+From: Moritz Warning <moritzwarning@web.de>
+Date: Wed, 29 May 2024 09:16:08 +0200
+Subject: [PATCH] mbedtls: fix compilation with 3.0.0
+
+Signed-off-by: Moritz Warning <moritzwarning@web.de>
+---
+ gatling.h |  5 +++++
+ pssl.c    | 23 +++++++++++++++++++----
+ 2 files changed, 24 insertions(+), 4 deletions(-)
+
+--- a/gatling.h
++++ b/gatling.h
+@@ -112,7 +112,12 @@ extern int init_serverside_tls(SSL** ssl
+ 
+ #ifdef USE_POLARSSL
+ /* in pssl.c */
++#include "mbedtls/version.h"
++#if (MBEDTLS_VERSION_NUMBER >= 0x03000000)
++#include <mbedtls/mbedtls_config.h>
++#else
+ #include <mbedtls/config.h>
++#endif
+ #include <mbedtls/platform.h>
+ #include <mbedtls/ssl.h>
+ #include <mbedtls/net_sockets.h>
+--- a/pssl.c
++++ b/pssl.c
+@@ -6,12 +6,18 @@
+ #include <sys/poll.h>
+ #include <netdb.h>
+ #include <fcntl.h>
++#include <mbedtls/version.h>
++#if (MBEDTLS_VERSION_NUMBER >= 0x03000000)
++#include <mbedtls/mbedtls_config.h>
++#include <mbedtls/psa_util.h>
++#else
+ #include <mbedtls/config.h>
++#include <mbedtls/certs.h>
++#endif
+ #include <mbedtls/platform.h>
+ #include <mbedtls/ssl.h>
+ #include <mbedtls/entropy.h>
+ #include <mbedtls/ctr_drbg.h>
+-#include <mbedtls/certs.h>
+ #include <mbedtls/x509.h>
+ #include <mbedtls/x509_crt.h>
+ #include <mbedtls/ssl_cache.h>
+@@ -56,7 +62,9 @@ int ciphersuites[] =
+   MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
+   MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+   MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
++#if (MBEDTLS_VERSION_NUMBER < 0x03000000)
+   MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
++#endif
+   MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
+   MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
+   MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+@@ -73,7 +81,9 @@ int ciphersuites[] =
+   MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
+   MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+   MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
++#if (MBEDTLS_VERSION_NUMBER < 0x03000000)
+   MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
++#endif
+ //  TLS_RSA_WITH_RC4_128_SHA,
+ //  TLS_RSA_WITH_RC4_128_MD5,
+   0
+@@ -85,7 +95,12 @@ static int parse_cert( const char* filen
+   mbedtls_pk_init(key);
+ 
+   if ((r=mbedtls_x509_crt_parse_file(srvcert,filename)) ||
+-      (r=mbedtls_pk_parse_keyfile(key,filename,NULL)))
++#if (MBEDTLS_VERSION_NUMBER >= 0x03000000)
++      (r=mbedtls_pk_parse_keyfile(key,filename,NULL,mbedtls_psa_get_random,NULL))
++#else
++      (r=mbedtls_pk_parse_keyfile(key,filename,NULL))
++#endif
++    )
+     return r;
+   return 0;
+ }
+@@ -179,7 +194,7 @@ int init_serverside_tls(struct ssl_data*
+   mbedtls_ssl_conf_dh_param_ctx(&d->conf, &d->dhm);
+ //  debug_set_threshold(65535);
+ 
+-  mbedtls_ssl_conf_min_version(&d->conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1);	/* demand at least TLS 1.0 */
++  mbedtls_ssl_conf_min_version(&d->conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3);	/* demand at least TLS 1.2 */
+ //  ssl_set_dh_param( ssl, "CD95C1B9959B0A135B9D306D53A87518E8ED3EA8CBE6E3A338D9DD3167889FC809FE1AD59B38C98D1A8FCE47E46DF5FB56B8EA3B03B2132C249A99209F62A1AD63511BD08A60655B0463B6F1BB79BEC9D17C71BD269C6B50CF0EDDAAB83290B4C697A7F641FBD21EE0E7B57C698AFEED8DA3AB800525E6887215A61CA62DC437", "04" );
+ 
+   if ((r=mbedtls_ssl_setup(&d->ssl,&d->conf)))
+@@ -210,7 +225,7 @@ int init_clientside_tls(struct ssl_data*
+   mbedtls_ssl_conf_ca_chain( &d->conf, d->crt.next, NULL );
+   mbedtls_ssl_conf_rng( &d->conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+   mbedtls_ssl_conf_dbg( &d->conf, my_debug, NULL );
+-  mbedtls_ssl_conf_min_version(&d->conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1);	/* demand at least TLS 1.0 */
++  mbedtls_ssl_conf_min_version(&d->conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3);	/* demand at least TLS 1.2 */
+   if ((r=mbedtls_ssl_setup(&d->ssl,&d->conf)))
+     return r;
+   if ((r=mbedtls_ssl_set_hostname(&d->ssl, hostname)))