I'm curious if any build options to reduce size.

For example the PROBE_HTTP_METHOD is not really needed.
For the OpenWrt the config parser makes little sense because it has UCI and pass options via command line args.
Is anything else significant that can be disabled to get smaller binary?

This is an interesting question.

The HTTP method (or most of the probing methods, for that matter), are probably not where you want to look: probe_http_protocol is 347 bytes if I'm not mistaken, and surely (?) you are not that size-contrained. With all sslh executables being at around 140Kb after stripping, I do wonder if it's worth it.

That being said:

• Instant gain: disable LIBCONFIG, that'll get rid of all the config file parser code (and more importantly you won't need the library installed anymore)
• Among probes, I'd say the TLS SNI is the most complex, but then again we're talking about 3KB (the size of tls.o after stripping).
• Probably the biggest gain would be to remove the configuration processing entirely, and have a "configuration compiler" that turns a libconfig file into a binary struct, saved into a file, which is then simply read into memory by sslh. That would be a worthy conf2struct extension to have, getting rid of both argtable3.o and sslh-conf.o, that would get replaced by a simple file read. You'd just have to prepare the configuration file beforehand, presumably not on the OpenWRT system (although that also means you no longer get to change the configuration directly on the target -- this is fine for embedded systems, but I don't know if that' s acceptable for OpenWRT).

Thank you.