Date: Sun, 22 Apr 2018 15:25:48 +0000 (UTC) From: Kirill Ponomarev <krion@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r468034 - in head/net: . sniproxy sniproxy/files Message-ID: <201804221525.w3MFPmEB031857@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: krion Date: Sun Apr 22 15:25:48 2018 New Revision: 468034 URL: https://svnweb.freebsd.org/changeset/ports/468034 Log: SNIproxy - Proxies incoming HTTP and TLS connections based on the hostname contained in the initial request of the TCP session. This enables HTTPS name-based virtual hosting to separate backend servers without installing the private key on the proxy machine. Features: Name-based proxying of HTTPS without decrypting traffic. No keys or certificates required. Supports both TLS and HTTP protocols. Supports IPv4, IPv6 and Unix domain sockets for both back end servers and listeners. Supports multiple listening sockets per instance. Supports HAProxy proxy protocol to propagate original source address to backend servers. WWW: https://github.com/dlundquist/sniproxy Added: head/net/sniproxy/ head/net/sniproxy/Makefile (contents, props changed) head/net/sniproxy/distinfo (contents, props changed) head/net/sniproxy/files/ head/net/sniproxy/files/pkg-message.in (contents, props changed) head/net/sniproxy/files/sniproxy.in (contents, props changed) head/net/sniproxy/pkg-descr (contents, props changed) Modified: head/net/Makefile Modified: head/net/Makefile ============================================================================== --- head/net/Makefile Sun Apr 22 15:10:28 2018 (r468033) +++ head/net/Makefile Sun Apr 22 15:25:48 2018 (r468034) @@ -1373,6 +1373,7 @@ SUBDIR += smm++ SUBDIR += sngrep SUBDIR += sniffit + SUBDIR += sniproxy SUBDIR += sntop SUBDIR += sobby SUBDIR += socat Added: head/net/sniproxy/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/sniproxy/Makefile Sun Apr 22 15:25:48 2018 (r468034) @@ -0,0 +1,42 @@ +# $FreeBSD$ + +PORTNAME= sniproxy +DISTVERSION= 0.5.0 +CATEGORIES= net + +MAINTAINER= krion@FreeBSD.org +COMMENT= Proxy that routes based on TLS server name extension + +LICENSE= BSD2CLAUSE +LICENSE_FILE= ${WRKSRC}/COPYING + +LIB_DEPENDS= libev.so:devel/libev \ + libpcre.so:devel/pcre \ + libudns.so:dns/udns + +USES= autoreconf:build gettext pkgconfig + +SUB_FILES= pkg-message +USE_RC_SUBR= sniproxy + +USE_GITHUB= yes +GH_ACCOUNT= dlundquist + +GNU_CONFIGURE= yes +USE_LDCONFIG= yes + +PLIST_FILES= man/man5/sniproxy.conf.5.gz \ + man/man8/sniproxy.8.gz \ + sbin/sniproxy \ + "@sample etc/sniproxy.conf.sample" + +pre-configure: + cd ${WRKSRC} && ${SH} autogen.sh + +post-patch: + @${REINPLACE_CMD} -e 's|/var/tmp/|/var/run/|' ${WRKSRC}/${PORTNAME}.conf + +post-install:: + ${INSTALL_DATA} ${WRKSRC}/sniproxy.conf ${STAGEDIR}${PREFIX}/etc/sniproxy.conf.sample + +.include <bsd.port.mk> Added: head/net/sniproxy/distinfo ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/sniproxy/distinfo Sun Apr 22 15:25:48 2018 (r468034) @@ -0,0 +1,3 @@ +TIMESTAMP = 1524378674 +SHA256 (dlundquist-sniproxy-0.5.0_GH0.tar.gz) = 0b8dd06f9aa9e1c4151b572caf645ffceacdd35a139ded16a7fb0035452c17e5 +SIZE (dlundquist-sniproxy-0.5.0_GH0.tar.gz) = 72654 Added: head/net/sniproxy/files/pkg-message.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/sniproxy/files/pkg-message.in Sun Apr 22 15:25:48 2018 (r468034) @@ -0,0 +1,9 @@ +******************************************************************* + Enable sniproxy in /etc/rc.conf with the following line: + + sniproxy_enable="YES" + + A configuration template is available in + %%PREFIX%%/etc/sniproxy.conf + +******************************************************************* Added: head/net/sniproxy/files/sniproxy.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/sniproxy/files/sniproxy.in Sun Apr 22 15:25:48 2018 (r468034) @@ -0,0 +1,39 @@ +#!/bin/sh +# +#$FreeBSD$ +# + +# PROVIDE: sniproxy +# REQUIRE: SERVERS cleanvar +# BEFORE: DAEMON +# KEYWORD: shutdown + +# +# Add the following lines to /etc/rc.conf to enable sniproxy: +# +# sniproxy_enable="YES" +# +# + +. /etc/rc.subr + +name=sniproxy +rcvar=sniproxy_enable + +command=%%PREFIX%%/sbin/sniproxy + +pidfile=${sniproxy_pidfile:-"/var/run/sniproxy.pid + +sniproxy_enable=${sniproxy_enable:-"NO"} +sniproxy_conf=${sniproxy_conf:-"%%PREFIX%%/etc/sniproxy.conf"} + +stop_postcmd="rm -f $pidfile" +sig_reload="HUP" + +load_rc_config ${name} + +required_files=${sniproxy_conf} + +command_args="-c ${sniproxy_conf}" +run_rc_command "$1" + Added: head/net/sniproxy/pkg-descr ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/sniproxy/pkg-descr Sun Apr 22 15:25:48 2018 (r468034) @@ -0,0 +1,21 @@ +SNIproxy - Proxies incoming HTTP and TLS connections based on the +hostname contained in the initial request of the TCP session. This +enables HTTPS name-based virtual hosting to separate backend servers +without installing the private key on the proxy machine. + +Features: + +Name-based proxying of HTTPS without decrypting traffic. No keys or +certificates required. + +Supports both TLS and HTTP protocols. + +Supports IPv4, IPv6 and Unix domain sockets for both back end +servers and listeners. + +Supports multiple listening sockets per instance. + +Supports HAProxy proxy protocol to propagate original source address +to backend servers. + +WWW: https://github.com/dlundquist/sniproxy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201804221525.w3MFPmEB031857>