From nobody Wed Jan 26 07:37:02 2022 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 7055B197ACA9; Wed, 26 Jan 2022 07:37:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JkFsp2QKqz4t6f; Wed, 26 Jan 2022 07:37:02 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1643182622; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=eeTIuz/CQR/PQYDAa1KOIibmnTXX10jEw1nRL7knNPQ=; b=bYHc1wHrjHaiLq3+TBLQM/QH5fpB4TfmdNl5oQJV6YqVpayjZ+J19aMi0k97l6P9n7UUNG +e6Ce4Fl5vJCloc1SvpZzRfBxf+hcOIPEfLqGoeWC32CFnGbrIvKrvwLWfwF4yP7ZMi3m6 Uh1Z4OIboRKYxgbYNOAgraJus/a04y1vM+PyVN9sZEACDLWF0XlEIn1CwucpNBSPAr7DfU spdMcrdI/jrwXNwaydGYUVOHFDe/IUSlEc8W5i0gDMqdsNe9gMsVkl1J3T9nRE+9aJJ0jl G1BKEJFvhBvXSKDNOyDZTAetJ1BQDZEKFcTpXFVvz+fXM8vOaUduDszUOtaWqA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 32FF819358; Wed, 26 Jan 2022 07:37:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 20Q7b2wv061408; Wed, 26 Jan 2022 07:37:02 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 20Q7b2oG061407; Wed, 26 Jan 2022 07:37:02 GMT (envelope-from git) Date: Wed, 26 Jan 2022 07:37:02 GMT Message-Id: <202201260737.20Q7b2oG061407@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Marius Strobl Subject: git: f001878b3e06 - main - net/sslh: update to 1.22c List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: marius X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: f001878b3e063b2ceb70c31afeec232960fbc061 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1643182622; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=eeTIuz/CQR/PQYDAa1KOIibmnTXX10jEw1nRL7knNPQ=; b=rzlsM24oLRD/JQZ4Pq7KXjVs2MJH86vYx2emB7msBmX9gnq4CLxbrm5fbP4qixzEo2nOgX GYka8BCSn8eq3oJMjKhFGNnStc7uUW14c3KkDK/OfcNkG+YCgkADJ8S4wIh7wGPmgXdxw6 qiB95HW9sb2qA7qASXTNuvqm0tAV8PW3slVZESat0tCFnuPDvEITQHIi18+p04YeHnHwKa KlZ6NViyv4BR6CK/gfz42+7EtLQGVI1Z7uiq0Is2NhGzFSL36GEFn5GsWyR5ibMdl2IJcC JbS3bkiscaxOOFZjQCyL6xAw6c4xHT1EstnzvBnKeFBTJ+o6fIQi2nYYdVMoMw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1643182622; a=rsa-sha256; cv=none; b=Vix+J8/wKwEFQLOkcD+2AHdDp+HrFvxkRByFYerorqzu+ft9q6lyqC7mNNjvp2J64XnnJP ycADLSDNaInI08UPKg16HsAe7jlt17J7ehpMlc6lhjOHW/HWbymP0APSLH0afrKi/vXqP9 aJ558eVg+YkDuU+tDYuPeu3P6xbLD1ZVtys4SDySN3h48fAlkASkxk1l34XAkqXM/mVO/o UO9IvhalKbEHIrhiDt4kUt4iKK2ZtR4z9zfM/Kyak6Rm2IDBqSTZN70fJoSlluNOTNCvn3 wEY9Ks2rblOwTc1PX8qCZCsiamh5YkKuHfU7X33tsf7QExR3uDPkOmOzP/UV/A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by marius: URL: https://cgit.FreeBSD.org/ports/commit/?id=f001878b3e063b2ceb70c31afeec232960fbc061 commit f001878b3e063b2ceb70c31afeec232960fbc061 Author: Marius Strobl AuthorDate: 2022-01-09 19:12:21 +0000 Commit: Marius Strobl CommitDate: 2022-01-26 07:36:39 +0000 net/sslh: update to 1.22c Most notably, sslh now supports UDP and, thus, QUIC and Teamspeak. For the release announcement see: https://lists.rutschle.net/mailman/archives/sslh/2021-August/000744.html While at it: - Give the sample configuration file @sample treatment. - Install all remaining example configuration files as EXAMPLES. - Make the EXAMPLES knob actually work as intended by not installing corresponding files when it's off. - Refresh pkg-descr. PR: 261067 Approved by: maintainer timeout --- net/sslh/Makefile | 27 +++++++++++---------------- net/sslh/distinfo | 6 +++--- net/sslh/pkg-descr | 23 +++++++++++++++++++---- 3 files changed, 33 insertions(+), 23 deletions(-) diff --git a/net/sslh/Makefile b/net/sslh/Makefile index 7e4c91b526fd..7d5abec5527e 100644 --- a/net/sslh/Makefile +++ b/net/sslh/Makefile @@ -1,7 +1,7 @@ # Created by: Jui-Nan Lin PORTNAME= sslh -PORTVERSION= 1.21c +PORTVERSION= 1.22c DISTVERSIONPREFIX= v CATEGORIES= net @@ -12,36 +12,29 @@ LICENSE= GPLv2 LICENSE_FILE= ${WRKSRC}/COPYING LIB_DEPENDS= libconfig.so:devel/libconfig \ - libpcre.so:devel/pcre - -USES= gmake perl5 -USE_PERL5= build + libpcre2-8.so:devel/pcre2 +USES= gmake +USE_RC_SUBR= sslh USE_GITHUB= yes GH_ACCOUNT= yrutschle OPTIONS_DEFINE= EXAMPLES LIBWRAP -OPTIONS_DEFAULT= LIBWRAP +OPTIONS_DEFAULT=LIBWRAP + +LIBWRAP_MAKE_ENV= USELIBWRAP=1 CFLAGS+= -I${LOCALBASE}/include LDFLAGS+= -L${LOCALBASE}/lib PLIST_FILES= sbin/sslh-fork \ sbin/sslh-select \ - etc/sslh.conf.sample \ + "@sample etc/sslh.conf.sample" \ man/man8/sslh.8.gz -USE_RC_SUBR= sslh - -PORTEXAMPLES= example.cfg - -MAKE_JOBS_UNSAFE= yes - -LIBWRAP_MAKE_ENV= USELIBWRAP=1 +PORTEXAMPLES= example.cfg test.cfg udp.cfg post-patch: - @${REINPLACE_CMD} -Ee 's,^(release=)$$,\1${PORTVERSION},' \ - ${WRKSRC}/genver.sh @${REINPLACE_CMD} -Ee 's,/etc/init.d/(sslh),${PREFIX}/etc/rc.d/\1,g; \ s,/etc/default/(sslh),${PREFIX}/etc/\1.conf,g' \ ${WRKSRC}/sslh.pod @@ -52,6 +45,8 @@ do-install: ${INSTALL_DATA} ${WRKSRC}/basic.cfg \ ${STAGEDIR}${PREFIX}/etc/${PORTNAME}.conf.sample ${INSTALL_MAN} ${WRKSRC}/sslh.8.gz ${STAGEDIR}${MANPREFIX}/man/man8 + +do-install-EXAMPLES-on: @${MKDIR} ${STAGEDIR}${EXAMPLESDIR} ${INSTALL_DATA} ${PORTEXAMPLES:S,^,${WRKSRC}/,} \ ${STAGEDIR}${EXAMPLESDIR}/ diff --git a/net/sslh/distinfo b/net/sslh/distinfo index 79be7ae47d55..3916f5c1905b 100644 --- a/net/sslh/distinfo +++ b/net/sslh/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1596492623 -SHA256 (yrutschle-sslh-v1.21c_GH0.tar.gz) = 2e457e59592f8e523cade8d9302b0fdc87f8ea0322beb674dd7f067547a93ea9 -SIZE (yrutschle-sslh-v1.21c_GH0.tar.gz) = 111895 +TIMESTAMP = 1641747765 +SHA256 (yrutschle-sslh-v1.22c_GH0.tar.gz) = ec5f6998f90b2849d113f2617db7ceca5281fbe4ef55fcd185789d390c09eb04 +SIZE (yrutschle-sslh-v1.22c_GH0.tar.gz) = 146954 diff --git a/net/sslh/pkg-descr b/net/sslh/pkg-descr index dae85d1109a1..c7177fc38ccd 100644 --- a/net/sslh/pkg-descr +++ b/net/sslh/pkg-descr @@ -1,5 +1,20 @@ -sslh accepts HTTPS, SSH, OpenVPN, tinc and XMPP connections on the same port. -This makes it possible to connect to any of these servers on port 443 while -still serving HTTPS on that port. +sslh accepts connections on specified ports, and forwards them further based +on tests performed on the first data packet sent by the remote client. -WWW: http://www.rutschle.net/tech/sslh.shtml +Probes for HTTP, TLS/SSL (including SNI and ALPN), SSH, OpenVPN, tinc, XMPP, +SOCKS5, are implemented, and any other protocol that can be tested using a +regular expression, can be recognised. A typical use case is to allow serving +several services on port 443 (e.g. to connect to SSH from inside a corporate +firewall, which almost never block port 443) while still serving HTTPS on +that port. + +Hence sslh acts as a protocol demultiplexer, or a switchboard. With the SNI +and ALPN probe, it makes a good front-end to a virtual host farm hosted +behind a single IP address. + +sslh has the bells and whistles expected from a mature daemon: privilege and +capabilities dropping, inetd support, systemd support, transparent proxying, +chroot, logging, IPv4 and IPv6, TCP and UDP, a fork-based and a select-based +model, and more. + +WWW: https://www.rutschle.net/tech/sslh.shtml