git: 057c0c3c0645 - main - [NEW] security/snowflake-tor: Pluggable Transport using WebRTC inspired by Flashproxy
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 14 Nov 2021 23:44:59 UTC
The branch main has been updated by egypcio:
URL: https://cgit.FreeBSD.org/ports/commit/?id=057c0c3c0645c0b237bb2a96dda440e0426ca983
commit 057c0c3c0645c0b237bb2a96dda440e0426ca983
Author: Vinícius Zavam <egypcio@FreeBSD.org>
AuthorDate: 2021-11-14 23:41:22 +0000
Commit: Vinícius Zavam <egypcio@FreeBSD.org>
CommitDate: 2021-11-14 23:41:22 +0000
[NEW] security/snowflake-tor: Pluggable Transport using WebRTC inspired by Flashproxy
Snowflake is a system to defeat internet censorship. People who are censored
can use Snowflake to access the internet. Their connection goes through
Snowflake proxies, which are run by volunteers. For more detailed information
about how Snowflake works see our documentation wiki.
WWW: https://snowflake.torproject.org/
Sponsored by: TorBSD Diversity Project (TDP)
Sponsored by: The Tor Project
---
security/Makefile | 1 +
security/snowflake-tor/Makefile | 97 ++++++++++++++++++++++++++
security/snowflake-tor/distinfo | 103 ++++++++++++++++++++++++++++
security/snowflake-tor/files/pkg-message.in | 48 +++++++++++++
security/snowflake-tor/files/snowflake.in | 35 ++++++++++
security/snowflake-tor/pkg-descr | 6 ++
security/snowflake-tor/pkg-plist | 5 ++
7 files changed, 295 insertions(+)
diff --git a/security/Makefile b/security/Makefile
index 4c63bed128ec..5f031d0dd71f 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -1229,6 +1229,7 @@
SUBDIR += snort3
SUBDIR += snortsam
SUBDIR += snortsnarf
+ SUBDIR += snowflake-tor
SUBDIR += snuffleupagus
SUBDIR += softether
SUBDIR += softether-devel
diff --git a/security/snowflake-tor/Makefile b/security/snowflake-tor/Makefile
new file mode 100644
index 000000000000..4db04fd59a0e
--- /dev/null
+++ b/security/snowflake-tor/Makefile
@@ -0,0 +1,97 @@
+PORTNAME= snowflake
+DISTVERSIONPREFIX= v
+DISTVERSION= 2.0.1
+CATEGORIES= security net
+PKGNAMESUFFIX= -tor
+
+MAINTAINER= egypcio@FreeBSD.org
+COMMENT= Pluggable Transport using WebRTC inspired by Flashproxy
+
+LICENSE= BSD3CLAUSE
+LICENSE_FILE= ${WRKDIR}/${PORTNAME}-${TPO_SNOWFLAKE}/LICENSE
+
+RUN_DEPENDS= ca_root_nss>=0:security/ca_root_nss
+
+USES= cpe go
+USE_RC_SUBR= ${PORTNAME}
+USE_GITHUB= nodefault
+USE_GITLAB= nodefault
+CPE_VENDOR= torproject
+TPO_GEOIP= 7ce4b3d98d01ff33bad8007db3f488d5b172382a
+TPO_SNOWFLAKE= ead5a960d7fa19dc890ccbfc0765c5ab6629eaa9
+
+GO_PKGNAME= git.torproject.org/pluggable-transports/snowflake.git/v2
+GO_TARGET= ./client ./proxy ./server
+
+GL_SITE= https://gitlab.torproject.org/tpo
+GL_TUPLE= anti-censorship:pluggable-transports/${PORTNAME}:${TPO_SNOWFLAKE}:tpo_acs_snowflake/vendor/git.torproject.org/pluggable-transports/snowflake.git/v2 \
+ anti-censorship:geoip:${TPO_GEOIP}:tpo_acs_geoip/vendor/gitlab.torproject.org/tpo/anti-censorship/geoip
+
+GH_TUPLE= torbsd:goptlib:v1.1.0:torbsd_goptlib/vendor/git.torproject.org/pluggable-transports/goptlib.git \
+ beorn7:perks:v1.0.1:beorn7_perks/vendor/github.com/beorn7/perks \
+ cespare:xxhash:v2.1.1:cespare_xxhash_v2/vendor/github.com/cespare/xxhash/v2 \
+ golang:crypto:513c2a44f670:golang_crypto/vendor/golang.org/x/crypto \
+ golang:mod:v0.3.0:golang_mod/vendor/golang.org/x/mod \
+ golang:net:d523dce5a7f4:golang_net/vendor/golang.org/x/net \
+ golang:protobuf:v1.4.3:golang_protobuf/vendor/github.com/golang/protobuf \
+ golang:sys:c4fcb01b228e:golang_sys/vendor/golang.org/x/sys \
+ golang:text:v0.3.3:golang_text/vendor/golang.org/x/text \
+ golang:tools:5bf02b21f123:golang_tools/vendor/golang.org/x/tools \
+ golang:xerrors:5ec99f83aff1:golang_xerrors/vendor/golang.org/x/xerrors \
+ google:uuid:v1.2.0:google_uuid/vendor/github.com/google/uuid \
+ gopherjs:gopherjs:0766667cb4d1:gopherjs_gopherjs/vendor/github.com/gopherjs/gopherjs \
+ gorilla:websocket:v1.4.1:gorilla_websocket/vendor/github.com/gorilla/websocket \
+ jtolds:gls:v4.20.0:jtolds_gls/vendor/github.com/jtolds/gls \
+ klauspost:cpuid:v1.3.1:klauspost_cpuid/vendor/github.com/klauspost/cpuid \
+ klauspost:reedsolomon:v1.9.9:klauspost_reedsolomon/vendor/github.com/klauspost/reedsolomon \
+ matttproud:golang_protobuf_extensions:v1.0.1:matttproud_golang_protobuf_extensions/vendor/github.com/matttproud/golang_protobuf_extensions \
+ mmcloughlin:avo:443f81d77104:mmcloughlin_avo/vendor/github.com/mmcloughlin/avo \
+ pion:datachannel:v1.4.21:pion_datachannel/vendor/github.com/pion/datachannel \
+ pion:dtls:v2.0.8:pion_dtls_v2/vendor/github.com/pion/dtls/v2 \
+ pion:ice:v2.0.15:pion_ice_v2/vendor/github.com/pion/ice/v2 \
+ pion:interceptor:v0.0.10:pion_interceptor/vendor/github.com/pion/interceptor \
+ pion:logging:v0.2.2:pion_logging/vendor/github.com/pion/logging \
+ pion:mdns:v0.0.4:pion_mdns/vendor/github.com/pion/mdns \
+ pion:randutil:v0.1.0:pion_randutil/vendor/github.com/pion/randutil \
+ pion:rtcp:v1.2.6:pion_rtcp/vendor/github.com/pion/rtcp \
+ pion:rtp:v1.6.2:pion_rtp/vendor/github.com/pion/rtp \
+ pion:sctp:v1.7.11:pion_sctp/vendor/github.com/pion/sctp \
+ pion:sdp:v3.0.4:pion_sdp_v3/vendor/github.com/pion/sdp/v3 \
+ pion:srtp:v2.0.2:pion_srtp_v2/vendor/github.com/pion/srtp/v2 \
+ pion:stun:v0.3.5:pion_stun/vendor/github.com/pion/stun \
+ pion:transport:v0.12.3:pion_transport/vendor/github.com/pion/transport \
+ pion:turn:v2.0.5:pion_turn_v2/vendor/github.com/pion/turn/v2 \
+ pion:udp:v0.1.0:pion_udp/vendor/github.com/pion/udp \
+ pion:webrtc:v3.0.15:pion_webrtc_v3/vendor/github.com/pion/webrtc/v3 \
+ pkg:errors:v0.9.1:pkg_errors/vendor/github.com/pkg/errors \
+ prometheus:client_golang:v1.10.0:prometheus_client_golang/vendor/github.com/prometheus/client_golang \
+ prometheus:client_model:v0.2.0:prometheus_client_model/vendor/github.com/prometheus/client_model \
+ prometheus:common:v0.18.0:prometheus_common/vendor/github.com/prometheus/common \
+ prometheus:procfs:v0.6.0:prometheus_procfs/vendor/github.com/prometheus/procfs \
+ protocolbuffers:protobuf-go:v1.23.0:protocolbuffers_protobuf_go/vendor/google.golang.org/protobuf \
+ smartystreets:assertions:b2de0cb4f26d:smartystreets_assertions/vendor/github.com/smartystreets/assertions \
+ smartystreets:goconvey:v1.6.4:smartystreets_goconvey/vendor/github.com/smartystreets/goconvey \
+ templexxx:cpu:v0.0.7:templexxx_cpu/vendor/github.com/templexxx/cpu \
+ templexxx:xorsimd:v0.4.1:templexxx_xorsimd/vendor/github.com/templexxx/xorsimd \
+ tjfoc:gmsm:v1.3.2:tjfoc_gmsm/vendor/github.com/tjfoc/gmsm \
+ xtaci:kcp-go:v5.6.1:xtaci_kcp_go_v5/vendor/github.com/xtaci/kcp-go/v5 \
+ xtaci:smux:v1.5.15:xtaci_smux/vendor/github.com/xtaci/smux
+
+PLIST_SUB= MANPAGES=${MANPAGES}
+SUB_FILES= pkg-message
+
+pre-extract:
+ ${MKDIR} ${WRKDIR}/pluggable-transports ${WRKDIR}/${PORTNAME}-${TPO_SNOWFLAKE} && \
+ ${RLN} ${WRKDIR}/${PORTNAME}-${TPO_SNOWFLAKE} ${WRKDIR}/pluggable-transports/. && \
+ ${LN} -sf ${WRKDIR}/${PORTNAME}-${TPO_SNOWFLAKE} ${WRKSRC} && \
+ ${LN} -sf ${WRKSRC}/vendor ${WRKSRC}/src
+
+post-install:
+ ${MKDIR} ${STAGEDIR}/${MANPREFIX}/man/man1
+. for b in client proxy
+ ${INSTALL_MAN} ${WRKSRC}/doc/${PORTNAME}-$b.1 ${STAGEDIR}/${MANPREFIX}/man/man1
+ ${MV} ${STAGEDIR}/${PREFIX}/bin/$b ${STAGEDIR}/${PREFIX}/bin/${PORTNAME}-$b
+. endfor
+ ${MV} ${STAGEDIR}/${PREFIX}/bin/server ${STAGEDIR}/${PREFIX}/bin/${PORTNAME}
+
+.include <bsd.port.mk>
diff --git a/security/snowflake-tor/distinfo b/security/snowflake-tor/distinfo
new file mode 100644
index 000000000000..1ae6f1940f82
--- /dev/null
+++ b/security/snowflake-tor/distinfo
@@ -0,0 +1,103 @@
+TIMESTAMP = 1636895316
+SHA256 (torbsd-goptlib-v1.1.0_GH0.tar.gz) = ff908e532019a0d16adc8505214d8e6f49ffaf5b7bf2dcecfb9ca61307d001f0
+SIZE (torbsd-goptlib-v1.1.0_GH0.tar.gz) = 29395
+SHA256 (beorn7-perks-v1.0.1_GH0.tar.gz) = 98db84bb0224a26094e6adba91b7ee7a1a7ace28cb648d818f8e779e6a19f825
+SIZE (beorn7-perks-v1.0.1_GH0.tar.gz) = 10867
+SHA256 (cespare-xxhash-v2.1.1_GH0.tar.gz) = 0ee31178d2c5a1249be4e26294a2f428008dc4e1ecbbfbe47f74e41026df1148
+SIZE (cespare-xxhash-v2.1.1_GH0.tar.gz) = 9292
+SHA256 (golang-crypto-513c2a44f670_GH0.tar.gz) = 046d89ee939ed65f763df29952ce76db2029edad4d89f29df0021b497997e828
+SIZE (golang-crypto-513c2a44f670_GH0.tar.gz) = 1726135
+SHA256 (golang-mod-v0.3.0_GH0.tar.gz) = bc97bb300928a00cfe64d97b3240c760668060cda0767e0d0b413e506fc3fa0a
+SIZE (golang-mod-v0.3.0_GH0.tar.gz) = 93941
+SHA256 (golang-net-d523dce5a7f4_GH0.tar.gz) = 2845c6b37390b25a88a8a71e211e1ed9da8a1f6363baa275d6d30e8dd0d00a21
+SIZE (golang-net-d523dce5a7f4_GH0.tar.gz) = 1252646
+SHA256 (golang-protobuf-v1.4.3_GH0.tar.gz) = 5736f943f8647362f5559689df6154f3c85d261fb088867c8a68494e2a767610
+SIZE (golang-protobuf-v1.4.3_GH0.tar.gz) = 171969
+SHA256 (golang-sys-c4fcb01b228e_GH0.tar.gz) = a0cdad06d571d1dc0c19193ede76545273df36e68ea7dee0c18d761824fe7ba7
+SIZE (golang-sys-c4fcb01b228e_GH0.tar.gz) = 1217654
+SHA256 (golang-text-v0.3.3_GH0.tar.gz) = 1604233637e3593749fbbb13b5069b08e6feba6d2b55a02fd3148793d5871185
+SIZE (golang-text-v0.3.3_GH0.tar.gz) = 7747332
+SHA256 (golang-tools-5bf02b21f123_GH0.tar.gz) = 9aef523adadb4fe6c4567b813d49cc5bb4eb301f136f05955e9561ac1bbae65c
+SIZE (golang-tools-5bf02b21f123_GH0.tar.gz) = 2533344
+SHA256 (golang-xerrors-5ec99f83aff1_GH0.tar.gz) = 71975d658357e170fd6a41f92539cde8b39c9cd8bfe5931b6311bc5f5c0da0d7
+SIZE (golang-xerrors-5ec99f83aff1_GH0.tar.gz) = 13664
+SHA256 (google-uuid-v1.2.0_GH0.tar.gz) = 53ba896ce398435b3ba4f9375f5d4908b09c79daaa54ecd4e5000b7bef984380
+SIZE (google-uuid-v1.2.0_GH0.tar.gz) = 14158
+SHA256 (gopherjs-gopherjs-0766667cb4d1_GH0.tar.gz) = bc4d58aabc0e9958a9b8f9ebd835f1deabe5061750d070fc1e2e41fe6e6d643a
+SIZE (gopherjs-gopherjs-0766667cb4d1_GH0.tar.gz) = 217279
+SHA256 (gorilla-websocket-v1.4.1_GH0.tar.gz) = 9e5bd337d58a978bf4072767252ddb394b53e2b459697633794abd96e8eb3fa6
+SIZE (gorilla-websocket-v1.4.1_GH0.tar.gz) = 54218
+SHA256 (jtolds-gls-v4.20.0_GH0.tar.gz) = 5223a689f315fc53c5bc271b3a8259032cc74f5311a6d7c1f700a1c65d40c2b2
+SIZE (jtolds-gls-v4.20.0_GH0.tar.gz) = 7306
+SHA256 (klauspost-cpuid-v1.3.1_GH0.tar.gz) = 3bf2da7358c8ed33c05bac2ca733749ade03eadf184d81cc7b16fcbe2e230f1d
+SIZE (klauspost-cpuid-v1.3.1_GH0.tar.gz) = 367144
+SHA256 (klauspost-reedsolomon-v1.9.9_GH0.tar.gz) = d6f4737f20f6cdba9fcbae08611ace58a2ccba050883413fcd3ec3b2b8c305a9
+SIZE (klauspost-reedsolomon-v1.9.9_GH0.tar.gz) = 197069
+SHA256 (matttproud-golang_protobuf_extensions-v1.0.1_GH0.tar.gz) = 2def0ee6f6b12b1efc0e3007d89f598608a072610e805c3655ea9d13c3ead49b
+SIZE (matttproud-golang_protobuf_extensions-v1.0.1_GH0.tar.gz) = 37184
+SHA256 (mmcloughlin-avo-443f81d77104_GH0.tar.gz) = 79e0963d0b15115696ffb61557d70732fcf8342cee135b7a6e04477e0a0b021b
+SIZE (mmcloughlin-avo-443f81d77104_GH0.tar.gz) = 466477
+SHA256 (pion-datachannel-v1.4.21_GH0.tar.gz) = 2186491629973bbb01fb42269307c39a8a86406d18a47346c3e7eb8874829c19
+SIZE (pion-datachannel-v1.4.21_GH0.tar.gz) = 16177
+SHA256 (pion-dtls-v2.0.8_GH0.tar.gz) = 64d1f5cef548059166b8fb9ac8df59cf4b07c02240cf1b96cf6e0cd167f9aa03
+SIZE (pion-dtls-v2.0.8_GH0.tar.gz) = 128343
+SHA256 (pion-ice-v2.0.15_GH0.tar.gz) = 06c6f7faafb29ba2f86cff629d993434da19cc778e85b01050ce3aafa4ccdc2f
+SIZE (pion-ice-v2.0.15_GH0.tar.gz) = 76161
+SHA256 (pion-interceptor-v0.0.10_GH0.tar.gz) = 4c0cc8a4d1dde5c98f716255a471f872d069b8afa7b7060eafa0e27b03bf66dc
+SIZE (pion-interceptor-v0.0.10_GH0.tar.gz) = 24677
+SHA256 (pion-logging-v0.2.2_GH0.tar.gz) = 9e06f3dbf6f4fcf0e61e3a6406cac898fe3df86cb906bc9d73c7c4b466f0a9d6
+SIZE (pion-logging-v0.2.2_GH0.tar.gz) = 6750
+SHA256 (pion-mdns-v0.0.4_GH0.tar.gz) = 1fb71d132214d55af39cfdfe85e7e3d9a0f38c365ce1c3d47ee75e041c4ab817
+SIZE (pion-mdns-v0.0.4_GH0.tar.gz) = 8341
+SHA256 (pion-randutil-v0.1.0_GH0.tar.gz) = 4b0301915ebbfa77c8621cebf99c6c7d71651762a33ce4fa4e6af8994ecd4993
+SIZE (pion-randutil-v0.1.0_GH0.tar.gz) = 7521
+SHA256 (pion-rtcp-v1.2.6_GH0.tar.gz) = d65f7c73740de81ba4e92095818b4d246428fa48538b6ef0e648c2d3850a5510
+SIZE (pion-rtcp-v1.2.6_GH0.tar.gz) = 40259
+SHA256 (pion-rtp-v1.6.2_GH0.tar.gz) = ea9e06a33749e882641c86440d59ac109ff2e03a105a5e60b637c2f7c74bd680
+SIZE (pion-rtp-v1.6.2_GH0.tar.gz) = 29320
+SHA256 (pion-sctp-v1.7.11_GH0.tar.gz) = 2c1a2bae7b4bfd01374d058a94896350d31c5a0ccf408f21d251a7d9621c2a0d
+SIZE (pion-sctp-v1.7.11_GH0.tar.gz) = 79339
+SHA256 (pion-sdp-v3.0.4_GH0.tar.gz) = 4645d2a7615f8aa46c16e98641ee1fb7c62cbaff2722af5af8dca5f550b3a8fe
+SIZE (pion-sdp-v3.0.4_GH0.tar.gz) = 27532
+SHA256 (pion-srtp-v2.0.2_GH0.tar.gz) = 68e060733cad6ed97d77593962f5a73b04fd0ac324cbd303120cdd900a903a79
+SIZE (pion-srtp-v2.0.2_GH0.tar.gz) = 32383
+SHA256 (pion-stun-v0.3.5_GH0.tar.gz) = d0afd31208886b98705315fc43626ae0984b6fa57c17a8b223735cb37f95617c
+SIZE (pion-stun-v0.3.5_GH0.tar.gz) = 81069
+SHA256 (pion-transport-v0.12.3_GH0.tar.gz) = 5957e0a21f6f67accba7ef5548b54d4dfc8768b374b54a15a318411c346b0c88
+SIZE (pion-transport-v0.12.3_GH0.tar.gz) = 60860
+SHA256 (pion-turn-v2.0.5_GH0.tar.gz) = 81fd4851835d9068cafefcabcb891d9a358d11dd6c15349bb3c238b7663894d3
+SIZE (pion-turn-v2.0.5_GH0.tar.gz) = 115618
+SHA256 (pion-udp-v0.1.0_GH0.tar.gz) = 2dd4ba95bf3894d79e4a92dcd9e33f4bbf55394e23987fa362c94ddb065cac55
+SIZE (pion-udp-v0.1.0_GH0.tar.gz) = 7482
+SHA256 (pion-webrtc-v3.0.15_GH0.tar.gz) = 8e796d728bf31cb0a71dbaf05fa6a618460a156c1aa05d8c5ef57812fd74390e
+SIZE (pion-webrtc-v3.0.15_GH0.tar.gz) = 321654
+SHA256 (pkg-errors-v0.9.1_GH0.tar.gz) = 56bfd893023daa498508bfe161de1be83299fcf15376035e7df79cbd7d6fa608
+SIZE (pkg-errors-v0.9.1_GH0.tar.gz) = 13415
+SHA256 (prometheus-client_golang-v1.10.0_GH0.tar.gz) = e7305f84aa6553d9dd4bfd148d29289df36a9df82dae7be3c6eda62feb56f3d1
+SIZE (prometheus-client_golang-v1.10.0_GH0.tar.gz) = 176316
+SHA256 (prometheus-client_model-v0.2.0_GH0.tar.gz) = 4ab1be9cdfa702d7f49beeb09a256bcc6a2aad55e8a0a37e7732a46934264e12
+SIZE (prometheus-client_model-v0.2.0_GH0.tar.gz) = 10986
+SHA256 (prometheus-common-v0.18.0_GH0.tar.gz) = 64b0963add6f1945d8da40452d9bf796db263e4d8aba26cf17fdcc3f76b8f940
+SIZE (prometheus-common-v0.18.0_GH0.tar.gz) = 123693
+SHA256 (prometheus-procfs-v0.6.0_GH0.tar.gz) = 6ad7a23cf4db9fa5dbf2c5d8fbd0fbf5ffe48e3ddb7bf15f9359813d764ce73c
+SIZE (prometheus-procfs-v0.6.0_GH0.tar.gz) = 169898
+SHA256 (protocolbuffers-protobuf-go-v1.23.0_GH0.tar.gz) = e7266bedaa4f110216fce52ae533dc5eba475d3829bb0592e8876684e202ae1f
+SIZE (protocolbuffers-protobuf-go-v1.23.0_GH0.tar.gz) = 1214648
+SHA256 (smartystreets-assertions-b2de0cb4f26d_GH0.tar.gz) = f9a1971c377083f255d18faedf07aba988e9d14780c5ef398db15c6f2281c4d6
+SIZE (smartystreets-assertions-b2de0cb4f26d_GH0.tar.gz) = 52225
+SHA256 (smartystreets-goconvey-v1.6.4_GH0.tar.gz) = 88714f84d0a989c4ba60e1f2b65e426dc7e23058ca0b9f06cb77613cb22b010b
+SIZE (smartystreets-goconvey-v1.6.4_GH0.tar.gz) = 1478622
+SHA256 (templexxx-cpu-v0.0.7_GH0.tar.gz) = 2309220323983c8e8eef4dc2aa4273da31dbd791be23d811c4f661b46aff8415
+SIZE (templexxx-cpu-v0.0.7_GH0.tar.gz) = 11626
+SHA256 (templexxx-xorsimd-v0.4.1_GH0.tar.gz) = 545ae9a4ef9aae3e11baf20b0c1d3bfe7d9627d1f56d8e009f960d3214e0c075
+SIZE (templexxx-xorsimd-v0.4.1_GH0.tar.gz) = 8028
+SHA256 (tjfoc-gmsm-v1.3.2_GH0.tar.gz) = 55d6a4c3b15436c030f81c973a6442a0678eb09b194689ba233e11f16cabf9c4
+SIZE (tjfoc-gmsm-v1.3.2_GH0.tar.gz) = 1232379
+SHA256 (xtaci-kcp-go-v5.6.1_GH0.tar.gz) = 27f03bc2bc6e9da3e640feed1490e6f0a1c2515f23bf6982dbfe32176189de4b
+SIZE (xtaci-kcp-go-v5.6.1_GH0.tar.gz) = 177215
+SHA256 (xtaci-smux-v1.5.15_GH0.tar.gz) = 6197a37eff68b0565ac846534bad7d8f8392b538766d71ca5b33b82bb439b30b
+SIZE (xtaci-smux-v1.5.15_GH0.tar.gz) = 138022
+SHA256 (anti-censorship-pluggable-transports/snowflake-ead5a960d7fa19dc890ccbfc0765c5ab6629eaa9_GL0.tar.gz) = 24f17139a1d6ee0890f32fd6d37b7eb6a94190d97e55abace17a0101af340dcb
+SIZE (anti-censorship-pluggable-transports/snowflake-ead5a960d7fa19dc890ccbfc0765c5ab6629eaa9_GL0.tar.gz) = 138144
+SHA256 (anti-censorship-geoip-7ce4b3d98d01ff33bad8007db3f488d5b172382a_GL0.tar.gz) = d4db97d4c95cf7ad80dbfcbada55da423d207e41c69707c7f108efc9c26165e2
+SIZE (anti-censorship-geoip-7ce4b3d98d01ff33bad8007db3f488d5b172382a_GL0.tar.gz) = 20279
diff --git a/security/snowflake-tor/files/pkg-message.in b/security/snowflake-tor/files/pkg-message.in
new file mode 100644
index 000000000000..7cb60eb220bc
--- /dev/null
+++ b/security/snowflake-tor/files/pkg-message.in
@@ -0,0 +1,48 @@
+[
+{ type: install
+ message: <<EOM
+To enable Snowflake's proxy daemon to start on boot:
+
+ # sysrc snowflake_enable=YES
+
+It will keep its same defaults, and allow the proxy service to run.
+
+To start the service:
+
+ # service snowflake start
+
+Should you wish to change any of the parameters, please refer
+to the snowflake-proxy(1) manpage. Use sysrc(8) to view or modify
+values depending on your needs.
+
+If you opt to use Snowflake's bridge features, adjust your 'torrc' accordingly:
+
+ - Client
+
+ UseBridges 1
+ Bridge snowflake 192.0.2.3:1
+ ClientTransportPlugin snowflake exec %%PREFIX%%/bin/snowflake-client \
+ -front cdn.sstatic.net \
+ -url https://snowflake-broker.torproject.net.global.prod.fastly.net/ \
+ -ice stun:stun.voip.blackberry.com:3478,stun:stun.altar.com.pl:3478,stun:stun.dus.net:3478
+
+Client's options can be checked using `%%PREFIX%%/bin/snowflake-client --help`.
+
+ - Server
+
+ BridgeRelay 1
+ ExtORPort auto
+ ServerTransportListenAddr snowflake 0.0.0.0:443
+ ServerTransportPlugin snowflake exec %%PREFIX%%/bin/snowflake \
+ --acme-email admin@snowflake.example \
+ --acme-hostnames snowflake.example
+
+Server's options can be checked using `%%PREFIX%%/bin/snowflake-client --help`.
+
+As it uses TLS with ACME (Let's Encrypt) by default, an extra socket on port 80
+will be started. In order to disable this behavior, use -disable-tls. The domain
+names given to the --acme-hostnames option should resolve to the IP address of
+the server. You can give more than one, separated by commas.
+EOM
+}
+]
diff --git a/security/snowflake-tor/files/snowflake.in b/security/snowflake-tor/files/snowflake.in
new file mode 100644
index 000000000000..ccfa3a9e495b
--- /dev/null
+++ b/security/snowflake-tor/files/snowflake.in
@@ -0,0 +1,35 @@
+#!/bin/sh
+
+# PROVIDE: snowflake
+# REQUIRE: cleanvar SERVERS
+#
+# Options to configure it via /etc/rc.conf:
+#
+# snowflake_enable (bool) Enable service on boot. Default: NO
+# snowflake_broker (str) Broker URL. Default: https://snowflake-broker.torproject.net/
+# snowflake_capacity (int) Clients capacity. Default: 10
+# snowflake_relay (str) Websocket relay URL. Default: wss://snowflake.torproject.net/
+# snowflake_stun (str) STUN URL. Default: stun:stun.stunprotocol.org:3478
+
+. /etc/rc.subr
+
+name="snowflake"
+rcvar="${name}_enable"
+pidfile="/var/run/${name}.pid"
+logfile="/var/log/${name}.log"
+procname="%%PREFIX%%/bin/${name}-proxy"
+
+load_rc_config $name
+
+: ${snowflake_enable:="NO"}
+: ${snowflake_broker:="https://snowflake-broker.torproject.net/"}
+: ${snowflake_capacity:="10"}
+: ${snowflake_relay:="wss://snowflake.torproject.net/"}
+: ${snowflake_stun:="stun:stun.stunprotocol.org:3478"}
+
+command="/usr/sbin/daemon"
+snowflake_opts1="-broker ${snowflake_broker} -capacity ${snowflake_capacity}"
+snowflake_opts2="-relay ${snowflake_relay} -stun ${snowflake_stun}"
+command_args="-p ${pidfile} -u nobody -o ${logfile} -f ${procname} ${snowflake_opts1} ${snowflake_opts2}"
+
+run_rc_command "$1"
diff --git a/security/snowflake-tor/pkg-descr b/security/snowflake-tor/pkg-descr
new file mode 100644
index 000000000000..4c4e8ee7d66a
--- /dev/null
+++ b/security/snowflake-tor/pkg-descr
@@ -0,0 +1,6 @@
+Snowflake is a system to defeat internet censorship. People who are censored
+can use Snowflake to access the internet. Their connection goes through
+Snowflake proxies, which are run by volunteers. For more detailed information
+about how Snowflake works see our documentation wiki.
+
+WWW: https://snowflake.torproject.org/
diff --git a/security/snowflake-tor/pkg-plist b/security/snowflake-tor/pkg-plist
new file mode 100644
index 000000000000..873c75fe7046
--- /dev/null
+++ b/security/snowflake-tor/pkg-plist
@@ -0,0 +1,5 @@
+bin/snowflake
+bin/snowflake-client
+bin/snowflake-proxy
+%%MANPAGES%%man/man1/snowflake-client.1.gz
+%%MANPAGES%%man/man1/snowflake-proxy.1.gz