git: 0be7300b3136 - main - security/snowflake-tor: update 2.1.0 to 2.3.0
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 31 Jul 2022 17:20:20 UTC
The branch main has been updated by egypcio:
URL: https://cgit.FreeBSD.org/ports/commit/?id=0be7300b3136bd45bbe7876c2b06d10fd9a44c3d
commit 0be7300b3136bd45bbe7876c2b06d10fd9a44c3d
Author: Vinícius Zavam <egypcio@FreeBSD.org>
AuthorDate: 2022-07-31 17:14:16 +0000
Commit: Vinícius Zavam <egypcio@FreeBSD.org>
CommitDate: 2022-07-31 17:20:15 +0000
security/snowflake-tor: update 2.1.0 to 2.3.0
* while here,
- add 'broker' support;
- add 'tor' as RUN_DEPENDS, as broker uses its geoip databases;
- add rc script to start a local broker without TLS support.
Changes in version v2.3.0
- Issue 40146: Avoid performing two NAT probe tests at startup
- Issue 40134: Log messages from client NAT check failures are confuse
- Issue 34075: Implement metrics to measure snowflake churn
- Issue 28651: Prepare all pieces of the pipeline for a second bridge
- Issue 40129: Distributed Snowflake Server Support
Changes in version v2.2.0
- Issue 40099: Initialize SnowflakeListener.closed
- Add connection failure events for proxy timeouts
- Issue 40103: Fix proxy logging verb tense
- Fix up and downstream metrics output for proxy
- Issue 40095: uTLS for broker negotiation
- Forward bridge fingerprint from client to broker (WIP, Issue 28651)
- Issue 40104: Make it easier to configure proxy type
- Remove version from ClientPollRequest
- Issue 40124: Move tor-specific code out of library
- Issue 40115: Scrub pt event logs
- Issue 40127: Bump webrtc and dtls library versions
- Bump version of webrtc and dtls to fix dtls CVEs
- Issue 40141: Ensure library calls of events can be scrubbed
Sponsored by: TorBSD Diversity Project (TDP)
Sponsored by: The Tor Project
---
security/snowflake-tor/Makefile | 79 ++++-----------
security/snowflake-tor/distinfo | 116 +++--------------------
security/snowflake-tor/files/snowflake-broker.in | 29 ++++++
security/snowflake-tor/pkg-plist | 1 +
4 files changed, 59 insertions(+), 166 deletions(-)
diff --git a/security/snowflake-tor/Makefile b/security/snowflake-tor/Makefile
index aab3ec0ad59e..7833a01d3329 100644
--- a/security/snowflake-tor/Makefile
+++ b/security/snowflake-tor/Makefile
@@ -1,7 +1,6 @@
PORTNAME= snowflake
DISTVERSIONPREFIX= v
-DISTVERSION= 2.1.0
-PORTREVISION= 3
+PORTVERSION= 2.3.0
CATEGORIES= security net
PKGNAMESUFFIX= -tor
@@ -11,82 +10,39 @@ COMMENT= Pluggable Transport using WebRTC inspired by Flashproxy
LICENSE= BSD3CLAUSE
LICENSE_FILE= ${WRKDIR}/${PORTNAME}-${TPO_SNOWFLAKE}/LICENSE
-RUN_DEPENDS= ca_root_nss>=0:security/ca_root_nss
+RUN_DEPENDS= ca_root_nss>=0:security/ca_root_nss \
+ tor:security/tor
-USES= cpe go
-USE_RC_SUBR= ${PORTNAME}
+USES= cpe go:modules
+USE_RC_SUBR= ${PORTNAME} ${PORTNAME}-broker
USE_GITHUB= nodefault
USE_GITLAB= nodefault
CPE_VENDOR= torproject
TPO_GEOIP= 7ce4b3d98d01ff33bad8007db3f488d5b172382a
-TPO_SNOWFLAKE= e6e5e20ae8b5883b37f5dea656540825e237d820
+TPO_SNOWFLAKE= c983c13a84554d0ba1ffcdd054491090c0eafc54
-GO_PKGNAME= git.torproject.org/pluggable-transports/snowflake.git/v2
-GO_TARGET= ./client ./proxy ./server
+
+GO_MODULE= git.torproject.org/pluggable-transports/snowflake.git/v2
+GO_BUILDFLAGS= -ldflags '-s -w -extldflags "-static"'
+GO_PKGNAME= ${GO_MODULE}
+GO_TARGET= ./broker ./client ./proxy ./server
GL_SITE= https://gitlab.torproject.org/tpo
GL_TUPLE= anti-censorship:pluggable-transports/${PORTNAME}:${TPO_SNOWFLAKE}:tpo_acs_snowflake/vendor/git.torproject.org/pluggable-transports/snowflake.git/v2 \
anti-censorship:geoip:${TPO_GEOIP}:tpo_acs_geoip/vendor/gitlab.torproject.org/tpo/anti-censorship/geoip
-GH_TUPLE= torbsd:goptlib:v1.2.0:torbsd_goptlib/vendor/git.torproject.org/pluggable-transports/goptlib.git \
- beorn7:perks:v1.0.1:beorn7_perks/vendor/github.com/beorn7/perks \
- cespare:xxhash:v2.1.1:cespare_xxhash_v2/vendor/github.com/cespare/xxhash/v2 \
- golang:crypto:513c2a44f670:golang_crypto/vendor/golang.org/x/crypto \
- golang:mod:v0.3.0:golang_mod/vendor/golang.org/x/mod \
- golang:net:d523dce5a7f4:golang_net/vendor/golang.org/x/net \
- golang:protobuf:v1.4.3:golang_protobuf/vendor/github.com/golang/protobuf \
- golang:sys:c4fcb01b228e:golang_sys/vendor/golang.org/x/sys \
- golang:text:v0.3.3:golang_text/vendor/golang.org/x/text \
- golang:tools:5bf02b21f123:golang_tools/vendor/golang.org/x/tools \
- golang:xerrors:5ec99f83aff1:golang_xerrors/vendor/golang.org/x/xerrors \
- google:uuid:v1.2.0:google_uuid/vendor/github.com/google/uuid \
- gopherjs:gopherjs:0766667cb4d1:gopherjs_gopherjs/vendor/github.com/gopherjs/gopherjs \
- gorilla:websocket:v1.4.1:gorilla_websocket/vendor/github.com/gorilla/websocket \
- jtolds:gls:v4.20.0:jtolds_gls/vendor/github.com/jtolds/gls \
- klauspost:cpuid:v1.3.1:klauspost_cpuid/vendor/github.com/klauspost/cpuid \
- klauspost:reedsolomon:v1.9.9:klauspost_reedsolomon/vendor/github.com/klauspost/reedsolomon \
- matttproud:golang_protobuf_extensions:v1.0.1:matttproud_golang_protobuf_extensions/vendor/github.com/matttproud/golang_protobuf_extensions \
- mmcloughlin:avo:443f81d77104:mmcloughlin_avo/vendor/github.com/mmcloughlin/avo \
- pion:datachannel:v1.4.21:pion_datachannel/vendor/github.com/pion/datachannel \
- pion:dtls:v2.0.12:pion_dtls_v2/vendor/github.com/pion/dtls/v2 \
- pion:ice:v2.0.15:pion_ice_v2/vendor/github.com/pion/ice/v2 \
- pion:interceptor:v0.0.10:pion_interceptor/vendor/github.com/pion/interceptor \
- pion:logging:v0.2.2:pion_logging/vendor/github.com/pion/logging \
- pion:mdns:v0.0.4:pion_mdns/vendor/github.com/pion/mdns \
- pion:randutil:v0.1.0:pion_randutil/vendor/github.com/pion/randutil \
- pion:rtcp:v1.2.6:pion_rtcp/vendor/github.com/pion/rtcp \
- pion:rtp:v1.6.2:pion_rtp/vendor/github.com/pion/rtp \
- pion:sctp:v1.7.11:pion_sctp/vendor/github.com/pion/sctp \
- pion:sdp:v3.0.4:pion_sdp_v3/vendor/github.com/pion/sdp/v3 \
- pion:srtp:v2.0.2:pion_srtp_v2/vendor/github.com/pion/srtp/v2 \
- pion:stun:v0.3.5:pion_stun/vendor/github.com/pion/stun \
- pion:transport:v0.12.3:pion_transport/vendor/github.com/pion/transport \
- pion:turn:v2.0.5:pion_turn_v2/vendor/github.com/pion/turn/v2 \
- pion:udp:v0.1.0:pion_udp/vendor/github.com/pion/udp \
- pion:webrtc:v3.0.15:pion_webrtc_v3/vendor/github.com/pion/webrtc/v3 \
- pkg:errors:v0.9.1:pkg_errors/vendor/github.com/pkg/errors \
- prometheus:client_golang:v1.10.0:prometheus_client_golang/vendor/github.com/prometheus/client_golang \
- prometheus:client_model:v0.2.0:prometheus_client_model/vendor/github.com/prometheus/client_model \
- prometheus:common:v0.18.0:prometheus_common/vendor/github.com/prometheus/common \
- prometheus:procfs:v0.6.0:prometheus_procfs/vendor/github.com/prometheus/procfs \
- protocolbuffers:protobuf-go:v1.23.0:protocolbuffers_protobuf_go/vendor/google.golang.org/protobuf \
- smartystreets:assertions:b2de0cb4f26d:smartystreets_assertions/vendor/github.com/smartystreets/assertions \
- smartystreets:goconvey:v1.6.4:smartystreets_goconvey/vendor/github.com/smartystreets/goconvey \
- stretchr:testify:v1.7.0:stretchr_testify/vendor/github.com/stretchr/testify \
- templexxx:cpu:v0.0.7:templexxx_cpu/vendor/github.com/templexxx/cpu \
- templexxx:xorsimd:v0.4.1:templexxx_xorsimd/vendor/github.com/templexxx/xorsimd \
- tjfoc:gmsm:v1.3.2:tjfoc_gmsm/vendor/github.com/tjfoc/gmsm \
- xtaci:kcp-go:v5.6.1:xtaci_kcp_go_v5/vendor/github.com/xtaci/kcp-go/v5 \
- xtaci:smux:v1.5.15:xtaci_smux/vendor/github.com/xtaci/smux
+GH_TUPLE= torbsd:goptlib:v1.2.0:torbsd_goptlib/vendor/git.torproject.org/pluggable-transports/goptlib.git
PLIST_SUB= MANPAGES=${MANPAGES}
SUB_FILES= pkg-message
pre-extract:
${MKDIR} ${WRKDIR}/pluggable-transports ${WRKDIR}/${PORTNAME}-${TPO_SNOWFLAKE} && \
- ${RLN} ${WRKDIR}/${PORTNAME}-${TPO_SNOWFLAKE} ${WRKDIR}/pluggable-transports/. && \
- ${LN} -sf ${WRKDIR}/${PORTNAME}-${TPO_SNOWFLAKE} ${WRKSRC} && \
- ${LN} -sf ${WRKSRC}/vendor ${WRKSRC}/src
+ ${RLN} ${WRKDIR}/${PORTNAME}-${TPO_SNOWFLAKE} ${WRKDIR}/pluggable-transports/.
+
+post-patch:
+ ${REINPLACE_CMD} "s|/usr/share|${PREFIX}/share|g" \
+ ${WRKDIR}/${GO_MODULE}@v${PORTVERSION}/broker/broker.go
post-install:
${MKDIR} ${STAGEDIR}/${MANPREFIX}/man/man1
@@ -94,6 +50,7 @@ post-install:
${INSTALL_MAN} ${WRKSRC}/doc/${PORTNAME}-$b.1 ${STAGEDIR}/${MANPREFIX}/man/man1
${MV} ${STAGEDIR}/${PREFIX}/bin/$b ${STAGEDIR}/${PREFIX}/bin/${PORTNAME}-$b
. endfor
+ ${MV} ${STAGEDIR}/${PREFIX}/bin/broker ${STAGEDIR}/${PREFIX}/bin/${PORTNAME}-broker
${MV} ${STAGEDIR}/${PREFIX}/bin/server ${STAGEDIR}/${PREFIX}/bin/${PORTNAME}
.include <bsd.port.mk>
diff --git a/security/snowflake-tor/distinfo b/security/snowflake-tor/distinfo
index ac901e33db37..b94a68db7c49 100644
--- a/security/snowflake-tor/distinfo
+++ b/security/snowflake-tor/distinfo
@@ -1,105 +1,11 @@
-TIMESTAMP = 1645367239
-SHA256 (torbsd-goptlib-v1.2.0_GH0.tar.gz) = ddb7add33157fdd60e3358c9a53f0e0db446fc320b4e4ecbbf36af0d96b2deeb
-SIZE (torbsd-goptlib-v1.2.0_GH0.tar.gz) = 29678
-SHA256 (beorn7-perks-v1.0.1_GH0.tar.gz) = 98db84bb0224a26094e6adba91b7ee7a1a7ace28cb648d818f8e779e6a19f825
-SIZE (beorn7-perks-v1.0.1_GH0.tar.gz) = 10867
-SHA256 (cespare-xxhash-v2.1.1_GH0.tar.gz) = 0ee31178d2c5a1249be4e26294a2f428008dc4e1ecbbfbe47f74e41026df1148
-SIZE (cespare-xxhash-v2.1.1_GH0.tar.gz) = 9292
-SHA256 (golang-crypto-513c2a44f670_GH0.tar.gz) = 046d89ee939ed65f763df29952ce76db2029edad4d89f29df0021b497997e828
-SIZE (golang-crypto-513c2a44f670_GH0.tar.gz) = 1726135
-SHA256 (golang-mod-v0.3.0_GH0.tar.gz) = bc97bb300928a00cfe64d97b3240c760668060cda0767e0d0b413e506fc3fa0a
-SIZE (golang-mod-v0.3.0_GH0.tar.gz) = 93941
-SHA256 (golang-net-d523dce5a7f4_GH0.tar.gz) = 2845c6b37390b25a88a8a71e211e1ed9da8a1f6363baa275d6d30e8dd0d00a21
-SIZE (golang-net-d523dce5a7f4_GH0.tar.gz) = 1252646
-SHA256 (golang-protobuf-v1.4.3_GH0.tar.gz) = 5736f943f8647362f5559689df6154f3c85d261fb088867c8a68494e2a767610
-SIZE (golang-protobuf-v1.4.3_GH0.tar.gz) = 171969
-SHA256 (golang-sys-c4fcb01b228e_GH0.tar.gz) = a0cdad06d571d1dc0c19193ede76545273df36e68ea7dee0c18d761824fe7ba7
-SIZE (golang-sys-c4fcb01b228e_GH0.tar.gz) = 1217654
-SHA256 (golang-text-v0.3.3_GH0.tar.gz) = 1604233637e3593749fbbb13b5069b08e6feba6d2b55a02fd3148793d5871185
-SIZE (golang-text-v0.3.3_GH0.tar.gz) = 7747332
-SHA256 (golang-tools-5bf02b21f123_GH0.tar.gz) = 9aef523adadb4fe6c4567b813d49cc5bb4eb301f136f05955e9561ac1bbae65c
-SIZE (golang-tools-5bf02b21f123_GH0.tar.gz) = 2533344
-SHA256 (golang-xerrors-5ec99f83aff1_GH0.tar.gz) = 71975d658357e170fd6a41f92539cde8b39c9cd8bfe5931b6311bc5f5c0da0d7
-SIZE (golang-xerrors-5ec99f83aff1_GH0.tar.gz) = 13664
-SHA256 (google-uuid-v1.2.0_GH0.tar.gz) = 53ba896ce398435b3ba4f9375f5d4908b09c79daaa54ecd4e5000b7bef984380
-SIZE (google-uuid-v1.2.0_GH0.tar.gz) = 14158
-SHA256 (gopherjs-gopherjs-0766667cb4d1_GH0.tar.gz) = bc4d58aabc0e9958a9b8f9ebd835f1deabe5061750d070fc1e2e41fe6e6d643a
-SIZE (gopherjs-gopherjs-0766667cb4d1_GH0.tar.gz) = 217279
-SHA256 (gorilla-websocket-v1.4.1_GH0.tar.gz) = 9e5bd337d58a978bf4072767252ddb394b53e2b459697633794abd96e8eb3fa6
-SIZE (gorilla-websocket-v1.4.1_GH0.tar.gz) = 54218
-SHA256 (jtolds-gls-v4.20.0_GH0.tar.gz) = 5223a689f315fc53c5bc271b3a8259032cc74f5311a6d7c1f700a1c65d40c2b2
-SIZE (jtolds-gls-v4.20.0_GH0.tar.gz) = 7306
-SHA256 (klauspost-cpuid-v1.3.1_GH0.tar.gz) = 3bf2da7358c8ed33c05bac2ca733749ade03eadf184d81cc7b16fcbe2e230f1d
-SIZE (klauspost-cpuid-v1.3.1_GH0.tar.gz) = 367144
-SHA256 (klauspost-reedsolomon-v1.9.9_GH0.tar.gz) = d6f4737f20f6cdba9fcbae08611ace58a2ccba050883413fcd3ec3b2b8c305a9
-SIZE (klauspost-reedsolomon-v1.9.9_GH0.tar.gz) = 197069
-SHA256 (matttproud-golang_protobuf_extensions-v1.0.1_GH0.tar.gz) = 2def0ee6f6b12b1efc0e3007d89f598608a072610e805c3655ea9d13c3ead49b
-SIZE (matttproud-golang_protobuf_extensions-v1.0.1_GH0.tar.gz) = 37184
-SHA256 (mmcloughlin-avo-443f81d77104_GH0.tar.gz) = 79e0963d0b15115696ffb61557d70732fcf8342cee135b7a6e04477e0a0b021b
-SIZE (mmcloughlin-avo-443f81d77104_GH0.tar.gz) = 466477
-SHA256 (pion-datachannel-v1.4.21_GH0.tar.gz) = 2186491629973bbb01fb42269307c39a8a86406d18a47346c3e7eb8874829c19
-SIZE (pion-datachannel-v1.4.21_GH0.tar.gz) = 16177
-SHA256 (pion-dtls-v2.0.12_GH0.tar.gz) = ad7c4d2c8d44acbfd5ca06ca963e5fd3ab61b263c3fac0da21ba80787061b041
-SIZE (pion-dtls-v2.0.12_GH0.tar.gz) = 129949
-SHA256 (pion-ice-v2.0.15_GH0.tar.gz) = 06c6f7faafb29ba2f86cff629d993434da19cc778e85b01050ce3aafa4ccdc2f
-SIZE (pion-ice-v2.0.15_GH0.tar.gz) = 76161
-SHA256 (pion-interceptor-v0.0.10_GH0.tar.gz) = 4c0cc8a4d1dde5c98f716255a471f872d069b8afa7b7060eafa0e27b03bf66dc
-SIZE (pion-interceptor-v0.0.10_GH0.tar.gz) = 24677
-SHA256 (pion-logging-v0.2.2_GH0.tar.gz) = 9e06f3dbf6f4fcf0e61e3a6406cac898fe3df86cb906bc9d73c7c4b466f0a9d6
-SIZE (pion-logging-v0.2.2_GH0.tar.gz) = 6750
-SHA256 (pion-mdns-v0.0.4_GH0.tar.gz) = 1fb71d132214d55af39cfdfe85e7e3d9a0f38c365ce1c3d47ee75e041c4ab817
-SIZE (pion-mdns-v0.0.4_GH0.tar.gz) = 8341
-SHA256 (pion-randutil-v0.1.0_GH0.tar.gz) = 4b0301915ebbfa77c8621cebf99c6c7d71651762a33ce4fa4e6af8994ecd4993
-SIZE (pion-randutil-v0.1.0_GH0.tar.gz) = 7521
-SHA256 (pion-rtcp-v1.2.6_GH0.tar.gz) = d65f7c73740de81ba4e92095818b4d246428fa48538b6ef0e648c2d3850a5510
-SIZE (pion-rtcp-v1.2.6_GH0.tar.gz) = 40259
-SHA256 (pion-rtp-v1.6.2_GH0.tar.gz) = ea9e06a33749e882641c86440d59ac109ff2e03a105a5e60b637c2f7c74bd680
-SIZE (pion-rtp-v1.6.2_GH0.tar.gz) = 29320
-SHA256 (pion-sctp-v1.7.11_GH0.tar.gz) = 2c1a2bae7b4bfd01374d058a94896350d31c5a0ccf408f21d251a7d9621c2a0d
-SIZE (pion-sctp-v1.7.11_GH0.tar.gz) = 79339
-SHA256 (pion-sdp-v3.0.4_GH0.tar.gz) = 4645d2a7615f8aa46c16e98641ee1fb7c62cbaff2722af5af8dca5f550b3a8fe
-SIZE (pion-sdp-v3.0.4_GH0.tar.gz) = 27532
-SHA256 (pion-srtp-v2.0.2_GH0.tar.gz) = 68e060733cad6ed97d77593962f5a73b04fd0ac324cbd303120cdd900a903a79
-SIZE (pion-srtp-v2.0.2_GH0.tar.gz) = 32383
-SHA256 (pion-stun-v0.3.5_GH0.tar.gz) = d0afd31208886b98705315fc43626ae0984b6fa57c17a8b223735cb37f95617c
-SIZE (pion-stun-v0.3.5_GH0.tar.gz) = 81069
-SHA256 (pion-transport-v0.12.3_GH0.tar.gz) = 5957e0a21f6f67accba7ef5548b54d4dfc8768b374b54a15a318411c346b0c88
-SIZE (pion-transport-v0.12.3_GH0.tar.gz) = 60860
-SHA256 (pion-turn-v2.0.5_GH0.tar.gz) = 81fd4851835d9068cafefcabcb891d9a358d11dd6c15349bb3c238b7663894d3
-SIZE (pion-turn-v2.0.5_GH0.tar.gz) = 115618
-SHA256 (pion-udp-v0.1.0_GH0.tar.gz) = 2dd4ba95bf3894d79e4a92dcd9e33f4bbf55394e23987fa362c94ddb065cac55
-SIZE (pion-udp-v0.1.0_GH0.tar.gz) = 7482
-SHA256 (pion-webrtc-v3.0.15_GH0.tar.gz) = 8e796d728bf31cb0a71dbaf05fa6a618460a156c1aa05d8c5ef57812fd74390e
-SIZE (pion-webrtc-v3.0.15_GH0.tar.gz) = 321654
-SHA256 (pkg-errors-v0.9.1_GH0.tar.gz) = 56bfd893023daa498508bfe161de1be83299fcf15376035e7df79cbd7d6fa608
-SIZE (pkg-errors-v0.9.1_GH0.tar.gz) = 13415
-SHA256 (prometheus-client_golang-v1.10.0_GH0.tar.gz) = e7305f84aa6553d9dd4bfd148d29289df36a9df82dae7be3c6eda62feb56f3d1
-SIZE (prometheus-client_golang-v1.10.0_GH0.tar.gz) = 176316
-SHA256 (prometheus-client_model-v0.2.0_GH0.tar.gz) = 4ab1be9cdfa702d7f49beeb09a256bcc6a2aad55e8a0a37e7732a46934264e12
-SIZE (prometheus-client_model-v0.2.0_GH0.tar.gz) = 10986
-SHA256 (prometheus-common-v0.18.0_GH0.tar.gz) = 64b0963add6f1945d8da40452d9bf796db263e4d8aba26cf17fdcc3f76b8f940
-SIZE (prometheus-common-v0.18.0_GH0.tar.gz) = 123693
-SHA256 (prometheus-procfs-v0.6.0_GH0.tar.gz) = 6ad7a23cf4db9fa5dbf2c5d8fbd0fbf5ffe48e3ddb7bf15f9359813d764ce73c
-SIZE (prometheus-procfs-v0.6.0_GH0.tar.gz) = 169898
-SHA256 (protocolbuffers-protobuf-go-v1.23.0_GH0.tar.gz) = e7266bedaa4f110216fce52ae533dc5eba475d3829bb0592e8876684e202ae1f
-SIZE (protocolbuffers-protobuf-go-v1.23.0_GH0.tar.gz) = 1214648
-SHA256 (smartystreets-assertions-b2de0cb4f26d_GH0.tar.gz) = f9a1971c377083f255d18faedf07aba988e9d14780c5ef398db15c6f2281c4d6
-SIZE (smartystreets-assertions-b2de0cb4f26d_GH0.tar.gz) = 52225
-SHA256 (smartystreets-goconvey-v1.6.4_GH0.tar.gz) = 88714f84d0a989c4ba60e1f2b65e426dc7e23058ca0b9f06cb77613cb22b010b
-SIZE (smartystreets-goconvey-v1.6.4_GH0.tar.gz) = 1478622
-SHA256 (stretchr-testify-v1.7.0_GH0.tar.gz) = 560c0984072cb436b17bbce5699b205d5aa2beb58ef7a94530d7724b5739a8d6
-SIZE (stretchr-testify-v1.7.0_GH0.tar.gz) = 91073
-SHA256 (templexxx-cpu-v0.0.7_GH0.tar.gz) = 2309220323983c8e8eef4dc2aa4273da31dbd791be23d811c4f661b46aff8415
-SIZE (templexxx-cpu-v0.0.7_GH0.tar.gz) = 11626
-SHA256 (templexxx-xorsimd-v0.4.1_GH0.tar.gz) = 545ae9a4ef9aae3e11baf20b0c1d3bfe7d9627d1f56d8e009f960d3214e0c075
-SIZE (templexxx-xorsimd-v0.4.1_GH0.tar.gz) = 8028
-SHA256 (tjfoc-gmsm-v1.3.2_GH0.tar.gz) = 55d6a4c3b15436c030f81c973a6442a0678eb09b194689ba233e11f16cabf9c4
-SIZE (tjfoc-gmsm-v1.3.2_GH0.tar.gz) = 1232379
-SHA256 (xtaci-kcp-go-v5.6.1_GH0.tar.gz) = 27f03bc2bc6e9da3e640feed1490e6f0a1c2515f23bf6982dbfe32176189de4b
-SIZE (xtaci-kcp-go-v5.6.1_GH0.tar.gz) = 177215
-SHA256 (xtaci-smux-v1.5.15_GH0.tar.gz) = 6197a37eff68b0565ac846534bad7d8f8392b538766d71ca5b33b82bb439b30b
-SIZE (xtaci-smux-v1.5.15_GH0.tar.gz) = 138022
-SHA256 (anti-censorship-pluggable-transports/snowflake-e6e5e20ae8b5883b37f5dea656540825e237d820_GL0.tar.gz) = 6820c5c2bb34028ab68f4cd2af95689651ec2501ae9019d68110cb629f582a35
-SIZE (anti-censorship-pluggable-transports/snowflake-e6e5e20ae8b5883b37f5dea656540825e237d820_GL0.tar.gz) = 143989
-SHA256 (anti-censorship-geoip-7ce4b3d98d01ff33bad8007db3f488d5b172382a_GL0.tar.gz) = d4db97d4c95cf7ad80dbfcbada55da423d207e41c69707c7f108efc9c26165e2
-SIZE (anti-censorship-geoip-7ce4b3d98d01ff33bad8007db3f488d5b172382a_GL0.tar.gz) = 20279
+TIMESTAMP = 1659212928
+SHA256 (go/security_snowflake-tor/snowflake-v2.3.0/v2.3.0.mod) = 16690d104a1180f9855e6e88d8d054c8eb3d0e016a164d42a28d4eb775171f79
+SIZE (go/security_snowflake-tor/snowflake-v2.3.0/v2.3.0.mod) = 899
+SHA256 (go/security_snowflake-tor/snowflake-v2.3.0/v2.3.0.zip) = 8524fd1c51b0c89a20f25abfe657b8cca54433e7297c52d0cd90f1849a143447
+SIZE (go/security_snowflake-tor/snowflake-v2.3.0/v2.3.0.zip) = 205248
+SHA256 (go/security_snowflake-tor/snowflake-v2.3.0/torbsd-goptlib-v1.2.0_GH0.tar.gz) = ddb7add33157fdd60e3358c9a53f0e0db446fc320b4e4ecbbf36af0d96b2deeb
+SIZE (go/security_snowflake-tor/snowflake-v2.3.0/torbsd-goptlib-v1.2.0_GH0.tar.gz) = 29678
+SHA256 (go/security_snowflake-tor/snowflake-v2.3.0/anti-censorship-pluggable-transports/snowflake-c983c13a84554d0ba1ffcdd054491090c0eafc54_GL0.tar.gz) = 792df65b3be059a2cb56ef734a134f29bbec301ff76f8ac2f24ae67b43d222a7
+SIZE (go/security_snowflake-tor/snowflake-v2.3.0/anti-censorship-pluggable-transports/snowflake-c983c13a84554d0ba1ffcdd054491090c0eafc54_GL0.tar.gz) = 156959
+SHA256 (go/security_snowflake-tor/snowflake-v2.3.0/anti-censorship-geoip-7ce4b3d98d01ff33bad8007db3f488d5b172382a_GL0.tar.gz) = d4db97d4c95cf7ad80dbfcbada55da423d207e41c69707c7f108efc9c26165e2
+SIZE (go/security_snowflake-tor/snowflake-v2.3.0/anti-censorship-geoip-7ce4b3d98d01ff33bad8007db3f488d5b172382a_GL0.tar.gz) = 20279
diff --git a/security/snowflake-tor/files/snowflake-broker.in b/security/snowflake-tor/files/snowflake-broker.in
new file mode 100644
index 000000000000..3113d655db55
--- /dev/null
+++ b/security/snowflake-tor/files/snowflake-broker.in
@@ -0,0 +1,29 @@
+#!/bin/sh
+
+# PROVIDE: snowflake-broker
+# REQUIRE: cleanvar SERVERS
+#
+# Options to configure it via /etc/rc.conf:
+#
+# snowflake_broker_enable (bool) Enable service on boot. Default: NO
+# snowflake_broker_args (str) Broker arguments. Default: -addr 127.0.0.1:8080 -disable-tls
+# snowflake_broker_user (str) User to run as. Default: _tor
+
+. /etc/rc.subr
+
+name="snowflake-broker"
+rcvar="snowflake_broker_enable"
+pidfile="/var/run/${name}.pid"
+logfile="/var/log/${name}.log"
+procname="%%PREFIX%%/bin/${name}"
+
+load_rc_config $name
+
+: ${snowflake_broker_enable:="NO"}
+: ${snowflake_broker_args:="-addr 127.0.0.1:8080 -disable-tls"}
+: ${snowflake_broker_user:="_tor"}
+
+command="/usr/sbin/daemon"
+command_args="-p ${pidfile} -u ${snowflake_broker_user} -o ${logfile} -f ${procname} ${snowflake_broker_args}"
+
+run_rc_command "$1"
diff --git a/security/snowflake-tor/pkg-plist b/security/snowflake-tor/pkg-plist
index 873c75fe7046..cbb389b75e78 100644
--- a/security/snowflake-tor/pkg-plist
+++ b/security/snowflake-tor/pkg-plist
@@ -1,4 +1,5 @@
bin/snowflake
+bin/snowflake-broker
bin/snowflake-client
bin/snowflake-proxy
%%MANPAGES%%man/man1/snowflake-client.1.gz