svn commit: r468034 - in head/net: . sniproxy sniproxy/files
Kirill Ponomarev
krion at FreeBSD.org
Sun Apr 22 15:25:50 UTC 2018
Author: krion
Date: Sun Apr 22 15:25:48 2018
New Revision: 468034
URL: https://svnweb.freebsd.org/changeset/ports/468034
Log:
SNIproxy - Proxies incoming HTTP and TLS connections based on the
hostname contained in the initial request of the TCP session. This
enables HTTPS name-based virtual hosting to separate backend servers
without installing the private key on the proxy machine.
Features:
Name-based proxying of HTTPS without decrypting traffic. No keys or
certificates required.
Supports both TLS and HTTP protocols.
Supports IPv4, IPv6 and Unix domain sockets for both back end
servers and listeners.
Supports multiple listening sockets per instance.
Supports HAProxy proxy protocol to propagate original source address
to backend servers.
WWW: https://github.com/dlundquist/sniproxy
Added:
head/net/sniproxy/
head/net/sniproxy/Makefile (contents, props changed)
head/net/sniproxy/distinfo (contents, props changed)
head/net/sniproxy/files/
head/net/sniproxy/files/pkg-message.in (contents, props changed)
head/net/sniproxy/files/sniproxy.in (contents, props changed)
head/net/sniproxy/pkg-descr (contents, props changed)
Modified:
head/net/Makefile
Modified: head/net/Makefile
==============================================================================
--- head/net/Makefile Sun Apr 22 15:10:28 2018 (r468033)
+++ head/net/Makefile Sun Apr 22 15:25:48 2018 (r468034)
@@ -1373,6 +1373,7 @@
SUBDIR += smm++
SUBDIR += sngrep
SUBDIR += sniffit
+ SUBDIR += sniproxy
SUBDIR += sntop
SUBDIR += sobby
SUBDIR += socat
Added: head/net/sniproxy/Makefile
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/sniproxy/Makefile Sun Apr 22 15:25:48 2018 (r468034)
@@ -0,0 +1,42 @@
+# $FreeBSD$
+
+PORTNAME= sniproxy
+DISTVERSION= 0.5.0
+CATEGORIES= net
+
+MAINTAINER= krion at FreeBSD.org
+COMMENT= Proxy that routes based on TLS server name extension
+
+LICENSE= BSD2CLAUSE
+LICENSE_FILE= ${WRKSRC}/COPYING
+
+LIB_DEPENDS= libev.so:devel/libev \
+ libpcre.so:devel/pcre \
+ libudns.so:dns/udns
+
+USES= autoreconf:build gettext pkgconfig
+
+SUB_FILES= pkg-message
+USE_RC_SUBR= sniproxy
+
+USE_GITHUB= yes
+GH_ACCOUNT= dlundquist
+
+GNU_CONFIGURE= yes
+USE_LDCONFIG= yes
+
+PLIST_FILES= man/man5/sniproxy.conf.5.gz \
+ man/man8/sniproxy.8.gz \
+ sbin/sniproxy \
+ "@sample etc/sniproxy.conf.sample"
+
+pre-configure:
+ cd ${WRKSRC} && ${SH} autogen.sh
+
+post-patch:
+ @${REINPLACE_CMD} -e 's|/var/tmp/|/var/run/|' ${WRKSRC}/${PORTNAME}.conf
+
+post-install::
+ ${INSTALL_DATA} ${WRKSRC}/sniproxy.conf ${STAGEDIR}${PREFIX}/etc/sniproxy.conf.sample
+
+.include <bsd.port.mk>
Added: head/net/sniproxy/distinfo
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/sniproxy/distinfo Sun Apr 22 15:25:48 2018 (r468034)
@@ -0,0 +1,3 @@
+TIMESTAMP = 1524378674
+SHA256 (dlundquist-sniproxy-0.5.0_GH0.tar.gz) = 0b8dd06f9aa9e1c4151b572caf645ffceacdd35a139ded16a7fb0035452c17e5
+SIZE (dlundquist-sniproxy-0.5.0_GH0.tar.gz) = 72654
Added: head/net/sniproxy/files/pkg-message.in
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/sniproxy/files/pkg-message.in Sun Apr 22 15:25:48 2018 (r468034)
@@ -0,0 +1,9 @@
+*******************************************************************
+ Enable sniproxy in /etc/rc.conf with the following line:
+
+ sniproxy_enable="YES"
+
+ A configuration template is available in
+ %%PREFIX%%/etc/sniproxy.conf
+
+*******************************************************************
Added: head/net/sniproxy/files/sniproxy.in
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/sniproxy/files/sniproxy.in Sun Apr 22 15:25:48 2018 (r468034)
@@ -0,0 +1,39 @@
+#!/bin/sh
+#
+#$FreeBSD$
+#
+
+# PROVIDE: sniproxy
+# REQUIRE: SERVERS cleanvar
+# BEFORE: DAEMON
+# KEYWORD: shutdown
+
+#
+# Add the following lines to /etc/rc.conf to enable sniproxy:
+#
+# sniproxy_enable="YES"
+#
+#
+
+. /etc/rc.subr
+
+name=sniproxy
+rcvar=sniproxy_enable
+
+command=%%PREFIX%%/sbin/sniproxy
+
+pidfile=${sniproxy_pidfile:-"/var/run/sniproxy.pid
+
+sniproxy_enable=${sniproxy_enable:-"NO"}
+sniproxy_conf=${sniproxy_conf:-"%%PREFIX%%/etc/sniproxy.conf"}
+
+stop_postcmd="rm -f $pidfile"
+sig_reload="HUP"
+
+load_rc_config ${name}
+
+required_files=${sniproxy_conf}
+
+command_args="-c ${sniproxy_conf}"
+run_rc_command "$1"
+
Added: head/net/sniproxy/pkg-descr
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/sniproxy/pkg-descr Sun Apr 22 15:25:48 2018 (r468034)
@@ -0,0 +1,21 @@
+SNIproxy - Proxies incoming HTTP and TLS connections based on the
+hostname contained in the initial request of the TCP session. This
+enables HTTPS name-based virtual hosting to separate backend servers
+without installing the private key on the proxy machine.
+
+Features:
+
+Name-based proxying of HTTPS without decrypting traffic. No keys or
+certificates required.
+
+Supports both TLS and HTTP protocols.
+
+Supports IPv4, IPv6 and Unix domain sockets for both back end
+servers and listeners.
+
+Supports multiple listening sockets per instance.
+
+Supports HAProxy proxy protocol to propagate original source address
+to backend servers.
+
+WWW: https://github.com/dlundquist/sniproxy
More information about the svn-ports-head
mailing list