diff options
| author | krion <krion@FreeBSD.org> | 2018-04-22 23:25:48 +0800 |
|---|---|---|
| committer | krion <krion@FreeBSD.org> | 2018-04-22 23:25:48 +0800 |
| commit | e409b915054d58c8c08a8191d173fbbfd8083056 (patch) | |
| tree | a3c15b3c697ea264a289ec3078b45e3706cd3e9e | |
| parent | 587081103645fca100c10a9c8ed33fcaf7750387 (diff) | |
| download | freebsd-ports-gnome-e409b915054d58c8c08a8191d173fbbfd8083056.tar.gz freebsd-ports-gnome-e409b915054d58c8c08a8191d173fbbfd8083056.tar.zst freebsd-ports-gnome-e409b915054d58c8c08a8191d173fbbfd8083056.zip | |
SNIproxy - Proxies incoming HTTP and TLS connections based on the
hostname contained in the initial request of the TCP session. This
enables HTTPS name-based virtual hosting to separate backend servers
without installing the private key on the proxy machine.
Features:
Name-based proxying of HTTPS without decrypting traffic. No keys or
certificates required.
Supports both TLS and HTTP protocols.
Supports IPv4, IPv6 and Unix domain sockets for both back end
servers and listeners.
Supports multiple listening sockets per instance.
Supports HAProxy proxy protocol to propagate original source address
to backend servers.
WWW: https://github.com/dlundquist/sniproxy
| -rw-r--r-- | net/Makefile | 1 | ||||
| -rw-r--r-- | net/sniproxy/Makefile | 42 | ||||
| -rw-r--r-- | net/sniproxy/distinfo | 3 | ||||
| -rw-r--r-- | net/sniproxy/files/pkg-message.in | 9 | ||||
| -rw-r--r-- | net/sniproxy/files/sniproxy.in | 39 | ||||
| -rw-r--r-- | net/sniproxy/pkg-descr | 21 |
6 files changed, 115 insertions, 0 deletions
diff --git a/net/Makefile b/net/Makefile index 9f67a22c3058..ac27f1bb2365 100644 --- a/net/Makefile +++ b/net/Makefile @@ -1373,6 +1373,7 @@ SUBDIR += smm++ SUBDIR += sngrep SUBDIR += sniffit + SUBDIR += sniproxy SUBDIR += sntop SUBDIR += sobby SUBDIR += socat diff --git a/net/sniproxy/Makefile b/net/sniproxy/Makefile new file mode 100644 index 000000000000..804229b8a6e5 --- /dev/null +++ b/net/sniproxy/Makefile @@ -0,0 +1,42 @@ +# $FreeBSD$ + +PORTNAME= sniproxy +DISTVERSION= 0.5.0 +CATEGORIES= net + +MAINTAINER= krion@FreeBSD.org +COMMENT= Proxy that routes based on TLS server name extension + +LICENSE= BSD2CLAUSE +LICENSE_FILE= ${WRKSRC}/COPYING + +LIB_DEPENDS= libev.so:devel/libev \ + libpcre.so:devel/pcre \ + libudns.so:dns/udns + +USES= autoreconf:build gettext pkgconfig + +SUB_FILES= pkg-message +USE_RC_SUBR= sniproxy + +USE_GITHUB= yes +GH_ACCOUNT= dlundquist + +GNU_CONFIGURE= yes +USE_LDCONFIG= yes + +PLIST_FILES= man/man5/sniproxy.conf.5.gz \ + man/man8/sniproxy.8.gz \ + sbin/sniproxy \ + "@sample etc/sniproxy.conf.sample" + +pre-configure: + cd ${WRKSRC} && ${SH} autogen.sh + +post-patch: + @${REINPLACE_CMD} -e 's|/var/tmp/|/var/run/|' ${WRKSRC}/${PORTNAME}.conf + +post-install:: + ${INSTALL_DATA} ${WRKSRC}/sniproxy.conf ${STAGEDIR}${PREFIX}/etc/sniproxy.conf.sample + +.include <bsd.port.mk> diff --git a/net/sniproxy/distinfo b/net/sniproxy/distinfo new file mode 100644 index 000000000000..4a1fe3fcd30b --- /dev/null +++ b/net/sniproxy/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1524378674 +SHA256 (dlundquist-sniproxy-0.5.0_GH0.tar.gz) = 0b8dd06f9aa9e1c4151b572caf645ffceacdd35a139ded16a7fb0035452c17e5 +SIZE (dlundquist-sniproxy-0.5.0_GH0.tar.gz) = 72654 diff --git a/net/sniproxy/files/pkg-message.in b/net/sniproxy/files/pkg-message.in new file mode 100644 index 000000000000..f11a0261fe5e --- /dev/null +++ b/net/sniproxy/files/pkg-message.in @@ -0,0 +1,9 @@ +******************************************************************* + Enable sniproxy in /etc/rc.conf with the following line: + + sniproxy_enable="YES" + + A configuration template is available in + %%PREFIX%%/etc/sniproxy.conf + +******************************************************************* diff --git a/net/sniproxy/files/sniproxy.in b/net/sniproxy/files/sniproxy.in new file mode 100644 index 000000000000..52f4ba5f0a8e --- /dev/null +++ b/net/sniproxy/files/sniproxy.in @@ -0,0 +1,39 @@ +#!/bin/sh +# +#$FreeBSD$ +# + +# PROVIDE: sniproxy +# REQUIRE: SERVERS cleanvar +# BEFORE: DAEMON +# KEYWORD: shutdown + +# +# Add the following lines to /etc/rc.conf to enable sniproxy: +# +# sniproxy_enable="YES" +# +# + +. /etc/rc.subr + +name=sniproxy +rcvar=sniproxy_enable + +command=%%PREFIX%%/sbin/sniproxy + +pidfile=${sniproxy_pidfile:-"/var/run/sniproxy.pid + +sniproxy_enable=${sniproxy_enable:-"NO"} +sniproxy_conf=${sniproxy_conf:-"%%PREFIX%%/etc/sniproxy.conf"} + +stop_postcmd="rm -f $pidfile" +sig_reload="HUP" + +load_rc_config ${name} + +required_files=${sniproxy_conf} + +command_args="-c ${sniproxy_conf}" +run_rc_command "$1" + diff --git a/net/sniproxy/pkg-descr b/net/sniproxy/pkg-descr new file mode 100644 index 000000000000..9901c6db5e26 --- /dev/null +++ b/net/sniproxy/pkg-descr @@ -0,0 +1,21 @@ +SNIproxy - Proxies incoming HTTP and TLS connections based on the +hostname contained in the initial request of the TCP session. This +enables HTTPS name-based virtual hosting to separate backend servers +without installing the private key on the proxy machine. + +Features: + +Name-based proxying of HTTPS without decrypting traffic. No keys or +certificates required. + +Supports both TLS and HTTP protocols. + +Supports IPv4, IPv6 and Unix domain sockets for both back end +servers and listeners. + +Supports multiple listening sockets per instance. + +Supports HAProxy proxy protocol to propagate original source address +to backend servers. + +WWW: https://github.com/dlundquist/sniproxy |