diff options
| author | bofh <bofh@FreeBSD.org> | 2019-03-06 21:56:23 +0800 |
|---|---|---|
| committer | bofh <bofh@FreeBSD.org> | 2019-03-06 21:56:23 +0800 |
| commit | 5ef647415a99af8739bbc8e09774a00126f0776e (patch) | |
| tree | 4b7bfc0abd27f9912fd536f97f571a7649e2ea4a | |
| parent | 4b48474865c2a7fa4a97268c84c0008dcab94918 (diff) | |
| download | freebsd-ports-gnome-5ef647415a99af8739bbc8e09774a00126f0776e.tar.gz freebsd-ports-gnome-5ef647415a99af8739bbc8e09774a00126f0776e.tar.zst freebsd-ports-gnome-5ef647415a99af8739bbc8e09774a00126f0776e.zip | |
[NEW] security/sslproxy: Transparent and scalable SSL/TLS interception
SSLproxy is a proxy for SSL/TLS encrypted network connections. It is intended to
be used for decrypting and diverting network traffic to other programs, such as
UTM services, for deep SSL inspection.
SSLproxy is designed to transparently terminate connections that are redirected
to it using a network address translation engine. SSLproxy then terminates
SSL/TLS and initiates a new SSL/TLS connection to the original destination
address. Packets received on the client side are decrypted and sent to the
program listening on a port given in the proxy specification. SSLproxy inserts
in the first packet the address and port it is expecting to receive the packets
back from the program. Upon receiving the packets back, SSLproxy re-encrypts and
sends them to their original destination. The return traffic follows the same
path back to the client in reverse order.
WWW: https://github.com/sonertari/SSLproxy
Please note that the sslproxy deleted and sslproxy created are not the same
application.
| -rw-r--r-- | MOVED | 1 | ||||
| -rw-r--r-- | security/Makefile | 1 | ||||
| -rw-r--r-- | security/sslproxy/Makefile | 27 | ||||
| -rw-r--r-- | security/sslproxy/distinfo | 3 | ||||
| -rw-r--r-- | security/sslproxy/files/patch-GNUmakefile | 50 | ||||
| -rw-r--r-- | security/sslproxy/files/patch-pxyconn.h | 13 | ||||
| -rw-r--r-- | security/sslproxy/pkg-descr | 15 |
7 files changed, 109 insertions, 1 deletions
@@ -4048,7 +4048,6 @@ sysutils/sarah||2013-03-03|Has expired: No more upstream, no more public distfil www/igal||2013-03-03|Has expired: No more upstream, no more public distfiles, consider using www/llgal finance/tinyerp-server||2013-03-03|Has expired: No more upstream, no more public distfiles, consider using finance/openerp-server ports-mgmt/portcheck||2013-03-03|Has expired: No more upstream, no more public distfiles -security/sslproxy||2013-03-03|Has expired: Abandoned upstream x11-themes/e17-theme-darkness||2013-03-03|Has expired: No more public distfiles x11-themes/e17-theme-cthulhain||2013-03-03|Has expired: Dead upstream since 2008 x11-servers/driglide||2013-03-03|Has expired: 3dfx is dead, fails to compile on recent versions of FreeBSD diff --git a/security/Makefile b/security/Makefile index 3eee7e850403..865449d3dd86 100644 --- a/security/Makefile +++ b/security/Makefile @@ -1277,6 +1277,7 @@ SUBDIR += sshpass SUBDIR += ssl-admin SUBDIR += ssllabs-scan + SUBDIR += sslproxy SUBDIR += sslscan SUBDIR += sslsniffer SUBDIR += sslsplit diff --git a/security/sslproxy/Makefile b/security/sslproxy/Makefile new file mode 100644 index 000000000000..5dd726be5813 --- /dev/null +++ b/security/sslproxy/Makefile @@ -0,0 +1,27 @@ +# $FreeBSD$ + +PORTNAME= sslproxy +PORTVERSION= 0.5.9 +DISTVERSIONPREFIX= v +PORTEPOCH= 1 +CATEGORIES= security + +MAINTAINER= bofh@FreeBSD.org +COMMENT= Transparent and scalable SSL/TLS interception + +LICENSE= BSD2CLAUSE + +LIB_DEPENDS= libevent.so:devel/libevent \ + libnet.so:net/libnet + +USES= gmake pkgconfig uidfix ssl +USE_GITHUB= yes +GH_ACCOUNT= sonertari +GH_PROJECT= SSLproxy + +MAKEFILE= GNUmakefile +MAKE_ENV= DESTDIR=${STAGEDIR} MANDIR=man INSTALLUID=${UID} INSTALLGID=${GID} +PLIST_FILES= bin/sslproxy man/man1/sslproxy.1.gz man/man5/sslproxy.conf.5.gz \ + "@sample etc/sslproxy.conf.sample" + +.include <bsd.port.mk> diff --git a/security/sslproxy/distinfo b/security/sslproxy/distinfo new file mode 100644 index 000000000000..6e563eabb7fc --- /dev/null +++ b/security/sslproxy/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1551812754 +SHA256 (sonertari-SSLproxy-v0.5.9_GH0.tar.gz) = 669cd763f83c8faa69e6fb2854e09cb724960075b088cbac5df994613423a4cb +SIZE (sonertari-SSLproxy-v0.5.9_GH0.tar.gz) = 1777393 diff --git a/security/sslproxy/files/patch-GNUmakefile b/security/sslproxy/files/patch-GNUmakefile new file mode 100644 index 000000000000..8fbc6c229d43 --- /dev/null +++ b/security/sslproxy/files/patch-GNUmakefile @@ -0,0 +1,50 @@ +--- GNUmakefile.orig 2018-12-11 18:58:45 UTC ++++ GNUmakefile +@@ -178,7 +178,7 @@ endif + + PREFIX?= /usr/local + MANDIR?= share/man +-EXAMPLESDIR?= share/examples ++ETCDIR?= etc + + INSTALLUID?= 0 + INSTALLGID?= 0 +@@ -191,7 +191,7 @@ CNFMODE?= 0644 + MANUID?= $(INSTALLUID) + MANGID?= $(INSTALLGID) + MANMODE?= 0644 +-EXAMPLESMODE?= 0444 ++ETCMODE?= 0444 + ifeq ($(shell id -u),0) + BINOWNERFLAGS?= -o $(BINUID) -g $(BINGID) + CNFOWNERFLAGS?= -o $(CNFUID) -g $(CNFGID) +@@ -504,26 +504,19 @@ clean: + $(RM) -rf *.dSYM + + install: $(TARGET) +- test -d $(DESTDIR)$(PREFIX)/bin || $(MKDIR) -p $(DESTDIR)$(PREFIX)/bin +- test -d $(DESTDIR)$(PREFIX)/$(MANDIR)/man1 || \ +- $(MKDIR) -p $(DESTDIR)$(PREFIX)/$(MANDIR)/man1 +- test -d $(DESTDIR)$(PREFIX)/$(MANDIR)/man5 || \ +- $(MKDIR) -p $(DESTDIR)$(PREFIX)/$(MANDIR)/man5 +- test -d $(DESTDIR)$(PREFIX)/$(EXAMPLESDIR)/$(TARGET) || \ +- $(MKDIR) -p $(DESTDIR)$(PREFIX)/$(EXAMPLESDIR)/$(TARGET) + $(INSTALL) $(BINOWNERFLAGS) -m $(BINMODE) \ + $(TARGET) $(DESTDIR)$(PREFIX)/bin/ + $(INSTALL) $(MANOWNERFLAGS) -m $(MANMODE) \ + $(TARGET).1 $(DESTDIR)$(PREFIX)/$(MANDIR)/man1/ + $(INSTALL) $(MANOWNERFLAGS) -m $(MANMODE) \ + $(TARGET).conf.5 $(DESTDIR)$(PREFIX)/$(MANDIR)/man5/ +- $(INSTALL) $(MANOWNERFLAGS) -m $(EXAMPLESMODE) \ +- $(TARGET).conf $(DESTDIR)$(PREFIX)/$(EXAMPLESDIR)/$(TARGET)/ ++ $(INSTALL) $(MANOWNERFLAGS) -m $(ETCMODE) \ ++ $(TARGET).conf $(DESTDIR)$(PREFIX)/$(ETCDIR)/$(TARGET).conf.sample + + deinstall: + $(RM) -f $(DESTDIR)$(PREFIX)/bin/$(TARGET) $(DESTDIR)$(PREFIX)/$(MANDIR)/man1/$(TARGET).1 \ + $(DESTDIR)$(PREFIX)/$(MANDIR)/man5/$(TARGET).conf.5 +- $(RM) -rf $(DESTDIR)$(PREFIX)/$(EXAMPLESDIR)/$(TARGET)/ ++ $(RM) -rf $(DESTDIR)$(PREFIX)/$(ETCDIR)/$(TARGET)/ + + ifdef GITDIR + lint: diff --git a/security/sslproxy/files/patch-pxyconn.h b/security/sslproxy/files/patch-pxyconn.h new file mode 100644 index 000000000000..52a41c41aa91 --- /dev/null +++ b/security/sslproxy/files/patch-pxyconn.h @@ -0,0 +1,13 @@ +--- pxyconn.h.orig 2019-02-20 19:30:43 UTC ++++ pxyconn.h +@@ -30,6 +30,10 @@ + #ifndef PXYCONN_H + #define PXYCONN_H + ++#if defined(__FreeBSD__) || defined(__DragonFly__) ++#include <netinet/in.h> ++#endif ++ + #include "proxy.h" + #include "opts.h" + #include "attrib.h" diff --git a/security/sslproxy/pkg-descr b/security/sslproxy/pkg-descr new file mode 100644 index 000000000000..4fa8cb1cb059 --- /dev/null +++ b/security/sslproxy/pkg-descr @@ -0,0 +1,15 @@ +SSLproxy is a proxy for SSL/TLS encrypted network connections. It is intended to +be used for decrypting and diverting network traffic to other programs, such as +UTM services, for deep SSL inspection. + +SSLproxy is designed to transparently terminate connections that are redirected +to it using a network address translation engine. SSLproxy then terminates +SSL/TLS and initiates a new SSL/TLS connection to the original destination +address. Packets received on the client side are decrypted and sent to the +program listening on a port given in the proxy specification. SSLproxy inserts +in the first packet the address and port it is expecting to receive the packets +back from the program. Upon receiving the packets back, SSLproxy re-encrypts and +sends them to their original destination. The return traffic follows the same +path back to the client in reverse order. + +WWW: https://github.com/sonertari/SSLproxy |