1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-26 05:02:18 +00:00

[NEW] security/sslproxy: Transparent and scalable SSL/TLS interception

SSLproxy is a proxy for SSL/TLS encrypted network connections. It is intended to
be used for decrypting and diverting network traffic to other programs, such as
UTM services, for deep SSL inspection.

SSLproxy is designed to transparently terminate connections that are redirected
to it using a network address translation engine. SSLproxy then terminates
SSL/TLS and initiates a new SSL/TLS connection to the original destination
address. Packets received on the client side are decrypted and sent to the
program listening on a port given in the proxy specification. SSLproxy inserts
in the first packet the address and port it is expecting to receive the packets
back from the program. Upon receiving the packets back, SSLproxy re-encrypts and
sends them to their original destination. The return traffic follows the same
path back to the client in reverse order.

WWW: https://github.com/sonertari/SSLproxy

Please note that the sslproxy deleted and sslproxy created are not the same
application.
This commit is contained in:
Muhammad Moinur Rahman 2019-03-06 13:56:23 +00:00
parent d7dc04cb1a
commit d72c87d49e
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=494801
7 changed files with 109 additions and 1 deletions

1
MOVED
View File

@ -4048,7 +4048,6 @@ sysutils/sarah||2013-03-03|Has expired: No more upstream, no more public distfil
www/igal||2013-03-03|Has expired: No more upstream, no more public distfiles, consider using www/llgal
finance/tinyerp-server||2013-03-03|Has expired: No more upstream, no more public distfiles, consider using finance/openerp-server
ports-mgmt/portcheck||2013-03-03|Has expired: No more upstream, no more public distfiles
security/sslproxy||2013-03-03|Has expired: Abandoned upstream
x11-themes/e17-theme-darkness||2013-03-03|Has expired: No more public distfiles
x11-themes/e17-theme-cthulhain||2013-03-03|Has expired: Dead upstream since 2008
x11-servers/driglide||2013-03-03|Has expired: 3dfx is dead, fails to compile on recent versions of FreeBSD

View File

@ -1277,6 +1277,7 @@
SUBDIR += sshpass
SUBDIR += ssl-admin
SUBDIR += ssllabs-scan
SUBDIR += sslproxy
SUBDIR += sslscan
SUBDIR += sslsniffer
SUBDIR += sslsplit

View File

@ -0,0 +1,27 @@
# $FreeBSD$
PORTNAME= sslproxy
PORTVERSION= 0.5.9
DISTVERSIONPREFIX= v
PORTEPOCH= 1
CATEGORIES= security
MAINTAINER= bofh@FreeBSD.org
COMMENT= Transparent and scalable SSL/TLS interception
LICENSE= BSD2CLAUSE
LIB_DEPENDS= libevent.so:devel/libevent \
libnet.so:net/libnet
USES= gmake pkgconfig uidfix ssl
USE_GITHUB= yes
GH_ACCOUNT= sonertari
GH_PROJECT= SSLproxy
MAKEFILE= GNUmakefile
MAKE_ENV= DESTDIR=${STAGEDIR} MANDIR=man INSTALLUID=${UID} INSTALLGID=${GID}
PLIST_FILES= bin/sslproxy man/man1/sslproxy.1.gz man/man5/sslproxy.conf.5.gz \
"@sample etc/sslproxy.conf.sample"
.include <bsd.port.mk>

View File

@ -0,0 +1,3 @@
TIMESTAMP = 1551812754
SHA256 (sonertari-SSLproxy-v0.5.9_GH0.tar.gz) = 669cd763f83c8faa69e6fb2854e09cb724960075b088cbac5df994613423a4cb
SIZE (sonertari-SSLproxy-v0.5.9_GH0.tar.gz) = 1777393

View File

@ -0,0 +1,50 @@
--- GNUmakefile.orig 2018-12-11 18:58:45 UTC
+++ GNUmakefile
@@ -178,7 +178,7 @@ endif
PREFIX?= /usr/local
MANDIR?= share/man
-EXAMPLESDIR?= share/examples
+ETCDIR?= etc
INSTALLUID?= 0
INSTALLGID?= 0
@@ -191,7 +191,7 @@ CNFMODE?= 0644
MANUID?= $(INSTALLUID)
MANGID?= $(INSTALLGID)
MANMODE?= 0644
-EXAMPLESMODE?= 0444
+ETCMODE?= 0444
ifeq ($(shell id -u),0)
BINOWNERFLAGS?= -o $(BINUID) -g $(BINGID)
CNFOWNERFLAGS?= -o $(CNFUID) -g $(CNFGID)
@@ -504,26 +504,19 @@ clean:
$(RM) -rf *.dSYM
install: $(TARGET)
- test -d $(DESTDIR)$(PREFIX)/bin || $(MKDIR) -p $(DESTDIR)$(PREFIX)/bin
- test -d $(DESTDIR)$(PREFIX)/$(MANDIR)/man1 || \
- $(MKDIR) -p $(DESTDIR)$(PREFIX)/$(MANDIR)/man1
- test -d $(DESTDIR)$(PREFIX)/$(MANDIR)/man5 || \
- $(MKDIR) -p $(DESTDIR)$(PREFIX)/$(MANDIR)/man5
- test -d $(DESTDIR)$(PREFIX)/$(EXAMPLESDIR)/$(TARGET) || \
- $(MKDIR) -p $(DESTDIR)$(PREFIX)/$(EXAMPLESDIR)/$(TARGET)
$(INSTALL) $(BINOWNERFLAGS) -m $(BINMODE) \
$(TARGET) $(DESTDIR)$(PREFIX)/bin/
$(INSTALL) $(MANOWNERFLAGS) -m $(MANMODE) \
$(TARGET).1 $(DESTDIR)$(PREFIX)/$(MANDIR)/man1/
$(INSTALL) $(MANOWNERFLAGS) -m $(MANMODE) \
$(TARGET).conf.5 $(DESTDIR)$(PREFIX)/$(MANDIR)/man5/
- $(INSTALL) $(MANOWNERFLAGS) -m $(EXAMPLESMODE) \
- $(TARGET).conf $(DESTDIR)$(PREFIX)/$(EXAMPLESDIR)/$(TARGET)/
+ $(INSTALL) $(MANOWNERFLAGS) -m $(ETCMODE) \
+ $(TARGET).conf $(DESTDIR)$(PREFIX)/$(ETCDIR)/$(TARGET).conf.sample
deinstall:
$(RM) -f $(DESTDIR)$(PREFIX)/bin/$(TARGET) $(DESTDIR)$(PREFIX)/$(MANDIR)/man1/$(TARGET).1 \
$(DESTDIR)$(PREFIX)/$(MANDIR)/man5/$(TARGET).conf.5
- $(RM) -rf $(DESTDIR)$(PREFIX)/$(EXAMPLESDIR)/$(TARGET)/
+ $(RM) -rf $(DESTDIR)$(PREFIX)/$(ETCDIR)/$(TARGET)/
ifdef GITDIR
lint:

View File

@ -0,0 +1,13 @@
--- pxyconn.h.orig 2019-02-20 19:30:43 UTC
+++ pxyconn.h
@@ -30,6 +30,10 @@
#ifndef PXYCONN_H
#define PXYCONN_H
+#if defined(__FreeBSD__) || defined(__DragonFly__)
+#include <netinet/in.h>
+#endif
+
#include "proxy.h"
#include "opts.h"
#include "attrib.h"

View File

@ -0,0 +1,15 @@
SSLproxy is a proxy for SSL/TLS encrypted network connections. It is intended to
be used for decrypting and diverting network traffic to other programs, such as
UTM services, for deep SSL inspection.
SSLproxy is designed to transparently terminate connections that are redirected
to it using a network address translation engine. SSLproxy then terminates
SSL/TLS and initiates a new SSL/TLS connection to the original destination
address. Packets received on the client side are decrypted and sent to the
program listening on a port given in the proxy specification. SSLproxy inserts
in the first packet the address and port it is expecting to receive the packets
back from the program. Upon receiving the packets back, SSLproxy re-encrypts and
sends them to their original destination. The return traffic follows the same
path back to the client in reverse order.
WWW: https://github.com/sonertari/SSLproxy