mirror of
https://git.FreeBSD.org/ports.git
synced 2024-12-26 05:02:18 +00:00
[NEW] security/sslproxy: Transparent and scalable SSL/TLS interception
SSLproxy is a proxy for SSL/TLS encrypted network connections. It is intended to be used for decrypting and diverting network traffic to other programs, such as UTM services, for deep SSL inspection. SSLproxy is designed to transparently terminate connections that are redirected to it using a network address translation engine. SSLproxy then terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address. Packets received on the client side are decrypted and sent to the program listening on a port given in the proxy specification. SSLproxy inserts in the first packet the address and port it is expecting to receive the packets back from the program. Upon receiving the packets back, SSLproxy re-encrypts and sends them to their original destination. The return traffic follows the same path back to the client in reverse order. WWW: https://github.com/sonertari/SSLproxy Please note that the sslproxy deleted and sslproxy created are not the same application.
This commit is contained in:
parent
d7dc04cb1a
commit
d72c87d49e
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=494801
1
MOVED
1
MOVED
@ -4048,7 +4048,6 @@ sysutils/sarah||2013-03-03|Has expired: No more upstream, no more public distfil
|
||||
www/igal||2013-03-03|Has expired: No more upstream, no more public distfiles, consider using www/llgal
|
||||
finance/tinyerp-server||2013-03-03|Has expired: No more upstream, no more public distfiles, consider using finance/openerp-server
|
||||
ports-mgmt/portcheck||2013-03-03|Has expired: No more upstream, no more public distfiles
|
||||
security/sslproxy||2013-03-03|Has expired: Abandoned upstream
|
||||
x11-themes/e17-theme-darkness||2013-03-03|Has expired: No more public distfiles
|
||||
x11-themes/e17-theme-cthulhain||2013-03-03|Has expired: Dead upstream since 2008
|
||||
x11-servers/driglide||2013-03-03|Has expired: 3dfx is dead, fails to compile on recent versions of FreeBSD
|
||||
|
@ -1277,6 +1277,7 @@
|
||||
SUBDIR += sshpass
|
||||
SUBDIR += ssl-admin
|
||||
SUBDIR += ssllabs-scan
|
||||
SUBDIR += sslproxy
|
||||
SUBDIR += sslscan
|
||||
SUBDIR += sslsniffer
|
||||
SUBDIR += sslsplit
|
||||
|
27
security/sslproxy/Makefile
Normal file
27
security/sslproxy/Makefile
Normal file
@ -0,0 +1,27 @@
|
||||
# $FreeBSD$
|
||||
|
||||
PORTNAME= sslproxy
|
||||
PORTVERSION= 0.5.9
|
||||
DISTVERSIONPREFIX= v
|
||||
PORTEPOCH= 1
|
||||
CATEGORIES= security
|
||||
|
||||
MAINTAINER= bofh@FreeBSD.org
|
||||
COMMENT= Transparent and scalable SSL/TLS interception
|
||||
|
||||
LICENSE= BSD2CLAUSE
|
||||
|
||||
LIB_DEPENDS= libevent.so:devel/libevent \
|
||||
libnet.so:net/libnet
|
||||
|
||||
USES= gmake pkgconfig uidfix ssl
|
||||
USE_GITHUB= yes
|
||||
GH_ACCOUNT= sonertari
|
||||
GH_PROJECT= SSLproxy
|
||||
|
||||
MAKEFILE= GNUmakefile
|
||||
MAKE_ENV= DESTDIR=${STAGEDIR} MANDIR=man INSTALLUID=${UID} INSTALLGID=${GID}
|
||||
PLIST_FILES= bin/sslproxy man/man1/sslproxy.1.gz man/man5/sslproxy.conf.5.gz \
|
||||
"@sample etc/sslproxy.conf.sample"
|
||||
|
||||
.include <bsd.port.mk>
|
3
security/sslproxy/distinfo
Normal file
3
security/sslproxy/distinfo
Normal file
@ -0,0 +1,3 @@
|
||||
TIMESTAMP = 1551812754
|
||||
SHA256 (sonertari-SSLproxy-v0.5.9_GH0.tar.gz) = 669cd763f83c8faa69e6fb2854e09cb724960075b088cbac5df994613423a4cb
|
||||
SIZE (sonertari-SSLproxy-v0.5.9_GH0.tar.gz) = 1777393
|
50
security/sslproxy/files/patch-GNUmakefile
Normal file
50
security/sslproxy/files/patch-GNUmakefile
Normal file
@ -0,0 +1,50 @@
|
||||
--- GNUmakefile.orig 2018-12-11 18:58:45 UTC
|
||||
+++ GNUmakefile
|
||||
@@ -178,7 +178,7 @@ endif
|
||||
|
||||
PREFIX?= /usr/local
|
||||
MANDIR?= share/man
|
||||
-EXAMPLESDIR?= share/examples
|
||||
+ETCDIR?= etc
|
||||
|
||||
INSTALLUID?= 0
|
||||
INSTALLGID?= 0
|
||||
@@ -191,7 +191,7 @@ CNFMODE?= 0644
|
||||
MANUID?= $(INSTALLUID)
|
||||
MANGID?= $(INSTALLGID)
|
||||
MANMODE?= 0644
|
||||
-EXAMPLESMODE?= 0444
|
||||
+ETCMODE?= 0444
|
||||
ifeq ($(shell id -u),0)
|
||||
BINOWNERFLAGS?= -o $(BINUID) -g $(BINGID)
|
||||
CNFOWNERFLAGS?= -o $(CNFUID) -g $(CNFGID)
|
||||
@@ -504,26 +504,19 @@ clean:
|
||||
$(RM) -rf *.dSYM
|
||||
|
||||
install: $(TARGET)
|
||||
- test -d $(DESTDIR)$(PREFIX)/bin || $(MKDIR) -p $(DESTDIR)$(PREFIX)/bin
|
||||
- test -d $(DESTDIR)$(PREFIX)/$(MANDIR)/man1 || \
|
||||
- $(MKDIR) -p $(DESTDIR)$(PREFIX)/$(MANDIR)/man1
|
||||
- test -d $(DESTDIR)$(PREFIX)/$(MANDIR)/man5 || \
|
||||
- $(MKDIR) -p $(DESTDIR)$(PREFIX)/$(MANDIR)/man5
|
||||
- test -d $(DESTDIR)$(PREFIX)/$(EXAMPLESDIR)/$(TARGET) || \
|
||||
- $(MKDIR) -p $(DESTDIR)$(PREFIX)/$(EXAMPLESDIR)/$(TARGET)
|
||||
$(INSTALL) $(BINOWNERFLAGS) -m $(BINMODE) \
|
||||
$(TARGET) $(DESTDIR)$(PREFIX)/bin/
|
||||
$(INSTALL) $(MANOWNERFLAGS) -m $(MANMODE) \
|
||||
$(TARGET).1 $(DESTDIR)$(PREFIX)/$(MANDIR)/man1/
|
||||
$(INSTALL) $(MANOWNERFLAGS) -m $(MANMODE) \
|
||||
$(TARGET).conf.5 $(DESTDIR)$(PREFIX)/$(MANDIR)/man5/
|
||||
- $(INSTALL) $(MANOWNERFLAGS) -m $(EXAMPLESMODE) \
|
||||
- $(TARGET).conf $(DESTDIR)$(PREFIX)/$(EXAMPLESDIR)/$(TARGET)/
|
||||
+ $(INSTALL) $(MANOWNERFLAGS) -m $(ETCMODE) \
|
||||
+ $(TARGET).conf $(DESTDIR)$(PREFIX)/$(ETCDIR)/$(TARGET).conf.sample
|
||||
|
||||
deinstall:
|
||||
$(RM) -f $(DESTDIR)$(PREFIX)/bin/$(TARGET) $(DESTDIR)$(PREFIX)/$(MANDIR)/man1/$(TARGET).1 \
|
||||
$(DESTDIR)$(PREFIX)/$(MANDIR)/man5/$(TARGET).conf.5
|
||||
- $(RM) -rf $(DESTDIR)$(PREFIX)/$(EXAMPLESDIR)/$(TARGET)/
|
||||
+ $(RM) -rf $(DESTDIR)$(PREFIX)/$(ETCDIR)/$(TARGET)/
|
||||
|
||||
ifdef GITDIR
|
||||
lint:
|
13
security/sslproxy/files/patch-pxyconn.h
Normal file
13
security/sslproxy/files/patch-pxyconn.h
Normal file
@ -0,0 +1,13 @@
|
||||
--- pxyconn.h.orig 2019-02-20 19:30:43 UTC
|
||||
+++ pxyconn.h
|
||||
@@ -30,6 +30,10 @@
|
||||
#ifndef PXYCONN_H
|
||||
#define PXYCONN_H
|
||||
|
||||
+#if defined(__FreeBSD__) || defined(__DragonFly__)
|
||||
+#include <netinet/in.h>
|
||||
+#endif
|
||||
+
|
||||
#include "proxy.h"
|
||||
#include "opts.h"
|
||||
#include "attrib.h"
|
15
security/sslproxy/pkg-descr
Normal file
15
security/sslproxy/pkg-descr
Normal file
@ -0,0 +1,15 @@
|
||||
SSLproxy is a proxy for SSL/TLS encrypted network connections. It is intended to
|
||||
be used for decrypting and diverting network traffic to other programs, such as
|
||||
UTM services, for deep SSL inspection.
|
||||
|
||||
SSLproxy is designed to transparently terminate connections that are redirected
|
||||
to it using a network address translation engine. SSLproxy then terminates
|
||||
SSL/TLS and initiates a new SSL/TLS connection to the original destination
|
||||
address. Packets received on the client side are decrypted and sent to the
|
||||
program listening on a port given in the proxy specification. SSLproxy inserts
|
||||
in the first packet the address and port it is expecting to receive the packets
|
||||
back from the program. Upon receiving the packets back, SSLproxy re-encrypts and
|
||||
sends them to their original destination. The return traffic follows the same
|
||||
path back to the client in reverse order.
|
||||
|
||||
WWW: https://github.com/sonertari/SSLproxy
|
Loading…
Reference in New Issue
Block a user