pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/net/sniproxy
Module Name: pkgsrc
Committed By: schmonz
Date: Tue May 6 15:49:16 UTC 2025
Modified Files:
pkgsrc/net/sniproxy: DESCR Makefile distinfo
Added Files:
pkgsrc/net/sniproxy/patches: patch-src_connection.c
patch-tests_bad__dns__request__test patch-tests_bad__request__test
patch-tests_buffer__test.c patch-tests_connection__reset__test
patch-tests_fallback__test patch-tests_slow__client__test
Log Message:
sniproxy: update to latest git. Changes:
- autoconf: fail with error if missing required library
- fix missing stdlib.h include
- libpcre2 support
- deprecate project
- cleanup autoconf and use debhelper
- accept CRLF and LF in HTTP headers, fix buffer overflow error
Also apply patch from renaudallard's fork to allocate enough buffer for
header sizes seen in common webservers.
Add TEST_TARGET. Test results are unchanged by this update on macOS
15.4.1 or NetBSD 10.1 (fail 7/skip 1/pass 14) or Ubuntu 24.04.2 LTS
(fails functional_test and bind_source_test, hangs on
connection_reset_test).
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 pkgsrc/net/sniproxy/DESCR
cvs rdiff -u -r1.10 -r1.11 pkgsrc/net/sniproxy/Makefile
cvs rdiff -u -r1.11 -r1.12 pkgsrc/net/sniproxy/distinfo
cvs rdiff -u -r0 -r1.5 pkgsrc/net/sniproxy/patches/patch-src_connection.c
cvs rdiff -u -r0 -r1.1 \
pkgsrc/net/sniproxy/patches/patch-tests_bad__dns__request__test \
pkgsrc/net/sniproxy/patches/patch-tests_bad__request__test \
pkgsrc/net/sniproxy/patches/patch-tests_buffer__test.c \
pkgsrc/net/sniproxy/patches/patch-tests_connection__reset__test \
pkgsrc/net/sniproxy/patches/patch-tests_fallback__test \
pkgsrc/net/sniproxy/patches/patch-tests_slow__client__test
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/net/sniproxy/DESCR
diff -u pkgsrc/net/sniproxy/DESCR:1.1 pkgsrc/net/sniproxy/DESCR:1.2
--- pkgsrc/net/sniproxy/DESCR:1.1 Fri Jun 13 00:13:13 2014
+++ pkgsrc/net/sniproxy/DESCR Tue May 6 15:49:16 2025
@@ -1,4 +1,13 @@
-Proxies incoming HTTP and TLS connections based on the hostname
+sniproxy proxies incoming HTTP and TLS connections based on the hostname
contained in the initial request. This enables HTTPS name-based virtual
hosting to separate backend servers without installing the private key
on the proxy machine.
+
+- Name-based proxying of HTTPS without decrypting traffic. No keys or
+ certificates required.
+- Supports both TLS and HTTP protocols.
+- Supports IPv4, IPv6 and Unix domain sockets for both back-end servers
+ and listeners.
+- Supports multiple listening sockets per instance.
+- Supports HAProxy proxy protocol to propagate original source address
+ to back-end servers.
Index: pkgsrc/net/sniproxy/Makefile
diff -u pkgsrc/net/sniproxy/Makefile:1.10 pkgsrc/net/sniproxy/Makefile:1.11
--- pkgsrc/net/sniproxy/Makefile:1.10 Tue Jun 6 12:42:09 2023
+++ pkgsrc/net/sniproxy/Makefile Tue May 6 15:49:16 2025
@@ -1,23 +1,29 @@
-# $NetBSD: Makefile,v 1.10 2023/06/06 12:42:09 riastradh Exp $
+# $NetBSD: Makefile,v 1.11 2025/05/06 15:49:16 schmonz Exp $
-DISTNAME= sniproxy-0.6.1
-CATEGORIES= net
-MASTER_SITES= ${MASTER_SITE_GITHUB:=dlundquist/}
-
-MAINTAINER= wiedi%frubar.net@localhost
-HOMEPAGE= https://github.com/dlundquist/sniproxy/
-COMMENT= Proxy that routes based on TLS server name extension
-LICENSE= 2-clause-bsd
-
-USE_LANGUAGES= c99
-USE_TOOLS+= autoconf aclocal automake pkg-config
-GNU_CONFIGURE= YES
-USE_LIBTOOL= YES
+DISTNAME= ${GITHUB_PROJECT}-${GITHUB_TAG}
+PKGNAME= ${GITHUB_PROJECT}-0.6.1
+PKGREVISION= 1
+CATEGORIES= net
+MASTER_SITES= ${MASTER_SITE_GITHUB:=dlundquist/}
+GITHUB_PROJECT= sniproxy
+GITHUB_TAG= 2d9965388712faa6ef74f7229f38e3a177904bae
+
+MAINTAINER= wiedi%frubar.net@localhost
+HOMEPAGE= https://github.com/dlundquist/sniproxy/
+COMMENT= Proxy HTTP and TLS based on hostname in request
+LICENSE= 2-clause-bsd
+
+USE_LANGUAGES= c
+USE_CC_FEATURES= c99
+USE_TOOLS+= autoconf aclocal automake pkg-config
+GNU_CONFIGURE= YES
+CONFIGURE_ARGS+= --enable-dns
+USE_LIBTOOL= YES
-TOOL_DEPENDS+= gettext-m4-[0-9]*:../../devel/gettext-m4
+TOOL_DEPENDS+= gettext-m4-[0-9]*:../../devel/gettext-m4
-EGDIR= ${PREFIX}/share/examples/${PKGBASE}
-CONF_FILES= ${EGDIR}/sniproxy.conf ${PKG_SYSCONFDIR}/sniproxy.conf
+EGDIR= ${PREFIX}/share/examples/${PKGBASE}
+CONF_FILES= ${EGDIR}/sniproxy.conf ${PKG_SYSCONFDIR}/sniproxy.conf
CPPFLAGS.SunOS+= -D__EXTENSIONS__ -D_XOPEN_SOURCE=600
LDFLAGS.SunOS+= -lsocket -lnsl
@@ -37,6 +43,10 @@ RCD_SCRIPTS= sniproxy
BUILD_DEFS+= VARBASE PKG_SYSCONFBASE
+TEST_TARGET= check
+#USE_TOOLS+= perl
+#REPLACE_PERL+= tests/*_test
+
pre-configure:
cd ${WRKSRC} && autoreconf --install && automake --add-missing --copy
@@ -45,6 +55,6 @@ post-install:
${INSTALL_DATA} ${WRKSRC}/sniproxy.conf ${DESTDIR}${EGDIR}
.include "../../devel/libev/buildlink3.mk"
-.include "../../devel/pcre/buildlink3.mk"
+.include "../../devel/pcre2/buildlink3.mk"
.include "../../net/udns/buildlink3.mk"
.include "../../mk/bsd.pkg.mk"
Index: pkgsrc/net/sniproxy/distinfo
diff -u pkgsrc/net/sniproxy/distinfo:1.11 pkgsrc/net/sniproxy/distinfo:1.12
--- pkgsrc/net/sniproxy/distinfo:1.11 Thu May 11 05:14:00 2023
+++ pkgsrc/net/sniproxy/distinfo Tue May 6 15:49:16 2025
@@ -1,9 +1,16 @@
-$NetBSD: distinfo,v 1.11 2023/05/11 05:14:00 schmonz Exp $
+$NetBSD: distinfo,v 1.12 2025/05/06 15:49:16 schmonz Exp $
-BLAKE2s (sniproxy-0.6.1.tar.gz) = 8e1f6529c9d1d86a94f06cbcc9c40d9374f54e2fcb499198422997796c53c7af
-SHA512 (sniproxy-0.6.1.tar.gz) = 4a20830ee6dfeb33a363c480c4698c263a8deccfcac2071198248147ef40d951a1b551c373b0e1e29f6b6bfcdac350390f8f4c3653ed9d1f1940ed50c96af785
-Size (sniproxy-0.6.1.tar.gz) = 78939 bytes
+BLAKE2s (sniproxy-2d9965388712faa6ef74f7229f38e3a177904bae-2d9965388712faa6ef74f7229f38e3a177904bae.tar.gz) = efe6a54e6a42951e201b0c1e439809fcbac3f9fe53d9160943f98f8fdc146e61
+SHA512 (sniproxy-2d9965388712faa6ef74f7229f38e3a177904bae-2d9965388712faa6ef74f7229f38e3a177904bae.tar.gz) =
b37815107d53def95dca2938fee7874cba2d91b0b4fc774fb073b180d7a46588f8bef882f025b40118b85fc29e021bd098fe0f3b61cd27e3c502e60c1e2ceef5
+Size (sniproxy-2d9965388712faa6ef74f7229f38e3a177904bae-2d9965388712faa6ef74f7229f38e3a177904bae.tar.gz) = 79449 bytes
SHA1 (patch-man_sniproxy.8) = 6c23fd3a826cfdd37b656e235392263995f0bad0
SHA1 (patch-man_sniproxy.conf.5) = d18a997fe2d3bf570c3c3e8530ec2c6487e35ba0
SHA1 (patch-sniproxy.conf) = 7a7c596ec2947cc94271dbd7298dd3e9896260f7
+SHA1 (patch-src_connection.c) = 3a1ceff5ec5c81dfb3158694a85d536328a38c86
SHA1 (patch-src_sniproxy.c) = d3aa00bd393ceaeba81ce9d15cdafd24ab63eaf1
+SHA1 (patch-tests_bad__dns__request__test) = 1a9c0330122d141c43f4260aa6134a5a48a1362e
+SHA1 (patch-tests_bad__request__test) = 5fc17c8e1a5f574c6cbb4161689daaba8f087fd5
+SHA1 (patch-tests_buffer__test.c) = c4c46acdeac241e777a48ce51ce432b908847154
+SHA1 (patch-tests_connection__reset__test) = 027fe2e026fcb4fd3cfc191d60890617beb28b92
+SHA1 (patch-tests_fallback__test) = d8873bfe8629096a1cc4152438167c4f15559153
+SHA1 (patch-tests_slow__client__test) = 1ee5a0683ef6b8f8dbf43072492ab7bc46e9f92f
Added files:
Index: pkgsrc/net/sniproxy/patches/patch-src_connection.c
diff -u /dev/null pkgsrc/net/sniproxy/patches/patch-src_connection.c:1.5
--- /dev/null Tue May 6 15:49:16 2025
+++ pkgsrc/net/sniproxy/patches/patch-src_connection.c Tue May 6 15:49:16 2025
@@ -0,0 +1,23 @@
+$NetBSD: patch-src_connection.c,v 1.5 2025/05/06 15:49:16 schmonz Exp $
+
+Allocate enough buffer for header sizes seen in common webservers.
+https://github.com/renaudallard/sniproxy/commit/1a504817462209ecaa2f62ff925b58852e22f564
+
+--- src/connection.c.orig 2024-07-02 15:36:27.000000000 +0000
++++ src/connection.c
+@@ -812,13 +812,13 @@ new_connection(struct ev_loop *loop) {
+ con->query_handle = NULL;
+ con->use_proxy_header = 0;
+
+- con->client.buffer = new_buffer(4096, loop);
++ con->client.buffer = new_buffer(16384, loop);
+ if (con->client.buffer == NULL) {
+ free_connection(con);
+ return NULL;
+ }
+
+- con->server.buffer = new_buffer(4096, loop);
++ con->server.buffer = new_buffer(16384, loop);
+ if (con->server.buffer == NULL) {
+ free_connection(con);
+ return NULL;
Index: pkgsrc/net/sniproxy/patches/patch-tests_bad__dns__request__test
diff -u /dev/null pkgsrc/net/sniproxy/patches/patch-tests_bad__dns__request__test:1.1
--- /dev/null Tue May 6 15:49:16 2025
+++ pkgsrc/net/sniproxy/patches/patch-tests_bad__dns__request__test Tue May 6 15:49:16 2025
@@ -0,0 +1,16 @@
+$NetBSD: patch-tests_bad__dns__request__test,v 1.1 2025/05/06 15:49:16 schmonz Exp $
+
+Allocate enough buffer for header sizes seen in common webservers.
+https://github.com/renaudallard/sniproxy/commit/1a504817462209ecaa2f62ff925b58852e22f564
+
+--- tests/bad_dns_request_test.orig 2024-07-02 15:36:27.000000000 +0000
++++ tests/bad_dns_request_test
+@@ -60,7 +60,7 @@ sub http_client($$) {
+ $socket->send($request);
+
+ my $buffer;
+- $socket->recv($buffer, 4096);
++ $socket->recv($buffer, 16388);
+
+ $socket->close();
+
Index: pkgsrc/net/sniproxy/patches/patch-tests_bad__request__test
diff -u /dev/null pkgsrc/net/sniproxy/patches/patch-tests_bad__request__test:1.1
--- /dev/null Tue May 6 15:49:16 2025
+++ pkgsrc/net/sniproxy/patches/patch-tests_bad__request__test Tue May 6 15:49:16 2025
@@ -0,0 +1,16 @@
+$NetBSD: patch-tests_bad__request__test,v 1.1 2025/05/06 15:49:16 schmonz Exp $
+
+Allocate enough buffer for header sizes seen in common webservers.
+https://github.com/renaudallard/sniproxy/commit/1a504817462209ecaa2f62ff925b58852e22f564
+
+--- tests/bad_request_test.orig 2024-07-02 15:36:27.000000000 +0000
++++ tests/bad_request_test
+@@ -282,7 +282,7 @@ sub tls_client($$) {
+ $socket->send($request);
+
+ my $buffer;
+- $socket->recv($buffer, 4096);
++ $socket->recv($buffer, 16384);
+
+ $socket->close();
+
Index: pkgsrc/net/sniproxy/patches/patch-tests_buffer__test.c
diff -u /dev/null pkgsrc/net/sniproxy/patches/patch-tests_buffer__test.c:1.1
--- /dev/null Tue May 6 15:49:16 2025
+++ pkgsrc/net/sniproxy/patches/patch-tests_buffer__test.c Tue May 6 15:49:16 2025
@@ -0,0 +1,25 @@
+$NetBSD: patch-tests_buffer__test.c,v 1.1 2025/05/06 15:49:16 schmonz Exp $
+
+Allocate enough buffer for header sizes seen in common webservers.
+https://github.com/renaudallard/sniproxy/commit/1a504817462209ecaa2f62ff925b58852e22f564
+
+--- tests/buffer_test.c.orig 2024-07-02 15:36:27.000000000 +0000
++++ tests/buffer_test.c
+@@ -127,7 +127,7 @@ static void test4() {
+ struct Buffer *buffer;
+ int read_fd, write_fd;
+
+- buffer = new_buffer(4096, EV_DEFAULT);
++ buffer = new_buffer(16384, EV_DEFAULT);
+
+ read_fd = open("/dev/zero", O_RDONLY);
+ if (read_fd < 0) {
+@@ -155,7 +155,7 @@ static void test_buffer_coalesce() {
+ char output[sizeof(input)];
+ int len;
+
+- buffer = new_buffer(4096, EV_DEFAULT);
++ buffer = new_buffer(16384, EV_DEFAULT);
+ len = buffer_push(buffer, input, sizeof(input));
+ assert(len == sizeof(input));
+
Index: pkgsrc/net/sniproxy/patches/patch-tests_connection__reset__test
diff -u /dev/null pkgsrc/net/sniproxy/patches/patch-tests_connection__reset__test:1.1
--- /dev/null Tue May 6 15:49:16 2025
+++ pkgsrc/net/sniproxy/patches/patch-tests_connection__reset__test Tue May 6 15:49:16 2025
@@ -0,0 +1,31 @@
+$NetBSD: patch-tests_connection__reset__test,v 1.1 2025/05/06 15:49:16 schmonz Exp $
+
+Allocate enough buffer for header sizes seen in common webservers.
+https://github.com/renaudallard/sniproxy/commit/1a504817462209ecaa2f62ff925b58852e22f564
+
+--- tests/connection_reset_test.orig 2024-07-02 15:36:27.000000000 +0000
++++ tests/connection_reset_test
+@@ -42,8 +42,8 @@ sub simple_server($) {
+ "\r\n");
+
+ # Send a bunch of data (more that will be buffered by the kernel
+- for (my $i = 0; $i < 4096; $i++) {
+- $client->send('x' x 4096);
++ for (my $i = 0; $i < 16384; $i++) {
++ $client->send('x' x 16384);
+ }
+ $client->close();
+ exit;
+@@ -76,9 +76,9 @@ sub bad_client($) {
+ "\r\n");
+
+ my $buffer;
+- $socket->recv($buffer, 4096);
+- $socket->recv($buffer, 4096);
+- $socket->recv($buffer, 4096);
++ $socket->recv($buffer, 16384);
++ $socket->recv($buffer, 16384);
++ $socket->recv($buffer, 16384);
+
+ $socket->close();
+
Index: pkgsrc/net/sniproxy/patches/patch-tests_fallback__test
diff -u /dev/null pkgsrc/net/sniproxy/patches/patch-tests_fallback__test:1.1
--- /dev/null Tue May 6 15:49:16 2025
+++ pkgsrc/net/sniproxy/patches/patch-tests_fallback__test Tue May 6 15:49:16 2025
@@ -0,0 +1,16 @@
+$NetBSD: patch-tests_fallback__test,v 1.1 2025/05/06 15:49:16 schmonz Exp $
+
+Allocate enough buffer for header sizes seen in common webservers.
+https://github.com/renaudallard/sniproxy/commit/1a504817462209ecaa2f62ff925b58852e22f564
+
+--- tests/fallback_test.orig 2024-07-02 15:36:27.000000000 +0000
++++ tests/fallback_test
+@@ -56,7 +56,7 @@ sub http10_client($$) {
+ $socket->send("GET /$path HTTP/1.0\r\n\r\n");
+
+ my $buffer;
+- $socket->recv($buffer, 4096);
++ $socket->recv($buffer, 16384);
+
+ $socket->close();
+
Index: pkgsrc/net/sniproxy/patches/patch-tests_slow__client__test
diff -u /dev/null pkgsrc/net/sniproxy/patches/patch-tests_slow__client__test:1.1
--- /dev/null Tue May 6 15:49:16 2025
+++ pkgsrc/net/sniproxy/patches/patch-tests_slow__client__test Tue May 6 15:49:16 2025
@@ -0,0 +1,16 @@
+$NetBSD: patch-tests_slow__client__test,v 1.1 2025/05/06 15:49:16 schmonz Exp $
+
+Allocate enough buffer for header sizes seen in common webservers.
+https://github.com/renaudallard/sniproxy/commit/1a504817462209ecaa2f62ff925b58852e22f564
+
+--- tests/slow_client_test.orig 2024-07-02 15:36:27.000000000 +0000
++++ tests/slow_client_test
+@@ -46,7 +46,7 @@ sub slow_client($$) {
+ }
+
+ my $buffer;
+- $socket->recv($buffer, 4096);
++ $socket->recv($buffer, 16384);
+
+ $socket->close();
+
Home |
Main Index |
Thread Index |
Old Index