import ports/security/spiped, from James Turner, ok landry@

spiped (pronounced "ess-pipe-dee") is a utility for creating symmetrically encrypted and authenticated pipes between socket addresses, so that one may connect to one address (e.g., a UNIX socket on localhost) and transparently have a connection established to another address (e.g., a UNIX socket on a different system). This is similar to 'ssh -L' functionality, but does not use SSH and requires a pre-shared symmetric key. spipe (pronounced "ess-pipe") is a utility which acts as an spiped protocol client (i.e., connects to an spiped daemon), taking input from the standard input and writing data read back to the standard output.
2012-11-19 22:14:52 +00:00 · 2012-11-19 22:14:52 +00:00 · e332ab40cd
commit e332ab40cd
parent 54fe7aeb13
6 changed files with 98 additions and 0 deletions
--- a/security/spiped/Makefile
+++ b/security/spiped/Makefile
@ -0,0 +1,34 @@
+# $OpenBSD: Makefile,v 1.1.1.1 2012/11/19 22:14:52 sthen Exp $
+
+COMMENT =		utility for creating secure pipes between socket addresses
+
+DISTNAME =		spiped-1.2.2
+CATEGORIES =		security sysutils
+
+MAINTAINER =		James Turner <james@calminferno.net>
+
+HOMEPAGE =		http://www.tarsnap.com/spiped.html
+MASTER_SITES =		http://www.tarsnap.com/spiped/
+
+# BSD
+PERMIT_PACKAGE_CDROM =	Yes
+PERMIT_PACKAGE_FTP =	Yes
+PERMIT_DISTFILES_CDROM =Yes
+PERMIT_DISTFILES_FTP =	Yes
+
+WANTLIB =		c crypto pthread
+
+EXTRACT_SUFX =		.tgz
+NO_REGRESS =		Yes
+FAKE_FLAGS =		BINDIR="${WRKINST}${PREFIX}/bin"
+
+post-install:
+	${INSTALL_DATA_DIR} ${PREFIX}/share/doc/spiped
+	${INSTALL_DATA} ${WRKSRC}/COPYRIGHT ${PREFIX}/share/doc/spiped/
+	${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/share/doc/spiped/
+	${INSTALL_DATA} ${WRKSRC}/spipe/README ${PREFIX}/share/doc/spiped/README-spipe
+	${INSTALL_DATA} ${WRKSRC}/spiped/README ${PREFIX}/share/doc/spiped/README-spiped
+	perl -pi -e 's,/etc/ssh/spiped.key,${SYSCONFDIR}/spiped/spiped.key,' \
+	    ${PREFIX}/share/doc/spiped/README
+
+.include <bsd.port.mk>
--- a/security/spiped/distinfo
+++ b/security/spiped/distinfo
@ -0,0 +1,2 @@
+SHA256 (spiped-1.2.2.tgz) = qetGgeTM1dhrii1OFnhduLoQ2Kn39zJIVRH9S5Lf8ew=
+SIZE (spiped-1.2.2.tgz) = 51682
--- a/security/spiped/patches/patch-lib_events_events_network_c
+++ b/security/spiped/patches/patch-lib_events_events_network_c
@ -0,0 +1,11 @@
+$OpenBSD: patch-lib_events_events_network_c,v 1.1.1.1 2012/11/19 22:14:52 sthen Exp $
+--- lib/events/events_network.c.orig	Thu Nov 15 12:04:53 2012
+++ lib/events/events_network.c	Thu Nov 15 12:05:06 2012
+@@ -2,6 +2,7 @@
+ 
+ #include <errno.h>
+ #include <stdlib.h>
+#include <string.h>
+ 
+ #include "elasticarray.h"
+ #include "warnp.h"
--- a/security/spiped/pkg/DESCR
+++ b/security/spiped/pkg/DESCR
@ -0,0 +1,11 @@
+spiped (pronounced "ess-pipe-dee") is a utility for creating
+symmetrically encrypted and authenticated pipes between socket
+addresses, so that one may connect to one address (e.g., a UNIX socket
+on localhost) and transparently have a connection established to another
+address (e.g., a UNIX socket on a different system). This is similar to
+'ssh -L' functionality, but does not use SSH and requires a pre-shared
+symmetric key.
+
+spipe (pronounced "ess-pipe") is a utility which acts as an spiped
+protocol client (i.e., connects to an spiped daemon), taking input from
+the standard input and writing data read back to the standard output.
--- a/security/spiped/pkg/PLIST
+++ b/security/spiped/pkg/PLIST
@ -0,0 +1,19 @@
+@comment $OpenBSD: PLIST,v 1.1.1.1 2012/11/19 22:14:52 sthen Exp $
+@newgroup _spiped:707
+@newuser _spiped:707:_spiped:daemon:spiped user:/nonexistent:/sbin/nologin
+@extra ${SYSCONFDIR}/spiped/spiped.key
+@bin bin/spipe
+@bin bin/spiped
+share/doc/spiped/
+share/doc/spiped/COPYRIGHT
+share/doc/spiped/README
+share/doc/spiped/README-spipe
+share/doc/spiped/README-spiped
+@owner root
+@group _spiped
+@mode 750
+@sample ${SYSCONFDIR}/spiped/
+@mode
+@group
+@owner
+@rcscript ${RCDIR}/spiped
--- a/security/spiped/pkg/spiped.rc
+++ b/security/spiped/pkg/spiped.rc
@ -0,0 +1,21 @@
+#!/bin/sh
+#
+# $OpenBSD: spiped.rc,v 1.1.1.1 2012/11/19 22:14:52 sthen Exp $
+
+daemon="${TRUEPREFIX}/bin/spiped"
+daemon_flags="-D -d -s '[0.0.0.0]:8022' -t '[127.0.0.1]:22' -k ${SYSCONFDIR}/spiped/spiped.key -p /var/run/spiped/spiped.pid"
+daemon_user="_spiped"
+
+. /etc/rc.d/rc.subr
+
+pexp="${daemon}"
+rc_reload=NO
+
+rc_pre() {
+	install -d -o _spiped /var/run/spiped
+	if [ ! -f ${SYSCONFDIR}/spiped/spiped.key ]; then
+		dd if=/dev/urandom bs=32 count=1 of=${SYSCONFDIR}/spiped/spiped.key
+	fi
+}
+
+rc_cmd $1