On Mon 06/04/2020 10:47, Renaud Allard wrote:
> Hello,
> Here is a port of sniproxy 0.6.0
>
> It does Name-based proxying of HTTPS without decrypting traffic. It's quite
> lighter than some other alternatives when you only need this feature.
>
> Any comments? OK?
Upstream has a branch, which provides OpenBSD-specific bits:
https://github.com/dlundquist/sniproxy/tree/openbsd.
Did you know about this branch? If so, why are your patches better?
Some comments below. Please note that I did not run tested this port.
-COMMENT = Name-based proxying of HTTPS without decrypting traffic
+COMMENT = name-based proxying of HTTPS without decrypting traffic
Comments usually starts lower case.
-DISTNAME = sniproxy
-VERSION = 0.6.0
-PKGNAME = ${DISTNAME}-${VERSION}
-
GH_ACCOUNT = dlundquist
GH_PROJECT = sniproxy
-GH_TAGNAME = ${VERSION}
+GH_TAGNAME = 0.6.0
GH_*-bits will take care of DISTNAME and PKGNAME for you.
BUILD_DEPENDS = net/udns \
devel/libev \
devel/pcre \
- devel/gettext
+ devel/gettext,-tools
'make' errors out in the configure phase complaining about missing
AC-*-goo, which is provided by gettext-tools.
AUTOMAKE_VERSION = 1.16
-CONFIGURE_STYLE = gnu
+CONFIGURE_STYLE = autoreconf
+AUTORECONF = ./autogen.sh
-do-gen:
- cd ${WRKSRC}; ${AUTOCONF_ENV} ./autogen.sh
Instead of defining a do-gen-phase use CONFIGURE_STYLE and AUTORECONF.
-NO_TEST = Yes
sniproxy provides test. I think it makes sense to have a look at the
failing ones:
============================================================================
Testsuite summary for sniproxy 0.6.0
============================================================================
# TOTAL: 22
# PASS: 14
# SKIP: 1
# XFAIL: 0
# FAIL: 7
# XPASS: 0
# ERROR: 0
Does it make sense to add a bit of explanation somewhere that
/etc/sniproxy.conf is expected to be present?
Once build, installed and provided a valid config, I could not get
sniproxy to reload a new configuration using rcctl. Maybe set
'rc_reload=NO' in sniproxy.rc?
No comments:
Post a Comment