Add sst 1.0, a simple SSL tunneling tool that uses netcat.

PR:		22671
Submitted by:	Mikhail Teterin <mi@aldan.algebra.com>

8 files changed, 88 insertions, 0 deletions

diff --git a/security/Makefile b/security/Makefile
index 1b3b75d..81aec04 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -115,6 +115,7 @@
     SUBDIR += ssh2
     SUBDIR += sslproxy
     SUBDIR += sslwrap
+    SUBDIR += sst
     SUBDIR += strobe
     SUBDIR += stunnel
     SUBDIR += sudo
diff --git a/security/sst/Makefile b/security/sst/Makefile
new file mode 100644
index 0000000..d23cbd3
--- /dev/null
+++ b/security/sst/Makefile
@@ -0,0 +1,24 @@
+# New ports collection makefile for:	sst
+# Date created:		Nov 7, 2000
+# Whom:			Mikhail Teterin <mi@aldan.algebra.com>
+#
+# $FreeBSD$
+#
+
+PORTNAME=	sst
+PORTVERSION=	1.0
+CATEGORIES=	security
+MASTER_SITES=	http://utcc.utoronto.ca/~pkern/stuff/sst/
+DISTNAME=	${PORTNAME}
+
+MAINTAINER=	mi@aldan.algebra.com
+
+RUN_DEPENDS=	nc:${PORTSDIR}/net/netcat
+
+USE_OPENSSL=	YES
+MAN1=		sst.1
+MANCOMPRESSED=	maybe
+
+MAKEFILE=	${FILESDIR}/Makefile
+
+.include <bsd.port.mk>
diff --git a/security/sst/distinfo b/security/sst/distinfo
new file mode 100644
index 0000000..1793af2
--- /dev/null
+++ b/security/sst/distinfo
@@ -0,0 +1 @@
+MD5 (sst.tar.gz) = cb1a2290ab0554381c778d147bab4dd7
diff --git a/security/sst/files/Makefile b/security/sst/files/Makefile
new file mode 100644
index 0000000..be39899
--- /dev/null
+++ b/security/sst/files/Makefile
@@ -0,0 +1,13 @@
+# $FreeBSD$
+
+PROG=sst
+
+BINDIR=${PREFIX}/sbin
+MANDIR=${PREFIX}/man/man
+
+CFLAGS+=	-DCONFDIR='"${OPENSSLDIR}"' -DCERTF='"certs/sst.pem"' \
+		-DNETCAT='"${PREFIX}/bin/nc"' -I${OPENSSLINC}
+
+LDADD+=	-L${OPENSSLLIB} -lssl -lcrypto
+
+.include <bsd.prog.mk>
diff --git a/security/sst/files/patch-sst.c b/security/sst/files/patch-sst.c
new file mode 100644
index 0000000..c42f282
--- /dev/null
+++ b/security/sst/files/patch-sst.c
@@ -0,0 +1,24 @@
+--- sst.c	Thu May  4 14:47:28 2000
++++ sst.c.new	Sun Dec 31 04:49:43 2000
+@@ -609,8 +609,8 @@
+ 			SHOW_info1("client cert subject: %s", subj);
+ 			SHOW_info1("client cert issuer: %s", issu);
+ 
+-			Free(subj);
+-			Free(issu);
++			free(subj);
++			free(issu);
+     
+ 			/*
+ 			 * XXX ...
+@@ -699,8 +699,8 @@
+ 		SHOW_info1("server cert subject: %s", subj);
+ 		SHOW_info1("server cert issuer: %s", issu);
+ 
+-		Free(subj);
+-		Free(issu);
++		free(subj);
++		free(issu);
+ 
+ 		/*
+ 		 * XXX ...
diff --git a/security/sst/pkg-comment b/security/sst/pkg-comment
new file mode 100644
index 0000000..b6c7a83
--- /dev/null
+++ b/security/sst/pkg-comment
@@ -0,0 +1 @@
+A simple SSL tunneling tool (uses netcat)
diff --git a/security/sst/pkg-descr b/security/sst/pkg-descr
new file mode 100644
index 0000000..0c5098e
--- /dev/null
+++ b/security/sst/pkg-descr
@@ -0,0 +1,23 @@
+Sst  can  be used to connect to SSL-encrypted network ser-
+vices or it can be used as an  SSL  front-end  to  network
+servers.   Sst  can  be used interactively, or in an inetd
+setting, or it can be embedded inside other programs  (eg.
+Amanda).
+
+
+One of the main goals of sst is to be as basic as possible
+so in most non-embedded cases sst uses netcat to setup the
+networking  I/O.  Sst uses a socketpair(2) pipe to stay in
+contact with its netcat child process.  In  this  way  sst
+only has to concern itself with file descriptors.
+
+In the embedded mode sst expects the parent program to set
+up the networking I/O and to provide the appropriate  file
+descriptors.   In  embedded client mode ("-c"), clear data
+is read from (or written to) stdin  (fildes  0)  and  SSL-
+encrypted data is read from (or written to) stdout (fildes
+1).  In embedded server mode ("-s"), SSL-encrypted data is
+read  from  (or written to) stdin and clear data read from
+(or written to) stdout.
+
+WWW: http://utcc.utoronto.ca/~pkern/stuff/sst/
diff --git a/security/sst/pkg-plist b/security/sst/pkg-plist
new file mode 100644
index 0000000..4fc5cfc
--- /dev/null
+++ b/security/sst/pkg-plist
@@ -0,0 +1 @@
+sbin/sst