4 files changed, 112 insertions, 0 deletions

diff --git a/sysutils/spiped/Makefile b/sysutils/spiped/Makefile
new file mode 100644
index 000000000000..39f0efafa134
--- /dev/null
+++ b/sysutils/spiped/Makefile
@@ -0,0 +1,21 @@
+# New ports collection makefile for:		spiped secure pipe daemon
+# Date created:					2011-08-18
+# Whom:						Colin Percival
+#
+# $FreeBSD$
+#
+
+PORTNAME=	spiped
+PORTVERSION=	1.0.0
+CATEGORIES=	sysutils security
+MASTER_SITES=	http://www.tarsnap.com/spiped/
+EXTRACT_SUFX=	.tgz
+
+MAINTAINER=	cperciva@tarsnap.com
+COMMENT=	Daemon for creating secure symmetric pipes
+
+PLIST_FILES=	bin/spiped
+
+USE_RC_SUBR=	spiped
+
+.include <bsd.port.mk>
diff --git a/sysutils/spiped/distinfo b/sysutils/spiped/distinfo
new file mode 100644
index 000000000000..b2582826e9a7
--- /dev/null
+++ b/sysutils/spiped/distinfo
@@ -0,0 +1,2 @@
+SHA256 (spiped-1.0.0.tgz) = 82df05533bf8d8580f57e6dbec7d7e2966eabd3ea7a0a0bb06f87000947969a3
+SIZE (spiped-1.0.0.tgz) = 46684
diff --git a/sysutils/spiped/files/spiped.in b/sysutils/spiped/files/spiped.in
new file mode 100644
index 000000000000..a6860d28c66c
--- /dev/null
+++ b/sysutils/spiped/files/spiped.in
@@ -0,0 +1,78 @@
+#!/bin/sh
+
+# $FreeBSD$
+#
+# PROVIDE: spiped
+# REQUIRE: LOGIN
+# KEYWORD: shutdown
+#
+# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
+# to enable this service:
+#
+# spiped_enable:	Set to YES to enable spiped.
+# spiped_pipes:		List of names of pipes to create.
+# spiped_pipe_X_mode:	"encrypt"/"client" or "decrypt"/"server".
+# spiped_pipe_X_source: Source address of pipe X.
+# spiped_pipe_X_target:	Target address of pipe X.
+# spiped_pipe_X_key:	Key file for pipe X.
+
+. /etc/rc.subr
+
+name="spiped"
+rcvar=${name}_enable
+
+load_rc_config $name
+
+: ${spiped_enable="NO"}
+
+command=%%PREFIX%%/bin/${name}
+start_cmd="${name}_start"
+stop_cmd="${name}_stop"
+
+spiped_start()
+{
+	local P PIDFILE MODE SOURCE TARGET KEY MODEFLAG
+
+	for P in ${spiped_pipes}; do
+		PIDFILE=/var/run/spiped_${P}.pid
+		eval MODE=\$spiped_pipe_${P}_mode
+		eval SOURCE=\$spiped_pipe_${P}_source
+		eval TARGET=\$spiped_pipe_${P}_target
+		eval KEY=\$spiped_pipe_${P}_key
+		case "$MODE" in
+		encrypt | client)
+			MODEFLAG="-e"
+			;;
+		decrypt | server)
+			MODEFLAG="-d"
+			;;
+		*)
+			echo Invalid value for spiped_pipe_${P}_mode: $MODE
+			continue
+		esac
+		${command} $MODEFLAG -s $SOURCE -t $TARGET -k $KEY -p $PIDFILE
+	done
+}
+
+spiped_stop()
+{
+	local P PIDFILE
+
+	for P in ${spiped_pipes}; do
+		PIDFILE=/var/run/spiped_${P}.pid
+		if [ -f $PIDFILE ] ; then
+			rc_pid=$(check_pidfile $PIDFILE $command)
+		fi
+		if [ -z "$rc_pid" ]; then
+			[ -n "$rc_fast" ] && return 0
+			_run_rc_notrunning
+			return 1
+		fi
+		echo "Stopping ${name}."
+		kill $sig_stop $rc_pid
+		wait_for_pids $rc_pid
+		rm $PIDFILE
+	done
+}
+
+run_rc_command "$1"
diff --git a/sysutils/spiped/pkg-descr b/sysutils/spiped/pkg-descr
new file mode 100644
index 000000000000..815a668ce2d5
--- /dev/null
+++ b/sysutils/spiped/pkg-descr
@@ -0,0 +1,11 @@
+Spiped (pronounced "ess-pipe-dee") is a utility for creating symmetrically
+encrypted and authenticated pipes between socket addresses, so that one may
+connect to one address (e.g., a UNIX socket on localhost) and transparently
+have a connection established to another address (e.g., a UNIX socket on a
+different system). This is similar to 'ssh -L' functionality, but does not
+use SSH and requires a pre-shared symmetric key. 
+
+WWW: http://www.tarsnap.com/spiped.html
+
+- Colin Percival
+cperciva@tarsnap.com