Hi, I've attached updates to uwebsockets, usockets and purritobin
Additions to www/purritobin - auto cleaning of pastes - web portal for pasting - in-built http server, good for tiny pastes and testing setups - http header manipulation depends on a new port databases/lmdbxx, which is attached as tgz. (hope thunderbird doesn't mangle this) Thanks, Aisha diff --git a/net/usockets/Makefile b/net/usockets/Makefile index a484c23f93a..7fa566c8777 100644 --- a/net/usockets/Makefile +++ b/net/usockets/Makefile @@ -3,38 +3,35 @@ COMMENT = eventing, networking & crypto for async applications CATEGORIES = net-VERSION = 0.6.0
-REVISION = 1 +VERSION = 0.7.1DISTNAME = usockets-${VERSION}
PKGNAME = ${DISTNAME:L}
-SHARED_LIBS = usockets 1.0
+SHARED_LIBS = usockets 1.1GH_ACCOUNT = uNetworking
GH_PROJECT = uSockets -#GH_TAGNAME = v0.6.0 -# cstdlib include error -GH_COMMIT = 7683672d87067cd75b854f4e36b9820f4809a4be - +#GH_TAGNAME = v0.7.1 +# socket read/write error +GH_COMMIT = 5440dbac79bd76444175b76ee95dfcade12a6aacMAINTAINER = Aisha Tammy <open...@aisha.cc> # Apache 2.0
PERMIT_PACKAGE = Yes-WANTLIB += ${COMPILER_LIBCXX} crypto ssl uv
+WANTLIB += ${COMPILER_LIBCXX} crypto ssl uv
# C11 C++17
COMPILER = base-clang ports-gccLIB_DEPENDS = devel/libuv -USE_GMAKE = Yes
-MAKE_FLAGS = CFLAGS="${CFLAGS}" CXXFLAGS="${CXXFLAGS}" \
- CC="${CC}" CXX="${CXX}" \
- LIBusockets_VERSION="${LIBusockets_VERSION}"
+MAKE_ENV = LIBusockets_VERSION="${LIBusockets_VERSION}"
NO_TEST = Yes
+FAKE_FLAGS = PREFIX=${TRUEPREFIX}
+ .include <bsd.port.mk> diff --git a/net/usockets/distinfo b/net/usockets/distinfo index 964ba508e9e..ed3dd036b68 100644 --- a/net/usockets/distinfo +++ b/net/usockets/distinfo @@ -1,2 +1,2 @@ -SHA256 (usockets-0.6.0-7683672d.tar.gz) = 0OooGCHD8ezNIcaB1zDPK6RQLGGYGZJb24Vemjlat7c= -SIZE (usockets-0.6.0-7683672d.tar.gz) = 57634 +SHA256 (usockets-0.7.1-5440dbac.tar.gz) = +pfJ3z/KBnpJ3VNxcIvxpwPuQUsJjxIeODxidvn/G3c= +SIZE (usockets-0.7.1-5440dbac.tar.gz) = 62372 diff --git a/net/usockets/patches/patch-Makefile b/net/usockets/patches/patch-Makefile index e718b65a265..6c447bb9d38 100644 --- a/net/usockets/patches/patch-Makefile +++ b/net/usockets/patches/patch-Makefile @@ -6,7 +6,7 @@ remove -flto -O3 Index: Makefile --- Makefile.orig +++ Makefile -@@ -1,60 +1,40 @@ +@@ -1,60 +1,39 @@ -# WITH_OPENSSL=1 enables OpenSSL 1.1+ support or BoringSSL -# For now we need to link with C++ for OpenSSL support, but should be removed with time -ifeq ($(WITH_OPENSSL),1) @@ -30,7 +30,7 @@ Index: Makefile - override CFLAGS += -DLIBUS_USE_LIBUV - override LDFLAGS += -luv -endif -+PREFIX ?= "/usr/local" ++PREFIX ?= /usr/local +LIBDIR ?= "$(PREFIX)/lib" +INCLUDEDIR ?= "$(PREFIX)/include"@@ -39,19 +39,19 @@ Index: Makefile
- override CFLAGS += -DLIBUS_USE_GCD - override LDFLAGS += -framework CoreFoundation -endif -+# OpenBSD specific library version -+LIBTARGET ?= libusockets.so.$(LIBusockets_VERSION) ++PKG_CONFIG ?= pkg-config-# WITH_ASAN builds with sanitizers
-ifeq ($(WITH_ASAN),1) - override CFLAGS += -fsanitize=address -g -- override LDFLAGS += -lasan +- override LDFLAGS += -fsanitize=address -endif -+PKG_CONFIG ?= pkg-config ++LIBTARGET = libusockets.so.$(LIBusockets_VERSION)-override CFLAGS += -std=c11 -Isrc
-override LDFLAGS += uSockets.a -+override LDFLAGS += -lstdc++ -lcrypto -lssl `$(PKG_CONFIG) --libs libuv` ++REQUIRES = libcrypto libssl libuv ++COMMON_FLAGS = -Isrc -DLIBUS_USE_OPENSSL -DLIBUS_USE_LIBUV `$(PKG_CONFIG) --cflags $(REQUIRES)`-# By default we build the uSockets.a static library
-default: @@ -62,37 +62,35 @@ Index: Makefile - $(CXX) $(CXXFLAGS) -std=c++17 -flto -O3 -c src/crypto/*.cpp -endif - $(AR) rvs uSockets.a *.o -+COMMON_FLAGS = -DLIBUS_USE_OPENSSL -DLIBUS_USE_LIBUV -Isrc `$(PKG_CONFIG) --cflags libuv` -+override CFLAGS += $(COMMON_FLAGS) -+override CXXFLAGS += $(COMMON_FLAGS) ++CFLAGS += -std=c11 $(COMMON_FLAGS) ++CXXFLAGS += -std=c++17 $(COMMON_FLAGS) ++LDFLAGS += `$(PKG_CONFIG) --libs $(REQUIRES)`-# Builds all examples
-.PHONY: examples -examples: default - for f in examples/*.c; do $(CC) -flto -O3 $(CFLAGS) -o $$(basename "$$f" ".c") "$$f" $(LDFLAGS); done +all: -+ $(CC) -std=c11 -fPIC $(CFLAGS) -c src/*.c src/eventing/*.c src/crypto/*.c -+ $(CXX) -std=c++17 -fPIC $(CXXFLAGS) -c src/crypto/*.cpp ++ $(CC) $(CFLAGS) -fPIC -c src/*.c src/eventing/*.c src/crypto/*.c ++ $(CXX) $(CXXFLAGS) -fPIC -c src/crypto/*.cpp + $(AR) rvs libusockets.a *.o + $(CC) -shared -o $(LIBTARGET) *.o -Wl,-soname,$(LIBTARGET) $(LDFLAGS) -+ sed -e "s:@PREFIX@:$(PREFIX):" -e "s:@VERSION@:$(LIBusockets_VERSION):" \ -+ libusockets.pc.in > libusockets.pc ++ sed -e "s:@PREFIX@:$(PREFIX):" -e "s:@VERSION@:$(LIBusockets_VERSION):" libusockets.pc.in > libusockets.pc-swift_examples:
- swiftc -O -I . examples/swift_http_server/main.swift uSockets.a -o swift_http_server -+install: -+ install -d "$(LIBDIR)/pkgconfig" "$(INCLUDEDIR)" -+ install -m 644 src/libusockets.h "$(INCLUDEDIR)" -+ install -m 755 $(LIBTARGET) "$(LIBDIR)" -+ install -m 755 libusockets.a "$(LIBDIR)" -+ install -m 644 libusockets.pc "$(LIBDIR)/pkgconfig" ++install: all ++ install -d "$(DESTDIR)$(LIBDIR)/pkgconfig" "$(DESTDIR)$(INCLUDEDIR)" ++ install -m 644 src/libusockets.h "$(DESTDIR)$(INCLUDEDIR)/" ++ install -m 644 $(LIBTARGET) "$(DESTDIR)$(LIBDIR)" ++ install -m 644 libusockets.a "$(DESTDIR)$(LIBDIR)/" ++ install -m 644 libusockets.pc "$(DESTDIR)$(LIBDIR)/pkgconfig/"clean:
rm -f *.o
rm -f *.a
-- rm -rf .certs
+ rm -f *.so
-+ rm -f libusockets.pc
-+
-+.PHONY: all install clean
+ rm -rf .certs
++ rm -f usockets.pc
+
++.PHONY: all clean default install
diff --git a/net/usockets/patches/patch-libusockets_pc_in
b/net/usockets/patches/patch-libusockets_pc_in
index 363646177e9..37a2632a788 100644
--- a/net/usockets/patches/patch-libusockets_pc_in
+++ b/net/usockets/patches/patch-libusockets_pc_in
@@ -1,9 +1,9 @@
-$OpenBSD: patch-libusockets_pc_in,v 1.1 2020/12/11 22:34:51 sthen Exp $
+$OpenBSD$
Index: libusockets.pc.in
--- libusockets.pc.in.orig
+++ libusockets.pc.in
-@@ -0,0 +1,14 @@
+@@ -0,0 +1,13 @@
+prefix=@PREFIX@
+libdir=${prefix}/lib
+includedir=${prefix}/include
@@ -17,4 +17,3 @@ Index: libusockets.pc.in
+Libs: -L${libdir} -lusockets
+Libs.private: -lcrypto -lssl
+Requires.private: libuv
-+
diff --git a/www/purritobin/Makefile b/www/purritobin/Makefile
index 698ca75c722..bde0d254896 100644
--- a/www/purritobin/Makefile
+++ b/www/purritobin/Makefile
@@ -1,12 +1,11 @@
# $OpenBSD $
COMMENT = minimalistic command line pastebin
-PKGNAME = ${DISTNAME:L}
CATEGORIES = www net
GH_ACCOUNT = PurritoBin
GH_PROJECT = PurritoBin -GH_TAGNAME = 0.3.3 +GH_TAGNAME = 0.6.7HOMEPAGE = https://bsd.ac/
MAINTAINER = Aisha Tammy <open...@aisha.cc> @@ -15,24 +14,29 @@ MAINTAINER = Aisha Tammy <open...@aisha.cc> PERMIT_PACKAGE = Yes# uses pledge()
-WANTLIB += ${COMPILER_LIBCXX} c m usockets
+WANTLIB += ${COMPILER_LIBCXX} c lmdb usockets
-# C++2a
+# C++17 COMPILER = base-clang-BUILD_DEPENDS = www/uwebsockets
+MODULES = devel/meson-LIB_DEPENDS = net/usockets
+CXXFLAGS += -I${LOCALBASE}/include
-NO_TEST = Yes
+CONFIGURE_ENV = LDFLAGS="${LDFLAGS} -L${LOCALBASE}/lib"
-post-install:
- ${INSTALL_DATA_DIR} ${PREFIX}/share/purritobin
- ${INSTALL_DATA} ${WRKSRC}/frontend/paste.html \
- ${PREFIX}/share/purritobin
- ${INSTALL_DATA} ${WRKSRC}/clients/POSIX_shell_client.sh \
- ${PREFIX}/share/purritobin
+# ssl tests fail
+#CONFIGURE_ARGS= -Denable_testing=true \
+# -Dtest_shuf=gshuf \
+# -Dtest_seq=gseq
-FAKE_FLAGS = PREFIX=${TRUEPREFIX}
+BUILD_DEPENDS = databases/lmdbxx \ + www/uwebsockets + +LIB_DEPENDS = databases/lmdb \ + net/usockets + +TEST_DEPENDS = net/curl \ + sysutils/coreutils \.include <bsd.port.mk>
diff --git a/www/purritobin/distinfo b/www/purritobin/distinfo
index 71fc842ca7f..ca476eddb8f 100644
--- a/www/purritobin/distinfo
+++ b/www/purritobin/distinfo
@@ -1,2 +1,2 @@
-SHA256 (PurritoBin-0.3.3.tar.gz) = lmjTCXskzvTd8eCKxlGfClbEfk6COuqh90nqHSeQ1wc=
-SIZE (PurritoBin-0.3.3.tar.gz) = 13155
+SHA256 (PurritoBin-0.6.7.tar.gz) = ulpbdPB3lCpfNJRfW/oEqd8yJ0+NNdL4wwGhRuSQWvg=
+SIZE (PurritoBin-0.6.7.tar.gz) = 20461
diff --git a/www/purritobin/pkg/PLIST b/www/purritobin/pkg/PLIST
index c09a1f0e346..e599cd370bc 100644
--- a/www/purritobin/pkg/PLIST
+++ b/www/purritobin/pkg/PLIST
@@ -4,12 +4,13 @@
@rcscript ${RCDIR}/purritobin
@bin bin/purrito
@man man/man1/purrito.1
+share/PurritoBin/
+share/PurritoBin/POSIX_shell_client.sh
+share/PurritoBin/about.html
+share/PurritoBin/index.html
+share/PurritoBin/paste.html
share/doc/pkg-readmes/${PKGSTEM}
@owner _purritobin
@group _purritobin
+@sample /var/db/purritobin/
@sample /var/www/purritobin/
-@owner
-@group
-share/purritobin/
-share/purritobin/POSIX_shell_client.sh
-share/purritobin/paste.html
diff --git a/www/purritobin/pkg/README b/www/purritobin/pkg/README
index 07087bb4492..f05963c0ce0 100644
--- a/www/purritobin/pkg/README
+++ b/www/purritobin/pkg/README
@@ -13,15 +13,18 @@ You need to set at least the following option for PurritoBin
rcctl set purritobin flags -d <domain-name>
-To look at all the possible options and descriptions
+To take a quick look at all the possible options and descriptions purrito -h+For an in-depth explanation
+ man purrito +Exposing a webserver
====================PurritoBin saves all the pastes to a single folder.
-By default it is the folder /var/www/purritobin.
+By default it is the folder ${LOCALSTATEDIR}/www/purritobin.
So it is possible to just expose the folder via httpd(8)
sample httpd(8) configuration
@@ -30,6 +33,10 @@ http_port=80 https_port=443 ext_if=egress+# so that non suffixed paste files are recognized as
+# plain text files
+default type text/plain
+
server "bsd.ac" {
alias "www.bsd.ac"
listen on $ext_if port $http_port
@@ -44,29 +51,97 @@ server "bsd.ac" {
server "bsd.ac" {
alias "www.bsd.ac"
- listen on egress port $https_port
+ listen on $ext_if port $https_port
+ tls {
+ certificate "/etc/ssl/bsd.ac.crt"
+ key "/etc/ssl/private/bsd.ac.key"
+ }
root "/purritobin"
directory index "index.html"
}
+sample nginx(8) configuration
+-----------------------------
+user nginx;
+worker_processes 1;
+error_log /var/log/nginx/error.log warn;
+pid /var/run/nginx.pid;
+
+events {
+ worker_connections 1024;
+}
+
+http {
+ include /etc/nginx/mime.types;
+ default_type text/plain;
+ charset utf-8;
+ log_format main '$remote_addr - $remote_user [$time_local]
"$request" '
+ '$status $body_bytes_sent "$http_referer" '
+ '"$http_user_agent" "$http_x_forwarded_for"';
+ access_log /var/log/nginx/access.log main;
+ sendfile on;
+ keepalive_timeout 65;
+
+ server {
+ listen 80 default_server;
+ location / {
+ return 301 https://$host$request_uri;
+ }
+ location /.well-known/acme-challenge/ {
+ alias /var/www/acme-challenge/;
+ }
+ }
+
+ server {
+ listen 443 ssl;
+ server_name bsd.ac www.bsd.ac;
+
+ ssl_certificate /etc/ssl/bsd.ac.crt;
+ ssl_certificate_key /etc/ssl/private/bsd.ac.key;
+
+ # to allow online paste submission
+ add_header 'Access-Control-Allow-Origin' 'https://bsd.ac:42069';
+
+ root /var/www/purritobin;
+ location /.well-known/acme-challenge/ {
+ alias /var/www/acme-challenge/;
+ }
+ }
+}
+
+
Encrypted pastes
================
The default clients of PurritoBin are installed to
-${PREFIX}/share/purritobin/POSIX_shell_clients.sh
+${PREFIX}/share/purritobin/POSIX_shell_client.sh
To enable server side support for these pastes
make sure that paste.html file located at
${PREFIX}/share/purritobin/paste.html
is available for viewing, typically possible by just
-dumping the file into /var/www/purritobin
+dumping the file into ${LOCALSTATEDIR}/www/purritobin
+
+
+Online pasting through web-portal
+=================================
+
+To paste using the javascript form, the CORS header
+from both the paste server and the http server need to
+allow each other in the "Access-Control-Allow-Origin"
+HTTP header.
+
+An example for setting the CORS header in purrito(1)
+is available in the man page. As httpd(8) does not allow
+setting HTTP headers, relayd(8) can be used as a workaround,
+or the above nginx(8) example can be used.
PF bruteforce blocking
======================-PurritoBin exposes a port using -p <port> (by default: 42069) for
+PurritoBin exposes ports using -p <port> (by default: 42069) for clients to post their pastes. PurritoBin does not enforce any rate limiting for number of pastes at a time as this can be done much better using pf(4) @@ -83,7 +158,7 @@ pass # establish keep-stateblock quick from <bruteforce> -# no more than one connection every 3 seconds
+# no more than 1 connection every 3 seconds
pass in on egress proto tcp from any to any port $purritobin_port \
flags S/SA keep state \
(max-src-conn-rate 1/3, \
@@ -94,20 +169,3 @@ block return in on ! lo0 proto tcp to port 6000:6010
# Port build user does not need network
block return out log proto {tcp udp} user _pbuild
-
-
-Cron job for cleaning
-=====================
-
-PurritoBin leaves the cleaning upto the webmaster.
-Fortunately, due to the simple storage mechanism, you can
-do the cleaning very easily in daily.local
-
-sample daily.local for cron cleanup
------------------------------------
-
-find /var/www/purritobin/ -type f ! -name index.html \
- ! -name paste.html \
- -delete
-
-This clears all pastes which were done during the day.
diff --git a/www/uwebsockets/Makefile b/www/uwebsockets/Makefile
index 98d36ebdb9c..093e5059b02 100644
--- a/www/uwebsockets/Makefile
+++ b/www/uwebsockets/Makefile
@@ -6,7 +6,7 @@ CATEGORIES = www
GH_ACCOUNT = uNetworking
GH_PROJECT = uWebSockets -GH_TAGNAME = v18.17.0 +GH_TAGNAME = v19.2.0MAINTAINER = Aisha Tammy <open...@aisha.cc> @@ -21,9 +21,7 @@ NO_BUILD = Yes
NO_TEST = Yesdo-install:
- ${INSTALL_DATA_DIR} ${PREFIX}/include/uWebSockets/f2
+ ${INSTALL_DATA_DIR} ${PREFIX}/include/uWebSockets
${INSTALL_DATA} ${WRKSRC}/src/*.h ${PREFIX}/include/uWebSockets
- ${INSTALL_DATA} ${WRKSRC}/src/f2/*.hpp \
- ${PREFIX}/include/uWebSockets/f2
.include <bsd.port.mk>
diff --git a/www/uwebsockets/distinfo b/www/uwebsockets/distinfo index 0d9ebdb3b51..18736637663 100644 --- a/www/uwebsockets/distinfo +++ b/www/uwebsockets/distinfo @@ -1,2 +1,2 @@ -SHA256 (uWebSockets-18.17.0.tar.gz) = 4tK9Dlm9a1RCcKo0gAP9SkI5EBW0vw61TgFhrRCPkT8= -SIZE (uWebSockets-18.17.0.tar.gz) = 276629 +SHA256 (uWebSockets-19.2.0.tar.gz) = KVYHUpMJB1S8JDHFNjT5Oh50c5xhOSvmBAyz7SlDDsI= +SIZE (uWebSockets-19.2.0.tar.gz) = 296110 diff --git a/www/uwebsockets/pkg/PLIST b/www/uwebsockets/pkg/PLIST index 93802815df0..80010cdaac8 100644 --- a/www/uwebsockets/pkg/PLIST +++ b/www/uwebsockets/pkg/PLIST @@ -13,6 +13,7 @@ include/uWebSockets/HttpRouter.h include/uWebSockets/Loop.h include/uWebSockets/LoopData.h include/uWebSockets/MessageParser.h +include/uWebSockets/MoveOnlyFunction.h include/uWebSockets/Multipart.h include/uWebSockets/PerMessageDeflate.h include/uWebSockets/ProxyParser.h @@ -26,5 +27,3 @@ include/uWebSockets/WebSocketData.h include/uWebSockets/WebSocketExtensions.h include/uWebSockets/WebSocketHandshake.h include/uWebSockets/WebSocketProtocol.h -include/uWebSockets/f2/ -include/uWebSockets/f2/function2.hpp
lmdbxx.tgz
Description: application/compressed-tar
