head	1.14;
access;
symbols
	pkgsrc-2026Q2:1.14.0.8
	pkgsrc-2026Q2-base:1.14
	pkgsrc-2026Q1:1.14.0.6
	pkgsrc-2026Q1-base:1.14
	pkgsrc-2025Q4:1.14.0.4
	pkgsrc-2025Q4-base:1.14
	pkgsrc-2025Q3:1.14.0.2
	pkgsrc-2025Q3-base:1.14
	pkgsrc-2025Q2:1.12.0.2
	pkgsrc-2025Q2-base:1.12
	pkgsrc-2025Q1:1.10.0.4
	pkgsrc-2025Q1-base:1.10
	pkgsrc-2024Q4:1.10.0.2
	pkgsrc-2024Q4-base:1.10
	pkgsrc-2024Q3:1.9.0.8
	pkgsrc-2024Q3-base:1.9
	pkgsrc-2024Q2:1.9.0.6
	pkgsrc-2024Q2-base:1.9
	pkgsrc-2024Q1:1.9.0.4
	pkgsrc-2024Q1-base:1.9
	pkgsrc-2023Q4:1.9.0.2
	pkgsrc-2023Q4-base:1.9
	pkgsrc-2023Q3:1.8.0.16
	pkgsrc-2023Q3-base:1.8
	pkgsrc-2023Q2:1.8.0.14
	pkgsrc-2023Q2-base:1.8
	pkgsrc-2023Q1:1.8.0.12
	pkgsrc-2023Q1-base:1.8
	pkgsrc-2022Q4:1.8.0.10
	pkgsrc-2022Q4-base:1.8
	pkgsrc-2022Q3:1.8.0.8
	pkgsrc-2022Q3-base:1.8
	pkgsrc-2022Q2:1.8.0.6
	pkgsrc-2022Q2-base:1.8
	pkgsrc-2022Q1:1.8.0.4
	pkgsrc-2022Q1-base:1.8
	pkgsrc-2021Q4:1.8.0.2
	pkgsrc-2021Q4-base:1.8
	pkgsrc-2021Q3:1.6.0.6
	pkgsrc-2021Q3-base:1.6
	pkgsrc-2021Q2:1.6.0.4
	pkgsrc-2021Q2-base:1.6
	pkgsrc-2021Q1:1.6.0.2
	pkgsrc-2021Q1-base:1.6
	pkgsrc-2020Q4:1.3.0.2
	pkgsrc-2020Q4-base:1.3;
locks; strict;
comment	@# @;


1.14
date	2025.07.11.21.16.20;	author schmonz;	state Exp;
branches;
next	1.13;
commitid	JMNxSbVWpQPQbn2G;

1.13
date	2025.07.08.21.17.06;	author schmonz;	state Exp;
branches;
next	1.12;
commitid	K8HWzbUwyzY5iZ1G;

1.12
date	2025.06.04.13.29.32;	author schmonz;	state Exp;
branches;
next	1.11;
commitid	BBMLFQtTRe6sNzXF;

1.11
date	2025.05.13.03.50.51;	author schmonz;	state Exp;
branches;
next	1.10;
commitid	gLYWKkV5nWMLiHUF;

1.10
date	2024.11.14.14.12.48;	author schmonz;	state Exp;
branches;
next	1.9;
commitid	nm2YMnKkvFgRwCxF;

1.9
date	2023.11.11.11.57.20;	author schmonz;	state Exp;
branches;
next	1.8;
commitid	eZ9eAhHyShmLDbME;

1.8
date	2021.12.22.16.07.04;	author schmonz;	state Exp;
branches;
next	1.7;
commitid	bmi6DsLJqgCxaFlD;

1.7
date	2021.09.29.09.56.36;	author schmonz;	state Exp;
branches;
next	1.6;
commitid	IpJ4bHOrGvkROPaD;

1.6
date	2021.02.04.09.16.45;	author schmonz;	state Exp;
branches;
next	1.5;
commitid	F2G7ax1qbKWudnGC;

1.5
date	2021.01.22.16.20.38;	author schmonz;	state Exp;
branches;
next	1.4;
commitid	C61g8fiEEuKPYJEC;

1.4
date	2021.01.11.18.31.10;	author schmonz;	state Exp;
branches;
next	1.3;
commitid	HqDoofA2VBRw3lDC;

1.3
date	2020.11.24.08.33.12;	author schmonz;	state Exp;
branches;
next	1.2;
commitid	LAjtjibjp8l3i7xC;

1.2
date	2020.11.22.11.33.22;	author schmonz;	state Exp;
branches;
next	1.1;
commitid	BV5bbYsg6FoQlSwC;

1.1
date	2020.11.19.20.12.54;	author schmonz;	state Exp;
branches;
next	;
commitid	nA7JRr299NrJjxwC;


desc
@@


1.14
log
@s6-networking: change default options. Bump PKGREVISION.

Instead of BearSSL, link with OpenSSL by default. The 'bearssl' option
is still present and 'libressl' is now available too.

Remove the transitional 'tls' option mapping.

While here, remove s6-pkgsrc-cadir. pkgsrc doesn't have a clear
library-independent notion of its "SSL cert directory", so we can't
helpfully tell clients (or servers that want to validate client certs)
where to find it.
@
text
@@@comment $NetBSD: PLIST,v 1.13 2025/07/08 21:17:06 schmonz Exp $
bin/proxy-server
bin/s6-clockadd
bin/s6-clockview
bin/s6-getservbyname
bin/s6-ident-client
bin/s6-sntpclock
bin/s6-taiclock
bin/s6-taiclockd
bin/s6-tcpclient
bin/s6-tcpserver
bin/s6-tcpserver-access
bin/s6-tcpserver-socketbinder
bin/s6-tcpserverd
${PLIST.tls}bin/s6-tlsc
${PLIST.tls}bin/s6-tlsc-io
${PLIST.tls}bin/s6-tlsclient
${PLIST.tls}bin/s6-tlsd
${PLIST.tls}bin/s6-tlsd-io
${PLIST.tls}bin/s6-tlsserver
${PLIST.tls}bin/s6-ucspitlsc
${PLIST.tls}bin/s6-ucspitlsd
include/s6-networking/config.h
include/s6-networking/ident.h
include/s6-networking/s6net.h
include/s6-networking/sbearssl.h
include/s6-networking/stls.h
lib/libs6net.la
${PLIST.bearssl}lib/libsbearssl.la
${PLIST.libtls}lib/libstls.la
lib/pkgconfig/libs6net.pc
${PLIST.bearssl}lib/pkgconfig/libsbearssl.pc
${PLIST.libtls}lib/pkgconfig/libstls.pc
man/man7/s6-tls.7
man/man8/s6-clockadd.8
man/man8/s6-clockview.8
man/man8/s6-getservbyname.8
man/man8/s6-ident-client.8
man/man8/s6-sntpclock.8
man/man8/s6-taiclock.8
man/man8/s6-taiclockd.8
man/man8/s6-tcpclient.8
man/man8/s6-tcpserver-access.8
man/man8/s6-tcpserver-socketbinder.8
man/man8/s6-tcpserver.8
man/man8/s6-tcpserverd.8
man/man8/s6-tlsc-io.8
man/man8/s6-tlsc.8
man/man8/s6-tlsclient.8
man/man8/s6-tlsd-io.8
man/man8/s6-tlsd.8
man/man8/s6-tlsserver.8
man/man8/s6-ucspitlsc.8
man/man8/s6-ucspitlsd.8
@


1.13
log
@s6-networking: build from git to get macOS shlibs. Bump PKGREVISION.

Other changes from the next release-to-be:

- Add proxy-server
@
text
@d1 1
a1 1
@@comment $NetBSD: PLIST,v 1.12 2025/06/04 13:29:32 schmonz Exp $
a6 1
${PLIST.tls}bin/s6-pkgsrc-cadir
@


1.12
log
@s6-networking: enable openssl option, off by default.
@
text
@d1 2
a2 1
@@comment $NetBSD: PLIST,v 1.11 2025/05/13 03:50:51 schmonz Exp $
d29 3
a31 3
lib/libs6net.a
${PLIST.bearssl}lib/libsbearssl.a
${PLIST.libtls}lib/libstls.a
@


1.11
log
@s6-networking: update to 2.7.1.0. Changes:

- Bugfixes.
- pkg-config support.

pkgsrc changes:

- Enable execline option by default.
@
text
@d1 1
a1 1
@@comment $NetBSD: PLIST,v 1.10 2024/11/14 14:12:48 schmonz Exp $
d29 2
a30 1
${PLIST.tls}lib/libsbearssl.a
d32 2
a33 1
${PLIST.tls}lib/pkgconfig/libsbearssl.pc
@


1.10
log
@s6-networking: update to 2.7.0.4. Changes:

- Bugfixes.
- If you're using s6-tcpserver-access with IPv6 addresses, you should
  upgrade the s6 package (and rebuild s6-networking if you're linking it
  statically against libs6).
- QoL: s6-tcpclient now does not qualify its argument by default (the
  default changes from -n to -N), to avoid confusion when users give a
  fqdn without a final dot.
@
text
@d1 1
a1 1
@@comment $NetBSD: PLIST,v 1.9 2023/11/11 11:57:20 schmonz Exp $
d30 2
@


1.9
log
@s6-networking: update to 2.6.0.0. Changes:

- Bugfixes.
- s6-tcpserver has been unified! no ipv4 and ipv6 separation anymore.
   * The only programs in the superserver chain are now s6-tcpserver,
     s6-tcpserver-socketbinder, and s6-tcpserverd.
   * s6-tcpserver-access still exists, should now run under s6-tcpserverd,
     still invoked once per connection. Doesn't spam the log anymore when
     invoked with no ruleset.
   * Options -4 and -6 removed from s6-tcpserver and s6-tlsserver.
     Protocol detection happens when the cmdline address is scanned.
   * Option -e removed from s6-tlsserver. It should now always invoke
     s6-tcpserver-access when needed (and only then).
- Major performance improvements. s6-tcpserverd does not fork on systems
  that support posix_spawn. Also, its lookups are now logarithmic
  instead of linear (which only matters on *heavy* loads).
@
text
@d1 1
a1 1
@@comment $NetBSD$
d28 2
a29 2
lib/s6-networking/libs6net.a
${PLIST.tls}lib/s6-networking/libsbearssl.a
@


1.8
log
@Update to 2.5.1.0. From the changelog:

- SNI wildcarding support in s6-tlsd-io.
- New sbearssl_*_set_tain(n)_g convenience macros.
- Bugfixes.
@
text
@d13 2
a14 6
bin/s6-tcpserver4
bin/s6-tcpserver4-socketbinder
bin/s6-tcpserver4d
bin/s6-tcpserver6
bin/s6-tcpserver6-socketbinder
bin/s6-tcpserver6d
d40 1
d42 1
a42 6
man/man8/s6-tcpserver4-socketbinder.8
man/man8/s6-tcpserver4.8
man/man8/s6-tcpserver4d.8
man/man8/s6-tcpserver6-socketbinder.8
man/man8/s6-tcpserver6.8
man/man8/s6-tcpserver6d.8
@


1.7
log
@Update to 2.5.0.0. From the changelog:

- Adaptation to skalibs-2.11.0.0.
- minidentd removed.
- Full client certificate support.
- Full SNI support, including server-side.
- s6-ucspitls[cd] -v2 now logs whether TLS is activated or not.

Complete client certificate and SNI support now make the TLS part of
s6-networking a fully viable replacement of stunnel and other similar
TLS tunneling tools.
@
text
@d1 1
a1 1
@@comment $NetBSD: PLIST,v 1.6 2021/02/04 09:16:45 schmonz Exp $
a33 24
man/man1/s6-clockadd.1
man/man1/s6-clockview.1
man/man1/s6-getservbyname.1
man/man1/s6-ident-client.1
man/man1/s6-sntpclock.1
man/man1/s6-taiclock.1
man/man1/s6-taiclockd.1
man/man1/s6-tcpclient.1
man/man1/s6-tcpserver-access.1
man/man1/s6-tcpserver.1
man/man1/s6-tcpserver4-socketbinder.1
man/man1/s6-tcpserver4.1
man/man1/s6-tcpserver4d.1
man/man1/s6-tcpserver6-socketbinder.1
man/man1/s6-tcpserver6.1
man/man1/s6-tcpserver6d.1
man/man1/s6-tlsc-io.1
man/man1/s6-tlsc.1
man/man1/s6-tlsclient.1
man/man1/s6-tlsd-io.1
man/man1/s6-tlsd.1
man/man1/s6-tlsserver.1
man/man1/s6-ucspitlsc.1
man/man1/s6-ucspitlsd.1
d35 24
@


1.6
log
@Add manual pages. Bump PKGREVISION.
@
text
@d1 1
a1 2
@@comment $NetBSD: PLIST,v 1.5 2021/01/22 16:20:38 schmonz Exp $
bin/minidentd
a33 1
man/man1/minidentd.1
@


1.5
log
@LibreTLS + OpenSSL isn't working well for me yet. Switch back to BearSSL
for now, riding recent PKGREVISION bump.
@
text
@d1 1
a1 1
@@comment $NetBSD: PLIST,v 1.4 2021/01/11 18:31:10 schmonz Exp $
d35 26
@


1.4
log
@Update to 2.4.0.0. From the changelog:

- Can be built against OpenSSL + libretls.
- execline is now optional.
- s6-tlsc and s6-tlsd rewrite. They're now wrappers around new
  binaries: s6-tlsc-io and s6-tlsd-io, which establish and run a
  TLS tunnel over already existing fds.
- New functionality: s6-ucspitlsc and s6-ucspitlsd, for an
  implementation of delayed encryption.

pkgsrc changes:

- Switch from BearSSL to LibreTLS (atop OpenSSL).
- Turn 'execline' option off by default.
@
text
@d1 1
a1 1
@@comment $NetBSD$
d34 1
a34 1
${PLIST.tls}lib/s6-networking/libstls.a
@


1.3
log
@s6 TLS tools don't use OpenSSL, but do need to know where to find CA
certs. Buildlink just enough OpenSSL to read SSLDIR, then install a new
s6-pkgsrc-cadir program that knows it. Bump PKGREVISION.
@
text
@d1 1
a1 1
@@comment $NetBSD: PLIST,v 1.2 2020/11/22 11:33:22 schmonz Exp $
d7 1
a7 1
bin/s6-pkgsrc-cadir
d21 1
d24 1
d26 2
d34 1
a34 1
${PLIST.tls}lib/s6-networking/libsbearssl.a
@


1.2
log
@Add --enable-absolute-paths, as these programs need to invoke each other
while often running in freshly cleared environments. Bump PKGREVISION.

While here, make TLS (via BearSSL) optional, still on by default.
@
text
@d1 1
a1 1
@@comment $NetBSD: PLIST,v 1.1 2020/11/19 20:12:54 schmonz Exp $
d7 1
@


1.1
log
@Initial import of s6-networking, a suite of small networking tools for
Unix systems. It includes command-line client and server management, TCP
access control, privilege escalation across UNIX domain sockets, IDENT
protocol management, clock synchronization, and secure connections using
the TLS protocol.
@
text
@d1 1
a1 1
@@comment $NetBSD$
d19 4
a22 4
bin/s6-tlsc
bin/s6-tlsclient
bin/s6-tlsd
bin/s6-tlsserver
d29 1
a29 1
lib/s6-networking/libsbearssl.a
@