zirias@
Developer
Edit 2023-05-02: Port is now created: security/tlsc
---
So, once again, I wrote a tiny piece of software for my own needs. It's a little daemon that can listen on (plain, unencrypted) sockets and "forward" clients to some TLS-enabled service.
Background is that I was fed up with security/stunnel. That's because I use libressl, and the stunnel author seems to really hate it (well, search the web for that). I maintained patches locally for years now, making it work with libressl nevertheless. And ever so often, some update breaks them. Therefore, I've finally had enough and implemented something myself for my own specific usecase.
I called it tlsc, the "TLS connect daemon". See: https://github.com/Zirias/tlsc
It only implements a fraction of what stunnel can do. It doesn't offer any TLS-related options but just uses whatever the SSL library defaults to. All I added was the ability to use a client certificate (because I already had that code from another project where I needed it). It doesn't implement one key feature of stunnel: offering a TLS-enabled service itself, backed by a plain unencrypted service. And I have no plans to add that because I don't need it myself.
I did already create a little port including an rc-script, also for my own needs.
Now simple question: Does anyone have a use case for such a simple tool? IOW, should I add it to the official tree?
---
So, once again, I wrote a tiny piece of software for my own needs. It's a little daemon that can listen on (plain, unencrypted) sockets and "forward" clients to some TLS-enabled service.
Background is that I was fed up with security/stunnel. That's because I use libressl, and the stunnel author seems to really hate it (well, search the web for that). I maintained patches locally for years now, making it work with libressl nevertheless. And ever so often, some update breaks them. Therefore, I've finally had enough and implemented something myself for my own specific usecase.
I called it tlsc, the "TLS connect daemon". See: https://github.com/Zirias/tlsc
It only implements a fraction of what stunnel can do. It doesn't offer any TLS-related options but just uses whatever the SSL library defaults to. All I added was the ability to use a client certificate (because I already had that code from another project where I needed it). It doesn't implement one key feature of stunnel: offering a TLS-enabled service itself, backed by a plain unencrypted service. And I have no plans to add that because I don't need it myself.
I did already create a little port including an rc-script, also for my own needs.
Now simple question: Does anyone have a use case for such a simple tool? IOW, should I add it to the official tree?
Last edited: