diff options
author | jym <jym@pkgsrc.org> | 2013-01-08 23:45:39 +0000 |
---|---|---|
committer | jym <jym@pkgsrc.org> | 2013-01-08 23:45:39 +0000 |
commit | 0ead76b387dc878d3a6f631dd506e3c882ac04be (patch) | |
tree | 44bcda95985c78b59d24f283573c844acb6f5082 /security/stunnel | |
parent | fd3641d8e6769b03aa0816ad979b5f925a6e0ce5 (diff) | |
download | pkgsrc-0ead76b387dc878d3a6f631dd506e3c882ac04be.tar.gz |
Update to 4.54. Changelog:
New Win32 features
FIPS module updated to version 2.0.
OpenSSL DLLs updated to version 1.0.1c.
zlib DLL updated to version 1.2.7.
Engine DLLs added: 4758cca, aep, atalla, capi, chil, cswift, gmp, gost, nuron, padlock, sureware, ubsec.
Other new features
"session" option renamed to more readable "sessionCacheTimeout". The old name remains accepted for backward compatibility.
New service-level "sessionCacheSize" option to control session cache size.
New service-level option "reset" to control whether TCP RST flag is used to indicate errors. The default value is "reset = yes".
New service-level option "renegotiation" to disable SSL renegotiation. This feature is based on a public-domain patch by Janusz Dziemidowicz.
New FreeBSD socket options: IP_FREEBIND, IP_BINDANY, IPV6_BINDANY (thx to Janusz Dziemidowicz).
New parameters to configure TLS v1.1/v1.2 with OpenSSL version 1.0.1 or higher (thx to Henrik Riomar).
Bugfixes
Fixed "Application Failed to Initialize Properly (0xc0150002)" error.
Fixed missing SSL state debug log entries.
Fixed a race condition in libwrap code resulting in random stalls (thx to Andrew Skalski).
Session cache purged at configuration file reload to reduce memory leak. Remaining leak of a few kilobytes per section is yet to be fixed.
Fixed regression bug in "transparent = destination" functionality (thx to Stefan Lauterbach). This bug was introduced in stunnel 4.51.
"transparent = destination" is now a valid endpoint in inetd mode.
"delay = yes" fixed to work even if specified *after* "connect" option.
Multiple "connect" targets fixed to also work with delayed resolver.
The number of resolver retries of EAI_AGAIN error has been limited to 3 in order to prevent infinite loops.
Fix some directory owner/group rights and take over maintainership as I
use it almost daily.
Diffstat (limited to 'security/stunnel')
-rw-r--r-- | security/stunnel/Makefile | 20 | ||||
-rw-r--r-- | security/stunnel/distinfo | 8 |
2 files changed, 14 insertions, 14 deletions
diff --git a/security/stunnel/Makefile b/security/stunnel/Makefile index 1662d3efcb3..ddbd93f5503 100644 --- a/security/stunnel/Makefile +++ b/security/stunnel/Makefile @@ -1,11 +1,11 @@ -# $NetBSD: Makefile,v 1.79 2012/10/23 18:17:00 asau Exp $ +# $NetBSD: Makefile,v 1.80 2013/01/08 23:45:39 jym Exp $ -DISTNAME= stunnel-4.53 +DISTNAME= stunnel-4.54 PKGREVISION= 1 CATEGORIES= security MASTER_SITES= ftp://ftp.stunnel.org/stunnel/ -MAINTAINER= pkgsrc-users@NetBSD.org +MAINTAINER= jym@NetBSD.org HOMEPAGE= http://www.stunnel.org/ COMMENT= Universal SSL tunnel LICENSE= gnu-gpl-v2 @@ -15,8 +15,6 @@ USE_LIBTOOL= yes GNU_CONFIGURE= yes CONFIGURE_ARGS+= --localstatedir=${VARBASE} CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR} -CONFIGURE_ARGS+= --with-cert-dir=${SSLCERTS:Q} -CONFIGURE_ARGS+= --with-pem-dir=${SSLCERTS:Q} CONFIGURE_ARGS+= --with-ssl=${SSLBASE:Q} .include "../../mk/bsd.prefs.mk" @@ -29,11 +27,12 @@ PKG_GROUPS= ${STUNNEL_GROUP} USER_GROUP= ${STUNNEL_USER} ${STUNNEL_GROUP} PKG_SYSCONFSUBDIR= stunnel -PKG_SYSCONFDIR_PERMS= ${USER_GROUP} 0700 +PKG_SYSCONFDIR_PERMS= ${ROOT_USER} ${STUNNEL_GROUP} 0750 -OWN_DIRS_PERMS= ${PKG_HOME} ${USER_GROUP} 0700 -CONF_FILES_PERMS+= ${PREFIX}/share/examples/stunnel/stunnel.conf-sample \ - ${PKG_SYSCONFDIR}/stunnel.conf ${USER_GROUP} 0644 +OWN_DIRS= ${PKG_HOME}/certs ${PKG_HOME}/crls +OWN_DIRS_PERMS= ${PKG_HOME}/pid ${USER_GROUP} 0750 +CONF_FILES+= ${PREFIX}/share/examples/stunnel/stunnel.conf-sample \ + ${PKG_SYSCONFDIR}/stunnel.conf RCD_SCRIPTS= stunnel @@ -47,11 +46,12 @@ SUBST_FILES.chroot= tools/stunnel.conf-sample.in SUBST_SED.chroot+= -e 's|@prefix@/var/lib|@localstatedir@/chroot|' SUBST_CLASSES+= stunnel -SUBST_MESSAGE.stunnel= Fix user and group +SUBST_MESSAGE.stunnel= Fix user, group and pid SUBST_STAGE.stunnel= post-configure SUBST_FILES.stunnel= tools/stunnel.conf-sample SUBST_SED.stunnel= -e 's|setuid = nobody|setuid = ${STUNNEL_USER}|' SUBST_SED.stunnel+= -e 's|setgid = nogroup|setgid = ${STUNNEL_GROUP}|' +SUBST_SED.stunnel+= -e 's|pid = /stunnel.pid|pid = /pid/stunnel.pid|' .include "options.mk" diff --git a/security/stunnel/distinfo b/security/stunnel/distinfo index c63b58ec108..74f9396aa4c 100644 --- a/security/stunnel/distinfo +++ b/security/stunnel/distinfo @@ -1,7 +1,7 @@ -$NetBSD: distinfo,v 1.35 2012/04/16 16:55:21 ryoon Exp $ +$NetBSD: distinfo,v 1.36 2013/01/08 23:45:40 jym Exp $ -SHA1 (stunnel-4.53.tar.gz) = c167833c23fde388db697bd3edb4444aff0e449e -RMD160 (stunnel-4.53.tar.gz) = 4c3fe3c7ca3d65e6f9ad21e330a48beb291d9e4b -Size (stunnel-4.53.tar.gz) = 529720 bytes +SHA1 (stunnel-4.54.tar.gz) = e9e6414c699e81b0bd029f5b6ae018bb5e320bbd +RMD160 (stunnel-4.54.tar.gz) = c6889fda88f9987ba7a96476d29e7072668fa46d +Size (stunnel-4.54.tar.gz) = 535202 bytes SHA1 (patch-aa) = 0e57d4fa383dad7891795073d1f6b5075715b346 SHA1 (patch-ac) = 43521a88606981bc55dd94043d52b1a16f08e583 |