diff options
| author | tnn <tnn> | 2008-05-27 11:51:32 +0000 |
|---|---|---|
| committer | tnn <tnn> | 2008-05-27 11:51:32 +0000 |
| commit | 6fa655ce86481a0eb772861e6c684c8867e0d6bc (patch) | |
| tree | 8e4eb2940f56cf6f7ca41b62fb14d089176da08a /security | |
| parent | df46b9c27d39cea20ae499f388ec844b880ad0b7 (diff) | |
| download | pkgsrc-6fa655ce86481a0eb772861e6c684c8867e0d6bc.tar.gz | |
Update to stunnel-4.24.
4.24: fix security problem (properly reject revoked certs)
4.23: WinNT bugfix
4.22:
- A new global option to control logging to syslog.
Simultaneous logging to a file and the syslog is now possible.
- A new service level option to control stack size.
- Restored chroot() to be executed after decoding numerical
userid and groupid values in drop_privileges().
- A few bugs fixed the in the new libwrap support code.
- TLSv1 method used by default in FIPS mode instead of
SSLv3 client and SSLv23 server methods.
4.21:
- Initial FIPS 140-2 support (see INSTALL.FIPS for details).
- Experimental fast support for non-MT-safe libwrap is provided
with pre-spawned processes.
- Stunnel binary moved from /usr/local/sbin to /usr/local/bin
in order to meet FHS and LSB requirements.
- Added code to disallow compiling stunnel with pthreads when
OpenSSL is compiled without threads support.
- Minor manual update.
- TODO file updated.
- Dynamic locking callbacks added (needed by some engines to work).
- AC_ARG_ENABLE fixed in configure.am to accept yes/no arguments.
- On some systems libwrap requires yp_get_default_domain from libnsl,
additional checking for libnsl was added to the ./configure script.
- Sending a list of trusted CAs for the client to choose the right
certificate restored.
- Some compatibility issues with NTLM authentication fixed.
Diffstat (limited to 'security')
| -rw-r--r-- | security/stunnel/MESSAGE | 7 | ||||
| -rw-r--r-- | security/stunnel/Makefile | 8 | ||||
| -rw-r--r-- | security/stunnel/PLIST | 10 | ||||
| -rw-r--r-- | security/stunnel/distinfo | 11 | ||||
| -rwxr-xr-x | security/stunnel/files/stunnel.sh | 4 | ||||
| -rw-r--r-- | security/stunnel/patches/patch-aa | 10 | ||||
| -rw-r--r-- | security/stunnel/patches/patch-ac | 13 |
7 files changed, 28 insertions, 35 deletions
diff --git a/security/stunnel/MESSAGE b/security/stunnel/MESSAGE new file mode 100644 index 00000000000..22a03d38268 --- /dev/null +++ b/security/stunnel/MESSAGE @@ -0,0 +1,7 @@ +=========================================================================== +$NetBSD: MESSAGE,v 1.1 2008/05/27 11:51:32 tnn Exp $ + +If you are updating from an stunnel version earlier than 4.24, you should +be aware that the binaries have moved from ${PREFIX}/sbin +to ${PREFIX}/bin . +=========================================================================== diff --git a/security/stunnel/Makefile b/security/stunnel/Makefile index 0acc1c55aeb..550a89bbee4 100644 --- a/security/stunnel/Makefile +++ b/security/stunnel/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.61 2008/01/18 05:09:42 tnn Exp $ +# $NetBSD: Makefile,v 1.62 2008/05/27 11:51:32 tnn Exp $ -DISTNAME= stunnel-4.20 -PKGREVISION= 3 +DISTNAME= stunnel-4.24 CATEGORIES= security MASTER_SITES= ftp://ftp.fu-berlin.de/unix/security/stunnel/ \ ftp://stunnel.mirt.net/stunnel/ \ @@ -11,13 +10,14 @@ MAINTAINER= shaun@inerd.com HOMEPAGE= http://www.stunnel.org/ COMMENT= Universal SSL tunnel +PKG_DESTDIR_SUPPORT= user-destdir + USE_LIBTOOL= yes GNU_CONFIGURE= yes CONFIGURE_ARGS+= --with-ssl=${SSLBASE:Q} \ --with-cert-dir=${SSLCERTS:Q} \ --with-pem-dir=${SSLCERTS:Q} \ --with-tcp-wrappers \ - --sysconfdir=${PKG_SYSCONFDIR:Q} \ --localstatedir=${VARBASE:Q} PTHREAD_OPTS?= optional diff --git a/security/stunnel/PLIST b/security/stunnel/PLIST index 82cbee21221..3dd90e66d0b 100644 --- a/security/stunnel/PLIST +++ b/security/stunnel/PLIST @@ -1,10 +1,10 @@ -@comment $NetBSD: PLIST,v 1.9 2007/01/14 00:07:15 schmonz Exp $ -lib/libstunnel.la +@comment $NetBSD: PLIST,v 1.10 2008/05/27 11:51:32 tnn Exp $ +bin/stunnel +bin/stunnel3 +lib/stunnel/libstunnel.la man/man8/stunnel.8 man/man8/stunnel.fr.8 man/man8/stunnel.pl.8 -sbin/stunnel -sbin/stunnel3 share/doc/stunnel/AUTHORS share/doc/stunnel/BUGS share/doc/stunnel/COPYING @@ -12,9 +12,9 @@ share/doc/stunnel/COPYRIGHT.GPL share/doc/stunnel/CREDITS share/doc/stunnel/ChangeLog share/doc/stunnel/INSTALL +share/doc/stunnel/INSTALL.FIPS share/doc/stunnel/INSTALL.W32 share/doc/stunnel/INSTALL.WCE -share/doc/stunnel/NEWS share/doc/stunnel/PORTS share/doc/stunnel/README share/doc/stunnel/TODO diff --git a/security/stunnel/distinfo b/security/stunnel/distinfo index 5fe646dbd42..8a5c6d6e218 100644 --- a/security/stunnel/distinfo +++ b/security/stunnel/distinfo @@ -1,7 +1,6 @@ -$NetBSD: distinfo,v 1.23 2007/01/23 21:53:58 smb Exp $ +$NetBSD: distinfo,v 1.24 2008/05/27 11:51:32 tnn Exp $ -SHA1 (stunnel-4.20.tar.gz) = a9a449b28a4f34ab22f6b4bfaa81c1904a5883c4 -RMD160 (stunnel-4.20.tar.gz) = 6a5dfbabe17804e87ed8c7c75898dba4b4257827 -Size (stunnel-4.20.tar.gz) = 513394 bytes -SHA1 (patch-aa) = 08f7c534152ced42373212a3ade8d7a4a750cd5d -SHA1 (patch-ac) = 6773cee1bd8063f76a8cb122772ce1fc2856998b +SHA1 (stunnel-4.24.tar.gz) = ec6db4080199d11e020b780da0f1cc37d37d9233 +RMD160 (stunnel-4.24.tar.gz) = a397ba5dd51d5224f2458948ef985e0785ef8fbb +Size (stunnel-4.24.tar.gz) = 531714 bytes +SHA1 (patch-aa) = 70dfbc793ec882715d2ddaa7b4248b8f238701b6 diff --git a/security/stunnel/files/stunnel.sh b/security/stunnel/files/stunnel.sh index b4ecc1ac922..ee215e51d2a 100755 --- a/security/stunnel/files/stunnel.sh +++ b/security/stunnel/files/stunnel.sh @@ -1,6 +1,6 @@ #!@RCD_SCRIPTS_SHELL@ # -# $NetBSD: stunnel.sh,v 1.1 2004/06/06 14:19:04 schmonz Exp $ +# $NetBSD: stunnel.sh,v 1.2 2008/05/27 11:51:32 tnn Exp $ # # PROVIDE: stunnel @@ -10,7 +10,7 @@ name="stunnel" rcvar=$name -command="@PREFIX@/sbin/stunnel" +command="@PREFIX@/bin/stunnel" required_files="@PKG_SYSCONFDIR@/stunnel.conf" load_rc_config $name diff --git a/security/stunnel/patches/patch-aa b/security/stunnel/patches/patch-aa index f74855abad3..18c0db5d52f 100644 --- a/security/stunnel/patches/patch-aa +++ b/security/stunnel/patches/patch-aa @@ -1,17 +1,17 @@ -$NetBSD: patch-aa,v 1.19 2007/01/14 00:07:15 schmonz Exp $ +$NetBSD: patch-aa,v 1.20 2008/05/27 11:51:32 tnn Exp $ ---- tools/Makefile.in.orig 2006-11-11 09:58:22.000000000 -0500 +--- tools/Makefile.in.orig 2008-05-18 13:46:07.000000000 +0200 +++ tools/Makefile.in -@@ -161,7 +161,7 @@ target_alias = @target_alias@ +@@ -167,7 +167,7 @@ target_alias = @target_alias@ EXTRA_DIST = ca.html ca.pl importCA.html importCA.sh script.sh \ stunnel.spec stunnel.mak stunnel.cnf stunnel.nsi stunnel.conf -confdir = $(sysconfdir)/stunnel +confdir = $(datadir)/examples/stunnel conf_DATA = stunnel.conf-sample - docdir = $(datadir)/doc/stunnel examplesdir = $(docdir)/examples -@@ -332,7 +332,7 @@ info: info-am + examples_DATA = ca.html ca.pl importCA.html importCA.sh script.sh \ +@@ -337,7 +337,7 @@ info: info-am info-am: diff --git a/security/stunnel/patches/patch-ac b/security/stunnel/patches/patch-ac deleted file mode 100644 index 20000f985e8..00000000000 --- a/security/stunnel/patches/patch-ac +++ /dev/null @@ -1,13 +0,0 @@ -$NetBSD: patch-ac,v 1.9 2007/01/23 21:53:58 smb Exp $ - ---- src/Makefile.in.orig 2006-11-11 09:58:22.000000000 -0500 -+++ src/Makefile.in -@@ -221,7 +221,7 @@ libstunnel_la_LDFLAGS = -avoid-version - INCLUDES = -I/usr/kerberos/include - - # Additional compiler flags --AM_CPPFLAGS = -DLIBDIR='"$(libdir)"' -DCONFDIR='"$(sysconfdir)/stunnel"' -DPIDFILE='"$(prefix)/var/run/stunnel/stunnel.pid"' -+AM_CPPFLAGS = -DLIBDIR='"$(libdir)"' -DCONFDIR='"$(sysconfdir)"' -DPIDFILE='"/var/run/stunnel.pid"' - - # Win32 executable - EXTRA_DIST = stunnel.exe make.bat mingw.mak makece.bat evc.mak vc.mak nogui.c os2.mak |