From 4bab2ec9a5b170508019ab16c92685e4f4bae089 Mon Sep 17 00:00:00 2001 From: martti Date: Sat, 18 Jan 2003 08:33:42 +0000 Subject: Updated stunnel to 4.04 (upgrade to 4.03 provided by Juan RP in pkg/19310) * New features sponsored by MAXIMUS http://www.maximus.com/ - New 'options' configuration option to setup OpenSSL library hacks with SSL_CTX_set_options(). - 'service' option also changes the name for TCP Wrappers access control in inetd mode. - SSL is negotiated before connecting remote host or spawning local process whenever possible. - REMOTE_HOST variable is always placed in the enrivonment of a process spawned with 'exec'. - Whole SSL error stack is dumped on errors. - Manual page updated (special thanks to Brian Hatch). - New user interface (config file). - Single daemon can listen on multiple ports, now. - Delayed DNS lookup added. * Other new features - All the timeouts are now configurable including TIMEOUTclose that can be set to 0 for MSIE and other buggy clients that do not send close_notify. - Stunnel process can be chrooted in a specified directory. - Numerical values for setuid() and setgid() are allowed, now. - Confusing code for setting certificate defaults introduced in version 3.8p3 was removed to simplify stunnel setup. There are no built-in defaults for CApath and CAfile options. - Private key file for a certificate can be kept in a separate file. Default remains to keep it in the cert file. - Manual page updated. --- security/stunnel/Makefile | 4 ++-- security/stunnel/PLIST | 30 ++++++++++++++++++++++-- security/stunnel/distinfo | 10 ++++---- security/stunnel/patches/patch-aa | 49 +++++++++++++-------------------------- security/stunnel/patches/patch-ab | 20 ++++++++-------- 5 files changed, 61 insertions(+), 52 deletions(-) (limited to 'security/stunnel') diff --git a/security/stunnel/Makefile b/security/stunnel/Makefile index f2978ed28f7..9a8ec51d361 100644 --- a/security/stunnel/Makefile +++ b/security/stunnel/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.31 2002/08/25 21:50:47 jlam Exp $ +# $NetBSD: Makefile,v 1.32 2003/01/18 08:33:42 martti Exp $ -DISTNAME= stunnel-3.22 +DISTNAME= stunnel-4.04 CATEGORIES= security MASTER_SITES= ftp://ftp.fu-berlin.de/pub/unix/security/stunnel/ \ ftp://stunnel.mirt.net/stunnel/ \ diff --git a/security/stunnel/PLIST b/security/stunnel/PLIST index 25ce496289c..26691db0780 100644 --- a/security/stunnel/PLIST +++ b/security/stunnel/PLIST @@ -1,4 +1,30 @@ -@comment $NetBSD: PLIST,v 1.1 2001/11/01 01:17:57 zuntum Exp $ -lib/stunnel.so +@comment $NetBSD: PLIST,v 1.2 2003/01/18 08:33:42 martti Exp $ +etc/stunnel/stunnel.conf-sample +lib/libstunnel.la +lib/libstunnel.so man/man8/stunnel.8 +man/man8/stunnel.pl.8 sbin/stunnel +share/doc/stunnel/AUTHORS +share/doc/stunnel/BUGS +share/doc/stunnel/COPYING +share/doc/stunnel/COPYRIGHT.GPL +share/doc/stunnel/CREDITS +share/doc/stunnel/ChangeLog +share/doc/stunnel/INSTALL +share/doc/stunnel/INSTALL.W32 +share/doc/stunnel/NEWS +share/doc/stunnel/PORTS +share/doc/stunnel/README +share/doc/stunnel/TODO +share/doc/stunnel/examples/ca.html +share/doc/stunnel/examples/ca.pl +share/doc/stunnel/examples/importCA.html +share/doc/stunnel/examples/importCA.sh +share/doc/stunnel/examples/stunnel.init +share/doc/stunnel/examples/stunnel.spec +share/doc/stunnel/stunnel.html +share/doc/stunnel/stunnel.pl.html +@dirrm share/doc/stunnel/examples +@dirrm share/doc/stunnel +@dirrm etc/stunnel diff --git a/security/stunnel/distinfo b/security/stunnel/distinfo index d560380848d..559fb6ac724 100644 --- a/security/stunnel/distinfo +++ b/security/stunnel/distinfo @@ -1,6 +1,6 @@ -$NetBSD: distinfo,v 1.12 2001/12/28 07:22:29 tron Exp $ +$NetBSD: distinfo,v 1.13 2003/01/18 08:33:42 martti Exp $ -SHA1 (stunnel-3.22.tar.gz) = c565ef001602faee544d7736bb53b1d4c1a3d162 -Size (stunnel-3.22.tar.gz) = 204413 bytes -SHA1 (patch-aa) = cf8b1c1658d2aee82fcec36070ccf84c14e0bce7 -SHA1 (patch-ab) = 31f36bdff7548280cb6fb611f368532e734e51e1 +SHA1 (stunnel-4.04.tar.gz) = 9f0f85eb0620ee4f4f68d833eb3f39eb31960f31 +Size (stunnel-4.04.tar.gz) = 309072 bytes +SHA1 (patch-aa) = 616058e0fb75ba4d3edaa079b24b5c72e7a8f1f5 +SHA1 (patch-ab) = e4001b6d4d54421bef439ee98c65fce96f6face0 diff --git a/security/stunnel/patches/patch-aa b/security/stunnel/patches/patch-aa index 4d6470e6540..1e1dfe46c60 100644 --- a/security/stunnel/patches/patch-aa +++ b/security/stunnel/patches/patch-aa @@ -1,39 +1,22 @@ -$NetBSD: patch-aa,v 1.12 2001/12/28 07:22:30 tron Exp $ +$NetBSD: patch-aa,v 1.13 2003/01/18 08:33:43 martti Exp $ ---- Makefile.in.orig Sun Dec 23 20:03:25 2001 -+++ Makefile.in Fri Dec 28 08:13:29 2001 -@@ -9,7 +9,7 @@ - sbindir=@sbindir@ - libdir=@libdir@ - man8dir=@mandir@/man8 --piddir=@localstatedir@/stunnel/ -+piddir=/var/run/ - ssldir=@ssldir@ - openssl=$(ssldir)/bin/openssl - PEM_DIR=@PEM_DIR@ -@@ -24,7 +24,7 @@ - LIBS=@LIBS@ - HEADERS=common.h prototypes.h client.h - OBJS=client.o stunnel.o ssl.o protocol.o sthreads.o pty.o log.o options.o --DESTFILES=$(sbindir)/stunnel $(libdir)/stunnel.so $(man8dir)/stunnel.8 $(PEM_DIR)/stunnel.pem -+DESTFILES=$(sbindir)/stunnel $(libdir)/stunnel.so $(man8dir)/stunnel.8 +--- tools/Makefile.in.orig Sun Jan 12 15:48:39 2003 ++++ tools/Makefile.in Sat Jan 18 08:08:05 2003 +@@ -83,7 +83,7 @@ - WINGCC=i386-mingw32msvc-gcc - WINCFLAGS=-O2 -Wall -DUSE_WIN32=1 -DHAVE_OPENSSL=1 -DFD_SETSIZE=4096 -DVERSION=\"@VERSION@\" -I../openssl-0.9.6b/outinc -@@ -33,7 +33,7 @@ - # standard external rules + confdir = $(sysconfdir)/stunnel +-conf_DATA = stunnel.conf-sample stunnel.pem ++conf_DATA = stunnel.conf-sample --all: stunnel stunnel.8 stunnel.html stunnel.so stunnel.pem -+all: stunnel stunnel.8 stunnel.html stunnel.so + docdir = $(datadir)/doc/stunnel + examplesdir = $(docdir)/examples +@@ -251,7 +251,7 @@ + -in stunnel.pem - install: all installdirs $(DESTFILES) - -@@ -62,7 +62,6 @@ - - installdirs: mkinstalldirs - ./mkinstalldirs $(sbindir) $(libdir) $(man8dir) $(PEM_DIR) $(piddir) -- chmod a=rwx,+t $(piddir) - - # non-standard external rules + install-data-hook: +- chmod 0600 $(confdir)/stunnel.pem ++ true + clean-local: + -rm -f stunnel.rnd diff --git a/security/stunnel/patches/patch-ab b/security/stunnel/patches/patch-ab index 2409bfffeea..d06a5da0a56 100644 --- a/security/stunnel/patches/patch-ab +++ b/security/stunnel/patches/patch-ab @@ -1,20 +1,20 @@ -$NetBSD: patch-ab,v 1.10 2001/12/28 07:22:30 tron Exp $ +$NetBSD: patch-ab,v 1.11 2003/01/18 08:33:43 martti Exp $ ---- configure.orig Sun Dec 23 20:52:04 2001 -+++ configure Fri Dec 28 08:15:02 2001 -@@ -2226,6 +2226,7 @@ - +--- configure.orig Wed Jan 1 14:26:05 2003 ++++ configure Sat Jan 18 08:08:29 2003 +@@ -7471,6 +7471,7 @@ fi + +if false; then # OSF hack instead of simple AC_CHECK_LIB here - echo "$as_me:2230: checking for pthread_create in -lpthread" >&5 + echo "$as_me:$LINENO: checking for pthread_create in -lpthread" >&5 echo $ECHO_N "checking for pthread_create in -lpthread... $ECHO_C" >&6 -@@ -2324,6 +2325,7 @@ - #define HAVE_LIBPTHREAD 1 - EOF +@@ -7582,6 +7583,7 @@ + _ACEOF + +fi fi - echo "$as_me:2329: checking for openpty in -lutil" >&5 + -- cgit v1.2.3