daftaupe/opt
1
0
Fork 0
forked from ports/opt
Code Pull Requests Activity

stunnel: update to 5.15

Browse Source
This commit is contained in:
Juergen Daubert 2015-04-18 09:47:39 +02:00
parent 01b1dcb9ce
commit 72c065d999
5 changed files with 27 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
stunnel/.md5sum
View File

@ -1,3 +1,3 @@
fd36d81539b5268afb99f51fdb090f95 stunnel
e716501960dc6856d80f92547298f724 stunnel-5.14.tar.gz
00bfe2db668d5558482238dbf796c2aa stunnel-config.patch
4d5387895f3a162d63a6ed76ebbafae8 stunnel
3a79787bdc898507224976606803d92a stunnel-5.15.tar.gz
16694d0e035fdd5e908ff42bc44ea805 stunnel.conf

12
stunnel/Pkgfile
View File

@ -4,16 +4,14 @@
# Depends on: openssl tcp_wrappers zlib
name=stunnel
version=5.14
version=5.15
release=1
source=(https://www.stunnel.org/downloads/$name-$version.tar.gz \
$name-config.patch $name)
$name.conf $name)
build () {
cd $name-$version
patch -p1 -i $SRC/$name-config.patch
./configure --prefix=/usr \
--sysconfdir=/etc \
--localstatedir=/var \
@ -25,10 +23,12 @@ build () {
install -D -m 0755 src/stunnel $PKG/usr/sbin/stunnel
install -D -m 0644 doc/stunnel.8 $PKG/usr/man/man8/stunnel.8
install -D -m 0755 $SRC/stunnel $PKG/etc/rc.d/stunnel
install -m 0644 tools/stunnel.conf-sample $PKG/etc/stunnel.conf
install -D -m 0644 $SRC/stunnel.conf $PKG/etc/stunnel.conf
install -d $PKG/{var/run,etc/ssl/{certs,keys}}
install -d $PKG/var/run
install -d -m 770 -o stunnel -g stunnel $PKG/var/run/stunnel
install -d $PKG/etc/ssl/{certs,keys}
touch $PKG/etc/ssl/{certs/stunnel.crt,keys/stunnel.key}
chmod 0600 $PKG/etc/ssl/keys/stunnel.key
}

3
stunnel/stunnel
View File

@ -6,6 +6,7 @@
SSD=/sbin/start-stop-daemon
PROG=/usr/sbin/stunnel
PID=/var/run/stunnel/stunnel.pid
CFG=/etc/stunnel.conf
CRT=/etc/ssl/certs/stunnel.crt
KEY=/etc/ssl/keys/stunnel.key
@ -15,7 +16,7 @@ start)
if [ ! -s $KEY -o ! -s $CRT ]; then
/usr/bin/mksslcert $KEY $CRT
fi
$SSD --start --pidfile $PID --exec $PROG
$SSD --start --pidfile $PID --exec $PROG -- $CFG
;;
stop)
$SSD --stop --retry 10 --pidfile $PID

56
stunnel/stunnel-config.patch
View File

@ -1,56 +0,0 @@
diff -Nru stunnel-5.14.orig/src/Makefile.in stunnel-5.14/src/Makefile.in
--- stunnel-5.14.orig/src/Makefile.in 2015-03-26 11:18:09.430260236 +0100
+++ stunnel-5.14/src/Makefile.in 2015-03-26 11:18:21.656486171 +0100
@@ -387,7 +387,7 @@
# Additional preprocesor definitions
stunnel_CPPFLAGS = -I/usr/kerberos/include -I$(SSLDIR)/include \
- -DLIBDIR='"$(pkglibdir)"' -DCONFDIR='"$(sysconfdir)/stunnel"'
+ -DLIBDIR='"$(pkglibdir)"' -DCONFDIR='"$(sysconfdir)"'
# SSL library
stunnel_LDFLAGS = -L$(SSLDIR)/lib64 -L$(SSLDIR)/lib -lssl -lcrypto
diff -Nru stunnel-5.14.orig/tools/stunnel.conf-sample.in stunnel-5.14/tools/stunnel.conf-sample.in
--- stunnel-5.14.orig/tools/stunnel.conf-sample.in 2015-03-26 11:18:09.430260236 +0100
+++ stunnel-5.14/tools/stunnel.conf-sample.in 2015-03-26 11:18:21.656486171 +0100
@@ -10,25 +10,34 @@
; A copy of some devices and system files is needed within the chroot jail
; Chroot conflicts with configuration file reload and many other features
; Remember also to update the logrotate configuration.
-;chroot = @prefix@/var/lib/stunnel/
+chroot = /var/run/stunnel/
; Chroot jail can be escaped if setuid option is not used
-;setuid = nobody
-;setgid = @DEFAULT_GROUP@
+setuid = stunnel
+setgid = stunnel
; PID file is created inside the chroot jail (if enabled)
-;pid = @prefix@/var/run/stunnel.pid
+pid = /stunnel.pid
; Debugging stuff (may be useful for troubleshooting)
;debug = 7
+; logfile is created inside the chroot jail
;output = stunnel.log
+; without chroot
+;output = /var/log/stunnel.log
+; log via syslog
+syslog =yes
+
+; Enable or disable the use of libwrap
+libwrap = yes
+
; **************************************************************************
; * Service defaults may also be specified in individual service sections *
; **************************************************************************
; Certificate/key is needed in server mode and optional in client mode
-cert = @prefix@/etc/stunnel/mail.pem
-;key = @prefix@/etc/stunnel/mail.pem
+cert = /etc/ssl/stunnel.crt
+key = /etc/ssl/stunnel.key
; Authentication stuff needs to be configured to prevent MITM attacks
; It is not enabled by default!

16
stunnel/stunnel.conf Normal file
View File

@ -0,0 +1,16 @@
;
; /etc/stunnel/stunnel.conf
;
setuid = stunnel
setgid = stunnel
chroot = /var/run/stunnel/
pid = /stunnel.pid
syslog = yes
cert = /etc/ssl/certs/stunnel.crt
key = /etc/ssl/keys/stunnel.key
; End of file