ports/opt
4
3
Fork 1
Code Issues 1 Pull Requests Activity
05a5aade19
opt/stunnel/stunnel-config.patch

55 lines
2.2 KiB
Diff
Raw Blame History

diff -Nru stunnel-4.40.orig/src/Makefile.in stunnel-4.40/src/Makefile.in
--- stunnel-4.40.orig/src/Makefile.in 2011-07-24 18:51:26.817760413 +0200
+++ stunnel-4.40/src/Makefile.in 2011-07-24 18:52:09.849519637 +0200
@@ -254,7 +254,7 @@
INCLUDES = -I/usr/kerberos/include
# Additional compiler flags
-AM_CPPFLAGS = -DLIBDIR='"$(pkglibdir)"' -DCONFDIR='"$(sysconfdir)/stunnel"' -DPIDFILE='"$(localstatedir)/run/stunnel/stunnel.pid"'
+AM_CPPFLAGS = -DLIBDIR='"$(pkglibdir)"' -DCONFDIR='"$(sysconfdir)"' -DPIDFILE='"$(localstatedir)/run/stunnel/stunnel.pid"'
# Win32 executable
EXTRA_DIST = stunnel.exe make.bat mingw.mak makece.bat evc.mak vc.mak makew32.bat nogui.c os2.mak
diff -Nru stunnel-4.40.orig/tools/stunnel.conf-sample.in stunnel-4.40/tools/stunnel.conf-sample.in
--- stunnel-4.40.orig/tools/stunnel.conf-sample.in 2011-07-24 18:51:26.814427202 +0200
+++ stunnel-4.40/tools/stunnel.conf-sample.in 2011-07-24 18:58:14.352979341 +0200
@@ -8,25 +8,33 @@
; A copy of some devices and system files is needed within the chroot jail
; Chroot conflicts with configuration file reload and many other features
-chroot = @prefix@/var/lib/stunnel/
+chroot = /var/run/stunnel/
; Chroot jail can be escaped if setuid option is not used
-setuid = nobody
-setgid = @DEFAULT_GROUP@
+setuid = stunnel
+setgid = stunnel
; PID is created inside the chroot jail
pid = /stunnel.pid
; Debugging stuff (may useful for troubleshooting)
;debug = 7
+; logfile is created inside the chroot jail
;output = stunnel.log
+; without chroot
+;output = /var/log/stunnel.log
+; log via syslog
+syslog = yes
+
+; Enable or disable the use of libwrap
+libwrap = yes
; *****************************************************************************
; * Service Defaults (may also be specified in individual service sections) *
; *****************************************************************************
; Certificate/key is needed in server mode and optional in client mode
-cert = @prefix@/etc/stunnel/mail.pem
-;key = @prefix@/etc/stunnel/mail.pem
+cert = /etc/ssl/certs/stunnel.crt
+key = /etc/ssl/keys/stunnel.key
; Authentication stuff needs to be configured to prevent MITM attacks
; It is not enabled by default!
Reference in New Issue View Git Blame Copy Permalink