diff options
author | Lance Albertson <ramereth@gentoo.org> | 2005-06-22 04:28:25 +0000 |
---|---|---|
committer | Lance Albertson <ramereth@gentoo.org> | 2005-06-22 04:28:25 +0000 |
commit | 2967016ebb989fc174933976a9541bf632d06e0b (patch) | |
tree | c26012f3cd2e677523132c13dae668e5d480bb91 | |
parent | Revision bump to fix Bug 90407 (diff) | |
download | gentoo-2-2967016ebb989fc174933976a9541bf632d06e0b.tar.gz gentoo-2-2967016ebb989fc174933976a9541bf632d06e0b.tar.bz2 gentoo-2-2967016ebb989fc174933976a9541bf632d06e0b.zip |
cleaning out old stuff, adding 4.10 for testing
(Portage version: 2.0.51.19)
25 files changed, 158 insertions, 783 deletions
diff --git a/net-misc/stunnel/ChangeLog b/net-misc/stunnel/ChangeLog index e4823fe133e0..08ab6a558d8b 100644 --- a/net-misc/stunnel/ChangeLog +++ b/net-misc/stunnel/ChangeLog @@ -1,6 +1,20 @@ # ChangeLog for net-misc/stunnel # Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/ChangeLog,v 1.43 2005/06/18 21:58:44 ferdy Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/ChangeLog,v 1.44 2005/06/22 04:28:25 ramereth Exp $ + +*stunnel-4.10 (22 Jun 2005) + + 22 Jun 2005; Lance Albertson <ramereth@gentoo.org> + -files/stunnel-3.22-blinding.patch, -files/stunnel-3.22-gentoo.diff, + -files/stunnel-3.26-gentoo.diff, -files/stunnel-4.04-blinding.patch, + -files/stunnel-4.04-gentoo.diff, files/stunnel.conf, + -files/stunnel.conf.4.04-r2, -files/stunnel.conf.4.04-r3, + files/stunnel.rc6, -files/stunnel.rc6.4.04-r2, -files/stunnel.rc6.4.04-r3, + -stunnel-3.22-r2.ebuild, -stunnel-3.26.ebuild, -stunnel-4.04-r1.ebuild, + -stunnel-4.04-r2.ebuild, -stunnel-4.04-r3.ebuild, +stunnel-4.10.ebuild: + * Cleanup - taking out a bunch of old stuff + * Adding 4.10 as testing only (since upstream calls it experimental anyways) + Closing bug #92604 18 Jun 2005; Fernando J. Pereda <ferdy@gentoo.org> stunnel-4.09.ebuild: stable on alpha, wrt bug #95802 diff --git a/net-misc/stunnel/Manifest b/net-misc/stunnel/Manifest index 6a22ab049152..41ef4c2ae1db 100644 --- a/net-misc/stunnel/Manifest +++ b/net-misc/stunnel/Manifest @@ -1,43 +1,16 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - -MD5 85310ef2c632d7b01481f4b20adff5fe stunnel-4.04-r2.ebuild 1790 -MD5 4003883982318cb26c51e2291b3e7b00 stunnel-3.22-r2.ebuild 947 -MD5 eb85c0a1e6f5b12850b7d4e0215a327c stunnel-3.26.ebuild 1084 +MD5 83b8a959c666a15962c9b170b2957f50 ChangeLog 6403 +MD5 84dcffc2ace33f97c3f6f4e7455d18d6 stunnel-4.10.ebuild 2220 +MD5 3c7d56a1f6a95f21ceb95ddf5c76073c metadata.xml 703 MD5 b2b41fa38d0e49a159629341ba9f8f48 stunnel-4.05.ebuild 1755 -MD5 ec43a5d2a2d4d21179be8a1f24329a95 stunnel-4.04-r1.ebuild 1721 -MD5 73445167acb4a9335a548710b776b72e stunnel-4.04-r3.ebuild 1784 MD5 1217dcb1ea077fa30403aa71cdaf7480 stunnel-4.09.ebuild 2127 -MD5 a7ba20587ffbce6127f44d129c3ccc14 ChangeLog 5690 -MD5 3c7d56a1f6a95f21ceb95ddf5c76073c metadata.xml 703 -MD5 9177dd12df6261a5bde7e8756c0f1585 files/stunnel-3.22-blinding.patch 3756 -MD5 a7262319408c8fc154543b7614662329 files/stunnel.rc6 534 -MD5 2f553bbcab5ab83a6e45e3ddd73f9944 files/stunnel.conf.4.05 725 -MD5 9193cc027bed086a3852dc7189602f0b files/stunnel.conf.4.09 1423 -MD5 bf10c9036f0ff4b8578c46b89538aed7 files/digest-stunnel-3.22-r2 64 -MD5 39bf8947e5bcc172aba321a975eff263 files/stunnel.rc6.4.04-r2 561 -MD5 1ceef2be86dab81ee4499b783188fa44 files/stunnel.rc6.4.04-r3 598 -MD5 021f1b3d5a07aa11f572d4fa8a50b4f1 files/stunnel.conf.4.04-r2 721 -MD5 2f553bbcab5ab83a6e45e3ddd73f9944 files/stunnel.conf.4.04-r3 725 -MD5 6cdf521ff4c96a48e8863635b78fa596 files/stunnel-4.04-blinding.patch 2526 -MD5 dfc2feba647c5fb39db0bd98e769fb7e files/digest-stunnel-4.04-r1 64 -MD5 dfc2feba647c5fb39db0bd98e769fb7e files/digest-stunnel-4.04-r2 64 -MD5 dfc2feba647c5fb39db0bd98e769fb7e files/digest-stunnel-4.04-r3 64 -MD5 ea2086dcf69dddf6d075a7040d209335 files/digest-stunnel-3.26 64 +MD5 093291f53a8df7fb48928a750c4074f5 files/digest-stunnel-4.10 64 +MD5 9193cc027bed086a3852dc7189602f0b files/stunnel.conf 1423 +MD5 915cb8e081d324df458589674689652c files/stunnel.rc6 938 MD5 c0fb8fc4f6d919edc9d76e0f423873eb files/digest-stunnel-4.05 64 -MD5 b562ecc7a9dab7e2e2582a0601b42569 files/digest-stunnel-4.09 64 -MD5 2afb1fc42f8ea8f7b54d47a79f80e33a files/stunnel-4.04-gentoo.diff 321 -MD5 b42ca1fbeb5d6454de36aac4cb893294 files/stunnel-3.26-gentoo.diff 941 -MD5 60507279a2c9abbec2037b9e5a0840f7 files/stunnel-3.22-gentoo.diff 1170 +MD5 2afb1fc42f8ea8f7b54d47a79f80e33a files/stunnel-4.05-gentoo.diff 321 +MD5 2f553bbcab5ab83a6e45e3ddd73f9944 files/stunnel.conf.4.05 725 MD5 2d0c9c806bbcf7f7999d1ea564e27e9d files/stunnel.rc6.4.05 591 MD5 915cb8e081d324df458589674689652c files/stunnel.rc6.4.09 938 +MD5 9193cc027bed086a3852dc7189602f0b files/stunnel.conf.4.09 1423 MD5 2afb1fc42f8ea8f7b54d47a79f80e33a files/stunnel-4.09-gentoo.diff 321 -MD5 2afb1fc42f8ea8f7b54d47a79f80e33a files/stunnel-4.05-gentoo.diff 321 -MD5 4839b059fba14c4f7f2acb50888aadac files/stunnel.conf 720 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.1 (GNU/Linux) - -iD8DBQFCtJk7ViELBEf1JB0RAu7YAJ9Xb26vFvje1hTBSIYbUt5JPeldyACfYC0d -DdTfyUdpa8nRmfmlgXYP6EQ= -=uHWR ------END PGP SIGNATURE----- +MD5 b562ecc7a9dab7e2e2582a0601b42569 files/digest-stunnel-4.09 64 diff --git a/net-misc/stunnel/files/digest-stunnel-3.22-r2 b/net-misc/stunnel/files/digest-stunnel-3.22-r2 deleted file mode 100644 index a6702e42c458..000000000000 --- a/net-misc/stunnel/files/digest-stunnel-3.22-r2 +++ /dev/null @@ -1 +0,0 @@ -MD5 69000d8365b006b3c080a1e2dc9ccba9 stunnel-3.22.tar.gz 204413 diff --git a/net-misc/stunnel/files/digest-stunnel-3.26 b/net-misc/stunnel/files/digest-stunnel-3.26 deleted file mode 100644 index 4955702bd09a..000000000000 --- a/net-misc/stunnel/files/digest-stunnel-3.26 +++ /dev/null @@ -1 +0,0 @@ -MD5 e2cffe2f2753416d37ea1619c0d0f96e stunnel-3.26.tar.gz 228923 diff --git a/net-misc/stunnel/files/digest-stunnel-4.04-r1 b/net-misc/stunnel/files/digest-stunnel-4.04-r1 deleted file mode 100644 index f8df0f6a7fdf..000000000000 --- a/net-misc/stunnel/files/digest-stunnel-4.04-r1 +++ /dev/null @@ -1 +0,0 @@ -MD5 2fcdf0311a0ab8a3223293c706a84e97 stunnel-4.04.tar.gz 309072 diff --git a/net-misc/stunnel/files/digest-stunnel-4.04-r2 b/net-misc/stunnel/files/digest-stunnel-4.04-r2 deleted file mode 100644 index f8df0f6a7fdf..000000000000 --- a/net-misc/stunnel/files/digest-stunnel-4.04-r2 +++ /dev/null @@ -1 +0,0 @@ -MD5 2fcdf0311a0ab8a3223293c706a84e97 stunnel-4.04.tar.gz 309072 diff --git a/net-misc/stunnel/files/digest-stunnel-4.04-r3 b/net-misc/stunnel/files/digest-stunnel-4.04-r3 deleted file mode 100644 index f8df0f6a7fdf..000000000000 --- a/net-misc/stunnel/files/digest-stunnel-4.04-r3 +++ /dev/null @@ -1 +0,0 @@ -MD5 2fcdf0311a0ab8a3223293c706a84e97 stunnel-4.04.tar.gz 309072 diff --git a/net-misc/stunnel/files/digest-stunnel-4.10 b/net-misc/stunnel/files/digest-stunnel-4.10 new file mode 100644 index 000000000000..96751dd6cde2 --- /dev/null +++ b/net-misc/stunnel/files/digest-stunnel-4.10 @@ -0,0 +1 @@ +MD5 9de7a62a44083114779ca4e109d70776 stunnel-4.10.tar.gz 487066 diff --git a/net-misc/stunnel/files/stunnel-3.22-blinding.patch b/net-misc/stunnel/files/stunnel-3.22-blinding.patch deleted file mode 100644 index 43587ed7dfa8..000000000000 --- a/net-misc/stunnel/files/stunnel-3.22-blinding.patch +++ /dev/null @@ -1,133 +0,0 @@ -diff -cr stunnel-3.22/client.c stunnel-3.22.new/client.c -*** stunnel-3.22/client.c Sun Dec 23 11:41:32 2001 ---- stunnel-3.22.new/client.c Fri Mar 21 09:50:15 2003 -*************** -*** 252,257 **** ---- 252,262 ---- - c->error=1; - return; - } -+ /* Set blinding iff it's not built into our OpenSSL version */ -+ #if SSLEAY_VERSION_NUMBER <= 0x0090701fL -+ set_rsa_blinding(c->ssl); -+ #endif -+ - #if SSLEAY_VERSION_NUMBER >= 0x0922 - SSL_set_session_id_context(c->ssl, sid_ctx, strlen(sid_ctx)); - #endif -*************** -*** 939,943 **** ---- 944,980 ---- - if(setsockopt(fd, SOL_SOCKET, SO_LINGER, (void *)&l, sizeof(l))) - log_error(LOG_DEBUG, get_last_socket_error(), txt); - } -+ -+ int set_rsa_blinding(SSL *ssl) { -+ #ifndef NO_RSA -+ -+ /* Turn on blinding iff using RSA */ -+ -+ RSA *rsa; -+ EVP_PKEY *pkey; -+ -+ if ( (pkey = SSL_get_privatekey(ssl)) ) { -+ if ( (rsa = EVP_PKEY_get1_RSA(pkey)) ) { -+ if ( RSA_blinding_on(rsa,NULL) ) { -+ log(LOG_DEBUG, "RSA blinding enabled"); -+ } else { -+ log(LOG_ERR, "Unable to set RSA blinding"); -+ sslerror("RSA_blinding_on"); -+ exit(1); -+ } -+ /* EVP_PKEY_get1_RSA ups the count for rsa - free extra */ -+ RSA_free(rsa); -+ } else { -+ log(LOG_DEBUG, "Private key is not RSA, no blinding needed"); -+ } -+ } else { -+ log(LOG_ERR, "Unable to get access to the SSL private key."); -+ sslerror("SSL_get_privatekey"); -+ exit(1); -+ } -+ #endif -+ return(1); -+ } -+ - - /* End of client.c */ -diff -cr stunnel-3.22/prototypes.h stunnel-3.22.new/prototypes.h -*** stunnel-3.22/prototypes.h Sun Nov 11 11:16:01 2001 ---- stunnel-3.22.new/prototypes.h Fri Mar 21 09:54:55 2003 -*************** -*** 43,48 **** ---- 43,50 ---- - /* descriptor versions of fprintf/fscanf */ - int fdprintf(int, char *, ...); - int fdscanf(int, char *, char *); -+ #include <openssl/ssl.h> -+ int set_rsa_blinding(SSL *); - - /* Prototypes for log.c */ - -diff -cr stunnel-3.22/ssl.c stunnel-3.22.new/ssl.c -*** stunnel-3.22/ssl.c Sun Dec 23 11:46:03 2001 ---- stunnel-3.22.new/ssl.c Fri Mar 21 09:57:45 2003 -*************** -*** 65,71 **** - #endif /* NO_RSA */ - static void verify_init(); - static int verify_callback(int, X509_STORE_CTX *); -! static void info_callback(SSL *, int, int); - static void print_stats(); - - SSL_CTX *ctx; /* global SSL context */ ---- 65,71 ---- - #endif /* NO_RSA */ - static void verify_init(); - static int verify_callback(int, X509_STORE_CTX *); -! static void info_callback(const SSL *, int, int); - static void print_stats(); - - SSL_CTX *ctx; /* global SSL context */ -*************** -*** 328,333 **** ---- 328,334 ---- - } - retval=longkey; - } -+ - leave_critical_section(CRIT_KEYGEN); - return retval; - } -*************** -*** 342,347 **** ---- 343,354 ---- - result=RSA_generate_key(keylen, RSA_F4, NULL); - #endif - log(LOG_DEBUG, "Temporary RSA key created"); -+ -+ /* Set blinding iff it's not built into our OpenSSL version */ -+ #if SSLEAY_VERSION_NUMBER <= 0x0090701fL -+ RSA_blinding_on(result,NULL); -+ #endif -+ - return result; - } - -*************** -*** 440,446 **** - return 1; /* Accept connection */ - } - -! static void info_callback(SSL *s, int where, int ret) { - if(where & SSL_CB_LOOP) - log(LOG_DEBUG, "SSL state (%s): %s", - where & SSL_ST_CONNECT ? "connect" : ---- 447,453 ---- - return 1; /* Accept connection */ - } - -! static void info_callback(const SSL *s, int where, int ret) { - if(where & SSL_CB_LOOP) - log(LOG_DEBUG, "SSL state (%s): %s", - where & SSL_ST_CONNECT ? "connect" : diff --git a/net-misc/stunnel/files/stunnel-3.22-gentoo.diff b/net-misc/stunnel/files/stunnel-3.22-gentoo.diff deleted file mode 100644 index bddbde5fd72a..000000000000 --- a/net-misc/stunnel/files/stunnel-3.22-gentoo.diff +++ /dev/null @@ -1,38 +0,0 @@ ---- Makefile.in Sun Dec 23 12:03:25 2001 -+++ Makefile.in Thu Jan 17 12:28:22 2002 -@@ -9,7 +9,7 @@ - sbindir=@sbindir@ - libdir=@libdir@ - man8dir=@mandir@/man8 --piddir=@localstatedir@/stunnel/ -+piddir=/var/run - ssldir=@ssldir@ - openssl=$(ssldir)/bin/openssl - PEM_DIR=@PEM_DIR@ -@@ -24,7 +24,7 @@ - LIBS=@LIBS@ - HEADERS=common.h prototypes.h client.h - OBJS=client.o stunnel.o ssl.o protocol.o sthreads.o pty.o log.o options.o --DESTFILES=$(sbindir)/stunnel $(libdir)/stunnel.so $(man8dir)/stunnel.8 $(PEM_DIR)/stunnel.pem -+DESTFILES=$(sbindir)/stunnel $(libdir)/stunnel.so $(man8dir)/stunnel.8 - - WINGCC=i386-mingw32msvc-gcc - WINCFLAGS=-O2 -Wall -DUSE_WIN32=1 -DHAVE_OPENSSL=1 -DFD_SETSIZE=4096 -DVERSION=\"@VERSION@\" -I../openssl-0.9.6b/outinc -@@ -33,7 +33,7 @@ - - # standard external rules - --all: stunnel stunnel.8 stunnel.html stunnel.so stunnel.pem -+all: stunnel stunnel.8 stunnel.html stunnel.so - - install: all installdirs $(DESTFILES) - -@@ -47,7 +47,7 @@ - rm -f stunnel stunnel.so $(OBJS) core config.log stunnel.log - - distclean: clean -- rm -f config.cache config.status Makefile stunnel.pem -+ rm -f config.cache config.status Makefile - - mostlyclean: distclean - diff --git a/net-misc/stunnel/files/stunnel-3.26-gentoo.diff b/net-misc/stunnel/files/stunnel-3.26-gentoo.diff deleted file mode 100644 index a6d0faa66f80..000000000000 --- a/net-misc/stunnel/files/stunnel-3.26-gentoo.diff +++ /dev/null @@ -1,29 +0,0 @@ ---- Makefile.in Sun Dec 23 12:03:25 2001 -+++ Makefile.in Thu Jan 17 12:28:22 2002 -@@ -9,7 +9,7 @@ - sbindir=@sbindir@ - libdir=@libdir@ - man8dir=@mandir@/man8 --piddir=@localstatedir@/stunnel/ -+piddir=/var/run - ssldir=@ssldir@ - openssl=$(ssldir)/bin/openssl - PEM_DIR=@PEM_DIR@ -@@ -24,7 +24,7 @@ - LIBS=@LIBS@ - HEADERS=common.h prototypes.h client.h - OBJS=client.o stunnel.o ssl.o protocol.o sthreads.o pty.o log.o options.o --DESTFILES=$(sbindir)/stunnel $(libdir)/stunnel.so $(man8dir)/stunnel.8 $(PEM_DIR)/stunnel.pem -+DESTFILES=$(sbindir)/stunnel $(libdir)/stunnel.so $(man8dir)/stunnel.8 - - WINGCC=i386-mingw32msvc-gcc - WINCFLAGS=-O2 -Wall -DUSE_WIN32=1 -DHAVE_OPENSSL=1 -DFD_SETSIZE=4096 -DVERSION=\"@VERSION@\" -I../openssl-0.9.6b/outinc -@@ -33,7 +33,7 @@ - - # standard external rules - --all: stunnel stunnel.8 stunnel.html stunnel.so stunnel.pem -+all: stunnel stunnel.8 stunnel.html stunnel.so - - install: all installdirs $(DESTFILES) - diff --git a/net-misc/stunnel/files/stunnel-4.04-blinding.patch b/net-misc/stunnel/files/stunnel-4.04-blinding.patch deleted file mode 100644 index 44edbd388005..000000000000 --- a/net-misc/stunnel/files/stunnel-4.04-blinding.patch +++ /dev/null @@ -1,91 +0,0 @@ -diff -cr stunnel-4.04/src/client.c stunnel-4.04.new/src/client.c -*** stunnel-4.04/src/client.c Wed Jan 1 11:04:39 2003 ---- stunnel-4.04.new/src/client.c Fri Mar 21 09:21:38 2003 -*************** -*** 234,239 **** ---- 234,246 ---- - sslerror("SSL_new"); - return -1; - } -+ -+ /* Set blinding iff it's not built into our OpenSSL version */ -+ #if SSLEAY_VERSION_NUMBER <= 0x0090701fL -+ set_rsa_blinding(c->ssl); -+ #endif -+ -+ - #if SSLEAY_VERSION_NUMBER >= 0x0922 - SSL_set_session_id_context(c->ssl, sid_ctx, strlen(sid_ctx)); - #endif -*************** -*** 913,917 **** ---- 920,957 ---- - if(setsockopt(fd, SOL_SOCKET, SO_LINGER, (void *)&l, sizeof(l))) - log_error(LOG_DEBUG, get_last_socket_error(), txt); - } -+ -+ -+ int set_rsa_blinding(SSL *ssl) { -+ #ifndef NO_RSA -+ -+ /* Turn on blinding iff using RSA */ -+ -+ RSA *rsa; -+ EVP_PKEY *pkey; -+ -+ if ( (pkey = SSL_get_privatekey(ssl)) ) { -+ if ( (rsa = EVP_PKEY_get1_RSA(pkey)) ) { -+ if ( RSA_blinding_on(rsa,NULL) ) { -+ log(LOG_DEBUG, "RSA blinding enabled"); -+ } else { -+ log(LOG_ERR, "Unable to set RSA blinding"); -+ sslerror("RSA_blinding_on"); -+ exit(1); -+ } -+ /* EVP_PKEY_get1_RSA ups the count for rsa - free extra */ -+ RSA_free(rsa); -+ } else { -+ log(LOG_DEBUG, "Private key is not RSA, no blinding needed"); -+ } -+ } else { -+ log(LOG_ERR, "Unable to get access to the SSL private key."); -+ sslerror("SSL_get_privatekey"); -+ exit(1); -+ } -+ #endif -+ return(1); -+ } -+ - - /* End of client.c */ -diff -cr stunnel-4.04/src/prototypes.h stunnel-4.04.new/src/prototypes.h -*** stunnel-4.04/src/prototypes.h Thu Mar 20 11:55:05 2003 ---- stunnel-4.04.new/src/prototypes.h Thu Mar 20 11:55:31 2003 -*************** -*** 242,247 **** ---- 242,248 ---- - - void *alloc_client_session(LOCAL_OPTIONS *, int, int); - void *client(void *); -+ int set_rsa_blinding(SSL *); - - /**************************************** Prototype for protocol.c */ - -diff -cr stunnel-4.04/src/ssl.c stunnel-4.04.new/src/ssl.c -*** stunnel-4.04/src/ssl.c Wed Jan 1 06:07:08 2003 ---- stunnel-4.04.new/src/ssl.c Fri Mar 21 09:18:28 2003 -*************** -*** 367,372 **** ---- 367,378 ---- - result=RSA_generate_key(keylen, RSA_F4, NULL); - #endif - log(LOG_DEBUG, "Temporary RSA key created"); -+ -+ /* Set blinding iff it's not built into our OpenSSL version */ -+ #if SSLEAY_VERSION_NUMBER <= 0x0090701fL -+ RSA_blinding_on(result,NULL); -+ #endif -+ - return result; - } - diff --git a/net-misc/stunnel/files/stunnel-4.04-gentoo.diff b/net-misc/stunnel/files/stunnel-4.04-gentoo.diff deleted file mode 100644 index b41de790e162..000000000000 --- a/net-misc/stunnel/files/stunnel-4.04-gentoo.diff +++ /dev/null @@ -1,12 +0,0 @@ ---- tools/Makefile.in 2002-10-26 16:48:22.000000000 +0000 -+++ tools/Makefile.in 2002-10-26 16:48:38.000000000 +0000 -@@ -83,7 +83,7 @@ - - - confdir = $(sysconfdir)/stunnel --conf_DATA = stunnel.conf-sample stunnel.pem -+conf_DATA = stunnel.conf-sample - - docdir = $(datadir)/doc/stunnel - examplesdir = $(docdir)/examples - diff --git a/net-misc/stunnel/files/stunnel.conf b/net-misc/stunnel/files/stunnel.conf index 4114349df8cc..4aa8b8c5252e 100644 --- a/net-misc/stunnel/files/stunnel.conf +++ b/net-misc/stunnel/files/stunnel.conf @@ -1,26 +1,47 @@ -# location of pid file -pid = /var/run/stunnel.pid +# Sample stunnel configuration file by Michal Trojnara 2002-2005 +# Some options used here may not be adequate for your particular configuration +# Please make sure you understand them (especially the effect of chroot jail) -# user to run as -setuid = nobody -setgid = nogroup +# Certificate/key is needed in server mode and optional in client mode +# cert = /etc/stunnel/stunnel.pem +# key = /etc/stunnel/stunnel.pem + +# Some security enhancements for UNIX systems - comment them out on Win32 +# chroot = /chroot/stunnel/ +setuid = stunnel +setgid = stunnel +# PID is created inside chroot jail +pid = /var/run/stunnel/stunnel.pid + +# Some performance tunings +socket = l:TCP_NODELAY=1 +socket = r:TCP_NODELAY=1 +#compression = rle + +# Workaround for Eudora bug +#options = DONT_INSERT_EMPTY_FRAGMENTS # Authentication stuff #verify = 2 -# don't forget about c_rehash CApath -# it is located inside chroot jail: +# Don't forget to c_rehash CApath +# CApath is located inside chroot jail: #CApath = /certs -# or simply use CAfile instead: -#CAfile = /usr/etc/stunnel/certs.pem - -# Some debugging stuff +# It's often easier to use CAfile: +#CAfile = /etc/stunnel/certs.pem +# Don't forget to c_rehash CRLpath +# CRLpath is located inside chroot jail: +#CRLpath = /crls +# Alternatively you can use CRLfile: +#CRLfile = /etc/stunnel/crls.pem + +# Some debugging stuff useful for troubleshooting #debug = 7 #output = stunnel.log # Use it for client mode #client = yes -# sample service-level configuration +# Service-level configuration #[pop3s] #accept = 995 @@ -34,17 +55,7 @@ setgid = nogroup #accept = 465 #connect = 25 -#[s1] -#accept = 5000 -#connect = mail.osw.pl:110 -#delay = yes - -#[s2] -#accept = 5001 -#connect = mail.osw.pl:25 - #[https] #accept = 443 #connect = 80 #TIMEOUTclose = 0 - diff --git a/net-misc/stunnel/files/stunnel.conf.4.04-r2 b/net-misc/stunnel/files/stunnel.conf.4.04-r2 deleted file mode 100644 index 86598a262efa..000000000000 --- a/net-misc/stunnel/files/stunnel.conf.4.04-r2 +++ /dev/null @@ -1,50 +0,0 @@ -# location of pid file -pid = /var/run/stunnel.pid - -# user to run as -setuid = stunnel -setgid = stunnel - -# Authentication stuff -#verify = 2 -# don't forget about c_rehash CApath -# it is located inside chroot jail: -#CApath = /certs -# or simply use CAfile instead: -#CAfile = /usr/etc/stunnel/certs.pem - -# Some debugging stuff -#debug = 7 -#output = stunnel.log - -# Use it for client mode -#client = yes - -# sample service-level configuration - -#[pop3s] -#accept = 995 -#connect = 110 - -#[imaps] -#accept = 993 -#connect = 143 - -#[ssmtp] -#accept = 465 -#connect = 25 - -#[s1] -#accept = 5000 -#connect = mail.osw.pl:110 -#delay = yes - -#[s2] -#accept = 5001 -#connect = mail.osw.pl:25 - -#[https] -#accept = 443 -#connect = 80 -#TIMEOUTclose = 0 - diff --git a/net-misc/stunnel/files/stunnel.conf.4.04-r3 b/net-misc/stunnel/files/stunnel.conf.4.04-r3 deleted file mode 100644 index 571e74b50393..000000000000 --- a/net-misc/stunnel/files/stunnel.conf.4.04-r3 +++ /dev/null @@ -1,50 +0,0 @@ -# location of pid file -pid = /etc/stunnel/stunnel.pid - -# user to run as -setuid = stunnel -setgid = stunnel - -# Authentication stuff -#verify = 2 -# don't forget about c_rehash CApath -# it is located inside chroot jail: -#CApath = /certs -# or simply use CAfile instead: -#CAfile = /usr/etc/stunnel/certs.pem - -# Some debugging stuff -#debug = 7 -#output = stunnel.log - -# Use it for client mode -#client = yes - -# sample service-level configuration - -#[pop3s] -#accept = 995 -#connect = 110 - -#[imaps] -#accept = 993 -#connect = 143 - -#[ssmtp] -#accept = 465 -#connect = 25 - -#[s1] -#accept = 5000 -#connect = mail.osw.pl:110 -#delay = yes - -#[s2] -#accept = 5001 -#connect = mail.osw.pl:25 - -#[https] -#accept = 443 -#connect = 80 -#TIMEOUTclose = 0 - diff --git a/net-misc/stunnel/files/stunnel.rc6 b/net-misc/stunnel/files/stunnel.rc6 index d46a92319503..10d10b946506 100644 --- a/net-misc/stunnel/files/stunnel.rc6 +++ b/net-misc/stunnel/files/stunnel.rc6 @@ -1,20 +1,34 @@ #!/sbin/runscript -# Copyright 1999-2004 Gentoo Foundation +# Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/files/stunnel.rc6,v 1.6 2004/07/15 00:13:13 agriffis Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/files/stunnel.rc6,v 1.7 2005/06/22 04:28:25 ramereth Exp $ + +# Default pidfile location +PIDFILE="/var/run/stunnel/stunnel.pid" + +checkconfig() { + # To ensure backwards compatibility + if [ ! -z "$(egrep '/etc/stunnel/stunnel.pid' /etc/stunnel/stunnel.conf)" ] ; then + ewarn "Please update your stunnel.conf!" + ewarn "pid should point to /var/run/stunnel/stunnel.pid" + PIDFILE="/etc/stunnel/stunnel.pid" + fi +} depend() { - need net + need net } start() { - ebegin "Starting stunnel" - start-stop-daemon --start --quiet --exec /usr/sbin/stunnel -- /etc/stunnel/stunnel.conf - eend $? + checkconfig + ebegin "Starting stunnel" + start-stop-daemon --start --pidfile ${PIDFILE} --quiet --exec /usr/sbin/stunnel -- /etc/stunnel/stunnel.conf + eend $? } stop() { - ebegin "Stopping stunnel" - start-stop-daemon --stop --quiet --exec /usr/sbin/stunnel -- /etc/stunnel/stunnel.conf - eend $? + checkconfig + ebegin "Stopping stunnel" + start-stop-daemon --stop --quiet --pidfile ${PIDFILE} + eend $? } diff --git a/net-misc/stunnel/files/stunnel.rc6.4.04-r2 b/net-misc/stunnel/files/stunnel.rc6.4.04-r2 deleted file mode 100644 index 9ebadf8605c7..000000000000 --- a/net-misc/stunnel/files/stunnel.rc6.4.04-r2 +++ /dev/null @@ -1,20 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2004 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/files/stunnel.rc6.4.04-r2,v 1.3 2004/07/15 00:13:13 agriffis Exp $ - -depend() { - need net -} - -start() { - ebegin "Starting stunnel" - start-stop-daemon -c stunnel:stunnel --start --quiet --exec /usr/sbin/stunnel -- /etc/stunnel/stunnel.conf - eend $? -} - -stop() { - ebegin "Stopping stunnel" - start-stop-daemon --stop --quiet --exec /usr/sbin/stunnel -- /etc/stunnel/stunnel.conf - eend $? -} diff --git a/net-misc/stunnel/files/stunnel.rc6.4.04-r3 b/net-misc/stunnel/files/stunnel.rc6.4.04-r3 deleted file mode 100644 index ef5dba9ffee6..000000000000 --- a/net-misc/stunnel/files/stunnel.rc6.4.04-r3 +++ /dev/null @@ -1,20 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2004 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/files/stunnel.rc6.4.04-r3,v 1.3 2004/07/15 00:13:13 agriffis Exp $ - -depend() { - need net -} - -start() { - ebegin "Starting stunnel" - start-stop-daemon -p /etc/stunnel/stunnel.pid --start --quiet --exec /usr/sbin/stunnel -- /etc/stunnel/stunnel.conf - eend $? -} - -stop() { - ebegin "Stopping stunnel" - start-stop-daemon -p /etc/stunnel/stunnel.pid --stop --quiet --exec /usr/sbin/stunnel -- /etc/stunnel/stunnel.conf - eend $? -} diff --git a/net-misc/stunnel/stunnel-3.22-r2.ebuild b/net-misc/stunnel/stunnel-3.22-r2.ebuild deleted file mode 100644 index 550225b93db9..000000000000 --- a/net-misc/stunnel/stunnel-3.22-r2.ebuild +++ /dev/null @@ -1,35 +0,0 @@ -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/stunnel-3.22-r2.ebuild,v 1.7 2005/02/11 20:58:27 kaiowas Exp $ - -inherit eutils - -DESCRIPTION="TLS/SSL - Port Wrapper" -SRC_URI="http://www.stunnel.org/download/stunnel/src/${P}.tar.gz" -HOMEPAGE="http://www.stunnel.org/" -DEPEND="virtual/libc >=dev-libs/openssl-0.9.6c" -RDEPEND=">=dev-libs/openssl-0.9.6c - selinux? ( sec-policy/selinux-stunnel )" -KEYWORDS="x86 sparc " -IUSE="selinux" -LICENSE="GPL-2" -SLOT="0" - -src_unpack() { - unpack ${A}; cd ${S} - epatch ${FILESDIR}/${P}-gentoo.diff - epatch ${FILESDIR}/${P}-blinding.patch -} - -src_compile() { - ./configure --prefix=/usr --infodir=/usr/share/info --mandir=/usr/share/man || die - emake || die -} - -src_install() { - into /usr - dosbin stunnel - dodoc FAQ README HISTORY COPYING BUGS PORTS TODO transproxy.txt - doman stunnel.8 - dolib.so stunnel.so -} diff --git a/net-misc/stunnel/stunnel-3.26.ebuild b/net-misc/stunnel/stunnel-3.26.ebuild deleted file mode 100644 index 87a69f092513..000000000000 --- a/net-misc/stunnel/stunnel-3.26.ebuild +++ /dev/null @@ -1,46 +0,0 @@ -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/stunnel-3.26.ebuild,v 1.10 2005/02/11 20:58:27 kaiowas Exp $ - -inherit eutils - -DESCRIPTION="TLS/SSL - Port Wrapper" -HOMEPAGE="http://www.stunnel.org/" -SRC_URI="http://www.stunnel.org/download/stunnel/src/${P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="x86 sparc alpha ppc ~amd64 ~ppc-macos" -IUSE="selinux" - -RDEPEND=">=dev-libs/openssl-0.9.6j - selinux? ( sec-policy/selinux-stunnel )" -DEPEND="${RDEPEND} - virtual/libc" - -src_unpack() { - unpack ${A} - cd ${S} - epatch ${FILESDIR}/${P}-gentoo.diff - if use ppc-macos ; then - sed -i -e "s,-shared,-dynamic -flat_namespace -bundle -undefined suppress,g" \ - -e "s,stunnel.so,stunnel.dylib,g" \ - Makefile.in || die "sed failed" - fi -} - -src_compile() { - econf || die - emake || die -} - -src_install() { - dosbin stunnel - dodoc FAQ README HISTORY COPYING BUGS PORTS TODO transproxy.txt - doman stunnel.8 - if use ppc-macos ; then - dolib.so stunnel.dylib - else - dolib.so stunnel.so - fi -} diff --git a/net-misc/stunnel/stunnel-4.04-r1.ebuild b/net-misc/stunnel/stunnel-4.04-r1.ebuild deleted file mode 100644 index e866728cd15c..000000000000 --- a/net-misc/stunnel/stunnel-4.04-r1.ebuild +++ /dev/null @@ -1,59 +0,0 @@ -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/stunnel-4.04-r1.ebuild,v 1.12 2005/02/11 20:58:27 kaiowas Exp $ - -inherit eutils - -IUSE="static selinux" -DESCRIPTION="TLS/SSL - Port Wrapper" -SRC_URI="http://www.stunnel.org/download/stunnel/src/${P}.tar.gz" -HOMEPAGE="http://stunnel.mirt.net" -DEPEND="virtual/libc >=dev-libs/openssl-0.9.6j" -RDEPEND=">=dev-libs/openssl-0.9.6j - selinux? ( sec-policy/selinux-stunnel )" -KEYWORDS="x86 sparc alpha" -LICENSE="GPL-2" -SLOT="0" - -src_unpack() { - unpack ${A}; cd ${S} - epatch ${FILESDIR}/${P}-gentoo.diff -} - -src_compile() { - use static && myconf="${myconf} --disable-shared --enable-static" - use static && LDADD="${LDADD} -all-static" && export LDADD - econf ${myconf} || die - emake || die -} - -src_install() { - into /usr - dosbin src/stunnel - dodoc AUTHORS BUGS COPYING COPYRIGHT.GPL CREDITS INSTALL NEWS PORTS README TODO - dodoc doc/en/transproxy.txt - dohtml doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html tools/importCA.html - doman doc/stunnel.8 - - insinto /usr/share/doc/${PF} - doins tools/ca.pl tools/importCA.sh - - exeinto /etc/init.d - newexe ${FILESDIR}/stunnel.rc6 stunnel - - dolib src/.libs/libstunnel.la - use static || newlib.so src/.libs/libstunnel.so libstunnel.so.${PV} - use static || dosym /usr/lib/libstunnel.so.${PV} /usr/lib/libstunnel.so - - insinto /etc/stunnel - doins ${FILESDIR}/stunnel.conf - - dosed "s:/usr/etc/stunnel:/etc/stunnel:" /etc/stunnel/stunnel.conf - - dodir /etc/stunnel -} - -pkg_postinst() { - einfo "Starting from version 4 stunnel now uses a configuration file for setting up stunnels." - einfo "Stunnel can now also be run as a daemon" -} diff --git a/net-misc/stunnel/stunnel-4.04-r2.ebuild b/net-misc/stunnel/stunnel-4.04-r2.ebuild deleted file mode 100644 index 16c8232b2a8d..000000000000 --- a/net-misc/stunnel/stunnel-4.04-r2.ebuild +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/stunnel-4.04-r2.ebuild,v 1.6 2005/02/11 20:58:27 kaiowas Exp $ - -inherit eutils - -IUSE="static selinux" -DESCRIPTION="TLS/SSL - Port Wrapper" -SRC_URI="http://www.stunnel.org/download/stunnel/src/${P}.tar.gz" -HOMEPAGE="http://stunnel.mirt.net" -DEPEND="virtual/libc >=dev-libs/openssl-0.9.6j" -RDEPEND=">=dev-libs/openssl-0.9.6j - selinux? ( sec-policy/selinux-stunnel )" -KEYWORDS="~x86 ~sparc ~alpha" -LICENSE="GPL-2" -SLOT="0" - -src_unpack() { - unpack ${A}; cd ${S} - epatch ${FILESDIR}/${P}-gentoo.diff -} - -src_compile() { - use static && myconf="${myconf} --disable-shared --enable-static" - use static && LDADD="${LDADD} -all-static" && export LDADD - econf ${myconf} || die - emake || die -} - -src_install() { - into /usr - dosbin src/stunnel - dodoc AUTHORS BUGS COPYING COPYRIGHT.GPL CREDITS INSTALL NEWS PORTS README TODO - dodoc doc/en/transproxy.txt - dohtml doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html tools/importCA.html - doman doc/stunnel.8 - - insinto /usr/share/doc/${PF} - doins tools/ca.pl tools/importCA.sh - - exeinto /etc/init.d - newexe ${FILESDIR}/stunnel.rc6.${PF} stunnel - - dolib src/.libs/libstunnel.la - use static || newlib.so src/.libs/libstunnel.so libstunnel.so.${PV} - use static || dosym /usr/lib/libstunnel.so.${PV} /usr/lib/libstunnel.so - - insinto /etc/stunnel - donewins ${FILESDIR}/stunnel.conf.${PF} stunnel.conf - - dosed "s:/usr/etc/stunnel:/etc/stunnel:" /etc/stunnel/stunnel.conf - - dodir /etc/stunnel - -} - -pkg_postinst() { - enewuser stunnel - enewgroup stunnel - - einfo "Starting from version 4 stunnel now uses a configuration file for setting up stunnels." - einfo "Stunnel can now also be run as a daemon" -} diff --git a/net-misc/stunnel/stunnel-4.04-r3.ebuild b/net-misc/stunnel/stunnel-4.04-r3.ebuild deleted file mode 100644 index eb76590d8277..000000000000 --- a/net-misc/stunnel/stunnel-4.04-r3.ebuild +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/stunnel-4.04-r3.ebuild,v 1.8 2005/02/11 20:58:27 kaiowas Exp $ - -inherit ssl-cert eutils - -IUSE="static selinux" -DESCRIPTION="TLS/SSL - Port Wrapper" -SRC_URI="http://www.stunnel.org/download/stunnel/src/${P}.tar.gz" -HOMEPAGE="http://stunnel.mirt.net" -DEPEND="virtual/libc >=dev-libs/openssl-0.9.6j" -RDEPEND=">=dev-libs/openssl-0.9.6j - selinux? ( sec-policy/selinux-stunnel )" -KEYWORDS="~x86 ~sparc alpha amd64" -LICENSE="GPL-2" -SLOT="0" - -src_unpack() { - unpack ${A}; cd ${S} - epatch ${FILESDIR}/${P}-gentoo.diff -} - -src_compile() { - use static && myconf="${myconf} --disable-shared --enable-static" - use static && LDADD="${LDADD} -all-static" && export LDADD - econf ${myconf} || die - emake || die -} - -src_install() { - insinto /etc/stunnel - docert stunnel - - into /usr - dosbin src/stunnel - dodoc AUTHORS BUGS COPYING COPYRIGHT.GPL CREDITS INSTALL NEWS PORTS README TODO - dodoc doc/en/transproxy.txt - dohtml doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html tools/importCA.html - doman doc/stunnel.8 - - insinto /usr/share/doc/${PVR} - doins tools/ca.pl tools/importCA.sh - - exeinto /etc/init.d - newexe ${FILESDIR}/stunnel.rc6.${PVR} stunnel - - dolib src/.libs/libstunnel.la - use static || newlib.so src/.libs/libstunnel.so libstunnel.so.${PV} - use static || dosym /usr/lib/libstunnel.so.${PV} /usr/lib/libstunnel.so - - insinto /etc/stunnel - donewins ${FILESDIR}/stunnel.conf.${PVR} stunnel.conf -} - -pkg_postinst() { - enewuser stunnel - enewgroup stunnel - - chown stunnel /etc/stunnel - - einfo "Starting from version 4 stunnel now uses a configuration file for setting up stunnels." - einfo "Stunnel can now also be run as a daemon" -} diff --git a/net-misc/stunnel/stunnel-4.10.ebuild b/net-misc/stunnel/stunnel-4.10.ebuild new file mode 100644 index 000000000000..e3a8431c409b --- /dev/null +++ b/net-misc/stunnel/stunnel-4.10.ebuild @@ -0,0 +1,76 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/stunnel-4.10.ebuild,v 1.1 2005/06/22 04:28:25 ramereth Exp $ + +inherit ssl-cert eutils flag-o-matic + +DESCRIPTION="TLS/SSL - Port Wrapper" +HOMEPAGE="http://stunnel.mirt.net/" +SRC_URI="http://www.stunnel.org/download/stunnel/src/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~ppc ~sparc ~x86" +IUSE="ipv6 selinux tcpd" + +DEPEND="virtual/libc + >=dev-libs/openssl-0.9.6j" +RDEPEND=">=dev-libs/openssl-0.9.6j + selinux? ( sec-policy/selinux-stunnel )" + +src_unpack() { + unpack ${A} + # Hack away generation of certificate + sed -i s/^install-data-local:/do-not-run-this:/ "${S}"/tools/Makefile.in +} + +src_compile() { + econf \ + `use_enable ipv6`\ + `use_with tcpd tcp-wrappers` \ + || die "econf died" + emake || die "emake died" +} + +src_install() { + make DESTDIR=${D} install || die "make install failed" + rm -rf ${D}/usr/share/doc/${PN} + rm -f ${D}/{etc/stunnel/stunnel.conf-sample,usr/sbin/stunnel3} + rm -f ${D}/usr/share/man/man8/{stunnel.fr.8,stunnel.pl.8} + + dodoc AUTHORS BUGS CREDITS INSTALL NEWS PORTS README TODO ChangeLog \ + doc/en/transproxy.txt + dohtml doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html \ + tools/importCA.html + + insinto /etc/stunnel + donewins ${FILESDIR}/stunnel.conf stunnel.conf + newinitd ${FILESDIR}/stunnel.rc6 stunnel + # Check if there's currently an cert already there + if [ ! -f /etc/stunnel/stunnel.key ]; then + docert stunnel + fi + + keepdir /var/run/stunnel +} + +pkg_postinst() { + enewgroup stunnel + enewuser stunnel -1 -1 -1 stunnel + + chown stunnel:stunnel ${ROOT}/var/run/stunnel + chown stunnel:stunnel ${ROOT}/etc/stunnel/stunnel.{conf,crt,csr,key,pem} + chmod 0640 ${ROOT}/etc/stunnel/stunnel.{conf,crt,csr,key,pem} + + if [ ! -z "$(egrep '/etc/stunnel/stunnel.pid' \ + ${ROOT}/etc/stunnel/stunnel.conf )" ] ; then + + ewarn "As of stunnel-4.09, the pid file will be located in /var/run/stunnel." + ewarn "Please stop stunnel, etc-update, and start stunnel back up to ensure" + ewarn "the update takes place" + ewarn "" + ewarn "The new location will be /var/run/stunnel/stunnel.pid" + ebeep 3 + epause 3 + fi +} |