Bug #379859: version bump for security

(Portage version: 2.2.0_alpha60/cvs/Linux x86_64)

2 files changed, 81 insertions, 1 deletions

diff --git a/net-misc/stunnel/ChangeLog b/net-misc/stunnel/ChangeLog
index 2c2a842b7daa..d23e91d5dac2 100644
--- a/net-misc/stunnel/ChangeLog
+++ b/net-misc/stunnel/ChangeLog
@@ -1,6 +1,11 @@
 # ChangeLog for net-misc/stunnel
 # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/ChangeLog,v 1.120 2011/05/28 16:49:54 armin76 Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/ChangeLog,v 1.121 2011/10/11 20:40:43 robbat2 Exp $
+
+*stunnel-4.44 (11 Oct 2011)
+
+  11 Oct 2011; Robin H. Johnson <robbat2@gentoo.org> +stunnel-4.44.ebuild:
+  Bug #379859: version bump for security
 
   28 May 2011; Raúl Porcel <armin76@gentoo.org> stunnel-4.35.ebuild:
   alpha/arm/ia64/sparc stable wrt #353955
diff --git a/net-misc/stunnel/stunnel-4.44.ebuild b/net-misc/stunnel/stunnel-4.44.ebuild
new file mode 100644
index 000000000000..595261b58f46
--- /dev/null
+++ b/net-misc/stunnel/stunnel-4.44.ebuild
@@ -0,0 +1,75 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/stunnel-4.44.ebuild,v 1.1 2011/10/11 20:40:43 robbat2 Exp $
+
+EAPI="2"
+
+inherit autotools ssl-cert eutils
+
+DESCRIPTION="TLS/SSL - Port Wrapper"
+HOMEPAGE="http://stunnel.mirt.net/"
+SRC_URI="ftp://ftp.stunnel.org/stunnel/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc ~x86"
+IUSE="ipv6 selinux tcpd xforward listen-queue"
+
+DEPEND="tcpd? ( sys-apps/tcp-wrappers )
+	>=dev-libs/openssl-0.9.8k"
+RDEPEND="${DEPEND}
+	selinux? ( sec-policy/selinux-stunnel )"
+
+pkg_setup() {
+	enewgroup stunnel
+	enewuser stunnel -1 -1 -1 stunnel
+}
+
+src_prepare() {
+	use xforward && epatch "${FILESDIR}/stunnel-4.36-xforwarded-for.diff"
+	use listen-queue && epatch "${FILESDIR}/stunnel-4.36-listen-queue.diff"
+	eautoreconf
+
+	# Hack away generation of certificate
+	sed -i -e "s/^install-data-local:/do-not-run-this:/" \
+		tools/Makefile.in || die "sed failed"
+}
+
+src_configure() {
+	econf $(use_enable ipv6) \
+		$(use_enable tcpd libwrap) || die "econf died"
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die "emake install failed"
+	rm -rf "${D}"/usr/share/doc/${PN}
+	rm -f "${D}"/etc/stunnel/stunnel.conf-sample "${D}"/usr/bin/stunnel3 \
+		"${D}"/usr/share/man/man8/stunnel.{fr,pl}.8
+
+	# The binary was moved to /usr/bin with 4.21,
+	# symlink for backwards compatibility
+	dosym ../bin/stunnel /usr/sbin/stunnel
+
+	dodoc AUTHORS BUGS CREDITS PORTS README TODO ChangeLog
+	dohtml doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html \
+		tools/importCA.html
+
+	insinto /etc/stunnel
+	doins "${FILESDIR}"/stunnel.conf
+	newinitd "${FILESDIR}"/stunnel.initd stunnel
+
+	keepdir /var/run/stunnel
+	fowners stunnel:stunnel /var/run/stunnel
+}
+
+pkg_postinst() {
+	if [ ! -f "${ROOT}"/etc/stunnel/stunnel.key ]; then
+		install_cert /etc/stunnel/stunnel
+		chown stunnel:stunnel "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
+		chmod 0640 "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
+	fi
+
+	einfo "If you want to run multiple instances of stunnel, create a new config"
+	einfo "file ending with .conf in /etc/stunnel/. **Make sure** you change "
+	einfo "\'pid= \' with a unique filename."
+}