summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLance Albertson <ramereth@gentoo.org>2012-05-13 21:13:57 +0000
committerLance Albertson <ramereth@gentoo.org>2012-05-13 21:13:57 +0000
commit2a1de1717054a4967100d9350478a149ba71fe4c (patch)
tree513c83e123cc79965196330f8f16bb988fbfe840 /net-misc/stunnel
parentSimplify init script to use start-stop-daemon; fixes #379673 (diff)
downloadhistorical-2a1de1717054a4967100d9350478a149ba71fe4c.tar.gz
historical-2a1de1717054a4967100d9350478a149ba71fe4c.tar.bz2
historical-2a1de1717054a4967100d9350478a149ba71fe4c.zip
Ebuild cleanup; fixes #373713
Package-Manager: portage-2.1.10.49/cvs/Linux x86_64
Diffstat (limited to 'net-misc/stunnel')
-rw-r--r--net-misc/stunnel/ChangeLog11
-rw-r--r--net-misc/stunnel/Manifest23
-rw-r--r--net-misc/stunnel/files/stunnel-4.21-libwrap.patch10
-rw-r--r--net-misc/stunnel/files/stunnel-4.31-x-forwarded-for.patch247
-rw-r--r--net-misc/stunnel/files/stunnel-4.34-listen-queue.diff55
-rw-r--r--net-misc/stunnel/files/stunnel-4.35-libwrap.patch10
-rw-r--r--net-misc/stunnel/files/stunnel-4.35-xforwarded-for.diff248
-rw-r--r--net-misc/stunnel/files/stunnel-4.36-listen-queue.diff51
-rw-r--r--net-misc/stunnel/files/stunnel-4.36-xforwarded-for.diff249
-rw-r--r--net-misc/stunnel/stunnel-4.25.ebuild81
-rw-r--r--net-misc/stunnel/stunnel-4.33.ebuild75
-rw-r--r--net-misc/stunnel/stunnel-4.35.ebuild76
-rw-r--r--net-misc/stunnel/stunnel-4.36.ebuild75
13 files changed, 14 insertions, 1197 deletions
diff --git a/net-misc/stunnel/ChangeLog b/net-misc/stunnel/ChangeLog
index 8c1b590f16a9..2d3d7b793fd2 100644
--- a/net-misc/stunnel/ChangeLog
+++ b/net-misc/stunnel/ChangeLog
@@ -1,6 +1,15 @@
# ChangeLog for net-misc/stunnel
# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/ChangeLog,v 1.129 2012/05/13 21:08:13 ramereth Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/ChangeLog,v 1.130 2012/05/13 21:13:57 ramereth Exp $
+
+ 13 May 2012; Lance Albertson <ramereth@gentoo.org>
+ -files/stunnel-4.21-libwrap.patch, -stunnel-4.25.ebuild,
+ -files/stunnel-4.31-x-forwarded-for.patch, -stunnel-4.33.ebuild,
+ -files/stunnel-4.34-listen-queue.diff, -stunnel-4.35.ebuild,
+ -files/stunnel-4.35-libwrap.patch, -files/stunnel-4.35-xforwarded-for.diff,
+ -stunnel-4.36.ebuild, -files/stunnel-4.36-listen-queue.diff,
+ -files/stunnel-4.36-xforwarded-for.diff:
+ Ebuild cleanup; fixes #373713
*stunnel-4.44-r1 (13 May 2012)
diff --git a/net-misc/stunnel/Manifest b/net-misc/stunnel/Manifest
index fd50cd6f0823..3c72261bb4a9 100644
--- a/net-misc/stunnel/Manifest
+++ b/net-misc/stunnel/Manifest
@@ -2,13 +2,6 @@
Hash: SHA1
AUX stunnel-3.26-gentoo.diff 941 RMD160 4ca4f85a8888c7c9dbeed9d1303bae182d19195d SHA1 5517c6e3395664d76c84548ea67ffd8fddddbdcd SHA256 e2a9fab361699b01ccd004ef598bb868d5f6f37bd40d05b7a16a97cd9ecee2f2
-AUX stunnel-4.21-libwrap.patch 380 RMD160 c5ed7c06c3612bc5930ca8c77cac8bf58ec403f3 SHA1 fa1bf6674f775fa1b5934f4707c9e7eafed0d8a9 SHA256 b22f56707b96df785ebc20b48faf9761fb52cf4a362be875c60071b0d4572be1
-AUX stunnel-4.31-x-forwarded-for.patch 10786 RMD160 a27d72b2025d7825915d9d65f8c652baabd5ecd8 SHA1 f15856dd0497789da8f88a448e9d76e0a10a7ccc SHA256 d2b2b03043e5692af07925d80d4775b92dba0179b85ebb64de9ab678761c560c
-AUX stunnel-4.34-listen-queue.diff 2225 RMD160 5f0bcab38f9fc12d48fc074e1ca33359366499f9 SHA1 608a1c311839fdb3532dbcdbc8df7eed82839278 SHA256 fa9df532c3cc6fdf1306469c333092d16e9794fb14fbcc618137a3b3e2a2230c
-AUX stunnel-4.35-libwrap.patch 376 RMD160 15f315eb2781b77b2bb60a8f9325f8914ffb0799 SHA1 090ac2e0a392d07238ba8e300ed2fd51caa2138f SHA256 b3ed3770174b9218ccc6d49b211677640e098d3653755ae1c51504dfdd0d2cdc
-AUX stunnel-4.35-xforwarded-for.diff 11107 RMD160 6ace7ec8453c8b407c144e9828700ad5e00f1ed7 SHA1 685e65c67cf40497f13ab8f94e160eb176204ca7 SHA256 f5c96080dce032cc15bca3ceea14cf79a55f0512096d8651533f2313f95eac37
-AUX stunnel-4.36-listen-queue.diff 2021 RMD160 c44ba206ea12ddfd8e15d0fc6e082af9b4ed9bd3 SHA1 d83c55aa831e7d8428574725a4a2bc7596e02ada SHA256 079ea18938d35247624b00111f77730ff2589b64f8c04917d8d9ec0454e8c017
-AUX stunnel-4.36-xforwarded-for.diff 11016 RMD160 8ccc0eaf03a5ea661e901ff946cd421d4c24ac8d SHA1 6605733462fcd399b270cd6ef6ce02fe1f021728 SHA256 46d390028a4476bf7fbec5f4d9d82a8cbf7e8f74a47848982f3c0ca3b016fdd6
AUX stunnel-4.44-listen-queue.diff 2205 RMD160 36148a313fb3176e7823cfe64adb4e119d66308c SHA1 8a4d689593b5d371d07595b82ef553d3d080afac SHA256 5b94f4b1b2e1daec6a4f28fccf2bbc738581fdb7efcf700d9394af71e5d734fa
AUX stunnel-4.44-xforwarded-for.diff 11232 RMD160 a61bc8ab437daa2f76749667e54c09bb87b8b945 SHA1 9ce729ea0461398ea18a4ba792c9647b593f031d SHA256 0bdef230b03c2086992bc0e4e8e11bd625695bafc56f222d3a3ed69de34706ee
AUX stunnel.conf 1423 RMD160 606c53b0e241e44c8aabe423ca6772dc76aa69a9 SHA1 0b18a6dea836abc3c224c367f9ebd6fa30b931f2 SHA256 be8deb0e051f594e14c898c2ec8a4a6879adcd48a56286093653346d12c3f105
@@ -16,24 +9,16 @@ AUX stunnel.initd 1986 RMD160 66b0631d02a665a0fadca460502c7c09fa5c7b9c SHA1 5330
AUX stunnel.initd-start-stop-daemon 1314 RMD160 b3143eb56f85a2b153f7245ebd2cdbd828dbe024 SHA1 eb51c4ca52ee7712abf079bd2d49f086b0278b46 SHA256 539930a910fe7c15b9fe881e67312b7a76eac3b0d57a42d9cc530af6efddeeca
AUX stunnel.rc6 779 RMD160 3cb0ba8b6f90484a9cec951e3eb36eef45169f6d SHA1 7de8dc829e271b3ed248e3b44afb9b537621cc02 SHA256 b2128e3bfe38485ef4afad35b57d8711666281087f3fcf920d5d313642e06dea
DIST stunnel-3.26.tar.gz 228923 RMD160 63347b6bc6fca1496d74a8ef234eea98a45e0b04 SHA1 0d40d268a9e4b63630312cdee4efa5ecba53c9ec SHA256 d2a55b089d46d14bc4b456bb1927303492dab6649867c67a005d2c9d1ededfb3
-DIST stunnel-4.25.tar.gz 532343 RMD160 dcb9962e5273e69f5aeaed6bf709495aa97baa52 SHA1 fc6d61fad996f750c76ea627c5dd9f789af0eaf6 SHA256 9c966a18124ad2c28773fe096b767071320bdb07db69f480df36cbca80069480
-DIST stunnel-4.33.tar.gz 560103 RMD160 b9d32b4c17cf250d3284e020bb9c6b3fc4463cc5 SHA1 695c7ef834952cb8ddbc790e10b6e32798fc2767 SHA256 240763140000dea6ab76b30f5f5571a8ef4d22ba0712176a9c31c221bb9a48fc
-DIST stunnel-4.35.tar.gz 541012 RMD160 29bdf0402114a460016192350f4164eae5bb5cce SHA1 b08b95a61f1d65cf9cc44068e0665a17ea5397c3 SHA256 a810e220498239483e14fae24eeb2a188a6167e9118958b903f8793768c4460f
-DIST stunnel-4.36.tar.gz 544614 RMD160 88d3a125ebcf5172430f20edd5ec1231a3e7e837 SHA1 dd6f33aecf4ea89a3522261d4d7d5e1702757368 SHA256 3483fc2011e8a9d2614a93a9dbf7eabf405044df3566f29144fe2d1dd37a35f5
DIST stunnel-4.44.tar.gz 568861 RMD160 b7feeebb827cdafa7f7cb18b28b96026df284589 SHA1 8ddb85552e9f597dc98e119bb7832959467aaddb SHA256 fa0dfc33f323abfbc94aa993d90d37481cd2f652ee93ec2f8c333ac7a496c7b9
EBUILD stunnel-3.26.ebuild 742 RMD160 828bcad3275266e52a5036f6670e0612c90e926a SHA1 84966259d3b71ddfce3ffec4b2ee14d43811fd81 SHA256 ab1b1e4697849381ed5acc09728dd07457674148a4864091eec747918b16b5ee
-EBUILD stunnel-4.25.ebuild 2377 RMD160 ba0d4c2d24962f5afe8df92c350560a8cc4a4487 SHA1 1e839c2596930e41930cfb977b72b2120e5fae2e SHA256 6f7f27d4cae7ed03b28be646d6b04fe1dc9524e0b016411712f691b44128da33
-EBUILD stunnel-4.33.ebuild 2245 RMD160 3267a54d1c4140e032cc0693390501f17563c79a SHA1 efd7487f1ac3aa47eb0a5e33b0a6287d0d8cb34f SHA256 9cfc4d7ef2f71530f96ffb8889f31adccdedc6740eb9a9dfa45dccce5c971310
-EBUILD stunnel-4.35.ebuild 2309 RMD160 c4a6d8136303b8db186ca90a71462a3690ef61fd SHA1 158273189062c86b50bf14dab76b1efc28277200 SHA256 89931c8f7a07d390aa09ced4bd6b5fd6b95bdc62c16e3fa9f8bdb6d3e32a1313
-EBUILD stunnel-4.36.ebuild 2272 RMD160 ee2aca759976e5d396ee8bf113f140de8336d814 SHA1 24b92d9e3a9ddeeca774bba04421160701454810 SHA256 5b089686d0251f593b367b1169953706117b870630b59f13c7c292c67e9f4f37
EBUILD stunnel-4.44-r1.ebuild 2293 RMD160 8f750f99ddccc489778a98e66b35a000995fb2d9 SHA1 02d1b5c249638893ba1cf871e73c9d39a737edfc SHA256 0519e405ce24e3e5f4462e373cb2ec61cca41ab55ddab13ff55a7a23e1d36920
EBUILD stunnel-4.44.ebuild 2261 RMD160 3683dead1f6ddc7b732ea3de00b65e87d988b9c5 SHA1 49990e3fc4b73b647010bc657c69aecf44b56736 SHA256 2478f1a96da39456e398bd20ff24b83973c5d399543ac30f559ff2af6e91fceb
-MISC ChangeLog 19045 RMD160 aa292d9a306bcd1e7ac83677a62e9d0f9fe517d8 SHA1 0f618724f414412d0d790ecb425e35d31ad3f2dc SHA256 d33bdbd0dd9db455708184b8fa24f1ad982d00a089507ef4a48a3a2acbad4d06
+MISC ChangeLog 19504 RMD160 53cba28c5bc949d99cbdb7b3f4087f1256f47aa7 SHA1 58514a4eb24717f97485515a392c119b849fec11 SHA256 4256417e1f48b89b2240a771600ba71a9d154fed506dcb6772da262a4b0f4fb1
MISC metadata.xml 784 RMD160 89e67398f37eaab7e716f336e9a48834aa533e44 SHA1 257a543cc1a3f69230e15a575ea8b402b4f05bbe SHA256 e2ed38541831cdd5b54a060003b85c5b0b1cd92c22161f4aa72261cdfc365077
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
-iD8DBQFPsCLDQW+hXSf0t0IRAn4+AJ9Bu5Bo/vvFaLqmbOKp8H2XgwB75ACgoMhA
-6HRLExtmnQ1xuSlP0rVG6xw=
-=py8o
+iD8DBQFPsCQaQW+hXSf0t0IRAhj2AJ42ocboK4sPdulFoIqoduhxcb0sHwCgubqi
+X8NvIGqcwofJ7RAMgVo3NpM=
+=ef7Q
-----END PGP SIGNATURE-----
diff --git a/net-misc/stunnel/files/stunnel-4.21-libwrap.patch b/net-misc/stunnel/files/stunnel-4.21-libwrap.patch
deleted file mode 100644
index c64f8e6cf698..000000000000
--- a/net-misc/stunnel/files/stunnel-4.21-libwrap.patch
+++ /dev/null
@@ -1,10 +0,0 @@
---- stunnel-4.21/configure.ac 2007-08-09 00:43:10.000000000 +0200
-+++ stunnel-4.21.new/configure.ac 2007-11-02 16:16:11.000000000 +0100
-@@ -343,6 +343,7 @@
- case "$enableval" in
- yes) AC_MSG_RESULT([no])
- AC_DEFINE(HAVE_LIBWRAP)
-+ LIBS="$LIBS -lwrap"
- ;;
- no) AC_MSG_RESULT([yes])
- ;;
diff --git a/net-misc/stunnel/files/stunnel-4.31-x-forwarded-for.patch b/net-misc/stunnel/files/stunnel-4.31-x-forwarded-for.patch
deleted file mode 100644
index 5e45e62b4f1f..000000000000
--- a/net-misc/stunnel/files/stunnel-4.31-x-forwarded-for.patch
+++ /dev/null
@@ -1,247 +0,0 @@
-diff -urN stunnel-4.31/doc/stunnel.8 stunnel-4.31-xforwardfor/doc/stunnel.8
---- stunnel-4.31/doc/stunnel.8 2010-02-03 13:46:46 +0100
-+++ stunnel-4.31-xforwardfor/doc/stunnel.8 2010-03-08 17:58:16 +0100
-@@ -500,6 +500,10 @@
- .IP "\fBtransparent\fR = yes | no (Unix only)" 4
- .IX Item "transparent = yes | no (Unix only)"
- transparent proxy mode
-+.IP "\fBxforwardedfor\fR = yes | no" 4
-+.IX Item "xforwardedfor = yes | no"
-+append an 'X-Forwarded-For:' HTTP request header providing the
-+client's IP address to the server.
- .Sp
- Re-write address to appear as if wrapped daemon is connecting
- from the \s-1SSL\s0 client machine instead of the machine running \fBstunnel\fR.
-diff -urN stunnel-4.31/doc/stunnel.fr.8 stunnel-4.31-xforwardfor/doc/stunnel.fr.8
---- stunnel-4.31/doc/stunnel.fr.8 2007-09-23 17:31:24 +0200
-+++ stunnel-4.31-xforwardfor/doc/stunnel.fr.8 2010-03-08 18:00:52 +0100
-@@ -460,6 +460,10 @@
- .IP "\fBtransparent\fR = yes | no (Unix seulement)" 4
- .IX Item "transparent = yes | no (Unix seulement)"
- Mode mandataire transparent
-+.IP "\fBxforwardedfor\fR = yes | no" 4
-+.IX Item "xforwardedfor = yes | no"
-+Ajoute un en-tête 'X-Forwarded-For:' dans la requête HTTP fournissant
-+au serveur l'adresse IP du client.
- .Sp
- Ré\-écrit les adresses pour qu'elles apparaissent provenir de la
- machine client \s-1SSL\s0 plutôt que de celle qui exécute \fBstunnel\fR.
-diff -urN stunnel-4.31/src/client.c stunnel-4.31-xforwardfor/src/client.c
---- stunnel-4.31/src/client.c 2010-01-29 11:42:16 +0100
-+++ stunnel-4.31-xforwardfor/src/client.c 2010-03-08 17:58:16 +0100
-@@ -88,6 +88,12 @@
- return NULL;
- }
- c->opt=opt;
-+ /* some options need space to add some information */
-+ if (c->opt->option.xforwardedfor)
-+ c->buffsize = BUFFSIZE - BUFF_RESERVED;
-+ else
-+ c->buffsize = BUFFSIZE;
-+ c->crlf_seen=0;
- c->local_rfd.fd=rfd;
- c->local_wfd.fd=wfd;
- return c;
-@@ -377,6 +383,28 @@
- print_cipher(c);
- }
- }
-+
-+/* Moves all data from the buffer <buffer> between positions <start> and <stop>
-+ * to insert <string> of length <len>. <start> and <stop> are updated to their
-+ * new respective values, and the number of characters inserted is returned.
-+ * If <len> is too long, nothing is done and -1 is returned.
-+ * Note that neither <string> nor <buffer> can be NULL.
-+ */
-+static int buffer_insert_with_len(char *buffer, int *start, int *stop, int limit, char *string, int len) {
-+ if (len > limit - *stop)
-+ return -1;
-+ if (*start > *stop)
-+ return -1;
-+ memmove(buffer + *start + len, buffer + *start, *stop - *start);
-+ memcpy(buffer + *start, string, len);
-+ *start += len;
-+ *stop += len;
-+ return len;
-+}
-+
-+static int buffer_insert(char *buffer, int *start, int *stop, int limit, char *string) {
-+ return buffer_insert_with_len(buffer, start, stop, limit, string, strlen(string));
-+}
-
- /****************************** some defines for transfer() */
- /* is socket/SSL open for read/write? */
-@@ -412,13 +440,13 @@
- check_SSL_pending=0;
-
- SSL_read_wants_read=
-- ssl_rd && c->ssl_ptr<BUFFSIZE && !SSL_read_wants_write;
-+ ssl_rd && c->ssl_ptr<c->buffsize && !SSL_read_wants_write;
- SSL_write_wants_write=
- ssl_wr && c->sock_ptr && !SSL_write_wants_read;
-
- /****************************** setup c->fds structure */
- s_poll_init(&c->fds); /* initialize the structure */
-- if(sock_rd && c->sock_ptr<BUFFSIZE)
-+ if(sock_rd && c->sock_ptr<c->buffsize)
- s_poll_add(&c->fds, c->sock_rfd->fd, 1, 0);
- if(SSL_read_wants_read ||
- SSL_write_wants_read ||
-@@ -517,7 +545,7 @@
- break;
- default:
- memmove(c->ssl_buff, c->ssl_buff+num, c->ssl_ptr-num);
-- if(c->ssl_ptr==BUFFSIZE) /* buffer was previously full */
-+ if(c->ssl_ptr>=c->buffsize) /* buffer was previously full */
- check_SSL_pending=1; /* check for data buffered by SSL */
- c->ssl_ptr-=num;
- c->sock_bytes+=num;
-@@ -577,7 +605,7 @@
- /****************************** read from socket */
- if(sock_rd && sock_can_rd) {
- num=readsocket(c->sock_rfd->fd,
-- c->sock_buff+c->sock_ptr, BUFFSIZE-c->sock_ptr);
-+ c->sock_buff+c->sock_ptr, c->buffsize-c->sock_ptr);
- switch(num) {
- case -1:
- parse_socket_error(c, "readsocket");
-@@ -597,10 +625,71 @@
- (SSL_read_wants_write && ssl_can_wr) ||
- (check_SSL_pending && SSL_pending(c->ssl))) {
- SSL_read_wants_write=0;
-- num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, BUFFSIZE-c->ssl_ptr);
-+ num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, c->buffsize-c->ssl_ptr);
- switch(err=SSL_get_error(c->ssl, num)) {
- case SSL_ERROR_NONE:
-- c->ssl_ptr+=num;
-+ if (c->buffsize != BUFFSIZE && c->opt->option.xforwardedfor) { /* some work left to do */
-+ int last = c->ssl_ptr;
-+ c->ssl_ptr += num;
-+
-+ /* Look for end of HTTP headers between last and ssl_ptr.
-+ * To achieve this reliably, we have to count the number of
-+ * successive [CR]LF and to memorize it in case it's spread
-+ * over multiple segments. --WT.
-+ */
-+ while (last < c->ssl_ptr) {
-+ if (c->ssl_buff[last] == '\n') {
-+ if (++c->crlf_seen == 2)
-+ break;
-+ } else if (last < c->ssl_ptr - 1 &&
-+ c->ssl_buff[last] == '\r' &&
-+ c->ssl_buff[last+1] == '\n') {
-+ if (++c->crlf_seen == 2)
-+ break;
-+ last++;
-+ } else if (c->ssl_buff[last] != '\r')
-+ /* don't refuse '\r' because we may get a '\n' on next read */
-+ c->crlf_seen = 0;
-+ last++;
-+ }
-+ if (c->crlf_seen >= 2) {
-+ /* We have all the HTTP headers now. We don't need to
-+ * reserve any space anymore. <ssl_ptr> points to the
-+ * first byte of unread data, and <last> points to the
-+ * exact location where we want to insert our headers,
-+ * which is right before the empty line.
-+ */
-+ c->buffsize = BUFFSIZE;
-+
-+ if (c->opt->option.xforwardedfor) {
-+ /* X-Forwarded-For: xxxx \r\n\0 */
-+ char xforw[17 + IPLEN + 3];
-+
-+ /* We will insert our X-Forwarded-For: header here.
-+ * We need to write the IP address, but if we use
-+ * sprintf, it will pad with the terminating 0.
-+ * So we will pass via a temporary buffer allocated
-+ * on the stack.
-+ */
-+ memcpy(xforw, "X-Forwarded-For: ", 17);
-+ if (getnameinfo(&c->peer_addr.addr[0].sa,
-+ addr_len(c->peer_addr.addr[0]),
-+ xforw + 17, IPLEN, NULL, 0,
-+ NI_NUMERICHOST) == 0) {
-+ strcat(xforw + 17, "\r\n");
-+ buffer_insert(c->ssl_buff, &last, &c->ssl_ptr,
-+ c->buffsize, xforw);
-+ }
-+ /* last still points to the \r\n and ssl_ptr to the
-+ * end of the buffer, so we may add as many headers
-+ * as wee need to.
-+ */
-+ }
-+ }
-+ }
-+ else
-+ c->ssl_ptr+=num;
-+
- watchdog=0; /* reset watchdog */
- break;
- case SSL_ERROR_WANT_WRITE:
-diff -urN stunnel-4.31/src/common.h stunnel-4.31-xforwardfor/src/common.h
---- stunnel-4.31/src/common.h 2010-01-29 11:38:20 +0100
-+++ stunnel-4.31-xforwardfor/src/common.h 2010-03-08 17:58:53 +0100
-@@ -53,6 +53,9 @@
- /* I/O buffer size */
- #define BUFFSIZE 16384
-
-+/* maximum space reserved for header insertion in BUFFSIZE */
-+#define BUFF_RESERVED 1024
-+
- /* length of strings (including the terminating '\0' character) */
- /* it can't be lower than 256 bytes or NTLM authentication will break */
- #define STRLEN 256
-diff -urN stunnel-4.31/src/options.c stunnel-4.31-xforwardfor/src/options.c
---- stunnel-4.31/src/options.c 2010-01-29 11:43:23 +0100
-+++ stunnel-4.31-xforwardfor/src/options.c 2010-03-08 17:58:16 +0100
-@@ -792,6 +792,29 @@
- }
- #endif
-
-+ /* xforwardedfor */
-+ switch(cmd) {
-+ case CMD_INIT:
-+ section->option.xforwardedfor=0;
-+ break;
-+ case CMD_EXEC:
-+ if(strcasecmp(opt, "xforwardedfor"))
-+ break;
-+ if(!strcasecmp(arg, "yes"))
-+ section->option.xforwardedfor=1;
-+ else if(!strcasecmp(arg, "no"))
-+ section->option.xforwardedfor=0;
-+ else
-+ return "argument should be either 'yes' or 'no'";
-+ return NULL; /* OK */
-+ case CMD_DEFAULT:
-+ break;
-+ case CMD_HELP:
-+ s_log(LOG_NOTICE, "%-15s = yes|no append an HTTP X-Forwarded-For header",
-+ "xforwardedfor");
-+ break;
-+ }
-+
- /* exec */
- #ifndef USE_WIN32
- switch(cmd) {
-diff -urN stunnel-4.31/src/prototypes.h stunnel-4.31-xforwardfor/src/prototypes.h
---- stunnel-4.31/src/prototypes.h 2010-01-29 11:36:17 +0100
-+++ stunnel-4.31-xforwardfor/src/prototypes.h 2010-03-08 17:59:23 +0100
-@@ -166,6 +166,7 @@
- unsigned int cert:1;
- unsigned int client:1;
- unsigned int delayed_lookup:1;
-+ unsigned int xforwardedfor:1;
- unsigned int accept:1;
- unsigned int remote:1;
- unsigned int retry:1; /* loop remote+program */
-@@ -337,6 +338,8 @@
- FD *ssl_rfd, *ssl_wfd; /* read and write SSL descriptors */
- int sock_bytes, ssl_bytes; /* bytes written to socket and ssl */
- s_poll_set fds; /* file descriptors */
-+ int buffsize; /* current buffer size, may be lower than BUFFSIZE */
-+ int crlf_seen; /* the number of successive CRLF seen */
- } CLI;
-
- extern int max_fds, max_clients;
diff --git a/net-misc/stunnel/files/stunnel-4.34-listen-queue.diff b/net-misc/stunnel/files/stunnel-4.34-listen-queue.diff
deleted file mode 100644
index 8b826ddb56f4..000000000000
--- a/net-misc/stunnel/files/stunnel-4.34-listen-queue.diff
+++ /dev/null
@@ -1,55 +0,0 @@
-Patch by Thomas Franco, rediffed for 4.34.
-
-diff -ru stunnel-4.34/src/options.c stunnel-4.34-listen-queue/src/options.c
---- stunnel-4.34/src/options.c 2010-09-14 17:09:36.000000000 +0200
-+++ stunnel-4.34-listen-queue/src/options.c 2010-12-06 22:14:15.610223090 +0100
-@@ -1473,6 +1473,24 @@
- break;
- }
-
-+ /* listenqueue */
-+ switch(cmd) {
-+ case CMD_INIT:
-+ section->listenqueue=SOMAXCONN;
-+ break;
-+ case CMD_EXEC:
-+ if(strcasecmp(opt, "listenqueue"))
-+ break;
-+ section->listenqueue=atoi(arg);
-+ return (section->listenqueue?NULL:"Bad verify level");
-+ case CMD_DEFAULT:
-+ s_log(LOG_NOTICE, "%-15s = %d", "listenqueue", SOMAXCONN);
-+ break;
-+ case CMD_HELP:
-+ s_log(LOG_NOTICE, "%-15s = defines the maximum length the queue of pending connections may grow to", "listenqueue");
-+ break;
-+ }
-+
- if(cmd==CMD_EXEC)
- return option_not_found;
- return NULL; /* OK */
-diff -ru stunnel-4.34/src/prototypes.h stunnel-4.34-listen-queue/src/prototypes.h
---- stunnel-4.34/src/prototypes.h 2010-09-14 17:09:50.000000000 +0200
-+++ stunnel-4.34-listen-queue/src/prototypes.h 2010-12-06 22:06:39.217327586 +0100
-@@ -158,6 +158,7 @@
- int timeout_close; /* maximum close_notify time */
- int timeout_connect; /* maximum connect() time */
- int timeout_idle; /* maximum idle connection time */
-+ int listenqueue; /* Listen baklog */
- enum {FAILOVER_RR, FAILOVER_PRIO} failover; /* failover strategy */
-
- /* protocol name for protocol.c */
-Seulement dans stunnel-4.34-listen-queue/src: prototypes.h~
-diff -ru stunnel-4.34/src/stunnel.c stunnel-4.34-listen-queue/src/stunnel.c
---- stunnel-4.34/src/stunnel.c 2010-08-20 11:01:35.000000000 +0200
-+++ stunnel-4.34-listen-queue/src/stunnel.c 2010-12-06 22:05:54.732885327 +0100
-@@ -204,7 +204,7 @@
- }
- s_log(LOG_DEBUG, "Service %s bound to %s",
- opt->servname, opt->local_address);
-- if(listen(opt->fd, 5)) {
-+ if(listen(opt->fd, opt->listenqueue)) {
- sockerror("listen");
- return 0;
- }
-Seulement dans stunnel-4.34-listen-queue/src: stunnel.c~
diff --git a/net-misc/stunnel/files/stunnel-4.35-libwrap.patch b/net-misc/stunnel/files/stunnel-4.35-libwrap.patch
deleted file mode 100644
index 2a0ef0442556..000000000000
--- a/net-misc/stunnel/files/stunnel-4.35-libwrap.patch
+++ /dev/null
@@ -1,10 +0,0 @@
---- stunnel-4.35/configure.ac 2011-02-07 16:28:03.000000000 +0100
-+++ stunnel-4.35/configure.ac 2011-02-07 16:31:23.000000000 +0100
-@@ -357,6 +357,7 @@
- case "$enableval" in
- yes) AC_MSG_RESULT([no])
- AC_DEFINE(HAVE_LIBWRAP)
-+ LIBS="$LIBS -lwrap"
- ;;
- no) AC_MSG_RESULT([yes])
- ;;
diff --git a/net-misc/stunnel/files/stunnel-4.35-xforwarded-for.diff b/net-misc/stunnel/files/stunnel-4.35-xforwarded-for.diff
deleted file mode 100644
index d97c5eb90f8a..000000000000
--- a/net-misc/stunnel/files/stunnel-4.35-xforwarded-for.diff
+++ /dev/null
@@ -1,248 +0,0 @@
---- stunnel-4.35/doc/stunnel.fr.8.ori 2011-02-07 17:21:07.000000000 +0100
-+++ stunnel-4.35-xforwarded-for/doc/stunnel.fr.8 2011-02-07 17:21:31.000000000 +0100
-@@ -394,6 +394,10 @@
- .IP "\fBTIMEOUTidle\fR = secondes" 4
- .IX Item "TIMEOUTidle = secondes"
- Durée d'attente sur une connexion inactive
-+.IP "\fBxforwardedfor\fR = yes | no" 4
-+.IX Item "xforwardedfor = yes | no"
-+Ajoute un en-tête 'X-Forwarded-For:' dans la requête HTTP fournissant
-+au serveur l'adresse IP du client.
- .IP "\fBtransparent\fR = yes | no (Unix seulement)" 4
- .IX Item "transparent = yes | no (Unix seulement)"
- Mode mandataire transparent
-diff -ru stunnel-4.35/doc/stunnel.8 stunnel-4.35-xforwarded-for/doc/stunnel.8
---- stunnel-4.35/doc/stunnel.8 2010-09-15 09:11:21.000000000 +0200
-+++ stunnel-4.35-xforwarded-for/doc/stunnel.8 2010-12-06 21:56:08.770829792 +0100
-@@ -527,6 +527,10 @@
- .IP "\fBTIMEOUTidle\fR = seconds" 4
- .IX Item "TIMEOUTidle = seconds"
- time to keep an idle connection
-+.IP "\fBxforwardedfor\fR = yes | no" 4
-+.IX Item "xforwardedfor = yes | no"
-+append an 'X-Forwarded-For:' HTTP request header providing the
-+client's IP address to the server.
- .IP "\fBtransparent\fR = none | source | destination | both (Unix only)" 4
- .IX Item "transparent = none | source | destination | both (Unix only)"
- enable transparent proxy support on selected platforms
-diff -ru stunnel-4.35/src/client.c stunnel-4.35-xforwarded-for/src/client.c
---- stunnel-4.35/src/client.c 2010-09-14 17:03:43.000000000 +0200
-+++ stunnel-4.35-xforwarded-for/src/client.c 2010-12-06 21:56:08.770829792 +0100
-@@ -84,6 +84,12 @@
- return NULL;
- }
- c->opt=opt;
-+ /* some options need space to add some information */
-+ if (c->opt->option.xforwardedfor)
-+ c->buffsize = BUFFSIZE - BUFF_RESERVED;
-+ else
-+ c->buffsize = BUFFSIZE;
-+ c->crlf_seen=0;
- c->local_rfd.fd=rfd;
- c->local_wfd.fd=wfd;
- return c;
-@@ -372,6 +378,28 @@
- }
- }
-
-+/* Moves all data from the buffer <buffer> between positions <start> and <stop>
-+ * to insert <string> of length <len>. <start> and <stop> are updated to their
-+ * new respective values, and the number of characters inserted is returned.
-+ * If <len> is too long, nothing is done and -1 is returned.
-+ * Note that neither <string> nor <buffer> can be NULL.
-+ */
-+static int buffer_insert_with_len(char *buffer, int *start, int *stop, int limit, char *string, int len) {
-+ if (len > limit - *stop)
-+ return -1;
-+ if (*start > *stop)
-+ return -1;
-+ memmove(buffer + *start + len, buffer + *start, *stop - *start);
-+ memcpy(buffer + *start, string, len);
-+ *start += len;
-+ *stop += len;
-+ return len;
-+}
-+
-+static int buffer_insert(char *buffer, int *start, int *stop, int limit, char *string) {
-+ return buffer_insert_with_len(buffer, start, stop, limit, string, strlen(string));
-+}
-+
- /****************************** transfer data */
- static void transfer(CLI *c) {
- int watchdog=0; /* a counter to detect an infinite loop */
-@@ -390,7 +418,7 @@
- do { /* main loop of client data transfer */
- /****************************** initialize *_wants_* */
- read_wants_read=
-- ssl_open_rd && c->ssl_ptr<BUFFSIZE && !read_wants_write;
-+ ssl_open_rd && c->ssl_ptr<c->buffsize && !read_wants_write;
- write_wants_write=
- ssl_open_wr && c->sock_ptr && !write_wants_read;
-
-@@ -399,7 +427,7 @@
- /* for plain socket open data strem = open file descriptor */
- /* make sure to add each open socket to receive exceptions! */
- if(sock_open_rd)
-- s_poll_add(&c->fds, c->sock_rfd->fd, c->sock_ptr<BUFFSIZE, 0);
-+ s_poll_add(&c->fds, c->sock_rfd->fd, c->sock_ptr<c->buffsize, 0);
- if(sock_open_wr)
- s_poll_add(&c->fds, c->sock_wfd->fd, 0, c->ssl_ptr);
- /* for SSL assume that sockets are open if there any pending requests */
-@@ -531,7 +559,7 @@
- /****************************** read from socket */
- if(sock_open_rd && sock_can_rd) {
- num=readsocket(c->sock_rfd->fd,
-- c->sock_buff+c->sock_ptr, BUFFSIZE-c->sock_ptr);
-+ c->sock_buff+c->sock_ptr, c->buffsize-c->sock_ptr);
- switch(num) {
- case -1:
- parse_socket_error(c, "readsocket");
-@@ -567,7 +595,7 @@
- /****************************** update *_wants_* based on new *_ptr */
- /* this update is also required for SSL_pending() to be used */
- read_wants_read=
-- ssl_open_rd && c->ssl_ptr<BUFFSIZE && !read_wants_write;
-+ ssl_open_rd && c->ssl_ptr<c->buffsize && !read_wants_write;
- write_wants_write=
- ssl_open_wr && c->sock_ptr && !write_wants_read;
-
-@@ -577,10 +605,71 @@
- * writesocket() above made some room in c->ssl_buff */
- (read_wants_write && ssl_can_wr)) {
- read_wants_write=0;
-- num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, BUFFSIZE-c->ssl_ptr);
-+ num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, c->buffsize-c->ssl_ptr);
- switch(err=SSL_get_error(c->ssl, num)) {
- case SSL_ERROR_NONE:
-- c->ssl_ptr+=num;
-+ if (c->buffsize != BUFFSIZE && c->opt->option.xforwardedfor) { /* some work left to do */
-+ int last = c->ssl_ptr;
-+ c->ssl_ptr += num;
-+
-+ /* Look for end of HTTP headers between last and ssl_ptr.
-+ * To achieve this reliably, we have to count the number of
-+ * successive [CR]LF and to memorize it in case it's spread
-+ * over multiple segments. --WT.
-+ */
-+ while (last < c->ssl_ptr) {
-+ if (c->ssl_buff[last] == '\n') {
-+ if (++c->crlf_seen == 2)
-+ break;
-+ } else if (last < c->ssl_ptr - 1 &&
-+ c->ssl_buff[last] == '\r' &&
-+ c->ssl_buff[last+1] == '\n') {
-+ if (++c->crlf_seen == 2)
-+ break;
-+ last++;
-+ } else if (c->ssl_buff[last] != '\r')
-+ /* don't refuse '\r' because we may get a '\n' on next read */
-+ c->crlf_seen = 0;
-+ last++;
-+ }
-+ if (c->crlf_seen >= 2) {
-+ /* We have all the HTTP headers now. We don't need to
-+ * reserve any space anymore. <ssl_ptr> points to the
-+ * first byte of unread data, and <last> points to the
-+ * exact location where we want to insert our headers,
-+ * which is right before the empty line.
-+ */
-+ c->buffsize = BUFFSIZE;
-+
-+ if (c->opt->option.xforwardedfor) {
-+ /* X-Forwarded-For: xxxx \r\n\0 */
-+ char xforw[17 + IPLEN + 3];
-+
-+ /* We will insert our X-Forwarded-For: header here.
-+ * We need to write the IP address, but if we use
-+ * sprintf, it will pad with the terminating 0.
-+ * So we will pass via a temporary buffer allocated
-+ * on the stack.
-+ */
-+ memcpy(xforw, "X-Forwarded-For: ", 17);
-+ if (getnameinfo(&c->peer_addr.addr[0].sa,
-+ addr_len(c->peer_addr.addr[0]),
-+ xforw + 17, IPLEN, NULL, 0,
-+ NI_NUMERICHOST) == 0) {
-+ strcat(xforw + 17, "\r\n");
-+ buffer_insert(c->ssl_buff, &last, &c->ssl_ptr,
-+ c->buffsize, xforw);
-+ }
-+ /* last still points to the \r\n and ssl_ptr to the
-+ * end of the buffer, so we may add as many headers
-+ * as wee need to.
-+ */
-+ }
-+ }
-+ }
-+ else
-+ c->ssl_ptr+=num;
-+
- watchdog=0; /* reset watchdog */
- break;
- case SSL_ERROR_WANT_WRITE:
-diff -ru stunnel-4.35/src/common.h stunnel-4.35-xforwarded-for/src/common.h
---- stunnel-4.35/src/common.h 2010-09-14 17:00:36.000000000 +0200
-+++ stunnel-4.35-xforwarded-for/src/common.h 2010-12-06 21:56:08.770829792 +0100
-@@ -53,6 +53,9 @@
- /* I/O buffer size */
- #define BUFFSIZE 16384
-
-+/* maximum space reserved for header insertion in BUFFSIZE */
-+#define BUFF_RESERVED 1024
-+
- /* length of strings (including the terminating '\0' character) */
- /* it can't be lower than 256 bytes or NTLM authentication will break */
- #define STRLEN 256
-diff -ru stunnel-4.35/src/options.c stunnel-4.35-xforwarded-for/src/options.c
---- stunnel-4.35/src/options.c 2010-09-14 17:09:36.000000000 +0200
-+++ stunnel-4.35-xforwarded-for/src/options.c 2010-12-06 21:56:08.774829832 +0100
-@@ -818,6 +818,29 @@
- }
- #endif
-
-+ /* xforwardedfor */
-+ switch(cmd) {
-+ case CMD_INIT:
-+ section->option.xforwardedfor=0;
-+ break;
-+ case CMD_EXEC:
-+ if(strcasecmp(opt, "xforwardedfor"))
-+ break;
-+ if(!strcasecmp(arg, "yes"))
-+ section->option.xforwardedfor=1;
-+ else if(!strcasecmp(arg, "no"))
-+ section->option.xforwardedfor=0;
-+ else
-+ return "argument should be either 'yes' or 'no'";
-+ return NULL; /* OK */
-+ case CMD_DEFAULT:
-+ break;
-+ case CMD_HELP:
-+ s_log(LOG_NOTICE, "%-15s = yes|no append an HTTP X-Forwarded-For header",
-+ "xforwardedfor");
-+ break;
-+ }
-+
- /* exec */
- switch(cmd) {
- case CMD_INIT:
-diff -ru stunnel-4.35/src/prototypes.h stunnel-4.35-xforwarded-for/src/prototypes.h
---- stunnel-4.35/src/prototypes.h 2010-09-14 17:09:50.000000000 +0200
-+++ stunnel-4.35-xforwarded-for/src/prototypes.h 2010-12-06 21:56:08.774829832 +0100
-@@ -171,6 +171,7 @@
- struct {
- unsigned int client:1;
- unsigned int delayed_lookup:1;
-+ unsigned int xforwardedfor:1;
- unsigned int accept:1;
- unsigned int remote:1;
- unsigned int retry:1; /* loop remote+program */
-@@ -346,6 +347,8 @@
- FD *ssl_rfd, *ssl_wfd; /* read and write SSL descriptors */
- int sock_bytes, ssl_bytes; /* bytes written to socket and ssl */
- s_poll_set fds; /* file descriptors */
-+ int buffsize; /* current buffer size, may be lower than BUFFSIZE */
-+ int crlf_seen; /* the number of successive CRLF seen */
- } CLI;
-
- extern int max_fds, max_clients;
diff --git a/net-misc/stunnel/files/stunnel-4.36-listen-queue.diff b/net-misc/stunnel/files/stunnel-4.36-listen-queue.diff
deleted file mode 100644
index ff231255ff3d..000000000000
--- a/net-misc/stunnel/files/stunnel-4.36-listen-queue.diff
+++ /dev/null
@@ -1,51 +0,0 @@
-diff -urN stunnel-4.36/src/options.c stunnel-4.36-new/src/options.c
---- stunnel-4.36/src/options.c 2011-04-30 15:14:02.000000000 -0700
-+++ stunnel-4.36-new/src/options.c 2011-05-26 11:42:10.455120934 -0700
-@@ -1484,6 +1484,24 @@
- break;
- }
-
-+ /* listenqueue */
-+ switch(cmd) {
-+ case CMD_INIT:
-+ section->listenqueue=SOMAXCONN;
-+ break;
-+ case CMD_EXEC:
-+ if(strcasecmp(opt, "listenqueue"))
-+ break;
-+ section->listenqueue=atoi(arg);
-+ return (section->listenqueue?NULL:"Bad verify level");
-+ case CMD_DEFAULT:
-+ s_log(LOG_NOTICE, "%-15s = %d", "listenqueue", SOMAXCONN);
-+ break;
-+ case CMD_HELP:
-+ s_log(LOG_NOTICE, "%-15s = defines the maximum length the queue of pending connections may grow to", "listenqueue");
-+ break;
-+ }
-+
- if(cmd==CMD_EXEC)
- return option_not_found;
- return NULL; /* OK */
-diff -urN stunnel-4.36/src/prototypes.h stunnel-4.36-new/src/prototypes.h
---- stunnel-4.36/src/prototypes.h 2011-05-01 11:18:01.000000000 -0700
-+++ stunnel-4.36-new/src/prototypes.h 2011-05-26 11:42:33.285154425 -0700
-@@ -158,6 +158,7 @@
- int timeout_close; /* maximum close_notify time */
- int timeout_connect; /* maximum connect() time */
- int timeout_idle; /* maximum idle connection time */
-+ int listenqueue; /* Listen baklog */
- enum {FAILOVER_RR, FAILOVER_PRIO} failover; /* failover strategy */
-
- /* protocol name for protocol.c */
-diff -urN stunnel-4.36/src/stunnel.c stunnel-4.36-new/src/stunnel.c
---- stunnel-4.36/src/stunnel.c 2011-05-02 14:51:02.000000000 -0700
-+++ stunnel-4.36-new/src/stunnel.c 2011-05-26 11:46:37.775513010 -0700
-@@ -241,7 +241,7 @@
- }
- s_log(LOG_DEBUG, "Service %s bound to %s",
- opt->servname, opt->local_address);
-- if(listen(opt->fd, SOMAXCONN)) {
-+ if(listen(opt->fd, opt->listenqueue)) {
- sockerror("listen");
- return 0;
- }
diff --git a/net-misc/stunnel/files/stunnel-4.36-xforwarded-for.diff b/net-misc/stunnel/files/stunnel-4.36-xforwarded-for.diff
deleted file mode 100644
index 3520ad19dfae..000000000000
--- a/net-misc/stunnel/files/stunnel-4.36-xforwarded-for.diff
+++ /dev/null
@@ -1,249 +0,0 @@
-diff -urN stunnel-4.36/doc/stunnel.8 stunnel-4.36-new//doc/stunnel.8
---- stunnel-4.36/doc/stunnel.8 2011-04-27 14:02:40.000000000 -0700
-+++ stunnel-4.36-new//doc/stunnel.8 2011-05-26 11:37:07.024675893 -0700
-@@ -556,6 +556,10 @@
- .IP "\fBTIMEOUTidle\fR = seconds" 4
- .IX Item "TIMEOUTidle = seconds"
- time to keep an idle connection
-+.IP "\fBxforwardedfor\fR = yes | no" 4
-+.IX Item "xforwardedfor = yes | no"
-+append an 'X-Forwarded-For:' HTTP request header providing the
-+client's IP address to the server.
- .IP "\fBtransparent\fR = none | source | destination | both (Unix only)" 4
- .IX Item "transparent = none | source | destination | both (Unix only)"
- enable transparent proxy support on selected platforms
-diff -urN stunnel-4.36/doc/stunnel.fr.8 stunnel-4.36-new//doc/stunnel.fr.8
---- stunnel-4.36/doc/stunnel.fr.8 2011-02-09 11:37:46.000000000 -0800
-+++ stunnel-4.36-new//doc/stunnel.fr.8 2011-05-26 11:37:07.024675893 -0700
-@@ -394,6 +394,10 @@
- .IP "\fBTIMEOUTidle\fR = secondes" 4
- .IX Item "TIMEOUTidle = secondes"
- Durée d'attente sur une connexion inactive
-+.IP "\fBxforwardedfor\fR = yes | no" 4
-+.IX Item "xforwardedfor = yes | no"
-+Ajoute un en-tête 'X-Forwarded-For:' dans la requête HTTP fournissant
-+au serveur l'adresse IP du client.
- .IP "\fBtransparent\fR = yes | no (Unix seulement)" 4
- .IX Item "transparent = yes | no (Unix seulement)"
- Mode mandataire transparent
-diff -urN stunnel-4.36/src/client.c stunnel-4.36-new//src/client.c
---- stunnel-4.36/src/client.c 2011-05-02 09:12:53.000000000 -0700
-+++ stunnel-4.36-new//src/client.c 2011-05-26 11:37:07.024675893 -0700
-@@ -86,6 +86,12 @@
- return NULL;
- }
- c->opt=opt;
-+ /* some options need space to add some information */
-+ if (c->opt->option.xforwardedfor)
-+ c->buffsize = BUFFSIZE - BUFF_RESERVED;
-+ else
-+ c->buffsize = BUFFSIZE;
-+ c->crlf_seen=0;
- c->local_rfd.fd=rfd;
- c->local_wfd.fd=wfd;
- return c;
-@@ -381,6 +387,28 @@
- }
- }
-
-+/* Moves all data from the buffer <buffer> between positions <start> and <stop>
-+ * to insert <string> of length <len>. <start> and <stop> are updated to their
-+ * new respective values, and the number of characters inserted is returned.
-+ * If <len> is too long, nothing is done and -1 is returned.
-+ * Note that neither <string> nor <buffer> can be NULL.
-+ */
-+static int buffer_insert_with_len(char *buffer, int *start, int *stop, int limit, char *string, int len) {
-+ if (len > limit - *stop)
-+ return -1;
-+ if (*start > *stop)
-+ return -1;
-+ memmove(buffer + *start + len, buffer + *start, *stop - *start);
-+ memcpy(buffer + *start, string, len);
-+ *start += len;
-+ *stop += len;
-+ return len;
-+}
-+
-+static int buffer_insert(char *buffer, int *start, int *stop, int limit, char *string) {
-+ return buffer_insert_with_len(buffer, start, stop, limit, string, strlen(string));
-+}
-+
- /****************************** transfer data */
- static void transfer(CLI *c) {
- int watchdog=0; /* a counter to detect an infinite loop */
-@@ -399,7 +427,7 @@
- do { /* main loop of client data transfer */
- /****************************** initialize *_wants_* */
- read_wants_read=
-- ssl_open_rd && c->ssl_ptr<BUFFSIZE && !read_wants_write;
-+ ssl_open_rd && c->ssl_ptr<c->buffsize && !read_wants_write;
- write_wants_write=
- ssl_open_wr && c->sock_ptr && !write_wants_read;
-
-@@ -408,7 +436,7 @@
- /* for plain socket open data strem = open file descriptor */
- /* make sure to add each open socket to receive exceptions! */
- if(sock_open_rd)
-- s_poll_add(&c->fds, c->sock_rfd->fd, c->sock_ptr<BUFFSIZE, 0);
-+ s_poll_add(&c->fds, c->sock_rfd->fd, c->sock_ptr<c->buffsize, 0);
- if(sock_open_wr)
- s_poll_add(&c->fds, c->sock_wfd->fd, 0, c->ssl_ptr);
- /* for SSL assume that sockets are open if there any pending requests */
-@@ -542,7 +570,7 @@
- /****************************** read from socket */
- if(sock_open_rd && sock_can_rd) {
- num=readsocket(c->sock_rfd->fd,
-- c->sock_buff+c->sock_ptr, BUFFSIZE-c->sock_ptr);
-+ c->sock_buff+c->sock_ptr, c->buffsize-c->sock_ptr);
- switch(num) {
- case -1:
- parse_socket_error(c, "readsocket");
-@@ -578,7 +606,7 @@
- /****************************** update *_wants_* based on new *_ptr */
- /* this update is also required for SSL_pending() to be used */
- read_wants_read=
-- ssl_open_rd && c->ssl_ptr<BUFFSIZE && !read_wants_write;
-+ ssl_open_rd && c->ssl_ptr<c->buffsize && !read_wants_write;
- write_wants_write=
- ssl_open_wr && c->sock_ptr && !write_wants_read;
-
-@@ -588,10 +616,71 @@
- * writesocket() above made some room in c->ssl_buff */
- (read_wants_write && ssl_can_wr)) {
- read_wants_write=0;
-- num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, BUFFSIZE-c->ssl_ptr);
-+ num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, c->buffsize-c->ssl_ptr);
- switch(err=SSL_get_error(c->ssl, num)) {
- case SSL_ERROR_NONE:
-- c->ssl_ptr+=num;
-+ if (c->buffsize != BUFFSIZE && c->opt->option.xforwardedfor) { /* some work left to do */
-+ int last = c->ssl_ptr;
-+ c->ssl_ptr += num;
-+
-+ /* Look for end of HTTP headers between last and ssl_ptr.
-+ * To achieve this reliably, we have to count the number of
-+ * successive [CR]LF and to memorize it in case it's spread
-+ * over multiple segments. --WT.
-+ */
-+ while (last < c->ssl_ptr) {
-+ if (c->ssl_buff[last] == '\n') {
-+ if (++c->crlf_seen == 2)
-+ break;
-+ } else if (last < c->ssl_ptr - 1 &&
-+ c->ssl_buff[last] == '\r' &&
-+ c->ssl_buff[last+1] == '\n') {
-+ if (++c->crlf_seen == 2)
-+ break;
-+ last++;
-+ } else if (c->ssl_buff[last] != '\r')
-+ /* don't refuse '\r' because we may get a '\n' on next read */
-+ c->crlf_seen = 0;
-+ last++;
-+ }
-+ if (c->crlf_seen >= 2) {
-+ /* We have all the HTTP headers now. We don't need to
-+ * reserve any space anymore. <ssl_ptr> points to the
-+ * first byte of unread data, and <last> points to the
-+ * exact location where we want to insert our headers,
-+ * which is right before the empty line.
-+ */
-+ c->buffsize = BUFFSIZE;
-+
-+ if (c->opt->option.xforwardedfor) {
-+ /* X-Forwarded-For: xxxx \r\n\0 */
-+ char xforw[17 + IPLEN + 3];
-+
-+ /* We will insert our X-Forwarded-For: header here.
-+ * We need to write the IP address, but if we use
-+ * sprintf, it will pad with the terminating 0.
-+ * So we will pass via a temporary buffer allocated
-+ * on the stack.
-+ */
-+ memcpy(xforw, "X-Forwarded-For: ", 17);
-+ if (getnameinfo(&c->peer_addr.addr[0].sa,
-+ addr_len(c->peer_addr.addr[0]),
-+ xforw + 17, IPLEN, NULL, 0,
-+ NI_NUMERICHOST) == 0) {
-+ strcat(xforw + 17, "\r\n");
-+ buffer_insert(c->ssl_buff, &last, &c->ssl_ptr,
-+ c->buffsize, xforw);
-+ }
-+ /* last still points to the \r\n and ssl_ptr to the
-+ * end of the buffer, so we may add as many headers
-+ * as wee need to.
-+ */
-+ }
-+ }
-+ }
-+ else
-+ c->ssl_ptr+=num;
-+
- watchdog=0; /* reset watchdog */
- break;
- case SSL_ERROR_WANT_WRITE:
-diff -urN stunnel-4.36/src/common.h stunnel-4.36-new//src/common.h
---- stunnel-4.36/src/common.h 2011-05-01 11:42:47.000000000 -0700
-+++ stunnel-4.36-new//src/common.h 2011-05-26 11:37:50.534739709 -0700
-@@ -52,6 +52,9 @@
- /* I/O buffer size */
- #define BUFFSIZE 16384
-
-+/* maximum space reserved for header insertion in BUFFSIZE */
-+#define BUFF_RESERVED 1024
-+
- /* IP address and TCP port textual representation length */
- #define IPLEN 128
-
-diff -urN stunnel-4.36/src/options.c stunnel-4.36-new//src/options.c
---- stunnel-4.36/src/options.c 2011-04-30 15:14:02.000000000 -0700
-+++ stunnel-4.36-new//src/options.c 2011-05-26 11:37:07.034675915 -0700
-@@ -818,6 +818,29 @@
- }
- #endif
-
-+ /* xforwardedfor */
-+ switch(cmd) {
-+ case CMD_INIT:
-+ section->option.xforwardedfor=0;
-+ break;
-+ case CMD_EXEC:
-+ if(strcasecmp(opt, "xforwardedfor"))
-+ break;
-+ if(!strcasecmp(arg, "yes"))
-+ section->option.xforwardedfor=1;
-+ else if(!strcasecmp(arg, "no"))
-+ section->option.xforwardedfor=0;
-+ else
-+ return "argument should be either 'yes' or 'no'";
-+ return NULL; /* OK */
-+ case CMD_DEFAULT:
-+ break;
-+ case CMD_HELP:
-+ s_log(LOG_NOTICE, "%-15s = yes|no append an HTTP X-Forwarded-For header",
-+ "xforwardedfor");
-+ break;
-+ }
-+
- /* exec */
- switch(cmd) {
- case CMD_INIT:
-diff -urN stunnel-4.36/src/prototypes.h stunnel-4.36-new//src/prototypes.h
---- stunnel-4.36/src/prototypes.h 2011-05-01 11:18:01.000000000 -0700
-+++ stunnel-4.36-new//src/prototypes.h 2011-05-26 11:37:07.034675915 -0700
-@@ -171,6 +171,7 @@
- struct {
- unsigned int client:1;
- unsigned int delayed_lookup:1;
-+ unsigned int xforwardedfor:1;
- unsigned int accept:1;
- unsigned int remote:1;
- unsigned int retry:1; /* loop remote+program */
-@@ -351,6 +352,8 @@
- FD *ssl_rfd, *ssl_wfd; /* read and write SSL descriptors */
- int sock_bytes, ssl_bytes; /* bytes written to socket and ssl */
- s_poll_set fds; /* file descriptors */
-+ int buffsize; /* current buffer size, may be lower than BUFFSIZE */
-+ int crlf_seen; /* the number of successive CRLF seen */
- } CLI;
-
- CLI *alloc_client_session(SERVICE_OPTIONS *, int, int);
diff --git a/net-misc/stunnel/stunnel-4.25.ebuild b/net-misc/stunnel/stunnel-4.25.ebuild
deleted file mode 100644
index 6b9349fa72f2..000000000000
--- a/net-misc/stunnel/stunnel-4.25.ebuild
+++ /dev/null
@@ -1,81 +0,0 @@
-# Copyright 1999-2009 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/stunnel-4.25.ebuild,v 1.9 2009/09/24 18:36:42 ramereth Exp $
-
-inherit autotools ssl-cert eutils
-
-DESCRIPTION="TLS/SSL - Port Wrapper"
-HOMEPAGE="http://stunnel.mirt.net/"
-SRC_URI="http://www.stunnel.org/download/stunnel/src/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="alpha amd64 arm hppa ~ia64 ppc ppc64 sparc x86"
-IUSE="ipv6 selinux tcpd"
-
-DEPEND="tcpd? ( sys-apps/tcp-wrappers )
- >=dev-libs/openssl-0.9.6j"
-RDEPEND="${DEPEND}
- selinux? ( sec-policy/selinux-stunnel )"
-
-pkg_setup() {
- enewgroup stunnel
- enewuser stunnel -1 -1 -1 stunnel
-}
-
-src_unpack() {
- unpack ${A}
- cd "${S}"
- epatch "${FILESDIR}/${PN}-4.21-libwrap.patch"
- eautoreconf
-
- # Hack away generation of certificate
- sed -i -e "s/^install-data-local:/do-not-run-this:/" \
- tools/Makefile.in || die "sed failed"
-}
-
-src_compile() {
- econf $(use_enable ipv6) \
- $(use_enable tcpd libwrap) || die "econf died"
- emake || die "emake died"
-}
-
-src_install() {
- emake DESTDIR="${D}" install || die "emake install failed"
- rm -rf "${D}"/usr/share/doc/${PN}
- rm -f "${D}"/etc/stunnel/stunnel.conf-sample "${D}"/usr/bin/stunnel3 \
- "${D}"/usr/share/man/man8/stunnel.{fr,pl}.8
-
- # The binary was moved to /usr/bin with 4.21,
- # symlink for backwards compatibility
- dosym ../bin/stunnel /usr/sbin/stunnel
-
- dodoc AUTHORS BUGS CREDITS PORTS README TODO ChangeLog doc/en/transproxy.txt
- dohtml doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html \
- tools/importCA.html
-
- insinto /etc/stunnel
- doins "${FILESDIR}"/stunnel.conf
- newinitd "${FILESDIR}"/stunnel.rc6 stunnel
-
- keepdir /var/run/stunnel
- fowners stunnel:stunnel /var/run/stunnel
-}
-
-pkg_postinst() {
- if [ ! -f "${ROOT}"/etc/stunnel/stunnel.key ]; then
- install_cert /etc/stunnel/stunnel
- chown stunnel:stunnel "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
- chmod 0640 "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
- fi
-
- if [ ! -z "$(grep /etc/stunnel/stunnel.pid \
- "${ROOT}"/etc/stunnel/stunnel.conf )" ] ; then
-
- ewarn "As of stunnel-4.09, the pid file will be located in /var/run/stunnel."
- ewarn "Please stop stunnel, etc-update, and start stunnel back up to ensure"
- ewarn "the update takes place"
- ewarn
- ewarn "The new location will be /var/run/stunnel/stunnel.pid"
- fi
-}
diff --git a/net-misc/stunnel/stunnel-4.33.ebuild b/net-misc/stunnel/stunnel-4.33.ebuild
deleted file mode 100644
index f2648d6ae910..000000000000
--- a/net-misc/stunnel/stunnel-4.33.ebuild
+++ /dev/null
@@ -1,75 +0,0 @@
-# Copyright 1999-2011 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/stunnel-4.33.ebuild,v 1.3 2011/05/26 18:25:22 ramereth Exp $
-
-EAPI="2"
-
-inherit autotools ssl-cert eutils
-
-DESCRIPTION="TLS/SSL - Port Wrapper"
-HOMEPAGE="http://stunnel.mirt.net/"
-SRC_URI="http://www.stunnel.org/download/stunnel/src/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc x86"
-IUSE="ipv6 selinux tcpd xforward"
-
-DEPEND="tcpd? ( sys-apps/tcp-wrappers )
- >=dev-libs/openssl-0.9.8k"
-RDEPEND="${DEPEND}
- selinux? ( sec-policy/selinux-stunnel )"
-
-pkg_setup() {
- enewgroup stunnel
- enewuser stunnel -1 -1 -1 stunnel
-}
-
-src_prepare() {
- epatch "${FILESDIR}/${PN}-4.21-libwrap.patch"
- use xforward && epatch "${FILESDIR}/${PN}-4.31-x-forwarded-for.patch"
- eautoreconf
-
- # Hack away generation of certificate
- sed -i -e "s/^install-data-local:/do-not-run-this:/" \
- tools/Makefile.in || die "sed failed"
-}
-
-src_configure() {
- econf $(use_enable ipv6) \
- $(use_enable tcpd libwrap) || die "econf died"
-}
-
-src_install() {
- emake DESTDIR="${D}" install || die "emake install failed"
- rm -rf "${D}"/usr/share/doc/${PN}
- rm -f "${D}"/etc/stunnel/stunnel.conf-sample "${D}"/usr/bin/stunnel3 \
- "${D}"/usr/share/man/man8/stunnel.{fr,pl}.8
-
- # The binary was moved to /usr/bin with 4.21,
- # symlink for backwards compatibility
- dosym ../bin/stunnel /usr/sbin/stunnel
-
- dodoc AUTHORS BUGS CREDITS PORTS README TODO ChangeLog
- dohtml doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html \
- tools/importCA.html
-
- insinto /etc/stunnel
- doins "${FILESDIR}"/stunnel.conf
- newinitd "${FILESDIR}"/stunnel.initd stunnel
-
- keepdir /var/run/stunnel
- fowners stunnel:stunnel /var/run/stunnel
-}
-
-pkg_postinst() {
- if [ ! -f "${ROOT}"/etc/stunnel/stunnel.key ]; then
- install_cert /etc/stunnel/stunnel
- chown stunnel:stunnel "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
- chmod 0640 "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
- fi
-
- einfo "If you want to run multiple instances of stunnel, create a new config"
- einfo "file ending with .conf in /etc/stunnel/. **Make sure** you change "
- einfo "\'pid= \' with a unique filename."
-}
diff --git a/net-misc/stunnel/stunnel-4.35.ebuild b/net-misc/stunnel/stunnel-4.35.ebuild
deleted file mode 100644
index 6f613889327e..000000000000
--- a/net-misc/stunnel/stunnel-4.35.ebuild
+++ /dev/null
@@ -1,76 +0,0 @@
-# Copyright 1999-2011 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/stunnel-4.35.ebuild,v 1.5 2011/05/28 16:49:54 armin76 Exp $
-
-EAPI="2"
-
-inherit autotools ssl-cert eutils
-
-DESCRIPTION="TLS/SSL - Port Wrapper"
-HOMEPAGE="http://stunnel.mirt.net/"
-SRC_URI="ftp://ftp.stunnel.org/stunnel/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 ~s390 sparc x86"
-IUSE="ipv6 selinux tcpd xforward listen-queue"
-
-DEPEND="tcpd? ( sys-apps/tcp-wrappers )
- >=dev-libs/openssl-0.9.8k"
-RDEPEND="${DEPEND}
- selinux? ( sec-policy/selinux-stunnel )"
-
-pkg_setup() {
- enewgroup stunnel
- enewuser stunnel -1 -1 -1 stunnel
-}
-
-src_prepare() {
- epatch "${FILESDIR}/${PN}-4.35-libwrap.patch"
- use xforward && epatch "${FILESDIR}/stunnel-4.35-xforwarded-for.diff"
- use listen-queue && epatch "${FILESDIR}/stunnel-4.34-listen-queue.diff"
- eautoreconf
-
- # Hack away generation of certificate
- sed -i -e "s/^install-data-local:/do-not-run-this:/" \
- tools/Makefile.in || die "sed failed"
-}
-
-src_configure() {
- econf $(use_enable ipv6) \
- $(use_enable tcpd libwrap) || die "econf died"
-}
-
-src_install() {
- emake DESTDIR="${D}" install || die "emake install failed"
- rm -rf "${D}"/usr/share/doc/${PN}
- rm -f "${D}"/etc/stunnel/stunnel.conf-sample "${D}"/usr/bin/stunnel3 \
- "${D}"/usr/share/man/man8/stunnel.{fr,pl}.8
-
- # The binary was moved to /usr/bin with 4.21,
- # symlink for backwards compatibility
- dosym ../bin/stunnel /usr/sbin/stunnel
-
- dodoc AUTHORS BUGS CREDITS PORTS README TODO ChangeLog
- dohtml doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html \
- tools/importCA.html
-
- insinto /etc/stunnel
- doins "${FILESDIR}"/stunnel.conf
- newinitd "${FILESDIR}"/stunnel.initd stunnel
-
- keepdir /var/run/stunnel
- fowners stunnel:stunnel /var/run/stunnel
-}
-
-pkg_postinst() {
- if [ ! -f "${ROOT}"/etc/stunnel/stunnel.key ]; then
- install_cert /etc/stunnel/stunnel
- chown stunnel:stunnel "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
- chmod 0640 "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
- fi
-
- einfo "If you want to run multiple instances of stunnel, create a new config"
- einfo "file ending with .conf in /etc/stunnel/. **Make sure** you change "
- einfo "\'pid= \' with a unique filename."
-}
diff --git a/net-misc/stunnel/stunnel-4.36.ebuild b/net-misc/stunnel/stunnel-4.36.ebuild
deleted file mode 100644
index 3a89bae55a12..000000000000
--- a/net-misc/stunnel/stunnel-4.36.ebuild
+++ /dev/null
@@ -1,75 +0,0 @@
-# Copyright 1999-2011 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/stunnel-4.36.ebuild,v 1.1 2011/05/26 18:55:27 ramereth Exp $
-
-EAPI="2"
-
-inherit autotools ssl-cert eutils
-
-DESCRIPTION="TLS/SSL - Port Wrapper"
-HOMEPAGE="http://stunnel.mirt.net/"
-SRC_URI="ftp://ftp.stunnel.org/stunnel/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc ~x86"
-IUSE="ipv6 selinux tcpd xforward listen-queue"
-
-DEPEND="tcpd? ( sys-apps/tcp-wrappers )
- >=dev-libs/openssl-0.9.8k"
-RDEPEND="${DEPEND}
- selinux? ( sec-policy/selinux-stunnel )"
-
-pkg_setup() {
- enewgroup stunnel
- enewuser stunnel -1 -1 -1 stunnel
-}
-
-src_prepare() {
- use xforward && epatch "${FILESDIR}/stunnel-4.36-xforwarded-for.diff"
- use listen-queue && epatch "${FILESDIR}/stunnel-4.36-listen-queue.diff"
- eautoreconf
-
- # Hack away generation of certificate
- sed -i -e "s/^install-data-local:/do-not-run-this:/" \
- tools/Makefile.in || die "sed failed"
-}
-
-src_configure() {
- econf $(use_enable ipv6) \
- $(use_enable tcpd libwrap) || die "econf died"
-}
-
-src_install() {
- emake DESTDIR="${D}" install || die "emake install failed"
- rm -rf "${D}"/usr/share/doc/${PN}
- rm -f "${D}"/etc/stunnel/stunnel.conf-sample "${D}"/usr/bin/stunnel3 \
- "${D}"/usr/share/man/man8/stunnel.{fr,pl}.8
-
- # The binary was moved to /usr/bin with 4.21,
- # symlink for backwards compatibility
- dosym ../bin/stunnel /usr/sbin/stunnel
-
- dodoc AUTHORS BUGS CREDITS PORTS README TODO ChangeLog
- dohtml doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html \
- tools/importCA.html
-
- insinto /etc/stunnel
- doins "${FILESDIR}"/stunnel.conf
- newinitd "${FILESDIR}"/stunnel.initd stunnel
-
- keepdir /var/run/stunnel
- fowners stunnel:stunnel /var/run/stunnel
-}
-
-pkg_postinst() {
- if [ ! -f "${ROOT}"/etc/stunnel/stunnel.key ]; then
- install_cert /etc/stunnel/stunnel
- chown stunnel:stunnel "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
- chmod 0640 "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
- fi
-
- einfo "If you want to run multiple instances of stunnel, create a new config"
- einfo "file ending with .conf in /etc/stunnel/. **Make sure** you change "
- einfo "\'pid= \' with a unique filename."
-}