[packages/stunnel] - up to 5.49

arekm arekm at pld-linux.org
Thu Sep 20 18:34:19 CEST 2018 

commit 6ee0e7eaf87827a9b032d311147057082be6318c
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date:   Thu Sep 20 18:34:12 2018 +0200

    - up to 5.49

 stunnel-am.patch                   | 11 ------
 stunnel-authpriv.patch             | 23 ------------
 stunnel-config.patch               | 73 +++++---------------------------------
 stunnel-libwrap_srv_name_log.patch | 13 ++++---
 stunnel.spec                       | 19 +++++-----
 5 files changed, 23 insertions(+), 116 deletions(-)
---
diff --git a/stunnel.spec b/stunnel.spec
index def6278..ecc9255 100644
--- a/stunnel.spec
+++ b/stunnel.spec
@@ -1,20 +1,18 @@
 Summary:	Universal SSL tunnel
 Summary(pl.UTF-8):	Uniwersalne narzędzie do bezpiecznego tunelowania
 Name:		stunnel
-Version:	5.14
-Release:	3
+Version:	5.49
+Release:	1
 License:	GPL v2+ with OpenSSL exception
 Group:		Networking/Daemons
 Source0:	ftp://ftp.stunnel.org/stunnel/%{name}-%{version}.tar.gz
-# Source0-md5:	e716501960dc6856d80f92547298f724
+# Source0-md5:	0b41240e5585ec7d55ca343feed5530f
 Source1:	%{name}.init
 Source2:	%{name}.sysconfig
 Source3:	%{name}.inet
 Source4:	%{name}.tmpfiles
-Patch0:		%{name}-authpriv.patch
-Patch2:		%{name}-am.patch
-Patch3:		%{name}-libwrap_srv_name_log.patch
-Patch4:		%{name}-config.patch
+Patch0:		%{name}-config.patch
+Patch1:		stunnel-libwrap_srv_name_log.patch
 URL:		http://www.stunnel.org/
 BuildRequires:	autoconf >= 2.50
 BuildRequires:	automake
@@ -80,16 +78,15 @@ stunnel działający jako usługa inetd.
 %prep
 %setup -q
 %patch0 -p1
-%patch2 -p1
-%patch3 -p1
-%patch4 -p1
+%patch1 -p1
 
 %build
 %{__libtoolize}
 %{__aclocal}
 %{__autoconf}
 %{__automake}
-%configure
+%configure \
+	--disable-silent-rules
 %{__make}
 
 %install
diff --git a/stunnel-am.patch b/stunnel-am.patch
deleted file mode 100644
index f4e00f4..0000000
--- a/stunnel-am.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- stunnel-4.46/tools/Makefile.am.orig	2011-10-21 18:13:23.000000000 +0200
-+++ stunnel-4.46/tools/Makefile.am	2011-11-06 06:51:03.223375866 +0100
-@@ -20,7 +20,7 @@
- 		else \
- 			RND=""; \
- 		fi; \
--		$(OPENSSL) req -new -x509 -days 365 $$RND \
-+		printf '\n\n\n\n\n\n' | $(OPENSSL) req -new -x509 -days 365 $$RND \
- 			-config $(srcdir)/stunnel.cnf \
- 			-out stunnel.pem -keyout stunnel.pem; \
- 		$(OPENSSL) gendh $$RND 1024 >> stunnel.pem; \
diff --git a/stunnel-authpriv.patch b/stunnel-authpriv.patch
deleted file mode 100644
index e8cc3e3..0000000
--- a/stunnel-authpriv.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-diff -ur stunnel-4.30/doc/stunnel.8 stunnel-4.30.new/doc/stunnel.8
---- stunnel-4.30/doc/stunnel.8	2010-01-21 12:26:39.000000000 +0100
-+++ stunnel-4.30.new/doc/stunnel.8	2010-01-21 15:14:16.687003848 +0100
-@@ -169,7 +169,7 @@
- all levels numerically less than it will be shown.  Use \fBdebug = debug\fR or
- \&\fBdebug = 7\fR for greatest debugging output.  The default is notice (5).
- .Sp
--The syslog facility 'daemon' will be used unless a facility name is supplied.
-+The syslog facility 'authpriv' will be used unless a facility name is supplied.
- (Facilities are not supported on Win32.)
- .Sp
- Case is ignored for both facilities and levels.
---- stunnel-5.14/src/options.c.orig	2015-04-04 07:44:40.423354083 +0200
-+++ stunnel-5.14/src/options.c	2015-04-04 07:56:59.416671995 +0200
-@@ -470,7 +470,7 @@
-     case CMD_BEGIN:
-         new_service_options.log_level=LOG_NOTICE;
- #if !defined (USE_WIN32) && !defined (__vms)
--        new_global_options.log_facility=LOG_DAEMON;
-+        new_global_options.log_facility=LOG_AUTHPRIV;
- #endif
-         break;
-     case CMD_EXEC:
diff --git a/stunnel-config.patch b/stunnel-config.patch
index 66a3971..181717e 100644
--- a/stunnel-config.patch
+++ b/stunnel-config.patch
@@ -1,72 +1,17 @@
---- stunnel-5.14/tools/stunnel.conf-sample.in.orig	2015-01-02 15:29:55.000000000 +0100
-+++ stunnel-5.14/tools/stunnel.conf-sample.in	2015-04-04 08:16:03.346648179 +0200
-@@ -12,11 +12,11 @@
- ; Remember also to update the logrotate configuration.
- ;chroot = @prefix@/var/lib/stunnel/
- ; Chroot jail can be escaped if setuid option is not used
+--- stunnel-5.49/tools/stunnel.conf-sample.in~	2018-04-06 16:25:10.000000000 +0200
++++ stunnel-5.49/tools/stunnel.conf-sample.in	2018-09-20 18:30:11.979864413 +0200
+@@ -8,11 +8,11 @@
+ ; **************************************************************************
+ 
+ ; It is recommended to drop root privileges if stunnel is started by root
 -;setuid = nobody
 -;setgid = @DEFAULT_GROUP@
 +setuid = stunnel
 +setgid = stunnel
  
  ; PID file is created inside the chroot jail (if enabled)
--;pid = @prefix@/var/run/stunnel.pid
-+pid = /var/run/stunnel/stunnel.pid
+-;pid = @localstatedir@/run/stunnel.pid
++pid = @localstatedir@/run/stunnel/stunnel.pid
  
  ; Debugging stuff (may be useful for troubleshooting)
- ;debug = 7
-@@ -27,8 +27,8 @@
- ; **************************************************************************
- 
- ; Certificate/key is needed in server mode and optional in client mode
--cert = @prefix@/etc/stunnel/mail.pem
--;key = @prefix@/etc/stunnel/mail.pem
-+cert = /etc/stunnel/mail.pem
-+;key = /etc/stunnel/mail.pem
- 
- ; Authentication stuff needs to be configured to prevent MITM attacks
- ; It is not enabled by default!
-@@ -37,12 +37,12 @@
- ; CApath is located inside chroot jail
- ;CApath = /certs
- ; It's often easier to use CAfile
--;CAfile = @prefix@/etc/stunnel/certs.pem
-+CAfile = /etc/stunnel/certs.pem
- ; Don't forget to c_rehash CRLpath
- ; CRLpath is located inside chroot jail
- ;CRLpath = /crls
- ; Alternatively CRLfile can be used
--;CRLfile = @prefix@/etc/stunnel/crls.pem
-+CRLfile = /etc/stunnel/crls.pem
- 
- ; Enable support for the insecure SSLv2 protocol
- ;options = -NO_SSLv2
-@@ -61,17 +61,17 @@
- 
- ; Example SSL server mode services
- 
--[pop3s]
--accept  = 995
--connect = 110
--
--[imaps]
--accept  = 993
--connect = 143
--
--[ssmtp]
--accept  = 465
--connect = 25
-+;[pop3s]
-+;accept  = 995
-+;connect = 110
-+
-+;[imaps]
-+;accept  = 993
-+;connect = 143
-+
-+;[ssmtp]
-+;accept  = 465
-+;connect = 25
- 
- ; Example SSL client mode services
- 
+ ;foreground = yes
diff --git a/stunnel-libwrap_srv_name_log.patch b/stunnel-libwrap_srv_name_log.patch
index e9ccb25..87e469d 100644
--- a/stunnel-libwrap_srv_name_log.patch
+++ b/stunnel-libwrap_srv_name_log.patch
@@ -1,13 +1,12 @@
---- stunnel-5.14/src/client.c.orig	2015-04-04 08:02:22.369998614 +0200
-+++ stunnel-5.14/src/client.c	2015-04-04 08:05:08.149995161 +0200
-@@ -1039,8 +1039,8 @@
+--- stunnel-5.49/src/client.c~	2018-08-26 19:36:09.000000000 +0200
++++ stunnel-5.49/src/client.c	2018-09-20 18:32:38.330919447 +0200
+@@ -1202,7 +1202,8 @@ NOEXPORT void auth_user(CLI *c) {
      while(*user==' ') /* skip leading spaces */
          ++user;
      if(strcmp(user, c->opt->username)) {
 -        s_log(LOG_WARNING, "Connection from %s REFUSED by IDENT (user \"%s\")",
--            accepted_address, user);
 +        s_log(LOG_WARNING, "Connection to service %s from %s REFUSED by IDENT (user \"%s\")",
-+            c->opt->servname, accepted_address, user);
++            c->opt->servname,
+             c->accepted_address, user);
          str_free(line);
-         longjmp(c->err, 1);
-     }
+         throw_exception(c, 1);
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/stunnel.git/commitdiff/6ee0e7eaf87827a9b032d311147057082be6318c

More information about the pld-cvs-commit mailing list