SOURCES: stunnel-config.patch, stunnel-gethostbyname_is_in_libc_ak...
areq
areq at pld-linux.org
Sat Sep 2 14:17:22 CEST 2006
Author: areq Date: Sat Sep 2 12:17:22 2006 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- 4.16
---- Files affected:
SOURCES:
stunnel-config.patch (1.3 -> 1.4) , stunnel-gethostbyname_is_in_libc_aka_no_libnsl.patch (1.7 -> 1.8)
---- Diffs:
================================================================
Index: SOURCES/stunnel-config.patch
diff -u SOURCES/stunnel-config.patch:1.3 SOURCES/stunnel-config.patch:1.4
--- SOURCES/stunnel-config.patch:1.3 Mon Apr 3 10:31:41 2006
+++ SOURCES/stunnel-config.patch Sat Sep 2 14:17:17 2006
@@ -1,6 +1,6 @@
---- stunnel-4.15/tools/stunnel.conf-sample.in.orig 2006-01-07 14:58:50.000000000 +0100
-+++ stunnel-4.15/tools/stunnel.conf-sample.in 2006-04-01 23:31:04.987918000 +0200
-@@ -3,15 +3,16 @@
+--- stunnel-4.16/tools/stunnel.conf-sample.in.orig 2006-08-31 19:02:30.000000000 +0000
++++ stunnel-4.16/tools/stunnel.conf-sample.in 2006-09-02 12:08:51.776623500 +0000
+@@ -3,18 +3,18 @@
; Please make sure you understand them (especially the effect of chroot jail)
; Certificate/key is needed in server mode and optional in client mode
@@ -9,21 +9,38 @@
+cert = /etc/stunnel/mail.pem
+;key = /etc/stunnel/mail.pem
+ ; Protocol version (all, SSLv2, SSLv3, TLSv1)
+ sslVersion = SSLv3
+
; Some security enhancements for UNIX systems - comment them out on Win32
-chroot = @prefix@/var/lib/stunnel/
-setuid = nobody
--setgid = nogroup
-+;chroot = @prefix@/var/lib/stunnel/
+-setgid = @DEFAULT_GROUP@
++;chroot = /var/lib/stunnel/
+setuid = stunnel
+setgid = stunnel
; PID is created inside chroot jail
-pid = /stunnel.pid
-+;pid = /stunnel.pid
+pid = /var/run/stunnel/stunnel.pid
; Some performance tunings
socket = l:TCP_NODELAY=1
-@@ -43,17 +44,17 @@
+@@ -30,12 +30,12 @@
+ ; CApath is located inside chroot jail
+ ;CApath = /certs
+ ; It's often easier to use CAfile
+-;CAfile = @prefix@/etc/stunnel/certs.pem
++;CAfile = /etc/stunnel/certs.pem
+ ; Don't forget to c_rehash CRLpath
+ ; CRLpath is located inside chroot jail
+ ;CRLpath = /crls
+ ; Alternatively you can use CRLfile
+-;CRLfile = @prefix@/etc/stunnel/crls.pem
++;CRLfile = /etc/stunnel/crls.pem
+
+ ; Some debugging stuff useful for troubleshooting
+ ;debug = 7
+@@ -46,17 +46,17 @@
; Service-level configuration
================================================================
Index: SOURCES/stunnel-gethostbyname_is_in_libc_aka_no_libnsl.patch
diff -u SOURCES/stunnel-gethostbyname_is_in_libc_aka_no_libnsl.patch:1.7 SOURCES/stunnel-gethostbyname_is_in_libc_aka_no_libnsl.patch:1.8
--- SOURCES/stunnel-gethostbyname_is_in_libc_aka_no_libnsl.patch:1.7 Tue Jan 24 13:35:08 2006
+++ SOURCES/stunnel-gethostbyname_is_in_libc_aka_no_libnsl.patch Sat Sep 2 14:17:17 2006
@@ -1,13 +1,11 @@
---- stunnel-4.14/configure.ac.orig 2006-01-24 13:27:15.000000000 +0100
-+++ stunnel-4.14/configure.ac 2006-01-24 13:28:56.000000000 +0100
-@@ -41,9 +41,9 @@
-
+--- stunnel-4.16/configure.ac.orig 2006-08-19 20:28:14.000000000 +0000
++++ stunnel-4.16/configure.ac 2006-09-02 12:00:10.916071750 +0000
+@@ -91,8 +91,8 @@
AC_MSG_NOTICE([**************************************** libraries])
# Checks for standard libraries
--AC_CHECK_LIB(nsl, gethostbyname)
+ AC_SEARCH_LIBS(gethostbyname, nsl)
-AC_CHECK_LIB(socket, socket)
-AC_CHECK_LIB(util, openpty)
-+AC_SEARCH_LIBS(gethostbyname, nsl)
+AC_SEARCH_LIBS(socket, socket)
+AC_SEARCH_LIBS(openpty, util)
# Checks for dynamic loader and zlib needed by OpenSSL
================================================================
---- CVS-web:
http://cvs.pld-linux.org/SOURCES/stunnel-config.patch?r1=1.3&r2=1.4&f=u
http://cvs.pld-linux.org/SOURCES/stunnel-gethostbyname_is_in_libc_aka_no_libnsl.patch?r1=1.7&r2=1.8&f=u
More information about the pld-cvs-commit
mailing list