SOURCES: stunnel-config.patch, stunnel-gethostbyname_is_in_libc_ak...

areq areq at pld-linux.org
Sat Sep 2 14:17:22 CEST 2006 

Author: areq                         Date: Sat Sep  2 12:17:22 2006 GMT
Module: SOURCES                       Tag: HEAD
---- Log message:
- 4.16

---- Files affected:
SOURCES:
   stunnel-config.patch (1.3 -> 1.4) , stunnel-gethostbyname_is_in_libc_aka_no_libnsl.patch (1.7 -> 1.8) 

---- Diffs:

================================================================
Index: SOURCES/stunnel-config.patch
diff -u SOURCES/stunnel-config.patch:1.3 SOURCES/stunnel-config.patch:1.4
--- SOURCES/stunnel-config.patch:1.3	Mon Apr  3 10:31:41 2006
+++ SOURCES/stunnel-config.patch	Sat Sep  2 14:17:17 2006
@@ -1,6 +1,6 @@
---- stunnel-4.15/tools/stunnel.conf-sample.in.orig	2006-01-07 14:58:50.000000000 +0100
-+++ stunnel-4.15/tools/stunnel.conf-sample.in	2006-04-01 23:31:04.987918000 +0200
-@@ -3,15 +3,16 @@
+--- stunnel-4.16/tools/stunnel.conf-sample.in.orig	2006-08-31 19:02:30.000000000 +0000
++++ stunnel-4.16/tools/stunnel.conf-sample.in	2006-09-02 12:08:51.776623500 +0000
+@@ -3,18 +3,18 @@
  ; Please make sure you understand them (especially the effect of chroot jail)
  
  ; Certificate/key is needed in server mode and optional in client mode
@@ -9,21 +9,38 @@
 +cert = /etc/stunnel/mail.pem
 +;key = /etc/stunnel/mail.pem
  
+ ; Protocol version (all, SSLv2, SSLv3, TLSv1)
+ sslVersion = SSLv3
+ 
  ; Some security enhancements for UNIX systems - comment them out on Win32
 -chroot = @prefix@/var/lib/stunnel/
 -setuid = nobody
--setgid = nogroup
-+;chroot = @prefix@/var/lib/stunnel/
+-setgid = @DEFAULT_GROUP@
++;chroot = /var/lib/stunnel/
 +setuid = stunnel
 +setgid = stunnel
  ; PID is created inside chroot jail
 -pid = /stunnel.pid
-+;pid = /stunnel.pid
 +pid = /var/run/stunnel/stunnel.pid
  
  ; Some performance tunings
  socket = l:TCP_NODELAY=1
-@@ -43,17 +44,17 @@
+@@ -30,12 +30,12 @@
+ ; CApath is located inside chroot jail
+ ;CApath = /certs
+ ; It's often easier to use CAfile
+-;CAfile = @prefix@/etc/stunnel/certs.pem
++;CAfile = /etc/stunnel/certs.pem
+ ; Don't forget to c_rehash CRLpath
+ ; CRLpath is located inside chroot jail
+ ;CRLpath = /crls
+ ; Alternatively you can use CRLfile
+-;CRLfile = @prefix@/etc/stunnel/crls.pem
++;CRLfile = /etc/stunnel/crls.pem
+ 
+ ; Some debugging stuff useful for troubleshooting
+ ;debug = 7
+@@ -46,17 +46,17 @@
  
  ; Service-level configuration
  

================================================================
Index: SOURCES/stunnel-gethostbyname_is_in_libc_aka_no_libnsl.patch
diff -u SOURCES/stunnel-gethostbyname_is_in_libc_aka_no_libnsl.patch:1.7 SOURCES/stunnel-gethostbyname_is_in_libc_aka_no_libnsl.patch:1.8
--- SOURCES/stunnel-gethostbyname_is_in_libc_aka_no_libnsl.patch:1.7	Tue Jan 24 13:35:08 2006
+++ SOURCES/stunnel-gethostbyname_is_in_libc_aka_no_libnsl.patch	Sat Sep  2 14:17:17 2006
@@ -1,13 +1,11 @@
---- stunnel-4.14/configure.ac.orig	2006-01-24 13:27:15.000000000 +0100
-+++ stunnel-4.14/configure.ac	2006-01-24 13:28:56.000000000 +0100
-@@ -41,9 +41,9 @@
- 
+--- stunnel-4.16/configure.ac.orig	2006-08-19 20:28:14.000000000 +0000
++++ stunnel-4.16/configure.ac	2006-09-02 12:00:10.916071750 +0000
+@@ -91,8 +91,8 @@
  AC_MSG_NOTICE([**************************************** libraries])
  # Checks for standard libraries
--AC_CHECK_LIB(nsl, gethostbyname)
+ AC_SEARCH_LIBS(gethostbyname, nsl)
 -AC_CHECK_LIB(socket, socket)
 -AC_CHECK_LIB(util, openpty)
-+AC_SEARCH_LIBS(gethostbyname, nsl)
 +AC_SEARCH_LIBS(socket, socket)
 +AC_SEARCH_LIBS(openpty, util)
  # Checks for dynamic loader and zlib needed by OpenSSL
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/SOURCES/stunnel-config.patch?r1=1.3&r2=1.4&f=u
    http://cvs.pld-linux.org/SOURCES/stunnel-gethostbyname_is_in_libc_aka_no_libnsl.patch?r1=1.7&r2=1.8&f=u

More information about the pld-cvs-commit mailing list