packages: stunnel/stunnel-config.patch - updated to 4.38

adamg adamg at pld-linux.org
Sat Jul 2 01:32:34 CEST 2011 

Author: adamg                        Date: Fri Jul  1 23:32:34 2011 GMT
Module: packages                      Tag: HEAD
---- Log message:
- updated to 4.38

---- Files affected:
packages/stunnel:
   stunnel-config.patch (1.7 -> 1.8) 

---- Diffs:

================================================================
Index: packages/stunnel/stunnel-config.patch
diff -u packages/stunnel/stunnel-config.patch:1.7 packages/stunnel/stunnel-config.patch:1.8
--- packages/stunnel/stunnel-config.patch:1.7	Thu Jan 21 15:18:33 2010
+++ packages/stunnel/stunnel-config.patch	Sat Jul  2 01:32:29 2011
@@ -1,19 +1,16 @@
 diff -ur stunnel-4.30/tools/stunnel.conf-sample.in stunnel-4.30.new/tools/stunnel.conf-sample.in
 --- stunnel-4.30/tools/stunnel.conf-sample.in	2010-01-18 14:17:49.000000000 +0100
 +++ stunnel-4.30.new/tools/stunnel.conf-sample.in	2010-01-21 15:17:41.173740613 +0100
-@@ -4,19 +4,19 @@
- ; please read the manual and make sure you understand them
- 
- ; certificate/key is needed in server mode and optional in client mode
+@@ -5,16 +5,16 @@
+ ; Certificate/key is needed in server mode and optional in client mode
+ ; The default certificate is provided only for testing and should not
+ ; be used in a production environment
 -cert = @prefix@/etc/stunnel/mail.pem
 -;key = @prefix@/etc/stunnel/mail.pem
 +cert = /etc/stunnel/mail.pem
 +;key = /etc/stunnel/mail.pem
  
- ; protocol version (all, SSLv2, SSLv3, TLSv1)
- sslVersion = SSLv3
- 
- ; security enhancements for UNIX systems - comment them out on Win32
+ ; Security enhancements for UNIX systems - comment them out on Win32
  ; for chroot a copy of some devices and files is needed within the jail
 -chroot = @prefix@/var/lib/stunnel/
 -setuid = nobody
@@ -25,22 +22,22 @@
 -pid = /stunnel.pid
 +pid = /var/run/stunnel/stunnel.pid
  
- ; performance tunings
- socket = l:TCP_NODELAY=1
-@@ -33,12 +33,12 @@
+ ; Disable support for insecure SSLv2 protocol
+ options = NO_SSLv2
+@@ -29,12 +29,12 @@
  ; CApath is located inside chroot jail
  ;CApath = /certs
- ; it's often easier to use CAfile
+ ; It's often easier to use CAfile
 -;CAfile = @prefix@/etc/stunnel/certs.pem
 +CAfile = /etc/stunnel/certs.pem
- ; don't forget to c_rehash CRLpath
+ ; Don't forget to c_rehash CRLpath
  ; CRLpath is located inside chroot jail
  ;CRLpath = /crls
- ; alternatively CRLfile can be used
+ ; Alternatively CRLfile can be used
 -;CRLfile = @prefix@/etc/stunnel/crls.pem
 +CRLfile = /etc/stunnel/crls.pem
  
- ; debugging stuff (may useful for troubleshooting)
+ ; Debugging stuff (may useful for troubleshooting)
  ;debug = 7
 @@ -49,17 +49,17 @@
  
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/stunnel/stunnel-config.patch?r1=1.7&r2=1.8&f=u

More information about the pld-cvs-commit mailing list