openbsd-ports/security/stunnel/patches/patch-tools_stunnel_conf-sample_in

$OpenBSD: patch-tools_stunnel_conf-sample_in,v 1.2 2004/12/27 08:24:44 jakob Exp $
--- tools/stunnel.conf-sample.in.orig	Sat Nov  6 21:54:03 2004
+++ tools/stunnel.conf-sample.in	Mon Dec 27 09:14:36 2004
@@ -1,17 +1,18 @@
 ; Sample stunnel configuration file by Michal Trojnara 2002-2004
+# Modified for OpenBSD by Michael Schubert 2003
 ; Some options used here may not be adequate for your particular configuration
 ; Please make sure you understand them (especially the effect of chroot jail)
 
 ; Certificate/key is needed in server mode and optional in client mode
-cert = @prefix@/etc/stunnel/mail.pem
-;key = @prefix@/etc/stunnel/mail.pem
+cert = @sysconfdir@/ssl/private/stunnel.pem
+;key = @sysconfdir@/ssl/etc/mail.pem
 
 ; Some security enhancements for UNIX systems - comment them out on Win32
-chroot = @prefix@/var/stunnel/
-setuid = nobody
-setgid = nogroup
+chroot = /var/stunnel/
+setuid = _stunnel
+setgid = _stunnel
 ; PID is created inside chroot jail
-pid = /stunnel.pid
+pid = /var/run/stunnel.pid
 
 ; Some performance tunings
 socket = l:TCP_NODELAY=1
@@ -26,11 +27,11 @@ socket = r:TCP_NODELAY=1
 ; Don't forget to c_rehash CApath;  CApath is located inside chroot jail:
 ;CApath = /certs
 ; It's often easier to use CAfile:
-;CAfile = @prefix@/etc/stunnel/certs.pem
+;CAfile = @sysconfdir@/ssl/certs.pem
 ; Don't forget to c_rehash CRLpath;  CRLpath is located inside chroot jail:
 ;CRLpath = /crls
 ; Alternatively you can use CRLfile:
-;CRLfile = @prefix@/etc/stunnel/crls.pem
+;CRLfile = @sysconfdir@/ssl/crls.pem
 
 ; Some debugging stuff useful for troubleshooting
 ;debug = 7