stunnel v4.18

This commit is contained in:
jakob 2006-09-27 15:30:10 +00:00
parent 987d7d5ff1
commit 36da4179bd
6 changed files with 30 additions and 27 deletions

View File

@ -1,10 +1,10 @@
# $OpenBSD: Makefile,v 1.43 2006/08/09 18:44:08 sturm Exp $
# $OpenBSD: Makefile,v 1.44 2006/09/27 15:30:10 jakob Exp $
COMMENT= "SSL encryption wrapper for standard network daemons"
VERSION= 4.15
VERSION= 4.18
DISTNAME= stunnel-${VERSION}
PKGNAME= ${DISTNAME}p1
PKGNAME= ${DISTNAME}
CATEGORIES= security
MAINTAINER= Jakob Schlyter <jakob@openbsd.org>

View File

@ -1,4 +1,4 @@
MD5 (stunnel-4.15.tar.gz) = 2c00153ad099a5f9c5609e8d1dbbe470
RMD160 (stunnel-4.15.tar.gz) = a8d5c9d3fb24d0518975cbb347729f5eba3d3f12
SHA1 (stunnel-4.15.tar.gz) = 735406c1ca94904581158a434214e1f6568539d0
SIZE (stunnel-4.15.tar.gz) = 497103
MD5 (stunnel-4.18.tar.gz) = 08f6120c8f2ff55089abc7df9c63455d
RMD160 (stunnel-4.18.tar.gz) = b234e840e2ed97118fb7d83a414fe280684d744f
SHA1 (stunnel-4.18.tar.gz) = 3ed3eaefae91d80fcfcbb29dd285d0f773756397
SIZE (stunnel-4.18.tar.gz) = 507170

View File

@ -1,7 +1,7 @@
$OpenBSD: patch-Makefile_in,v 1.3 2006/03/23 15:49:53 jakob Exp $
--- Makefile.in.orig Mon Mar 6 21:52:41 2006
+++ Makefile.in Thu Mar 23 16:38:57 2006
@@ -179,7 +179,7 @@ sharedstatedir = @sharedstatedir@
$OpenBSD: patch-Makefile_in,v 1.4 2006/09/27 15:30:11 jakob Exp $
--- Makefile.in.orig Tue Sep 26 08:56:43 2006
+++ Makefile.in Wed Sep 27 16:37:40 2006
@@ -180,7 +180,7 @@ sharedstatedir = @sharedstatedir@
ssldir = @ssldir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@

View File

@ -1,12 +1,12 @@
--- src/stunnel.c.orig Fri Mar 10 22:22:06 2006
+++ src/stunnel.c Thu Mar 23 16:29:20 2006
@@ -153,8 +153,8 @@ static void daemon_loop(void) {
#if !defined (USE_WIN32) && !defined (__vms)
--- src/stunnel.c.orig Tue Sep 26 10:03:59 2006
+++ src/stunnel.c Wed Sep 27 16:37:40 2006
@@ -150,8 +150,8 @@ static void daemon_loop(void) {
#if !defined (USE_WIN32) && !defined (__vms) && !defined(USE_OS2)
if(!(options.option.foreground))
daemonize();
- drop_privileges();
create_pid();
+ drop_privileges();
#endif /* !defined USE_WIN32 && !defined (__vms) */
/* create exec+connect services */
for(opt=local_options.next; opt; opt=opt->next) {

View File

@ -1,7 +1,7 @@
$OpenBSD: patch-tools_Makefile_in,v 1.4 2006/03/23 15:49:53 jakob Exp $
--- tools/Makefile.in.orig Mon Mar 6 22:02:39 2006
+++ tools/Makefile.in Thu Mar 23 16:29:20 2006
@@ -167,7 +167,7 @@ examplesdir = $(docdir)/examples
$OpenBSD: patch-tools_Makefile_in,v 1.5 2006/09/27 15:30:11 jakob Exp $
--- tools/Makefile.in.orig Tue Sep 26 08:56:43 2006
+++ tools/Makefile.in Wed Sep 27 16:37:40 2006
@@ -168,7 +168,7 @@ examplesdir = $(docdir)/examples
examples_DATA = ca.html ca.pl importCA.html importCA.sh script.sh \
stunnel.spec stunnel.init

View File

@ -1,6 +1,6 @@
--- tools/stunnel.conf-sample.in.orig Sat Jan 7 14:58:50 2006
+++ tools/stunnel.conf-sample.in Thu Mar 23 16:43:58 2006
@@ -3,15 +3,15 @@
--- tools/stunnel.conf-sample.in.orig Thu Aug 31 21:02:30 2006
+++ tools/stunnel.conf-sample.in Wed Sep 27 16:40:43 2006
@@ -3,18 +3,17 @@
; Please make sure you understand them (especially the effect of chroot jail)
; Certificate/key is needed in server mode and optional in client mode
@ -9,20 +9,23 @@
+cert = @sysconfdir@/ssl/private/stunnel.pem
+;key = @sysconfdir@/ssl/private/stunnel.key
; Protocol version (all, SSLv2, SSLv3, TLSv1)
sslVersion = SSLv3
; Some security enhancements for UNIX systems - comment them out on Win32
-chroot = @prefix@/var/lib/stunnel/
-setuid = nobody
-setgid = nogroup
-setgid = @DEFAULT_GROUP@
-; PID is created inside chroot jail
-pid = /stunnel.pid
+chroot = /var/stunnel/
+setuid = _stunnel
+setgid = _stunnel
; PID is created inside chroot jail
-pid = /stunnel.pid
+pid = /var/run/stunnel.pid
; Some performance tunings
socket = l:TCP_NODELAY=1
@@ -27,12 +27,12 @@ socket = r:TCP_NODELAY=1
@@ -30,12 +29,12 @@ socket = r:TCP_NODELAY=1
; CApath is located inside chroot jail
;CApath = /certs
; It's often easier to use CAfile