SSL encryption wrapper for standard network daemons

1999-12-05 18:25:54 +00:00 · 1999-12-05 18:25:54 +00:00 · 55c1d659cf
commit 55c1d659cf
parent 763ad5dc89
11 changed files with 148 additions and 0 deletions
--- a/security/stunnel/Makefile
+++ b/security/stunnel/Makefile
@ -0,0 +1,20 @@
+# $OpenBSD: Makefile,v 1.1.1.1 1999/12/05 18:25:54 jakob Exp $
+
+DISTNAME=	stunnel-3.4a
+CATEGORIES=	security
+
+MAINTAINER=     jakob@openbsd.org
+
+MASTER_SITES=	http://opensores.thebunker.net/pub/mirrors/stunnel/ \
+		http://mike.daewoo.com.pl/computer/stunnel/ \
+		ftp://ftp.fu-berlin.de/unix/security/stunnel/ \
+		ftp://ftp.uni-freiburg.de/pub/net/stunnel/ \
+		ftp://ftp.all.de/pub2/unix/security/stunnel/
+
+GNU_CONFIGURE=	yes
+
+do-install:
+	${INSTALL_PROGRAM} ${WRKSRC}/stunnel ${PREFIX}/sbin
+	${INSTALL_MAN} ${WRKSRC}/stunnel.8 ${PREFIX}/man/man8
+
+.include <bsd.port.mk>
--- a/security/stunnel/files/md5
+++ b/security/stunnel/files/md5
@ -0,0 +1,3 @@
+MD5 (stunnel-3.4a.tar.gz) = 8bfd8ce5221999022fb9e927d46dca73
+RMD160 (stunnel-3.4a.tar.gz) = dbc07f0c2faa141923f73ff1325af121d56fee67
+SHA1 (stunnel-3.4a.tar.gz) = 8e6b2bacf45eb58d89b661cefa4b80722fd74093
--- a/security/stunnel/patches/patch-aa
+++ b/security/stunnel/patches/patch-aa
@ -0,0 +1,12 @@
+--- env.c.orig	Mon Sep  6 16:28:15 1999
+++ env.c	Mon Sep  6 16:29:01 1999
+@@ -20,7 +20,8 @@
+ 
+ /* getpeername can't be declarated in a normal way */
+ #define getpeername no_getpeername
+-#include <arpa/inet.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+ #include <netinet/in.h>
+ #include <stdlib.h>
+ #undef getpeername
--- a/security/stunnel/patches/patch-ab
+++ b/security/stunnel/patches/patch-ab
@ -0,0 +1,28 @@
+--- ssl.c.orig	Tue Jul 13 15:23:44 1999
+++ ssl.c	Fri Oct 15 23:57:41 1999
+@@ -52,13 +52,13 @@
+ #else /* USE_WIN32 */
+ 
+ /* directory for certificate */
+-#define CERT_DIR ssldir "/certs"
+#define CERT_DIR "/etc/ssl"
+ 
+ /* default certificate */
+-#define DEFAULT_CERT CERT_DIR "/stunnel.pem"
+#define DEFAULT_CERT CERT_DIR "/private/stunnel.pem"
+ 
+ /* additional directory (hashed!) with trusted CA client certs */
+-#define CA_DIR CERT_DIR "/mytrusted"
+#define CA_DIR CERT_DIR "/trusted"
+ 
+ /* certificate used for sign our client certs */
+ #define CLIENT_CA ssldir "/bin/demoCA/cacert.pem"
+@@ -202,7 +202,7 @@
+                 strerror(errno));
+             goto dh_failed;
+         }
+-        if(!(dh=PEM_read_bio_DHparams(bio, NULL, NULL))) {
+        if(!(dh=PEM_read_bio_DHparams(bio, NULL, NULL, NULL))) {
+             log(LOG_ERR, "Could not load DH parameters from %s",
+                 options.certfile);
+             goto dh_failed;
--- a/security/stunnel/patches/patch-ac
+++ b/security/stunnel/patches/patch-ac
@ -0,0 +1,19 @@
+--- stunnel.c.orig	Tue Jul 13 15:34:28 1999
+++ stunnel.c	Fri Oct 15 23:58:12 1999
+@@ -41,13 +41,13 @@
+ #else /* USE_WIN32 */
+ 
+ /* directory for certificate */
+-#define CERT_DIR ssldir "/certs"
+#define CERT_DIR "/etc/ssl"
+ 
+ /* default certificate */
+-#define DEFAULT_CERT CERT_DIR "/stunnel.pem"
+#define DEFAULT_CERT CERT_DIR "/private/stunnel.pem"
+ 
+ /* additional directory (hashed!) with trusted CA client certs */
+-#define CA_DIR CERT_DIR "/mytrusted"
+#define CA_DIR CERT_DIR "/trusted"
+ 
+ #endif /* USE_WIN32 */
+ 
--- a/security/stunnel/patches/patch-ad
+++ b/security/stunnel/patches/patch-ad
@ -0,0 +1,20 @@
+--- Makefile.in.orig	Mon Jul 12 19:36:10 1999
+++ Makefile.in	Sat Oct 16 00:00:05 1999
+@@ -8,7 +8,7 @@
+ libdir=@libdir@
+ mandir=@mandir@/man8
+ ssldir=@ssldir@
+-certdir=$(ssldir)/certs
+certdir=/etc/ssl
+ @SET_MAKE@
+ VERSION=stunnel-@VERSION@
+ CC=@CC@
+@@ -21,7 +21,7 @@
+ 
+ # standard external rules
+ 
+-all: stunnel stunnel.so
+all: stunnel
+ 
+ install: installdirs $(DESTFILES)
+ 
--- a/security/stunnel/patches/patch-ae
+++ b/security/stunnel/patches/patch-ae
@ -0,0 +1,30 @@
+--- stunnel.8.in.orig	Mon Jul 12 18:23:56 1999
+++ stunnel.8.in	Sat Oct 16 00:12:27 1999
+@@ -41,7 +41,7 @@
+ .B -p pemfile
+ certificate (*.pem) file name
+ .RS
+-default: @sslcnf@/certs/stunnel.pem for server mode,
+default: /etc/ssl/private/stunnel.pem for server mode,
+ none for client mode
+ .RE
+ .TP
+@@ -57,7 +57,7 @@
+ .B -a directory
+ client certificate directory for -v 3 option
+ .RS
+-default: @sslcnf@/certs/trusted
+default: /etc/ssl/trusted
+ .RE
+ .TP
+ .B -t timeout
+@@ -152,7 +152,8 @@
+ There are available SSL enabled versions of FTP and telnet daemons, however.
+ .SH SEE ALSO
+ .BR tcpd (8),
+-.BR inetd (8)
+.BR inetd (8),
+.BR ssl (8)
+ .TP
+ .BI http://mike.daewoo.com.pl/computer/stunnel
+ Stunnel home page
--- a/security/stunnel/pkg/COMMENT
+++ b/security/stunnel/pkg/COMMENT
@ -0,0 +1 @@
+SSL encryption wrapper for standard network daemons
--- a/security/stunnel/pkg/DESCR
+++ b/security/stunnel/pkg/DESCR
@ -0,0 +1,9 @@
+The stunnel program is designed to work  as  SSL  encryption
+wrapper between remote client and local (inetd-startable) or
+remote server. The concept is that having non-SSL aware dae-
+mons  running  on  your  system you can easily setup them to
+communicate with clients over secure SSL channel.
+
+stunnel can be used to add  SSL  functionality  to  commonly
+used  inetd  daemons  like  POP-2,  POP-3  and  IMAP servers
+without any changes in the programs' code.
--- a/security/stunnel/pkg/MESSAGE
+++ b/security/stunnel/pkg/MESSAGE
@ -0,0 +1,4 @@
+After stunnel is installed, you have to create a server certificate and
+put the result in /etc/ssl/private/stunnel.pem. For more information on
+how to create certificates, read ssl(8). For more information on stunnel,
+read stunnel(8).
--- a/security/stunnel/pkg/PLIST
+++ b/security/stunnel/pkg/PLIST
@ -0,0 +1,2 @@
+sbin/stunnel
+man/man8/stunnel.8
				`@ -0,0 +1 @@`
				`SSL encryption wrapper for standard network daemons`