1 --- stunnel-4.40/tools/stunnel.conf-sample.in.orig 2011-07-07 16:47:37.000000000 +0000
2 +++ stunnel-4.40/tools/stunnel.conf-sample.in 2011-07-24 09:40:54.658924150 +0000
5 ; A copy of some devices and system files is needed within the chroot jail
6 ; Chroot conflicts with configuration file reload and many other features
7 -chroot = @prefix@/var/lib/stunnel/
8 +;chroot = /var/lib/stunnel/
9 ; Chroot jail can be escaped if setuid option is not used
11 -setgid = @DEFAULT_GROUP@
15 ; PID is created inside the chroot jail
17 +pid = /var/run/stunnel/stunnel.pid
19 ; Debugging stuff (may useful for troubleshooting)
22 ; *****************************************************************************
24 ; Certificate/key is needed in server mode and optional in client mode
25 -cert = @prefix@/etc/stunnel/mail.pem
26 -;key = @prefix@/etc/stunnel/mail.pem
27 +cert = /etc/stunnel/mail.pem
28 +;key = /etc/stunnel/mail.pem
30 ; Authentication stuff needs to be configured to prevent MITM attacks
31 ; It is not enabled by default!
33 ; CApath is located inside chroot jail
35 ; It's often easier to use CAfile
36 -;CAfile = @prefix@/etc/stunnel/certs.pem
37 +CAfile = /etc/stunnel/certs.pem
38 ; Don't forget to c_rehash CRLpath
39 ; CRLpath is located inside chroot jail
41 ; Alternatively CRLfile can be used
42 -;CRLfile = @prefix@/etc/stunnel/crls.pem
43 +CRLfile = /etc/stunnel/crls.pem
45 ; Disable support for insecure SSLv2 protocol
48 ; * Service Definitions (remove all services for inetd mode) *
49 ; *****************************************************************************