[packages/stunnel.git] / stunnel-config.patch

--- stunnel-4.16/tools/stunnel.conf-sample.in.orig	2006-08-31 19:02:30.000000000 +0000
+++ stunnel-4.16/tools/stunnel.conf-sample.in	2006-09-02 12:08:51.776623500 +0000
@@ -3,18 +3,18 @@
 ; Please make sure you understand them (especially the effect of chroot jail)
 
 ; Certificate/key is needed in server mode and optional in client mode
-cert = @prefix@/etc/stunnel/mail.pem
-;key = @prefix@/etc/stunnel/mail.pem
+cert = /etc/stunnel/mail.pem
+;key = /etc/stunnel/mail.pem
 
 ; Protocol version (all, SSLv2, SSLv3, TLSv1)
 sslVersion = SSLv3
 
 ; Some security enhancements for UNIX systems - comment them out on Win32
-chroot = @prefix@/var/lib/stunnel/
-setuid = nobody
-setgid = @DEFAULT_GROUP@
+;chroot = /var/lib/stunnel/
+setuid = stunnel
+setgid = stunnel
 ; PID is created inside chroot jail
-pid = /stunnel.pid
+pid = /var/run/stunnel/stunnel.pid
 
 ; Some performance tunings
 socket = l:TCP_NODELAY=1
@@ -30,12 +30,12 @@
 ; CApath is located inside chroot jail
 ;CApath = /certs
 ; It's often easier to use CAfile
-;CAfile = @prefix@/etc/stunnel/certs.pem
+;CAfile = /etc/stunnel/certs.pem
 ; Don't forget to c_rehash CRLpath
 ; CRLpath is located inside chroot jail
 ;CRLpath = /crls
 ; Alternatively you can use CRLfile
-;CRLfile = @prefix@/etc/stunnel/crls.pem
+;CRLfile = /etc/stunnel/crls.pem
 
 ; Some debugging stuff useful for troubleshooting
 ;debug = 7
@@ -46,17 +46,17 @@
 
 ; Service-level configuration
 
-[pop3s]
-accept  = 995
-connect = 110
-
-[imaps]
-accept  = 993
-connect = 143
-
-[ssmtp]
-accept  = 465
-connect = 25
+;[pop3s]
+;accept  = 995
+;connect = 110
+
+;[imaps]
+;accept  = 993
+;connect = 143
+
+;[ssmtp]
+;accept  = 465
+;connect = 25
 
 ;[https]
 ;accept  = 443
Commit	Line	Data
806868e8	1	--- stunnel-4.16/tools/stunnel.conf-sample.in.orig 2006-08-31 19:02:30.000000000 +0000
	2	+++ stunnel-4.16/tools/stunnel.conf-sample.in 2006-09-02 12:08:51.776623500 +0000
	3	@@ -3,18 +3,18 @@
d5253945	4	; Please make sure you understand them (especially the effect of chroot jail)
a4ee43ea	5
d5253945	6	; Certificate/key is needed in server mode and optional in client mode
a4ee43ea	7	-cert = @prefix@/etc/stunnel/mail.pem
d5253945	8	-;key = @prefix@/etc/stunnel/mail.pem
7d65fc8d	9	+cert = /etc/stunnel/mail.pem
d5253945 AG	10	+;key = /etc/stunnel/mail.pem
d5253945 AG	11
806868e8	12	; Protocol version (all, SSLv2, SSLv3, TLSv1)
	13	sslVersion = SSLv3
	14
d5253945	15	; Some security enhancements for UNIX systems - comment them out on Win32
7d65fc8d	16	-chroot = @prefix@/var/lib/stunnel/
a4ee43ea	17	-setuid = nobody
806868e8	18	-setgid = @DEFAULT_GROUP@
806868e8	19	+;chroot = /var/lib/stunnel/
a4ee43ea	20	+setuid = stunnel
a4ee43ea	21	+setgid = stunnel
d5253945 AG	22	; PID is created inside chroot jail
	23	-pid = /stunnel.pid
	24	+pid = /var/run/stunnel/stunnel.pid
a4ee43ea	25
d5253945 AG	26	; Some performance tunings
d5253945 AG	27	socket = l:TCP_NODELAY=1
806868e8	28	@@ -30,12 +30,12 @@
	29	; CApath is located inside chroot jail
	30	;CApath = /certs
	31	; It's often easier to use CAfile
	32	-;CAfile = @prefix@/etc/stunnel/certs.pem
	33	+;CAfile = /etc/stunnel/certs.pem
	34	; Don't forget to c_rehash CRLpath
	35	; CRLpath is located inside chroot jail
	36	;CRLpath = /crls
	37	; Alternatively you can use CRLfile
	38	-;CRLfile = @prefix@/etc/stunnel/crls.pem
	39	+;CRLfile = /etc/stunnel/crls.pem
	40
	41	; Some debugging stuff useful for troubleshooting
	42	;debug = 7
	43	@@ -46,17 +46,17 @@
a4ee43ea	44
d5253945	45	; Service-level configuration
a4ee43ea	46
	47	-[pop3s]
	48	-accept = 995
	49	-connect = 110
	50	-
	51	-[imaps]
	52	-accept = 993
	53	-connect = 143
	54	-
	55	-[ssmtp]
	56	-accept = 465
	57	-connect = 25
d5253945 AG	58	+;[pop3s]
	59	+;accept = 995
	60	+;connect = 110
a4ee43ea	61	+
d5253945 AG	62	+;[imaps]
	63	+;accept = 993
	64	+;connect = 143
a4ee43ea	65	+
d5253945 AG	66	+;[ssmtp]
	67	+;accept = 465
	68	+;connect = 25
a4ee43ea	69
d5253945 AG	70	;[https]
d5253945 AG	71	;accept = 443