-diff -ur stunnel-4.30/tools/stunnel.conf-sample.in stunnel-4.30.new/tools/stunnel.conf-sample.in
---- stunnel-4.30/tools/stunnel.conf-sample.in 2010-01-18 14:17:49.000000000 +0100
-+++ stunnel-4.30.new/tools/stunnel.conf-sample.in 2010-01-21 15:17:41.173740613 +0100
-@@ -5,16 +5,16 @@
- ; Certificate/key is needed in server mode and optional in client mode
- ; The default certificate is provided only for testing and should not
- ; be used in a production environment
--cert = @prefix@/etc/stunnel/mail.pem
--;key = @prefix@/etc/stunnel/mail.pem
-+cert = /etc/stunnel/mail.pem
-+;key = /etc/stunnel/mail.pem
+--- stunnel-4.40/tools/stunnel.conf-sample.in.orig 2011-07-07 16:47:37.000000000 +0000
++++ stunnel-4.40/tools/stunnel.conf-sample.in 2011-07-24 09:40:54.658924150 +0000
+@@ -8,13 +8,13 @@
- ; Security enhancements for UNIX systems - comment them out on Win32
- ; for chroot a copy of some devices and files is needed within the jail
+ ; A copy of some devices and system files is needed within the chroot jail
+ ; Chroot conflicts with configuration file reload and many other features
-chroot = @prefix@/var/lib/stunnel/
++;chroot = /var/lib/stunnel/
+ ; Chroot jail can be escaped if setuid option is not used
-setuid = nobody
-setgid = @DEFAULT_GROUP@
-+;chroot = /var/lib/stunnel/
+setuid = stunnel
+setgid = stunnel
+
; PID is created inside the chroot jail
-pid = /stunnel.pid
+pid = /var/run/stunnel/stunnel.pid
- ; Disable support for insecure SSLv2 protocol
- options = NO_SSLv2
-@@ -29,12 +29,12 @@
+ ; Debugging stuff (may useful for troubleshooting)
+ ;debug = 7
+@@ -25,8 +25,8 @@
+ ; *****************************************************************************
+
+ ; Certificate/key is needed in server mode and optional in client mode
+-cert = @prefix@/etc/stunnel/mail.pem
+-;key = @prefix@/etc/stunnel/mail.pem
++cert = /etc/stunnel/mail.pem
++;key = /etc/stunnel/mail.pem
+
+ ; Authentication stuff needs to be configured to prevent MITM attacks
+ ; It is not enabled by default!
+@@ -35,12 +35,12 @@
; CApath is located inside chroot jail
;CApath = /certs
; It's often easier to use CAfile
-;CRLfile = @prefix@/etc/stunnel/crls.pem
+CRLfile = /etc/stunnel/crls.pem
- ; Debugging stuff (may useful for troubleshooting)
- ;debug = 7
-@@ -49,17 +49,17 @@
-
- ; service-level configuration
+ ; Disable support for insecure SSLv2 protocol
+ options = NO_SSLv2
+@@ -54,17 +54,17 @@
+ ; * Service Definitions (remove all services for inetd mode) *
+ ; *****************************************************************************
-[pop3s]
-accept = 995
Summary: Universal SSL tunnel
Summary(pl.UTF-8): Uniwersalne narzędzie do bezpiecznego tunelowania
Name: stunnel
-Version: 4.39
+Version: 4.40
Release: 1
License: GPL v2+ with OpenSSL exception
Group: Networking/Daemons
Source0: ftp://ftp.stunnel.org/stunnel/%{name}-%{version}.tar.gz
-# Source0-md5: 853739119a8364daea750154af6d7e79
+# Source0-md5: 7606592f86610d3e0b1ab7c8cb2d3ec8
Source1: %{name}.init
Source2: %{name}.sysconfig
Source3: %{name}.inet