From: areq Date: Sun, 24 Jul 2011 09:43:55 +0000 (+0000) Subject: - 4.40 X-Git-Tag: auto/th/stunnel-4_40-1 X-Git-Url: http://git.pld-linux.org/?p=packages%2Fstunnel.git;a=commitdiff_plain;h=cd684fa978ec2f87f3e32c9977b1635330f1398c - 4.40 Changed files: stunnel-config.patch -> 1.9 stunnel.spec -> 1.122 --- diff --git a/stunnel-config.patch b/stunnel-config.patch index 0fdbb76..60ad06b 100644 --- a/stunnel-config.patch +++ b/stunnel-config.patch @@ -1,30 +1,35 @@ -diff -ur stunnel-4.30/tools/stunnel.conf-sample.in stunnel-4.30.new/tools/stunnel.conf-sample.in ---- stunnel-4.30/tools/stunnel.conf-sample.in 2010-01-18 14:17:49.000000000 +0100 -+++ stunnel-4.30.new/tools/stunnel.conf-sample.in 2010-01-21 15:17:41.173740613 +0100 -@@ -5,16 +5,16 @@ - ; Certificate/key is needed in server mode and optional in client mode - ; The default certificate is provided only for testing and should not - ; be used in a production environment --cert = @prefix@/etc/stunnel/mail.pem --;key = @prefix@/etc/stunnel/mail.pem -+cert = /etc/stunnel/mail.pem -+;key = /etc/stunnel/mail.pem +--- stunnel-4.40/tools/stunnel.conf-sample.in.orig 2011-07-07 16:47:37.000000000 +0000 ++++ stunnel-4.40/tools/stunnel.conf-sample.in 2011-07-24 09:40:54.658924150 +0000 +@@ -8,13 +8,13 @@ - ; Security enhancements for UNIX systems - comment them out on Win32 - ; for chroot a copy of some devices and files is needed within the jail + ; A copy of some devices and system files is needed within the chroot jail + ; Chroot conflicts with configuration file reload and many other features -chroot = @prefix@/var/lib/stunnel/ ++;chroot = /var/lib/stunnel/ + ; Chroot jail can be escaped if setuid option is not used -setuid = nobody -setgid = @DEFAULT_GROUP@ -+;chroot = /var/lib/stunnel/ +setuid = stunnel +setgid = stunnel + ; PID is created inside the chroot jail -pid = /stunnel.pid +pid = /var/run/stunnel/stunnel.pid - ; Disable support for insecure SSLv2 protocol - options = NO_SSLv2 -@@ -29,12 +29,12 @@ + ; Debugging stuff (may useful for troubleshooting) + ;debug = 7 +@@ -25,8 +25,8 @@ + ; ***************************************************************************** + + ; Certificate/key is needed in server mode and optional in client mode +-cert = @prefix@/etc/stunnel/mail.pem +-;key = @prefix@/etc/stunnel/mail.pem ++cert = /etc/stunnel/mail.pem ++;key = /etc/stunnel/mail.pem + + ; Authentication stuff needs to be configured to prevent MITM attacks + ; It is not enabled by default! +@@ -35,12 +35,12 @@ ; CApath is located inside chroot jail ;CApath = /certs ; It's often easier to use CAfile @@ -37,11 +42,11 @@ diff -ur stunnel-4.30/tools/stunnel.conf-sample.in stunnel-4.30.new/tools/stunne -;CRLfile = @prefix@/etc/stunnel/crls.pem +CRLfile = /etc/stunnel/crls.pem - ; Debugging stuff (may useful for troubleshooting) - ;debug = 7 -@@ -49,17 +49,17 @@ - - ; service-level configuration + ; Disable support for insecure SSLv2 protocol + options = NO_SSLv2 +@@ -54,17 +54,17 @@ + ; * Service Definitions (remove all services for inetd mode) * + ; ***************************************************************************** -[pop3s] -accept = 995 diff --git a/stunnel.spec b/stunnel.spec index 6e74b25..3eef3a3 100644 --- a/stunnel.spec +++ b/stunnel.spec @@ -1,12 +1,12 @@ Summary: Universal SSL tunnel Summary(pl.UTF-8): Uniwersalne narzędzie do bezpiecznego tunelowania Name: stunnel -Version: 4.39 +Version: 4.40 Release: 1 License: GPL v2+ with OpenSSL exception Group: Networking/Daemons Source0: ftp://ftp.stunnel.org/stunnel/%{name}-%{version}.tar.gz -# Source0-md5: 853739119a8364daea750154af6d7e79 +# Source0-md5: 7606592f86610d3e0b1ab7c8cb2d3ec8 Source1: %{name}.init Source2: %{name}.sysconfig Source3: %{name}.inet