Permalink
Browse files

Update to 4.54. Changelog:

New Win32 features
        FIPS module updated to version 2.0.
        OpenSSL DLLs updated to version 1.0.1c.
        zlib DLL updated to version 1.2.7.
        Engine DLLs added: 4758cca, aep, atalla, capi, chil, cswift, gmp, gost, nuron, padlock, sureware, ubsec.

Other new features
        "session" option renamed to more readable "sessionCacheTimeout". The old name remains accepted for backward compatibility.
        New service-level "sessionCacheSize" option to control session cache size.
        New service-level option "reset" to control whether TCP RST flag is used to indicate errors. The default value is "reset = yes".
        New service-level option "renegotiation" to disable SSL renegotiation. This feature is based on a public-domain patch by Janusz Dziemidowicz.
        New FreeBSD socket options: IP_FREEBIND, IP_BINDANY, IPV6_BINDANY (thx to Janusz Dziemidowicz).
        New parameters to configure TLS v1.1/v1.2 with OpenSSL version 1.0.1 or higher (thx to Henrik Riomar).

Bugfixes
        Fixed "Application Failed to Initialize Properly (0xc0150002)" error.
        Fixed missing SSL state debug log entries.
        Fixed a race condition in libwrap code resulting in random stalls (thx to Andrew Skalski).
        Session cache purged at configuration file reload to reduce memory leak. Remaining leak of a few kilobytes per section is yet to be fixed.
        Fixed regression bug in "transparent = destination" functionality (thx to Stefan Lauterbach). This bug was introduced in stunnel 4.51.
        "transparent = destination" is now a valid endpoint in inetd mode.
        "delay = yes" fixed to work even if specified *after* "connect" option.
        Multiple "connect" targets fixed to also work with delayed resolver.
        The number of resolver retries of EAI_AGAIN error has been limited to 3 in order to prevent infinite loops.

Fix some directory owner/group rights and take over maintainership as I
use it almost daily.
  • Loading branch information...
1 parent 4e66665 commit 00363c4902688ba9114864d32c5a5dbe79f2aef8 jym committed Jan 8, 2013
Showing with 14 additions and 14 deletions.
  1. +10 −10 security/stunnel/Makefile
  2. +4 −4 security/stunnel/distinfo
View
@@ -1,11 +1,11 @@
-# $NetBSD: Makefile,v 1.79 2012/10/23 18:17:00 asau Exp $
+# $NetBSD: Makefile,v 1.80 2013/01/08 23:45:39 jym Exp $
-DISTNAME= stunnel-4.53
+DISTNAME= stunnel-4.54
PKGREVISION= 1
CATEGORIES= security
MASTER_SITES= ftp://ftp.stunnel.org/stunnel/
-MAINTAINER= pkgsrc-users@NetBSD.org
+MAINTAINER= jym@NetBSD.org
HOMEPAGE= http://www.stunnel.org/
COMMENT= Universal SSL tunnel
LICENSE= gnu-gpl-v2
@@ -15,8 +15,6 @@ USE_LIBTOOL= yes
GNU_CONFIGURE= yes
CONFIGURE_ARGS+= --localstatedir=${VARBASE}
CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR}
-CONFIGURE_ARGS+= --with-cert-dir=${SSLCERTS:Q}
-CONFIGURE_ARGS+= --with-pem-dir=${SSLCERTS:Q}
CONFIGURE_ARGS+= --with-ssl=${SSLBASE:Q}
.include "../../mk/bsd.prefs.mk"
@@ -29,11 +27,12 @@ PKG_GROUPS= ${STUNNEL_GROUP}
USER_GROUP= ${STUNNEL_USER} ${STUNNEL_GROUP}
PKG_SYSCONFSUBDIR= stunnel
-PKG_SYSCONFDIR_PERMS= ${USER_GROUP} 0700
+PKG_SYSCONFDIR_PERMS= ${ROOT_USER} ${STUNNEL_GROUP} 0750
-OWN_DIRS_PERMS= ${PKG_HOME} ${USER_GROUP} 0700
-CONF_FILES_PERMS+= ${PREFIX}/share/examples/stunnel/stunnel.conf-sample \
- ${PKG_SYSCONFDIR}/stunnel.conf ${USER_GROUP} 0644
+OWN_DIRS= ${PKG_HOME}/certs ${PKG_HOME}/crls
+OWN_DIRS_PERMS= ${PKG_HOME}/pid ${USER_GROUP} 0750
+CONF_FILES+= ${PREFIX}/share/examples/stunnel/stunnel.conf-sample \
+ ${PKG_SYSCONFDIR}/stunnel.conf
RCD_SCRIPTS= stunnel
@@ -47,11 +46,12 @@ SUBST_FILES.chroot= tools/stunnel.conf-sample.in
SUBST_SED.chroot+= -e 's|@prefix@/var/lib|@localstatedir@/chroot|'
SUBST_CLASSES+= stunnel
-SUBST_MESSAGE.stunnel= Fix user and group
+SUBST_MESSAGE.stunnel= Fix user, group and pid
SUBST_STAGE.stunnel= post-configure
SUBST_FILES.stunnel= tools/stunnel.conf-sample
SUBST_SED.stunnel= -e 's|setuid = nobody|setuid = ${STUNNEL_USER}|'
SUBST_SED.stunnel+= -e 's|setgid = nogroup|setgid = ${STUNNEL_GROUP}|'
+SUBST_SED.stunnel+= -e 's|pid = /stunnel.pid|pid = /pid/stunnel.pid|'
.include "options.mk"
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.35 2012/04/16 16:55:21 ryoon Exp $
+$NetBSD: distinfo,v 1.36 2013/01/08 23:45:40 jym Exp $
-SHA1 (stunnel-4.53.tar.gz) = c167833c23fde388db697bd3edb4444aff0e449e
-RMD160 (stunnel-4.53.tar.gz) = 4c3fe3c7ca3d65e6f9ad21e330a48beb291d9e4b
-Size (stunnel-4.53.tar.gz) = 529720 bytes
+SHA1 (stunnel-4.54.tar.gz) = e9e6414c699e81b0bd029f5b6ae018bb5e320bbd
+RMD160 (stunnel-4.54.tar.gz) = c6889fda88f9987ba7a96476d29e7072668fa46d
+Size (stunnel-4.54.tar.gz) = 535202 bytes
SHA1 (patch-aa) = 0e57d4fa383dad7891795073d1f6b5075715b346
SHA1 (patch-ac) = 43521a88606981bc55dd94043d52b1a16f08e583

0 comments on commit 00363c4

Please sign in to comment.