2004-09-09 12:45:42 +00:00
|
|
|
Summary: An SSL-encrypting socket wrapper.
|
2004-09-09 12:45:04 +00:00
|
|
|
Name: stunnel
|
2004-09-09 12:45:50 +00:00
|
|
|
Version: 3.22
|
2004-09-09 12:47:57 +00:00
|
|
|
Release: 5.8.0
|
2004-09-09 12:45:42 +00:00
|
|
|
License: GPL
|
2004-09-09 12:45:04 +00:00
|
|
|
Group: Applications/Internet
|
2004-09-09 12:45:15 +00:00
|
|
|
URL: http://stunnel.mirt.net/
|
|
|
|
|
Source0: ftp://stunnel.mirt.net/stunnel/stunnel-%{version}.tar.gz
|
2004-09-09 12:47:57 +00:00
|
|
|
Source1: ftp://stunnel.mirt.net/stunnel/stunnel-%{version}.tar.gz.asc
|
|
|
|
|
Source2: stunnel.cnf
|
|
|
|
|
Source3: Certificate-Creation
|
|
|
|
|
Source4: sfinger.xinetd
|
|
|
|
|
Source5: pop3-redirect.xinetd
|
2004-09-09 12:45:50 +00:00
|
|
|
Patch0: stunnel-3.20-authpriv.patch
|
2004-09-09 12:47:57 +00:00
|
|
|
Patch1: stunnel-3.22-sigchld.patch
|
|
|
|
|
Patch2: stunnel-3.22-static-libwrap.patch
|
2004-09-09 12:45:04 +00:00
|
|
|
Buildroot: %{_tmppath}/stunnel-root
|
2004-09-09 12:45:42 +00:00
|
|
|
BuildPrereq: openssl-devel, perl, textutils, fileutils, /usr/share/dict/words, tcp_wrappers
|
|
|
|
|
Prereq: textutils, fileutils, /bin/mktemp, /sbin/ldconfig, /usr/share/dict/words, /bin/hostname, /usr/bin/id, /usr/bin/getent
|
2004-09-09 12:45:21 +00:00
|
|
|
Requires: make
|
2004-09-09 12:45:04 +00:00
|
|
|
|
|
|
|
|
%description
|
2004-09-09 12:45:42 +00:00
|
|
|
Stunnel is a socket wrapper which can provide SSL (Secure Sockets
|
|
|
|
|
Layer) support to ordinary applications. For example, it can be used
|
|
|
|
|
in conjunction with imapd to create an SSL secure IMAP server.
|
2004-09-09 12:45:04 +00:00
|
|
|
|
|
|
|
|
%prep
|
|
|
|
|
%setup -q
|
2004-09-09 12:47:57 +00:00
|
|
|
%patch0 -p1 -b .authpriv
|
|
|
|
|
%patch1 -p1 -b .sigchld
|
|
|
|
|
%patch2 -p1 -b .static-libwrap
|
2004-09-09 12:45:04 +00:00
|
|
|
|
|
|
|
|
%build
|
2004-09-09 12:47:57 +00:00
|
|
|
if pkg-config openssl ; then
|
|
|
|
|
CPPFLAGS=`pkg-config --cflags-only-I openssl`; export CPPFLAGS
|
|
|
|
|
CFLAGS=`pkg-config --cflags openssl`; export CFLAGS
|
|
|
|
|
CFLAGS="$CFLAGS $RPM_OPT_FLAGS"
|
|
|
|
|
LDFLAGS=`pkg-config --libs-only-L openssl`; export LDFLAGS
|
|
|
|
|
fi
|
2004-09-09 12:45:15 +00:00
|
|
|
%configure \
|
|
|
|
|
--with-ssl=%{_prefix} \
|
|
|
|
|
--with-pem-dir=%{_datadir}/ssl/certs \
|
2004-09-09 12:45:42 +00:00
|
|
|
--with-cert-file=%{_datadir}/ssl/cert.pem \
|
2004-09-09 12:45:50 +00:00
|
|
|
--with-cert-dir=%{_datadir}/ssl/trusted \
|
2004-09-09 12:45:42 +00:00
|
|
|
--with-tcp-wrappers
|
2004-09-09 12:45:04 +00:00
|
|
|
|
2004-09-09 12:47:57 +00:00
|
|
|
# We have to create a certificate before the makefile asks us to do so.
|
2004-09-09 12:45:04 +00:00
|
|
|
rm -f stunnel.pem stunnel.pem.1 stunnel.pem.2
|
|
|
|
|
(echo US
|
|
|
|
|
echo .
|
|
|
|
|
echo .
|
|
|
|
|
echo .
|
|
|
|
|
echo .
|
|
|
|
|
echo .
|
|
|
|
|
echo .
|
|
|
|
|
echo .) | openssl req -newkey rsa:1024 -nodes -keyout stunnel.pem.1 -x509 -days 365 -out stunnel.pem.2
|
|
|
|
|
cat stunnel.pem.1 > stunnel.pem
|
|
|
|
|
echo "" >> stunnel.pem
|
|
|
|
|
cat stunnel.pem.2 >> stunnel.pem
|
2004-09-09 12:45:15 +00:00
|
|
|
make piddir=/var/run/
|
2004-09-09 12:45:04 +00:00
|
|
|
|
|
|
|
|
%install
|
|
|
|
|
rm -rf $RPM_BUILD_ROOT
|
|
|
|
|
%{makeinstall} \
|
|
|
|
|
ssldir=$RPM_BUILD_ROOT/%{_datadir}/ssl \
|
|
|
|
|
man8dir=$RPM_BUILD_ROOT%{_mandir}/man8 \
|
2004-09-09 12:45:15 +00:00
|
|
|
piddir=$RPM_BUILD_ROOT/%{_var}/run \
|
|
|
|
|
PEM_DIR=$RPM_BUILD_ROOT/%{_datadir}/ssl/certs
|
2004-09-09 12:45:50 +00:00
|
|
|
install -m755 stunnel $RPM_BUILD_ROOT/%{_sbindir}/
|
2004-09-09 12:45:15 +00:00
|
|
|
install -m644 stunnel.cnf $RPM_BUILD_ROOT/%{_datadir}/ssl
|
2004-09-09 12:45:04 +00:00
|
|
|
|
|
|
|
|
%post -p /sbin/ldconfig
|
|
|
|
|
|
|
|
|
|
%postun -p /sbin/ldconfig
|
|
|
|
|
|
|
|
|
|
%clean
|
|
|
|
|
rm -rf $RPM_BUILD_ROOT
|
|
|
|
|
|
|
|
|
|
%files
|
|
|
|
|
%defattr(-,root,root)
|
2004-09-09 12:45:50 +00:00
|
|
|
%doc BUGS COPY* CREDITS FAQ HISTORY PORTS README TODO *.html
|
2004-09-09 12:45:15 +00:00
|
|
|
%doc $RPM_SOURCE_DIR/Certificate-Creation
|
|
|
|
|
%doc $RPM_SOURCE_DIR/sfinger.xinetd $RPM_SOURCE_DIR/pop3-redirect.xinetd
|
2004-09-09 12:45:50 +00:00
|
|
|
%lang(en) %doc doc/english/*
|
|
|
|
|
%lang(po) %doc doc/polish/*
|
2004-09-09 12:45:04 +00:00
|
|
|
%ghost %config(noreplace,missingok) %{_datadir}/ssl/certs/stunnel.pem
|
|
|
|
|
%{_libdir}/stunnel.so*
|
|
|
|
|
%{_mandir}/man8/stunnel.8*
|
|
|
|
|
%{_sbindir}/stunnel
|
|
|
|
|
|
|
|
|
|
%changelog
|
2004-09-09 12:47:57 +00:00
|
|
|
* Thu Jul 10 2003 Nalin Dahyabhai <nalin@redhat.com> 3.22-5.8.0
|
|
|
|
|
- rebuild
|
|
|
|
|
|
|
|
|
|
* Thu Jul 10 2003 Nalin Dahyabhai <nalin@redhat.com> 3.22-5.7.3
|
|
|
|
|
- rebuild
|
|
|
|
|
|
|
|
|
|
* Thu Jul 10 2003 Nalin Dahyabhai <nalin@redhat.com> 3.22-5.7.1
|
|
|
|
|
- remove descriptor-closing patch
|
|
|
|
|
|
|
|
|
|
* Fri Apr 11 2003 Nalin Dahyabhai <nalin@redhat.com> 3.22-4.8.0
|
|
|
|
|
- rebuild
|
|
|
|
|
|
|
|
|
|
* Fri Apr 11 2003 Nalin Dahyabhai <nalin@redhat.com> 3.22-4.7.3
|
|
|
|
|
- rebuild
|
|
|
|
|
|
|
|
|
|
* Fri Apr 11 2003 Nalin Dahyabhai <nalin@redhat.com> 3.22-4.7.1
|
|
|
|
|
- force static linking with libwrap
|
|
|
|
|
|
|
|
|
|
* Thu Apr 10 2003 Nalin Dahyabhai <nalin@redhat.com>
|
|
|
|
|
- don't leak descriptors to local programs
|
|
|
|
|
- add detached signature from upstream
|
|
|
|
|
|
|
|
|
|
* Wed Mar 26 2003 Nalin Dahyabhai <nalin@redhat.com>
|
|
|
|
|
- move potentially-unsafe code out of the sigchld handler
|
|
|
|
|
|
2004-09-09 12:47:20 +00:00
|
|
|
* Fri Jun 21 2002 Tim Powers <timp@redhat.com>
|
|
|
|
|
- automated rebuild
|
|
|
|
|
|
2004-09-09 12:46:46 +00:00
|
|
|
* Sun May 26 2002 Tim Powers <timp@redhat.com>
|
|
|
|
|
- automated rebuild
|
|
|
|
|
|
|
|
|
|
* Fri May 17 2002 Nalin Dahyabhai <nalin@redhat.com> 3.22-2
|
|
|
|
|
- rebuild in new environment
|
|
|
|
|
|
2004-09-09 12:45:50 +00:00
|
|
|
* Wed Jan 2 2002 Nalin Dahyabhai <nalin@redhat.com> 3.22-1
|
|
|
|
|
- update to 3.22, correcting a format-string vulnerability
|
|
|
|
|
|
|
|
|
|
* Wed Oct 31 2001 Nalin Dahyabhai <nalin@redhat.com> 3.21a-1
|
|
|
|
|
- update to 3.21a
|
|
|
|
|
|
|
|
|
|
* Tue Aug 28 2001 Nalin Dahyabhai <nalin@redhat.com> 3.20-1
|
|
|
|
|
- log using LOG_AUTHPRIV facility by default (#47289)
|
|
|
|
|
- make permissions on stunnel binary 0755
|
|
|
|
|
- implicitly trust certificates in %%{_datadir}/ssl/trusted (#24034)
|
|
|
|
|
|
|
|
|
|
* Fri Aug 10 2001 Nalin Dahyabhai <nalin@redhat.com> 3.19-1
|
2004-09-09 12:45:46 +00:00
|
|
|
- update to 3.19 to avoid problems with stunnel being multithreaded, but
|
|
|
|
|
tcp wrappers not being thrad-safe
|
|
|
|
|
|
2004-09-09 12:45:42 +00:00
|
|
|
* Mon Jul 30 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
|
|
|
- update to 3.17
|
|
|
|
|
|
|
|
|
|
* Mon Jul 23 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
|
|
|
- update to 3.16
|
|
|
|
|
|
|
|
|
|
* Mon Jul 16 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
|
|
|
- update to 3.15
|
|
|
|
|
- enable tcp-wrappers support
|
|
|
|
|
|
|
|
|
|
* Tue May 29 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
|
|
|
- remove explicit requirement on openssl (specific version isn't enough,
|
|
|
|
|
we have to depend on shared library version anyway)
|
|
|
|
|
|
|
|
|
|
* Fri Apr 27 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
|
|
|
- update to 3.14
|
|
|
|
|
|
2004-09-09 12:45:21 +00:00
|
|
|
* Mon Mar 26 2001 Preston Brown <pbrown@redhat.com>
|
|
|
|
|
- depend on make (#33148)
|
|
|
|
|
|
|
|
|
|
* Fri Mar 2 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
|
|
|
- rebuild in new environment
|
|
|
|
|
|
|
|
|
|
* Tue Feb 6 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
|
|
|
- update to 3.13 to get pthread, OOB, 64-bit fixes
|
|
|
|
|
- don't need sdf any more
|
|
|
|
|
|
|
|
|
|
* Thu Dec 28 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
|
|
|
- pull in sdf to build the man page (#22892)
|
|
|
|
|
|
|
|
|
|
* Fri Dec 22 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
|
|
|
- update to 3.11
|
|
|
|
|
- chuck the SIGHUP patch (went upstream)
|
|
|
|
|
- chuck parts of the 64-bit clean patch (went upstream)
|
|
|
|
|
|
2004-09-09 12:45:15 +00:00
|
|
|
* Thu Dec 21 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
|
|
|
- update to 3.10
|
|
|
|
|
- more 64-bit clean changes, hopefully the last bunch
|
|
|
|
|
|
|
|
|
|
* Wed Dec 20 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
|
|
|
- change piddir from the default /var/stunnel to /var/run
|
|
|
|
|
- clean out pid file on SIGHUP
|
|
|
|
|
|
|
|
|
|
* Fri Dec 15 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
|
|
|
- update to 3.9 to get a security fix
|
|
|
|
|
|
|
|
|
|
* Wed Oct 25 2000 Matt Wilson <msw@redhat.com>
|
|
|
|
|
- change all unsigned longs to u_int32_t when dealing with network
|
|
|
|
|
addresses
|
|
|
|
|
|
2004-09-09 12:45:04 +00:00
|
|
|
* Fri Aug 18 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
|
|
|
- make stunnel.pem also be (missingok)
|
|
|
|
|
|
|
|
|
|
* Thu Jun 29 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
|
|
|
- move to Applications/Internet group
|
|
|
|
|
- clean up %post script
|
|
|
|
|
- make stunnel.pem %ghost %config(noreplace)
|
|
|
|
|
- provide a sample file for use with xinetd
|
|
|
|
|
|
|
|
|
|
* Thu Jun 8 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
|
|
|
- FHS compliance fixes
|
|
|
|
|
- modify defaults
|
|
|
|
|
|
|
|
|
|
* Tue Mar 14 2000 Florian La Roche <Florian.LaRoche@redhat.com>
|
|
|
|
|
- update to 3.8
|
|
|
|
|
- do not create certificate if one already exists
|
|
|
|
|
|
|
|
|
|
* Mon Feb 21 2000 Florian La Roche <Florian.LaRoche@redhat.com>
|
|
|
|
|
- update to 3.7
|
|
|
|
|
- add patch to find /usr/share/ssl
|
|
|
|
|
- change some perms
|
|
|
|
|
|
|
|
|
|
* Sat Oct 30 1999 Bernhard Rosenkraenzer <bero@redhat.com>
|
|
|
|
|
- Modify spec file to match Red Hat standards
|
|
|
|
|
|
|
|
|
|
* Fri Aug 12 1999 Damien Miller <damien@ibs.com.au>
|
|
|
|
|
- Updated to 3.4a
|
|
|
|
|
- Patched for OpenSSL 0.9.4
|
|
|
|
|
- Cleaned up files section
|
|
|
|
|
|
|
|
|
|
* Sun Jul 11 1999 Damien Miller <dmiller@ilogic.com.au>
|
|
|
|
|
- Updated to 3.3
|
|
|
|
|
|
|
|
|
|
* Sat Nov 28 1998 Damien Miller <dmiller@ilogic.com.au>
|
|
|
|
|
- Initial RPMification
|
