From 975866d70940062e5839b952b7829ac9402f7704 Mon Sep 17 00:00:00 2001 From: Avesh Agarwal Date: Mon, 1 Aug 2011 18:02:19 -0400 Subject: [PATCH] New upstream realease 4.41 Updated local patches to match the new release --- .gitignore | 3 +++ sources | 6 +++--- stunnel-4-authpriv.patch | 30 +++++++++++++++--------------- stunnel-4-sample.patch | 38 +++++++++++++++++++++----------------- stunnel.spec | 6 +++++- 5 files changed, 47 insertions(+), 36 deletions(-) diff --git a/.gitignore b/.gitignore index d867105..7a2f8ef 100644 --- a/.gitignore +++ b/.gitignore @@ -7,3 +7,6 @@ stunnel-4.33.tar.gz.asc /stunnel-4.37.tar.gz /stunnel-4.37.tar.gz.asc /stunnel-4.37.tar.gz.sha256 +/stunnel-4.41.tar.gz +/stunnel-4.41.tar.gz.asc +/stunnel-4.41.tar.gz.sha256 diff --git a/sources b/sources index 6fa960a..b1e0823 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -8d4e2cefbef6638da95986a3d44c1b4a stunnel-4.37.tar.gz -b56c2f649e51e9aafa185efc5074aca5 stunnel-4.37.tar.gz.asc -b7d8cc0a8b8a5ec3b648c1cbcfc75eca stunnel-4.37.tar.gz.sha256 +1ce3c7c491cabbda713af6ed6caf13f0 stunnel-4.41.tar.gz +4920e0eb2c3ac515e1adfa52283894dc stunnel-4.41.tar.gz.asc +a22cb3e1657f50eeed951b3e96273697 stunnel-4.41.tar.gz.sha256 diff --git a/stunnel-4-authpriv.patch b/stunnel-4-authpriv.patch index 1773f8f..684b95f 100644 --- a/stunnel-4-authpriv.patch +++ b/stunnel-4-authpriv.patch @@ -1,7 +1,7 @@ -diff -urNp stunnel-4.37/doc/stunnel.8 stunnel-4.37-cvs-patched/doc/stunnel.8 ---- stunnel-4.37/doc/stunnel.8 2011-04-27 17:02:40.000000000 -0400 -+++ stunnel-4.37-cvs-patched/doc/stunnel.8 2011-06-28 12:51:26.382324071 -0400 -@@ -165,7 +165,7 @@ info (6), or debug (7). All logs for th +diff -urNp stunnel-4.41/doc/stunnel.8 stunnel-4.41-cvs-patched/doc/stunnel.8 +--- stunnel-4.41/doc/stunnel.8 2011-07-23 14:48:00.000000000 -0400 ++++ stunnel-4.41-cvs-patched/doc/stunnel.8 2011-08-01 17:49:25.568689794 -0400 +@@ -168,7 +168,7 @@ info (6), or debug (7). All logs for th all levels numerically less than it will be shown. Use \fIdebug = debug\fR or \&\fIdebug = 7\fR for greatest debugging output. The default is notice (5). .Sp @@ -10,10 +10,10 @@ diff -urNp stunnel-4.37/doc/stunnel.8 stunnel-4.37-cvs-patched/doc/stunnel.8 (Facilities are not supported on Win32.) .Sp Case is ignored for both facilities and levels. -diff -urNp stunnel-4.37/doc/stunnel.html stunnel-4.37-cvs-patched/doc/stunnel.html ---- stunnel-4.37/doc/stunnel.html 2011-04-27 17:02:42.000000000 -0400 -+++ stunnel-4.37-cvs-patched/doc/stunnel.html 2011-06-28 12:53:04.719417049 -0400 -@@ -190,7 +190,7 @@ emerg (0), alert (1), crit (2), err (3), +diff -urNp stunnel-4.41/doc/stunnel.html stunnel-4.41-cvs-patched/doc/stunnel.html +--- stunnel-4.41/doc/stunnel.html 2011-07-23 14:48:03.000000000 -0400 ++++ stunnel-4.41-cvs-patched/doc/stunnel.html 2011-08-01 17:49:41.002542620 -0400 +@@ -195,7 +195,7 @@ emerg (0), alert (1), crit (2), err (3), info (6), or debug (7). All logs for the specified level and all levels numerically less than it will be shown. Use debug = debug or debug = 7 for greatest debugging output. The default is notice (5).

@@ -22,10 +22,10 @@ diff -urNp stunnel-4.37/doc/stunnel.html stunnel-4.37-cvs-patched/doc/stunnel.ht (Facilities are not supported on Win32.)

Case is ignored for both facilities and levels.

-diff -urNp stunnel-4.37/doc/stunnel.pod stunnel-4.37-cvs-patched/doc/stunnel.pod ---- stunnel-4.37/doc/stunnel.pod 2011-04-27 16:58:39.000000000 -0400 -+++ stunnel-4.37-cvs-patched/doc/stunnel.pod 2011-06-28 12:53:19.461280748 -0400 -@@ -132,7 +132,7 @@ info (6), or debug (7). All logs for th +diff -urNp stunnel-4.41/doc/stunnel.pod stunnel-4.41-cvs-patched/doc/stunnel.pod +--- stunnel-4.41/doc/stunnel.pod 2011-07-23 14:47:52.000000000 -0400 ++++ stunnel-4.41-cvs-patched/doc/stunnel.pod 2011-08-01 17:50:00.238359179 -0400 +@@ -136,7 +136,7 @@ info (6), or debug (7). All logs for th all levels numerically less than it will be shown. Use I or I for greatest debugging output. The default is notice (5). @@ -34,9 +34,9 @@ diff -urNp stunnel-4.37/doc/stunnel.pod stunnel-4.37-cvs-patched/doc/stunnel.pod (Facilities are not supported on Win32.) Case is ignored for both facilities and levels. -diff -urNp stunnel-4.37/src/options.c stunnel-4.37-cvs-patched/src/options.c ---- stunnel-4.37/src/options.c 2011-06-17 06:25:01.000000000 -0400 -+++ stunnel-4.37-cvs-patched/src/options.c 2011-06-28 12:54:18.351744191 -0400 +diff -urNp stunnel-4.41/src/options.c stunnel-4.41-cvs-patched/src/options.c +--- stunnel-4.41/src/options.c 2011-07-23 16:48:18.000000000 -0400 ++++ stunnel-4.41-cvs-patched/src/options.c 2011-08-01 17:50:20.884162301 -0400 @@ -140,8 +140,12 @@ static char *parse_global_option(CMD cmd case CMD_INIT: new_global_options.debug_level=LOG_NOTICE; diff --git a/stunnel-4-sample.patch b/stunnel-4-sample.patch index f456056..efadb2c 100644 --- a/stunnel-4-sample.patch +++ b/stunnel-4-sample.patch @@ -1,23 +1,27 @@ -diff -urNp stunnel-4.37/tools/stunnel.conf-sample.in stunnel-4.37-cvs-patched/tools/stunnel.conf-sample.in ---- stunnel-4.37/tools/stunnel.conf-sample.in 2011-06-04 14:46:00.000000000 -0400 -+++ stunnel-4.37-cvs-patched/tools/stunnel.conf-sample.in 2011-06-28 12:57:17.387114066 -0400 -@@ -5,12 +5,12 @@ - ; Certificate/key is needed in server mode and optional in client mode - ; The default certificate is provided only for testing and should not - ; be used in a production environment --cert = @prefix@/etc/stunnel/mail.pem --;key = @prefix@/etc/stunnel/mail.pem -+cert = @sysconfdir@/stunnel/mail.crt -+;key = @sysconfdir@/stunnel/mail.key +diff -urNp stunnel-4.41/tools/stunnel.conf-sample.in stunnel-4.41-cvs-patched/tools/stunnel.conf-sample.in +--- stunnel-4.41/tools/stunnel.conf-sample.in 2011-07-24 01:51:56.000000000 -0400 ++++ stunnel-4.41-cvs-patched/tools/stunnel.conf-sample.in 2011-08-01 17:54:00.032071605 -0400 +@@ -8,7 +8,7 @@ - ; Security enhancements for UNIX systems - comment them out on Win32 - ; for chroot a copy of some devices and files is needed within the jail + ; A copy of some devices and system files is needed within the chroot jail + ; Chroot conflicts with configuration file reload and many other features -chroot = @prefix@/var/lib/stunnel/ +chroot = @localstatedir@/run/stunnel/ + ; Chroot jail can be escaped if setuid option is not used setuid = nobody setgid = @DEFAULT_GROUP@ - ; PID is created inside the chroot jail -@@ -33,12 +33,13 @@ options = NO_SSLv2 +@@ -25,8 +25,8 @@ pid = /stunnel.pid + ; ***************************************************************************** + + ; Certificate/key is needed in server mode and optional in client mode +-cert = @prefix@/etc/stunnel/mail.pem +-;key = @prefix@/etc/stunnel/mail.pem ++cert = @sysconfdir@/stunnel/mail.pem ++;key = @sysconfdir@/stunnel/mail.pem + + ; Authentication stuff needs to be configured to prevent MITM attacks + ; It is not enabled by default! +@@ -35,12 +35,13 @@ cert = @prefix@/etc/stunnel/mail.pem ; CApath is located inside chroot jail ;CApath = /certs ; It's often easier to use CAfile @@ -31,5 +35,5 @@ diff -urNp stunnel-4.37/tools/stunnel.conf-sample.in stunnel-4.37-cvs-patched/to -;CRLfile = @prefix@/etc/stunnel/crls.pem +;CRLfile = @sysconfdir@/stunnel/crls.pem - ; Debugging stuff (may useful for troubleshooting) - ;debug = 7 + ; Disable support for insecure SSLv2 protocol + options = NO_SSLv2 diff --git a/stunnel.spec b/stunnel.spec index f3d5d5f..cfa2ef7 100644 --- a/stunnel.spec +++ b/stunnel.spec @@ -1,6 +1,6 @@ Summary: An SSL-encrypting socket wrapper Name: stunnel -Version: 4.37 +Version: 4.41 Release: 1%{?dist} License: GPLv2 Group: Applications/Internet @@ -79,6 +79,10 @@ rm -rf $RPM_BUILD_ROOT %exclude %{_sysconfdir}/stunnel/* %changelog +* Mon Aug 1 2011 Avesh Agarwal - 4.41-1 +- New upstream realease 4.41 +- Updated local patches to match the new release + * Tue Jun 28 2011 Avesh Agarwal - 4.37-1 - New upstream realease 4.37 - Updated local patches to match the new release