Updates documentation to specify that the option "curves" can be used in server mode only.
This commit is contained in:
Sahana Prasad
parent
c8a143bf4c
commit
bfd45a4fd5
66
stunnel-5.56-curves-doc-update.patch
Normal file
66
stunnel-5.56-curves-doc-update.patch
Normal file
@ -0,0 +1,66 @@
|
||||
--- stunnel-5.56/doc/stunnel.8.in.curves-doc-update 2020-04-16 17:12:48.171590017 +0200
|
||||
+++ stunnel-5.56/doc/stunnel.8.in 2020-04-16 17:16:07.001603122 +0200
|
||||
@@ -473,6 +473,8 @@ This file contains multiple CRLs, used w
|
||||
.IX Item "curves = list"
|
||||
\&\s-1ECDH\s0 curves separated with ':'
|
||||
.Sp
|
||||
+Note: This option is supported for server mode sockets only.
|
||||
+.Sp
|
||||
Only a single curve name is allowed for OpenSSL older than 1.1.0.
|
||||
.Sp
|
||||
To get a list of supported curves use:
|
||||
--- stunnel-5.56/doc/stunnel.html.in.curves-doc-update 2020-04-16 17:13:25.664962696 +0200
|
||||
+++ stunnel-5.56/doc/stunnel.html.in 2020-04-16 17:16:55.897111302 +0200
|
||||
@@ -568,6 +568,8 @@
|
||||
|
||||
<p>ECDH curves separated with ':'</p>
|
||||
|
||||
+<p>Note: This option is supported for server mode sockets only.</p>
|
||||
+
|
||||
<p>Only a single curve name is allowed for OpenSSL older than 1.1.0.</p>
|
||||
|
||||
<p>To get a list of supported curves use:</p>
|
||||
--- stunnel-5.56/doc/stunnel.pod.in.curves-doc-update 2020-04-16 17:13:43.412139122 +0200
|
||||
+++ stunnel-5.56/doc/stunnel.pod.in 2020-04-16 17:17:25.414418073 +0200
|
||||
@@ -499,6 +499,8 @@ I<verifyPeer> options.
|
||||
|
||||
ECDH curves separated with ':'
|
||||
|
||||
+Note: This option is supported for server mode sockets only.
|
||||
+
|
||||
Only a single curve name is allowed for OpenSSL older than 1.1.0.
|
||||
|
||||
To get a list of supported curves use:
|
||||
--- stunnel-5.56/doc/stunnel.pl.pod.in.curves-doc-update 2020-04-16 17:25:22.631934496 +0200
|
||||
+++ stunnel-5.56/doc/stunnel.pl.pod.in 2020-04-16 17:47:46.872353210 +0200
|
||||
@@ -507,6 +507,8 @@ przez opcje I<verifyChain> i I<verifyPee
|
||||
|
||||
krzywe ECDH odddzielone ':'
|
||||
|
||||
+Uwaga: ta opcja wpływa tylko na gniazda w trybie serwera.
|
||||
+
|
||||
Wersje OpenSSL starsze niż 1.1.0 pozwalają na użycie tylko jednej krzywej.
|
||||
|
||||
Listę dostępnych krzywych można uzyskać poleceniem:
|
||||
--- stunnel-5.56/doc/stunnel.pl.html.in.curves-doc-update 2020-04-16 17:24:46.857579674 +0200
|
||||
+++ stunnel-5.56/doc/stunnel.pl.html.in 2020-04-16 17:46:13.385404626 +0200
|
||||
@@ -564,6 +564,8 @@
|
||||
|
||||
<p>krzywe ECDH odddzielone ':'</p>
|
||||
|
||||
+<p>Uwaga: ta opcja wpływa tylko na gniazda w trybie serwera.</p>
|
||||
+
|
||||
<p>Wersje OpenSSL starsze niż 1.1.0 pozwalają na użycie tylko jednej krzywej.</p>
|
||||
|
||||
<p>Listę dostępnych krzywych można uzyskać poleceniem:</p>
|
||||
--- stunnel-5.56/doc/stunnel.pl.8.in.curves-doc-update 2020-04-16 17:24:25.665369474 +0200
|
||||
+++ stunnel-5.56/doc/stunnel.pl.8.in 2020-04-16 17:45:14.141792786 +0200
|
||||
@@ -483,6 +483,8 @@ przez opcje \fIverifyChain\fR i \fIverif
|
||||
.IX Item "curves = lista"
|
||||
krzywe \s-1ECDH\s0 odddzielone ':'
|
||||
.Sp
|
||||
+Uwaga: ta opcja wpływa tylko na gniazda w trybie serwera.
|
||||
+.Sp
|
||||
Wersje OpenSSL starsze niż 1.1.0 pozwalają na użycie tylko jednej krzywej.
|
||||
.Sp
|
||||
Listę dostępnych krzywych można uzyskać poleceniem:
|
||||
@ -10,7 +10,7 @@
|
||||
Summary: A TLS-encrypting socket wrapper
|
||||
Name: stunnel
|
||||
Version: 5.56
|
||||
Release: 6%{?dist}
|
||||
Release: 7%{?dist}
|
||||
License: GPLv2
|
||||
URL: http://www.stunnel.org/
|
||||
Source0: https://www.stunnel.org/downloads/stunnel-%{version}.tar.gz
|
||||
@ -26,6 +26,7 @@ Patch1: stunnel-5.50-systemd-service.patch
|
||||
Patch3: stunnel-5.56-system-ciphers.patch
|
||||
Patch4: stunnel-5.56-coverity.patch
|
||||
Patch5: stunnel-5.56-default-tls-version.patch
|
||||
Patch6: stunnel-5.56-curves-doc-update.patch
|
||||
# util-linux is needed for rename
|
||||
BuildRequires: gcc
|
||||
BuildRequires: openssl-devel, pkgconfig, util-linux
|
||||
@ -53,6 +54,7 @@ conjunction with imapd to create a TLS secure IMAP server.
|
||||
%patch3 -p1 -b .system-ciphers
|
||||
%patch4 -p1 -b .coverity
|
||||
%patch5 -p1 -b .default-tls-version
|
||||
%patch6 -p1 -b .curves-doc-update
|
||||
|
||||
# Fix the configure script output for FIPS mode and stack protector flag
|
||||
sed -i '/yes).*result: no/,+1{s/result: no/result: yes/;s/as_echo "no"/as_echo "yes"/};s/-fstack-protector/-fstack-protector-strong/' configure
|
||||
@ -138,6 +140,9 @@ make test || (for i in tests/logs/*.log ; do echo "$i": ; cat "$i" ; done)
|
||||
%systemd_postun_with_restart %{name}.service
|
||||
|
||||
%changelog
|
||||
* Thu Apr 16 2020 Sahana Prasad <sahana@redhat.com> - 5.56-7
|
||||
- Updates documentation to specify that the option "curves" can be used in server mode only.
|
||||
|
||||
* Wed Apr 08 2020 Sahana Prasad <sahana@redhat.com> - 5.56-6
|
||||
- Fixes default tls version patch to handle default values from OpenSSL crypto policies
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user