diff --git a/.cvsignore b/.cvsignore index 0934e30..fecb3ad 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,2 +1,2 @@ -stunnel-4.15.tar.gz -stunnel-4.15.tar.gz.asc +stunnel-4.18.tar.gz +stunnel-4.18.tar.gz.asc diff --git a/sources b/sources index e59598c..23bf134 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -2c00153ad099a5f9c5609e8d1dbbe470 stunnel-4.15.tar.gz -71ddec1b83133d7479e477ad0ce229c6 stunnel-4.15.tar.gz.asc +08f6120c8f2ff55089abc7df9c63455d stunnel-4.18.tar.gz +00217389849b43f7d4c5e2ea61686fde stunnel-4.18.tar.gz.asc diff --git a/stunnel-4.18-sample.patch b/stunnel-4.18-sample.patch new file mode 100644 index 0000000..b2d3c2a --- /dev/null +++ b/stunnel-4.18-sample.patch @@ -0,0 +1,38 @@ +You shouldn't use the sample as-is, but people do. + +--- stunnel-4.18/tools/stunnel.conf-sample.in.sample 2006-08-31 21:02:30.000000000 +0200 ++++ stunnel-4.18/tools/stunnel.conf-sample.in 2006-10-25 02:20:02.000000000 +0200 +@@ -3,14 +3,14 @@ + ; Please make sure you understand them (especially the effect of chroot jail) + + ; Certificate/key is needed in server mode and optional in client mode +-cert = @prefix@/etc/stunnel/mail.pem +-;key = @prefix@/etc/stunnel/mail.pem ++cert = @sysconfdir@/stunnel/mail.crt ++;key = @sysconfdir@/stunnel/mail.key + + ; Protocol version (all, SSLv2, SSLv3, TLSv1) + sslVersion = SSLv3 + + ; Some security enhancements for UNIX systems - comment them out on Win32 +-chroot = @prefix@/var/lib/stunnel/ ++chroot = @localstatedir@/run/stunnel/ + setuid = nobody + setgid = @DEFAULT_GROUP@ + ; PID is created inside chroot jail +@@ -30,12 +30,13 @@ + ; CApath is located inside chroot jail + ;CApath = /certs + ; It's often easier to use CAfile +-;CAfile = @prefix@/etc/stunnel/certs.pem ++;CAfile = @sysconfdir@/stunnel/certs.pem ++;CAfile = @datadir@/ssl/certs/ca-bundle.crt + ; Don't forget to c_rehash CRLpath + ; CRLpath is located inside chroot jail + ;CRLpath = /crls + ; Alternatively you can use CRLfile +-;CRLfile = @prefix@/etc/stunnel/crls.pem ++;CRLfile = @sysconfdir@/stunnel/crls.pem + + ; Some debugging stuff useful for troubleshooting + ;debug = 7 diff --git a/stunnel.spec b/stunnel.spec index e890887..de4892c 100644 --- a/stunnel.spec +++ b/stunnel.spec @@ -1,26 +1,22 @@ -Summary: An SSL-encrypting socket wrapper. +Summary: An SSL-encrypting socket wrapper Name: stunnel -Version: 4.15 -Release: 2 +Version: 4.18 +Release: 1 License: GPL Group: Applications/Internet URL: http://stunnel.mirt.net/ Source0: ftp://stunnel.mirt.net/stunnel/stunnel-%{version}.tar.gz Source1: ftp://stunnel.mirt.net/stunnel/stunnel-%{version}.tar.gz.asc -Source2: stunnel.cnf -Source3: Certificate-Creation -Source4: sfinger.xinetd -Source5: stunnel-sfinger.conf -Source6: pop3-redirect.xinetd -Source7: stunnel-pop3s-client.conf +Source2: Certificate-Creation +Source3: sfinger.xinetd +Source4: stunnel-sfinger.conf +Source5: pop3-redirect.xinetd +Source6: stunnel-pop3s-client.conf Patch0: stunnel-4.08-authpriv.patch -Patch1: stunnel-4.15-sample.patch -Patch2: stunnel-4.15-nogroup.patch +Patch1: stunnel-4.18-sample.patch Buildroot: %{_tmppath}/stunnel-root # util-linux is needed for rename BuildRequires: openssl-devel, pkgconfig, tcp_wrappers, util-linux -# For stunnel-4.15-nogroup.patch -BuildRequires: autoconf, automake, libtool %description Stunnel is a socket wrapper which can provide SSL (Secure Sockets @@ -31,7 +27,6 @@ in conjunction with imapd to create an SSL secure IMAP server. %setup -q %patch0 -p1 -b .authpriv %patch1 -p1 -b .sample -%patch2 -p1 -b .nogroup iconv -f iso-8859-1 -t utf-8 < doc/stunnel.fr.8 > doc/stunnel.fr.8_ mv doc/stunnel.fr.8_ doc/stunnel.fr.8 @@ -39,7 +34,6 @@ iconv -f iso-8859-2 -t utf-8 < doc/stunnel.pl.8 > doc/stunnel.pl.8_ mv doc/stunnel.pl.8_ doc/stunnel.pl.8 %build -autoreconf -f # For stunnel-4.15-nogroup.patch CFLAGS="$RPM_OPT_FLAGS -fPIC"; export CFLAGS if pkg-config openssl ; then CFLAGS="$CFLAGS `pkg-config --cflags openssl`"; @@ -62,6 +56,9 @@ for lang in fr pl ; do rename ".${lang}" "" $RPM_BUILD_ROOT/%{_mandir}/${lang}/man8/* done +mkdir srpm-docs +cp %{SOURCE2} %{SOURCE3} %{SOURCE4} %{SOURCE5} %{SOURCE6} srpm-docs + %post -p /sbin/ldconfig %postun -p /sbin/ldconfig @@ -72,12 +69,8 @@ rm -rf $RPM_BUILD_ROOT %files %defattr(-,root,root) %doc AUTHORS BUGS ChangeLog COPY* CREDITS NEWS PORTS README TODO -%doc $RPM_SOURCE_DIR/Certificate-Creation -%doc $RPM_SOURCE_DIR/sfinger.xinetd -%doc $RPM_SOURCE_DIR/pop3-redirect.xinetd -%doc $RPM_SOURCE_DIR/stunnel-pop3s-client.conf -%doc $RPM_SOURCE_DIR/stunnel-sfinger.conf %doc tools/stunnel.conf-sample +%doc srpm-docs/* %lang(en) %doc doc/en/* %lang(po) %doc doc/pl/* %exclude %{_datadir}/doc/stunnel @@ -91,6 +84,11 @@ rm -rf $RPM_BUILD_ROOT %exclude %{_sysconfdir}/stunnel/* %changelog +* Wed Oct 25 2006 Miloslav Trmac - 4.18-1 +- Update to stunnel-4.18 +- Remove unused stunnel.cnf from the src.rpm +- Fix some rpmlint warnings + * Fri Aug 18 2006 Jesse Keating - 4.15-2 - rebuilt with latest binutils to pick up 64K -z commonpagesize on ppc* (#203001) @@ -118,7 +116,7 @@ rm -rf $RPM_BUILD_ROOT * Thu Nov 3 2005 Miloslav Trmac - 4.14-1 - Update to stunnel-4.14 -- Override changed default pid file location, keep it in %{_localstatedir}/run +- Override changed default pid file location, keep it in %%{_localstatedir}/run * Sat Oct 22 2005 Miloslav Trmac - 4.13-1 - Update to stunnel-4.13 @@ -282,8 +280,8 @@ rm -rf $RPM_BUILD_ROOT * Thu Jun 29 2000 Nalin Dahyabhai - move to Applications/Internet group -- clean up %post script -- make stunnel.pem %ghost %config(noreplace) +- clean up %%post script +- make stunnel.pem %%ghost %%config(noreplace) - provide a sample file for use with xinetd * Thu Jun 8 2000 Nalin Dahyabhai