From dfaeaaee326ed5200ae0d461554c06a7aa71a12f Mon Sep 17 00:00:00 2001 From: Avesh Agarwal Date: Sun, 23 Nov 2014 01:51:28 -0500 Subject: [PATCH] 1163349: New upstream beta release 5.08b6 - Fixed incorrect reporting of fips status in configure.ac at compile time - Fixed default OpenSSL directory issue by using with-ssl - Updates local patches - 1155977: Fixes man page issues --- .gitignore | 1 + sources | 4 +--- stunnel-1155977.patch | 36 ++++++++++++++++++++++++++++++ stunnel-5-authpriv.patch | 42 +++++++++++++++++------------------ stunnel-5-sample.patch | 6 ++--- stunnel-configure-ac.patch | 12 ++++++++++ stunnel-systemd-service.patch | 6 ++--- stunnel.spec | 24 +++++++++++++++----- 8 files changed, 96 insertions(+), 35 deletions(-) create mode 100644 stunnel-1155977.patch create mode 100644 stunnel-configure-ac.patch diff --git a/.gitignore b/.gitignore index dee46c3..74aebf8 100644 --- a/.gitignore +++ b/.gitignore @@ -56,3 +56,4 @@ stunnel-4.33.tar.gz.asc /stunnel-5.07.tar.gz /stunnel-5.07.tar.gz.asc /stunnel-5.07.tar.gz.sha256 +/stunnel-5.08b6.tar.gz diff --git a/sources b/sources index f683c15..03937b3 100644 --- a/sources +++ b/sources @@ -1,3 +1 @@ -c10edd84ecbc676a5a48c7e34ab3d1c5 stunnel-5.07.tar.gz -093109004dac95ca55bb474adee367d4 stunnel-5.07.tar.gz.asc -5f04a5c7d4d683418dcc0c9627085ba8 stunnel-5.07.tar.gz.sha256 +44d832462a9ad54f21897a3930a5451c stunnel-5.08b6.tar.gz diff --git a/stunnel-1155977.patch b/stunnel-1155977.patch new file mode 100644 index 0000000..0484992 --- /dev/null +++ b/stunnel-1155977.patch @@ -0,0 +1,36 @@ +diff -urNp stunnel-5.08/doc/stunnel.8 stunnel-5.08-patched/doc/stunnel.8 +--- stunnel-5.08/doc/stunnel.8 2014-11-23 01:08:57.684130905 -0500 ++++ stunnel-5.08-patched/doc/stunnel.8 2014-11-23 01:43:02.455507077 -0500 +@@ -383,7 +383,7 @@ If no host specified, defaults to all IP + To listen on all IPv6 addresses use: + .Sp + .Vb 1 +-\& connect = :::PORT ++\& accept = :::PORT + .Ve + .IP "\fBCApath\fR = \s-1DIRECTORY\s0" 4 + .IX Item "CApath = DIRECTORY" +diff -urNp stunnel-5.08/doc/stunnel.html stunnel-5.08-patched/doc/stunnel.html +--- stunnel-5.08/doc/stunnel.html 2014-11-23 01:08:57.684130905 -0500 ++++ stunnel-5.08-patched/doc/stunnel.html 2014-11-23 01:43:25.815207858 -0500 +@@ -426,7 +426,7 @@ + +

To listen on all IPv6 addresses use:

+ +-
    connect = :::PORT
++
    accept = :::PORT
+ + +
CApath = DIRECTORY
+diff -urNp stunnel-5.08/doc/stunnel.pod stunnel-5.08-patched/doc/stunnel.pod +--- stunnel-5.08/doc/stunnel.pod 2014-11-23 01:08:57.684130905 -0500 ++++ stunnel-5.08-patched/doc/stunnel.pod 2014-11-23 01:43:36.634069279 -0500 +@@ -393,7 +393,7 @@ If no host specified, defaults to all IP + + To listen on all IPv6 addresses use: + +- connect = :::PORT ++ accept = :::PORT + + =item B = DIRECTORY + diff --git a/stunnel-5-authpriv.patch b/stunnel-5-authpriv.patch index 0a86711..477795f 100644 --- a/stunnel-5-authpriv.patch +++ b/stunnel-5-authpriv.patch @@ -1,7 +1,7 @@ -diff -urNp stunnel-5.07/doc/stunnel.8 stunnel-5.07-patched/doc/stunnel.8 ---- stunnel-5.07/doc/stunnel.8 2014-11-01 09:50:37.000000000 -0400 -+++ stunnel-5.07-patched/doc/stunnel.8 2014-11-04 14:16:19.120854038 -0500 -@@ -193,7 +193,7 @@ info (6), or debug (7). All logs for th +diff -urNp stunnel-5.08/doc/stunnel.8 stunnel-5.08-patched/doc/stunnel.8 +--- stunnel-5.08/doc/stunnel.8 2014-11-15 10:25:48.000000000 -0500 ++++ stunnel-5.08-patched/doc/stunnel.8 2014-11-23 01:06:17.213015545 -0500 +@@ -202,7 +202,7 @@ info (6), or debug (7). All logs for th all levels numerically less than it will be shown. Use \fIdebug = debug\fR or \&\fIdebug = 7\fR for greatest debugging output. The default is notice (5). .Sp @@ -10,21 +10,21 @@ diff -urNp stunnel-5.07/doc/stunnel.8 stunnel-5.07-patched/doc/stunnel.8 (Facilities are not supported on Win32.) .Sp Case is ignored for both facilities and levels. -diff -urNp stunnel-5.07/doc/stunnel.html stunnel-5.07-patched/doc/stunnel.html ---- stunnel-5.07/doc/stunnel.html 2014-11-01 09:50:37.000000000 -0400 -+++ stunnel-5.07-patched/doc/stunnel.html 2014-11-04 14:17:31.654925879 -0500 -@@ -229,7 +229,7 @@ emerg (0), alert (1), crit (2), err (3), - info (6), or debug (7). All logs for the specified level and - all levels numerically less than it will be shown. Use debug = debug or - debug = 7 for greatest debugging output. The default is notice (5).

--

The syslog facility 'daemon' will be used unless a facility name is supplied. -+

The syslog facility 'authpriv' will be used unless a facility name is supplied. - (Facilities are not supported on Win32.)

+diff -urNp stunnel-5.08/doc/stunnel.html stunnel-5.08-patched/doc/stunnel.html +--- stunnel-5.08/doc/stunnel.html 2014-11-15 10:25:48.000000000 -0500 ++++ stunnel-5.08-patched/doc/stunnel.html 2014-11-23 01:07:01.905520548 -0500 +@@ -202,7 +202,7 @@ + +

Level is a one of the syslog level names or numbers emerg (0), alert (1), crit (2), err (3), warning (4), notice (5), info (6), or debug (7). All logs for the specified level and all levels numerically less than it will be shown. Use debug = debug or debug = 7 for greatest debugging output. The default is notice (5).

+ +-

The syslog facility 'daemon' will be used unless a facility name is supplied. (Facilities are not supported on Win32.)

++

The syslog facility 'authpriv' will be used unless a facility name is supplied. (Facilities are not supported on Win32.)

+

Case is ignored for both facilities and levels.

- -diff -urNp stunnel-5.07/doc/stunnel.pod stunnel-5.07-patched/doc/stunnel.pod ---- stunnel-5.07/doc/stunnel.pod 2014-10-31 11:39:57.000000000 -0400 -+++ stunnel-5.07-patched/doc/stunnel.pod 2014-11-04 14:18:19.456314002 -0500 + +diff -urNp stunnel-5.08/doc/stunnel.pod stunnel-5.08-patched/doc/stunnel.pod +--- stunnel-5.08/doc/stunnel.pod 2014-11-15 10:25:48.000000000 -0500 ++++ stunnel-5.08-patched/doc/stunnel.pod 2014-11-23 01:07:13.002397392 -0500 @@ -188,7 +188,7 @@ info (6), or debug (7). All logs for th all levels numerically less than it will be shown. Use I or I for greatest debugging output. The default is notice (5). @@ -34,9 +34,9 @@ diff -urNp stunnel-5.07/doc/stunnel.pod stunnel-5.07-patched/doc/stunnel.pod (Facilities are not supported on Win32.) Case is ignored for both facilities and levels. -diff -urNp stunnel-5.07/src/options.c stunnel-5.07-patched/src/options.c ---- stunnel-5.07/src/options.c 2014-11-01 09:47:18.000000000 -0400 -+++ stunnel-5.07-patched/src/options.c 2014-11-04 14:19:11.153652725 -0500 +diff -urNp stunnel-5.08/src/options.c stunnel-5.08-patched/src/options.c +--- stunnel-5.08/src/options.c 2014-11-14 13:55:39.000000000 -0500 ++++ stunnel-5.08-patched/src/options.c 2014-11-23 01:07:36.967131425 -0500 @@ -461,8 +461,12 @@ NOEXPORT char *parse_global_option(CMD c case CMD_BEGIN: new_global_options.debug_level=LOG_NOTICE; diff --git a/stunnel-5-sample.patch b/stunnel-5-sample.patch index 352e011..ec33264 100644 --- a/stunnel-5-sample.patch +++ b/stunnel-5-sample.patch @@ -1,6 +1,6 @@ -diff -urNp stunnel-5.07/tools/stunnel.conf-sample.in stunnel-5.07-patched/tools/stunnel.conf-sample.in ---- stunnel-5.07/tools/stunnel.conf-sample.in 2014-11-01 09:48:17.000000000 -0400 -+++ stunnel-5.07-patched/tools/stunnel.conf-sample.in 2014-11-04 14:12:38.382678119 -0500 +diff -urNp stunnel-5.08/tools/stunnel.conf-sample.in stunnel-5.08-patched/tools/stunnel.conf-sample.in +--- stunnel-5.08/tools/stunnel.conf-sample.in 2014-11-01 09:48:17.000000000 -0400 ++++ stunnel-5.08-patched/tools/stunnel.conf-sample.in 2014-11-23 01:09:28.393727451 -0500 @@ -10,7 +10,7 @@ ; A copy of some devices and system files is needed within the chroot jail ; Chroot conflicts with configuration file reload and many other features diff --git a/stunnel-configure-ac.patch b/stunnel-configure-ac.patch new file mode 100644 index 0000000..fb11a61 --- /dev/null +++ b/stunnel-configure-ac.patch @@ -0,0 +1,12 @@ +diff -urNp stunnel-5.08/configure.ac stunnel-5.08-patched/configure.ac +--- stunnel-5.08/configure.ac 2014-11-10 05:39:19.000000000 -0500 ++++ stunnel-5.08-patched/configure.ac 2014-11-23 01:20:36.100644932 -0500 +@@ -361,7 +361,7 @@ AC_ARG_ENABLE(fips, + [ --disable-fips disable OpenSSL FIPS support], + [ + case "$enableval" in +- yes) AC_MSG_RESULT([no]) ++ yes) AC_MSG_RESULT([yes]) + use_fips="yes" + AC_DEFINE([USE_FIPS], [1], + [Define to 1 to enable OpenSSL FIPS support]) diff --git a/stunnel-systemd-service.patch b/stunnel-systemd-service.patch index 6c8ceca..3a92ce5 100644 --- a/stunnel-systemd-service.patch +++ b/stunnel-systemd-service.patch @@ -1,6 +1,6 @@ -diff -urNp stunnel-5.07/tools/stunnel.service.in stunnel-5.07-patched/tools/stunnel.service.in ---- stunnel-5.07/tools/stunnel.service.in 2011-05-02 18:07:34.000000000 -0400 -+++ stunnel-5.07-patched/tools/stunnel.service.in 2014-11-04 14:21:15.825057474 -0500 +diff -urNp stunnel-5.08/tools/stunnel.service.in stunnel-5.08-patched/tools/stunnel.service.in +--- stunnel-5.08/tools/stunnel.service.in 2011-05-02 18:07:34.000000000 -0400 ++++ stunnel-5.08-patched/tools/stunnel.service.in 2014-11-23 01:09:38.778591018 -0500 @@ -1,10 +1,11 @@ [Unit] Description=SSL tunnel for network daemons diff --git a/stunnel.spec b/stunnel.spec index a951c4c..5dc7696 100644 --- a/stunnel.spec +++ b/stunnel.spec @@ -1,13 +1,13 @@ Summary: An SSL-encrypting socket wrapper Name: stunnel -Version: 5.07 +Version: 5.08b6 Release: 1%{?dist} License: GPLv2 Group: Applications/Internet URL: http://www.stunnel.org/ Source0: https://www.stunnel.org/downloads/beta/stunnel-%{version}.tar.gz -Source1: https://www.stunnel.org/downloads/stunnel-%{version}.tar.gz.asc -Source7: https://www.stunnel.org/downloads/stunnel-%{version}.tar.gz.sha256 +#Source1: https://www.stunnel.org/downloads/stunnel-%{version}.tar.gz.asc +#Source7: https://www.stunnel.org/downloads/stunnel-%{version}.tar.gz.sha256 Source2: Certificate-Creation Source3: sfinger.xinetd Source4: stunnel-sfinger.conf @@ -16,6 +16,8 @@ Source6: stunnel-pop3s-client.conf Patch0: stunnel-5-authpriv.patch Patch1: stunnel-5-sample.patch Patch2: stunnel-systemd-service.patch +Patch3: stunnel-configure-ac.patch +Patch4: stunnel-1155977.patch # util-linux is needed for rename BuildRequires: openssl-devel, pkgconfig, tcp_wrappers-devel, util-linux # for /usr/bin/pod2man @@ -35,18 +37,21 @@ Layer) support to ordinary applications. For example, it can be used in conjunction with imapd to create an SSL secure IMAP server. %prep -%setup -q +%setup -q -n stunnel-5.08 %patch0 -p1 -b .authpriv %patch1 -p1 -b .sample %patch2 -p1 +%patch3 -p1 +%patch4 -p1 %build +autoreconf CFLAGS="$RPM_OPT_FLAGS -fPIC"; export CFLAGS if pkg-config openssl ; then CFLAGS="$CFLAGS `pkg-config --cflags openssl`"; LDFLAGS="`pkg-config --libs-only-L openssl`"; export LDFLAGS fi -%configure --enable-fips --enable-ipv6 \ +%configure --enable-fips --enable-ipv6 --with-ssl=%{_prefix}\ CPPFLAGS="-UPIDFILE -DPIDFILE='\"%{_localstatedir}/run/stunnel.pid\"'" make LDADD="-pie -Wl,-z,defs,-z,relro,-z,now" @@ -106,6 +111,15 @@ cp $RPM_BUILD_ROOT%{_datadir}/doc/stunnel/examples/%{name}.service $RPM_BUILD_RO %endif %changelog +* Sun Nov 23 2014 Avesh Agarwal - 5.08b6-1 +- 1163349: New upstream beta release 5.08b6 +- Fixed incorrect reporting of fips status in configure.ac + at compile time +- Fixed default OpenSSL directory issue by using with-ssl +- Updates local patches +- 1155977: Fixes man page issues + + * Tue Nov 04 2014 Avesh Agarwal - 5.07-1 - New upstream release 5.07