From dfaeaaee326ed5200ae0d461554c06a7aa71a12f Mon Sep 17 00:00:00 2001
From: Avesh Agarwal
Date: Sun, 23 Nov 2014 01:51:28 -0500
Subject: [PATCH] 1163349: New upstream beta release 5.08b6
- Fixed incorrect reporting of fips status in configure.ac
at compile time
- Fixed default OpenSSL directory issue by using with-ssl
- Updates local patches
- 1155977: Fixes man page issues
---
.gitignore | 1 +
sources | 4 +---
stunnel-1155977.patch | 36 ++++++++++++++++++++++++++++++
stunnel-5-authpriv.patch | 42 +++++++++++++++++------------------
stunnel-5-sample.patch | 6 ++---
stunnel-configure-ac.patch | 12 ++++++++++
stunnel-systemd-service.patch | 6 ++---
stunnel.spec | 24 +++++++++++++++-----
8 files changed, 96 insertions(+), 35 deletions(-)
create mode 100644 stunnel-1155977.patch
create mode 100644 stunnel-configure-ac.patch
diff --git a/.gitignore b/.gitignore
index dee46c3..74aebf8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -56,3 +56,4 @@ stunnel-4.33.tar.gz.asc
/stunnel-5.07.tar.gz
/stunnel-5.07.tar.gz.asc
/stunnel-5.07.tar.gz.sha256
+/stunnel-5.08b6.tar.gz
diff --git a/sources b/sources
index f683c15..03937b3 100644
--- a/sources
+++ b/sources
@@ -1,3 +1 @@
-c10edd84ecbc676a5a48c7e34ab3d1c5 stunnel-5.07.tar.gz
-093109004dac95ca55bb474adee367d4 stunnel-5.07.tar.gz.asc
-5f04a5c7d4d683418dcc0c9627085ba8 stunnel-5.07.tar.gz.sha256
+44d832462a9ad54f21897a3930a5451c stunnel-5.08b6.tar.gz
diff --git a/stunnel-1155977.patch b/stunnel-1155977.patch
new file mode 100644
index 0000000..0484992
--- /dev/null
+++ b/stunnel-1155977.patch
@@ -0,0 +1,36 @@
+diff -urNp stunnel-5.08/doc/stunnel.8 stunnel-5.08-patched/doc/stunnel.8
+--- stunnel-5.08/doc/stunnel.8 2014-11-23 01:08:57.684130905 -0500
++++ stunnel-5.08-patched/doc/stunnel.8 2014-11-23 01:43:02.455507077 -0500
+@@ -383,7 +383,7 @@ If no host specified, defaults to all IP
+ To listen on all IPv6 addresses use:
+ .Sp
+ .Vb 1
+-\& connect = :::PORT
++\& accept = :::PORT
+ .Ve
+ .IP "\fBCApath\fR = \s-1DIRECTORY\s0" 4
+ .IX Item "CApath = DIRECTORY"
+diff -urNp stunnel-5.08/doc/stunnel.html stunnel-5.08-patched/doc/stunnel.html
+--- stunnel-5.08/doc/stunnel.html 2014-11-23 01:08:57.684130905 -0500
++++ stunnel-5.08-patched/doc/stunnel.html 2014-11-23 01:43:25.815207858 -0500
+@@ -426,7 +426,7 @@
+
+ To listen on all IPv6 addresses use:
+
+- connect = :::PORT
++ accept = :::PORT
+
+
+ CApath = DIRECTORY
+diff -urNp stunnel-5.08/doc/stunnel.pod stunnel-5.08-patched/doc/stunnel.pod
+--- stunnel-5.08/doc/stunnel.pod 2014-11-23 01:08:57.684130905 -0500
++++ stunnel-5.08-patched/doc/stunnel.pod 2014-11-23 01:43:36.634069279 -0500
+@@ -393,7 +393,7 @@ If no host specified, defaults to all IP
+
+ To listen on all IPv6 addresses use:
+
+- connect = :::PORT
++ accept = :::PORT
+
+ =item B = DIRECTORY
+
diff --git a/stunnel-5-authpriv.patch b/stunnel-5-authpriv.patch
index 0a86711..477795f 100644
--- a/stunnel-5-authpriv.patch
+++ b/stunnel-5-authpriv.patch
@@ -1,7 +1,7 @@
-diff -urNp stunnel-5.07/doc/stunnel.8 stunnel-5.07-patched/doc/stunnel.8
---- stunnel-5.07/doc/stunnel.8 2014-11-01 09:50:37.000000000 -0400
-+++ stunnel-5.07-patched/doc/stunnel.8 2014-11-04 14:16:19.120854038 -0500
-@@ -193,7 +193,7 @@ info (6), or debug (7). All logs for th
+diff -urNp stunnel-5.08/doc/stunnel.8 stunnel-5.08-patched/doc/stunnel.8
+--- stunnel-5.08/doc/stunnel.8 2014-11-15 10:25:48.000000000 -0500
++++ stunnel-5.08-patched/doc/stunnel.8 2014-11-23 01:06:17.213015545 -0500
+@@ -202,7 +202,7 @@ info (6), or debug (7). All logs for th
all levels numerically less than it will be shown. Use \fIdebug = debug\fR or
\&\fIdebug = 7\fR for greatest debugging output. The default is notice (5).
.Sp
@@ -10,21 +10,21 @@ diff -urNp stunnel-5.07/doc/stunnel.8 stunnel-5.07-patched/doc/stunnel.8
(Facilities are not supported on Win32.)
.Sp
Case is ignored for both facilities and levels.
-diff -urNp stunnel-5.07/doc/stunnel.html stunnel-5.07-patched/doc/stunnel.html
---- stunnel-5.07/doc/stunnel.html 2014-11-01 09:50:37.000000000 -0400
-+++ stunnel-5.07-patched/doc/stunnel.html 2014-11-04 14:17:31.654925879 -0500
-@@ -229,7 +229,7 @@ emerg (0), alert (1), crit (2), err (3),
- info (6), or debug (7). All logs for the specified level and
- all levels numerically less than it will be shown. Use debug = debug or
- debug = 7 for greatest debugging output. The default is notice (5).
--The syslog facility 'daemon' will be used unless a facility name is supplied.
-+
The syslog facility 'authpriv' will be used unless a facility name is supplied.
- (Facilities are not supported on Win32.)
+diff -urNp stunnel-5.08/doc/stunnel.html stunnel-5.08-patched/doc/stunnel.html
+--- stunnel-5.08/doc/stunnel.html 2014-11-15 10:25:48.000000000 -0500
++++ stunnel-5.08-patched/doc/stunnel.html 2014-11-23 01:07:01.905520548 -0500
+@@ -202,7 +202,7 @@
+
+ Level is a one of the syslog level names or numbers emerg (0), alert (1), crit (2), err (3), warning (4), notice (5), info (6), or debug (7). All logs for the specified level and all levels numerically less than it will be shown. Use debug = debug or debug = 7 for greatest debugging output. The default is notice (5).
+
+-The syslog facility 'daemon' will be used unless a facility name is supplied. (Facilities are not supported on Win32.)
++The syslog facility 'authpriv' will be used unless a facility name is supplied. (Facilities are not supported on Win32.)
+
Case is ignored for both facilities and levels.
-
-diff -urNp stunnel-5.07/doc/stunnel.pod stunnel-5.07-patched/doc/stunnel.pod
---- stunnel-5.07/doc/stunnel.pod 2014-10-31 11:39:57.000000000 -0400
-+++ stunnel-5.07-patched/doc/stunnel.pod 2014-11-04 14:18:19.456314002 -0500
+
+diff -urNp stunnel-5.08/doc/stunnel.pod stunnel-5.08-patched/doc/stunnel.pod
+--- stunnel-5.08/doc/stunnel.pod 2014-11-15 10:25:48.000000000 -0500
++++ stunnel-5.08-patched/doc/stunnel.pod 2014-11-23 01:07:13.002397392 -0500
@@ -188,7 +188,7 @@ info (6), or debug (7). All logs for th
all levels numerically less than it will be shown. Use I or
I for greatest debugging output. The default is notice (5).
@@ -34,9 +34,9 @@ diff -urNp stunnel-5.07/doc/stunnel.pod stunnel-5.07-patched/doc/stunnel.pod
(Facilities are not supported on Win32.)
Case is ignored for both facilities and levels.
-diff -urNp stunnel-5.07/src/options.c stunnel-5.07-patched/src/options.c
---- stunnel-5.07/src/options.c 2014-11-01 09:47:18.000000000 -0400
-+++ stunnel-5.07-patched/src/options.c 2014-11-04 14:19:11.153652725 -0500
+diff -urNp stunnel-5.08/src/options.c stunnel-5.08-patched/src/options.c
+--- stunnel-5.08/src/options.c 2014-11-14 13:55:39.000000000 -0500
++++ stunnel-5.08-patched/src/options.c 2014-11-23 01:07:36.967131425 -0500
@@ -461,8 +461,12 @@ NOEXPORT char *parse_global_option(CMD c
case CMD_BEGIN:
new_global_options.debug_level=LOG_NOTICE;
diff --git a/stunnel-5-sample.patch b/stunnel-5-sample.patch
index 352e011..ec33264 100644
--- a/stunnel-5-sample.patch
+++ b/stunnel-5-sample.patch
@@ -1,6 +1,6 @@
-diff -urNp stunnel-5.07/tools/stunnel.conf-sample.in stunnel-5.07-patched/tools/stunnel.conf-sample.in
---- stunnel-5.07/tools/stunnel.conf-sample.in 2014-11-01 09:48:17.000000000 -0400
-+++ stunnel-5.07-patched/tools/stunnel.conf-sample.in 2014-11-04 14:12:38.382678119 -0500
+diff -urNp stunnel-5.08/tools/stunnel.conf-sample.in stunnel-5.08-patched/tools/stunnel.conf-sample.in
+--- stunnel-5.08/tools/stunnel.conf-sample.in 2014-11-01 09:48:17.000000000 -0400
++++ stunnel-5.08-patched/tools/stunnel.conf-sample.in 2014-11-23 01:09:28.393727451 -0500
@@ -10,7 +10,7 @@
; A copy of some devices and system files is needed within the chroot jail
; Chroot conflicts with configuration file reload and many other features
diff --git a/stunnel-configure-ac.patch b/stunnel-configure-ac.patch
new file mode 100644
index 0000000..fb11a61
--- /dev/null
+++ b/stunnel-configure-ac.patch
@@ -0,0 +1,12 @@
+diff -urNp stunnel-5.08/configure.ac stunnel-5.08-patched/configure.ac
+--- stunnel-5.08/configure.ac 2014-11-10 05:39:19.000000000 -0500
++++ stunnel-5.08-patched/configure.ac 2014-11-23 01:20:36.100644932 -0500
+@@ -361,7 +361,7 @@ AC_ARG_ENABLE(fips,
+ [ --disable-fips disable OpenSSL FIPS support],
+ [
+ case "$enableval" in
+- yes) AC_MSG_RESULT([no])
++ yes) AC_MSG_RESULT([yes])
+ use_fips="yes"
+ AC_DEFINE([USE_FIPS], [1],
+ [Define to 1 to enable OpenSSL FIPS support])
diff --git a/stunnel-systemd-service.patch b/stunnel-systemd-service.patch
index 6c8ceca..3a92ce5 100644
--- a/stunnel-systemd-service.patch
+++ b/stunnel-systemd-service.patch
@@ -1,6 +1,6 @@
-diff -urNp stunnel-5.07/tools/stunnel.service.in stunnel-5.07-patched/tools/stunnel.service.in
---- stunnel-5.07/tools/stunnel.service.in 2011-05-02 18:07:34.000000000 -0400
-+++ stunnel-5.07-patched/tools/stunnel.service.in 2014-11-04 14:21:15.825057474 -0500
+diff -urNp stunnel-5.08/tools/stunnel.service.in stunnel-5.08-patched/tools/stunnel.service.in
+--- stunnel-5.08/tools/stunnel.service.in 2011-05-02 18:07:34.000000000 -0400
++++ stunnel-5.08-patched/tools/stunnel.service.in 2014-11-23 01:09:38.778591018 -0500
@@ -1,10 +1,11 @@
[Unit]
Description=SSL tunnel for network daemons
diff --git a/stunnel.spec b/stunnel.spec
index a951c4c..5dc7696 100644
--- a/stunnel.spec
+++ b/stunnel.spec
@@ -1,13 +1,13 @@
Summary: An SSL-encrypting socket wrapper
Name: stunnel
-Version: 5.07
+Version: 5.08b6
Release: 1%{?dist}
License: GPLv2
Group: Applications/Internet
URL: http://www.stunnel.org/
Source0: https://www.stunnel.org/downloads/beta/stunnel-%{version}.tar.gz
-Source1: https://www.stunnel.org/downloads/stunnel-%{version}.tar.gz.asc
-Source7: https://www.stunnel.org/downloads/stunnel-%{version}.tar.gz.sha256
+#Source1: https://www.stunnel.org/downloads/stunnel-%{version}.tar.gz.asc
+#Source7: https://www.stunnel.org/downloads/stunnel-%{version}.tar.gz.sha256
Source2: Certificate-Creation
Source3: sfinger.xinetd
Source4: stunnel-sfinger.conf
@@ -16,6 +16,8 @@ Source6: stunnel-pop3s-client.conf
Patch0: stunnel-5-authpriv.patch
Patch1: stunnel-5-sample.patch
Patch2: stunnel-systemd-service.patch
+Patch3: stunnel-configure-ac.patch
+Patch4: stunnel-1155977.patch
# util-linux is needed for rename
BuildRequires: openssl-devel, pkgconfig, tcp_wrappers-devel, util-linux
# for /usr/bin/pod2man
@@ -35,18 +37,21 @@ Layer) support to ordinary applications. For example, it can be used
in conjunction with imapd to create an SSL secure IMAP server.
%prep
-%setup -q
+%setup -q -n stunnel-5.08
%patch0 -p1 -b .authpriv
%patch1 -p1 -b .sample
%patch2 -p1
+%patch3 -p1
+%patch4 -p1
%build
+autoreconf
CFLAGS="$RPM_OPT_FLAGS -fPIC"; export CFLAGS
if pkg-config openssl ; then
CFLAGS="$CFLAGS `pkg-config --cflags openssl`";
LDFLAGS="`pkg-config --libs-only-L openssl`"; export LDFLAGS
fi
-%configure --enable-fips --enable-ipv6 \
+%configure --enable-fips --enable-ipv6 --with-ssl=%{_prefix}\
CPPFLAGS="-UPIDFILE -DPIDFILE='\"%{_localstatedir}/run/stunnel.pid\"'"
make LDADD="-pie -Wl,-z,defs,-z,relro,-z,now"
@@ -106,6 +111,15 @@ cp $RPM_BUILD_ROOT%{_datadir}/doc/stunnel/examples/%{name}.service $RPM_BUILD_RO
%endif
%changelog
+* Sun Nov 23 2014 Avesh Agarwal - 5.08b6-1
+- 1163349: New upstream beta release 5.08b6
+- Fixed incorrect reporting of fips status in configure.ac
+ at compile time
+- Fixed default OpenSSL directory issue by using with-ssl
+- Updates local patches
+- 1155977: Fixes man page issues
+
+
* Tue Nov 04 2014 Avesh Agarwal - 5.07-1
- New upstream release 5.07