diff -urNp stunnel-5.15/tools/stunnel.conf-sample.in stunnel-5.15-patched/tools/stunnel.conf-sample.in --- stunnel-5.15/tools/stunnel.conf-sample.in 2015-04-16 08:22:14.000000000 -0400 +++ stunnel-5.15-patched/tools/stunnel.conf-sample.in 2015-04-27 11:23:41.958154436 -0400 @@ -12,7 +12,7 @@ ;setgid = @DEFAULT_GROUP@ ; PID file is created inside the chroot jail (if enabled) -;pid = @prefix@/var/run/stunnel.pid +;pid = @localstatedir@/run/stunnel.pid ; Debugging stuff (may be useful for troubleshooting) ;foreground = yes @@ -68,34 +68,34 @@ checkHost = smtp.gmail.com ;[pop3s] ;accept = 995 ;connect = 110 -;cert = @prefix@/etc/stunnel/stunnel.pem +;cert = @sysconfdir@/stunnel/stunnel.pem ;[imaps] ;accept = 993 ;connect = 143 -;cert = @prefix@/etc/stunnel/stunnel.pem +;cert = @sysconfdir@/stunnel/stunnel.pem ;[ssmtp] ;accept = 465 ;connect = 25 -;cert = @prefix@/etc/stunnel/stunnel.pem +;cert = @sysconfdir@/stunnel/stunnel.pem ; TLS front-end to a web server ;[https] ;accept = 443 ;connect = 80 -;cert = @prefix@/etc/stunnel/stunnel.pem +;cert = @sysconfdir@/stunnel/stunnel.pem ; "TIMEOUTclose = 0" is a workaround for a design flaw in Microsoft SChannel ; Microsoft implementations do not use TLS close-notify alert and thus they ; are vulnerable to truncation attacks ;TIMEOUTclose = 0 ; Remote shell protected with PSK-authenticated TLS -; Create "@prefix@/etc/stunnel/secrets.txt" containing IDENTITY:KEY pairs +; Create "@sysconfdir@/stunnel/secrets.txt" containing IDENTITY:KEY pairs ;[shell] ;accept = 1337 ;exec = /bin/sh ;execArgs = sh -i -;PSKsecrets = @prefix@/etc/stunnel/secrets.txt +;PSKsecrets = @sysconfdir@/stunnel/secrets.txt ; vim:ft=dosini