36 lines
1.5 KiB
Diff
36 lines
1.5 KiB
Diff
diff -urNp stunnel-4.37/tools/stunnel.conf-sample.in stunnel-4.37-cvs-patched/tools/stunnel.conf-sample.in
|
|
--- stunnel-4.37/tools/stunnel.conf-sample.in 2011-06-04 14:46:00.000000000 -0400
|
|
+++ stunnel-4.37-cvs-patched/tools/stunnel.conf-sample.in 2011-06-28 12:57:17.387114066 -0400
|
|
@@ -5,12 +5,12 @@
|
|
; Certificate/key is needed in server mode and optional in client mode
|
|
; The default certificate is provided only for testing and should not
|
|
; be used in a production environment
|
|
-cert = @prefix@/etc/stunnel/mail.pem
|
|
-;key = @prefix@/etc/stunnel/mail.pem
|
|
+cert = @sysconfdir@/stunnel/mail.crt
|
|
+;key = @sysconfdir@/stunnel/mail.key
|
|
|
|
; Security enhancements for UNIX systems - comment them out on Win32
|
|
; for chroot a copy of some devices and files is needed within the jail
|
|
-chroot = @prefix@/var/lib/stunnel/
|
|
+chroot = @localstatedir@/run/stunnel/
|
|
setuid = nobody
|
|
setgid = @DEFAULT_GROUP@
|
|
; PID is created inside the chroot jail
|
|
@@ -33,12 +33,13 @@ options = NO_SSLv2
|
|
; CApath is located inside chroot jail
|
|
;CApath = /certs
|
|
; It's often easier to use CAfile
|
|
-;CAfile = @prefix@/etc/stunnel/certs.pem
|
|
+;CAfile = @sysconfdir@/stunnel/certs.pem
|
|
+;CAfile = @sysconfdir@/pki/tls/certs/ca-bundle.crt
|
|
; Don't forget to c_rehash CRLpath
|
|
; CRLpath is located inside chroot jail
|
|
;CRLpath = /crls
|
|
; Alternatively CRLfile can be used
|
|
-;CRLfile = @prefix@/etc/stunnel/crls.pem
|
|
+;CRLfile = @sysconfdir@/stunnel/crls.pem
|
|
|
|
; Debugging stuff (may useful for troubleshooting)
|
|
;debug = 7
|