[csw-devel] SF.net SVN: gar:[15363] csw/mgar/pkg/stunnel/trunk

skayser at users.sourceforge.net skayser at users.sourceforge.net
Thu Aug 18 00:21:21 CEST 2011


Revision: 15363
          http://gar.svn.sourceforge.net/gar/?rev=15363&view=rev
Author:   skayser
Date:     2011-08-17 22:21:21 +0000 (Wed, 17 Aug 2011)

Log Message:
-----------
stunnel: adjust sample config patch for 4.41

Modified Paths:
--------------
    csw/mgar/pkg/stunnel/trunk/Makefile

Added Paths:
-----------
    csw/mgar/pkg/stunnel/trunk/files/0001-Make-stunnel.conf-sample.in-honor-sysconfdir-localst.patch

Removed Paths:
-------------
    csw/mgar/pkg/stunnel/trunk/files/0001-Make-stunnel.conf-sample.in-honor-sysconfdir-localst.patch

Modified: csw/mgar/pkg/stunnel/trunk/Makefile
===================================================================
--- csw/mgar/pkg/stunnel/trunk/Makefile	2011-08-17 20:03:39 UTC (rev 15362)
+++ csw/mgar/pkg/stunnel/trunk/Makefile	2011-08-17 22:21:21 UTC (rev 15363)
@@ -29,7 +29,10 @@
 RUNTIME_DEP_PKGS = CSWzlib CSWosslrt CSWtcpwrap
 
 # Make stunnel.conf-sample.in honor $localstatedir adjustments
-# c.f. http://marc.info/?l=stunnel-users&m=128035848632004&w=2
+# cf. http://marc.info/?l=stunnel-users&m=128035848632004&w=2
+# Not merged upstream as ./configure without arguments leads to
+# expansions that the config file doesn't understand, e.g.
+# sysconfdir='${prefix}/etc' (cf. config.log)
 PATCHFILES = 0001-Make-stunnel.conf-sample.in-honor-sysconfdir-localst.patch
 
 CONFIGURE_ARGS = $(DIRPATHS)

Deleted: csw/mgar/pkg/stunnel/trunk/files/0001-Make-stunnel.conf-sample.in-honor-sysconfdir-localst.patch
===================================================================
--- csw/mgar/pkg/stunnel/trunk/files/0001-Make-stunnel.conf-sample.in-honor-sysconfdir-localst.patch	2011-08-17 20:03:39 UTC (rev 15362)
+++ csw/mgar/pkg/stunnel/trunk/files/0001-Make-stunnel.conf-sample.in-honor-sysconfdir-localst.patch	2011-08-17 22:21:21 UTC (rev 15363)
@@ -1,54 +0,0 @@
-From 9873796410fa51fdb686bd5ce72e906bc60280e2 Mon Sep 17 00:00:00 2001
-From: Sebastian Kayser <skayser at opencsw.org>
-Date: Thu, 29 Jul 2010 00:37:23 +0200
-Subject: [PATCH] Make stunnel.conf-sample.in honor --sysconfdir, --localstatedir
-
-In case someone ./configured with a --sysconfdir or --localstatedir
-rooted elsewhere than prefix, stunnel.conf-sample.in would have
-disregarded it, because it only honors --prefix. This patch
-introduces handling for the more specific --sysconfdir/--localstatedir.
----
- tools/stunnel.conf-sample.in |   10 +++++-----
- 1 files changed, 5 insertions(+), 5 deletions(-)
-
-diff --git a/tools/stunnel.conf-sample.in b/tools/stunnel.conf-sample.in
-index c231eec..201c60f 100644
---- a/tools/stunnel.conf-sample.in
-+++ b/tools/stunnel.conf-sample.in
-@@ -4,15 +4,15 @@
- ; please read the manual and make sure you understand them
- 
- ; certificate/key is needed in server mode and optional in client mode
--cert = @prefix@/etc/stunnel/mail.pem
--;key = @prefix@/etc/stunnel/mail.pem
-+cert = @sysconfdir@/stunnel/mail.pem
-+;key = @sysconfdir@/stunnel/mail.pem
- 
- ; protocol version (all, SSLv2, SSLv3, TLSv1)
- sslVersion = SSLv3
- 
- ; security enhancements for UNIX systems - comment them out on Win32
- ; for chroot a copy of some devices and files is needed within the jail
--chroot = @prefix@/var/lib/stunnel/
-+chroot = @localstatedir@/lib/stunnel/
- setuid = nobody
- setgid = @DEFAULT_GROUP@
- ; PID is created inside the chroot jail
-@@ -33,12 +33,12 @@ socket = r:TCP_NODELAY=1
- ; CApath is located inside chroot jail
- ;CApath = /certs
- ; it's often easier to use CAfile
--;CAfile = @prefix@/etc/stunnel/certs.pem
-+;CAfile = @sysconfdir@/stunnel/certs.pem
- ; don't forget to c_rehash CRLpath
- ; CRLpath is located inside chroot jail
- ;CRLpath = /crls
- ; alternatively CRLfile can be used
--;CRLfile = @prefix@/etc/stunnel/crls.pem
-+;CRLfile = @sysconfdir@/stunnel/crls.pem
- 
- ; debugging stuff (may useful for troubleshooting)
- ;debug = 7
--- 
-1.7.1
-

Added: csw/mgar/pkg/stunnel/trunk/files/0001-Make-stunnel.conf-sample.in-honor-sysconfdir-localst.patch
===================================================================
--- csw/mgar/pkg/stunnel/trunk/files/0001-Make-stunnel.conf-sample.in-honor-sysconfdir-localst.patch	                        (rev 0)
+++ csw/mgar/pkg/stunnel/trunk/files/0001-Make-stunnel.conf-sample.in-honor-sysconfdir-localst.patch	2011-08-17 22:21:21 UTC (rev 15363)
@@ -0,0 +1,56 @@
+From ded2818b78150049e0cf5934eb4a752e1972e291 Mon Sep 17 00:00:00 2001
+From: Sebastian Kayser <skayser at opencsw.org>
+Date: Thu, 18 Aug 2011 00:02:54 +0200
+Subject: [PATCH] Make stunnel.conf-sample.in honor --sysconfdir,
+ --localstatedir
+
+In case someone ./configured with a --sysconfdir or --localstatedir
+rooted elsewhere than prefix, stunnel.conf-sample.in would have
+disregarded it, because it only honors --prefix. This patch
+introduces handling for the more specific --sysconfdir/--localstatedir.
+---
+ tools/stunnel.conf-sample.in |   10 +++++-----
+ 1 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/tools/stunnel.conf-sample.in b/tools/stunnel.conf-sample.in
+index 37fea53..6a4ccc6 100644
+--- a/tools/stunnel.conf-sample.in
++++ b/tools/stunnel.conf-sample.in
+@@ -8,7 +8,7 @@
+ 
+ ; A copy of some devices and system files is needed within the chroot jail
+ ; Chroot conflicts with configuration file reload and many other features
+-chroot = @prefix@/var/lib/stunnel/
++chroot = @localstatedir@/lib/stunnel/
+ ; Chroot jail can be escaped if setuid option is not used
+ setuid = nobody
+ setgid = @DEFAULT_GROUP@
+@@ -25,8 +25,8 @@ pid = /stunnel.pid
+ ; *****************************************************************************
+ 
+ ; Certificate/key is needed in server mode and optional in client mode
+-cert = @prefix@/etc/stunnel/mail.pem
+-;key = @prefix@/etc/stunnel/mail.pem
++cert = @sysconfdir@/stunnel/mail.pem
++;key = @sysconfdir@/stunnel/mail.pem
+ 
+ ; Authentication stuff needs to be configured to prevent MITM attacks
+ ; It is not enabled by default!
+@@ -35,12 +35,12 @@ cert = @prefix@/etc/stunnel/mail.pem
+ ; CApath is located inside chroot jail
+ ;CApath = /certs
+ ; It's often easier to use CAfile
+-;CAfile = @prefix@/etc/stunnel/certs.pem
++;CAfile = @sysconfdir@/stunnel/certs.pem
+ ; Don't forget to c_rehash CRLpath
+ ; CRLpath is located inside chroot jail
+ ;CRLpath = /crls
+ ; Alternatively CRLfile can be used
+-;CRLfile = @prefix@/etc/stunnel/crls.pem
++;CRLfile = @sysconfdir@/stunnel/crls.pem
+ 
+ ; Disable support for insecure SSLv2 protocol
+ options = NO_SSLv2
+-- 
+1.7.6
+


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


More information about the devel mailing list