[stunnel/f15] New upstream realease 4.50 Updated local patches
avesh
avesh at fedoraproject.org
Tue Jan 3 16:04:11 UTC 2012
commit 83db43a02977e56603df6144254f19bd0eddef69
Author: Avesh Agarwal <avagarwa at redhat.com>
Date: Tue Jan 3 11:04:08 2012 -0500
New upstream realease 4.50
Updated local patches
.gitignore | 3 ++
sources | 5 ++-
stunnel-4-authpriv.patch | 44 +++++++++++++++++++++---------------------
stunnel-4-sample.patch | 47 +++++++++++++++++++++++----------------------
stunnel.spec | 29 ++++++++++++++++++++++++++-
5 files changed, 79 insertions(+), 49 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index f08c07c..29a12f4 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,3 +2,6 @@ stunnel-4.33.tar.gz
stunnel-4.33.tar.gz.asc
/stunnel-4.34.tar.gz
/stunnel-4.34.tar.gz.asc
+/stunnel-4.50.tar.gz
+/stunnel-4.50.tar.gz.asc
+/stunnel-4.50.tar.gz.sha256
diff --git a/sources b/sources
index 5dc2b91..a4ec4e0 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,3 @@
-bbd274e8364ea3ceca0ee5190e13edd1 stunnel-4.34.tar.gz
-4b6f7bf07e4574a974a9a46ab77b74cb stunnel-4.34.tar.gz.asc
+d68b4565294496a8bdf23c728a679f53 stunnel-4.50.tar.gz
+ea9e85daef0cc96ce21649901b3514f7 stunnel-4.50.tar.gz.asc
+0b901f3d914ba59f76333e70a282a993 stunnel-4.50.tar.gz.sha256
diff --git a/stunnel-4-authpriv.patch b/stunnel-4-authpriv.patch
index adaf657..2070b90 100644
--- a/stunnel-4-authpriv.patch
+++ b/stunnel-4-authpriv.patch
@@ -1,43 +1,43 @@
-diff -urNp stunnel-4.34-orig/doc/stunnel.8 stunnel-4.34/doc/stunnel.8
---- stunnel-4.34-orig/doc/stunnel.8 2010-10-04 11:28:17.197406956 -0400
-+++ stunnel-4.34/doc/stunnel.8 2010-10-04 11:29:54.500398560 -0400
-@@ -165,7 +165,7 @@ info (6), or debug (7). All logs for th
- all levels numerically less than it will be shown. Use \fBdebug = debug\fR or
- \&\fBdebug = 7\fR for greatest debugging output. The default is notice (5).
+diff -urNp stunnel-4.50/doc/stunnel.8 stunnel-4.50-patched/doc/stunnel.8
+--- stunnel-4.50/doc/stunnel.8 2011-11-28 16:04:45.000000000 -0500
++++ stunnel-4.50-patched/doc/stunnel.8 2012-01-03 10:41:22.532321571 -0500
+@@ -176,7 +176,7 @@ info (6), or debug (7). All logs for th
+ all levels numerically less than it will be shown. Use \fIdebug = debug\fR or
+ \&\fIdebug = 7\fR for greatest debugging output. The default is notice (5).
.Sp
-The syslog facility 'daemon' will be used unless a facility name is supplied.
+The syslog facility 'authpriv' will be used unless a facility name is supplied.
(Facilities are not supported on Win32.)
.Sp
Case is ignored for both facilities and levels.
-diff -urNp stunnel-4.34-orig/doc/stunnel.html stunnel-4.34/doc/stunnel.html
---- stunnel-4.34-orig/doc/stunnel.html 2010-10-04 11:28:17.198407489 -0400
-+++ stunnel-4.34/doc/stunnel.html 2010-10-04 11:30:24.549148361 -0400
-@@ -190,7 +190,7 @@ emerg (0), alert (1), crit (2), err (3),
+diff -urNp stunnel-4.50/doc/stunnel.html stunnel-4.50-patched/doc/stunnel.html
+--- stunnel-4.50/doc/stunnel.html 2011-11-28 16:04:47.000000000 -0500
++++ stunnel-4.50-patched/doc/stunnel.html 2012-01-03 10:41:22.532321571 -0500
+@@ -211,7 +211,7 @@ emerg (0), alert (1), crit (2), err (3),
info (6), or debug (7). All logs for the specified level and
- all levels numerically less than it will be shown. Use <strong>debug = debug</strong> or
- <strong>debug = 7</strong> for greatest debugging output. The default is notice (5).</p>
+ all levels numerically less than it will be shown. Use <em>debug = debug</em> or
+ <em>debug = 7</em> for greatest debugging output. The default is notice (5).</p>
-<p>The syslog facility 'daemon' will be used unless a facility name is supplied.
+<p>The syslog facility 'authpriv' will be used unless a facility name is supplied.
(Facilities are not supported on Win32.)</p>
<p>Case is ignored for both facilities and levels.</p>
</dd>
-diff -urNp stunnel-4.34-orig/doc/stunnel.pod stunnel-4.34/doc/stunnel.pod
---- stunnel-4.34-orig/doc/stunnel.pod 2010-10-04 11:28:17.197406956 -0400
-+++ stunnel-4.34/doc/stunnel.pod 2010-10-04 11:31:02.659398482 -0400
-@@ -132,7 +132,7 @@ info (6), or debug (7). All logs for th
- all levels numerically less than it will be shown. Use B<debug = debug> or
- B<debug = 7> for greatest debugging output. The default is notice (5).
+diff -urNp stunnel-4.50/doc/stunnel.pod stunnel-4.50-patched/doc/stunnel.pod
+--- stunnel-4.50/doc/stunnel.pod 2011-11-28 16:04:26.000000000 -0500
++++ stunnel-4.50-patched/doc/stunnel.pod 2012-01-03 10:41:22.533321572 -0500
+@@ -150,7 +150,7 @@ info (6), or debug (7). All logs for th
+ all levels numerically less than it will be shown. Use I<debug = debug> or
+ I<debug = 7> for greatest debugging output. The default is notice (5).
-The syslog facility 'daemon' will be used unless a facility name is supplied.
+The syslog facility 'authpriv' will be used unless a facility name is supplied.
(Facilities are not supported on Win32.)
Case is ignored for both facilities and levels.
-diff -urNp stunnel-4.34-orig/src/options.c stunnel-4.34/src/options.c
---- stunnel-4.34-orig/src/options.c 2010-10-04 11:28:17.192398749 -0400
-+++ stunnel-4.34/src/options.c 2010-10-04 11:35:34.047161189 -0400
-@@ -140,8 +140,12 @@ static char *parse_global_option(CMD cmd
+diff -urNp stunnel-4.50/src/options.c stunnel-4.50-patched/src/options.c
+--- stunnel-4.50/src/options.c 2011-11-24 05:54:49.000000000 -0500
++++ stunnel-4.50-patched/src/options.c 2012-01-03 10:41:22.535321572 -0500
+@@ -157,8 +157,12 @@ static char *parse_global_option(CMD cmd
case CMD_INIT:
new_global_options.debug_level=LOG_NOTICE;
#if !defined (USE_WIN32) && !defined (__vms)
diff --git a/stunnel-4-sample.patch b/stunnel-4-sample.patch
index 79c9bb7..aabc7cb 100644
--- a/stunnel-4-sample.patch
+++ b/stunnel-4-sample.patch
@@ -1,38 +1,39 @@
-diff -urNp stunnel-4.34-orig/tools/stunnel.conf-sample.in stunnel-4.34/tools/stunnel.conf-sample.in
---- stunnel-4.34-orig/tools/stunnel.conf-sample.in 2010-10-04 11:28:17.196407053 -0400
-+++ stunnel-4.34/tools/stunnel.conf-sample.in 2010-10-04 11:38:18.545425374 -0400
-@@ -4,15 +4,15 @@
- ; please read the manual and make sure you understand them
+diff -urNp stunnel-4.50/tools/stunnel.conf-sample.in stunnel-4.50-patched/tools/stunnel.conf-sample.in
+--- stunnel-4.50/tools/stunnel.conf-sample.in 2011-11-22 17:20:37.000000000 -0500
++++ stunnel-4.50-patched/tools/stunnel.conf-sample.in 2012-01-03 10:41:32.344325275 -0500
+@@ -9,7 +9,7 @@
- ; certificate/key is needed in server mode and optional in client mode
--cert = @prefix@/etc/stunnel/mail.pem
--;key = @prefix@/etc/stunnel/mail.pem
-+cert = @sysconfdir@/stunnel/mail.crt
-+;key = @sysconfdir@/stunnel/mail.key
-
- ; protocol version (all, SSLv2, SSLv3, TLSv1)
- sslVersion = SSLv3
-
- ; security enhancements for UNIX systems - comment them out on Win32
- ; for chroot a copy of some devices and files is needed within the jail
+ ; A copy of some devices and system files is needed within the chroot jail
+ ; Chroot conflicts with configuration file reload and many other features
-chroot = @prefix@/var/lib/stunnel/
+chroot = @localstatedir@/run/stunnel/
+ ; Chroot jail can be escaped if setuid option is not used
setuid = nobody
setgid = @DEFAULT_GROUP@
- ; PID is created inside the chroot jail
-@@ -33,12 +33,13 @@ socket = r:TCP_NODELAY=1
+@@ -26,8 +26,8 @@ pid = /stunnel.pid
+ ; **************************************************************************
+
+ ; Certificate/key is needed in server mode and optional in client mode
+-cert = @prefix@/etc/stunnel/mail.pem
+-;key = @prefix@/etc/stunnel/mail.pem
++cert = @sysconfdir@/stunnel/mail.pem
++;key = @sysconfdir@/stunnel/mail.pem
+
+ ; Authentication stuff needs to be configured to prevent MITM attacks
+ ; It is not enabled by default!
+@@ -36,12 +36,13 @@ cert = @prefix@/etc/stunnel/mail.pem
; CApath is located inside chroot jail
;CApath = /certs
- ; it's often easier to use CAfile
+ ; It's often easier to use CAfile
-;CAfile = @prefix@/etc/stunnel/certs.pem
+;CAfile = @sysconfdir@/stunnel/certs.pem
+;CAfile = @sysconfdir@/pki/tls/certs/ca-bundle.crt
- ; don't forget to c_rehash CRLpath
+ ; Don't forget to c_rehash CRLpath
; CRLpath is located inside chroot jail
;CRLpath = /crls
- ; alternatively CRLfile can be used
+ ; Alternatively CRLfile can be used
-;CRLfile = @prefix@/etc/stunnel/crls.pem
+;CRLfile = @sysconfdir@/stunnel/crls.pem
- ; debugging stuff (may useful for troubleshooting)
- ;debug = 7
+ ; Disable support for insecure SSLv2 protocol
+ options = NO_SSLv2
diff --git a/stunnel.spec b/stunnel.spec
index 07ee270..fd23640 100644
--- a/stunnel.spec
+++ b/stunnel.spec
@@ -1,7 +1,7 @@
Summary: An SSL-encrypting socket wrapper
Name: stunnel
-Version: 4.34
-Release: 2%{?dist}
+Version: 4.50
+Release: 1%{?dist}
License: GPLv2
Group: Applications/Internet
URL: http://stunnel.mirt.net/
@@ -79,6 +79,31 @@ rm -rf $RPM_BUILD_ROOT
%exclude %{_sysconfdir}/stunnel/*
%changelog
+* Tue Jan 3 2012 Avesh Agarwal <avagarwa at redhat.com> - 4.50-1
+- New upstream realease 4.50
+- Updated local patches
+
+* Tue Sep 20 2011 Avesh Agarwal <avagarwa at redhat.com> - 4.44-1
+- New upstream realease 4.44
+- Updated local patches
+
+* Fri Aug 19 2011 Avesh Agarwal <avagarwa at redhat.com> - 4.42-1
+- New upstream realease 4.42
+- Updated local patches
+- Fixes #732069 #732068
+
+* Mon Aug 1 2011 Avesh Agarwal <avagarwa at redhat.com> - 4.41-1
+- New upstream realease 4.41
+- Updated local patches to match the new release
+
+* Tue Jun 28 2011 Avesh Agarwal <avagarwa at redhat.com> - 4.37-1
+- New upstream realease 4.37
+- Updated local patches to match the new release
+
+* Mon Apr 4 2011 Avesh Agarwal <avagarwa at redhat.com> - 4.35-1
+- New upstream realease 4.35
+- Updated authpriv and sample patches to match the new release
+
* Wed Feb 09 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 4.34-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
More information about the scm-commits
mailing list