Attachment #102936 for bug #142773

View | Details | Raw Unified | Return to bug 142773
Collapse All | Expand All




#

PORTNAME=	stunnel
PORTVERSION=	4.29
PORTREVISION=	1
CATEGORIES=	security
MASTER_SITES=	http://www.stunnel.org/download/stunnel/src/ \
		ftp://stunnel.mirt.net/stunnel/ \
		ftp://stunnel.mirt.net/stunnel/OBSOLETE/ \
		ftp://opensores.thebunker.net/pub/mirrors/stunnel/download/stunnel/src/

PATCH_SITES=	ftp://stunnel.mirt.net/stunnel/
PATCHFILES=	execargs.patch
 
MAINTAINER=	roam@FreeBSD.org
COMMENT=	SSL encryption wrapper for standard network daemons


Lines 1-6 Link Here

(-)stunnel/distinfo (-6 / +3 lines)
1	MD5 (stunnel-4.28.tar.gz) = 5bf753a042047f40a938e82ec7ece569	1	MD5 (stunnel-4.29.tar.gz) = 14dc3f8412947f0548975cbce74d6863
2	SHA256 (stunnel-4.28.tar.gz) = 9be98fb1aa5e96e44095df267d89b776aa539e6dce90dd0d54db675e9a95cd80	2	SHA256 (stunnel-4.29.tar.gz) = 018064e852a2a125bcfb4b81baa77b5701ccf6aabe6a47564bfc046b18d11f9b
3	SIZE (stunnel-4.28.tar.gz) = 543008	3	SIZE (stunnel-4.29.tar.gz) = 544292
4	MD5 (execargs.patch) = c893028f869f6d1f527373334605d639
5	SHA256 (execargs.patch) = 88e682c0deee13d9768c8cbdd3e71f90dd26d92621d2e64542d5379a3939ac4c
6	SIZE (execargs.patch) = 756




Description: Build on older OpenSSL versions without some options.
Forwarded: https://stunnel.mirt.net/cgi-bin/bugzilla3/show_bug.cgi?id=3
Author: Michal Trojnara <Michal.Trojnara@mirt.net>
	Peter Pentchev <roam@ringlet.net>
Last-Update: 2009-11-19

--- src/options.c.orig
+++ src/options.c
@@ -1136,7 +1136,9 @@
         if(strcasecmp(opt, "sessiond"))
             break;
         section->option.sessiond=1;
+#ifdef SSL_OP_NO_TICKET
         section->ssl_options|=SSL_OP_NO_TICKET;
+#endif
         if(!name2addrlist(&section->sessiond_addr, arg, DEFAULT_LOOPBACK))
             return "Failed to resolve sessiond server address";
         return NULL; /* OK */
@@ -1704,15 +1706,23 @@
         {"TLS_D5_BUG", SSL_OP_TLS_D5_BUG},
         {"TLS_BLOCK_PADDING_BUG", SSL_OP_TLS_BLOCK_PADDING_BUG},
         {"DONT_INSERT_EMPTY_FRAGMENTS", SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS},
+#ifdef SSL_OP_NO_QUERY_MTU
         {"NO_QUERY_MTU", SSL_OP_NO_QUERY_MTU},
+#endif
+#ifdef SSL_OP_COOKIE_EXCHANGE
         {"COOKIE_EXCHANGE", SSL_OP_COOKIE_EXCHANGE},
+#endif
+#ifdef SSL_OP_NO_TICKET
         {"NO_TICKET", SSL_OP_NO_TICKET},
+#endif
         {"NO_SESSION_RESUMPTION_ON_RENEGOTIATION",
             SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION},
 #ifdef SSL_OP_NO_COMPRESSION
         {"NO_COMPRESSION", SSL_OP_NO_COMPRESSION},
 #endif
+#ifdef SSL_OP_SINGLE_ECDH_USE
         {"SINGLE_ECDH_USE", SSL_OP_SINGLE_ECDH_USE},
+#endif
         {"SINGLE_DH_USE", SSL_OP_SINGLE_DH_USE},
         {"EPHEMERAL_RSA", SSL_OP_EPHEMERAL_RSA},
         {"CIPHER_SERVER_PREFERENCE", SSL_OP_CIPHER_SERVER_PREFERENCE},

Return to bug 142773

Lines 6-22 Link Here

(-)stunnel/Makefile (-5 / +1 lines)
6	#	6	#
7		7
8	PORTNAME= stunnel	8	PORTNAME= stunnel
9	PORTVERSION= 4.28	9	PORTVERSION= 4.29
10	PORTREVISION= 1
11	CATEGORIES= security	10	CATEGORIES= security
12	MASTER_SITES= http://www.stunnel.org/download/stunnel/src/ \	11	MASTER_SITES= http://www.stunnel.org/download/stunnel/src/ \
13	ftp://stunnel.mirt.net/stunnel/ \	12	ftp://stunnel.mirt.net/stunnel/ \
14	ftp://stunnel.mirt.net/stunnel/OBSOLETE/ \	13	ftp://stunnel.mirt.net/stunnel/OBSOLETE/ \
15	ftp://opensores.thebunker.net/pub/mirrors/stunnel/download/stunnel/src/	14	ftp://opensores.thebunker.net/pub/mirrors/stunnel/download/stunnel/src/
16		15
17	PATCH_SITES= ftp://stunnel.mirt.net/stunnel/
18	PATCHFILES= execargs.patch
19
20	MAINTAINER= roam@FreeBSD.org	16	MAINTAINER= roam@FreeBSD.org
21	COMMENT= SSL encryption wrapper for standard network daemons	17	COMMENT= SSL encryption wrapper for standard network daemons
22		18

Lines 1-42 Link Here

(-)stunnel/files/patch-src::options.c (-42 lines)
1	Description: Build on older OpenSSL versions without some options.
2	Forwarded: https://stunnel.mirt.net/cgi-bin/bugzilla3/show_bug.cgi?id=3
3	Author: Michal Trojnara <Michal.Trojnara@mirt.net>
4	Peter Pentchev <roam@ringlet.net>
5	Last-Update: 2009-11-19
6
7	--- src/options.c.orig
8	+++ src/options.c
9	@@ -1136,7 +1136,9 @@
10	if(strcasecmp(opt, "sessiond"))
11	break;
12	section->option.sessiond=1;
13	+#ifdef SSL_OP_NO_TICKET
14	section->ssl_options\|=SSL_OP_NO_TICKET;
15	+#endif
16	if(!name2addrlist(&section->sessiond_addr, arg, DEFAULT_LOOPBACK))
17	return "Failed to resolve sessiond server address";
18	return NULL; /* OK */
19	@@ -1704,15 +1706,23 @@
20	{"TLS_D5_BUG", SSL_OP_TLS_D5_BUG},
21	{"TLS_BLOCK_PADDING_BUG", SSL_OP_TLS_BLOCK_PADDING_BUG},
22	{"DONT_INSERT_EMPTY_FRAGMENTS", SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS},
23	+#ifdef SSL_OP_NO_QUERY_MTU
24	{"NO_QUERY_MTU", SSL_OP_NO_QUERY_MTU},
25	+#endif
26	+#ifdef SSL_OP_COOKIE_EXCHANGE
27	{"COOKIE_EXCHANGE", SSL_OP_COOKIE_EXCHANGE},
28	+#endif
29	+#ifdef SSL_OP_NO_TICKET
30	{"NO_TICKET", SSL_OP_NO_TICKET},
31	+#endif
32	{"NO_SESSION_RESUMPTION_ON_RENEGOTIATION",
33	SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION},
34	#ifdef SSL_OP_NO_COMPRESSION
35	{"NO_COMPRESSION", SSL_OP_NO_COMPRESSION},
36	#endif
37	+#ifdef SSL_OP_SINGLE_ECDH_USE
38	{"SINGLE_ECDH_USE", SSL_OP_SINGLE_ECDH_USE},
39	+#endif
40	{"SINGLE_DH_USE", SSL_OP_SINGLE_DH_USE},
41	{"EPHEMERAL_RSA", SSL_OP_EPHEMERAL_RSA},
42	{"CIPHER_SERVER_PREFERENCE", SSL_OP_CIPHER_SERVER_PREFERENCE},