--- stunnel/Makefile	2011-01-05 21:48:43.000000000 +0900
+++ stunnel/Makefile	2011-02-10 07:35:41.000000000 +0900
@@ -6,8 +6,7 @@ 
 #
 
 PORTNAME=	stunnel
-PORTVERSION=	4.34
-PORTREVISION=	2
+PORTVERSION=	4.35
 CATEGORIES=	security
 MASTER_SITES=	http://www.stunnel.org/download/stunnel/src/ \
 		http://mirrors.zerg.biz/stunnel/%SUBDIR%/ \
--- stunnel/Makefile.orig	2009-11-20 06:19:12.000000000 +0900
+++ stunnel/Makefile.orig	1970-01-01 09:00:00.000000000 +0900
@@ -1,140 +0,0 @@ 
-# New ports collection makefile for:	stunnel
-# Date created:		Mon Jan 11 11:53:54 EET 1999
-# Whom:			Martti Kuparinen <martti.kuparinen@ericsson.com>
-#
-# $FreeBSD: ports/security/stunnel/Makefile,v 1.94 2009/11/19 11:06:25 roam Exp $
-#
-
-PORTNAME=	stunnel
-PORTVERSION=	4.28
-PORTREVISION=	1
-CATEGORIES=	security
-MASTER_SITES=	http://www.stunnel.org/download/stunnel/src/ \
-		ftp://stunnel.mirt.net/stunnel/ \
-		ftp://stunnel.mirt.net/stunnel/OBSOLETE/ \
-		ftp://opensores.thebunker.net/pub/mirrors/stunnel/download/stunnel/src/
-
-PATCH_SITES=	ftp://stunnel.mirt.net/stunnel/
-PATCHFILES=	execargs.patch
-
-MAINTAINER=	roam@FreeBSD.org
-COMMENT=	SSL encryption wrapper for standard network daemons
-
-USE_AUTOTOOLS=	libtool:22
-USE_OPENSSL=	YES
-USE_RC_SUBR=	stunnel
-
-GNU_CONFIGURE=	yes
-CONFIGURE_ARGS=	--localstatedir=/var/tmp --with-pem-dir=${PEM_DIR} \
-		--enable-static --disable-fips
-
-.if !defined(NOPORTDOCS)
-MAN8=		stunnel.8 stunnel.fr.8 stunnel.pl.8
-.endif
-
-PEM_DIR?=	${PREFIX}/etc
-
-OPTIONS=	FORK	"use the fork(3) threading model"	off \
-		PTHREAD	"use the pthread(3) threading model (default)"	on \
-		UCONTEXT	"use the ucontext(3) threading model"	off \
-		DH	"use Diffie-Hellman key negotiation" off \
-		IPV6	"enable IPv6 support" off \
-		LIBWRAP	"use TCP wrappers" on
-
-.include <bsd.port.pre.mk>
-
-.if defined(WITH_DH)
-CONFIGURE_ARGS+=	--enable-dh
-.else
-CONFIGURE_ARGS+=	--disable-dh
-.endif
-
-.if defined(WITH_IPV6)
-CONFIGURE_ARGS+=	--enable-ipv6
-.else
-CONFIGURE_ARGS+=	--disable-ipv6
-.endif
-
-.if defined(WITH_LIBWRAP)
-CONFIGURE_ARGS+=	--enable-libwrap
-LDFLAGS+=		-lwrap
-.else
-CONFIGURE_ARGS+=	--disable-libwrap
-.endif
-
-.if defined(WITH_UCONTEXT) && defined(WITH_FORK) || defined(WITH_UCONTEXT) && defined(WITH_PTHREAD) || defined(WITH_FORK) && defined(WITH_PTHREAD)
-BROKEN=	'The WITH_UCONTEXT, WITH_FORK and WITH_PTHREAD options are mutually exclusive - please specify at most one of them, the default is WITH_PTHREAD'
-.endif
-
-.if defined(WITH_UCONTEXT)
-CONFIGURE_ARGS+=--with-threads=ucontext
-CONFIGURE_ENV=	CPPFLAGS="${CPPFLAGS} ${PTHREAD_CFLAGS}" LDFLAGS="${LDFLAGS} ${PTHREAD_LIBS}"
-.elif defined(WITH_FORK)
-CONFIGURE_ARGS+=--with-threads=fork
-.else
-CONFIGURE_ARGS+=--with-threads=pthread
-CONFIGURE_ENV=	CPPFLAGS="${CPPFLAGS} ${PTHREAD_CFLAGS}" LDFLAGS="${LDFLAGS} ${PTHREAD_LIBS}"
-.endif
-
-post-patch:
-# place files under /var/tmp so that this can be run by an unprivileged
-# user stunnel and group stunnel
-	@${REINPLACE_CMD} -E -e 's|\@prefix\@/var/lib/stunnel/|/var/tmp/stunnel|; \
-		s|nobody|stunnel|;s|nogroup|stunnel|' \
-		${WRKSRC}/tools/stunnel.conf-sample.in
-	${REINPLACE_CMD} -E -e 's|\$$\(prefix\)/var/run/stunnel/stunnel.pid|$$(localstatedir)/stunnel.pid|' \
-		${WRKSRC}/src/Makefile.in
-	@${FIND} ${WRKSRC} -type f -name Makefile.in | ${XARGS} ${REINPLACE_CMD} -E -e 's,@(ACLOCAL|AUTO(MAKE|CONF|HEADER))@,/usr/bin/true,'
-.ifdef(NOPORTDOCS)
-	@${REINPLACE_CMD} -E -e 's/ install-docDATA/ /; s/^(SUBDIRS.+)doc/\1/' \
-		${WRKSRC}/Makefile.in
-	@${REINPLACE_CMD} -E -e 's/([^n])install-examplesDATA/\1/' \
-		${WRKSRC}/tools/Makefile.in
-.endif
-
-post-install:
-	@${SETENV} PKG_PREFIX=${PREFIX} ${SH} \
-		${PKGINSTALL} ${PKGNAME} POST-INSTALL
-	@${ECHO} ""
-	@${ECHO} "**************************************************************************"
-	@${ECHO} "To create and install a new certificate, type \"make cert\""
-	@${ECHO} ""
-	@${ECHO} "And don't forget to check out the FAQ at http://www.stunnel.org/"
-	@${ECHO} "**************************************************************************"
-	@${ECHO} ""
-	@${ECHO} "*********************** WARNING! WARNING! WARNING! ***********************"
-	@${ECHO} "The stunnel startup script has been converted to rc_subr"
-	@${ECHO} "format now.  You have to set at least the stunnel_enable"
-	@${ECHO} "variable, and maybe also stunnel_config and stunnel_pidfile,"
-	@${ECHO} "if you want stunnel to be started automatically at boot time!"
-	@${ECHO} "**************************************************************************"
-	@${ECHO} ""
-
-cert:
-	@${ECHO} ""
-	@${ECHO} "**************************************************************************"
-	@${ECHO} "The new certificate will be saved into ${ETCDIR}/stunnel.pem"
-	@${ECHO} "**************************************************************************"
-	@${ECHO} ""
-	@(cd ${WRKSRC}/tools/; make install-data-local)
-
-.if !defined(WITH_STUNNEL_SSL_ENGINE)
-EXTRA_PATCHES=	${FILESDIR}/ssl-noengine.patch
-pre-patch:
-	@${ECHO} "*************************************************************************"
-	@${ECHO} "Note: you have to explicitly define WITH_STUNNEL_SSL_ENGINE to activate"
-	@${ECHO} "the OpenSSL ENGINE code on FreeBSD 5.x or 6.x."
-	@${ECHO} "There are known reliability issues with stunnel and the OpenSSL ENGINE"
-	@${ECHO} "code, so you are advised not to enable it."
-	@${ECHO} "*************************************************************************"
-.else
-pre-patch:
-	@${ECHO} "*************************************************************************"
-	@${ECHO} "Note: you have defined WITH_STUNNEL_SSL_ENGINE.  Now stunnel will activate"
-	@${ECHO} "the OpenSSL ENGINE code even on FreeBSD 5.x."
-	@${ECHO} "There are known reliability issues with stunnel and the OpenSSL ENGINE"
-	@${ECHO} "code.  You have enabled it at your own risk."
-	@${ECHO} "*************************************************************************"
-.endif
-
-.include <bsd.port.post.mk>
--- stunnel/distinfo	2011-01-05 21:48:43.000000000 +0900
+++ stunnel/distinfo	2011-02-10 07:43:37.000000000 +0900
@@ -1,2 +1,2 @@ 
-SHA256 (stunnel-4.34.tar.gz) = f15ff844ad8e234c645031ea8f9c509cbcfd11467a31835f099f328dbf2b4084
-SIZE (stunnel-4.34.tar.gz) = 526336
+SHA256 (stunnel-4.35.tar.gz) = a810e220498239483e14fae24eeb2a188a6167e9118958b903f8793768c4460f
+SIZE (stunnel-4.35.tar.gz) = 541012
--- stunnel/distinfo.orig	2009-11-20 06:19:12.000000000 +0900
+++ stunnel/distinfo.orig	1970-01-01 09:00:00.000000000 +0900
@@ -1,6 +0,0 @@ 
-MD5 (stunnel-4.28.tar.gz) = 5bf753a042047f40a938e82ec7ece569
-SHA256 (stunnel-4.28.tar.gz) = 9be98fb1aa5e96e44095df267d89b776aa539e6dce90dd0d54db675e9a95cd80
-SIZE (stunnel-4.28.tar.gz) = 543008
-MD5 (execargs.patch) = c893028f869f6d1f527373334605d639
-SHA256 (execargs.patch) = 88e682c0deee13d9768c8cbdd3e71f90dd26d92621d2e64542d5379a3939ac4c
-SIZE (execargs.patch) = 756
--- stunnel/files/patch-src::client.c	2011-01-05 01:37:24.000000000 +0900
+++ stunnel/files/patch-src::client.c	1970-01-01 09:00:00.000000000 +0900
@@ -1,29 +0,0 @@ 
-Description: Allow transparent proxying using IP_BINDANY.
-Forwarded: yes
-Author: Peter Pentchev <roam@FreeBSD.org>,
-	Jason Helfman <jhelfman@experts-exchange.com>
-Last-Updated: 2011-01-04
-
---- src/client.c.orig
-+++ src/client.c
-@@ -1034,15 +1034,16 @@
- static void local_bind(CLI *c) {
-     SOCKADDR_UNION addr;
- 
--#ifdef IP_TRANSPARENT
-+#ifdef STUNNEL_TRANSPARENT
-     int on=1;
-     if(c->opt->option.transparent) {
--        if(setsockopt(c->fd, SOL_IP, IP_TRANSPARENT, &on, sizeof on))
--            sockerror("setsockopt IP_TRANSPARENT");
-+        if(setsockopt(c->fd, STUNNEL_TRANSPARENT_LEVEL,
-+	   STUNNEL_TRANSPARENT, &on, sizeof on))
-+            sockerror("setsockopt " STUNNEL_TRANSPARENT_NAME);
-         /* ignore the error to retain Linux 2.2 compatibility */
-         /* the error will be handled by bind(), anyway */
-     }
--#endif /* IP_TRANSPARENT */
-+#endif /* STUNNEL_TRANSPARENT */
- 
-     memcpy(&addr, &c->bind_addr.addr[0], sizeof addr);
-     if(ntohs(addr.in.sin_port)>=1024) { /* security check */
--- stunnel/files/patch-src::common.h	2011-01-05 21:48:43.000000000 +0900
+++ stunnel/files/patch-src::common.h	1970-01-01 09:00:00.000000000 +0900
@@ -1,34 +0,0 @@ 
-Description: Build with older OpenSSL and enable transparent binding.
-Forwarded: yes (the transparent proxying part)
-Author: Peter Pentchev <roam@FreeBSD.org>,
-	Jason Helfman <jhelfman@experts-exchange.com>
-Last-Update: 2011-01-04
-
---- src/common.h.orig
-+++ src/common.h
-@@ -337,6 +337,15 @@
- /* old kernel headers without IP_TRANSPARENT definition */
- #define IP_TRANSPARENT 19
- #endif /* IP_TRANSPARENT */
-+#define STUNNEL_TRANSPARENT IP_TRANSPARENT
-+#define STUNNEL_TRANSPARENT_NAME "IP_TRANSPARENT"
-+#define STUNNEL_TRANSPARENT_LEVEL SOL_IP
-+#else /* __linux__ */
-+#ifdef IP_BINDANY
-+#define STUNNEL_TRANSPARENT IP_BINDANY
-+#define STUNNEL_TRANSPARENT_NAME "IP_BINDANY"
-+#define STUNNEL_TRANSPARENT_LEVEL IPPROTO_IP
-+#endif
- #endif /* __linux__ */
- 
- #endif /* USE_WIN32 */
-@@ -347,9 +356,6 @@
- 
- #define OPENSSL_THREAD_DEFINES
- #include <openssl/opensslconf.h>
--#if !defined(OPENSSL_THREADS) && defined(USE_PTHREAD)
--#error OpenSSL library compiled without thread support
--#endif /* !OPENSSL_THREADS && USE_PTHREAD */
- 
- #include <openssl/lhash.h>
- #include <openssl/ssl.h>