Bug 142773

Summary: update security/stunnel
Product: Ports & Packages Reporter: TsurutaniNaoki
Component: Individual Port(s)Assignee: Philip M. Gollucci <pgollucci>
Status: Closed FIXED    
Severity: Affects Only Me CC: TsurutaniNaoki
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
file.diff none

Description TsurutaniNaoki 2010-01-13 08:30:00 UTC 
	stunnel 4.29 is now available.

Fix: here is a patch to the ports tree:
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2010-01-13 08:30:13 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->roam

Over to maintainer (via the GNATS Auto Assign Tool)
Comment 2 Peter Pentchev freebsd_committer freebsd_triage 2010-01-18 09:39:00 UTC 
State Changed
From-To: open->analyzed

Yep, I've been looking at that version for some time, and checking out 
the new sessiond code.
Comment 3 TsurutaniNaoki 2010-01-22 03:04:11 UTC 
Hi,

stunnel-4.30 is released.

here is a patch:

diff -urN stunnel/Makefile.orig stunnel/Makefile
--- stunnel/Makefile.orig	2009-11-20 06:19:12.000000000 +0900
+++ stunnel/Makefile	2010-01-22 11:54:21.000000000 +0900
@@ -6,16 +6,15 @@
 #
 
 PORTNAME=	stunnel
-PORTVERSION=	4.28
-PORTREVISION=	1
+PORTVERSION=	4.30
 CATEGORIES=	security
 MASTER_SITES=	http://www.stunnel.org/download/stunnel/src/ \
 		ftp://stunnel.mirt.net/stunnel/ \
 		ftp://stunnel.mirt.net/stunnel/OBSOLETE/ \
 		ftp://opensores.thebunker.net/pub/mirrors/stunnel/download/stunnel/src/
 
-PATCH_SITES=	ftp://stunnel.mirt.net/stunnel/
-PATCHFILES=	execargs.patch
+#PATCH_SITES=	ftp://stunnel.mirt.net/stunnel/
+#PATCHFILES=	execargs.patch
 
 MAINTAINER=	roam@FreeBSD.org
 COMMENT=	SSL encryption wrapper for standard network daemons
diff -urN stunnel/distinfo.orig stunnel/distinfo
--- stunnel/distinfo.orig	2009-11-20 06:19:12.000000000 +0900
+++ stunnel/distinfo	2010-01-22 10:05:14.000000000 +0900
@@ -1,6 +1,6 @@
-MD5 (stunnel-4.28.tar.gz) = 5bf753a042047f40a938e82ec7ece569
-SHA256 (stunnel-4.28.tar.gz) = 
9be98fb1aa5e96e44095df267d89b776aa539e6dce90dd0d54db675e9a95cd80
-SIZE (stunnel-4.28.tar.gz) = 543008
+MD5 (stunnel-4.30.tar.gz) = 3b171b8d3ac24a45c06cd280fe649bce
+SHA256 (stunnel-4.30.tar.gz) = 
169ddeabb009a8a2fc3fcceb098733cfca49b1f42de64026eadc6c2bda730391
+SIZE (stunnel-4.30.tar.gz) = 545833
 MD5 (execargs.patch) = c893028f869f6d1f527373334605d639
 SHA256 (execargs.patch) = 88e682c0deee13d9768c8cbdd3e71f90dd26d92621d2e64542d5379a3939ac4c
 SIZE (execargs.patch) = 756
diff -urN stunnel/files/patch-src::options.c.orig stunnel/files/patch-src::options.c
--- stunnel/files/patch-src::options.c.orig	2009-11-19 20:06:25.000000000 +0900
+++ stunnel/files/patch-src::options.c	1970-01-01 09:00:00.000000000 +0900
@@ -1,42 +0,0 @@
-Description: Build on older OpenSSL versions without some options.
-Forwarded: https://stunnel.mirt.net/cgi-bin/bugzilla3/show_bug.cgi?id=3
-Author: Michal Trojnara <Michal.Trojnara@mirt.net>
-	Peter Pentchev <roam@ringlet.net>
-Last-Update: 2009-11-19
-
---- src/options.c.orig
-+++ src/options.c
-@@ -1136,7 +1136,9 @@
-         if(strcasecmp(opt, "sessiond"))
-             break;
-         section->option.sessiond=1;
-+#ifdef SSL_OP_NO_TICKET
-         section->ssl_options|=SSL_OP_NO_TICKET;
-+#endif
-         if(!name2addrlist(&section->sessiond_addr, arg, DEFAULT_LOOPBACK))
-             return "Failed to resolve sessiond server address";
-         return NULL; /* OK */
-@@ -1704,15 +1706,23 @@
-         {"TLS_D5_BUG", SSL_OP_TLS_D5_BUG},
-         {"TLS_BLOCK_PADDING_BUG", SSL_OP_TLS_BLOCK_PADDING_BUG},
-         {"DONT_INSERT_EMPTY_FRAGMENTS", SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS},
-+#ifdef SSL_OP_NO_QUERY_MTU
-         {"NO_QUERY_MTU", SSL_OP_NO_QUERY_MTU},
-+#endif
-+#ifdef SSL_OP_COOKIE_EXCHANGE
-         {"COOKIE_EXCHANGE", SSL_OP_COOKIE_EXCHANGE},
-+#endif
-+#ifdef SSL_OP_NO_TICKET
-         {"NO_TICKET", SSL_OP_NO_TICKET},
-+#endif
-         {"NO_SESSION_RESUMPTION_ON_RENEGOTIATION",
-             SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION},
- #ifdef SSL_OP_NO_COMPRESSION
-         {"NO_COMPRESSION", SSL_OP_NO_COMPRESSION},
- #endif
-+#ifdef SSL_OP_SINGLE_ECDH_USE
-         {"SINGLE_ECDH_USE", SSL_OP_SINGLE_ECDH_USE},
-+#endif
-         {"SINGLE_DH_USE", SSL_OP_SINGLE_DH_USE},
-         {"EPHEMERAL_RSA", SSL_OP_EPHEMERAL_RSA},
-         {"CIPHER_SERVER_PREFERENCE", SSL_OP_CIPHER_SERVER_PREFERENCE},
diff -urN stunnel/files/ssl-noengine.patch.orig stunnel/files/ssl-noengine.patch
--- stunnel/files/ssl-noengine.patch.orig	2009-11-20 06:19:12.000000000 +0900
+++ stunnel/files/ssl-noengine.patch	2010-01-22 10:03:23.000000000 +0900
@@ -5,12 +5,12 @@
 
 --- src/ssl.c.orig
 +++ src/ssl.c
-@@ -276,6 +276,8 @@
+@@ -279,6 +279,8 @@
  }
  
- static void init_engine() {
+ static char *init_engine(void) {
 +    s_log(LOG_ERR, "This version of stunnel was compiled WITHOUT support for OpenSSL 
hardware engines!  If you need this functionality, rebuild the FreeBSD port with the 
WITH_STUNNEL_SSL_ENGINE option set to 'yes'; contact Peter Pentchev <roam@FreeBSD.org> for 
details.");
 +    exit(1);
      if(engine_initialized)
-         return;
+         return NULL; /* OK */
      engine_initialized=1;
Comment 4 dfilter service freebsd_committer freebsd_triage 2010-02-03 09:33:33 UTC 
roam        2010-02-03 09:33:25 UTC

  FreeBSD ports repository

  Modified files:
    security/stunnel     Makefile distinfo 
    security/stunnel/files patch-src::common.h 
  Removed files:
    security/stunnel/files patch-src::options.c 
  Log:
  Update to stunnel-4.29.  I'm holding off on the 4.30 update for
  a couple of days until the chroot/SIGHUP/pid file problem discussed
  on the stunnel-users mailing list is sorted out upstream.
  
  PR:             142773
  Reported by:    Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
  
  Revision  Changes    Path
  1.95      +1 -5      ports/security/stunnel/Makefile
  1.53      +3 -3      ports/security/stunnel/distinfo
  1.5       +2 -2      ports/security/stunnel/files/patch-src::common.h
  1.2       +0 -42     ports/security/stunnel/files/patch-src::options.c (dead)
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 5 Peter Pentchev 2010-02-03 09:37:25 UTC 
On Fri, Jan 22, 2010 at 12:04:11PM +0900, Tsurutani Naoki wrote:
> Hi,
> 
> stunnel-4.30 is released.


Yep, I know.  I just updated the port to 4.29; I'm holding off a bit
on the 4.30 update because of the chroot/SIGHUP/pid file issue that
has been discussed on the stunnel-users mailing list for the last
several days.  If there is a resolution in time for the ports freeze,
I'll commit the 4.30 update with a suitable patch; otherwise, I guess
I just might ask for a freeze exception later.

Thanks for your time and your work on this :)

G'luck,
Peter

-- 
Peter Pentchev	roam@ringlet.net    roam@space.bg    roam@FreeBSD.org
PGP key:	http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint	2EE7 A7A5 17FC 124C F115  C354 651E EFB0 2527 DF13
If the meanings of 'true' and 'false' were switched, then this sentence wouldn't be false.
Comment 6 Philip M. Gollucci freebsd_committer freebsd_triage 2010-09-02 06:33:59 UTC 
State Changed
From-To: analyzed->closed

port now at 4.33
Comment 7 Philip M. Gollucci freebsd_committer freebsd_triage 2010-09-02 06:33:59 UTC 
Responsible Changed
From-To: roam->pgollucci

port now at 4.33