ports/80405: [update] security/stunnel to 4.10

Wed Apr 27 13:10:06 UTC 2005

>Number:         80405
>Category:       ports
>Synopsis:       [update] security/stunnel to 4.10
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Wed Apr 27 13:10:05 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator:     Vsevolod Stakhov
>Release:        FreeBSD 5.3-STABLE i386
>Organization:
>Environment:
System: FreeBSD nemezida.highsecure.ru 5.3-STABLE FreeBSD 5.3-STABLE #2: Fri Jan 28 02:15:40 MSK 2005 root at nemezida.highsecure.ru:/mnt/data/usr/obj/mnt/data/usr/src/sys/NK i386

>Description:
Stunnel can be updated to version 4.10. Among changes from 4.7 are:
4.7->4.8
    * New features
          o New -quiet option was added to install NT service without a message box.
    * Bugfixes
          o Using $(DESTDIR) in tools/Makefile.am.
          o Define NI_NUMERICHOST and NI_NUMERICSERV when needed.
          o Length of configuration file line increased from 256B to 16KB.
          o Stunnel sends close_notify when a close_notify is received from SSL peer and all remaining data is sent to SSL peer.
          o Some fixes for bugs detected by the watchdog.
    * Release notes
          o There were many changes in the transfer() function (the main loop).
          o This version should be thoroughly tested before using it in the mission-critical environment.
4.8->4.9
Bugfixes
    * Compilation problem with undeclarated socklen_t fixed.
    * TIMEOUTclose is not used when there is any data in the buffers.
    * Stunnel no longer relies on close_notify with SSL 2.0 connections, since SSL 2.0 protocol does not have any alerts defined.
    * Closing SSL socket when there is some data in SSL output buffer is detected and reported as an error.
    * Install/chmod race condition when installing default certificate fixed.
    * Stunnel no longer installs signal_handler on ignored signals.
4.9->4.10
* Bugfixes

    * Missing locking on Win32 platform was added (thx to Yi Lin <yi.lin at convergys.com>)
    * Some problems with closing SSL fixed.

* New features

    * New UCONTEXT user-level non-preemptive threads model is used on systems that support SYSV-compatible ucontext.h.
    * Improved stunnel3 script with getopt-compatible syntax.
>How-To-Repeat:
>Fix:


diff -ruN stunnel.orig/Makefile stunnel/Makefile

--- stunnel.orig/Makefile	Wed Apr 27 16:42:57 2005
+++ stunnel/Makefile	Wed Apr 27 16:52:38 2005
@@ -6,10 +6,10 @@
 #
 
 PORTNAME=	stunnel
-PORTVERSION=	4.07
+PORTVERSION=	4.10
 CATEGORIES=	security
-MASTER_SITES=	http://www.stunnel.org/download/stunnel/src/ \
-		ftp://stunnel.mirt.net/stunnel/OBSOLETE/ \
+MASTER_SITES=	ftp://stunnel.mirt.net/stunnel/ \
+		http://www.stunnel.org/download/stunnel/src/ \
 		ftp://opensores.thebunker.net/pub/mirrors/stunnel/download/stunnel/src/
 
 MAINTAINER=	roam at FreeBSD.org
diff -ruN stunnel.orig/distinfo stunnel/distinfo
--- stunnel.orig/distinfo	Wed Apr 27 16:42:57 2005
+++ stunnel/distinfo	Wed Apr 27 16:52:38 2005
@@ -1,2 +1,2 @@
-MD5 (stunnel-4.07.tar.gz) = 7d53af550a1c2e01e146b936e58b8860
-SIZE (stunnel-4.07.tar.gz) = 486230
+MD5 (stunnel-4.10.tar.gz) = 9de7a62a44083114779ca4e109d70776
+Size (stunnel-4.10.tar.gz) = 487066 
diff -ruN stunnel.orig/files/patch-Makefile.in stunnel/files/patch-Makefile.in
--- stunnel.orig/files/patch-Makefile.in	Wed Apr 27 16:42:57 2005
+++ stunnel/files/patch-Makefile.in	Thu Jan  1 03:00:00 1970
@@ -1,19 +0,0 @@
---- tools/Makefile.in.orig	Mon Dec 27 13:52:12 2004
-+++ tools/Makefile.in	Mon Dec 27 13:52:25 2004
-@@ -163,7 +163,7 @@
- 	stunnel.spec stunnel.mak stunnel.cnf
- 
- confdir = $(sysconfdir)/stunnel
--conf_DATA = stunnel.conf-sample stunnel.pem
-+conf_DATA = stunnel.conf-sample
- docdir = $(datadir)/doc/stunnel
- examplesdir = $(docdir)/examples
- examples_DATA = ca.html ca.pl importCA.html importCA.sh script.sh \
-@@ -337,7 +337,6 @@
- install-data-am: install-confDATA install-data-local \
- 	install-examplesDATA
- 	@$(NORMAL_INSTALL)
--	$(MAKE) $(AM_MAKEFLAGS) install-data-hook
- 
- install-exec-am:
- 
diff -ruN stunnel.orig/files/patch-src::network.c stunnel/files/patch-src::network.c
--- stunnel.orig/files/patch-src::network.c	Wed Apr 27 16:42:57 2005
+++ stunnel/files/patch-src::network.c	Thu Jan  1 03:00:00 1970
@@ -1,19 +0,0 @@
---- src/network.c.orig	Mon Jan  3 09:16:45 2005
-+++ src/network.c	Mon Jan  3 09:17:49 2005
-@@ -488,10 +488,13 @@
- 
- char *s_ntop(char *text, SOCKADDR_UNION *addr) {
-     char host[IPLEN-6], port[6];
-+    int err;
- 
--    if(getnameinfo(&addr->sa, addr_len(*addr),
--            host, IPLEN-6, port, 6, NI_NUMERICHOST|NI_NUMERICSERV)) {
--        sockerror("getnameinfo");
-+    err = getnameinfo(&addr->sa, addr_len(*addr),
-+            host, IPLEN-6, port, 6, NI_NUMERICHOST|NI_NUMERICSERV);
-+    if (err) {
-+        s_log(LOG_ERR, "Error resolving the specified address: %s",
-+            s_gai_strerror(err));
-         strcpy(text, "unresolvable IP");
-         return text;
-     }
diff -ruN stunnel.orig/files/ssl-noengine.patch stunnel/files/ssl-noengine.patch
--- stunnel.orig/files/ssl-noengine.patch	Wed Apr 27 16:42:57 2005
+++ stunnel/files/ssl-noengine.patch	Wed Apr 27 16:52:38 2005
@@ -1,6 +1,6 @@
---- src/ssl.c.orig	Mon Dec 27 13:47:16 2004
-+++ src/ssl.c	Mon Dec 27 13:50:36 2004
-@@ -116,6 +116,8 @@
+--- src/ssl.c.orig	Tue Feb 15 22:07:57 2005
++++ src/ssl.c	Tue Mar 29 17:48:18 2005
+@@ -122,6 +122,8 @@
  static void init_engine(void) {
      ENGINE *e;
  
>Release-Note:
>Audit-Trail:
>Unformatted:

