ports/145103: [UPDATE] security/stunnel to version 4.32
Andrei Lavreniyuk
andy.lavr at gmail.com
Sun Mar 28 10:40:02 UTC 2010
>Number: 145103
>Category: ports
>Synopsis: [UPDATE] security/stunnel to version 4.32
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Mar 28 10:40:01 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator: Andrei Lavreniyuk
>Release: FreeBSD 8.0-STABLE
>Organization:
Technica-03, Inc.
>Environment:
FreeBSD datacenter.technica-03.local 8.0-STABLE FreeBSD 8.0-STABLE #0: Thu Mar 25 12:32:37 EET 2010 root at datacenter.technica-03.local:/usr/obj/usr/src/sys/SMP64 amd64
>Description:
Version 4.32, 2010.03.25, urgency: MEDIUM:
* New features
- New service-level "libwrap" option for run-time control whether
/etc/hosts.allow and /etc/hosts.deny are used for access control.
Disabling libwrap significantly increases performance of stunnel.
- Win32 DLLs for OpenSSL 0.9.8m.
* Bugfixes
- Fixed a transfer() loop issue with SSLv2 connections.
- Fixed a "setsockopt IP_TRANSPARENT" warning with "local" option.
- Logging subsystem bugfixes and cleanup.
- Installer bugfixes for Vista and later versions of Windows.
- FIPS mode can be enabled/disabled at runtime.
Version 4.31, 2010.02.03, urgency: MEDIUM:
* New features
- Log file reopen on USR1 signal was added.
* Bugfixes
- Some regression issues introduced in 4.30 were fixed.
Version 4.30, 2010.01.21, urgency: LOW/EXPERIMENTAL:
* New features
- Graceful configuration reload with HUP signal on Unix
and with GUI on Windows.
>How-To-Repeat:
>Fix:
Patch attached with submission follows:
diff -ruN stunnel.bak/Makefile stunnel/Makefile
--- stunnel.bak/Makefile 2010-02-03 18:03:20.000000000 +0200
+++ stunnel/Makefile 2010-03-28 13:25:41.921828498 +0300
@@ -6,7 +6,7 @@
#
PORTNAME= stunnel
-PORTVERSION= 4.29
+PORTVERSION= 4.32
CATEGORIES= security
MASTER_SITES= http://www.stunnel.org/download/stunnel/src/ \
ftp://stunnel.mirt.net/stunnel/ \
diff -ruN stunnel.bak/distinfo stunnel/distinfo
--- stunnel.bak/distinfo 2010-02-03 18:03:20.000000000 +0200
+++ stunnel/distinfo 2010-03-28 13:25:57.618751093 +0300
@@ -1,6 +1,3 @@
-MD5 (stunnel-4.29.tar.gz) = 14dc3f8412947f0548975cbce74d6863
-SHA256 (stunnel-4.29.tar.gz) = 018064e852a2a125bcfb4b81baa77b5701ccf6aabe6a47564bfc046b18d11f9b
-SIZE (stunnel-4.29.tar.gz) = 544292
-MD5 (execargs.patch) = c893028f869f6d1f527373334605d639
-SHA256 (execargs.patch) = 88e682c0deee13d9768c8cbdd3e71f90dd26d92621d2e64542d5379a3939ac4c
-SIZE (execargs.patch) = 756
+MD5 (stunnel-4.32.tar.gz) = 72379c615c5a4986c7981d0941ed2e6b
+SHA256 (stunnel-4.32.tar.gz) = 2b6809de99cb18e69760b78f88da447f6071227606adab7f35db330c6f01e8bd
+SIZE (stunnel-4.32.tar.gz) = 548951
diff -ruN stunnel.bak/files/ssl-noengine.patch stunnel/files/ssl-noengine.patch
--- stunnel.bak/files/ssl-noengine.patch 2009-11-13 14:35:39.000000000 +0200
+++ stunnel/files/ssl-noengine.patch 2010-03-28 13:20:33.802239942 +0300
@@ -3,14 +3,14 @@
Author: Peter Pentchev <roam at FreeBSD.org>
Last-Update: 2009-11-13
---- src/ssl.c.orig
-+++ src/ssl.c
-@@ -276,6 +276,8 @@
+--- src/ssl.c.orig 2010-02-25 14:30:56.000000000 +0200
++++ src/ssl.c 2010-03-28 13:10:09.814652930 +0300
+@@ -288,6 +288,8 @@
}
- static void init_engine() {
+ static char *init_engine(void) {
+ s_log(LOG_ERR, "This version of stunnel was compiled WITHOUT support for OpenSSL hardware engines! If you need this functionality, rebuild the FreeBSD port with the WITH_STUNNEL_SSL_ENGINE option set to 'yes'; contact Peter Pentchev <roam at FreeBSD.org> for details.");
+ exit(1);
if(engine_initialized)
- return;
+ return NULL; /* OK */
engine_initialized=1;
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list