summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLance Albertson <ramereth@gentoo.org>2012-05-13 21:13:57 +0000
committerLance Albertson <ramereth@gentoo.org>2012-05-13 21:13:57 +0000
commit7626e517700db6e38e29c3b7003d1da0de2b7c02 (patch)
tree26531ac6f41555c837d90ec3845556c7d4a71cbf /net-misc/stunnel
parentSimplify init script to use start-stop-daemon; fixes #379673 (diff)
downloadgentoo-2-7626e517700db6e38e29c3b7003d1da0de2b7c02.tar.gz
gentoo-2-7626e517700db6e38e29c3b7003d1da0de2b7c02.tar.bz2
gentoo-2-7626e517700db6e38e29c3b7003d1da0de2b7c02.zip
Ebuild cleanup; fixes #373713
(Portage version: 2.1.10.49/cvs/Linux x86_64)
Diffstat (limited to 'net-misc/stunnel')
-rw-r--r--net-misc/stunnel/ChangeLog11
-rw-r--r--net-misc/stunnel/files/stunnel-4.21-libwrap.patch10
-rw-r--r--net-misc/stunnel/files/stunnel-4.31-x-forwarded-for.patch247
-rw-r--r--net-misc/stunnel/files/stunnel-4.34-listen-queue.diff55
-rw-r--r--net-misc/stunnel/files/stunnel-4.35-libwrap.patch10
-rw-r--r--net-misc/stunnel/files/stunnel-4.35-xforwarded-for.diff248
-rw-r--r--net-misc/stunnel/files/stunnel-4.36-listen-queue.diff51
-rw-r--r--net-misc/stunnel/files/stunnel-4.36-xforwarded-for.diff249
-rw-r--r--net-misc/stunnel/stunnel-4.25.ebuild81
-rw-r--r--net-misc/stunnel/stunnel-4.33.ebuild75
-rw-r--r--net-misc/stunnel/stunnel-4.35.ebuild76
-rw-r--r--net-misc/stunnel/stunnel-4.36.ebuild75
12 files changed, 10 insertions, 1178 deletions
diff --git a/net-misc/stunnel/ChangeLog b/net-misc/stunnel/ChangeLog
index 8c1b590f16a9..2d3d7b793fd2 100644
--- a/net-misc/stunnel/ChangeLog
+++ b/net-misc/stunnel/ChangeLog
@@ -1,6 +1,15 @@
# ChangeLog for net-misc/stunnel
# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/ChangeLog,v 1.129 2012/05/13 21:08:13 ramereth Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/ChangeLog,v 1.130 2012/05/13 21:13:57 ramereth Exp $
+
+ 13 May 2012; Lance Albertson <ramereth@gentoo.org>
+ -files/stunnel-4.21-libwrap.patch, -stunnel-4.25.ebuild,
+ -files/stunnel-4.31-x-forwarded-for.patch, -stunnel-4.33.ebuild,
+ -files/stunnel-4.34-listen-queue.diff, -stunnel-4.35.ebuild,
+ -files/stunnel-4.35-libwrap.patch, -files/stunnel-4.35-xforwarded-for.diff,
+ -stunnel-4.36.ebuild, -files/stunnel-4.36-listen-queue.diff,
+ -files/stunnel-4.36-xforwarded-for.diff:
+ Ebuild cleanup; fixes #373713
*stunnel-4.44-r1 (13 May 2012)
diff --git a/net-misc/stunnel/files/stunnel-4.21-libwrap.patch b/net-misc/stunnel/files/stunnel-4.21-libwrap.patch
deleted file mode 100644
index c64f8e6cf698..000000000000
--- a/net-misc/stunnel/files/stunnel-4.21-libwrap.patch
+++ /dev/null
@@ -1,10 +0,0 @@
---- stunnel-4.21/configure.ac 2007-08-09 00:43:10.000000000 +0200
-+++ stunnel-4.21.new/configure.ac 2007-11-02 16:16:11.000000000 +0100
-@@ -343,6 +343,7 @@
- case "$enableval" in
- yes) AC_MSG_RESULT([no])
- AC_DEFINE(HAVE_LIBWRAP)
-+ LIBS="$LIBS -lwrap"
- ;;
- no) AC_MSG_RESULT([yes])
- ;;
diff --git a/net-misc/stunnel/files/stunnel-4.31-x-forwarded-for.patch b/net-misc/stunnel/files/stunnel-4.31-x-forwarded-for.patch
deleted file mode 100644
index 5e45e62b4f1f..000000000000
--- a/net-misc/stunnel/files/stunnel-4.31-x-forwarded-for.patch
+++ /dev/null
@@ -1,247 +0,0 @@
-diff -urN stunnel-4.31/doc/stunnel.8 stunnel-4.31-xforwardfor/doc/stunnel.8
---- stunnel-4.31/doc/stunnel.8 2010-02-03 13:46:46 +0100
-+++ stunnel-4.31-xforwardfor/doc/stunnel.8 2010-03-08 17:58:16 +0100
-@@ -500,6 +500,10 @@
- .IP "\fBtransparent\fR = yes | no (Unix only)" 4
- .IX Item "transparent = yes | no (Unix only)"
- transparent proxy mode
-+.IP "\fBxforwardedfor\fR = yes | no" 4
-+.IX Item "xforwardedfor = yes | no"
-+append an 'X-Forwarded-For:' HTTP request header providing the
-+client's IP address to the server.
- .Sp
- Re-write address to appear as if wrapped daemon is connecting
- from the \s-1SSL\s0 client machine instead of the machine running \fBstunnel\fR.
-diff -urN stunnel-4.31/doc/stunnel.fr.8 stunnel-4.31-xforwardfor/doc/stunnel.fr.8
---- stunnel-4.31/doc/stunnel.fr.8 2007-09-23 17:31:24 +0200
-+++ stunnel-4.31-xforwardfor/doc/stunnel.fr.8 2010-03-08 18:00:52 +0100
-@@ -460,6 +460,10 @@
- .IP "\fBtransparent\fR = yes | no (Unix seulement)" 4
- .IX Item "transparent = yes | no (Unix seulement)"
- Mode mandataire transparent
-+.IP "\fBxforwardedfor\fR = yes | no" 4
-+.IX Item "xforwardedfor = yes | no"
-+Ajoute un en-tête 'X-Forwarded-For:' dans la requête HTTP fournissant
-+au serveur l'adresse IP du client.
- .Sp
- Ré\-écrit les adresses pour qu'elles apparaissent provenir de la
- machine client \s-1SSL\s0 plutôt que de celle qui exécute \fBstunnel\fR.
-diff -urN stunnel-4.31/src/client.c stunnel-4.31-xforwardfor/src/client.c
---- stunnel-4.31/src/client.c 2010-01-29 11:42:16 +0100
-+++ stunnel-4.31-xforwardfor/src/client.c 2010-03-08 17:58:16 +0100
-@@ -88,6 +88,12 @@
- return NULL;
- }
- c->opt=opt;
-+ /* some options need space to add some information */
-+ if (c->opt->option.xforwardedfor)
-+ c->buffsize = BUFFSIZE - BUFF_RESERVED;
-+ else
-+ c->buffsize = BUFFSIZE;
-+ c->crlf_seen=0;
- c->local_rfd.fd=rfd;
- c->local_wfd.fd=wfd;
- return c;
-@@ -377,6 +383,28 @@
- print_cipher(c);
- }
- }
-+
-+/* Moves all data from the buffer <buffer> between positions <start> and <stop>
-+ * to insert <string> of length <len>. <start> and <stop> are updated to their
-+ * new respective values, and the number of characters inserted is returned.
-+ * If <len> is too long, nothing is done and -1 is returned.
-+ * Note that neither <string> nor <buffer> can be NULL.
-+ */
-+static int buffer_insert_with_len(char *buffer, int *start, int *stop, int limit, char *string, int len) {
-+ if (len > limit - *stop)
-+ return -1;
-+ if (*start > *stop)
-+ return -1;
-+ memmove(buffer + *start + len, buffer + *start, *stop - *start);
-+ memcpy(buffer + *start, string, len);
-+ *start += len;
-+ *stop += len;
-+ return len;
-+}
-+
-+static int buffer_insert(char *buffer, int *start, int *stop, int limit, char *string) {
-+ return buffer_insert_with_len(buffer, start, stop, limit, string, strlen(string));
-+}
-
- /****************************** some defines for transfer() */
- /* is socket/SSL open for read/write? */
-@@ -412,13 +440,13 @@
- check_SSL_pending=0;
-
- SSL_read_wants_read=
-- ssl_rd && c->ssl_ptr<BUFFSIZE && !SSL_read_wants_write;
-+ ssl_rd && c->ssl_ptr<c->buffsize && !SSL_read_wants_write;
- SSL_write_wants_write=
- ssl_wr && c->sock_ptr && !SSL_write_wants_read;
-
- /****************************** setup c->fds structure */
- s_poll_init(&c->fds); /* initialize the structure */
-- if(sock_rd && c->sock_ptr<BUFFSIZE)
-+ if(sock_rd && c->sock_ptr<c->buffsize)
- s_poll_add(&c->fds, c->sock_rfd->fd, 1, 0);
- if(SSL_read_wants_read ||
- SSL_write_wants_read ||
-@@ -517,7 +545,7 @@
- break;
- default:
- memmove(c->ssl_buff, c->ssl_buff+num, c->ssl_ptr-num);
-- if(c->ssl_ptr==BUFFSIZE) /* buffer was previously full */
-+ if(c->ssl_ptr>=c->buffsize) /* buffer was previously full */
- check_SSL_pending=1; /* check for data buffered by SSL */
- c->ssl_ptr-=num;
- c->sock_bytes+=num;
-@@ -577,7 +605,7 @@
- /****************************** read from socket */
- if(sock_rd && sock_can_rd) {
- num=readsocket(c->sock_rfd->fd,
-- c->sock_buff+c->sock_ptr, BUFFSIZE-c->sock_ptr);
-+ c->sock_buff+c->sock_ptr, c->buffsize-c->sock_ptr);
- switch(num) {
- case -1:
- parse_socket_error(c, "readsocket");
-@@ -597,10 +625,71 @@
- (SSL_read_wants_write && ssl_can_wr) ||
- (check_SSL_pending && SSL_pending(c->ssl))) {
- SSL_read_wants_write=0;
-- num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, BUFFSIZE-c->ssl_ptr);
-+ num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, c->buffsize-c->ssl_ptr);
- switch(err=SSL_get_error(c->ssl, num)) {
- case SSL_ERROR_NONE:
-- c->ssl_ptr+=num;
-+ if (c->buffsize != BUFFSIZE && c->opt->option.xforwardedfor) { /* some work left to do */
-+ int last = c->ssl_ptr;
-+ c->ssl_ptr += num;
-+
-+ /* Look for end of HTTP headers between last and ssl_ptr.
-+ * To achieve this reliably, we have to count the number of
-+ * successive [CR]LF and to memorize it in case it's spread
-+ * over multiple segments. --WT.
-+ */
-+ while (last < c->ssl_ptr) {
-+ if (c->ssl_buff[last] == '\n') {
-+ if (++c->crlf_seen == 2)
-+ break;
-+ } else if (last < c->ssl_ptr - 1 &&
-+ c->ssl_buff[last] == '\r' &&
-+ c->ssl_buff[last+1] == '\n') {
-+ if (++c->crlf_seen == 2)
-+ break;
-+ last++;
-+ } else if (c->ssl_buff[last] != '\r')
-+ /* don't refuse '\r' because we may get a '\n' on next read */
-+ c->crlf_seen = 0;
-+ last++;
-+ }
-+ if (c->crlf_seen >= 2) {
-+ /* We have all the HTTP headers now. We don't need to
-+ * reserve any space anymore. <ssl_ptr> points to the
-+ * first byte of unread data, and <last> points to the
-+ * exact location where we want to insert our headers,
-+ * which is right before the empty line.
-+ */
-+ c->buffsize = BUFFSIZE;
-+
-+ if (c->opt->option.xforwardedfor) {
-+ /* X-Forwarded-For: xxxx \r\n\0 */
-+ char xforw[17 + IPLEN + 3];
-+
-+ /* We will insert our X-Forwarded-For: header here.
-+ * We need to write the IP address, but if we use
-+ * sprintf, it will pad with the terminating 0.
-+ * So we will pass via a temporary buffer allocated
-+ * on the stack.
-+ */
-+ memcpy(xforw, "X-Forwarded-For: ", 17);
-+ if (getnameinfo(&c->peer_addr.addr[0].sa,
-+ addr_len(c->peer_addr.addr[0]),
-+ xforw + 17, IPLEN, NULL, 0,
-+ NI_NUMERICHOST) == 0) {
-+ strcat(xforw + 17, "\r\n");
-+ buffer_insert(c->ssl_buff, &last, &c->ssl_ptr,
-+ c->buffsize, xforw);
-+ }
-+ /* last still points to the \r\n and ssl_ptr to the
-+ * end of the buffer, so we may add as many headers
-+ * as wee need to.
-+ */
-+ }
-+ }
-+ }
-+ else
-+ c->ssl_ptr+=num;
-+
- watchdog=0; /* reset watchdog */
- break;
- case SSL_ERROR_WANT_WRITE:
-diff -urN stunnel-4.31/src/common.h stunnel-4.31-xforwardfor/src/common.h
---- stunnel-4.31/src/common.h 2010-01-29 11:38:20 +0100
-+++ stunnel-4.31-xforwardfor/src/common.h 2010-03-08 17:58:53 +0100
-@@ -53,6 +53,9 @@
- /* I/O buffer size */
- #define BUFFSIZE 16384
-
-+/* maximum space reserved for header insertion in BUFFSIZE */
-+#define BUFF_RESERVED 1024
-+
- /* length of strings (including the terminating '\0' character) */
- /* it can't be lower than 256 bytes or NTLM authentication will break */
- #define STRLEN 256
-diff -urN stunnel-4.31/src/options.c stunnel-4.31-xforwardfor/src/options.c
---- stunnel-4.31/src/options.c 2010-01-29 11:43:23 +0100
-+++ stunnel-4.31-xforwardfor/src/options.c 2010-03-08 17:58:16 +0100
-@@ -792,6 +792,29 @@
- }
- #endif
-
-+ /* xforwardedfor */
-+ switch(cmd) {
-+ case CMD_INIT:
-+ section->option.xforwardedfor=0;
-+ break;
-+ case CMD_EXEC:
-+ if(strcasecmp(opt, "xforwardedfor"))
-+ break;
-+ if(!strcasecmp(arg, "yes"))
-+ section->option.xforwardedfor=1;
-+ else if(!strcasecmp(arg, "no"))
-+ section->option.xforwardedfor=0;
-+ else
-+ return "argument should be either 'yes' or 'no'";
-+ return NULL; /* OK */
-+ case CMD_DEFAULT:
-+ break;
-+ case CMD_HELP:
-+ s_log(LOG_NOTICE, "%-15s = yes|no append an HTTP X-Forwarded-For header",
-+ "xforwardedfor");
-+ break;
-+ }
-+
- /* exec */
- #ifndef USE_WIN32
- switch(cmd) {
-diff -urN stunnel-4.31/src/prototypes.h stunnel-4.31-xforwardfor/src/prototypes.h
---- stunnel-4.31/src/prototypes.h 2010-01-29 11:36:17 +0100
-+++ stunnel-4.31-xforwardfor/src/prototypes.h 2010-03-08 17:59:23 +0100
-@@ -166,6 +166,7 @@
- unsigned int cert:1;
- unsigned int client:1;
- unsigned int delayed_lookup:1;
-+ unsigned int xforwardedfor:1;
- unsigned int accept:1;
- unsigned int remote:1;
- unsigned int retry:1; /* loop remote+program */
-@@ -337,6 +338,8 @@
- FD *ssl_rfd, *ssl_wfd; /* read and write SSL descriptors */
- int sock_bytes, ssl_bytes; /* bytes written to socket and ssl */
- s_poll_set fds; /* file descriptors */
-+ int buffsize; /* current buffer size, may be lower than BUFFSIZE */
-+ int crlf_seen; /* the number of successive CRLF seen */
- } CLI;
-
- extern int max_fds, max_clients;
diff --git a/net-misc/stunnel/files/stunnel-4.34-listen-queue.diff b/net-misc/stunnel/files/stunnel-4.34-listen-queue.diff
deleted file mode 100644
index 8b826ddb56f4..000000000000
--- a/net-misc/stunnel/files/stunnel-4.34-listen-queue.diff
+++ /dev/null
@@ -1,55 +0,0 @@
-Patch by Thomas Franco, rediffed for 4.34.
-
-diff -ru stunnel-4.34/src/options.c stunnel-4.34-listen-queue/src/options.c
---- stunnel-4.34/src/options.c 2010-09-14 17:09:36.000000000 +0200
-+++ stunnel-4.34-listen-queue/src/options.c 2010-12-06 22:14:15.610223090 +0100
-@@ -1473,6 +1473,24 @@
- break;
- }
-
-+ /* listenqueue */
-+ switch(cmd) {
-+ case CMD_INIT:
-+ section->listenqueue=SOMAXCONN;
-+ break;
-+ case CMD_EXEC:
-+ if(strcasecmp(opt, "listenqueue"))
-+ break;
-+ section->listenqueue=atoi(arg);
-+ return (section->listenqueue?NULL:"Bad verify level");
-+ case CMD_DEFAULT:
-+ s_log(LOG_NOTICE, "%-15s = %d", "listenqueue", SOMAXCONN);
-+ break;
-+ case CMD_HELP:
-+ s_log(LOG_NOTICE, "%-15s = defines the maximum length the queue of pending connections may grow to", "listenqueue");
-+ break;
-+ }
-+
- if(cmd==CMD_EXEC)
- return option_not_found;
- return NULL; /* OK */
-diff -ru stunnel-4.34/src/prototypes.h stunnel-4.34-listen-queue/src/prototypes.h
---- stunnel-4.34/src/prototypes.h 2010-09-14 17:09:50.000000000 +0200
-+++ stunnel-4.34-listen-queue/src/prototypes.h 2010-12-06 22:06:39.217327586 +0100
-@@ -158,6 +158,7 @@
- int timeout_close; /* maximum close_notify time */
- int timeout_connect; /* maximum connect() time */
- int timeout_idle; /* maximum idle connection time */
-+ int listenqueue; /* Listen baklog */
- enum {FAILOVER_RR, FAILOVER_PRIO} failover; /* failover strategy */
-
- /* protocol name for protocol.c */
-Seulement dans stunnel-4.34-listen-queue/src: prototypes.h~
-diff -ru stunnel-4.34/src/stunnel.c stunnel-4.34-listen-queue/src/stunnel.c
---- stunnel-4.34/src/stunnel.c 2010-08-20 11:01:35.000000000 +0200
-+++ stunnel-4.34-listen-queue/src/stunnel.c 2010-12-06 22:05:54.732885327 +0100
-@@ -204,7 +204,7 @@
- }
- s_log(LOG_DEBUG, "Service %s bound to %s",
- opt->servname, opt->local_address);
-- if(listen(opt->fd, 5)) {
-+ if(listen(opt->fd, opt->listenqueue)) {
- sockerror("listen");
- return 0;
- }
-Seulement dans stunnel-4.34-listen-queue/src: stunnel.c~
diff --git a/net-misc/stunnel/files/stunnel-4.35-libwrap.patch b/net-misc/stunnel/files/stunnel-4.35-libwrap.patch
deleted file mode 100644
index 2a0ef0442556..000000000000
--- a/net-misc/stunnel/files/stunnel-4.35-libwrap.patch
+++ /dev/null
@@ -1,10 +0,0 @@
---- stunnel-4.35/configure.ac 2011-02-07 16:28:03.000000000 +0100
-+++ stunnel-4.35/configure.ac 2011-02-07 16:31:23.000000000 +0100
-@@ -357,6 +357,7 @@
- case "$enableval" in
- yes) AC_MSG_RESULT([no])
- AC_DEFINE(HAVE_LIBWRAP)
-+ LIBS="$LIBS -lwrap"
- ;;
- no) AC_MSG_RESULT([yes])
- ;;
diff --git a/net-misc/stunnel/files/stunnel-4.35-xforwarded-for.diff b/net-misc/stunnel/files/stunnel-4.35-xforwarded-for.diff
deleted file mode 100644
index d97c5eb90f8a..000000000000
--- a/net-misc/stunnel/files/stunnel-4.35-xforwarded-for.diff
+++ /dev/null
@@ -1,248 +0,0 @@
---- stunnel-4.35/doc/stunnel.fr.8.ori 2011-02-07 17:21:07.000000000 +0100
-+++ stunnel-4.35-xforwarded-for/doc/stunnel.fr.8 2011-02-07 17:21:31.000000000 +0100
-@@ -394,6 +394,10 @@
- .IP "\fBTIMEOUTidle\fR = secondes" 4
- .IX Item "TIMEOUTidle = secondes"
- Durée d'attente sur une connexion inactive
-+.IP "\fBxforwardedfor\fR = yes | no" 4
-+.IX Item "xforwardedfor = yes | no"
-+Ajoute un en-tête 'X-Forwarded-For:' dans la requête HTTP fournissant
-+au serveur l'adresse IP du client.
- .IP "\fBtransparent\fR = yes | no (Unix seulement)" 4
- .IX Item "transparent = yes | no (Unix seulement)"
- Mode mandataire transparent
-diff -ru stunnel-4.35/doc/stunnel.8 stunnel-4.35-xforwarded-for/doc/stunnel.8
---- stunnel-4.35/doc/stunnel.8 2010-09-15 09:11:21.000000000 +0200
-+++ stunnel-4.35-xforwarded-for/doc/stunnel.8 2010-12-06 21:56:08.770829792 +0100
-@@ -527,6 +527,10 @@
- .IP "\fBTIMEOUTidle\fR = seconds" 4
- .IX Item "TIMEOUTidle = seconds"
- time to keep an idle connection
-+.IP "\fBxforwardedfor\fR = yes | no" 4
-+.IX Item "xforwardedfor = yes | no"
-+append an 'X-Forwarded-For:' HTTP request header providing the
-+client's IP address to the server.
- .IP "\fBtransparent\fR = none | source | destination | both (Unix only)" 4
- .IX Item "transparent = none | source | destination | both (Unix only)"
- enable transparent proxy support on selected platforms
-diff -ru stunnel-4.35/src/client.c stunnel-4.35-xforwarded-for/src/client.c
---- stunnel-4.35/src/client.c 2010-09-14 17:03:43.000000000 +0200
-+++ stunnel-4.35-xforwarded-for/src/client.c 2010-12-06 21:56:08.770829792 +0100
-@@ -84,6 +84,12 @@
- return NULL;
- }
- c->opt=opt;
-+ /* some options need space to add some information */
-+ if (c->opt->option.xforwardedfor)
-+ c->buffsize = BUFFSIZE - BUFF_RESERVED;
-+ else
-+ c->buffsize = BUFFSIZE;
-+ c->crlf_seen=0;
- c->local_rfd.fd=rfd;
- c->local_wfd.fd=wfd;
- return c;
-@@ -372,6 +378,28 @@
- }
- }
-
-+/* Moves all data from the buffer <buffer> between positions <start> and <stop>
-+ * to insert <string> of length <len>. <start> and <stop> are updated to their
-+ * new respective values, and the number of characters inserted is returned.
-+ * If <len> is too long, nothing is done and -1 is returned.
-+ * Note that neither <string> nor <buffer> can be NULL.
-+ */
-+static int buffer_insert_with_len(char *buffer, int *start, int *stop, int limit, char *string, int len) {
-+ if (len > limit - *stop)
-+ return -1;
-+ if (*start > *stop)
-+ return -1;
-+ memmove(buffer + *start + len, buffer + *start, *stop - *start);
-+ memcpy(buffer + *start, string, len);
-+ *start += len;
-+ *stop += len;
-+ return len;
-+}
-+
-+static int buffer_insert(char *buffer, int *start, int *stop, int limit, char *string) {
-+ return buffer_insert_with_len(buffer, start, stop, limit, string, strlen(string));
-+}
-+
- /****************************** transfer data */
- static void transfer(CLI *c) {
- int watchdog=0; /* a counter to detect an infinite loop */
-@@ -390,7 +418,7 @@
- do { /* main loop of client data transfer */
- /****************************** initialize *_wants_* */
- read_wants_read=
-- ssl_open_rd && c->ssl_ptr<BUFFSIZE && !read_wants_write;
-+ ssl_open_rd && c->ssl_ptr<c->buffsize && !read_wants_write;
- write_wants_write=
- ssl_open_wr && c->sock_ptr && !write_wants_read;
-
-@@ -399,7 +427,7 @@
- /* for plain socket open data strem = open file descriptor */
- /* make sure to add each open socket to receive exceptions! */
- if(sock_open_rd)
-- s_poll_add(&c->fds, c->sock_rfd->fd, c->sock_ptr<BUFFSIZE, 0);
-+ s_poll_add(&c->fds, c->sock_rfd->fd, c->sock_ptr<c->buffsize, 0);
- if(sock_open_wr)
- s_poll_add(&c->fds, c->sock_wfd->fd, 0, c->ssl_ptr);
- /* for SSL assume that sockets are open if there any pending requests */
-@@ -531,7 +559,7 @@
- /****************************** read from socket */
- if(sock_open_rd && sock_can_rd) {
- num=readsocket(c->sock_rfd->fd,
-- c->sock_buff+c->sock_ptr, BUFFSIZE-c->sock_ptr);
-+ c->sock_buff+c->sock_ptr, c->buffsize-c->sock_ptr);
- switch(num) {
- case -1:
- parse_socket_error(c, "readsocket");
-@@ -567,7 +595,7 @@
- /****************************** update *_wants_* based on new *_ptr */
- /* this update is also required for SSL_pending() to be used */
- read_wants_read=
-- ssl_open_rd && c->ssl_ptr<BUFFSIZE && !read_wants_write;
-+ ssl_open_rd && c->ssl_ptr<c->buffsize && !read_wants_write;
- write_wants_write=
- ssl_open_wr && c->sock_ptr && !write_wants_read;
-
-@@ -577,10 +605,71 @@
- * writesocket() above made some room in c->ssl_buff */
- (read_wants_write && ssl_can_wr)) {
- read_wants_write=0;
-- num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, BUFFSIZE-c->ssl_ptr);
-+ num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, c->buffsize-c->ssl_ptr);
- switch(err=SSL_get_error(c->ssl, num)) {
- case SSL_ERROR_NONE:
-- c->ssl_ptr+=num;
-+ if (c->buffsize != BUFFSIZE && c->opt->option.xforwardedfor) { /* some work left to do */
-+ int last = c->ssl_ptr;
-+ c->ssl_ptr += num;
-+
-+ /* Look for end of HTTP headers between last and ssl_ptr.
-+ * To achieve this reliably, we have to count the number of
-+ * successive [CR]LF and to memorize it in case it's spread
-+ * over multiple segments. --WT.
-+ */
-+ while (last < c->ssl_ptr) {
-+ if (c->ssl_buff[last] == '\n') {
-+ if (++c->crlf_seen == 2)
-+ break;
-+ } else if (last < c->ssl_ptr - 1 &&
-+ c->ssl_buff[last] == '\r' &&
-+ c->ssl_buff[last+1] == '\n') {
-+ if (++c->crlf_seen == 2)
-+ break;
-+ last++;
-+ } else if (c->ssl_buff[last] != '\r')
-+ /* don't refuse '\r' because we may get a '\n' on next read */
-+ c->crlf_seen = 0;
-+ last++;
-+ }
-+ if (c->crlf_seen >= 2) {
-+ /* We have all the HTTP headers now. We don't need to
-+ * reserve any space anymore. <ssl_ptr> points to the
-+ * first byte of unread data, and <last> points to the
-+ * exact location where we want to insert our headers,
-+ * which is right before the empty line.
-+ */
-+ c->buffsize = BUFFSIZE;
-+
-+ if (c->opt->option.xforwardedfor) {
-+ /* X-Forwarded-For: xxxx \r\n\0 */
-+ char xforw[17 + IPLEN + 3];
-+
-+ /* We will insert our X-Forwarded-For: header here.
-+ * We need to write the IP address, but if we use
-+ * sprintf, it will pad with the terminating 0.
-+ * So we will pass via a temporary buffer allocated
-+ * on the stack.
-+ */
-+ memcpy(xforw, "X-Forwarded-For: ", 17);
-+ if (getnameinfo(&c->peer_addr.addr[0].sa,
-+ addr_len(c->peer_addr.addr[0]),
-+ xforw + 17, IPLEN, NULL, 0,
-+ NI_NUMERICHOST) == 0) {
-+ strcat(xforw + 17, "\r\n");
-+ buffer_insert(c->ssl_buff, &last, &c->ssl_ptr,
-+ c->buffsize, xforw);
-+ }
-+ /* last still points to the \r\n and ssl_ptr to the
-+ * end of the buffer, so we may add as many headers
-+ * as wee need to.
-+ */
-+ }
-+ }
-+ }
-+ else
-+ c->ssl_ptr+=num;
-+
- watchdog=0; /* reset watchdog */
- break;
- case SSL_ERROR_WANT_WRITE:
-diff -ru stunnel-4.35/src/common.h stunnel-4.35-xforwarded-for/src/common.h
---- stunnel-4.35/src/common.h 2010-09-14 17:00:36.000000000 +0200
-+++ stunnel-4.35-xforwarded-for/src/common.h 2010-12-06 21:56:08.770829792 +0100
-@@ -53,6 +53,9 @@
- /* I/O buffer size */
- #define BUFFSIZE 16384
-
-+/* maximum space reserved for header insertion in BUFFSIZE */
-+#define BUFF_RESERVED 1024
-+
- /* length of strings (including the terminating '\0' character) */
- /* it can't be lower than 256 bytes or NTLM authentication will break */
- #define STRLEN 256
-diff -ru stunnel-4.35/src/options.c stunnel-4.35-xforwarded-for/src/options.c
---- stunnel-4.35/src/options.c 2010-09-14 17:09:36.000000000 +0200
-+++ stunnel-4.35-xforwarded-for/src/options.c 2010-12-06 21:56:08.774829832 +0100
-@@ -818,6 +818,29 @@
- }
- #endif
-
-+ /* xforwardedfor */
-+ switch(cmd) {
-+ case CMD_INIT:
-+ section->option.xforwardedfor=0;
-+ break;
-+ case CMD_EXEC:
-+ if(strcasecmp(opt, "xforwardedfor"))
-+ break;
-+ if(!strcasecmp(arg, "yes"))
-+ section->option.xforwardedfor=1;
-+ else if(!strcasecmp(arg, "no"))
-+ section->option.xforwardedfor=0;
-+ else
-+ return "argument should be either 'yes' or 'no'";
-+ return NULL; /* OK */
-+ case CMD_DEFAULT:
-+ break;
-+ case CMD_HELP:
-+ s_log(LOG_NOTICE, "%-15s = yes|no append an HTTP X-Forwarded-For header",
-+ "xforwardedfor");
-+ break;
-+ }
-+
- /* exec */
- switch(cmd) {
- case CMD_INIT:
-diff -ru stunnel-4.35/src/prototypes.h stunnel-4.35-xforwarded-for/src/prototypes.h
---- stunnel-4.35/src/prototypes.h 2010-09-14 17:09:50.000000000 +0200
-+++ stunnel-4.35-xforwarded-for/src/prototypes.h 2010-12-06 21:56:08.774829832 +0100
-@@ -171,6 +171,7 @@
- struct {
- unsigned int client:1;
- unsigned int delayed_lookup:1;
-+ unsigned int xforwardedfor:1;
- unsigned int accept:1;
- unsigned int remote:1;
- unsigned int retry:1; /* loop remote+program */
-@@ -346,6 +347,8 @@
- FD *ssl_rfd, *ssl_wfd; /* read and write SSL descriptors */
- int sock_bytes, ssl_bytes; /* bytes written to socket and ssl */
- s_poll_set fds; /* file descriptors */
-+ int buffsize; /* current buffer size, may be lower than BUFFSIZE */
-+ int crlf_seen; /* the number of successive CRLF seen */
- } CLI;
-
- extern int max_fds, max_clients;
diff --git a/net-misc/stunnel/files/stunnel-4.36-listen-queue.diff b/net-misc/stunnel/files/stunnel-4.36-listen-queue.diff
deleted file mode 100644
index ff231255ff3d..000000000000
--- a/net-misc/stunnel/files/stunnel-4.36-listen-queue.diff
+++ /dev/null
@@ -1,51 +0,0 @@
-diff -urN stunnel-4.36/src/options.c stunnel-4.36-new/src/options.c
---- stunnel-4.36/src/options.c 2011-04-30 15:14:02.000000000 -0700
-+++ stunnel-4.36-new/src/options.c 2011-05-26 11:42:10.455120934 -0700
-@@ -1484,6 +1484,24 @@
- break;
- }
-
-+ /* listenqueue */
-+ switch(cmd) {
-+ case CMD_INIT:
-+ section->listenqueue=SOMAXCONN;
-+ break;
-+ case CMD_EXEC:
-+ if(strcasecmp(opt, "listenqueue"))
-+ break;
-+ section->listenqueue=atoi(arg);
-+ return (section->listenqueue?NULL:"Bad verify level");
-+ case CMD_DEFAULT:
-+ s_log(LOG_NOTICE, "%-15s = %d", "listenqueue", SOMAXCONN);
-+ break;
-+ case CMD_HELP:
-+ s_log(LOG_NOTICE, "%-15s = defines the maximum length the queue of pending connections may grow to", "listenqueue");
-+ break;
-+ }
-+
- if(cmd==CMD_EXEC)
- return option_not_found;
- return NULL; /* OK */
-diff -urN stunnel-4.36/src/prototypes.h stunnel-4.36-new/src/prototypes.h
---- stunnel-4.36/src/prototypes.h 2011-05-01 11:18:01.000000000 -0700
-+++ stunnel-4.36-new/src/prototypes.h 2011-05-26 11:42:33.285154425 -0700
-@@ -158,6 +158,7 @@
- int timeout_close; /* maximum close_notify time */
- int timeout_connect; /* maximum connect() time */
- int timeout_idle; /* maximum idle connection time */
-+ int listenqueue; /* Listen baklog */
- enum {FAILOVER_RR, FAILOVER_PRIO} failover; /* failover strategy */
-
- /* protocol name for protocol.c */
-diff -urN stunnel-4.36/src/stunnel.c stunnel-4.36-new/src/stunnel.c
---- stunnel-4.36/src/stunnel.c 2011-05-02 14:51:02.000000000 -0700
-+++ stunnel-4.36-new/src/stunnel.c 2011-05-26 11:46:37.775513010 -0700
-@@ -241,7 +241,7 @@
- }
- s_log(LOG_DEBUG, "Service %s bound to %s",
- opt->servname, opt->local_address);
-- if(listen(opt->fd, SOMAXCONN)) {
-+ if(listen(opt->fd, opt->listenqueue)) {
- sockerror("listen");
- return 0;
- }
diff --git a/net-misc/stunnel/files/stunnel-4.36-xforwarded-for.diff b/net-misc/stunnel/files/stunnel-4.36-xforwarded-for.diff
deleted file mode 100644
index 3520ad19dfae..000000000000
--- a/net-misc/stunnel/files/stunnel-4.36-xforwarded-for.diff
+++ /dev/null
@@ -1,249 +0,0 @@
-diff -urN stunnel-4.36/doc/stunnel.8 stunnel-4.36-new//doc/stunnel.8
---- stunnel-4.36/doc/stunnel.8 2011-04-27 14:02:40.000000000 -0700
-+++ stunnel-4.36-new//doc/stunnel.8 2011-05-26 11:37:07.024675893 -0700
-@@ -556,6 +556,10 @@
- .IP "\fBTIMEOUTidle\fR = seconds" 4
- .IX Item "TIMEOUTidle = seconds"
- time to keep an idle connection
-+.IP "\fBxforwardedfor\fR = yes | no" 4
-+.IX Item "xforwardedfor = yes | no"
-+append an 'X-Forwarded-For:' HTTP request header providing the
-+client's IP address to the server.
- .IP "\fBtransparent\fR = none | source | destination | both (Unix only)" 4
- .IX Item "transparent = none | source | destination | both (Unix only)"
- enable transparent proxy support on selected platforms
-diff -urN stunnel-4.36/doc/stunnel.fr.8 stunnel-4.36-new//doc/stunnel.fr.8
---- stunnel-4.36/doc/stunnel.fr.8 2011-02-09 11:37:46.000000000 -0800
-+++ stunnel-4.36-new//doc/stunnel.fr.8 2011-05-26 11:37:07.024675893 -0700
-@@ -394,6 +394,10 @@
- .IP "\fBTIMEOUTidle\fR = secondes" 4
- .IX Item "TIMEOUTidle = secondes"
- Durée d'attente sur une connexion inactive
-+.IP "\fBxforwardedfor\fR = yes | no" 4
-+.IX Item "xforwardedfor = yes | no"
-+Ajoute un en-tête 'X-Forwarded-For:' dans la requête HTTP fournissant
-+au serveur l'adresse IP du client.
- .IP "\fBtransparent\fR = yes | no (Unix seulement)" 4
- .IX Item "transparent = yes | no (Unix seulement)"
- Mode mandataire transparent
-diff -urN stunnel-4.36/src/client.c stunnel-4.36-new//src/client.c
---- stunnel-4.36/src/client.c 2011-05-02 09:12:53.000000000 -0700
-+++ stunnel-4.36-new//src/client.c 2011-05-26 11:37:07.024675893 -0700
-@@ -86,6 +86,12 @@
- return NULL;
- }
- c->opt=opt;
-+ /* some options need space to add some information */
-+ if (c->opt->option.xforwardedfor)
-+ c->buffsize = BUFFSIZE - BUFF_RESERVED;
-+ else
-+ c->buffsize = BUFFSIZE;
-+ c->crlf_seen=0;
- c->local_rfd.fd=rfd;
- c->local_wfd.fd=wfd;
- return c;
-@@ -381,6 +387,28 @@
- }
- }
-
-+/* Moves all data from the buffer <buffer> between positions <start> and <stop>
-+ * to insert <string> of length <len>. <start> and <stop> are updated to their
-+ * new respective values, and the number of characters inserted is returned.
-+ * If <len> is too long, nothing is done and -1 is returned.
-+ * Note that neither <string> nor <buffer> can be NULL.
-+ */
-+static int buffer_insert_with_len(char *buffer, int *start, int *stop, int limit, char *string, int len) {
-+ if (len > limit - *stop)
-+ return -1;
-+ if (*start > *stop)
-+ return -1;
-+ memmove(buffer + *start + len, buffer + *start, *stop - *start);
-+ memcpy(buffer + *start, string, len);
-+ *start += len;
-+ *stop += len;
-+ return len;
-+}
-+
-+static int buffer_insert(char *buffer, int *start, int *stop, int limit, char *string) {
-+ return buffer_insert_with_len(buffer, start, stop, limit, string, strlen(string));
-+}
-+
- /****************************** transfer data */
- static void transfer(CLI *c) {
- int watchdog=0; /* a counter to detect an infinite loop */
-@@ -399,7 +427,7 @@
- do { /* main loop of client data transfer */
- /****************************** initialize *_wants_* */
- read_wants_read=
-- ssl_open_rd && c->ssl_ptr<BUFFSIZE && !read_wants_write;
-+ ssl_open_rd && c->ssl_ptr<c->buffsize && !read_wants_write;
- write_wants_write=
- ssl_open_wr && c->sock_ptr && !write_wants_read;
-
-@@ -408,7 +436,7 @@
- /* for plain socket open data strem = open file descriptor */
- /* make sure to add each open socket to receive exceptions! */
- if(sock_open_rd)
-- s_poll_add(&c->fds, c->sock_rfd->fd, c->sock_ptr<BUFFSIZE, 0);
-+ s_poll_add(&c->fds, c->sock_rfd->fd, c->sock_ptr<c->buffsize, 0);
- if(sock_open_wr)
- s_poll_add(&c->fds, c->sock_wfd->fd, 0, c->ssl_ptr);
- /* for SSL assume that sockets are open if there any pending requests */
-@@ -542,7 +570,7 @@
- /****************************** read from socket */
- if(sock_open_rd && sock_can_rd) {
- num=readsocket(c->sock_rfd->fd,
-- c->sock_buff+c->sock_ptr, BUFFSIZE-c->sock_ptr);
-+ c->sock_buff+c->sock_ptr, c->buffsize-c->sock_ptr);
- switch(num) {
- case -1:
- parse_socket_error(c, "readsocket");
-@@ -578,7 +606,7 @@
- /****************************** update *_wants_* based on new *_ptr */
- /* this update is also required for SSL_pending() to be used */
- read_wants_read=
-- ssl_open_rd && c->ssl_ptr<BUFFSIZE && !read_wants_write;
-+ ssl_open_rd && c->ssl_ptr<c->buffsize && !read_wants_write;
- write_wants_write=
- ssl_open_wr && c->sock_ptr && !write_wants_read;
-
-@@ -588,10 +616,71 @@
- * writesocket() above made some room in c->ssl_buff */
- (read_wants_write && ssl_can_wr)) {
- read_wants_write=0;
-- num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, BUFFSIZE-c->ssl_ptr);
-+ num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, c->buffsize-c->ssl_ptr);
- switch(err=SSL_get_error(c->ssl, num)) {
- case SSL_ERROR_NONE:
-- c->ssl_ptr+=num;
-+ if (c->buffsize != BUFFSIZE && c->opt->option.xforwardedfor) { /* some work left to do */
-+ int last = c->ssl_ptr;
-+ c->ssl_ptr += num;
-+
-+ /* Look for end of HTTP headers between last and ssl_ptr.
-+ * To achieve this reliably, we have to count the number of
-+ * successive [CR]LF and to memorize it in case it's spread
-+ * over multiple segments. --WT.
-+ */
-+ while (last < c->ssl_ptr) {
-+ if (c->ssl_buff[last] == '\n') {
-+ if (++c->crlf_seen == 2)
-+ break;
-+ } else if (last < c->ssl_ptr - 1 &&
-+ c->ssl_buff[last] == '\r' &&
-+ c->ssl_buff[last+1] == '\n') {
-+ if (++c->crlf_seen == 2)
-+ break;
-+ last++;
-+ } else if (c->ssl_buff[last] != '\r')
-+ /* don't refuse '\r' because we may get a '\n' on next read */
-+ c->crlf_seen = 0;
-+ last++;
-+ }
-+ if (c->crlf_seen >= 2) {
-+ /* We have all the HTTP headers now. We don't need to
-+ * reserve any space anymore. <ssl_ptr> points to the
-+ * first byte of unread data, and <last> points to the
-+ * exact location where we want to insert our headers,
-+ * which is right before the empty line.
-+ */
-+ c->buffsize = BUFFSIZE;
-+
-+ if (c->opt->option.xforwardedfor) {
-+ /* X-Forwarded-For: xxxx \r\n\0 */
-+ char xforw[17 + IPLEN + 3];
-+
-+ /* We will insert our X-Forwarded-For: header here.
-+ * We need to write the IP address, but if we use
-+ * sprintf, it will pad with the terminating 0.
-+ * So we will pass via a temporary buffer allocated
-+ * on the stack.
-+ */
-+ memcpy(xforw, "X-Forwarded-For: ", 17);
-+ if (getnameinfo(&c->peer_addr.addr[0].sa,
-+ addr_len(c->peer_addr.addr[0]),
-+ xforw + 17, IPLEN, NULL, 0,
-+ NI_NUMERICHOST) == 0) {
-+ strcat(xforw + 17, "\r\n");
-+ buffer_insert(c->ssl_buff, &last, &c->ssl_ptr,
-+ c->buffsize, xforw);
-+ }
-+ /* last still points to the \r\n and ssl_ptr to the
-+ * end of the buffer, so we may add as many headers
-+ * as wee need to.
-+ */
-+ }
-+ }
-+ }
-+ else
-+ c->ssl_ptr+=num;
-+
- watchdog=0; /* reset watchdog */
- break;
- case SSL_ERROR_WANT_WRITE:
-diff -urN stunnel-4.36/src/common.h stunnel-4.36-new//src/common.h
---- stunnel-4.36/src/common.h 2011-05-01 11:42:47.000000000 -0700
-+++ stunnel-4.36-new//src/common.h 2011-05-26 11:37:50.534739709 -0700
-@@ -52,6 +52,9 @@
- /* I/O buffer size */
- #define BUFFSIZE 16384
-
-+/* maximum space reserved for header insertion in BUFFSIZE */
-+#define BUFF_RESERVED 1024
-+
- /* IP address and TCP port textual representation length */
- #define IPLEN 128
-
-diff -urN stunnel-4.36/src/options.c stunnel-4.36-new//src/options.c
---- stunnel-4.36/src/options.c 2011-04-30 15:14:02.000000000 -0700
-+++ stunnel-4.36-new//src/options.c 2011-05-26 11:37:07.034675915 -0700
-@@ -818,6 +818,29 @@
- }
- #endif
-
-+ /* xforwardedfor */
-+ switch(cmd) {
-+ case CMD_INIT:
-+ section->option.xforwardedfor=0;
-+ break;
-+ case CMD_EXEC:
-+ if(strcasecmp(opt, "xforwardedfor"))
-+ break;
-+ if(!strcasecmp(arg, "yes"))
-+ section->option.xforwardedfor=1;
-+ else if(!strcasecmp(arg, "no"))
-+ section->option.xforwardedfor=0;
-+ else
-+ return "argument should be either 'yes' or 'no'";
-+ return NULL; /* OK */
-+ case CMD_DEFAULT:
-+ break;
-+ case CMD_HELP:
-+ s_log(LOG_NOTICE, "%-15s = yes|no append an HTTP X-Forwarded-For header",
-+ "xforwardedfor");
-+ break;
-+ }
-+
- /* exec */
- switch(cmd) {
- case CMD_INIT:
-diff -urN stunnel-4.36/src/prototypes.h stunnel-4.36-new//src/prototypes.h
---- stunnel-4.36/src/prototypes.h 2011-05-01 11:18:01.000000000 -0700
-+++ stunnel-4.36-new//src/prototypes.h 2011-05-26 11:37:07.034675915 -0700
-@@ -171,6 +171,7 @@
- struct {
- unsigned int client:1;
- unsigned int delayed_lookup:1;
-+ unsigned int xforwardedfor:1;
- unsigned int accept:1;
- unsigned int remote:1;
- unsigned int retry:1; /* loop remote+program */
-@@ -351,6 +352,8 @@
- FD *ssl_rfd, *ssl_wfd; /* read and write SSL descriptors */
- int sock_bytes, ssl_bytes; /* bytes written to socket and ssl */
- s_poll_set fds; /* file descriptors */
-+ int buffsize; /* current buffer size, may be lower than BUFFSIZE */
-+ int crlf_seen; /* the number of successive CRLF seen */
- } CLI;
-
- CLI *alloc_client_session(SERVICE_OPTIONS *, int, int);
diff --git a/net-misc/stunnel/stunnel-4.25.ebuild b/net-misc/stunnel/stunnel-4.25.ebuild
deleted file mode 100644
index 6b9349fa72f2..000000000000
--- a/net-misc/stunnel/stunnel-4.25.ebuild
+++ /dev/null
@@ -1,81 +0,0 @@
-# Copyright 1999-2009 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/stunnel-4.25.ebuild,v 1.9 2009/09/24 18:36:42 ramereth Exp $
-
-inherit autotools ssl-cert eutils
-
-DESCRIPTION="TLS/SSL - Port Wrapper"
-HOMEPAGE="http://stunnel.mirt.net/"
-SRC_URI="http://www.stunnel.org/download/stunnel/src/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="alpha amd64 arm hppa ~ia64 ppc ppc64 sparc x86"
-IUSE="ipv6 selinux tcpd"
-
-DEPEND="tcpd? ( sys-apps/tcp-wrappers )
- >=dev-libs/openssl-0.9.6j"
-RDEPEND="${DEPEND}
- selinux? ( sec-policy/selinux-stunnel )"
-
-pkg_setup() {
- enewgroup stunnel
- enewuser stunnel -1 -1 -1 stunnel
-}
-
-src_unpack() {
- unpack ${A}
- cd "${S}"
- epatch "${FILESDIR}/${PN}-4.21-libwrap.patch"
- eautoreconf
-
- # Hack away generation of certificate
- sed -i -e "s/^install-data-local:/do-not-run-this:/" \
- tools/Makefile.in || die "sed failed"
-}
-
-src_compile() {
- econf $(use_enable ipv6) \
- $(use_enable tcpd libwrap) || die "econf died"
- emake || die "emake died"
-}
-
-src_install() {
- emake DESTDIR="${D}" install || die "emake install failed"
- rm -rf "${D}"/usr/share/doc/${PN}
- rm -f "${D}"/etc/stunnel/stunnel.conf-sample "${D}"/usr/bin/stunnel3 \
- "${D}"/usr/share/man/man8/stunnel.{fr,pl}.8
-
- # The binary was moved to /usr/bin with 4.21,
- # symlink for backwards compatibility
- dosym ../bin/stunnel /usr/sbin/stunnel
-
- dodoc AUTHORS BUGS CREDITS PORTS README TODO ChangeLog doc/en/transproxy.txt
- dohtml doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html \
- tools/importCA.html
-
- insinto /etc/stunnel
- doins "${FILESDIR}"/stunnel.conf
- newinitd "${FILESDIR}"/stunnel.rc6 stunnel
-
- keepdir /var/run/stunnel
- fowners stunnel:stunnel /var/run/stunnel
-}
-
-pkg_postinst() {
- if [ ! -f "${ROOT}"/etc/stunnel/stunnel.key ]; then
- install_cert /etc/stunnel/stunnel
- chown stunnel:stunnel "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
- chmod 0640 "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
- fi
-
- if [ ! -z "$(grep /etc/stunnel/stunnel.pid \
- "${ROOT}"/etc/stunnel/stunnel.conf )" ] ; then
-
- ewarn "As of stunnel-4.09, the pid file will be located in /var/run/stunnel."
- ewarn "Please stop stunnel, etc-update, and start stunnel back up to ensure"
- ewarn "the update takes place"
- ewarn
- ewarn "The new location will be /var/run/stunnel/stunnel.pid"
- fi
-}
diff --git a/net-misc/stunnel/stunnel-4.33.ebuild b/net-misc/stunnel/stunnel-4.33.ebuild
deleted file mode 100644
index f2648d6ae910..000000000000
--- a/net-misc/stunnel/stunnel-4.33.ebuild
+++ /dev/null
@@ -1,75 +0,0 @@
-# Copyright 1999-2011 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/stunnel-4.33.ebuild,v 1.3 2011/05/26 18:25:22 ramereth Exp $
-
-EAPI="2"
-
-inherit autotools ssl-cert eutils
-
-DESCRIPTION="TLS/SSL - Port Wrapper"
-HOMEPAGE="http://stunnel.mirt.net/"
-SRC_URI="http://www.stunnel.org/download/stunnel/src/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc x86"
-IUSE="ipv6 selinux tcpd xforward"
-
-DEPEND="tcpd? ( sys-apps/tcp-wrappers )
- >=dev-libs/openssl-0.9.8k"
-RDEPEND="${DEPEND}
- selinux? ( sec-policy/selinux-stunnel )"
-
-pkg_setup() {
- enewgroup stunnel
- enewuser stunnel -1 -1 -1 stunnel
-}
-
-src_prepare() {
- epatch "${FILESDIR}/${PN}-4.21-libwrap.patch"
- use xforward && epatch "${FILESDIR}/${PN}-4.31-x-forwarded-for.patch"
- eautoreconf
-
- # Hack away generation of certificate
- sed -i -e "s/^install-data-local:/do-not-run-this:/" \
- tools/Makefile.in || die "sed failed"
-}
-
-src_configure() {
- econf $(use_enable ipv6) \
- $(use_enable tcpd libwrap) || die "econf died"
-}
-
-src_install() {
- emake DESTDIR="${D}" install || die "emake install failed"
- rm -rf "${D}"/usr/share/doc/${PN}
- rm -f "${D}"/etc/stunnel/stunnel.conf-sample "${D}"/usr/bin/stunnel3 \
- "${D}"/usr/share/man/man8/stunnel.{fr,pl}.8
-
- # The binary was moved to /usr/bin with 4.21,
- # symlink for backwards compatibility
- dosym ../bin/stunnel /usr/sbin/stunnel
-
- dodoc AUTHORS BUGS CREDITS PORTS README TODO ChangeLog
- dohtml doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html \
- tools/importCA.html
-
- insinto /etc/stunnel
- doins "${FILESDIR}"/stunnel.conf
- newinitd "${FILESDIR}"/stunnel.initd stunnel
-
- keepdir /var/run/stunnel
- fowners stunnel:stunnel /var/run/stunnel
-}
-
-pkg_postinst() {
- if [ ! -f "${ROOT}"/etc/stunnel/stunnel.key ]; then
- install_cert /etc/stunnel/stunnel
- chown stunnel:stunnel "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
- chmod 0640 "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
- fi
-
- einfo "If you want to run multiple instances of stunnel, create a new config"
- einfo "file ending with .conf in /etc/stunnel/. **Make sure** you change "
- einfo "\'pid= \' with a unique filename."
-}
diff --git a/net-misc/stunnel/stunnel-4.35.ebuild b/net-misc/stunnel/stunnel-4.35.ebuild
deleted file mode 100644
index 6f613889327e..000000000000
--- a/net-misc/stunnel/stunnel-4.35.ebuild
+++ /dev/null
@@ -1,76 +0,0 @@
-# Copyright 1999-2011 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/stunnel-4.35.ebuild,v 1.5 2011/05/28 16:49:54 armin76 Exp $
-
-EAPI="2"
-
-inherit autotools ssl-cert eutils
-
-DESCRIPTION="TLS/SSL - Port Wrapper"
-HOMEPAGE="http://stunnel.mirt.net/"
-SRC_URI="ftp://ftp.stunnel.org/stunnel/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 ~s390 sparc x86"
-IUSE="ipv6 selinux tcpd xforward listen-queue"
-
-DEPEND="tcpd? ( sys-apps/tcp-wrappers )
- >=dev-libs/openssl-0.9.8k"
-RDEPEND="${DEPEND}
- selinux? ( sec-policy/selinux-stunnel )"
-
-pkg_setup() {
- enewgroup stunnel
- enewuser stunnel -1 -1 -1 stunnel
-}
-
-src_prepare() {
- epatch "${FILESDIR}/${PN}-4.35-libwrap.patch"
- use xforward && epatch "${FILESDIR}/stunnel-4.35-xforwarded-for.diff"
- use listen-queue && epatch "${FILESDIR}/stunnel-4.34-listen-queue.diff"
- eautoreconf
-
- # Hack away generation of certificate
- sed -i -e "s/^install-data-local:/do-not-run-this:/" \
- tools/Makefile.in || die "sed failed"
-}
-
-src_configure() {
- econf $(use_enable ipv6) \
- $(use_enable tcpd libwrap) || die "econf died"
-}
-
-src_install() {
- emake DESTDIR="${D}" install || die "emake install failed"
- rm -rf "${D}"/usr/share/doc/${PN}
- rm -f "${D}"/etc/stunnel/stunnel.conf-sample "${D}"/usr/bin/stunnel3 \
- "${D}"/usr/share/man/man8/stunnel.{fr,pl}.8
-
- # The binary was moved to /usr/bin with 4.21,
- # symlink for backwards compatibility
- dosym ../bin/stunnel /usr/sbin/stunnel
-
- dodoc AUTHORS BUGS CREDITS PORTS README TODO ChangeLog
- dohtml doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html \
- tools/importCA.html
-
- insinto /etc/stunnel
- doins "${FILESDIR}"/stunnel.conf
- newinitd "${FILESDIR}"/stunnel.initd stunnel
-
- keepdir /var/run/stunnel
- fowners stunnel:stunnel /var/run/stunnel
-}
-
-pkg_postinst() {
- if [ ! -f "${ROOT}"/etc/stunnel/stunnel.key ]; then
- install_cert /etc/stunnel/stunnel
- chown stunnel:stunnel "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
- chmod 0640 "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
- fi
-
- einfo "If you want to run multiple instances of stunnel, create a new config"
- einfo "file ending with .conf in /etc/stunnel/. **Make sure** you change "
- einfo "\'pid= \' with a unique filename."
-}
diff --git a/net-misc/stunnel/stunnel-4.36.ebuild b/net-misc/stunnel/stunnel-4.36.ebuild
deleted file mode 100644
index 3a89bae55a12..000000000000
--- a/net-misc/stunnel/stunnel-4.36.ebuild
+++ /dev/null
@@ -1,75 +0,0 @@
-# Copyright 1999-2011 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/stunnel-4.36.ebuild,v 1.1 2011/05/26 18:55:27 ramereth Exp $
-
-EAPI="2"
-
-inherit autotools ssl-cert eutils
-
-DESCRIPTION="TLS/SSL - Port Wrapper"
-HOMEPAGE="http://stunnel.mirt.net/"
-SRC_URI="ftp://ftp.stunnel.org/stunnel/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc ~x86"
-IUSE="ipv6 selinux tcpd xforward listen-queue"
-
-DEPEND="tcpd? ( sys-apps/tcp-wrappers )
- >=dev-libs/openssl-0.9.8k"
-RDEPEND="${DEPEND}
- selinux? ( sec-policy/selinux-stunnel )"
-
-pkg_setup() {
- enewgroup stunnel
- enewuser stunnel -1 -1 -1 stunnel
-}
-
-src_prepare() {
- use xforward && epatch "${FILESDIR}/stunnel-4.36-xforwarded-for.diff"
- use listen-queue && epatch "${FILESDIR}/stunnel-4.36-listen-queue.diff"
- eautoreconf
-
- # Hack away generation of certificate
- sed -i -e "s/^install-data-local:/do-not-run-this:/" \
- tools/Makefile.in || die "sed failed"
-}
-
-src_configure() {
- econf $(use_enable ipv6) \
- $(use_enable tcpd libwrap) || die "econf died"
-}
-
-src_install() {
- emake DESTDIR="${D}" install || die "emake install failed"
- rm -rf "${D}"/usr/share/doc/${PN}
- rm -f "${D}"/etc/stunnel/stunnel.conf-sample "${D}"/usr/bin/stunnel3 \
- "${D}"/usr/share/man/man8/stunnel.{fr,pl}.8
-
- # The binary was moved to /usr/bin with 4.21,
- # symlink for backwards compatibility
- dosym ../bin/stunnel /usr/sbin/stunnel
-
- dodoc AUTHORS BUGS CREDITS PORTS README TODO ChangeLog
- dohtml doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html \
- tools/importCA.html
-
- insinto /etc/stunnel
- doins "${FILESDIR}"/stunnel.conf
- newinitd "${FILESDIR}"/stunnel.initd stunnel
-
- keepdir /var/run/stunnel
- fowners stunnel:stunnel /var/run/stunnel
-}
-
-pkg_postinst() {
- if [ ! -f "${ROOT}"/etc/stunnel/stunnel.key ]; then
- install_cert /etc/stunnel/stunnel
- chown stunnel:stunnel "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
- chmod 0640 "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
- fi
-
- einfo "If you want to run multiple instances of stunnel, create a new config"
- einfo "file ending with .conf in /etc/stunnel/. **Make sure** you change "
- einfo "\'pid= \' with a unique filename."
-}