diff options
author | Lance Albertson <ramereth@gentoo.org> | 2012-05-13 21:13:57 +0000 |
---|---|---|
committer | Lance Albertson <ramereth@gentoo.org> | 2012-05-13 21:13:57 +0000 |
commit | 7626e517700db6e38e29c3b7003d1da0de2b7c02 (patch) | |
tree | 26531ac6f41555c837d90ec3845556c7d4a71cbf /net-misc/stunnel | |
parent | Simplify init script to use start-stop-daemon; fixes #379673 (diff) | |
download | gentoo-2-7626e517700db6e38e29c3b7003d1da0de2b7c02.tar.gz gentoo-2-7626e517700db6e38e29c3b7003d1da0de2b7c02.tar.bz2 gentoo-2-7626e517700db6e38e29c3b7003d1da0de2b7c02.zip |
Ebuild cleanup; fixes #373713
(Portage version: 2.1.10.49/cvs/Linux x86_64)
Diffstat (limited to 'net-misc/stunnel')
-rw-r--r-- | net-misc/stunnel/ChangeLog | 11 | ||||
-rw-r--r-- | net-misc/stunnel/files/stunnel-4.21-libwrap.patch | 10 | ||||
-rw-r--r-- | net-misc/stunnel/files/stunnel-4.31-x-forwarded-for.patch | 247 | ||||
-rw-r--r-- | net-misc/stunnel/files/stunnel-4.34-listen-queue.diff | 55 | ||||
-rw-r--r-- | net-misc/stunnel/files/stunnel-4.35-libwrap.patch | 10 | ||||
-rw-r--r-- | net-misc/stunnel/files/stunnel-4.35-xforwarded-for.diff | 248 | ||||
-rw-r--r-- | net-misc/stunnel/files/stunnel-4.36-listen-queue.diff | 51 | ||||
-rw-r--r-- | net-misc/stunnel/files/stunnel-4.36-xforwarded-for.diff | 249 | ||||
-rw-r--r-- | net-misc/stunnel/stunnel-4.25.ebuild | 81 | ||||
-rw-r--r-- | net-misc/stunnel/stunnel-4.33.ebuild | 75 | ||||
-rw-r--r-- | net-misc/stunnel/stunnel-4.35.ebuild | 76 | ||||
-rw-r--r-- | net-misc/stunnel/stunnel-4.36.ebuild | 75 |
12 files changed, 10 insertions, 1178 deletions
diff --git a/net-misc/stunnel/ChangeLog b/net-misc/stunnel/ChangeLog index 8c1b590f16a9..2d3d7b793fd2 100644 --- a/net-misc/stunnel/ChangeLog +++ b/net-misc/stunnel/ChangeLog @@ -1,6 +1,15 @@ # ChangeLog for net-misc/stunnel # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/ChangeLog,v 1.129 2012/05/13 21:08:13 ramereth Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/ChangeLog,v 1.130 2012/05/13 21:13:57 ramereth Exp $ + + 13 May 2012; Lance Albertson <ramereth@gentoo.org> + -files/stunnel-4.21-libwrap.patch, -stunnel-4.25.ebuild, + -files/stunnel-4.31-x-forwarded-for.patch, -stunnel-4.33.ebuild, + -files/stunnel-4.34-listen-queue.diff, -stunnel-4.35.ebuild, + -files/stunnel-4.35-libwrap.patch, -files/stunnel-4.35-xforwarded-for.diff, + -stunnel-4.36.ebuild, -files/stunnel-4.36-listen-queue.diff, + -files/stunnel-4.36-xforwarded-for.diff: + Ebuild cleanup; fixes #373713 *stunnel-4.44-r1 (13 May 2012) diff --git a/net-misc/stunnel/files/stunnel-4.21-libwrap.patch b/net-misc/stunnel/files/stunnel-4.21-libwrap.patch deleted file mode 100644 index c64f8e6cf698..000000000000 --- a/net-misc/stunnel/files/stunnel-4.21-libwrap.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- stunnel-4.21/configure.ac 2007-08-09 00:43:10.000000000 +0200 -+++ stunnel-4.21.new/configure.ac 2007-11-02 16:16:11.000000000 +0100 -@@ -343,6 +343,7 @@ - case "$enableval" in - yes) AC_MSG_RESULT([no]) - AC_DEFINE(HAVE_LIBWRAP) -+ LIBS="$LIBS -lwrap" - ;; - no) AC_MSG_RESULT([yes]) - ;; diff --git a/net-misc/stunnel/files/stunnel-4.31-x-forwarded-for.patch b/net-misc/stunnel/files/stunnel-4.31-x-forwarded-for.patch deleted file mode 100644 index 5e45e62b4f1f..000000000000 --- a/net-misc/stunnel/files/stunnel-4.31-x-forwarded-for.patch +++ /dev/null @@ -1,247 +0,0 @@ -diff -urN stunnel-4.31/doc/stunnel.8 stunnel-4.31-xforwardfor/doc/stunnel.8 ---- stunnel-4.31/doc/stunnel.8 2010-02-03 13:46:46 +0100 -+++ stunnel-4.31-xforwardfor/doc/stunnel.8 2010-03-08 17:58:16 +0100 -@@ -500,6 +500,10 @@ - .IP "\fBtransparent\fR = yes | no (Unix only)" 4 - .IX Item "transparent = yes | no (Unix only)" - transparent proxy mode -+.IP "\fBxforwardedfor\fR = yes | no" 4 -+.IX Item "xforwardedfor = yes | no" -+append an 'X-Forwarded-For:' HTTP request header providing the -+client's IP address to the server. - .Sp - Re-write address to appear as if wrapped daemon is connecting - from the \s-1SSL\s0 client machine instead of the machine running \fBstunnel\fR. -diff -urN stunnel-4.31/doc/stunnel.fr.8 stunnel-4.31-xforwardfor/doc/stunnel.fr.8 ---- stunnel-4.31/doc/stunnel.fr.8 2007-09-23 17:31:24 +0200 -+++ stunnel-4.31-xforwardfor/doc/stunnel.fr.8 2010-03-08 18:00:52 +0100 -@@ -460,6 +460,10 @@ - .IP "\fBtransparent\fR = yes | no (Unix seulement)" 4 - .IX Item "transparent = yes | no (Unix seulement)" - Mode mandataire transparent -+.IP "\fBxforwardedfor\fR = yes | no" 4 -+.IX Item "xforwardedfor = yes | no" -+Ajoute un en-tête 'X-Forwarded-For:' dans la requête HTTP fournissant -+au serveur l'adresse IP du client. - .Sp - Ré\-écrit les adresses pour qu'elles apparaissent provenir de la - machine client \s-1SSL\s0 plutôt que de celle qui exécute \fBstunnel\fR. -diff -urN stunnel-4.31/src/client.c stunnel-4.31-xforwardfor/src/client.c ---- stunnel-4.31/src/client.c 2010-01-29 11:42:16 +0100 -+++ stunnel-4.31-xforwardfor/src/client.c 2010-03-08 17:58:16 +0100 -@@ -88,6 +88,12 @@ - return NULL; - } - c->opt=opt; -+ /* some options need space to add some information */ -+ if (c->opt->option.xforwardedfor) -+ c->buffsize = BUFFSIZE - BUFF_RESERVED; -+ else -+ c->buffsize = BUFFSIZE; -+ c->crlf_seen=0; - c->local_rfd.fd=rfd; - c->local_wfd.fd=wfd; - return c; -@@ -377,6 +383,28 @@ - print_cipher(c); - } - } -+ -+/* Moves all data from the buffer <buffer> between positions <start> and <stop> -+ * to insert <string> of length <len>. <start> and <stop> are updated to their -+ * new respective values, and the number of characters inserted is returned. -+ * If <len> is too long, nothing is done and -1 is returned. -+ * Note that neither <string> nor <buffer> can be NULL. -+ */ -+static int buffer_insert_with_len(char *buffer, int *start, int *stop, int limit, char *string, int len) { -+ if (len > limit - *stop) -+ return -1; -+ if (*start > *stop) -+ return -1; -+ memmove(buffer + *start + len, buffer + *start, *stop - *start); -+ memcpy(buffer + *start, string, len); -+ *start += len; -+ *stop += len; -+ return len; -+} -+ -+static int buffer_insert(char *buffer, int *start, int *stop, int limit, char *string) { -+ return buffer_insert_with_len(buffer, start, stop, limit, string, strlen(string)); -+} - - /****************************** some defines for transfer() */ - /* is socket/SSL open for read/write? */ -@@ -412,13 +440,13 @@ - check_SSL_pending=0; - - SSL_read_wants_read= -- ssl_rd && c->ssl_ptr<BUFFSIZE && !SSL_read_wants_write; -+ ssl_rd && c->ssl_ptr<c->buffsize && !SSL_read_wants_write; - SSL_write_wants_write= - ssl_wr && c->sock_ptr && !SSL_write_wants_read; - - /****************************** setup c->fds structure */ - s_poll_init(&c->fds); /* initialize the structure */ -- if(sock_rd && c->sock_ptr<BUFFSIZE) -+ if(sock_rd && c->sock_ptr<c->buffsize) - s_poll_add(&c->fds, c->sock_rfd->fd, 1, 0); - if(SSL_read_wants_read || - SSL_write_wants_read || -@@ -517,7 +545,7 @@ - break; - default: - memmove(c->ssl_buff, c->ssl_buff+num, c->ssl_ptr-num); -- if(c->ssl_ptr==BUFFSIZE) /* buffer was previously full */ -+ if(c->ssl_ptr>=c->buffsize) /* buffer was previously full */ - check_SSL_pending=1; /* check for data buffered by SSL */ - c->ssl_ptr-=num; - c->sock_bytes+=num; -@@ -577,7 +605,7 @@ - /****************************** read from socket */ - if(sock_rd && sock_can_rd) { - num=readsocket(c->sock_rfd->fd, -- c->sock_buff+c->sock_ptr, BUFFSIZE-c->sock_ptr); -+ c->sock_buff+c->sock_ptr, c->buffsize-c->sock_ptr); - switch(num) { - case -1: - parse_socket_error(c, "readsocket"); -@@ -597,10 +625,71 @@ - (SSL_read_wants_write && ssl_can_wr) || - (check_SSL_pending && SSL_pending(c->ssl))) { - SSL_read_wants_write=0; -- num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, BUFFSIZE-c->ssl_ptr); -+ num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, c->buffsize-c->ssl_ptr); - switch(err=SSL_get_error(c->ssl, num)) { - case SSL_ERROR_NONE: -- c->ssl_ptr+=num; -+ if (c->buffsize != BUFFSIZE && c->opt->option.xforwardedfor) { /* some work left to do */ -+ int last = c->ssl_ptr; -+ c->ssl_ptr += num; -+ -+ /* Look for end of HTTP headers between last and ssl_ptr. -+ * To achieve this reliably, we have to count the number of -+ * successive [CR]LF and to memorize it in case it's spread -+ * over multiple segments. --WT. -+ */ -+ while (last < c->ssl_ptr) { -+ if (c->ssl_buff[last] == '\n') { -+ if (++c->crlf_seen == 2) -+ break; -+ } else if (last < c->ssl_ptr - 1 && -+ c->ssl_buff[last] == '\r' && -+ c->ssl_buff[last+1] == '\n') { -+ if (++c->crlf_seen == 2) -+ break; -+ last++; -+ } else if (c->ssl_buff[last] != '\r') -+ /* don't refuse '\r' because we may get a '\n' on next read */ -+ c->crlf_seen = 0; -+ last++; -+ } -+ if (c->crlf_seen >= 2) { -+ /* We have all the HTTP headers now. We don't need to -+ * reserve any space anymore. <ssl_ptr> points to the -+ * first byte of unread data, and <last> points to the -+ * exact location where we want to insert our headers, -+ * which is right before the empty line. -+ */ -+ c->buffsize = BUFFSIZE; -+ -+ if (c->opt->option.xforwardedfor) { -+ /* X-Forwarded-For: xxxx \r\n\0 */ -+ char xforw[17 + IPLEN + 3]; -+ -+ /* We will insert our X-Forwarded-For: header here. -+ * We need to write the IP address, but if we use -+ * sprintf, it will pad with the terminating 0. -+ * So we will pass via a temporary buffer allocated -+ * on the stack. -+ */ -+ memcpy(xforw, "X-Forwarded-For: ", 17); -+ if (getnameinfo(&c->peer_addr.addr[0].sa, -+ addr_len(c->peer_addr.addr[0]), -+ xforw + 17, IPLEN, NULL, 0, -+ NI_NUMERICHOST) == 0) { -+ strcat(xforw + 17, "\r\n"); -+ buffer_insert(c->ssl_buff, &last, &c->ssl_ptr, -+ c->buffsize, xforw); -+ } -+ /* last still points to the \r\n and ssl_ptr to the -+ * end of the buffer, so we may add as many headers -+ * as wee need to. -+ */ -+ } -+ } -+ } -+ else -+ c->ssl_ptr+=num; -+ - watchdog=0; /* reset watchdog */ - break; - case SSL_ERROR_WANT_WRITE: -diff -urN stunnel-4.31/src/common.h stunnel-4.31-xforwardfor/src/common.h ---- stunnel-4.31/src/common.h 2010-01-29 11:38:20 +0100 -+++ stunnel-4.31-xforwardfor/src/common.h 2010-03-08 17:58:53 +0100 -@@ -53,6 +53,9 @@ - /* I/O buffer size */ - #define BUFFSIZE 16384 - -+/* maximum space reserved for header insertion in BUFFSIZE */ -+#define BUFF_RESERVED 1024 -+ - /* length of strings (including the terminating '\0' character) */ - /* it can't be lower than 256 bytes or NTLM authentication will break */ - #define STRLEN 256 -diff -urN stunnel-4.31/src/options.c stunnel-4.31-xforwardfor/src/options.c ---- stunnel-4.31/src/options.c 2010-01-29 11:43:23 +0100 -+++ stunnel-4.31-xforwardfor/src/options.c 2010-03-08 17:58:16 +0100 -@@ -792,6 +792,29 @@ - } - #endif - -+ /* xforwardedfor */ -+ switch(cmd) { -+ case CMD_INIT: -+ section->option.xforwardedfor=0; -+ break; -+ case CMD_EXEC: -+ if(strcasecmp(opt, "xforwardedfor")) -+ break; -+ if(!strcasecmp(arg, "yes")) -+ section->option.xforwardedfor=1; -+ else if(!strcasecmp(arg, "no")) -+ section->option.xforwardedfor=0; -+ else -+ return "argument should be either 'yes' or 'no'"; -+ return NULL; /* OK */ -+ case CMD_DEFAULT: -+ break; -+ case CMD_HELP: -+ s_log(LOG_NOTICE, "%-15s = yes|no append an HTTP X-Forwarded-For header", -+ "xforwardedfor"); -+ break; -+ } -+ - /* exec */ - #ifndef USE_WIN32 - switch(cmd) { -diff -urN stunnel-4.31/src/prototypes.h stunnel-4.31-xforwardfor/src/prototypes.h ---- stunnel-4.31/src/prototypes.h 2010-01-29 11:36:17 +0100 -+++ stunnel-4.31-xforwardfor/src/prototypes.h 2010-03-08 17:59:23 +0100 -@@ -166,6 +166,7 @@ - unsigned int cert:1; - unsigned int client:1; - unsigned int delayed_lookup:1; -+ unsigned int xforwardedfor:1; - unsigned int accept:1; - unsigned int remote:1; - unsigned int retry:1; /* loop remote+program */ -@@ -337,6 +338,8 @@ - FD *ssl_rfd, *ssl_wfd; /* read and write SSL descriptors */ - int sock_bytes, ssl_bytes; /* bytes written to socket and ssl */ - s_poll_set fds; /* file descriptors */ -+ int buffsize; /* current buffer size, may be lower than BUFFSIZE */ -+ int crlf_seen; /* the number of successive CRLF seen */ - } CLI; - - extern int max_fds, max_clients; diff --git a/net-misc/stunnel/files/stunnel-4.34-listen-queue.diff b/net-misc/stunnel/files/stunnel-4.34-listen-queue.diff deleted file mode 100644 index 8b826ddb56f4..000000000000 --- a/net-misc/stunnel/files/stunnel-4.34-listen-queue.diff +++ /dev/null @@ -1,55 +0,0 @@ -Patch by Thomas Franco, rediffed for 4.34. - -diff -ru stunnel-4.34/src/options.c stunnel-4.34-listen-queue/src/options.c ---- stunnel-4.34/src/options.c 2010-09-14 17:09:36.000000000 +0200 -+++ stunnel-4.34-listen-queue/src/options.c 2010-12-06 22:14:15.610223090 +0100 -@@ -1473,6 +1473,24 @@ - break; - } - -+ /* listenqueue */ -+ switch(cmd) { -+ case CMD_INIT: -+ section->listenqueue=SOMAXCONN; -+ break; -+ case CMD_EXEC: -+ if(strcasecmp(opt, "listenqueue")) -+ break; -+ section->listenqueue=atoi(arg); -+ return (section->listenqueue?NULL:"Bad verify level"); -+ case CMD_DEFAULT: -+ s_log(LOG_NOTICE, "%-15s = %d", "listenqueue", SOMAXCONN); -+ break; -+ case CMD_HELP: -+ s_log(LOG_NOTICE, "%-15s = defines the maximum length the queue of pending connections may grow to", "listenqueue"); -+ break; -+ } -+ - if(cmd==CMD_EXEC) - return option_not_found; - return NULL; /* OK */ -diff -ru stunnel-4.34/src/prototypes.h stunnel-4.34-listen-queue/src/prototypes.h ---- stunnel-4.34/src/prototypes.h 2010-09-14 17:09:50.000000000 +0200 -+++ stunnel-4.34-listen-queue/src/prototypes.h 2010-12-06 22:06:39.217327586 +0100 -@@ -158,6 +158,7 @@ - int timeout_close; /* maximum close_notify time */ - int timeout_connect; /* maximum connect() time */ - int timeout_idle; /* maximum idle connection time */ -+ int listenqueue; /* Listen baklog */ - enum {FAILOVER_RR, FAILOVER_PRIO} failover; /* failover strategy */ - - /* protocol name for protocol.c */ -Seulement dans stunnel-4.34-listen-queue/src: prototypes.h~ -diff -ru stunnel-4.34/src/stunnel.c stunnel-4.34-listen-queue/src/stunnel.c ---- stunnel-4.34/src/stunnel.c 2010-08-20 11:01:35.000000000 +0200 -+++ stunnel-4.34-listen-queue/src/stunnel.c 2010-12-06 22:05:54.732885327 +0100 -@@ -204,7 +204,7 @@ - } - s_log(LOG_DEBUG, "Service %s bound to %s", - opt->servname, opt->local_address); -- if(listen(opt->fd, 5)) { -+ if(listen(opt->fd, opt->listenqueue)) { - sockerror("listen"); - return 0; - } -Seulement dans stunnel-4.34-listen-queue/src: stunnel.c~ diff --git a/net-misc/stunnel/files/stunnel-4.35-libwrap.patch b/net-misc/stunnel/files/stunnel-4.35-libwrap.patch deleted file mode 100644 index 2a0ef0442556..000000000000 --- a/net-misc/stunnel/files/stunnel-4.35-libwrap.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- stunnel-4.35/configure.ac 2011-02-07 16:28:03.000000000 +0100 -+++ stunnel-4.35/configure.ac 2011-02-07 16:31:23.000000000 +0100 -@@ -357,6 +357,7 @@ - case "$enableval" in - yes) AC_MSG_RESULT([no]) - AC_DEFINE(HAVE_LIBWRAP) -+ LIBS="$LIBS -lwrap" - ;; - no) AC_MSG_RESULT([yes]) - ;; diff --git a/net-misc/stunnel/files/stunnel-4.35-xforwarded-for.diff b/net-misc/stunnel/files/stunnel-4.35-xforwarded-for.diff deleted file mode 100644 index d97c5eb90f8a..000000000000 --- a/net-misc/stunnel/files/stunnel-4.35-xforwarded-for.diff +++ /dev/null @@ -1,248 +0,0 @@ ---- stunnel-4.35/doc/stunnel.fr.8.ori 2011-02-07 17:21:07.000000000 +0100 -+++ stunnel-4.35-xforwarded-for/doc/stunnel.fr.8 2011-02-07 17:21:31.000000000 +0100 -@@ -394,6 +394,10 @@ - .IP "\fBTIMEOUTidle\fR = secondes" 4 - .IX Item "TIMEOUTidle = secondes" - Durée d'attente sur une connexion inactive -+.IP "\fBxforwardedfor\fR = yes | no" 4 -+.IX Item "xforwardedfor = yes | no" -+Ajoute un en-tête 'X-Forwarded-For:' dans la requête HTTP fournissant -+au serveur l'adresse IP du client. - .IP "\fBtransparent\fR = yes | no (Unix seulement)" 4 - .IX Item "transparent = yes | no (Unix seulement)" - Mode mandataire transparent -diff -ru stunnel-4.35/doc/stunnel.8 stunnel-4.35-xforwarded-for/doc/stunnel.8 ---- stunnel-4.35/doc/stunnel.8 2010-09-15 09:11:21.000000000 +0200 -+++ stunnel-4.35-xforwarded-for/doc/stunnel.8 2010-12-06 21:56:08.770829792 +0100 -@@ -527,6 +527,10 @@ - .IP "\fBTIMEOUTidle\fR = seconds" 4 - .IX Item "TIMEOUTidle = seconds" - time to keep an idle connection -+.IP "\fBxforwardedfor\fR = yes | no" 4 -+.IX Item "xforwardedfor = yes | no" -+append an 'X-Forwarded-For:' HTTP request header providing the -+client's IP address to the server. - .IP "\fBtransparent\fR = none | source | destination | both (Unix only)" 4 - .IX Item "transparent = none | source | destination | both (Unix only)" - enable transparent proxy support on selected platforms -diff -ru stunnel-4.35/src/client.c stunnel-4.35-xforwarded-for/src/client.c ---- stunnel-4.35/src/client.c 2010-09-14 17:03:43.000000000 +0200 -+++ stunnel-4.35-xforwarded-for/src/client.c 2010-12-06 21:56:08.770829792 +0100 -@@ -84,6 +84,12 @@ - return NULL; - } - c->opt=opt; -+ /* some options need space to add some information */ -+ if (c->opt->option.xforwardedfor) -+ c->buffsize = BUFFSIZE - BUFF_RESERVED; -+ else -+ c->buffsize = BUFFSIZE; -+ c->crlf_seen=0; - c->local_rfd.fd=rfd; - c->local_wfd.fd=wfd; - return c; -@@ -372,6 +378,28 @@ - } - } - -+/* Moves all data from the buffer <buffer> between positions <start> and <stop> -+ * to insert <string> of length <len>. <start> and <stop> are updated to their -+ * new respective values, and the number of characters inserted is returned. -+ * If <len> is too long, nothing is done and -1 is returned. -+ * Note that neither <string> nor <buffer> can be NULL. -+ */ -+static int buffer_insert_with_len(char *buffer, int *start, int *stop, int limit, char *string, int len) { -+ if (len > limit - *stop) -+ return -1; -+ if (*start > *stop) -+ return -1; -+ memmove(buffer + *start + len, buffer + *start, *stop - *start); -+ memcpy(buffer + *start, string, len); -+ *start += len; -+ *stop += len; -+ return len; -+} -+ -+static int buffer_insert(char *buffer, int *start, int *stop, int limit, char *string) { -+ return buffer_insert_with_len(buffer, start, stop, limit, string, strlen(string)); -+} -+ - /****************************** transfer data */ - static void transfer(CLI *c) { - int watchdog=0; /* a counter to detect an infinite loop */ -@@ -390,7 +418,7 @@ - do { /* main loop of client data transfer */ - /****************************** initialize *_wants_* */ - read_wants_read= -- ssl_open_rd && c->ssl_ptr<BUFFSIZE && !read_wants_write; -+ ssl_open_rd && c->ssl_ptr<c->buffsize && !read_wants_write; - write_wants_write= - ssl_open_wr && c->sock_ptr && !write_wants_read; - -@@ -399,7 +427,7 @@ - /* for plain socket open data strem = open file descriptor */ - /* make sure to add each open socket to receive exceptions! */ - if(sock_open_rd) -- s_poll_add(&c->fds, c->sock_rfd->fd, c->sock_ptr<BUFFSIZE, 0); -+ s_poll_add(&c->fds, c->sock_rfd->fd, c->sock_ptr<c->buffsize, 0); - if(sock_open_wr) - s_poll_add(&c->fds, c->sock_wfd->fd, 0, c->ssl_ptr); - /* for SSL assume that sockets are open if there any pending requests */ -@@ -531,7 +559,7 @@ - /****************************** read from socket */ - if(sock_open_rd && sock_can_rd) { - num=readsocket(c->sock_rfd->fd, -- c->sock_buff+c->sock_ptr, BUFFSIZE-c->sock_ptr); -+ c->sock_buff+c->sock_ptr, c->buffsize-c->sock_ptr); - switch(num) { - case -1: - parse_socket_error(c, "readsocket"); -@@ -567,7 +595,7 @@ - /****************************** update *_wants_* based on new *_ptr */ - /* this update is also required for SSL_pending() to be used */ - read_wants_read= -- ssl_open_rd && c->ssl_ptr<BUFFSIZE && !read_wants_write; -+ ssl_open_rd && c->ssl_ptr<c->buffsize && !read_wants_write; - write_wants_write= - ssl_open_wr && c->sock_ptr && !write_wants_read; - -@@ -577,10 +605,71 @@ - * writesocket() above made some room in c->ssl_buff */ - (read_wants_write && ssl_can_wr)) { - read_wants_write=0; -- num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, BUFFSIZE-c->ssl_ptr); -+ num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, c->buffsize-c->ssl_ptr); - switch(err=SSL_get_error(c->ssl, num)) { - case SSL_ERROR_NONE: -- c->ssl_ptr+=num; -+ if (c->buffsize != BUFFSIZE && c->opt->option.xforwardedfor) { /* some work left to do */ -+ int last = c->ssl_ptr; -+ c->ssl_ptr += num; -+ -+ /* Look for end of HTTP headers between last and ssl_ptr. -+ * To achieve this reliably, we have to count the number of -+ * successive [CR]LF and to memorize it in case it's spread -+ * over multiple segments. --WT. -+ */ -+ while (last < c->ssl_ptr) { -+ if (c->ssl_buff[last] == '\n') { -+ if (++c->crlf_seen == 2) -+ break; -+ } else if (last < c->ssl_ptr - 1 && -+ c->ssl_buff[last] == '\r' && -+ c->ssl_buff[last+1] == '\n') { -+ if (++c->crlf_seen == 2) -+ break; -+ last++; -+ } else if (c->ssl_buff[last] != '\r') -+ /* don't refuse '\r' because we may get a '\n' on next read */ -+ c->crlf_seen = 0; -+ last++; -+ } -+ if (c->crlf_seen >= 2) { -+ /* We have all the HTTP headers now. We don't need to -+ * reserve any space anymore. <ssl_ptr> points to the -+ * first byte of unread data, and <last> points to the -+ * exact location where we want to insert our headers, -+ * which is right before the empty line. -+ */ -+ c->buffsize = BUFFSIZE; -+ -+ if (c->opt->option.xforwardedfor) { -+ /* X-Forwarded-For: xxxx \r\n\0 */ -+ char xforw[17 + IPLEN + 3]; -+ -+ /* We will insert our X-Forwarded-For: header here. -+ * We need to write the IP address, but if we use -+ * sprintf, it will pad with the terminating 0. -+ * So we will pass via a temporary buffer allocated -+ * on the stack. -+ */ -+ memcpy(xforw, "X-Forwarded-For: ", 17); -+ if (getnameinfo(&c->peer_addr.addr[0].sa, -+ addr_len(c->peer_addr.addr[0]), -+ xforw + 17, IPLEN, NULL, 0, -+ NI_NUMERICHOST) == 0) { -+ strcat(xforw + 17, "\r\n"); -+ buffer_insert(c->ssl_buff, &last, &c->ssl_ptr, -+ c->buffsize, xforw); -+ } -+ /* last still points to the \r\n and ssl_ptr to the -+ * end of the buffer, so we may add as many headers -+ * as wee need to. -+ */ -+ } -+ } -+ } -+ else -+ c->ssl_ptr+=num; -+ - watchdog=0; /* reset watchdog */ - break; - case SSL_ERROR_WANT_WRITE: -diff -ru stunnel-4.35/src/common.h stunnel-4.35-xforwarded-for/src/common.h ---- stunnel-4.35/src/common.h 2010-09-14 17:00:36.000000000 +0200 -+++ stunnel-4.35-xforwarded-for/src/common.h 2010-12-06 21:56:08.770829792 +0100 -@@ -53,6 +53,9 @@ - /* I/O buffer size */ - #define BUFFSIZE 16384 - -+/* maximum space reserved for header insertion in BUFFSIZE */ -+#define BUFF_RESERVED 1024 -+ - /* length of strings (including the terminating '\0' character) */ - /* it can't be lower than 256 bytes or NTLM authentication will break */ - #define STRLEN 256 -diff -ru stunnel-4.35/src/options.c stunnel-4.35-xforwarded-for/src/options.c ---- stunnel-4.35/src/options.c 2010-09-14 17:09:36.000000000 +0200 -+++ stunnel-4.35-xforwarded-for/src/options.c 2010-12-06 21:56:08.774829832 +0100 -@@ -818,6 +818,29 @@ - } - #endif - -+ /* xforwardedfor */ -+ switch(cmd) { -+ case CMD_INIT: -+ section->option.xforwardedfor=0; -+ break; -+ case CMD_EXEC: -+ if(strcasecmp(opt, "xforwardedfor")) -+ break; -+ if(!strcasecmp(arg, "yes")) -+ section->option.xforwardedfor=1; -+ else if(!strcasecmp(arg, "no")) -+ section->option.xforwardedfor=0; -+ else -+ return "argument should be either 'yes' or 'no'"; -+ return NULL; /* OK */ -+ case CMD_DEFAULT: -+ break; -+ case CMD_HELP: -+ s_log(LOG_NOTICE, "%-15s = yes|no append an HTTP X-Forwarded-For header", -+ "xforwardedfor"); -+ break; -+ } -+ - /* exec */ - switch(cmd) { - case CMD_INIT: -diff -ru stunnel-4.35/src/prototypes.h stunnel-4.35-xforwarded-for/src/prototypes.h ---- stunnel-4.35/src/prototypes.h 2010-09-14 17:09:50.000000000 +0200 -+++ stunnel-4.35-xforwarded-for/src/prototypes.h 2010-12-06 21:56:08.774829832 +0100 -@@ -171,6 +171,7 @@ - struct { - unsigned int client:1; - unsigned int delayed_lookup:1; -+ unsigned int xforwardedfor:1; - unsigned int accept:1; - unsigned int remote:1; - unsigned int retry:1; /* loop remote+program */ -@@ -346,6 +347,8 @@ - FD *ssl_rfd, *ssl_wfd; /* read and write SSL descriptors */ - int sock_bytes, ssl_bytes; /* bytes written to socket and ssl */ - s_poll_set fds; /* file descriptors */ -+ int buffsize; /* current buffer size, may be lower than BUFFSIZE */ -+ int crlf_seen; /* the number of successive CRLF seen */ - } CLI; - - extern int max_fds, max_clients; diff --git a/net-misc/stunnel/files/stunnel-4.36-listen-queue.diff b/net-misc/stunnel/files/stunnel-4.36-listen-queue.diff deleted file mode 100644 index ff231255ff3d..000000000000 --- a/net-misc/stunnel/files/stunnel-4.36-listen-queue.diff +++ /dev/null @@ -1,51 +0,0 @@ -diff -urN stunnel-4.36/src/options.c stunnel-4.36-new/src/options.c ---- stunnel-4.36/src/options.c 2011-04-30 15:14:02.000000000 -0700 -+++ stunnel-4.36-new/src/options.c 2011-05-26 11:42:10.455120934 -0700 -@@ -1484,6 +1484,24 @@ - break; - } - -+ /* listenqueue */ -+ switch(cmd) { -+ case CMD_INIT: -+ section->listenqueue=SOMAXCONN; -+ break; -+ case CMD_EXEC: -+ if(strcasecmp(opt, "listenqueue")) -+ break; -+ section->listenqueue=atoi(arg); -+ return (section->listenqueue?NULL:"Bad verify level"); -+ case CMD_DEFAULT: -+ s_log(LOG_NOTICE, "%-15s = %d", "listenqueue", SOMAXCONN); -+ break; -+ case CMD_HELP: -+ s_log(LOG_NOTICE, "%-15s = defines the maximum length the queue of pending connections may grow to", "listenqueue"); -+ break; -+ } -+ - if(cmd==CMD_EXEC) - return option_not_found; - return NULL; /* OK */ -diff -urN stunnel-4.36/src/prototypes.h stunnel-4.36-new/src/prototypes.h ---- stunnel-4.36/src/prototypes.h 2011-05-01 11:18:01.000000000 -0700 -+++ stunnel-4.36-new/src/prototypes.h 2011-05-26 11:42:33.285154425 -0700 -@@ -158,6 +158,7 @@ - int timeout_close; /* maximum close_notify time */ - int timeout_connect; /* maximum connect() time */ - int timeout_idle; /* maximum idle connection time */ -+ int listenqueue; /* Listen baklog */ - enum {FAILOVER_RR, FAILOVER_PRIO} failover; /* failover strategy */ - - /* protocol name for protocol.c */ -diff -urN stunnel-4.36/src/stunnel.c stunnel-4.36-new/src/stunnel.c ---- stunnel-4.36/src/stunnel.c 2011-05-02 14:51:02.000000000 -0700 -+++ stunnel-4.36-new/src/stunnel.c 2011-05-26 11:46:37.775513010 -0700 -@@ -241,7 +241,7 @@ - } - s_log(LOG_DEBUG, "Service %s bound to %s", - opt->servname, opt->local_address); -- if(listen(opt->fd, SOMAXCONN)) { -+ if(listen(opt->fd, opt->listenqueue)) { - sockerror("listen"); - return 0; - } diff --git a/net-misc/stunnel/files/stunnel-4.36-xforwarded-for.diff b/net-misc/stunnel/files/stunnel-4.36-xforwarded-for.diff deleted file mode 100644 index 3520ad19dfae..000000000000 --- a/net-misc/stunnel/files/stunnel-4.36-xforwarded-for.diff +++ /dev/null @@ -1,249 +0,0 @@ -diff -urN stunnel-4.36/doc/stunnel.8 stunnel-4.36-new//doc/stunnel.8 ---- stunnel-4.36/doc/stunnel.8 2011-04-27 14:02:40.000000000 -0700 -+++ stunnel-4.36-new//doc/stunnel.8 2011-05-26 11:37:07.024675893 -0700 -@@ -556,6 +556,10 @@ - .IP "\fBTIMEOUTidle\fR = seconds" 4 - .IX Item "TIMEOUTidle = seconds" - time to keep an idle connection -+.IP "\fBxforwardedfor\fR = yes | no" 4 -+.IX Item "xforwardedfor = yes | no" -+append an 'X-Forwarded-For:' HTTP request header providing the -+client's IP address to the server. - .IP "\fBtransparent\fR = none | source | destination | both (Unix only)" 4 - .IX Item "transparent = none | source | destination | both (Unix only)" - enable transparent proxy support on selected platforms -diff -urN stunnel-4.36/doc/stunnel.fr.8 stunnel-4.36-new//doc/stunnel.fr.8 ---- stunnel-4.36/doc/stunnel.fr.8 2011-02-09 11:37:46.000000000 -0800 -+++ stunnel-4.36-new//doc/stunnel.fr.8 2011-05-26 11:37:07.024675893 -0700 -@@ -394,6 +394,10 @@ - .IP "\fBTIMEOUTidle\fR = secondes" 4 - .IX Item "TIMEOUTidle = secondes" - Durée d'attente sur une connexion inactive -+.IP "\fBxforwardedfor\fR = yes | no" 4 -+.IX Item "xforwardedfor = yes | no" -+Ajoute un en-tête 'X-Forwarded-For:' dans la requête HTTP fournissant -+au serveur l'adresse IP du client. - .IP "\fBtransparent\fR = yes | no (Unix seulement)" 4 - .IX Item "transparent = yes | no (Unix seulement)" - Mode mandataire transparent -diff -urN stunnel-4.36/src/client.c stunnel-4.36-new//src/client.c ---- stunnel-4.36/src/client.c 2011-05-02 09:12:53.000000000 -0700 -+++ stunnel-4.36-new//src/client.c 2011-05-26 11:37:07.024675893 -0700 -@@ -86,6 +86,12 @@ - return NULL; - } - c->opt=opt; -+ /* some options need space to add some information */ -+ if (c->opt->option.xforwardedfor) -+ c->buffsize = BUFFSIZE - BUFF_RESERVED; -+ else -+ c->buffsize = BUFFSIZE; -+ c->crlf_seen=0; - c->local_rfd.fd=rfd; - c->local_wfd.fd=wfd; - return c; -@@ -381,6 +387,28 @@ - } - } - -+/* Moves all data from the buffer <buffer> between positions <start> and <stop> -+ * to insert <string> of length <len>. <start> and <stop> are updated to their -+ * new respective values, and the number of characters inserted is returned. -+ * If <len> is too long, nothing is done and -1 is returned. -+ * Note that neither <string> nor <buffer> can be NULL. -+ */ -+static int buffer_insert_with_len(char *buffer, int *start, int *stop, int limit, char *string, int len) { -+ if (len > limit - *stop) -+ return -1; -+ if (*start > *stop) -+ return -1; -+ memmove(buffer + *start + len, buffer + *start, *stop - *start); -+ memcpy(buffer + *start, string, len); -+ *start += len; -+ *stop += len; -+ return len; -+} -+ -+static int buffer_insert(char *buffer, int *start, int *stop, int limit, char *string) { -+ return buffer_insert_with_len(buffer, start, stop, limit, string, strlen(string)); -+} -+ - /****************************** transfer data */ - static void transfer(CLI *c) { - int watchdog=0; /* a counter to detect an infinite loop */ -@@ -399,7 +427,7 @@ - do { /* main loop of client data transfer */ - /****************************** initialize *_wants_* */ - read_wants_read= -- ssl_open_rd && c->ssl_ptr<BUFFSIZE && !read_wants_write; -+ ssl_open_rd && c->ssl_ptr<c->buffsize && !read_wants_write; - write_wants_write= - ssl_open_wr && c->sock_ptr && !write_wants_read; - -@@ -408,7 +436,7 @@ - /* for plain socket open data strem = open file descriptor */ - /* make sure to add each open socket to receive exceptions! */ - if(sock_open_rd) -- s_poll_add(&c->fds, c->sock_rfd->fd, c->sock_ptr<BUFFSIZE, 0); -+ s_poll_add(&c->fds, c->sock_rfd->fd, c->sock_ptr<c->buffsize, 0); - if(sock_open_wr) - s_poll_add(&c->fds, c->sock_wfd->fd, 0, c->ssl_ptr); - /* for SSL assume that sockets are open if there any pending requests */ -@@ -542,7 +570,7 @@ - /****************************** read from socket */ - if(sock_open_rd && sock_can_rd) { - num=readsocket(c->sock_rfd->fd, -- c->sock_buff+c->sock_ptr, BUFFSIZE-c->sock_ptr); -+ c->sock_buff+c->sock_ptr, c->buffsize-c->sock_ptr); - switch(num) { - case -1: - parse_socket_error(c, "readsocket"); -@@ -578,7 +606,7 @@ - /****************************** update *_wants_* based on new *_ptr */ - /* this update is also required for SSL_pending() to be used */ - read_wants_read= -- ssl_open_rd && c->ssl_ptr<BUFFSIZE && !read_wants_write; -+ ssl_open_rd && c->ssl_ptr<c->buffsize && !read_wants_write; - write_wants_write= - ssl_open_wr && c->sock_ptr && !write_wants_read; - -@@ -588,10 +616,71 @@ - * writesocket() above made some room in c->ssl_buff */ - (read_wants_write && ssl_can_wr)) { - read_wants_write=0; -- num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, BUFFSIZE-c->ssl_ptr); -+ num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, c->buffsize-c->ssl_ptr); - switch(err=SSL_get_error(c->ssl, num)) { - case SSL_ERROR_NONE: -- c->ssl_ptr+=num; -+ if (c->buffsize != BUFFSIZE && c->opt->option.xforwardedfor) { /* some work left to do */ -+ int last = c->ssl_ptr; -+ c->ssl_ptr += num; -+ -+ /* Look for end of HTTP headers between last and ssl_ptr. -+ * To achieve this reliably, we have to count the number of -+ * successive [CR]LF and to memorize it in case it's spread -+ * over multiple segments. --WT. -+ */ -+ while (last < c->ssl_ptr) { -+ if (c->ssl_buff[last] == '\n') { -+ if (++c->crlf_seen == 2) -+ break; -+ } else if (last < c->ssl_ptr - 1 && -+ c->ssl_buff[last] == '\r' && -+ c->ssl_buff[last+1] == '\n') { -+ if (++c->crlf_seen == 2) -+ break; -+ last++; -+ } else if (c->ssl_buff[last] != '\r') -+ /* don't refuse '\r' because we may get a '\n' on next read */ -+ c->crlf_seen = 0; -+ last++; -+ } -+ if (c->crlf_seen >= 2) { -+ /* We have all the HTTP headers now. We don't need to -+ * reserve any space anymore. <ssl_ptr> points to the -+ * first byte of unread data, and <last> points to the -+ * exact location where we want to insert our headers, -+ * which is right before the empty line. -+ */ -+ c->buffsize = BUFFSIZE; -+ -+ if (c->opt->option.xforwardedfor) { -+ /* X-Forwarded-For: xxxx \r\n\0 */ -+ char xforw[17 + IPLEN + 3]; -+ -+ /* We will insert our X-Forwarded-For: header here. -+ * We need to write the IP address, but if we use -+ * sprintf, it will pad with the terminating 0. -+ * So we will pass via a temporary buffer allocated -+ * on the stack. -+ */ -+ memcpy(xforw, "X-Forwarded-For: ", 17); -+ if (getnameinfo(&c->peer_addr.addr[0].sa, -+ addr_len(c->peer_addr.addr[0]), -+ xforw + 17, IPLEN, NULL, 0, -+ NI_NUMERICHOST) == 0) { -+ strcat(xforw + 17, "\r\n"); -+ buffer_insert(c->ssl_buff, &last, &c->ssl_ptr, -+ c->buffsize, xforw); -+ } -+ /* last still points to the \r\n and ssl_ptr to the -+ * end of the buffer, so we may add as many headers -+ * as wee need to. -+ */ -+ } -+ } -+ } -+ else -+ c->ssl_ptr+=num; -+ - watchdog=0; /* reset watchdog */ - break; - case SSL_ERROR_WANT_WRITE: -diff -urN stunnel-4.36/src/common.h stunnel-4.36-new//src/common.h ---- stunnel-4.36/src/common.h 2011-05-01 11:42:47.000000000 -0700 -+++ stunnel-4.36-new//src/common.h 2011-05-26 11:37:50.534739709 -0700 -@@ -52,6 +52,9 @@ - /* I/O buffer size */ - #define BUFFSIZE 16384 - -+/* maximum space reserved for header insertion in BUFFSIZE */ -+#define BUFF_RESERVED 1024 -+ - /* IP address and TCP port textual representation length */ - #define IPLEN 128 - -diff -urN stunnel-4.36/src/options.c stunnel-4.36-new//src/options.c ---- stunnel-4.36/src/options.c 2011-04-30 15:14:02.000000000 -0700 -+++ stunnel-4.36-new//src/options.c 2011-05-26 11:37:07.034675915 -0700 -@@ -818,6 +818,29 @@ - } - #endif - -+ /* xforwardedfor */ -+ switch(cmd) { -+ case CMD_INIT: -+ section->option.xforwardedfor=0; -+ break; -+ case CMD_EXEC: -+ if(strcasecmp(opt, "xforwardedfor")) -+ break; -+ if(!strcasecmp(arg, "yes")) -+ section->option.xforwardedfor=1; -+ else if(!strcasecmp(arg, "no")) -+ section->option.xforwardedfor=0; -+ else -+ return "argument should be either 'yes' or 'no'"; -+ return NULL; /* OK */ -+ case CMD_DEFAULT: -+ break; -+ case CMD_HELP: -+ s_log(LOG_NOTICE, "%-15s = yes|no append an HTTP X-Forwarded-For header", -+ "xforwardedfor"); -+ break; -+ } -+ - /* exec */ - switch(cmd) { - case CMD_INIT: -diff -urN stunnel-4.36/src/prototypes.h stunnel-4.36-new//src/prototypes.h ---- stunnel-4.36/src/prototypes.h 2011-05-01 11:18:01.000000000 -0700 -+++ stunnel-4.36-new//src/prototypes.h 2011-05-26 11:37:07.034675915 -0700 -@@ -171,6 +171,7 @@ - struct { - unsigned int client:1; - unsigned int delayed_lookup:1; -+ unsigned int xforwardedfor:1; - unsigned int accept:1; - unsigned int remote:1; - unsigned int retry:1; /* loop remote+program */ -@@ -351,6 +352,8 @@ - FD *ssl_rfd, *ssl_wfd; /* read and write SSL descriptors */ - int sock_bytes, ssl_bytes; /* bytes written to socket and ssl */ - s_poll_set fds; /* file descriptors */ -+ int buffsize; /* current buffer size, may be lower than BUFFSIZE */ -+ int crlf_seen; /* the number of successive CRLF seen */ - } CLI; - - CLI *alloc_client_session(SERVICE_OPTIONS *, int, int); diff --git a/net-misc/stunnel/stunnel-4.25.ebuild b/net-misc/stunnel/stunnel-4.25.ebuild deleted file mode 100644 index 6b9349fa72f2..000000000000 --- a/net-misc/stunnel/stunnel-4.25.ebuild +++ /dev/null @@ -1,81 +0,0 @@ -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/stunnel-4.25.ebuild,v 1.9 2009/09/24 18:36:42 ramereth Exp $ - -inherit autotools ssl-cert eutils - -DESCRIPTION="TLS/SSL - Port Wrapper" -HOMEPAGE="http://stunnel.mirt.net/" -SRC_URI="http://www.stunnel.org/download/stunnel/src/${P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="alpha amd64 arm hppa ~ia64 ppc ppc64 sparc x86" -IUSE="ipv6 selinux tcpd" - -DEPEND="tcpd? ( sys-apps/tcp-wrappers ) - >=dev-libs/openssl-0.9.6j" -RDEPEND="${DEPEND} - selinux? ( sec-policy/selinux-stunnel )" - -pkg_setup() { - enewgroup stunnel - enewuser stunnel -1 -1 -1 stunnel -} - -src_unpack() { - unpack ${A} - cd "${S}" - epatch "${FILESDIR}/${PN}-4.21-libwrap.patch" - eautoreconf - - # Hack away generation of certificate - sed -i -e "s/^install-data-local:/do-not-run-this:/" \ - tools/Makefile.in || die "sed failed" -} - -src_compile() { - econf $(use_enable ipv6) \ - $(use_enable tcpd libwrap) || die "econf died" - emake || die "emake died" -} - -src_install() { - emake DESTDIR="${D}" install || die "emake install failed" - rm -rf "${D}"/usr/share/doc/${PN} - rm -f "${D}"/etc/stunnel/stunnel.conf-sample "${D}"/usr/bin/stunnel3 \ - "${D}"/usr/share/man/man8/stunnel.{fr,pl}.8 - - # The binary was moved to /usr/bin with 4.21, - # symlink for backwards compatibility - dosym ../bin/stunnel /usr/sbin/stunnel - - dodoc AUTHORS BUGS CREDITS PORTS README TODO ChangeLog doc/en/transproxy.txt - dohtml doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html \ - tools/importCA.html - - insinto /etc/stunnel - doins "${FILESDIR}"/stunnel.conf - newinitd "${FILESDIR}"/stunnel.rc6 stunnel - - keepdir /var/run/stunnel - fowners stunnel:stunnel /var/run/stunnel -} - -pkg_postinst() { - if [ ! -f "${ROOT}"/etc/stunnel/stunnel.key ]; then - install_cert /etc/stunnel/stunnel - chown stunnel:stunnel "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem} - chmod 0640 "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem} - fi - - if [ ! -z "$(grep /etc/stunnel/stunnel.pid \ - "${ROOT}"/etc/stunnel/stunnel.conf )" ] ; then - - ewarn "As of stunnel-4.09, the pid file will be located in /var/run/stunnel." - ewarn "Please stop stunnel, etc-update, and start stunnel back up to ensure" - ewarn "the update takes place" - ewarn - ewarn "The new location will be /var/run/stunnel/stunnel.pid" - fi -} diff --git a/net-misc/stunnel/stunnel-4.33.ebuild b/net-misc/stunnel/stunnel-4.33.ebuild deleted file mode 100644 index f2648d6ae910..000000000000 --- a/net-misc/stunnel/stunnel-4.33.ebuild +++ /dev/null @@ -1,75 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/stunnel-4.33.ebuild,v 1.3 2011/05/26 18:25:22 ramereth Exp $ - -EAPI="2" - -inherit autotools ssl-cert eutils - -DESCRIPTION="TLS/SSL - Port Wrapper" -HOMEPAGE="http://stunnel.mirt.net/" -SRC_URI="http://www.stunnel.org/download/stunnel/src/${P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc x86" -IUSE="ipv6 selinux tcpd xforward" - -DEPEND="tcpd? ( sys-apps/tcp-wrappers ) - >=dev-libs/openssl-0.9.8k" -RDEPEND="${DEPEND} - selinux? ( sec-policy/selinux-stunnel )" - -pkg_setup() { - enewgroup stunnel - enewuser stunnel -1 -1 -1 stunnel -} - -src_prepare() { - epatch "${FILESDIR}/${PN}-4.21-libwrap.patch" - use xforward && epatch "${FILESDIR}/${PN}-4.31-x-forwarded-for.patch" - eautoreconf - - # Hack away generation of certificate - sed -i -e "s/^install-data-local:/do-not-run-this:/" \ - tools/Makefile.in || die "sed failed" -} - -src_configure() { - econf $(use_enable ipv6) \ - $(use_enable tcpd libwrap) || die "econf died" -} - -src_install() { - emake DESTDIR="${D}" install || die "emake install failed" - rm -rf "${D}"/usr/share/doc/${PN} - rm -f "${D}"/etc/stunnel/stunnel.conf-sample "${D}"/usr/bin/stunnel3 \ - "${D}"/usr/share/man/man8/stunnel.{fr,pl}.8 - - # The binary was moved to /usr/bin with 4.21, - # symlink for backwards compatibility - dosym ../bin/stunnel /usr/sbin/stunnel - - dodoc AUTHORS BUGS CREDITS PORTS README TODO ChangeLog - dohtml doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html \ - tools/importCA.html - - insinto /etc/stunnel - doins "${FILESDIR}"/stunnel.conf - newinitd "${FILESDIR}"/stunnel.initd stunnel - - keepdir /var/run/stunnel - fowners stunnel:stunnel /var/run/stunnel -} - -pkg_postinst() { - if [ ! -f "${ROOT}"/etc/stunnel/stunnel.key ]; then - install_cert /etc/stunnel/stunnel - chown stunnel:stunnel "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem} - chmod 0640 "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem} - fi - - einfo "If you want to run multiple instances of stunnel, create a new config" - einfo "file ending with .conf in /etc/stunnel/. **Make sure** you change " - einfo "\'pid= \' with a unique filename." -} diff --git a/net-misc/stunnel/stunnel-4.35.ebuild b/net-misc/stunnel/stunnel-4.35.ebuild deleted file mode 100644 index 6f613889327e..000000000000 --- a/net-misc/stunnel/stunnel-4.35.ebuild +++ /dev/null @@ -1,76 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/stunnel-4.35.ebuild,v 1.5 2011/05/28 16:49:54 armin76 Exp $ - -EAPI="2" - -inherit autotools ssl-cert eutils - -DESCRIPTION="TLS/SSL - Port Wrapper" -HOMEPAGE="http://stunnel.mirt.net/" -SRC_URI="ftp://ftp.stunnel.org/stunnel/${P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 ~s390 sparc x86" -IUSE="ipv6 selinux tcpd xforward listen-queue" - -DEPEND="tcpd? ( sys-apps/tcp-wrappers ) - >=dev-libs/openssl-0.9.8k" -RDEPEND="${DEPEND} - selinux? ( sec-policy/selinux-stunnel )" - -pkg_setup() { - enewgroup stunnel - enewuser stunnel -1 -1 -1 stunnel -} - -src_prepare() { - epatch "${FILESDIR}/${PN}-4.35-libwrap.patch" - use xforward && epatch "${FILESDIR}/stunnel-4.35-xforwarded-for.diff" - use listen-queue && epatch "${FILESDIR}/stunnel-4.34-listen-queue.diff" - eautoreconf - - # Hack away generation of certificate - sed -i -e "s/^install-data-local:/do-not-run-this:/" \ - tools/Makefile.in || die "sed failed" -} - -src_configure() { - econf $(use_enable ipv6) \ - $(use_enable tcpd libwrap) || die "econf died" -} - -src_install() { - emake DESTDIR="${D}" install || die "emake install failed" - rm -rf "${D}"/usr/share/doc/${PN} - rm -f "${D}"/etc/stunnel/stunnel.conf-sample "${D}"/usr/bin/stunnel3 \ - "${D}"/usr/share/man/man8/stunnel.{fr,pl}.8 - - # The binary was moved to /usr/bin with 4.21, - # symlink for backwards compatibility - dosym ../bin/stunnel /usr/sbin/stunnel - - dodoc AUTHORS BUGS CREDITS PORTS README TODO ChangeLog - dohtml doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html \ - tools/importCA.html - - insinto /etc/stunnel - doins "${FILESDIR}"/stunnel.conf - newinitd "${FILESDIR}"/stunnel.initd stunnel - - keepdir /var/run/stunnel - fowners stunnel:stunnel /var/run/stunnel -} - -pkg_postinst() { - if [ ! -f "${ROOT}"/etc/stunnel/stunnel.key ]; then - install_cert /etc/stunnel/stunnel - chown stunnel:stunnel "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem} - chmod 0640 "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem} - fi - - einfo "If you want to run multiple instances of stunnel, create a new config" - einfo "file ending with .conf in /etc/stunnel/. **Make sure** you change " - einfo "\'pid= \' with a unique filename." -} diff --git a/net-misc/stunnel/stunnel-4.36.ebuild b/net-misc/stunnel/stunnel-4.36.ebuild deleted file mode 100644 index 3a89bae55a12..000000000000 --- a/net-misc/stunnel/stunnel-4.36.ebuild +++ /dev/null @@ -1,75 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/stunnel-4.36.ebuild,v 1.1 2011/05/26 18:55:27 ramereth Exp $ - -EAPI="2" - -inherit autotools ssl-cert eutils - -DESCRIPTION="TLS/SSL - Port Wrapper" -HOMEPAGE="http://stunnel.mirt.net/" -SRC_URI="ftp://ftp.stunnel.org/stunnel/${P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc ~x86" -IUSE="ipv6 selinux tcpd xforward listen-queue" - -DEPEND="tcpd? ( sys-apps/tcp-wrappers ) - >=dev-libs/openssl-0.9.8k" -RDEPEND="${DEPEND} - selinux? ( sec-policy/selinux-stunnel )" - -pkg_setup() { - enewgroup stunnel - enewuser stunnel -1 -1 -1 stunnel -} - -src_prepare() { - use xforward && epatch "${FILESDIR}/stunnel-4.36-xforwarded-for.diff" - use listen-queue && epatch "${FILESDIR}/stunnel-4.36-listen-queue.diff" - eautoreconf - - # Hack away generation of certificate - sed -i -e "s/^install-data-local:/do-not-run-this:/" \ - tools/Makefile.in || die "sed failed" -} - -src_configure() { - econf $(use_enable ipv6) \ - $(use_enable tcpd libwrap) || die "econf died" -} - -src_install() { - emake DESTDIR="${D}" install || die "emake install failed" - rm -rf "${D}"/usr/share/doc/${PN} - rm -f "${D}"/etc/stunnel/stunnel.conf-sample "${D}"/usr/bin/stunnel3 \ - "${D}"/usr/share/man/man8/stunnel.{fr,pl}.8 - - # The binary was moved to /usr/bin with 4.21, - # symlink for backwards compatibility - dosym ../bin/stunnel /usr/sbin/stunnel - - dodoc AUTHORS BUGS CREDITS PORTS README TODO ChangeLog - dohtml doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html \ - tools/importCA.html - - insinto /etc/stunnel - doins "${FILESDIR}"/stunnel.conf - newinitd "${FILESDIR}"/stunnel.initd stunnel - - keepdir /var/run/stunnel - fowners stunnel:stunnel /var/run/stunnel -} - -pkg_postinst() { - if [ ! -f "${ROOT}"/etc/stunnel/stunnel.key ]; then - install_cert /etc/stunnel/stunnel - chown stunnel:stunnel "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem} - chmod 0640 "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem} - fi - - einfo "If you want to run multiple instances of stunnel, create a new config" - einfo "file ending with .conf in /etc/stunnel/. **Make sure** you change " - einfo "\'pid= \' with a unique filename." -} |