diff options
-rw-r--r-- | testing/stunnel/APKBUILD | 28 | ||||
-rw-r--r-- | testing/stunnel/stunnel.conf | 61 | ||||
-rw-r--r-- | testing/stunnel/stunnel.initd | 43 |
3 files changed, 126 insertions, 6 deletions
diff --git a/testing/stunnel/APKBUILD b/testing/stunnel/APKBUILD index 36aebb651b..9f124c760e 100644 --- a/testing/stunnel/APKBUILD +++ b/testing/stunnel/APKBUILD @@ -1,7 +1,7 @@ # Contributor: Dean Takemori <deant@hawaii.rr.com> # Maintainer: pkgname=stunnel -pkgver=4.55 +pkgver=5.01 pkgrel=0 pkgdesc="SSL encryption wrapper between network client and server." url="http://www.stunnel.org/" @@ -12,7 +12,10 @@ depends_dev="openssl-dev" makedepends="$depends_dev" subpackages="$pkgname-doc" install="" -source="ftp://ftp.stunnel.org/stunnel/$pkgname-$pkgver.tar.gz" +source="ftp://ftp.stunnel.org/stunnel/$pkgname-$pkgver.tar.gz + stunnel.initd + stunnel.conf + " _builddir="$srcdir/$pkgname-$pkgver" prepare() { @@ -23,16 +26,19 @@ prepare() { *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; esac done + update_config_sub || return 1 } build() { cd "$_builddir" ./configure \ + --build=$CBUILD \ + --host=$CHOST \ --prefix=/usr \ --sysconfdir=/etc \ --mandir=/usr/share/man \ - --infodir=/usr/share/info \ --localstatedir=/var \ + --disable-fips \ || return 1 make || return 1 } @@ -43,8 +49,18 @@ package() { install -m644 tools/stunnel.license \ "$pkgdir"/usr/share/doc/$pkgname/ || return 1 rm -f "$pkgdir"/usr/lib/stunnel/*.la + install -Dm755 "$srcdir"/stunnel.initd "$pkgdir"/etc/init.d/stunnel \ + || return 1 + install -m644 "$srcdir"/stunnel.conf \ + "$pkgdir"/etc/stunnel/stunnel.conf || return 1 } -md5sums="ebe6670368d30c6a01ca33b9c50cb239 stunnel-4.55.tar.gz" -sha256sums="5a4acecfabd454415c727435acdfca7dc46aa542998fb278293f494a6d36d37a stunnel-4.55.tar.gz" -sha512sums="47e6a707975395e4d3106927595b3a0627246f565687e3a0d56dc6620c1ba828755d4482d0e45b9a09300cc7855b76360056534b22b42f58d5041ea159aab7a1 stunnel-4.55.tar.gz" +md5sums="7b63266b6fa05da696729e245100da65 stunnel-5.01.tar.gz +326a99213c0859f066f0527291d8a94a stunnel.initd +9193cc027bed086a3852dc7189602f0b stunnel.conf" +sha256sums="2565bf58ffe8a612304c64df621105b2e42d6e389e815ed4205dbeec4f3f886b stunnel-5.01.tar.gz +65297430933a971e4c96b62666c478b6f37dfd1be5422d1b42fbfa117f445ae9 stunnel.initd +be8deb0e051f594e14c898c2ec8a4a6879adcd48a56286093653346d12c3f105 stunnel.conf" +sha512sums="6855ae37ef0cf7736a05dbbbe130b28c44e0bedb8e55b6cda8ed6149af1c94cd1c9dc27a78a48cabfdc30dda2c31ae98a4216e04efdc4051315138c2573db444 stunnel-5.01.tar.gz +413c6be816bd4e27cdc573a89968362cddcc77d211f745c8e9e3cb86e6a8d44ed54ddf191fda1857e5f99331412a215b80437f52edb4f8029dd05090659cae81 stunnel.initd +bbdd8d88f7dbadb7de1ebfc85e936e12b70ea5aae27c204e005b998246d834c367742f2d2b85de7e100cf245260f65acd17e1b6cb7a383651401e6304fc05a84 stunnel.conf" diff --git a/testing/stunnel/stunnel.conf b/testing/stunnel/stunnel.conf new file mode 100644 index 0000000000..4aa8b8c525 --- /dev/null +++ b/testing/stunnel/stunnel.conf @@ -0,0 +1,61 @@ +# Sample stunnel configuration file by Michal Trojnara 2002-2005 +# Some options used here may not be adequate for your particular configuration +# Please make sure you understand them (especially the effect of chroot jail) + +# Certificate/key is needed in server mode and optional in client mode +# cert = /etc/stunnel/stunnel.pem +# key = /etc/stunnel/stunnel.pem + +# Some security enhancements for UNIX systems - comment them out on Win32 +# chroot = /chroot/stunnel/ +setuid = stunnel +setgid = stunnel +# PID is created inside chroot jail +pid = /var/run/stunnel/stunnel.pid + +# Some performance tunings +socket = l:TCP_NODELAY=1 +socket = r:TCP_NODELAY=1 +#compression = rle + +# Workaround for Eudora bug +#options = DONT_INSERT_EMPTY_FRAGMENTS + +# Authentication stuff +#verify = 2 +# Don't forget to c_rehash CApath +# CApath is located inside chroot jail: +#CApath = /certs +# It's often easier to use CAfile: +#CAfile = /etc/stunnel/certs.pem +# Don't forget to c_rehash CRLpath +# CRLpath is located inside chroot jail: +#CRLpath = /crls +# Alternatively you can use CRLfile: +#CRLfile = /etc/stunnel/crls.pem + +# Some debugging stuff useful for troubleshooting +#debug = 7 +#output = stunnel.log + +# Use it for client mode +#client = yes + +# Service-level configuration + +#[pop3s] +#accept = 995 +#connect = 110 + +#[imaps] +#accept = 993 +#connect = 143 + +#[ssmtp] +#accept = 465 +#connect = 25 + +#[https] +#accept = 443 +#connect = 80 +#TIMEOUTclose = 0 diff --git a/testing/stunnel/stunnel.initd b/testing/stunnel/stunnel.initd new file mode 100644 index 0000000000..4d3202b17f --- /dev/null +++ b/testing/stunnel/stunnel.initd @@ -0,0 +1,43 @@ +#!/sbin/runscript +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/files/stunnel.initd-start-stop-daemon,v 1.3 2013/06/16 16:04:11 blueness Exp $ + +SERVICENAME=${SVCNAME#*.} +SERVICENAME=${SERVICENAME:-stunnel} +STUNNEL_CONFIGFILE=${STUNNEL_CONFIGFILE:-/etc/stunnel/${SERVICENAME}.conf} + +depend() { + need net + before logger +} + +get_config() { + if [ ! -e ${STUNNEL_CONFIGFILE} ] ; then + eerror "You need to create ${STUNNEL_CONFIGFILE} first." + return 1 + fi + CHROOT=$(grep "^chroot" ${STUNNEL_CONFIGFILE} | sed "s;.*= *;;") + [ -n "${CHROOT}" ] && CHROOT="--chroot ${CHROOT}" + PIDFILE=$(grep "^pid" ${STUNNEL_CONFIGFILE} | sed "s;.*= *;;") + PIDFILE=${PIDFILE:-/var/run/stunnel/${SERVICENAME}.pid} +} + +start() { + get_config || return 1 + checkpath -d -m 0775 -o root:stunnel /var/run/stunnel + if [ "$(dirname ${PIDFILE})" != "/var/run" ]; then + checkpath -d -m 0755 -o stunnel:stunnel -q $(dirname ${PIDFILE}) + fi + ebegin "Starting ${SVCNAME}" + start-stop-daemon --start --pidfile "${PIDFILE}" ${CHROOT} \ + --exec /usr/bin/stunnel -- ${STUNNEL_CONFIGFILE} ${STUNNEL_OPTIONS} + eend $? "Failed to start ${SVCNAME}" +} + +stop() { + get_config || return 1 + ebegin "Stopping ${SVCNAME}" + start-stop-daemon --stop --quiet --pidfile ${PIDFILE} + eend $? "Failed to stop ${SVCNAME}" +} |