diff options
Diffstat (limited to 'community/stunnel')
-rw-r--r-- | community/stunnel/APKBUILD | 58 | ||||
-rw-r--r-- | community/stunnel/stunnel.conf | 61 | ||||
-rw-r--r-- | community/stunnel/stunnel.initd | 55 | ||||
-rw-r--r-- | community/stunnel/stunnel.pre-install | 6 |
4 files changed, 180 insertions, 0 deletions
diff --git a/community/stunnel/APKBUILD b/community/stunnel/APKBUILD new file mode 100644 index 0000000000..41bcb45700 --- /dev/null +++ b/community/stunnel/APKBUILD @@ -0,0 +1,58 @@ +# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net> +# Contributor: Dean Takemori <deant@hawaii.rr.com> +# Contributor: Jakub Jirutka <jakub@jirutka.cz> +# Maintainer: Jakub Jirutka <jakub@jirutka.cz> +pkgname=stunnel +pkgver=5.35 +pkgrel=1 +pkgdesc="SSL encryption wrapper between network client and server." +url="http://www.stunnel.org/" +arch="all" +license="GPL2+ with OpenSSL exception" +depends="openssl" +makedepends="openssl-dev" +subpackages="$pkgname-doc" +install="$pkgname.pre-install" +source="https://www.stunnel.org/downloads/$pkgname-$pkgver.tar.gz + stunnel.initd + stunnel.conf" +builddir="$srcdir/$pkgname-$pkgver" + +build() { + cd "$builddir" + ./configure \ + --build=$CBUILD \ + --host=$CHOST \ + --prefix=/usr \ + --sysconfdir=/etc \ + --mandir=/usr/share/man \ + --localstatedir=/var \ + --disable-fips \ + || return 1 + make || return 1 +} + +package() { + cd "$builddir" + + make DESTDIR="$pkgdir" install || return 1 + + install -Dm755 "$srcdir"/stunnel.initd \ + "$pkgdir"/etc/init.d/stunnel || return 1 + install -m644 "$srcdir"/stunnel.conf \ + "$pkgdir"/etc/stunnel/stunnel.conf || return 1 + + mkdir -p "$pkgdir"/usr/share/doc/$pkgname/examples/ + mv "$pkgdir"/etc/stunnel/stunnel.conf-sample \ + "$pkgdir"/usr/share/doc/$pkgname/examples/ +} + +md5sums="9079f5fafbccaf88b7d92b227d78249a stunnel-5.35.tar.gz +da32978d82c03158d7b947e10b1ba284 stunnel.initd +f1227c57d136eb7db3853844f683916a stunnel.conf" +sha256sums="ffa386ae4c825f35f35157c285e7402a6d58779ad8c3822f74a9d355b54aba1d stunnel-5.35.tar.gz +01c7c7f43cebb299659cd344a98bc64418d516f6530d0b24772d70bb1d56847e stunnel.initd +42971d32e5e79490564d2f71d6a47bbe4aaabd740ba75b75e38207ea0845fec1 stunnel.conf" +sha512sums="cdec7ddafbfac4a1d420704baec72fedbd655871137ec8283c066203c0859019c6e11ce00647e5b471a019409e4eb5e9525166eddd7ddffa25055b95c0cacd9e stunnel-5.35.tar.gz +33e215413e08fdd5783cc76e6ba6a2342fb6d0573f801815c4d3022625e71be6c9739d47a7a61bf7c803f27911b9c92cf6ae3e522add040f83802e1aaeaee000 stunnel.initd +a72bfddeb74787d58c9fd24782d86c0498ce3530a43fbdd4ec4c4b57baa6257b6ef21005aca274b22c4a22cdbbbcee63dd3d841f458af248db9c69e8d59fa56f stunnel.conf" diff --git a/community/stunnel/stunnel.conf b/community/stunnel/stunnel.conf new file mode 100644 index 0000000000..4bc301d479 --- /dev/null +++ b/community/stunnel/stunnel.conf @@ -0,0 +1,61 @@ +# Sample stunnel configuration file by Michal Trojnara 2002-2005 +# Some options used here may not be adequate for your particular configuration +# Please make sure you understand them (especially the effect of chroot jail) + +# Certificate/key is needed in server mode and optional in client mode +# cert = /etc/stunnel/stunnel.pem +# key = /etc/stunnel/stunnel.pem + +# Some security enhancements for UNIX systems - comment them out on Win32 +# chroot = /chroot/stunnel/ +setuid = stunnel +setgid = stunnel +# PID is created inside chroot jail +pid = /run/stunnel/stunnel.pid + +# Some performance tunings +socket = l:TCP_NODELAY=1 +socket = r:TCP_NODELAY=1 +#compression = rle + +# Workaround for Eudora bug +#options = DONT_INSERT_EMPTY_FRAGMENTS + +# Authentication stuff +#verify = 2 +# Don't forget to c_rehash CApath +# CApath is located inside chroot jail: +#CApath = /certs +# It's often easier to use CAfile: +#CAfile = /etc/stunnel/certs.pem +# Don't forget to c_rehash CRLpath +# CRLpath is located inside chroot jail: +#CRLpath = /crls +# Alternatively you can use CRLfile: +#CRLfile = /etc/stunnel/crls.pem + +# Some debugging stuff useful for troubleshooting +#debug = 7 +#output = stunnel.log + +# Use it for client mode +client = yes + +# Service-level configuration + +#[pop3s] +#accept = 995 +#connect = 110 + +#[imaps] +#accept = 993 +#connect = 143 + +#[ssmtp] +#accept = 465 +#connect = 25 + +#[https] +#accept = 443 +#connect = 80 +#TIMEOUTclose = 0 diff --git a/community/stunnel/stunnel.initd b/community/stunnel/stunnel.initd new file mode 100644 index 0000000000..6b8ab0335b --- /dev/null +++ b/community/stunnel/stunnel.initd @@ -0,0 +1,55 @@ +#!/sbin/openrc-run + +instance_name="${SVCNAME#*.}" +instance_name="${instance_name:-stunnel}" +config_file="${STUNNEL_CONFIGFILE:-/etc/stunnel/$instance_name.conf}" + +extra_started_commands="reload" + +command="/usr/bin/stunnel" +command_args="$config_file $STUNNEL_OPTIONS" +pidfile="/run/stunnel/$instance_name.pid" # default value + +required_files="$config_file" + + +depend() { + need net + before logger +} + +start_pre() { + pidfile=$(config_get "pid" "$pidfile") + + local chroot_dir=$(config_get "chroot") + [ -z "$chroot_dir" ] || start_stop_daemon_args="--chroot $chroot_dir" + + local user=$(config_get "setuid" "stunnel") + local group=$(config_get "setgid" "stunnel") + + checkpath -d -m 0775 -o root:$group /run/stunnel + + if [ ! "$(dirname "$pidfile")" -ef "/run" ]; then + checkpath -d -m 0755 -o $user:$group "$(dirname "$pidfile")" + fi +} + +stop_pre() { + pidfile=$(config_get "pid" "$pidfile") +} + +reload() { + pidfile=$(config_get "pid" "$pidfile") + + ebegin "Reloading $SVCNAME" + start-stop-daemon --signal HUP --pidfile "$pidfile" --name stunnel + eend $? +} + +config_get() { + local key="$1" + local default="${2:-}" + + local val="$(sed -En "s|^$key\s*=\s*(.*)\s*$|\1|p" "$config_file")" + echo "${val:-$default}" +} diff --git a/community/stunnel/stunnel.pre-install b/community/stunnel/stunnel.pre-install new file mode 100644 index 0000000000..972669c12a --- /dev/null +++ b/community/stunnel/stunnel.pre-install @@ -0,0 +1,6 @@ +#!/bin/sh + +addgroup -S stunnel 2>/dev/null +adduser -S -D -H -h /dev/null -s /sbin/nologin -G stunnel -g stunnel stunnel 2>/dev/null + +exit 0 |