diff --git a/stunnel-4.35.tar.gz b/stunnel-4.35.tar.gz deleted file mode 100644 index 16cff05..0000000 --- a/stunnel-4.35.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:a810e220498239483e14fae24eeb2a188a6167e9118958b903f8793768c4460f -size 541012 diff --git a/stunnel-4.36.tar.bz2 b/stunnel-4.36.tar.bz2 new file mode 100644 index 0000000..eb13d93 --- /dev/null +++ b/stunnel-4.36.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:91c5fb28603c20e7c6ec09726229157bd26b7b6924d419b5a96f3c41bd4b1403 +size 445523 diff --git a/stunnel-listenqueue-option.patch b/stunnel-listenqueue-option.patch new file mode 100644 index 0000000..3c40174 --- /dev/null +++ b/stunnel-listenqueue-option.patch @@ -0,0 +1,49 @@ +--- src/options.c ++++ src/options.c +@@ -1484,6 +1484,25 @@ + break; + } + ++ /* listenqueue */ ++ switch(cmd) { ++ case CMD_INIT: ++ section->listenqueue=SOMAXCONN; ++ break; ++ case CMD_EXEC: ++ if(strcasecmp(opt, "listenqueue")) ++ break; ++ section->listenqueue=atoi(arg); ++ return (section->listenqueue?NULL:"Bad verify level"); ++ case CMD_DEFAULT: ++ s_log(LOG_NOTICE, "%-15s = %d", "listenqueue", SOMAXCONN); ++ break; ++ case CMD_HELP: ++ s_log(LOG_NOTICE, "%-15s = defines the maximum length the queue of pending onnections may grow to (max SOMAXCONN)", "listenqueue"); ++ break; ++ } ++ ++ + if(cmd==CMD_EXEC) + return option_not_found; + return NULL; /* OK */ +--- src/prototypes.h ++++ src/prototypes.h +@@ -158,6 +158,7 @@ + int timeout_close; /* maximum close_notify time */ + int timeout_connect; /* maximum connect() time */ + int timeout_idle; /* maximum idle connection time */ ++ int listenqueue; /* Listen backlog */ + enum {FAILOVER_RR, FAILOVER_PRIO} failover; /* failover strategy */ + + /* protocol name for protocol.c */ +--- src/stunnel.c ++++ src/stunnel.c +@@ -241,7 +241,7 @@ + } + s_log(LOG_DEBUG, "Service %s bound to %s", + opt->servname, opt->local_address); +- if(listen(opt->fd, SOMAXCONN)) { ++ if(listen(opt->fd, opt->listenqueue)) { + sockerror("listen"); + return 0; + } diff --git a/stunnel.changes b/stunnel.changes index db8df5e..d8f0ef6 100644 --- a/stunnel.changes +++ b/stunnel.changes @@ -1,3 +1,27 @@ +------------------------------------------------------------------- +Thu Jun 16 11:44:32 UTC 2011 - daniel.rahn@novell.com + +- update package to 4.36 +- obsoletes SOMAXCONN and libwrap disable patches (bnc#674554) +- forward port listenqueue patch (bnc#674554) +- explicitly enable libwrap in configure call + +* New features + - Dynamic memory management for strings manipulation: no more static + STRLEN limit, lower stack footprint. + - Strict public key comparison added for "verify = 3" certificate checking + mode (thx to Philipp Hartwig). + - Backlog parameter of listen(2) changed from 5 to SOMAXCONN: improved + behavior on heavy load. + Old behavior can be restored with "listenqueue = 5" in stunnel.conf + +* Bugfixes + - Missing pthread_attr_destroy() added to fix memory leak (thx to Paul + Allex and Peter Pentchev). + - Fixed the incorrect way of setting FD_CLOEXEC flag. + - Fixed --enable-libwrap option of ./configure script. + - Retry implemented on EAI_AGAIN error returned by resolver calls. + ------------------------------------------------------------------- Mon Feb 7 15:10:17 CET 2011 - asvetter@cip.physik.uni-wuerzburg.de diff --git a/stunnel.spec b/stunnel.spec index 050bec1..70fde06 100644 --- a/stunnel.spec +++ b/stunnel.spec @@ -19,19 +19,20 @@ BuildRequires: gcc-c++ tcp_wrappers %endif Summary: Universal SSL Tunnel License: GNU Library General Public License v. 2.0 and 2.1 (LGPL) -Version: 4.35 -Release: 1.1 +Version: 4.36 +Release: 0. Group: Productivity/Networking/Security URL: http://www.stunnel.org/ Autoreqprov: on %if %{?suse_version:%suse_version}%{?!suse_version:0} > 800 PreReq: /usr/sbin/useradd fileutils textutils %insserv_prereq %fillup_prereq %endif -Source: ftp://ftp.stunnel.org/stunnel/%{name}-%{version}.tar.gz +Source: ftp://ftp.stunnel.org/stunnel/%{name}-%{version}.tar.bz2 Source1: stunnel.conf Source2: stunnel.README Source3: sysconfig.syslog-stunnel Source4: stunnel.rc +Patch0: stunnel-listenqueue-option.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %define VENDOR SUSE @@ -48,6 +49,7 @@ without any changes to the program code. %prep %setup -q +%patch0 -p0 %build #autoreconf -fi @@ -57,7 +59,9 @@ fPIE="-fPIE" pie="-pie" %endif export CFLAGS="$RPM_OPT_FLAGS $fPIE" -%configure +%configure \ + --enable-libwrap \ + --localstatedir=/var echo -e ".\n.\n.\n.\n.\n" | make LDADD="$pie -Wl,-z,defs,-z,relro" %install