pool/stunnel
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 648234 from security:Stunnel

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/648234
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/stunnel?expand=0&rev=13
This commit is contained in:
Dominique Leuenberger 2018-11-12 08:44:59 +00:00 committed by Git OBS Bridge
commit 304252b587
7 changed files with 97 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
stunnel-5.44.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:990a325dbb47d77d88772dd02fbbd27d91b1fea3ece76c9ff4461eca93f12299
size 699117

18
stunnel-5.44.tar.gz.asc
View File

@ -1,18 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQKTBAABCgB9FiEEK8fk5n48wMG+py+MLvx/8NQW4BQFAlobO1ZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDJC
QzdFNEU2N0UzQ0MwQzFCRUE3MkY4QzJFRkM3RkYwRDQxNkUwMTQACgkQLvx/8NQW
4BQaNRAAlF6Bxmv9YXCJ0s9SBC1TK8E5wG0C5fvTQPBK22a3irk06L5r4CgRnumZ
UJNjjmWuylr8X8+3lvqai73jmtFyLupHRIgs0j9hErMD/U4OjIAWzJnMCYmwKgxS
a4BCp2Yz17Kc/+zZ2r4a3TTv7abJTv9nzbs/Zch3eSL7cQ/uch9dl/tTaz23B9Di
DNvaNwAAzosPOX8K2sLbH4dvcZGC/vOT2Oflhf6Ky4aytEO3gA8AcaWYw9kVftdX
EGC9udxknG0T/oFUJQvN7+ZtmTH4s/wpQYdTzAsKAe8nfOTQUjCnkK8nYlBo8usW
LL0pQp108d26xR58WLthmiOeIiH40AyQng9D+6VmDP5YI6C0CLBfEshZeLmGZYmx
tqUrjGI+4mS09Clq3Caml/sjeS6OZHhWCTqJ+Dd8/3uxlhSO3jCRjzMqmAeKU/Bm
2GSDblb9UCrMwvzAuppC4RhnCh2t86fXMREct1RlS6Fy3EqfBqeS4z8BPCmXgn+h
k5klL/St+T9nSqrKqJis4h2f4lxizDE2SrOZ2Xtum7JX3vMJO44OYNxk5XGhzXns
2cPB9AlEVrKc8p1kVIwUSrWTtalL7jDHeeAfysT7TCoauHtqBt4gTJTkcQoZDw/f
wgatj14BNLs2tYp5CsI9S7kNpmdU8Kp6zwblN5ed8YCUSnqKN3Q=
=v9qF
-----END PGP SIGNATURE-----

3
stunnel-5.49.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:3d6641213a82175c19f23fde1c3d1c841738385289eb7ca1554f4a58b96d955e
size 713560

18
stunnel-5.49.tar.gz.asc Normal file
View File

@ -0,0 +1,18 @@
-----BEGIN PGP SIGNATURE-----
iQKTBAABCgB9FiEEK8fk5n48wMG+py+MLvx/8NQW4BQFAluNmNhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDJC
QzdFNEU2N0UzQ0MwQzFCRUE3MkY4QzJFRkM3RkYwRDQxNkUwMTQACgkQLvx/8NQW
4BT3Qw//fqje0iXQjWzKBwqLxeCYByCbECWEqeD8fePGTYOOXP1GE17lpQG/+g6t
GAU+hMDt5jXLLg4NbgGq8ty0AouC0shp62QNPRJpJFvwwvErA0rrGvpwwi1SRvx+
KVLXa3YfHxiMK14nSHS/WEoSXEYrLt0zjCRwEn9h3tXVq0Z6eydb81QueGWm6ENJ
jP+FEEFVbdf/8Z/LoZR67AEVlPMLu91bGjyBHlIOUOBek61F6zAdLxOHv+kdaul/
HiJkZLgVY+dfmqAnUc9sZNL0o4o3ro64GroNS36PUrA2kOmljD8+6gBtulQ87sbu
I6KSZ91yBa0F9andhanqtKIkeCgTuuFHDYPM/bqKijW4qytMJJ9FKwXpuZdEdRN2
DBjIsgidePuJFCovjIsl6+SdcwFFy5KasjQLc63IB2Ak9ujOYuyt3OjkD3JrFYX9
ZP5reXUcxgksa4wnPHCnhgfs3BSWbLpMGrO9uoua8x8Z4kmXX4h+dgNQYx9ezpn3
vlsdXHW4MeNDNMe0dYnjQcAb0YEuVI1zoIinQWypUtejJ6eezdde87cTNsVhkLIu
N+S55gWohxQJUSDA4sYAAhh4LJI7cKUyugOicwA1DGIjGDnKdnhm9nrtx3nCroXT
ViyF8ae0QBBaFPa/qnBpOZg44cfspX0c3Ra1Mcu3l/awsmfkR44=
=UzwM
-----END PGP SIGNATURE-----

30
stunnel-listenqueue-option.patch
View File

@ -1,16 +1,16 @@
diff -ruN a/src/options.c b/src/options.c diff -Naur a/src/options.c b/src/options.c
--- a/src/options.c 2018-01-23 19:23:27.813960936 -0500 --- a/src/options.c 2018-08-19 09:10:47.000000000 +0200
+++ b/src/options.c 2018-01-23 19:28:05.463119114 -0500 +++ b/src/options.c 2018-11-11 10:47:33.343794306 +0100
@@ -2997,8 +2997,6 @@ @@ -3373,8 +3373,6 @@
switch(cmd) {
case CMD_BEGIN: case CMD_BEGIN:
section->ref=1;
break; break;
- case CMD_EXEC: - case CMD_EXEC:
- return option_not_found; - return option_not_found;
case CMD_END: case CMD_END:
if(new_service_options.next) { /* daemon mode checks */ if(new_service_options.next) { /* daemon mode checks */
if(endpoints!=2) if(endpoints!=2)
@@ -3019,6 +3017,25 @@ @@ -3411,6 +3409,25 @@
break; break;
} }
@ -36,21 +36,21 @@ diff -ruN a/src/options.c b/src/options.c
return NULL; /* OK */ return NULL; /* OK */
} }
diff -ruN a/src/prototypes.h b/src/prototypes.h diff -Naur a/src/prototypes.h b/src/prototypes.h
--- a/src/prototypes.h 2018-01-23 19:23:27.813960936 -0500 --- a/src/prototypes.h 2018-08-19 09:10:47.000000000 +0200
+++ b/src/prototypes.h 2018-01-23 19:28:45.854124040 -0500 +++ b/src/prototypes.h 2018-11-11 10:47:33.347794278 +0100
@@ -251,6 +251,7 @@ @@ -257,6 +257,7 @@
int timeout_close; /* maximum close_notify time */ int timeout_close; /* maximum close_notify time */
int timeout_connect; /* maximum connect() time */ int timeout_connect; /* maximum connect() time */
int timeout_idle; /* maximum idle connection time */ int timeout_idle; /* maximum idle connection time */
+ int listenqueue; /* Listen backlog */ + int listenqueue; /* Listen backlog */
enum {FAILOVER_RR, FAILOVER_PRIO} failover; /* failover strategy */ enum {FAILOVER_RR, FAILOVER_PRIO} failover; /* failover strategy */
unsigned seq; /* sequential number for round-robin failover */ unsigned rr; /* per-service sequential number for round-robin failover */
char *username; char *username;
diff -ruN a/src/stunnel.c b/src/stunnel.c diff -Naur a/src/stunnel.c b/src/stunnel.c
--- a/src/stunnel.c 2018-01-23 19:23:27.813960936 -0500 --- a/src/stunnel.c 2018-08-25 09:15:03.000000000 +0200
+++ b/src/stunnel.c 2018-01-23 19:29:26.365126071 -0500 +++ b/src/stunnel.c 2018-11-11 10:47:33.347794278 +0100
@@ -526,7 +526,7 @@ @@ -572,7 +572,7 @@
closesocket(fd); closesocket(fd);
return INVALID_SOCKET; return INVALID_SOCKET;
} }

56
stunnel.changes
View File

@ -1,3 +1,59 @@
-------------------------------------------------------------------
Sun Nov 11 11:08:22 UTC 2018 - obs@botter.cc
- disabled checks; checks depend on ncat and network accessibility
-------------------------------------------------------------------
Sun Nov 11 09:15:49 UTC 2018 - obs@botter.cc
- update to version 5.49
* Logging of negotiated or resumed TLS session IDs (thx to ANSSI - National Cybersecurity Agency of France).
* Merged Debian 10-enabled.patch and 11-killproc.patch (thx to Peter Pentchev).
* OpenSSL DLLs updated to version 1.0.2p.
* PKCS#11 engine DLL updated to version 0.4.9.
* Fixed a crash in the session persistence implementation.
* Fixed syslog identifier after configuration file reload.
* Fixed non-interactive "make check" invocations.
* Fixed reloading syslog configuration.
* stunnel.pem created with SHA-256 instead of SHA-1.
* SHA-256 "make check" certificates.
- includes new version 5.48
* Fixed requesting client certificate when specified as a global option.
* Certificate subject checks modified to accept certificates if at least one of the specified checks matches.
- includes new version 5.47
* Fast add_lock_callback for OpenSSL < 1.1.0. This largely improves performance on heavy load.
* Automatic detection of Homebrew OpenSSL.
* Clarified port binding error logs.
* Various "make test" improvements.
* Fixed a crash on switching to SNI slave sections.
- includes new version 5.46
* The default cipher list was updated to a safer value: "HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK".
* Default accept address restored to INADDR_ANY.
- includes new version 5.45
* Implemented delayed deallocation of service sections after configuration file reload.
* OpenSSL DLLs updated to version 1.0.2o.
* Deprecated the sslVersion option.
* The "socket" option is now also available in service sections.
* Implemented try-restart in the SysV init script (thx to Peter Pentchev).
* TLS 1.3 compliant session handling for OpenSSL 1.1.1.
* Default "failover" value changed from "rr" to "prio".
* New "make check" tests.
* A service no longer refuses to start if binding fails for some (but not all) addresses:ports.
* Fixed compression handling with OpenSSL 1.1.0 and later.
* _beginthread() replaced with safer _beginthreadex().
* Fixed exception handling in libwrap.
* Fixed exec+connect services.
* Fixed automatic resolver delaying.
* Fixed a Gentoo cross-compilation bug (thx to Joe Harvell).
* A number of "make check" framework fixes.
* Fixed false postive memory leak logs.
* Build fixes for OpenSSL versions down to 0.9.7.
* Fixed (again) round-robin failover in the FORK threading model.
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Feb 6 13:51:49 UTC 2018 - vetter@physik.uni-wuerzburg.de Tue Feb 6 13:51:49 UTC 2018 - vetter@physik.uni-wuerzburg.de

9
stunnel.spec
View File

@ -38,10 +38,10 @@ Requires(pre): /usr/sbin/useradd
%define _fillupdir %{_localstatedir}/adm/fillup-templates %define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif %endif
Name: stunnel Name: stunnel
Version: 5.44 Version: 5.49
Release: 0 Release: 0
Summary: Universal SSL Tunnel Summary: Universal SSL Tunnel
License: GPL-2.0+ License: GPL-2.0-or-later
Group: Productivity/Networking/Security Group: Productivity/Networking/Security
Url: http://www.stunnel.org/ Url: http://www.stunnel.org/
Source: https://www.stunnel.org/downloads/%{name}-%{version}.tar.gz Source: https://www.stunnel.org/downloads/%{name}-%{version}.tar.gz
@ -100,8 +100,9 @@ sed -i 's/-m 1770 -g nogroup//g' tools/Makefile.in
--bindir=%{_sbindir} --bindir=%{_sbindir}
make %{?_smp_mflags} LDADD="-pie -Wl,-z,defs,-z,relro" make %{?_smp_mflags} LDADD="-pie -Wl,-z,defs,-z,relro"
%check # connot do checks with 5.49, checks depend on ncat and network interaction
make %{?_smp_mflags} check #%check
#make %{?_smp_mflags} check
%install %install
%if 0%{?suse_version} >= 1210 %if 0%{?suse_version} >= 1210