- - Update to version 5.0b1 (FATE#315694)

- Default "pid" is now "", i.e. not to create a pid file at startup. - Default "ciphers" updated to "HIGH:MEDIUM:+3DES:+DH:!aNULL:!SSLv2" due to AlFBPPS attack and bad performance of DH ciphersuites. - New service-level option "redirect" to redirect SSL client connections on authentication failures instead of rejecting them. - New global "engineDefault" configuration file option to control which OpenSSL tasks are delegated to the current engine. - New service-level configuration file option "engineId" to select the engine by identifier, e.g. "engineId = capi". - Improved readability of error messages printed when stunnel refuses to start due to a critical error. - Patches: - stunnel-CVE-2013-1762.patch obsoleted. Drpped. - stunnel-default-fips-off.patch obsoleted. Dropped. - stunnel-listenqueue-option.patch refreshed. - update to version 4.56 OBS-URL: https://build.opensuse.org/package/show/security:Stunnel/stunnel?expand=0&rev=62
2014-01-29 16:56:32 +00:00
parent 4c843518d3
commit 5fada29b31
8 changed files with 97 additions and 92 deletions
--- a/stunnel.spec
+++ b/stunnel.spec
@@ -19,7 +19,7 @@ BuildRequires:  gcc-c++ tcp_wrappers
 %endif
 Summary:        Universal SSL Tunnel
 License:        GNU Library General Public License v. 2.0 and 2.1 (LGPL)
-Version:        4.56
+Version:        5.00b1
 Release:        0
 Group:          Productivity/Networking/Security
 URL:            http://www.stunnel.org/
@@ -27,17 +27,22 @@ Autoreqprov:    on
 %if %{?suse_version:%suse_version}%{?!suse_version:0} > 800
 PreReq:         /usr/sbin/useradd fileutils textutils %insserv_prereq %fillup_prereq
 %endif
-Source:         ftp://ftp.stunnel.org/stunnel/%{name}-%{version}.tar.gz
+Source:         ftp://ftp.stunnel.org/stunnel/%{name}-%{version}.tar.bz2
 Source1:        stunnel.conf
 Source2:        stunnel.README
 Source3:        sysconfig.syslog-stunnel
 Source4:        stunnel.rc
+Source5:        stunnel.service
 Patch0:         stunnel-listenqueue-option.patch
-Patch1:         stunnel3-binpath.patch
-Patch2:         stunnel-daemonize.diff
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
-%define VENDOR SUSE
-
+BuildRequires:  openssl openssl-devel zlib-devel 
+BuildRequires:  tcpd-devel
+%define VENDOR openSUSE
+%if 0%{?suse_version} >= 1210
+BuildRequires:  systemd
+%{?systemd_requires}
+%define has_systemd 1
+%endif

 %description
 The stunnel program is designed to work as an SSL encryption wrapper
@@ -59,10 +64,8 @@ This package contains additional documentation of the universal SSL tunnel
 stunnel.

 %prep
-%setup -q
-# %patch0 -p0 
-%patch1 -p0
-%patch2 -p0
+%setup -q -n stunnel-5.00
+%patch0 -p0 

 %build
 #autoreconf -fi
@@ -95,46 +98,64 @@ make \
 cp -p %{S:1} tools/stunnel.conf-sample
 cp -p %{S:2} README.%VENDOR
 cp -p %{S:3} $RPM_BUILD_ROOT/var/adm/fillup-templates/
+%if 0%{?has_systemd}
+install -D -m 0644 $RPM_SOURCE_DIR/stunnel.service $RPM_BUILD_ROOT/%_unitdir/stunnel.service
+%else
 install -m 744 $RPM_SOURCE_DIR/stunnel.rc $RPM_BUILD_ROOT/etc/init.d/stunnel
 ln -s ../../etc/init.d/stunnel $RPM_BUILD_ROOT/usr/sbin/rcstunnel
-ln -s stunnel3 $RPM_BUILD_ROOT/usr/sbin/stunnel3_wrapper
+%endif
 mv $RPM_BUILD_ROOT/%{_bindir}/* $RPM_BUILD_ROOT/%{_sbindir}
-rm $RPM_BUILD_ROOT/%{_sysconfdir}/stunnel/stunnel.pem
 rm $RPM_BUILD_ROOT/%{_sysconfdir}/stunnel/stunnel.conf-sample
+rm $RPM_BUILD_ROOT/%{_libdir}/stunnel/*.la
+rm -rf $RPM_BUILD_ROOT/usr/share/doc/packages/stunnel/INSTALL
+rm -rf $RPM_BUILD_ROOT/usr/share/doc/packages/stunnel/INSTALL.WCE
+rm -rf $RPM_BUILD_ROOT/usr/share/doc/packages/stunnel/INSTALL.W32
 rm -rf $RPM_BUILD_ROOT/usr/share/doc/stunnel

 %clean
 rm -rf $RPM_BUILD_ROOT

 %pre
-%if 0%{?suse_version} > 730
-system_user=-r
+if ! /usr/bin/getent passwd stunnel >/dev/null; then
+   %{_sbindir}/useradd -r -c "Daemon user for stunnel (universal SSL tunnel)" -g nogroup -s /bin/false \
+   -d /var/lib/stunnel stunnel 2> /dev/null || :
+fi
+
+%if 0%{?has_systemd}
+%service_add_pre %{name}.service
 %endif
-/usr/sbin/useradd $system_user -g nogroup -s /bin/false -c "Daemon user for stunnel (universal SSL tunnel)" \
- -d /var/lib/stunnel stunnel 2> /dev/null ||:

 %post
+%if 0%{?has_systemd}
+%service_add_post %{name}.service
+%else
 %{fillup_and_insserv -f}
+%endif
 %{fillup_only -ans syslog stunnel}
-/sbin/ldconfig
 if ! test -s etc/stunnel/stunnel.conf; then 
-	cp -p usr/share/doc/packages/stunnel/stunnel.conf-sample etc/stunnel/stunnel.conf 
-	echo copying default config file to /etc/stunnel/stunnel.conf
+        cp -p usr/share/doc/packages/stunnel/stunnel.conf-sample etc/stunnel/stunnel.conf 
+        echo copying default config file to /etc/stunnel/stunnel.conf
 fi
 # first installation? 
 if [ ${FIRST_ARG:-0} = 1 ]; then
 if ! test -f etc/stunnel/stunnel.pem; then
-	cat usr/share/doc/packages/stunnel/README.%VENDOR
+        cat usr/share/doc/packages/stunnel/README.%VENDOR
 fi
 fi

+
+
 %preun
-%if %{?suse_version:%suse_version}%{?!suse_version:0} > 820
+%if 0%{?has_systemd}
+%service_del_preun %{name}.service
+%else
 %stop_on_removal stunnel
 %endif

 %postun
-%if %{?suse_version:%suse_version}%{?!suse_version:0} > 820
+%if 0%{?has_systemd}
+%service_del_postun %{name}.service
+%else
 %restart_on_update stunnel
 %insserv_cleanup
 %endif
@@ -145,7 +166,6 @@ fi
 %doc README.%VENDOR
 %doc tools/ca.*
 %doc tools/importCA.*
-%doc tools/stunnel.cnf
 %doc tools/stunnel.conf-sample
 %{_sbindir}/*
 %{_libdir}/stunnel
@@ -160,11 +180,15 @@ fi
 %dir %attr(755,root,root) 	/var/lib/stunnel/var
 %dir %attr(755,stunnel,root) 	/var/lib/stunnel/var/run
 /var/adm/fillup-templates/sysconfig.syslog-stunnel
+%if 0%{?has_systemd}
+%_unitdir/stunnel.service
+%else
 %config /etc/init.d/*
+%endif

 %files doc
 %defattr(-,root,root)
-%doc AUTHORS BUGS COPYING COPYRIGHT.GPL CREDITS ChangeLog INSTALL NEWS PORTS
+%doc AUTHORS BUGS COPYING COPYRIGHT.GPL CREDITS ChangeLog NEWS PORTS
 %doc README TODO
 %doc doc/stunnel.html
 %doc doc/stunnel.*.html