pool/stunnel
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
stunnel/stunnel-listenqueue-option.patch
Daniel Rahn d17aa7ebbc Accepting request 314344 from home:sdrahn:branches:security:Stunnel 
- update to version 5.19
  Bugfixes:
  - Improved socket error handling. 
  - Fixed handling of dynamic connect targets. 
  - Fixed handling of trailing whitespaces in the Content-Length header of the
    NTLM authentication. 
  - Fixed memory leaks in certificate verification.
  New features:
  - The "redirect" option was improved to not only redirect sessions established
    with an untrusted certificate, but also sessions established without a
    client certificate. 
  - Randomize the initial value of the round-robin counter. 
  - Added "include" configuration file option to include all configuration file
    parts located in a specified directory. 
  - Temporary DH parameters are refreshed every 24 hours, unless static DH
    parameters were provided in the certificate file. 
  - Warnings are logged on potentially insecure authentication. 
- stunnel-listenqueue-option.patch: Refresh.
- stunnel3-binpath.patch: Obsolete, dropped.
- stunnel.service: Modified to start after network.target, not syslog.target.

OBS-URL: https://build.opensuse.org/request/show/314344
OBS-URL: https://build.opensuse.org/package/show/security:Stunnel/stunnel?expand=0&rev=69
2015-06-29 10:02:42 +00:00

49 lines
1.6 KiB
Diff
Raw Blame History

--- src/options.c
+++ src/options.c
@@ -1872,6 +1872,24 @@
break;
}
+ /* listenqueue option */
+ switch(cmd) {
+ case CMD_BEGIN:
+ section->listenqueue=SOMAXCONN;
+ break;
+ case CMD_EXEC:
+ if(strcasecmp(opt, "listenqueue"))
+ break;
+ section->listenqueue=atoi(arg);
+ return (section->listenqueue?NULL:"Bad verify level");
+ case CMD_DEFAULT:
+ s_log(LOG_NOTICE, "%-15s = %d", "listenqueue", SOMAXCONN);
+ break;
+ case CMD_HELP:
+ s_log(LOG_NOTICE, "%-15s = defines the maximum length the queue of pending connections may grow to (max SOMAXCONN)", "listenqueue");
+ break;
+ }
+
#ifndef OPENSSL_NO_OCSP
/* OCSP */
--- src/prototypes.h
+++ src/prototypes.h
@@ -248,6 +248,7 @@
int timeout_close; /* maximum close_notify time */
int timeout_connect; /* maximum connect() time */
int timeout_idle; /* maximum idle connection time */
+ int listenqueue; /* Listen backlog */
enum {FAILOVER_RR, FAILOVER_PRIO} failover; /* failover strategy */
char *username;
--- src/stunnel.c
+++ src/stunnel.c
@@ -451,7 +451,7 @@
str_free(local_address);
return 1;
}
- if(listen(opt->fd, SOMAXCONN)) {
+ if(listen(opt->fd, opt->listenqueue)) {
sockerror("listen");
closesocket(opt->fd);
opt->fd=INVALID_SOCKET;
Reference in New Issue View Git Blame Copy Permalink