pool/stunnel
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
stunnel/stunnel-listenqueue-option.patch
Daniel Rahn 5fada29b31 - - Update to version 5.0b1 (FATE#315694) 
- Default "pid" is now "", i.e. not to create a pid file at startup.
  - Default "ciphers" updated to "HIGH:MEDIUM:+3DES:+DH:!aNULL:!SSLv2" due to
    AlFBPPS attack and bad performance of DH ciphersuites. 
  - New service-level option "redirect" to redirect SSL client connections on
    authentication failures instead of rejecting them.
  - New global "engineDefault" configuration file option to control which
    OpenSSL tasks are delegated to the current engine.
  - New service-level configuration file option "engineId" to select the engine
    by identifier, e.g. "engineId = capi". 
  - Improved readability of error messages printed when stunnel refuses to start
    due to a critical error.
- Patches:
  - stunnel-CVE-2013-1762.patch obsoleted. Drpped.
  - stunnel-default-fips-off.patch obsoleted. Dropped.
  - stunnel-listenqueue-option.patch refreshed.
- update to version 4.56

OBS-URL: https://build.opensuse.org/package/show/security:Stunnel/stunnel?expand=0&rev=62
2014-01-29 16:56:32 +00:00

49 lines
1.6 KiB
Diff
Raw Blame History

--- src/options.c
+++ src/options.c
@@ -1218,6 +1218,24 @@
break;
}
+ /* listenqueue option */
+ switch(cmd) {
+ case CMD_BEGIN:
+ section->listenqueue=SOMAXCONN;
+ break;
+ case CMD_EXEC:
+ if(strcasecmp(opt, "listenqueue"))
+ break;
+ section->listenqueue=atoi(arg);
+ return (section->listenqueue?NULL:"Bad verify level");
+ case CMD_DEFAULT:
+ s_log(LOG_NOTICE, "%-15s = %d", "listenqueue", SOMAXCONN);
+ break;
+ case CMD_HELP:
+ s_log(LOG_NOTICE, "%-15s = defines the maximum length the queue of pending connections may grow to (max SOMAXCONN)", "listenqueue");
+ break;
+ }
+
#ifdef HAVE_OSSL_OCSP_H
/* OCSP */
--- src/prototypes.h
+++ src/prototypes.h
@@ -183,6 +183,7 @@
int timeout_close; /* maximum close_notify time */
int timeout_connect; /* maximum connect() time */
int timeout_idle; /* maximum idle connection time */
+ int listenqueue; /* Listen backlog */
enum {FAILOVER_RR, FAILOVER_PRIO} failover; /* failover strategy */
/* service-specific data for protocol.c */
--- src/stunnel.c
+++ src/stunnel.c
@@ -410,7 +410,7 @@
str_free(local_address);
return 1;
}
- if(listen(opt->fd, SOMAXCONN)) {
+ if(listen(opt->fd, opt->listenqueue)) {
sockerror("listen");
closesocket(opt->fd);
opt->fd=-1;
Reference in New Issue View Git Blame Copy Permalink