summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorConrad Kostecki <conikost@gentoo.org>2021-03-14 21:23:03 +0100
committerConrad Kostecki <conikost@gentoo.org>2021-03-14 21:25:34 +0100
commit021b0cccd5ea0f8b0cdb764ef696a71a5e430487 (patch)
treed9d90c308993fe65433c4bfdd665c4ec470033da /net-misc
parentapp-admin/lastpass-binary-component: bump to 4.67.1 (diff)
downloadgentoo-021b0cccd5ea0f8b0cdb764ef696a71a5e430487.tar.gz
gentoo-021b0cccd5ea0f8b0cdb764ef696a71a5e430487.tar.bz2
gentoo-021b0cccd5ea0f8b0cdb764ef696a71a5e430487.zip
net-misc/stunnel: bump to version 5.58
Also added from PR 14362 the handling of pid file ownership, to support the specified user and group from stunnel.conf. Closes: https://github.com/gentoo/gentoo/pull/14362 Package-Manager: Portage-3.0.16, Repoman-3.0.2 Signed-off-by: Conrad Kostecki <conikost@gentoo.org>
Diffstat (limited to 'net-misc')
-rw-r--r--net-misc/stunnel/Manifest1
-rw-r--r--net-misc/stunnel/files/stunnel-r255
-rw-r--r--net-misc/stunnel/stunnel-5.58.ebuild100
3 files changed, 156 insertions, 0 deletions
diff --git a/net-misc/stunnel/Manifest b/net-misc/stunnel/Manifest
index 432660d827e3..d27cdf861c37 100644
--- a/net-misc/stunnel/Manifest
+++ b/net-misc/stunnel/Manifest
@@ -1,3 +1,4 @@
DIST stunnel-5.50.tar.gz 973685 BLAKE2B e4185fa0c4f15ea118a8f6590bae14a9e1d7ccf1f73b75e46d8c7f04e4ece471c29b0a3715a24568301c5220fe385cbf42295c91ae9b295e3d7ab2b0ffec45a1 SHA512 96029b4f0dc0f04130e847bf47e56e8fdd22f2aaddb5fe0f581a0da6b870049152216795a0a9d9cdb6b93621df0a7d999e968a8c59989d261fd81c5f02cc1bac
DIST stunnel-5.55.tar.gz 986873 BLAKE2B feb3a7d80aa2f67e0b8de2cdd2a134947f0715cc09c2d2778cd2aef4dcc55ffef45c55e010bd6048f38b143d22006beb90c7b76575a8d6d3d430d1f87dd271fa SHA512 278e39e87e080171d2bed3b193f8f7923b48c12c6d788afeb113a71bfc6077129305e8f93f5e7046b12cc8aa381e89909358756c978ef129d3067ceeb60e112a
DIST stunnel-5.56.tar.gz 981163 BLAKE2B eef5a535165b1346d14e8fdd25ded7f497378bb63ab7d68642c5e1b3db2716c8e46db443146385a192a7e6042adcca295a5b107912e113f3f13f66e7a8d8b00b SHA512 db1be82b80bd5606568c5565f1c9a5710d4f7abca2d89388daa441bc395aaf2be998ac6403c7a17b8af01b89ade825186c20c50f73a809f9d64eca2e1b57a877
+DIST stunnel-5.58.tar.gz 988551 BLAKE2B 45ce3d43ff683fa1146ced00c6a2ef7c09a935da3dcd1a6529fa024e064c251798d96a1e45d4abf13195ca50fb7f1cf3ddc25c9e954a1cad8bb4745c4e35701d SHA512 6f62bf13bf53f174b2810ad6708a9dfdb70e9b4e2f60c0c9cf4df691169a63014901402ccbe2862010f4cee240c1a8eec34b70a7a3fcef36e7a2ca14a7f70ece
diff --git a/net-misc/stunnel/files/stunnel-r2 b/net-misc/stunnel/files/stunnel-r2
new file mode 100644
index 000000000000..abd42987d2b4
--- /dev/null
+++ b/net-misc/stunnel/files/stunnel-r2
@@ -0,0 +1,55 @@
+#!/sbin/openrc-run
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+extra_started_commands="reload"
+SERVICENAME=${SVCNAME#*.}
+SERVICENAME=${SERVICENAME:-stunnel}
+STUNNEL_CONFIGFILE=${STUNNEL_CONFIGFILE:-/etc/stunnel/${SERVICENAME}.conf}
+
+depend() {
+ need net
+ before logger
+}
+
+get_config() {
+ if [ ! -e ${STUNNEL_CONFIGFILE} ] ; then
+ eerror "You need to create ${STUNNEL_CONFIGFILE} first."
+ return 1
+ fi
+ CHROOT=$(grep "^chroot" ${STUNNEL_CONFIGFILE} | sed "s;.*= *;;")
+ [ -n "${CHROOT}" ] && CHROOT="--chroot ${CHROOT}"
+ PIDFILE=$(grep "^pid" ${STUNNEL_CONFIGFILE} | sed "s;.*= *;;")
+ PIDFILE=${PIDFILE:-/run/stunnel/${SERVICENAME}.pid}
+ SETUID=$(grep "^setuid" ${STUNNEL_CONFIGFILE} | sed "s;.*= *;;")
+ SETUID=${SETUID:-stunnel}
+ SETGID=$(grep "^setgid" ${STUNNEL_CONFIGFILE} | sed "s;.*= *;;")
+ SETGID=${SETGID:-stunnel}
+}
+
+start() {
+ get_config || return 1
+ checkpath -d -m 0775 -o root:stunnel /run/stunnel
+ if [ "$(dirname ${PIDFILE})" != "/run" ]; then
+ checkpath -d -m 0755 -o ${SETUID}:${SETGID} -q $(dirname ${PIDFILE})
+ fi
+ ebegin "Starting ${SVCNAME}"
+ start-stop-daemon --start --pidfile "${PIDFILE}" ${CHROOT} \
+ --exec /usr/bin/stunnel -- ${STUNNEL_CONFIGFILE} ${STUNNEL_OPTIONS}
+ eend $? "Failed to start ${SVCNAME}"
+}
+
+stop() {
+ get_config || return 1
+ ebegin "Stopping ${SVCNAME}"
+ start-stop-daemon --stop --quiet --exec /usr/bin/stunnel \
+ --pidfile ${PIDFILE}
+ eend $? "Failed to stop ${SVCNAME}"
+}
+
+reload() {
+ get_config || return 1
+ ebegin "Reloading ${SVCNAME}"
+ start-stop-daemon --signal HUP --pidfile ${PIDFILE} --name stunnel
+ eend $?
+}
diff --git a/net-misc/stunnel/stunnel-5.58.ebuild b/net-misc/stunnel/stunnel-5.58.ebuild
new file mode 100644
index 000000000000..2fcb74bea807
--- /dev/null
+++ b/net-misc/stunnel/stunnel-5.58.ebuild
@@ -0,0 +1,100 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit multilib ssl-cert systemd tmpfiles
+
+DESCRIPTION="TLS/SSL - Port Wrapper"
+HOMEPAGE="https://www.stunnel.org/index.html"
+SRC_URI="
+ ftp://ftp.stunnel.org/stunnel/archive/${PV%%.*}.x/${P}.tar.gz
+ http://www.usenix.org.uk/mirrors/stunnel/archive/${PV%%.*}.x/${P}.tar.gz
+ http://ftp.nluug.nl/pub/networking/stunnel/archive/${PV%%.*}.x/${P}.tar.gz
+ http://www.namesdir.com/mirrors/stunnel/archive/${PV%%.*}.x/${P}.tar.gz
+ http://stunnel.cybermirror.org/archive/${PV%%.*}.x/${P}.tar.gz
+ http://mirrors.zerg.biz/stunnel/archive/${PV%%.*}.x/${P}.tar.gz
+ ftp://mirrors.go-parts.com/stunnel/archive/${PV%%.*}.x/${P}.tar.gz
+"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos"
+IUSE="ipv6 selinux stunnel3 tcpd"
+
+DEPEND="
+ dev-libs/openssl:0=
+ tcpd? ( sys-apps/tcp-wrappers )
+"
+
+RDEPEND="
+ acct-user/stunnel
+ acct-group/stunnel
+ ${DEPEND}
+ selinux? ( sec-policy/selinux-stunnel )
+ stunnel3? ( dev-lang/perl )
+"
+
+RESTRICT="test"
+
+src_prepare() {
+ # Hack away generation of certificate
+ sed -i -e "s/^install-data-local:/do-not-run-this:/" \
+ tools/Makefile.in || die "sed failed"
+
+ echo "CONFIG_PROTECT=\"/etc/stunnel/stunnel.conf\"" > "${T}"/20stunnel
+
+ eapply_user
+}
+
+src_configure() {
+ local myeconfargs=(
+ --libdir="${EPREFIX}/usr/$(get_libdir)"
+ $(use_enable ipv6)
+ $(use_enable tcpd libwrap)
+ --with-ssl="${EPREFIX}"/usr
+ --disable-fips
+ )
+
+ econf "${myeconfargs[@]}"
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+ rm -rf "${ED}"/usr/share/doc/${PN}
+ rm -f "${ED}"/etc/stunnel/stunnel.conf-sample \
+ "${ED}"/usr/share/man/man8/stunnel.{fr,pl}.8
+ use stunnel3 || rm -f "${ED}"/usr/bin/stunnel3
+
+ # The binary was moved to /usr/bin with 4.21,
+ # symlink for backwards compatibility
+ dosym ../bin/stunnel /usr/sbin/stunnel
+
+ dodoc AUTHORS.md BUGS.md CREDITS.md PORTS.md README.md TODO.md
+ docinto html
+ dodoc doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html \
+ tools/importCA.html
+
+ insinto /etc/stunnel
+ doins "${FILESDIR}"/stunnel.conf
+ newinitd "${FILESDIR}"/stunnel-r2 stunnel
+
+ doenvd "${T}"/20stunnel
+
+ systemd_dounit "${S}/tools/stunnel.service"
+ newtmpfiles "${FILESDIR}"/stunnel.tmpfiles.conf stunnel.conf
+}
+
+pkg_postinst() {
+ if [ ! -f "${EROOT}"/etc/stunnel/stunnel.key ]; then
+ install_cert /etc/stunnel/stunnel
+ chown stunnel:stunnel "${EROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
+ chmod 0640 "${EROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
+ fi
+
+ einfo "If you want to run multiple instances of stunnel, create a new config"
+ einfo "file ending with .conf in /etc/stunnel/. **Make sure** you change "
+ einfo "\'pid= \' with a unique filename. For openrc make a symlink from the"
+ einfo "stunnel init script to \'stunnel.name\' and use that to start|stop"
+ einfo "your custom instance"
+}