Apply patch from upstream wrt bug #202709.

(Portage version: 2.1.4_rc10)
author: Ulrich Müller <ulm@gentoo.org> 2007-12-19 11:52:58 +0000
committer: Ulrich Müller <ulm@gentoo.org> 2007-12-19 11:52:58 +0000
commit: 02ac9960d0bc237d3aaeaa86d18b05f30fd24638 (patch)
tree: a62eadacf74aac3c9b004edcb563338a2857c218 /net-misc/stunnel
parent: isight support.. (diff)
download: gentoo-2-02ac9960d0bc237d3aaeaa86d18b05f30fd24638.tar.gz
gentoo-2-02ac9960d0bc237d3aaeaa86d18b05f30fd24638.tar.bz2
gentoo-2-02ac9960d0bc237d3aaeaa86d18b05f30fd24638.zip
4 files changed, 181 insertions, 1 deletions
diff --git a/net-misc/stunnel/ChangeLog b/net-misc/stunnel/ChangeLog
index d356eba85196..d83a9c3ccaca 100644
--- a/net-misc/stunnel/ChangeLog
+++ b/net-misc/stunnel/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for net-misc/stunnel
 # Copyright 2002-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/ChangeLog,v 1.82 2007/12/14 12:44:45 armin76 Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/ChangeLog,v 1.83 2007/12/19 11:52:57 ulm Exp $
+
+*stunnel-4.21-r1 (19 Dec 2007)
+
+  19 Dec 2007; Ulrich Mueller <ulm@gentoo.org>
+  +files/stunnel-4.21-setuid.patch, +stunnel-4.21-r1.ebuild:
+  Apply patch from upstream wrt bug #202709.
 
   14 Dec 2007; Raúl Porcel <armin76@gentoo.org> stunnel-4.21.ebuild:
   alpha/sparc stable wrt #201896
diff --git a/net-misc/stunnel/files/digest-stunnel-4.21-r1 b/net-misc/stunnel/files/digest-stunnel-4.21-r1
new file mode 100644
index 000000000000..8b87ff9ad1c5
--- /dev/null
+++ b/net-misc/stunnel/files/digest-stunnel-4.21-r1
@@ -0,0 +1,3 @@
+MD5 1eaec5228979beca4d548f453304e311 stunnel-4.21.tar.gz 528196
+RMD160 e0f599bb44bbdd5178af9972110f71ee64cbf724 stunnel-4.21.tar.gz 528196
+SHA256 b1121c1157c48320491f1929eb1f1c64ba20f76c7352c0df01c77cf09be19add stunnel-4.21.tar.gz 528196
diff --git a/net-misc/stunnel/files/stunnel-4.21-setuid.patch b/net-misc/stunnel/files/stunnel-4.21-setuid.patch
new file mode 100644
index 000000000000..93078ee9a394
--- /dev/null
+++ b/net-misc/stunnel/files/stunnel-4.21-setuid.patch
@@ -0,0 +1,89 @@
+--- stunnel-4.21-orig/src/stunnel.c	2007-10-27 17:41:39.000000000 +0200
++++ stunnel-4.21/src/stunnel.c	2007-11-03 16:44:02.000000000 +0100
+@@ -41,7 +41,7 @@
+ static void accept_connection(LOCAL_OPTIONS *);
+ static void get_limits(void); /* setup global max_clients and max_fds */
+ #if !defined (USE_WIN32) && !defined (__vms)
+-static void make_chroot(void);
++static void drop_privileges(void);
+ static void daemonize(void);
+ static void create_pid(void);
+ static void delete_pid(void);
+@@ -111,9 +111,6 @@
+     } else { /* inetd mode */
+ #if !defined (USE_WIN32) && !defined (__vms)&&!defined(USE_OS2)
+         max_fds=FD_SETSIZE; /* just in case */
+-#ifdef HAVE_CHROOT
+-        make_chroot();
+-#endif /* HAVE_CHROOT */
+         drop_privileges();
+ #endif
+         num_clients=1;
+@@ -171,9 +168,6 @@
+ #if !defined (USE_WIN32) && !defined (__vms) && !defined(USE_OS2)
+     if(!(options.option.foreground))
+         daemonize();
+-#ifdef HAVE_CHROOT
+-        make_chroot();
+-#endif /* HAVE_CHROOT */
+     drop_privileges();
+     create_pid();
+ #endif /* !defined USE_WIN32 && !defined (__vms) */
+@@ -299,24 +293,9 @@
+ #endif
+ }
+ 
+-#ifdef HAVE_CHROOT
+-static void make_chroot(void) {
+-    if(options.chroot_dir) {
+-        if(chroot(options.chroot_dir)) {
+-            sockerror("chroot");
+-            exit(1);
+-        }
+-        if(chdir("/")) {
+-            sockerror("chdir");
+-            exit(1);
+-        }
+-    }
+-}
+-#endif /* HAVE_CHROOT */
+-
+ #if !defined (USE_WIN32) && !defined (__vms)
+-    /* set process user and group(s) id */
+-void drop_privileges(void) {
++    /* chroot and set process user and group(s) id */
++static void drop_privileges(void) {
+     int uid=0, gid=0;
+     struct group *gr;
+ #ifdef HAVE_SETGROUPS
+@@ -350,6 +329,20 @@
+         }
+     }
+ 
++#ifdef HAVE_CHROOT
++    /* chroot */
++    if(options.chroot_dir) {
++        if(chroot(options.chroot_dir)) {
++            sockerror("chroot");
++            exit(1);
++        }
++        if(chdir("/")) {
++            sockerror("chdir");
++            exit(1);
++        }
++    }
++#endif /* HAVE_CHROOT */
++
+     /* Set uid and gid */
+     if(gid) {
+         if(setgid(gid)) {
+--- stunnel-4.21-orig/src/prototypes.h	2007-10-05 17:42:48.000000000 +0200
++++ stunnel-4.21/src/prototypes.h	2007-11-03 16:33:49.000000000 +0100
+@@ -57,7 +57,6 @@
+ void main_initialize(char *, char *);
+ void main_execute(void);
+ void stunnel_info(int);
+-void drop_privileges(void);
+ 
+ /**************************************** Prototypes for log.c */
+ 
diff --git a/net-misc/stunnel/stunnel-4.21-r1.ebuild b/net-misc/stunnel/stunnel-4.21-r1.ebuild
new file mode 100644
index 000000000000..6d980391cba0
--- /dev/null
+++ b/net-misc/stunnel/stunnel-4.21-r1.ebuild
@@ -0,0 +1,82 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/stunnel-4.21-r1.ebuild,v 1.1 2007/12/19 11:52:57 ulm Exp $
+
+inherit autotools ssl-cert eutils
+
+DESCRIPTION="TLS/SSL - Port Wrapper"
+HOMEPAGE="http://stunnel.mirt.net/"
+SRC_URI="http://www.stunnel.org/download/stunnel/src/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86"
+IUSE="ipv6 selinux tcpd"
+
+DEPEND="tcpd? ( sys-apps/tcp-wrappers )
+	>=dev-libs/openssl-0.9.6j"
+RDEPEND="${DEPEND}
+	selinux? ( sec-policy/selinux-stunnel )"
+
+pkg_setup() {
+	enewgroup stunnel
+	enewuser stunnel -1 -1 -1 stunnel
+}
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+	epatch "${FILESDIR}/${P}-libwrap.patch"
+	epatch "${FILESDIR}/${P}-setuid.patch"
+	eautoreconf
+
+	# Hack away generation of certificate
+	sed -i -e "s/^install-data-local:/do-not-run-this:/" \
+		tools/Makefile.in || die "sed failed"
+}
+
+src_compile() {
+	econf $(use_enable ipv6) \
+		$(use_enable tcpd libwrap) || die "econf died"
+	emake || die "emake died"
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die "emake install failed"
+	rm -rf "${D}"/usr/share/doc/${PN}
+	rm -f "${D}"/etc/stunnel/stunnel.conf-sample "${D}"/usr/bin/stunnel3 \
+		"${D}"/usr/share/man/man8/stunnel.{fr,pl}.8
+
+	# The binary was moved to /usr/bin with 4.21,
+	# symlink for backwards compatibility
+	dosym ../bin/stunnel /usr/sbin/stunnel
+
+	dodoc AUTHORS BUGS CREDITS PORTS README TODO ChangeLog doc/en/transproxy.txt
+	dohtml doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html \
+		tools/importCA.html
+
+	insinto /etc/stunnel
+	doins "${FILESDIR}"/stunnel.conf
+	newinitd "${FILESDIR}"/stunnel.rc6 stunnel
+
+	keepdir /var/run/stunnel
+	fowners stunnel:stunnel /var/run/stunnel
+}
+
+pkg_postinst() {
+	if [ ! -f "${ROOT}"/etc/stunnel/stunnel.key ]; then
+		install_cert /etc/stunnel/stunnel
+		chown stunnel:stunnel "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
+		chmod 0640 "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
+	fi
+
+	if [ ! -z "$(grep /etc/stunnel/stunnel.pid \
+		"${ROOT}"/etc/stunnel/stunnel.conf )" ] ; then
+
+		ewarn "As of stunnel-4.09, the pid file will be located in /var/run/stunnel."
+		ewarn "Please stop stunnel, etc-update, and start stunnel back up to ensure"
+		ewarn "the update takes place"
+		ewarn
+		ewarn "The new location will be /var/run/stunnel/stunnel.pid"
+	fi
+}
author	Ulrich Müller <ulm@gentoo.org>	2007-12-19 11:52:58 +0000
committer	Ulrich Müller <ulm@gentoo.org>	2007-12-19 11:52:58 +0000
commit	02ac9960d0bc237d3aaeaa86d18b05f30fd24638 (patch)
tree	a62eadacf74aac3c9b004edcb563338a2857c218 /net-misc/stunnel
parent	isight support.. (diff)
download	gentoo-2-02ac9960d0bc237d3aaeaa86d18b05f30fd24638.tar.gz gentoo-2-02ac9960d0bc237d3aaeaa86d18b05f30fd24638.tar.bz2 gentoo-2-02ac9960d0bc237d3aaeaa86d18b05f30fd24638.zip