kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
freebsd-ports/security/stunnel/Makefile

127 lines
5 KiB
Makefile
Raw Normal View History

Initial import of stunnel version 2.1. An SSL encryption wrapper for standard network daemons. PR: 9435 Submitted by: Martti Kuparinen <martti.kuparinen@ericsson.com>
1999-01-18 05:27:03 +01:00
# New ports collection makefile for: stunnel
# Date created: Mon Jan 11 11:53:54 EET 1999
# Whom: Martti Kuparinen <martti.kuparinen@ericsson.com>
#
$Id$ -> $FreeBSD$
1999-08-31 03:53:22 +02:00
# $FreeBSD$
Initial import of stunnel version 2.1. An SSL encryption wrapper for standard network daemons. PR: 9435 Submitted by: Martti Kuparinen <martti.kuparinen@ericsson.com>
1999-01-18 05:27:03 +01:00
#
Update with the new PORTNAME/PORTVERSION variables
2000-04-09 20:34:06 +02:00
PORTNAME= stunnel
Update to stunnel 4.14, which is mostly a bugfix release. Besides what's in the PR, also revert the pidfile location change to preserve POLA and hier(7). PR: 88436 Submitted by: Vasil Dimov <vd@datamax.bg>
2005-11-03 12:51:10 +01:00
PORTVERSION= 4.14
Conversion to a single libtool environment. Approved by: portmgr (kris)
2006-02-23 11:40:44 +01:00
PORTREVISION= 2
Initial import of stunnel version 2.1. An SSL encryption wrapper for standard network daemons. PR: 9435 Submitted by: Martti Kuparinen <martti.kuparinen@ericsson.com>
1999-01-18 05:27:03 +01:00
CATEGORIES= security
o Update to 3.18 * MAX_CLIENTS is calculated based on FD_SETSIZE, now. * Problems with closing SSL in transfer() fixed. * -I option to bind a static local IP address added. * Debug output of info_callback redesigned. o Reorder MASTER_SITES PR: 29358 Submitted by: maintainer
2001-08-02 21:04:01 +02:00
MASTER_SITES= http://www.stunnel.org/download/stunnel/src/ \
Update to 4.13, which ought to fix the libc_r detection problem in a short window of 5.x versions. PR: 87839 Submitted by: Vasil Dimov <vd@datamax.bg>
2005-11-01 01:18:03 +01:00
ftp://stunnel.mirt.net/stunnel/ \
Fix the distsites; an update to stunnel-4.05 is coming shortly, but still, do this in the meantime. PR: 67200 Submitted by: Roman Neuhauser <neuhauser@chello.cz>
2004-06-03 12:48:32 +02:00
ftp://stunnel.mirt.net/stunnel/OBSOLETE/ \
ftp://opensores.thebunker.net/pub/mirrors/stunnel/download/stunnel/src/
Initial import of stunnel version 2.1. An SSL encryption wrapper for standard network daemons. PR: 9435 Submitted by: Martti Kuparinen <martti.kuparinen@ericsson.com>
1999-01-18 05:27:03 +01:00
Update to stunnel-4.00. *** WARNING WARNING WARNING *** The stunnel invocation has changed! The program no longer accepts command-line options, but is controlled by a config file instead. Please refer to the stunnel(8) manual page for more information. PR: 42249 Submitted by: Dan Langille <dan@langille.org>, lioux
2002-09-20 11:29:11 +02:00
MAINTAINER= roam@FreeBSD.org
And hot on the heels of the distsite update, here's the promised update to 4.05 :)
2004-06-03 13:38:01 +02:00
COMMENT= SSL encryption wrapper for standard network daemons
Add Brian Hatch's patch to enable RSA blinding on older OpenSSL versions. Note: this patch is not needed for the 4.8-RELEASE ports tree, since FreeBSD 4.8 will ship with a fixed OpenSSL version. However, this patch SHOULD be applied by anyone running stunnel with a version of OpenSSL older than 0.9.7a, as reported by the 'openssl version' command. Submitted by: Brian Hatch <bri@stunnel.org>
2003-03-23 11:35:14 +01:00
Update all ports using OpenSSL and RSA to work without rsaref since it is no longer required. Apologies to the various maintainers whom I did not yet hear back from, but the ports freeze is coming up in a few hours and I will be verifying all of these ports on a 4.1 machine myself to catch any problems.
2000-09-22 03:59:06 +02:00
USE_OPENSSL= YES
The last update for this year, I hope :) Make stunnel use the rc_subr framework, allowing for much cleaner startup and shutdown of multiple instances of stunnel.
2004-12-30 16:37:50 +01:00
USE_RC_SUBR= YES
Initial import of stunnel version 2.1. An SSL encryption wrapper for standard network daemons. PR: 9435 Submitted by: Martti Kuparinen <martti.kuparinen@ericsson.com>
1999-01-18 05:27:03 +01:00
Update to 3.21. Change USE_AUTOCONF to GNU_CONFIGURE; there have been no configure.in patches for some time now. PR: 31656 Submitted by: maintainer
2001-11-01 09:28:38 +01:00
GNU_CONFIGURE= yes
At Kris's request, back out the MACHINE_ARCH spelling correction until after 5.4-RELEASE.
2005-04-12 05:26:56 +02:00
CONFIGURE_TARGET= --target=${MACHINE_ARCH}-portbld-freebsd${OSREL}
Update to 4.03. 'make cert' fix submitted by: Krzysztof Stryjek <wtp@mud.pl>
2003-01-09 10:54:54 +01:00
CONFIGURE_ARGS= --localstatedir=/var/tmp --with-pem-dir=${PEM_DIR} \
--enable-static
Store pid file in /var/run/. PR: ports/16805 Submitted by: maintainer
2000-02-20 16:05:06 +01:00
And hot on the heels of the distsite update, here's the promised update to 4.05 :)
2004-06-03 13:38:01 +02:00
.if !defined(NOPORTDOCS)
MAN8= stunnel.8 stunnel.fr.8 stunnel.pl.8
.endif
Initial import of stunnel version 2.1. An SSL encryption wrapper for standard network daemons. PR: 9435 Submitted by: Martti Kuparinen <martti.kuparinen@ericsson.com>
1999-01-18 05:27:03 +01:00
Update to 3.21b, fixing a Makefile bogon and a file descriptor leak. Add a new knob, PEM_DIR, to specify the path to install the certificate generated during the stunnel build, and later, the one generated using the 'cert' target of the port Makefile. Approved by: maintainer
2001-11-07 12:01:38 +01:00
PEM_DIR?= ${PREFIX}/etc
OPTIONS'ify, but still leave WITH_STUNNEL_SSL_ENGINE out of it - it is a bit too dangerous to leave out in the open.
2005-06-14 11:07:12 +02:00
OPTIONS= FORK "use the fork(3) threading model" off \
PTHREAD "use the pthread(3) threading model (default)" on \
UCONTEXT "use the ucontext(3) threading model" off \
IPV6 "enable IPv6 support" off
.include <bsd.port.pre.mk>
Update to stunnel-4.06. In addition to the PR: - enable the new IPv6 functionality when WITH_IPV6 is defined; - at last move over to libtool-1.5 and get rid of the .la file; - update the WITH_STUNNEL_SSL_ENGINE message to also mention FreeBSD 6.x; - remove the obsolete sock_ioctlsocket() definition from patch-aa; - fix a couple of getnameinfo(3)-related buglets; - fix a poll(2)-related buglet: it seems FreeBSD insists (correctly) that INFTIM passed to poll(2) should be -1, not just any negative value. PR: 75519 (somewhat) Submitted by: Dan Langille <dan@langille.org>
2004-12-27 15:33:19 +01:00
.if defined(WITH_IPV6)
CONFIGURE_ARGS+= --enable-ipv6
.endif
Fix the stunnel ucontext-related problems using a patch from the author, Michael Trojnara[1]. Also, add the build-time WITH_FORK, WITH_PTHREAD, and WITH_UCONTEXT knobs to control the stunnel threading model used, based on Vasil Dimov's PR's with some modifications [2]. While I'm here, add in a <sys/types.h> inclusion that seems to be needed for <ucontext.h> at least on FreeBSD 6.0/sparc64. Reported by: many Pointy hat to: roam (myself) for both not noticing this and then letting it linger for a while Obtained from: Michael Trojnara's BSD patch from <53594c631989fde6ca0bdb3435b93dfe@mirt.net> [1] PR: 81289, 82202 [2] Submitted by: Vasil Dimov
2005-06-14 10:58:47 +02:00
.if defined(WITH_UCONTEXT) && defined(WITH_FORK) || defined(WITH_UCONTEXT) && defined(WITH_PTHREAD) || defined(WITH_FORK) && defined(WITH_PTHREAD)
BROKEN= 'The WITH_UCONTEXT, WITH_FORK and WITH_PTHREAD options are mutually exclusive - please specify at most one of them, the default is WITH_PTHREAD'
.endif
.if defined(WITH_UCONTEXT)
Update to stunnel 4.11, which is deemed a stable release. Remove our local patches for ucontext/pthread/fork model choice, since this is handled by a configure argument now. Note that ucontext is not supported on FreeBSD versions less than 5.0. PR: 83245 (mostly) Submitted by: Vasil Dimov <vd@datamax.bg>
2005-07-13 10:41:58 +02:00
.if ${OSVERSION} < 500112
BROKEN= 'The ucontext model is only supported on FreeBSD 5.x and 6.x'
.endif
CONFIGURE_ARGS+=--with-threads=ucontext
CONFIGURE_ENV= CPPFLAGS="${CPPFLAGS} ${PTHREAD_CFLAGS}" LDFLAGS="${LDFLAGS} ${PTHREAD_LIBS}"
Fix the stunnel ucontext-related problems using a patch from the author, Michael Trojnara[1]. Also, add the build-time WITH_FORK, WITH_PTHREAD, and WITH_UCONTEXT knobs to control the stunnel threading model used, based on Vasil Dimov's PR's with some modifications [2]. While I'm here, add in a <sys/types.h> inclusion that seems to be needed for <ucontext.h> at least on FreeBSD 6.0/sparc64. Reported by: many Pointy hat to: roam (myself) for both not noticing this and then letting it linger for a while Obtained from: Michael Trojnara's BSD patch from <53594c631989fde6ca0bdb3435b93dfe@mirt.net> [1] PR: 81289, 82202 [2] Submitted by: Vasil Dimov
2005-06-14 10:58:47 +02:00
.elif defined(WITH_FORK)
Update to stunnel 4.11, which is deemed a stable release. Remove our local patches for ucontext/pthread/fork model choice, since this is handled by a configure argument now. Note that ucontext is not supported on FreeBSD versions less than 5.0. PR: 83245 (mostly) Submitted by: Vasil Dimov <vd@datamax.bg>
2005-07-13 10:41:58 +02:00
CONFIGURE_ARGS+=--with-threads=fork
Fix the stunnel ucontext-related problems using a patch from the author, Michael Trojnara[1]. Also, add the build-time WITH_FORK, WITH_PTHREAD, and WITH_UCONTEXT knobs to control the stunnel threading model used, based on Vasil Dimov's PR's with some modifications [2]. While I'm here, add in a <sys/types.h> inclusion that seems to be needed for <ucontext.h> at least on FreeBSD 6.0/sparc64. Reported by: many Pointy hat to: roam (myself) for both not noticing this and then letting it linger for a while Obtained from: Michael Trojnara's BSD patch from <53594c631989fde6ca0bdb3435b93dfe@mirt.net> [1] PR: 81289, 82202 [2] Submitted by: Vasil Dimov
2005-06-14 10:58:47 +02:00
.else
Update to stunnel 4.11, which is deemed a stable release. Remove our local patches for ucontext/pthread/fork model choice, since this is handled by a configure argument now. Note that ucontext is not supported on FreeBSD versions less than 5.0. PR: 83245 (mostly) Submitted by: Vasil Dimov <vd@datamax.bg>
2005-07-13 10:41:58 +02:00
CONFIGURE_ARGS+=--with-threads=pthread
CONFIGURE_ENV= CPPFLAGS="${CPPFLAGS} ${PTHREAD_CFLAGS}" LDFLAGS="${LDFLAGS} ${PTHREAD_LIBS}"
Fix the stunnel ucontext-related problems using a patch from the author, Michael Trojnara[1]. Also, add the build-time WITH_FORK, WITH_PTHREAD, and WITH_UCONTEXT knobs to control the stunnel threading model used, based on Vasil Dimov's PR's with some modifications [2]. While I'm here, add in a <sys/types.h> inclusion that seems to be needed for <ucontext.h> at least on FreeBSD 6.0/sparc64. Reported by: many Pointy hat to: roam (myself) for both not noticing this and then letting it linger for a while Obtained from: Michael Trojnara's BSD patch from <53594c631989fde6ca0bdb3435b93dfe@mirt.net> [1] PR: 81289, 82202 [2] Submitted by: Vasil Dimov
2005-06-14 10:58:47 +02:00
.endif
Update to stunnel-4.00. *** WARNING WARNING WARNING *** The stunnel invocation has changed! The program no longer accepts command-line options, but is controlled by a config file instead. Please refer to the stunnel(8) manual page for more information. PR: 42249 Submitted by: Dan Langille <dan@langille.org>, lioux
2002-09-20 11:29:11 +02:00
post-patch:
Update to 4.13, which ought to fix the libc_r detection problem in a short window of 5.x versions. PR: 87839 Submitted by: Vasil Dimov <vd@datamax.bg>
2005-11-01 01:18:03 +01:00
# place files under /var/tmp so that this can be run by an unprivileged
Update to stunnel-4.00. *** WARNING WARNING WARNING *** The stunnel invocation has changed! The program no longer accepts command-line options, but is controlled by a config file instead. Please refer to the stunnel(8) manual page for more information. PR: 42249 Submitted by: Dan Langille <dan@langille.org>, lioux
2002-09-20 11:29:11 +02:00
# user stunnel and group stunnel
@${REINPLACE_CMD} -E -e 's|\@prefix\@/var/run/stunnel/|/var/tmp/stunnel|; \
s|nobody|stunnel|;s|nogroup|stunnel|' \
${WRKSRC}/tools/stunnel.conf-sample.in
@${REINPLACE_CMD} -E -e 's|localstatedir/run/stunnel.pid|localstatedir/stunnel.pid|' \
${WRKSRC}/configure.ac ${WRKSRC}/configure
Apply a blessed +3 magic wand of autotools protection; a rogue run of autoconf or automake over our local patches can ruin your whole day. This rarely, if ever, affected the vpopmail ports, causing mysterious failures at install time, but inevitably killed the stunnel build if automake-1.5 happened to be installed. Reported by: Dan Langille <dan@langille.org> for stunnel, Sitchin Zech <mailsagan@yahoo.com> for vpopmail
2002-09-20 21:55:07 +02:00
@${FIND} ${WRKSRC} -type f -name Makefile.in | ${XARGS} ${REINPLACE_CMD} -E -e 's,@(ACLOCAL|AUTO(MAKE|CONF|HEADER))@,/usr/bin/true,'
Update to stunnel-4.00. *** WARNING WARNING WARNING *** The stunnel invocation has changed! The program no longer accepts command-line options, but is controlled by a config file instead. Please refer to the stunnel(8) manual page for more information. PR: 42249 Submitted by: Dan Langille <dan@langille.org>, lioux
2002-09-20 11:29:11 +02:00
.ifdef(NOPORTDOCS)
@${REINPLACE_CMD} -E -e 's/ install-docDATA/ /; s/^(SUBDIRS.+)doc/\1/' \
${WRKSRC}/Makefile.in
.endif
Update to version 3.8.4. PR: 19637 Submitted by: maintainer
2000-07-07 21:27:28 +02:00
post-install:
The last update for this year, I hope :) Make stunnel use the rc_subr framework, allowing for much cleaner startup and shutdown of multiple instances of stunnel.
2004-12-30 16:37:50 +01:00
${SED} "s+!!PREFIX!!+${PREFIX}+g; s+!!RC_SUBR!!+${RC_SUBR}+g" \
< ${FILESDIR}/stunnel.sh > ${WRKDIR}/stunnel.sh
${INSTALL_SCRIPT} ${WRKDIR}/stunnel.sh ${PREFIX}/etc/rc.d/
Update to stunnel-4.00. *** WARNING WARNING WARNING *** The stunnel invocation has changed! The program no longer accepts command-line options, but is controlled by a config file instead. Please refer to the stunnel(8) manual page for more information. PR: 42249 Submitted by: Dan Langille <dan@langille.org>, lioux
2002-09-20 11:29:11 +02:00
@${SETENV} PKG_PREFIX=${PREFIX} ${SH} \
${PKGINSTALL} ${PKGNAME} POST-INSTALL
Update to version 3.2. PR: 12018 Submitted by: maintainer
1999-06-06 18:55:02 +02:00
@${ECHO} ""
Update to version 3.8.4. PR: 19637 Submitted by: maintainer
2000-07-07 21:27:28 +02:00
@${ECHO} "**************************************************************************"
@${ECHO} "To create and install a new certificate, type \"make cert\""
Update to version 3.2. PR: 12018 Submitted by: maintainer
1999-06-06 18:55:02 +02:00
@${ECHO} ""
Update to version 3.8.4. PR: 19637 Submitted by: maintainer
2000-07-07 21:27:28 +02:00
@${ECHO} "And don't forget to check out the FAQ at http://www.stunnel.org/"
@${ECHO} "**************************************************************************"
Update to version 3.2. PR: 12018 Submitted by: maintainer
1999-06-06 18:55:02 +02:00
@${ECHO} ""
The last update for this year, I hope :) Make stunnel use the rc_subr framework, allowing for much cleaner startup and shutdown of multiple instances of stunnel.
2004-12-30 16:37:50 +01:00
@${ECHO} "*********************** WARNING! WARNING! WARNING! ***********************"
@${ECHO} "The stunnel startup script has been converted to rc_subr"
@${ECHO} "format now. You have to set at least the stunnel_enable"
@${ECHO} "variable, and maybe also stunnel_config and stunnel_pidfile,"
@${ECHO} "if you want stunnel to be started automatically at boot time!"
@${ECHO} "**************************************************************************"
@${ECHO} ""
Update to version 3.2. PR: 12018 Submitted by: maintainer
1999-06-06 18:55:02 +02:00
Update to version 3.8.4. PR: 19637 Submitted by: maintainer
2000-07-07 21:27:28 +02:00
cert:
Update to version 3.2. PR: 12018 Submitted by: maintainer
1999-06-06 18:55:02 +02:00
@${ECHO} ""
@${ECHO} "**************************************************************************"
Catch up with stunnel's tools/Makefile to make the port's "make cert" target actually work again. Follow the upstream author's idea of keeping all stunnel-related configuration files into ${PREFIX}/etc/stunnel/ - now "make cert" also installs the certificate there instead of ${PREFIX}/etc/. Bump PORTREVISION and add a note to UPDATING for the certificate location change. PR: 91991 Reported by: Jiri Pridal <jiri.pridal@firebrno.cz>
2006-01-31 10:11:38 +01:00
@${ECHO} "The new certificate will be saved into ${PREFIX}/etc/stunnel/stunnel.pem"
Update to version 3.2. PR: 12018 Submitted by: maintainer
1999-06-06 18:55:02 +02:00
@${ECHO} "**************************************************************************"
@${ECHO} ""
Catch up with stunnel's tools/Makefile to make the port's "make cert" target actually work again. Follow the upstream author's idea of keeping all stunnel-related configuration files into ${PREFIX}/etc/stunnel/ - now "make cert" also installs the certificate there instead of ${PREFIX}/etc/. Bump PORTREVISION and add a note to UPDATING for the certificate location change. PR: 91991 Reported by: Jiri Pridal <jiri.pridal@firebrno.cz>
2006-01-31 10:11:38 +01:00
@(cd ${WRKSRC}/tools/; make install-data-local)
Update to version 3.2. PR: 12018 Submitted by: maintainer
1999-06-06 18:55:02 +02:00
Mark broken on -CURRENT until I figure out why stunnel doesn't like -CURRENT's OpenSSL. Reported by: dougb
2004-06-11 18:37:56 +02:00
.if ${OSVERSION} > 500000
Fix the bus error on startup in -CURRENT and 5.x-BETA. It turns out that the OpenSSL ENGINE code is, well, somewhat less than stellar, especially in combo with malloc's 'j' option. Even without it, though, there are some problems that I don't have time to look into right now. So, disable the OpenSSL ENGINE activation on FreeBSD 5.x, unless the WITH_STUNNEL_SSL_ENGINE knob is turned on. Also, while I'm here, fix the CONFIGURE_TARGET so the GNU configure script does not complain quite so loudly. Bump PORTREVISION for the functionality change (well, I guess you could say "not working" -> "working" is a functionality change ;)
2004-09-02 17:46:15 +02:00
.if !defined(WITH_STUNNEL_SSL_ENGINE)
EXTRA_PATCHES= ${FILESDIR}/ssl-noengine.patch
pre-patch:
@${ECHO} "*************************************************************************"
@${ECHO} "Note: you have to explicitly define WITH_STUNNEL_SSL_ENGINE to activate"
Update to stunnel-4.06. In addition to the PR: - enable the new IPv6 functionality when WITH_IPV6 is defined; - at last move over to libtool-1.5 and get rid of the .la file; - update the WITH_STUNNEL_SSL_ENGINE message to also mention FreeBSD 6.x; - remove the obsolete sock_ioctlsocket() definition from patch-aa; - fix a couple of getnameinfo(3)-related buglets; - fix a poll(2)-related buglet: it seems FreeBSD insists (correctly) that INFTIM passed to poll(2) should be -1, not just any negative value. PR: 75519 (somewhat) Submitted by: Dan Langille <dan@langille.org>
2004-12-27 15:33:19 +01:00
@${ECHO} "the OpenSSL ENGINE code on FreeBSD 5.x or 6.x."
Fix the bus error on startup in -CURRENT and 5.x-BETA. It turns out that the OpenSSL ENGINE code is, well, somewhat less than stellar, especially in combo with malloc's 'j' option. Even without it, though, there are some problems that I don't have time to look into right now. So, disable the OpenSSL ENGINE activation on FreeBSD 5.x, unless the WITH_STUNNEL_SSL_ENGINE knob is turned on. Also, while I'm here, fix the CONFIGURE_TARGET so the GNU configure script does not complain quite so loudly. Bump PORTREVISION for the functionality change (well, I guess you could say "not working" -> "working" is a functionality change ;)
2004-09-02 17:46:15 +02:00
@${ECHO} "There are known reliability issues with stunnel and the OpenSSL ENGINE"
@${ECHO} "code, so you are advised not to enable it."
@${ECHO} "*************************************************************************"
.else
pre-patch:
@${ECHO} "*************************************************************************"
@${ECHO} "Note: you have defined WITH_STUNNEL_SSL_ENGINE. Now stunnel will activate"
@${ECHO} "the OpenSSL ENGINE code even on FreeBSD 5.x."
@${ECHO} "There are known reliability issues with stunnel and the OpenSSL ENGINE"
@${ECHO} "code. You have enabled it at your own risk."
@${ECHO} "*************************************************************************"
.endif
Mark broken on -CURRENT until I figure out why stunnel doesn't like -CURRENT's OpenSSL. Reported by: dougb
2004-06-11 18:37:56 +02:00
.endif
.include <bsd.port.post.mk>
Reference in a new issue Copy permalink