744b7a5fbb
connection options being configurable per connection, not global anymore.
129 lines
5.1 KiB
Makefile
129 lines
5.1 KiB
Makefile
# New ports collection makefile for: stunnel
|
|
# Date created: Mon Jan 11 11:53:54 EET 1999
|
|
# Whom: Martti Kuparinen <martti.kuparinen@ericsson.com>
|
|
#
|
|
# $FreeBSD$
|
|
#
|
|
|
|
PORTNAME= stunnel
|
|
PORTVERSION= 4.15
|
|
CATEGORIES= security
|
|
MASTER_SITES= http://www.stunnel.org/download/stunnel/src/ \
|
|
ftp://stunnel.mirt.net/stunnel/ \
|
|
ftp://stunnel.mirt.net/stunnel/OBSOLETE/ \
|
|
ftp://opensores.thebunker.net/pub/mirrors/stunnel/download/stunnel/src/
|
|
|
|
MAINTAINER= roam@FreeBSD.org
|
|
COMMENT= SSL encryption wrapper for standard network daemons
|
|
|
|
PATCHFILES+= fdputline.patch:fdputline
|
|
PATCH_SITES+= ftp://ftp.mirt.net/stunnel/:fdputline
|
|
PATCH_DIST_STRIP= -p1
|
|
|
|
USE_OPENSSL= YES
|
|
USE_RC_SUBR= YES
|
|
|
|
GNU_CONFIGURE= yes
|
|
CONFIGURE_TARGET= --target=${MACHINE_ARCH}-portbld-freebsd${OSREL}
|
|
CONFIGURE_ARGS= --localstatedir=/var/tmp --with-pem-dir=${PEM_DIR} \
|
|
--enable-static
|
|
|
|
.if !defined(NOPORTDOCS)
|
|
MAN8= stunnel.8 stunnel.fr.8 stunnel.pl.8
|
|
.endif
|
|
|
|
PEM_DIR?= ${PREFIX}/etc
|
|
|
|
OPTIONS= FORK "use the fork(3) threading model" off \
|
|
PTHREAD "use the pthread(3) threading model (default)" on \
|
|
UCONTEXT "use the ucontext(3) threading model" off \
|
|
IPV6 "enable IPv6 support" off
|
|
|
|
.include <bsd.port.pre.mk>
|
|
|
|
.if defined(WITH_IPV6)
|
|
CONFIGURE_ARGS+= --enable-ipv6
|
|
.endif
|
|
|
|
.if defined(WITH_UCONTEXT) && defined(WITH_FORK) || defined(WITH_UCONTEXT) && defined(WITH_PTHREAD) || defined(WITH_FORK) && defined(WITH_PTHREAD)
|
|
BROKEN= 'The WITH_UCONTEXT, WITH_FORK and WITH_PTHREAD options are mutually exclusive - please specify at most one of them, the default is WITH_PTHREAD'
|
|
.endif
|
|
|
|
.if defined(WITH_UCONTEXT)
|
|
.if ${OSVERSION} < 500112
|
|
BROKEN= 'The ucontext model is only supported on FreeBSD 5.x and 6.x'
|
|
.endif
|
|
CONFIGURE_ARGS+=--with-threads=ucontext
|
|
CONFIGURE_ENV= CPPFLAGS="${CPPFLAGS} ${PTHREAD_CFLAGS}" LDFLAGS="${LDFLAGS} ${PTHREAD_LIBS}"
|
|
.elif defined(WITH_FORK)
|
|
CONFIGURE_ARGS+=--with-threads=fork
|
|
.else
|
|
CONFIGURE_ARGS+=--with-threads=pthread
|
|
CONFIGURE_ENV= CPPFLAGS="${CPPFLAGS} ${PTHREAD_CFLAGS}" LDFLAGS="${LDFLAGS} ${PTHREAD_LIBS}"
|
|
.endif
|
|
|
|
post-patch:
|
|
# place files under /var/tmp so that this can be run by an unprivileged
|
|
# user stunnel and group stunnel
|
|
@${REINPLACE_CMD} -E -e 's|\@prefix\@/var/lib/stunnel/|/var/tmp/stunnel|; \
|
|
s|nobody|stunnel|;s|nogroup|stunnel|' \
|
|
${WRKSRC}/tools/stunnel.conf-sample.in
|
|
${REINPLACE_CMD} -E -e 's|\$$\(prefix\)/var/run/stunnel/stunnel.pid|$$(localstatedir)/stunnel.pid|' \
|
|
${WRKSRC}/src/Makefile.in
|
|
@${FIND} ${WRKSRC} -type f -name Makefile.in | ${XARGS} ${REINPLACE_CMD} -E -e 's,@(ACLOCAL|AUTO(MAKE|CONF|HEADER))@,/usr/bin/true,'
|
|
.ifdef(NOPORTDOCS)
|
|
@${REINPLACE_CMD} -E -e 's/ install-docDATA/ /; s/^(SUBDIRS.+)doc/\1/' \
|
|
${WRKSRC}/Makefile.in
|
|
.endif
|
|
|
|
post-install:
|
|
${SED} "s+!!PREFIX!!+${PREFIX}+g; s+!!RC_SUBR!!+${RC_SUBR}+g" \
|
|
< ${FILESDIR}/stunnel.sh > ${WRKDIR}/stunnel.sh
|
|
${INSTALL_SCRIPT} ${WRKDIR}/stunnel.sh ${PREFIX}/etc/rc.d/
|
|
@${SETENV} PKG_PREFIX=${PREFIX} ${SH} \
|
|
${PKGINSTALL} ${PKGNAME} POST-INSTALL
|
|
@${ECHO} ""
|
|
@${ECHO} "**************************************************************************"
|
|
@${ECHO} "To create and install a new certificate, type \"make cert\""
|
|
@${ECHO} ""
|
|
@${ECHO} "And don't forget to check out the FAQ at http://www.stunnel.org/"
|
|
@${ECHO} "**************************************************************************"
|
|
@${ECHO} ""
|
|
@${ECHO} "*********************** WARNING! WARNING! WARNING! ***********************"
|
|
@${ECHO} "The stunnel startup script has been converted to rc_subr"
|
|
@${ECHO} "format now. You have to set at least the stunnel_enable"
|
|
@${ECHO} "variable, and maybe also stunnel_config and stunnel_pidfile,"
|
|
@${ECHO} "if you want stunnel to be started automatically at boot time!"
|
|
@${ECHO} "**************************************************************************"
|
|
@${ECHO} ""
|
|
|
|
cert:
|
|
@${ECHO} ""
|
|
@${ECHO} "**************************************************************************"
|
|
@${ECHO} "The new certificate will be saved into ${PREFIX}/etc/stunnel/stunnel.pem"
|
|
@${ECHO} "**************************************************************************"
|
|
@${ECHO} ""
|
|
@(cd ${WRKSRC}/tools/; make install-data-local)
|
|
|
|
.if ${OSVERSION} > 500000
|
|
.if !defined(WITH_STUNNEL_SSL_ENGINE)
|
|
EXTRA_PATCHES= ${FILESDIR}/ssl-noengine.patch
|
|
pre-patch:
|
|
@${ECHO} "*************************************************************************"
|
|
@${ECHO} "Note: you have to explicitly define WITH_STUNNEL_SSL_ENGINE to activate"
|
|
@${ECHO} "the OpenSSL ENGINE code on FreeBSD 5.x or 6.x."
|
|
@${ECHO} "There are known reliability issues with stunnel and the OpenSSL ENGINE"
|
|
@${ECHO} "code, so you are advised not to enable it."
|
|
@${ECHO} "*************************************************************************"
|
|
.else
|
|
pre-patch:
|
|
@${ECHO} "*************************************************************************"
|
|
@${ECHO} "Note: you have defined WITH_STUNNEL_SSL_ENGINE. Now stunnel will activate"
|
|
@${ECHO} "the OpenSSL ENGINE code even on FreeBSD 5.x."
|
|
@${ECHO} "There are known reliability issues with stunnel and the OpenSSL ENGINE"
|
|
@${ECHO} "code. You have enabled it at your own risk."
|
|
@${ECHO} "*************************************************************************"
|
|
.endif
|
|
.endif
|
|
|
|
.include <bsd.port.post.mk>
|