pkgsrc-wip/stunnel3/distinfo

$NetBSD: distinfo,v 1.2 2005/04/23 18:36:08 hfath Exp $

SHA1 (stunnel-3.26.tar.gz) = 0d40d268a9e4b63630312cdee4efa5ecba53c9ec
RMD160 (stunnel-3.26.tar.gz) = 63347b6bc6fca1496d74a8ef234eea98a45e0b04
Size (stunnel-3.26.tar.gz) = 228923 bytes
SHA1 (patch-aa) = 197e5d3a6474d9a4b7f3c4c1e95fcc02c2840a20
SHA1 (patch-ab) = a9f1a4e6757b6115711e4601ac36f8d3e699c2c9
SHA1 (patch-ac) = e2e263683d6df9aeb5ac07944073e7156337a749
Update distinfo for RMD160 2005-04-23 20:36:08 +02:00			$NetBSD: distinfo,v 1.2 2005/04/23 18:36:08 hfath Exp $
Although there is a stunnel version 4, the v3 branch is still maintained. In fact, it does not have two annoying bugs of the v4: stunnel processes do not stick around forever, and the cli options are still present as opposed to the v4 windows-like config file. From the changelog since v3.22 (when the pkgsrc stunnel was upgraded to 4.0.4): Version 3.26, 2003.08.29 urgency: MEDIUM: * Several improvements, all implemented by Steve Grubb: * Fixed new child signal handler, introduced in 3.25, which was buggy in pthreads environments * Fixed problem where the accept() can block indefinately if the user or OS has discarded the connection. * Minor code cleanup and removal of duplicate function. Version 3.25, 2003.07.25, urgency: HIGH: * Fixed buggy SIGCHLD handling using patch supplied by Nalin Dahyabhai of Red Hat. * Fixed buggy SIGCHLD handling patch (their new pipe descriptors were leaked), removed unused pty_release and pty_make_controlling_tty functions which are not used, removed CRIT_LIBWRAP which needs to be inside CRIT_NTOA anyway. Thanks to Steve Grubb for these suggestions. * REMOTE_HOST variable is always placed in the environment of procesess spawned with 'exec'. * Added ENVIRONMENT section to man page, documenting REMOTE_HOST, SSL_CLIENT_DN and SSL_CLIENT_I_DN. * Removed entries from TODO, since development is in 4.x only. Version 3.24, 2002.04.23, urgency: HIGH: * Fixed bug whereby RSA blinding was called in client mode even when no cert was in use. * Patches no longer need to be public domain to be accepted into the Stunnel-3.x branch. Anything compatible with the existing GPL license is fine. Version 3.23, 2002.04.02, urgency: HIGH: * Enabled RSA blinding on all RSA keys to prevent RSA timing attack that was proven to be exploitable by David Brumley and Dan Boneh. See http://crypto.stanford.edu/~dabo/abstracts/ssl-timing.html for more details about the attack. If you have an OpenSSL library that has RSA blinding on by default (>=0.9.7b or >=0.9.6j) then you do not need to upgrade, but it is still suggested. * precompiled stunnel.exe no longer distributed in the source tarball * Brian Hatch <bri@stunnel.org> taking over maintenance of the Stunnel 3.x branch. New functionality should focus on the 4.x branch, 3.x will only be maintained for security and bugfixes. 2003-10-26 15:26:22 +01:00
			`SHA1 (stunnel-3.26.tar.gz) = 0d40d268a9e4b63630312cdee4efa5ecba53c9ec`
Update distinfo for RMD160 2005-04-23 20:36:08 +02:00			`RMD160 (stunnel-3.26.tar.gz) = 63347b6bc6fca1496d74a8ef234eea98a45e0b04`
Although there is a stunnel version 4, the v3 branch is still maintained. In fact, it does not have two annoying bugs of the v4: stunnel processes do not stick around forever, and the cli options are still present as opposed to the v4 windows-like config file. From the changelog since v3.22 (when the pkgsrc stunnel was upgraded to 4.0.4): Version 3.26, 2003.08.29 urgency: MEDIUM: * Several improvements, all implemented by Steve Grubb: * Fixed new child signal handler, introduced in 3.25, which was buggy in pthreads environments * Fixed problem where the accept() can block indefinately if the user or OS has discarded the connection. * Minor code cleanup and removal of duplicate function. Version 3.25, 2003.07.25, urgency: HIGH: * Fixed buggy SIGCHLD handling using patch supplied by Nalin Dahyabhai of Red Hat. * Fixed buggy SIGCHLD handling patch (their new pipe descriptors were leaked), removed unused pty_release and pty_make_controlling_tty functions which are not used, removed CRIT_LIBWRAP which needs to be inside CRIT_NTOA anyway. Thanks to Steve Grubb for these suggestions. * REMOTE_HOST variable is always placed in the environment of procesess spawned with 'exec'. * Added ENVIRONMENT section to man page, documenting REMOTE_HOST, SSL_CLIENT_DN and SSL_CLIENT_I_DN. * Removed entries from TODO, since development is in 4.x only. Version 3.24, 2002.04.23, urgency: HIGH: * Fixed bug whereby RSA blinding was called in client mode even when no cert was in use. * Patches no longer need to be public domain to be accepted into the Stunnel-3.x branch. Anything compatible with the existing GPL license is fine. Version 3.23, 2002.04.02, urgency: HIGH: * Enabled RSA blinding on all RSA keys to prevent RSA timing attack that was proven to be exploitable by David Brumley and Dan Boneh. See http://crypto.stanford.edu/~dabo/abstracts/ssl-timing.html for more details about the attack. If you have an OpenSSL library that has RSA blinding on by default (>=0.9.7b or >=0.9.6j) then you do not need to upgrade, but it is still suggested. * precompiled stunnel.exe no longer distributed in the source tarball * Brian Hatch <bri@stunnel.org> taking over maintenance of the Stunnel 3.x branch. New functionality should focus on the 4.x branch, 3.x will only be maintained for security and bugfixes. 2003-10-26 15:26:22 +01:00			`Size (stunnel-3.26.tar.gz) = 228923 bytes`
			`SHA1 (patch-aa) = 197e5d3a6474d9a4b7f3c4c1e95fcc02c2840a20`
			`SHA1 (patch-ab) = a9f1a4e6757b6115711e4601ac36f8d3e699c2c9`
			`SHA1 (patch-ac) = e2e263683d6df9aeb5ac07944073e7156337a749`