f8d27eec1e
- New features
- New verify level 0 to request and ignore peer certificate. This
feature is useful with the new Windows GUI menu to save cached peer
certificate chains, as SSL client certificates are not sent by default.
- Manual page has been updated.
- Removed support for changing Windows Service name with "service" option.
- Hardcoded 2048-bit DH parameters are used as a fallback if DH parameters
are not provided in stunnel.pem.
- Default "ciphers" value updated to prefer ECDH:
"ALL:!SSLv2:!aNULL:!EXP:!LOW:-MEDIUM:RC4:+HIGH".
- Default ECDH curve updated to "prime256v1".
- Removed support for temporary RSA keys (used in obsolete export ciphers).
- Bugfixes
- The -quiet commandline option was applied to *all* message boxes.
- Silent install (/S option) no longer attempts to create stunnel.pem.
58 lines
1.7 KiB
Makefile
58 lines
1.7 KiB
Makefile
# $NetBSD: Makefile,v 1.72 2011/08/24 17:56:50 tron Exp $
|
|
|
|
DISTNAME= stunnel-4.42
|
|
CATEGORIES= security
|
|
MASTER_SITES= ftp://ftp.stunnel.org/stunnel/
|
|
|
|
MAINTAINER= shaun@inerd.com
|
|
HOMEPAGE= http://www.stunnel.org/
|
|
COMMENT= Universal SSL tunnel
|
|
LICENSE= gnu-gpl-v2
|
|
|
|
PKG_DESTDIR_SUPPORT= user-destdir
|
|
|
|
BUILD_DEFS+= VARBASE
|
|
USE_LIBTOOL= yes
|
|
GNU_CONFIGURE= yes
|
|
CONFIGURE_ARGS+= --localstatedir=${VARBASE}
|
|
CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR}
|
|
CONFIGURE_ARGS+= --with-cert-dir=${SSLCERTS:Q}
|
|
CONFIGURE_ARGS+= --with-pem-dir=${SSLCERTS:Q}
|
|
CONFIGURE_ARGS+= --with-ssl=${SSLBASE:Q}
|
|
|
|
STUNNEL_USER?= stunnel
|
|
STUNNEL_GROUP?= stunnel
|
|
PKG_HOME?= ${VARBASE}/chroot/stunnel
|
|
PKG_USERS= ${STUNNEL_USER}:${STUNNEL_GROUP}::Stunnel:${PKG_HOME}
|
|
PKG_GROUPS= ${STUNNEL_GROUP}
|
|
USER_GROUP= ${STUNNEL_USER} ${STUNNEL_GROUP}
|
|
|
|
PKG_SYSCONFSUBDIR= stunnel
|
|
PKG_SYSCONFDIR_PERMS= ${USER_GROUP} 0700
|
|
|
|
OWN_DIRS_PERMS= ${PKG_HOME} ${USER_GROUP} 0700
|
|
CONF_FILES_PERMS+= ${PREFIX}/share/examples/stunnel/stunnel.conf-sample \
|
|
${PKG_SYSCONFDIR}/stunnel.conf ${USER_GROUP} 0644
|
|
|
|
RCD_SCRIPTS= stunnel
|
|
|
|
REPLACE_PERL+= src/stunnel3.in
|
|
USE_TOOLS+= perl:run
|
|
|
|
SUBST_CLASSES+= chroot
|
|
SUBST_MESSAGE.chroot= Fix chroot path
|
|
SUBST_STAGE.chroot= pre-configure
|
|
SUBST_FILES.chroot= tools/stunnel.conf-sample.in
|
|
SUBST_SED.chroot+= -e 's|@prefix@/var/lib|@localstatedir@/chroot|'
|
|
|
|
SUBST_CLASSES+= stunnel
|
|
SUBST_MESSAGE.stunnel= Fix user and group
|
|
SUBST_STAGE.stunnel= post-configure
|
|
SUBST_FILES.stunnel= tools/stunnel.conf-sample
|
|
SUBST_SED.stunnel= -e 's|setuid = nobody|setuid = ${STUNNEL_USER}|'
|
|
SUBST_SED.stunnel+= -e 's|setgid = nogroup|setgid = ${STUNNEL_GROUP}|'
|
|
|
|
.include "options.mk"
|
|
|
|
.include "../../security/openssl/buildlink3.mk"
|
|
.include "../../mk/bsd.pkg.mk"
|