aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--security/stunnel/Makefile6
-rw-r--r--security/stunnel/distinfo1
-rw-r--r--security/stunnel/files/patch-src::client.c29
-rw-r--r--security/stunnel/files/patch-src::common.h27
4 files changed, 56 insertions, 7 deletions
diff --git a/security/stunnel/Makefile b/security/stunnel/Makefile
index ca6ee38be489..a8588ec0c460 100644
--- a/security/stunnel/Makefile
+++ b/security/stunnel/Makefile
@@ -7,7 +7,7 @@
PORTNAME= stunnel
PORTVERSION= 4.34
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= security
MASTER_SITES= http://www.stunnel.org/download/stunnel/src/ \
http://mirrors.zerg.biz/stunnel/%SUBDIR%/ \
@@ -22,6 +22,10 @@ MASTER_SITE_SUBDIR= . obsolete/4.x
MAINTAINER= roam@FreeBSD.org
COMMENT= SSL encryption wrapper for standard network daemons
+# FIXME: IMHO, there really ought to be a GPL-2+ option or some such.
+LICENSE= GPLv2 GPLv3
+LICENSE_COMB= dual
+
USE_AUTOTOOLS= libtool
USE_RC_SUBR= stunnel
diff --git a/security/stunnel/distinfo b/security/stunnel/distinfo
index c24bb16aac38..c2edb4ab2058 100644
--- a/security/stunnel/distinfo
+++ b/security/stunnel/distinfo
@@ -1,3 +1,2 @@
-MD5 (stunnel-4.34.tar.gz) = bbd274e8364ea3ceca0ee5190e13edd1
SHA256 (stunnel-4.34.tar.gz) = f15ff844ad8e234c645031ea8f9c509cbcfd11467a31835f099f328dbf2b4084
SIZE (stunnel-4.34.tar.gz) = 526336
diff --git a/security/stunnel/files/patch-src::client.c b/security/stunnel/files/patch-src::client.c
new file mode 100644
index 000000000000..ff6956a35df0
--- /dev/null
+++ b/security/stunnel/files/patch-src::client.c
@@ -0,0 +1,29 @@
+Description: Allow transparent proxying using IP_BINDANY.
+Forwarded: yes
+Author: Peter Pentchev <roam@FreeBSD.org>,
+ Jason Helfman <jhelfman@experts-exchange.com>
+Last-Updated: 2011-01-04
+
+--- src/client.c.orig
++++ src/client.c
+@@ -1034,15 +1034,16 @@
+ static void local_bind(CLI *c) {
+ SOCKADDR_UNION addr;
+
+-#ifdef IP_TRANSPARENT
++#ifdef STUNNEL_TRANSPARENT
+ int on=1;
+ if(c->opt->option.transparent) {
+- if(setsockopt(c->fd, SOL_IP, IP_TRANSPARENT, &on, sizeof on))
+- sockerror("setsockopt IP_TRANSPARENT");
++ if(setsockopt(c->fd, STUNNEL_TRANSPARENT_LEVEL,
++ STUNNEL_TRANSPARENT, &on, sizeof on))
++ sockerror("setsockopt " STUNNEL_TRANSPARENT_NAME);
+ /* ignore the error to retain Linux 2.2 compatibility */
+ /* the error will be handled by bind(), anyway */
+ }
+-#endif /* IP_TRANSPARENT */
++#endif /* STUNNEL_TRANSPARENT */
+
+ memcpy(&addr, &c->bind_addr.addr[0], sizeof addr);
+ if(ntohs(addr.in.sin_port)>=1024) { /* security check */
diff --git a/security/stunnel/files/patch-src::common.h b/security/stunnel/files/patch-src::common.h
index dfad511facd5..a84ee300439a 100644
--- a/security/stunnel/files/patch-src::common.h
+++ b/security/stunnel/files/patch-src::common.h
@@ -1,11 +1,28 @@
-Description: Build on FreeBSD versions of OpenSSL < 0.9.8b.
-Forwarded: not-needed
-Author: Peter Pentchev <roam@FreeBSD.org>
-Last-Update: 2010-09-20
+Description: Build with older OpenSSL and enable transparent binding.
+Forwarded: yes (the transparent proxying part)
+Author: Peter Pentchev <roam@FreeBSD.org>,
+ Jason Helfman <jhelfman@experts-exchange.com>
+Last-Update: 2011-01-04
--- src/common.h.orig
+++ src/common.h
-@@ -347,9 +347,6 @@
+@@ -337,6 +337,15 @@
+ /* old kernel headers without IP_TRANSPARENT definition */
+ #define IP_TRANSPARENT 19
+ #endif /* IP_TRANSPARENT */
++#define STUNNEL_TRANSPARENT IP_TRANSPARENT
++#define STUNNEL_TRANSPARENT_NAME "IP_TRANSPARENT"
++#define STUNNEL_TRANSPARENT_LEVEL SOL_IP
++#else /* __linux__ */
++#ifdef IP_BINDANY
++#define STUNNEL_TRANSPARENT IP_BINDANY
++#define STUNNEL_TRANSPARENT_NAME "IP_BINDANY"
++#define STUNNEL_TRANSPARENT_LEVEL IPPROTO_IP
++#endif
+ #endif /* __linux__ */
+
+ #endif /* USE_WIN32 */
+@@ -347,9 +356,6 @@
#define OPENSSL_THREAD_DEFINES
#include <openssl/opensslconf.h>