blob: 6e56c68a821d92f9d4d61567deb31fd7a7780ada (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
|
# Created by: Martti Kuparinen <martti.kuparinen@ericsson.com>
# $FreeBSD$
PORTNAME= stunnel
PORTVERSION= 5.44
PORTEPOCH= 1
CATEGORIES= security
MASTER_SITES= https://www.stunnel.org/downloads/%SUBDIR%/ \
https://www.stunnel.org/downloads/beta/ \
http://mirrors.zerg.biz/stunnel/%SUBDIR%/ \
http://mirrors.go-part.com/stunnel/%SUBDIR%/ \
http://ftp.nluug.nl/pub/networking/stunnel/%SUBDIR%/ \
ftp://ftp.nluug.nl/pub/networking/stunnel/%SUBDIR%/ \
http://ftp.nluug.nl/pub/networking/stunnel/%SUBDIR%/ \
ftp://ftp.surfnet.nl/pub/networking/stunnel/%SUBDIR%/ \
http://ftp.surfnet.nl/pub/networking/stunnel/%SUBDIR%/ \
ftp://stunnel.mirt.net/stunnel/%SUBDIR%/ \
http://www.namesdir.com/mirrors/stunnel/%SUBDIR%/ \
http://stunnel.cybermirror.org/%SUBDIR%/ \
http://mirrors.zerg.biz/stunnel/%SUBDIR%/ \
ZI
MAINTAINER= zi@FreeBSD.org
COMMENT= SSL encryption wrapper for standard network daemons
# FIXME: IMHO, there really ought to be a GPL-2+ option or some such.
LICENSE= GPLv2 GPLv3
LICENSE_COMB= dual
USES= cpe libtool perl5 shebangfix ssl
USE_PERL5= build
USE_LDCONFIG= yes
USE_RC_SUBR= stunnel
GNU_CONFIGURE= yes
CONFIGURE_ARGS= --localstatedir=/var/tmp --enable-static --disable-systemd \
--with-ssl="${OPENSSLBASE}"
SHEBANG_FILES= src/stunnel3.in
OPTIONS_DEFINE= DOCS EXAMPLES FIPS IPV6 LIBWRAP
OPTIONS_SINGLE= THREAD
OPTIONS_SINGLE_THREAD= FORK PTHREAD UCONTEXT
OPTIONS_DEFAULT= PTHREAD
FIPS_CONFIGURE_ENABLE= fips
IPV6_CONFIGURE_ENABLE= ipv6
LIBWRAP_CONFIGURE_ENABLE= libwrap
FIPS_DESC= Enable OpenSSL FIPS mode
FORK_DESC= Use the fork(3) threading model
PTHREAD_DESC= Use the pthread(3) threading model
UCONTEXT_DESC= Use the ucontext(3) threading model
STUNNEL_USER?= stunnel
STUNNEL_GROUP?= stunnel
USERS= ${STUNNEL_USER}
GROUPS= ${STUNNEL_GROUP}
.include <bsd.port.options.mk>
.if ${PORT_OPTIONS:MLIBWRAP}
LDFLAGS+= -lwrap
.endif
.if ${PORT_OPTIONS:MUCONTEXT}
CONFIGURE_ARGS+=--with-threads=ucontext
LDFLAGS+= -lpthread
.elif ${PORT_OPTIONS:MFORK}
CONFIGURE_ARGS+=--with-threads=fork
.else
CONFIGURE_ARGS+=--with-threads=pthread
LDFLAGS+= -lpthread
.endif
.include <bsd.port.pre.mk>
.if ${PORT_OPTIONS:MFIPS} && ${SSL_DEFAULT:Mlibressl*}
IGNORE= LibreSSL does not support FIPS standard
.endif
.if ${SSL_DEFAULT:Mlibressl*}
NO_PACKAGE= The stunnel license restricts distribution when linked to non-OpenSSL non-base SSL-libraries
.endif
post-patch:
# place files under /var/tmp so that this can be run by an unprivileged
# user stunnel and group stunnel
@${REINPLACE_CMD} -E -e 's|\@prefix\@/var/lib/stunnel/|/var/tmp/stunnel|; \
s|nobody|stunnel|;s|nogroup|stunnel|;s|;include |include |' \
${WRKSRC}/tools/stunnel.conf-sample.in
@${REINPLACE_CMD} -E -e 's|\$$\(prefix\)/var/run/stunnel/stunnel.pid|$$(localstatedir)/stunnel.pid|' \
${WRKSRC}/src/Makefile.in
@${FIND} ${WRKSRC} -type f -name Makefile.in | ${XARGS} ${REINPLACE_CMD} -E -e 's,@(ACLOCAL|AUTO(MAKE|CONF|HEADER))@,/usr/bin/true,'
@${REINPLACE_CMD} -E -e 's|install-confDATA install-data-local|install-confDATA|g' \
${WRKSRC}/tools/Makefile.in
.if empty(PORT_OPTIONS:MDOCS)
@${REINPLACE_CMD} -E -e 's/ install-docDATA/ /' ${WRKSRC}/Makefile.in
@${REINPLACE_CMD} -E -e '/install-data-am/s,install-docDATA,,' ${WRKSRC}/doc/Makefile.in
.endif
.if empty(PORT_OPTIONS:MEXAMPLES)
@${REINPLACE_CMD} -E -e 's/([^n])install-examplesDATA/\1/' \
${WRKSRC}/tools/Makefile.in
.else
@${REINPLACE_CMD} -E -e 's|\$$\(docdir\)/examples|${EXAMPLESDIR}|g' ${WRKSRC}/tools/Makefile.in
.endif
post-build:
@${STRIP_CMD} ${WRKSRC}/src/.libs/libstunnel.so
post-install:
${MKDIR} ${STAGEDIR}${ETCDIR}/conf.d/
${INSTALL_DATA} ${FILESDIR}/pid.conf ${STAGEDIR}${ETCDIR}/conf.d/
cert:
@${ECHO} ""
@${ECHO} "**************************************************************************"
@${ECHO} "The new certificate will be saved into ${ETCDIR}/stunnel.pem"
@${ECHO} "**************************************************************************"
@${ECHO} ""
@(cd ${WRKSRC}/tools/; make cert)
.include <bsd.port.post.mk>
|