--- /dev/null
+#
+# Copyright (C) 2006-2014 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=stunnel
+PKG_VERSION:=5.10
+PKG_RELEASE:=1
+
+PKG_LICENSE:=GPL-2.0+
+PKG_MAINTAINER:=Michael Haas <haas@computerlinguist.org>
+PKG_LICENSE_FILES:=COPYING COPYRIGHT.GPL
+
+PKG_SOURCE_URL:=http://stunnel.cybermirror.org/archive/5.x/
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_MD5SUM:=a0edda805eb7d6ea600a230fb0979ea1
+
+PKG_FIXUP:=autoreconf
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/stunnel
+ SECTION:=net
+ CATEGORY:=Network
+ DEPENDS:=+libopenssl
+ TITLE:=SSL TCP Wrapper
+ URL:=http://www.stunnel.org/
+endef
+
+define Package/stunnel/description
+ Stunnel is a program that allows you to encrypt arbitrary TCP
+ connections inside SSL (Secure Sockets Layer) available on both Unix
+ and Windows. Stunnel can allow you to secure non-SSL aware daemons and
+ protocols (like POP, IMAP, LDAP, etc) by having Stunnel provide the
+ encryption, requiring no changes to the daemon's code.
+endef
+
+define Package/stunnel/conffiles
+/etc/stunnel/stunnel.conf
+endef
+
+
+CONFIGURE_ARGS+= \
+ --with-random=/dev/urandom \
+ --with-threads=fork \
+ --with-ssl=$(STAGING_DIR)/usr \
+ --disable-libwrap \
+ --disable-systemd
+
+ifeq ($(CONFIG_IPV6),n)
+CONFIGURE_ARGS+= \
+ --disable-ipv6
+endif
+
+define Build/Compile
+ mkdir -p $(PKG_INSTALL_DIR)/etc/stunnel
+ echo '#dummy' > $(PKG_INSTALL_DIR)/etc/stunnel/stunnel.pem
+ $(call Build/Compile/Default)
+endef
+
+define Package/stunnel/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/stunnel $(1)/usr/bin/
+ $(INSTALL_DIR) $(1)/usr/lib/stunnel
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/stunnel/libstunnel.so $(1)/usr/lib/stunnel/
+ $(INSTALL_DIR) $(1)/etc/stunnel
+ $(INSTALL_CONF) ./files/stunnel.conf $(1)/etc/stunnel/stunnel.conf
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) ./files/stunnel.init $(1)/etc/init.d/stunnel
+endef
+
+$(eval $(call BuildPackage,stunnel))
--- /dev/null
+; Drop privileges
+setuid = nobody
+setgid = nogroup
+
+; When running under procd, stay in foreground
+foreground = yes
+
+; Don't log to stderr, use syslog
+syslog = yes
+
+; 1-7. Use 7 for greatest verbosity
+;debug = 5
+
+; Starting here, enter your services or uncomment the examples
+
+; Example:
+; If your local httpd does not support HTTPS, use stunnel in remote
+; mode to forward TLS connections coming in on port 443 to non-TLS
+; on port 80.
+; Make sure that the cert is available.
+;[httpd]
+;accept = 443
+;connect = 127.0.0.1:80
+;cert = /etc/stunnel/stunnel.pem
+
+; Example:
+; If your local email client does not support TLS,
+; use stunnel in client mode to forward non-TLS connections on
+; port 143 to TLS-enabled servername:993.
+;[imap]
+;client = yes
+;accept = 143
+;connect = servername:993
+; Disable peer verification - be sure to understand the limitations of peer
+; verification in stunnel when enabling.
+;verify = 0
+
+; Default client section:
+; stunnel requires at least one section to start successfully.
+; You can safely remove this section once you have configured
+; your own. We use client mode here as server requires a certificate.
+[dummy]
+client = yes
+accept = localhost:6000
+connect = localhost:6001
--- /dev/null
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2006-2008 OpenWrt.org
+
+START=90
+USE_PROCD=1
+
+start_service() {
+ procd_open_instance
+ procd_set_param command /usr/bin/stunnel /etc/stunnel/stunnel.conf
+ procd_set_param respawn # respawn automatically if something died
+ procd_close_instance
+}
--- /dev/null
+--- a/src/prototypes.h
++++ b/src/prototypes.h
+@@ -559,7 +559,7 @@ extern GETNAMEINFO s_getnameinfo;
+
+ #endif /* USE_WIN32 */
+
+-int getnameinfo(const struct sockaddr *, int, char *, int, char *, int, int);
++int getnameinfo(const struct sockaddr *, socklen_t, char *, socklen_t, char *, socklen_t, unsigned int);
+
+ #endif /* !defined HAVE_GETNAMEINFO */
+
+--- a/src/resolver.c
++++ b/src/resolver.c
+@@ -535,8 +535,9 @@ const char *s_gai_strerror(int err) {
+ /* implementation is limited to functionality needed by stunnel */
+
+ #ifndef HAVE_GETNAMEINFO
+-int getnameinfo(const struct sockaddr *sa, int salen,
+- char *host, int hostlen, char *serv, int servlen, int flags) {
++int getnameinfo(const struct sockaddr *sa, socklen_t salen,
++ char *host, socklen_t hostlen, char *serv, socklen_t servlen,
++ unsigned int flags) {
+
+ #if defined(USE_WIN32) && !defined(_WIN32_WCE)
+ if(s_getnameinfo)
--- /dev/null
+--- a/configure
++++ b/configure
+@@ -5646,66 +5646,66 @@ done
+
+
+
+-for flag in -fstack-protector; do
+- as_CACHEVAR=`$as_echo "ax_cv_check_cflags__$flag" | $as_tr_sh`
+-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+-$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+-if eval \${$as_CACHEVAR+:} false; then :
+- $as_echo_n "(cached) " >&6
+-else
+-
+- ax_check_save_flags=$CFLAGS
+- CFLAGS="$CFLAGS $flag"
+- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+-/* end confdefs.h. */
+-
+-int
+-main ()
+-{
+-
+- ;
+- return 0;
+-}
+-_ACEOF
+-if ac_fn_c_try_compile "$LINENO"; then :
+- eval "$as_CACHEVAR=yes"
+-else
+- eval "$as_CACHEVAR=no"
+-fi
+-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+- CFLAGS=$ax_check_save_flags
+-fi
+-eval ac_res=\$$as_CACHEVAR
+- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+-$as_echo "$ac_res" >&6; }
+-if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+- if ${CFLAGS+:} false; then :
+- case " $CFLAGS " in
+- *" $flag "*)
+- { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+- (: CFLAGS already contains $flag) 2>&5
+- ac_status=$?
+- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+- test $ac_status = 0; }
+- ;;
+- *)
+- { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+- (: CFLAGS="$CFLAGS $flag") 2>&5
+- ac_status=$?
+- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+- test $ac_status = 0; }
+- CFLAGS="$CFLAGS $flag"
+- ;;
+- esac
+-else
+- CFLAGS="$flag"
+-fi
+-
+-else
+- :
+-fi
+-
+-done
++#for flag in -fstack-protector; do
++# as_CACHEVAR=`$as_echo "ax_cv_check_cflags__$flag" | $as_tr_sh`
++#{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
++#$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
++#if eval \${$as_CACHEVAR+:} false; then :
++# $as_echo_n "(cached) " >&6
++#else
++#
++# ax_check_save_flags=$CFLAGS
++# CFLAGS="$CFLAGS $flag"
++# cat confdefs.h - <<_ACEOF >conftest.$ac_ext
++#/* end confdefs.h. */
++
++#int
++#main ()
++#{
++#
++# ;
++# return 0;
++#}
++#_ACEOF
++#if ac_fn_c_try_compile "$LINENO"; then :
++# eval "$as_CACHEVAR=yes"
++#else
++# eval "$as_CACHEVAR=no"
++#fi
++#rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
++# CFLAGS=$ax_check_save_flags
++#fi
++#eval ac_res=\$$as_CACHEVAR
++# { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
++#$as_echo "$ac_res" >&6; }
++#if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
++# if ${CFLAGS+:} false; then :
++# case " $CFLAGS " in
++# *" $flag "*)
++# { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
++# (: CFLAGS already contains $flag) 2>&5
++# ac_status=$?
++# $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
++# test $ac_status = 0; }
++# ;;
++# *)
++# { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
++# (: CFLAGS="$CFLAGS $flag") 2>&5
++# ac_status=$?
++# $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
++# test $ac_status = 0; }
++# CFLAGS="$CFLAGS $flag"
++# ;;
++# esac
++#else
++# CFLAGS="$flag"
++#fi
++#
++#else
++# :
++#fi
++#
++#done
+
+
+
+--- a/configure.ac
++++ b/configure.ac
+@@ -71,7 +71,7 @@ AX_APPEND_COMPILE_FLAGS([-Wformat=2])
+ AX_APPEND_COMPILE_FLAGS([-Wconversion])
+ AX_APPEND_COMPILE_FLAGS([-Wno-long-long])
+ AX_APPEND_COMPILE_FLAGS([-Wno-deprecated-declarations])
+-AX_APPEND_COMPILE_FLAGS([-fstack-protector])
++#AX_APPEND_COMPILE_FLAGS([-fstack-protector])
+ AX_APPEND_COMPILE_FLAGS([-fPIE])
+ AX_APPEND_COMPILE_FLAGS([-D_FORTIFY_SOURCE=2])
+ AX_APPEND_LINK_FLAGS([-fPIE -pie])
projects / feed / packages.git / commitdiff