From: diizzyy Date: Fri, 23 Sep 2016 12:07:51 +0000 (+0200) Subject: stunnel: Update to 5.36, use pthreads and SSP. X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=1c6389467086677d32e07414e0262e1215f36668;p=feed%2Fpackages.git stunnel: Update to 5.36, use pthreads and SSP. Updates stunnel to 5.36, changes it from using forking to pthreads and enables SSP linking. Also changes maintainer to myself. Regarding pthreads vs forking, http://blog.haproxy.com/2011/09/16/benchmarking_ssl_performance/ SSP is short for Stack Smashing Protector and you can read about it here: http://wiki.osdev.org/Stack_Smashing_Protector Signed-off-by: Daniel Engberg --- diff --git a/net/stunnel/Makefile b/net/stunnel/Makefile index 671ee511b3..1e84e9c7fd 100644 --- a/net/stunnel/Makefile +++ b/net/stunnel/Makefile @@ -8,16 +8,18 @@ include $(TOPDIR)/rules.mk PKG_NAME:=stunnel -PKG_VERSION:=5.20 +PKG_VERSION:=5.36 PKG_RELEASE:=1 PKG_LICENSE:=GPL-2.0+ -PKG_MAINTAINER:=Michael Haas +PKG_MAINTAINER:=Daniel Engberg PKG_LICENSE_FILES:=COPYING COPYRIGHT.GPL -PKG_SOURCE_URL:=http://stunnel.cybermirror.org/archive/5.x/ +PKG_SOURCE_URL:= \ + http://ftp.nluug.nl/pub/networking/stunnel/ \ + http://www.usenix.org.uk/mirrors/stunnel/ PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_MD5SUM:=3264375026c2b496b5d258e243222de8 +PKG_MD5SUM:=b3c002c312e757d9a40caf95363800b3 PKG_FIXUP:=autoreconf PKG_INSTALL:=1 @@ -27,7 +29,7 @@ include $(INCLUDE_DIR)/package.mk define Package/stunnel SECTION:=net CATEGORY:=Network - DEPENDS:=+libopenssl +zlib + DEPENDS:=+libopenssl +zlib +libpthread TITLE:=SSL TCP Wrapper URL:=http://www.stunnel.org/ endef @@ -47,7 +49,7 @@ endef CONFIGURE_ARGS+= \ --with-random=/dev/urandom \ - --with-threads=fork \ + --with-threads=pthread \ --with-ssl=$(STAGING_DIR)/usr \ --disable-libwrap \ --disable-systemd diff --git a/net/stunnel/patches/011_disable_ssp_linking.patch b/net/stunnel/patches/011_disable_ssp_linking.patch deleted file mode 100644 index 459c016da9..0000000000 --- a/net/stunnel/patches/011_disable_ssp_linking.patch +++ /dev/null @@ -1,140 +0,0 @@ ---- a/configure -+++ b/configure -@@ -5646,66 +5646,66 @@ done - - - --for flag in -fstack-protector; do -- as_CACHEVAR=`$as_echo "ax_cv_check_cflags__$flag" | $as_tr_sh` --{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 --$as_echo_n "checking whether C compiler accepts $flag... " >&6; } --if eval \${$as_CACHEVAR+:} false; then : -- $as_echo_n "(cached) " >&6 --else -- -- ax_check_save_flags=$CFLAGS -- CFLAGS="$CFLAGS $flag" -- cat confdefs.h - <<_ACEOF >conftest.$ac_ext --/* end confdefs.h. */ -- --int --main () --{ -- -- ; -- return 0; --} --_ACEOF --if ac_fn_c_try_compile "$LINENO"; then : -- eval "$as_CACHEVAR=yes" --else -- eval "$as_CACHEVAR=no" --fi --rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -- CFLAGS=$ax_check_save_flags --fi --eval ac_res=\$$as_CACHEVAR -- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 --$as_echo "$ac_res" >&6; } --if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : -- if ${CFLAGS+:} false; then : -- case " $CFLAGS " in -- *" $flag "*) -- { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 -- (: CFLAGS already contains $flag) 2>&5 -- ac_status=$? -- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 -- test $ac_status = 0; } -- ;; -- *) -- { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 -- (: CFLAGS="$CFLAGS $flag") 2>&5 -- ac_status=$? -- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 -- test $ac_status = 0; } -- CFLAGS="$CFLAGS $flag" -- ;; -- esac --else -- CFLAGS="$flag" --fi -- --else -- : --fi -- --done -+#for flag in -fstack-protector; do -+# as_CACHEVAR=`$as_echo "ax_cv_check_cflags__$flag" | $as_tr_sh` -+#{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 -+#$as_echo_n "checking whether C compiler accepts $flag... " >&6; } -+#if eval \${$as_CACHEVAR+:} false; then : -+# $as_echo_n "(cached) " >&6 -+#else -+# -+# ax_check_save_flags=$CFLAGS -+# CFLAGS="$CFLAGS $flag" -+# cat confdefs.h - <<_ACEOF >conftest.$ac_ext -+#/* end confdefs.h. */ -+ -+#int -+#main () -+#{ -+# -+# ; -+# return 0; -+#} -+#_ACEOF -+#if ac_fn_c_try_compile "$LINENO"; then : -+# eval "$as_CACHEVAR=yes" -+#else -+# eval "$as_CACHEVAR=no" -+#fi -+#rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -+# CFLAGS=$ax_check_save_flags -+#fi -+#eval ac_res=\$$as_CACHEVAR -+# { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -+#$as_echo "$ac_res" >&6; } -+#if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : -+# if ${CFLAGS+:} false; then : -+# case " $CFLAGS " in -+# *" $flag "*) -+# { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 -+# (: CFLAGS already contains $flag) 2>&5 -+# ac_status=$? -+# $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 -+# test $ac_status = 0; } -+# ;; -+# *) -+# { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 -+# (: CFLAGS="$CFLAGS $flag") 2>&5 -+# ac_status=$? -+# $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 -+# test $ac_status = 0; } -+# CFLAGS="$CFLAGS $flag" -+# ;; -+# esac -+#else -+# CFLAGS="$flag" -+#fi -+# -+#else -+# : -+#fi -+# -+#done - - - ---- a/configure.ac -+++ b/configure.ac -@@ -71,7 +71,7 @@ AX_APPEND_COMPILE_FLAGS([-Wformat=2]) - AX_APPEND_COMPILE_FLAGS([-Wconversion]) - AX_APPEND_COMPILE_FLAGS([-Wno-long-long]) - AX_APPEND_COMPILE_FLAGS([-Wno-deprecated-declarations]) --AX_APPEND_COMPILE_FLAGS([-fstack-protector]) -+#AX_APPEND_COMPILE_FLAGS([-fstack-protector]) - AX_APPEND_COMPILE_FLAGS([-fPIE]) - AX_APPEND_COMPILE_FLAGS([-D_FORTIFY_SOURCE=2]) - AX_APPEND_LINK_FLAGS([-fPIE -pie]) diff --git a/net/stunnel/patches/012-cron-without-pthread-fix.patch b/net/stunnel/patches/012-cron-without-pthread-fix.patch deleted file mode 100644 index 0f644b3c12..0000000000 --- a/net/stunnel/patches/012-cron-without-pthread-fix.patch +++ /dev/null @@ -1,14 +0,0 @@ -Index: stunnel-5.20/src/cron.c -=================================================================== ---- stunnel-5.20.orig/src/cron.c -+++ stunnel-5.20/src/cron.c -@@ -46,6 +46,9 @@ NOEXPORT void cron_thread(void *arg); - #endif - #if defined(USE_PTHREAD) || defined(USE_WIN32) - NOEXPORT void cron_worker(void); -+#endif -+ -+#ifndef OPENSSL_NO_DH - NOEXPORT void cron_dh_param(void); - #endif -