Hello community, here is the log from the commit of package stunnel for openSUSE:Factory checked in at 2018-02-02 22:21:36 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/stunnel (Old) and /work/SRC/openSUSE:Factory/.stunnel.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "stunnel" Fri Feb 2 22:21:36 2018 rev:10 rq:571634 version:5.44 Changes: -------- --- /work/SRC/openSUSE:Factory/stunnel/stunnel.changes 2017-12-04 12:16:17.888760282 +0100 +++ /work/SRC/openSUSE:Factory/.stunnel.new/stunnel.changes 2018-02-02 22:21:39.203636938 +0100 @@ -1,0 +2,20 @@ +Wed Jan 24 00:16:02 UTC 2018 - avindra@opensuse.org + +- update to version 5.44 + * Default accept address restored to INADDR_ANY + * Fix race condition in "make check" + * Fix removing the pid file after configuration reload +- includes 5.43 + * Allow for multiple "accept" ports per section + * Self-test framework (make check) + * Added config load before OpenSSL init + * OpenSSL 1.1.1-dev compilation fixes + * Fixed round-robin failover in the FORK threading model + * Fixed handling SSL_ERROR_ZERO_RETURN in SSL_shutdown() + * Minor fixes of the logging subsystem + * OpenSSL DLLs updated to version 1.0.2m +- add new checking to build +- rebase stunnel-listenqueue-option.patch +- Cleanup with spec-cleaner + +------------------------------------------------------------------- Old: ---- stunnel-5.42.tar.gz stunnel-5.42.tar.gz.asc New: ---- stunnel-5.44.tar.gz stunnel-5.44.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ stunnel.spec ++++++ --- /var/tmp/diff_new_pack.7GsFAv/_old 2018-02-02 22:21:40.159592309 +0100 +++ /var/tmp/diff_new_pack.7GsFAv/_new 2018-02-02 22:21:40.163592122 +0100 @@ -1,7 +1,7 @@ # # spec file for package stunnel # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,19 +16,25 @@ # +%define VENDOR openSUSE +%if 0%{?suse_version} >= 1210 +%define has_systemd 1 +BuildRequires: systemd +%{?systemd_requires} +%else +PreReq: %insserv_prereq +%endif #Compat macro for new _fillupdir macro introduced in Nov 2017 %if ! %{defined _fillupdir} - %define _fillupdir /var/adm/fillup-templates + %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif - Name: stunnel -Version: 5.42 +Version: 5.44 Release: 0 Summary: Universal SSL Tunnel License: GPL-2.0+ Group: Productivity/Networking/Security Url: http://www.stunnel.org/ -PreReq: /usr/sbin/useradd fileutils textutils %fillup_prereq Source: https://www.stunnel.org/downloads/%{name}-%{version}.tar.gz Source1: https://www.stunnel.org/downloads/%{name}-%{version}.tar.gz.asc Source2: stunnel.keyring @@ -38,21 +44,15 @@ Source6: stunnel.conf Source7: stunnel.README Patch0: stunnel-listenqueue-option.patch -BuildRoot: %{_tmppath}/%{name}-%{version}-build -%define VENDOR openSUSE BuildRequires: libopenssl-devel BuildRequires: pkgconfig BuildRequires: tcpd-devel BuildRequires: zlib-devel BuildRequires: pkgconfig(libsystemd) - -%if 0%{?suse_version} >= 1210 -BuildRequires: systemd -%{?systemd_requires} -%define has_systemd 1 -%else -PreReq: %insserv_prereq -%endif +PreReq: %fillup_prereq +PreReq: %{_sbindir}/useradd +PreReq: fileutils +PreReq: textutils %description The stunnel program is designed to work as an SSL encryption wrapper @@ -76,47 +76,51 @@ %prep %setup -q -n stunnel-%{version} -%patch0 -p0 +%patch0 -p1 chmod -x $RPM_BUILD_DIR/stunnel-%{version}/tools/ca.* chmod -x $RPM_BUILD_DIR/stunnel-%{version}/tools/importCA.* %build sed -i 's/-m 1770 -g nogroup//g' tools/Makefile.in +%configure \ %if 0%{?suse_version} == 1110 - %configure --disable-static --disable-fips --bindir=%{_sbindir} -%else - %configure --disable-static --bindir=%{_sbindir} + --disable-fips \ %endif + --disable-static \ + --bindir=%{_sbindir} make %{?_smp_mflags} LDADD="-pie -Wl,-z,defs,-z,relro" +%check +make %{?_smp_mflags} check + %install -make install DESTDIR=$RPM_BUILD_ROOT +%make_install -cp -p %{S:1} tools/stunnel.conf-sample.%VENDOR -cp -p %{S:2} README.%VENDOR -mkdir -p $RPM_BUILD_ROOT%{_fillupdir} -cp -p %{S:3} $RPM_BUILD_ROOT%{_fillupdir}/ -%if 0%{?has_systemd} -install -D -m 0644 $RPM_SOURCE_DIR/stunnel.service $RPM_BUILD_ROOT/%_unitdir/stunnel.service -ln -s service $RPM_BUILD_ROOT/usr/sbin/rcstunnel -%else -mkdir -p $RPM_BUILD_ROOT/etc/init.d/ -install -m 744 $RPM_SOURCE_DIR/stunnel.rc $RPM_BUILD_ROOT/etc/init.d/stunnel -ln -s ../../etc/init.d/stunnel $RPM_BUILD_ROOT/usr/sbin/rcstunnel -%endif -mv $RPM_BUILD_ROOT/%{_sysconfdir}/stunnel/stunnel.conf-sample tools/stunnel.conf-sample -rm $RPM_BUILD_ROOT/%{_libdir}/stunnel/*.la -rm -rf $RPM_BUILD_ROOT/usr/share/doc/packages/stunnel/INSTALL -rm -rf $RPM_BUILD_ROOT/usr/share/doc/packages/stunnel/INSTALL.WCE -rm -rf $RPM_BUILD_ROOT/usr/share/doc/packages/stunnel/INSTALL.W32 -rm -rf $RPM_BUILD_ROOT/usr/share/doc/packages/stunnel/tools/stunnel.cnf -rm -rf $RPM_BUILD_ROOT/usr/share/doc/stunnel -mkdir -p $RPM_BUILD_ROOT/var/lib/stunnel/{bin,etc,dev,%_lib,sbin,var/run} +cp -p %{SOURCE1} tools/stunnel.conf-sample.%{VENDOR} +cp -p %{SOURCE2} README.%{VENDOR} +mkdir -p %{buildroot}%{_fillupdir} +cp -p %{SOURCE3} %{buildroot}%{_fillupdir}/ +%if 0%{?has_systemd} +install -D -m 0644 $RPM_SOURCE_DIR/stunnel.service %{buildroot}/%{_unitdir}/stunnel.service +ln -s service %{buildroot}%{_sbindir}/rcstunnel +%else +mkdir -p %{buildroot}%{_initddir}/ +install -m 744 $RPM_SOURCE_DIR/stunnel.rc %{buildroot}%{_initddir}/stunnel +ln -s ../..%{_initddir}/stunnel %{buildroot}%{_sbindir}/rcstunnel +%endif +mv %{buildroot}/%{_sysconfdir}/stunnel/stunnel.conf-sample tools/stunnel.conf-sample +find %{buildroot} -type f -name "*.la" -delete -print +rm -rf %{buildroot}%{_docdir}/stunnel/INSTALL +rm -rf %{buildroot}%{_docdir}/stunnel/INSTALL.WCE +rm -rf %{buildroot}%{_docdir}/stunnel/INSTALL.W32 +rm -rf %{buildroot}%{_docdir}/stunnel/tools/stunnel.cnf +rm -rf %{buildroot}%{_datadir}/doc/stunnel +mkdir -p %{buildroot}%{_localstatedir}/lib/stunnel/{bin,etc,dev,%{_lib},sbin,var/run} %pre -if ! /usr/bin/getent passwd stunnel >/dev/null; then +if ! %{_bindir}/getent passwd stunnel >/dev/null; then %{_sbindir}/useradd -r -c "Daemon user for stunnel (universal SSL tunnel)" -g nogroup -s /bin/false \ - -d /var/lib/stunnel stunnel || : + -d %{_localstatedir}/lib/stunnel stunnel || : fi %if 0%{?has_systemd} @@ -132,12 +136,12 @@ %{fillup_only -ans syslog stunnel} if ! test -s etc/stunnel/stunnel.conf; then cp -p usr/share/doc/packages/stunnel/stunnel.conf-sample etc/stunnel/stunnel.conf - echo copying default config file to /etc/stunnel/stunnel.conf + echo copying default config file to %{_sysconfdir}/stunnel/stunnel.conf fi # first installation? if [ ${FIRST_ARG:-0} = 1 ]; then if ! test -f etc/stunnel/stunnel.pem; then - cat usr/share/doc/packages/stunnel/README.%VENDOR + cat usr/share/doc/packages/stunnel/README.%{VENDOR} fi fi @@ -157,9 +161,8 @@ %endif %files -%defattr(-, root, root) %doc COPYING COPYRIGHT.GPL CREDITS -%doc README.%VENDOR +%doc README.%{VENDOR} %doc tools/ca.* %doc tools/importCA.* %doc tools/stunnel.conf-sample @@ -167,23 +170,22 @@ %{_libdir}/stunnel %{_mandir}/man8/* %dir %attr(700,root,root) %{_sysconfdir}/stunnel -%dir %attr(755,root,root) /var/lib/stunnel -%dir %attr(755,root,root) /var/lib/stunnel/bin -%dir %attr(755,root,root) /var/lib/stunnel/etc -%dir %attr(755,root,root) /var/lib/stunnel/dev -%dir %attr(755,root,root) /var/lib/stunnel/%_lib -%dir %attr(755,root,root) /var/lib/stunnel/sbin -%dir %attr(755,root,root) /var/lib/stunnel/var -%dir %attr(755,stunnel,root) /var/lib/stunnel/var/run +%dir %attr(755,root,root) %{_localstatedir}/lib/stunnel +%dir %attr(755,root,root) %{_localstatedir}/lib/stunnel/bin +%dir %attr(755,root,root) %{_localstatedir}/lib/stunnel%{_sysconfdir} +%dir %attr(755,root,root) %{_localstatedir}/lib/stunnel/dev +%dir %attr(755,root,root) %{_localstatedir}/lib/stunnel/%{_lib} +%dir %attr(755,root,root) %{_localstatedir}/lib/stunnel/sbin +%dir %attr(755,root,root) %{_localstatedir}/lib/stunnel%{_localstatedir} +%dir %attr(755,stunnel,root) %{_localstatedir}/lib/stunnel%{_localstatedir}/run %{_fillupdir}/sysconfig.syslog-stunnel %if 0%{?has_systemd} -%_unitdir/stunnel.service +%{_unitdir}/stunnel.service %else -%config /etc/init.d/* +%config %{_initddir}/* %endif %files doc -%defattr(-,root,root) %doc AUTHORS BUGS COPYING COPYRIGHT.GPL CREDITS ChangeLog NEWS PORTS %doc README TODO %doc doc/stunnel.html ++++++ stunnel-5.42.tar.gz -> stunnel-5.44.tar.gz ++++++ ++++ 28913 lines of diff (skipped) ++++++ stunnel-listenqueue-option.patch ++++++ --- /var/tmp/diff_new_pack.7GsFAv/_old 2018-02-02 22:21:40.339583905 +0100 +++ /var/tmp/diff_new_pack.7GsFAv/_new 2018-02-02 22:21:40.339583905 +0100 @@ -1,15 +1,20 @@ ---- - src/options.c | 18 ++++++++++++++++++ - src/prototypes.h | 1 + - src/stunnel.c | 2 +- - 3 files changed, 20 insertions(+), 1 deletion(-) - ---- src/options.c -+++ src/options.c 2017-04-06 08:40:50.927511225 +0000 -@@ -1881,6 +1881,24 @@ NOEXPORT char *parse_service_option(CMD +diff -ruN a/src/options.c b/src/options.c +--- a/src/options.c 2018-01-23 19:23:27.813960936 -0500 ++++ b/src/options.c 2018-01-23 19:28:05.463119114 -0500 +@@ -2997,8 +2997,6 @@ + switch(cmd) { + case CMD_BEGIN: + break; +- case CMD_EXEC: +- return option_not_found; + case CMD_END: + if(new_service_options.next) { /* daemon mode checks */ + if(endpoints!=2) +@@ -3019,6 +3017,25 @@ break; } ++ + /* listenqueue option */ + switch(cmd) { + case CMD_BEGIN: @@ -28,27 +33,29 @@ + break; + } + - #ifndef OPENSSL_NO_OCSP + return NULL; /* OK */ + } - /* OCSP */ ---- src/prototypes.h -+++ src/prototypes.h 2017-04-06 08:40:50.927511225 +0000 -@@ -252,6 +252,7 @@ typedef struct service_options_struct { +diff -ruN a/src/prototypes.h b/src/prototypes.h +--- a/src/prototypes.h 2018-01-23 19:23:27.813960936 -0500 ++++ b/src/prototypes.h 2018-01-23 19:28:45.854124040 -0500 +@@ -251,6 +251,7 @@ int timeout_close; /* maximum close_notify time */ int timeout_connect; /* maximum connect() time */ int timeout_idle; /* maximum idle connection time */ + int listenqueue; /* Listen backlog */ enum {FAILOVER_RR, FAILOVER_PRIO} failover; /* failover strategy */ + unsigned seq; /* sequential number for round-robin failover */ char *username; - ---- src/stunnel.c -+++ src/stunnel.c 2017-04-06 08:40:50.927511225 +0000 -@@ -476,7 +476,7 @@ int bind_ports(void) { - str_free(local_address); - return 1; - } -- if(listen(opt->fd, SOMAXCONN)) { -+ if(listen(opt->fd, opt->listenqueue)) { - sockerror("listen"); - closesocket(opt->fd); - opt->fd=INVALID_SOCKET; +diff -ruN a/src/stunnel.c b/src/stunnel.c +--- a/src/stunnel.c 2018-01-23 19:23:27.813960936 -0500 ++++ b/src/stunnel.c 2018-01-23 19:29:26.365126071 -0500 +@@ -526,7 +526,7 @@ + closesocket(fd); + return INVALID_SOCKET; + } +- if(listen(fd, SOMAXCONN)) { ++ if(listen(fd, opt->listenqueue)) { + sockerror("listen"); + str_free(local_address); + closesocket(fd);