# $Id$ Summary: An SSL-encrypting socket wrapper. Name: stunnel-tls Version: 3.22 Release: 4%{?dist} License: GPL Group: Applications/Internet URL: http://stunnel.mirt.net/ Source0: ftp://stunnel.mirt.net/stunnel/stunnel-%{version}.tar.gz Source1: stunnel.cnf Source2: Certificate-Creation Source3: sfinger.xinetd Source4: pop3-redirect.xinetd Source5: http://www.suspectclass.com/~sgifford/stunnel-tlsproxy/imap-tls.README Source6: http://www.suspectclass.com/~sgifford/stunnel-tlsproxy/smtp-tls.README Source7: http://www.suspectclass.com/~sgifford/stunnel-tlsproxy/pop3-tls.README Source8: http://www.suspectclass.com/~sgifford/stunnel-tlsproxy/makesock.c Patch0: stunnel-3.20-authpriv.patch Patch1: http://www.suspectclass.com/~sgifford/stunnel-tlsproxy/stunnel3.22-sg2.patch Buildroot: %{_tmppath}/stunnel-root BuildPrereq: openssl-devel, perl, textutils, fileutils, /usr/share/dict/words, tcp_wrappers Prereq: textutils, fileutils, /bin/mktemp, /sbin/ldconfig, /usr/share/dict/words, /bin/hostname, /usr/bin/id, /usr/bin/getent Requires: make Requires: stunnel >= %{version}-1 %description Stunnel is a socket wrapper which can provide SSL (Secure Sockets Layer) support to ordinary applications. For example, it can be used in conjunction with imapd to create an SSL secure IMAP server. This RPM contains stunnel-tls and makesock, which are created by Scott Gifford's patches. %prep # %setup -q %setup -q -n stunnel-%{version} %patch0 -p1 -b .authpriv %patch1 -p1 -b .sg2 %build %configure \ --with-ssl=%{_prefix} \ --with-pem-dir=%{_datadir}/ssl/certs \ --with-cert-file=%{_datadir}/ssl/cert.pem \ --with-cert-dir=%{_datadir}/ssl/trusted \ --with-tcp-wrappers perl -p -i -e 's:-I/usr/include:-I/usr/include -I/usr/kerberos/include:' Makefile # We have to create a certificate before the makefile asks us to. rm -f stunnel.pem stunnel.pem.1 stunnel.pem.2 (echo US echo . echo . echo . echo . echo . echo . echo .) | openssl req -newkey rsa:1024 -nodes -keyout stunnel.pem.1 -x509 -days 365 -out stunnel.pem.2 cat stunnel.pem.1 > stunnel.pem echo "" >> stunnel.pem cat stunnel.pem.2 >> stunnel.pem make piddir=/var/run/ gcc -o makesock %{SOURCE8} %install rm -rf $RPM_BUILD_ROOT mkdir -p $RPM_BUILD_ROOT/%{_sbindir} install -m755 stunnel $RPM_BUILD_ROOT/%{_sbindir}/stunnel-tls install -m755 makesock $RPM_BUILD_ROOT/%{_sbindir}/ mkdir -p $RPM_BUILD_ROOT/usr/share/doc ln -s stunnel-%{version} $RPM_BUILD_ROOT/usr/share/doc/%{name}-%{version} %post %postun %clean rm -rf $RPM_BUILD_ROOT %files %defattr(-,root,root) %{_sbindir}/stunnel-tls %{_sbindir}/makesock /usr/share/doc/%{name}-%{version} %changelog * Sun Apr 29 2007 Shad L. Lords - Clean up spec so package can be built by koji/plague * Thu Dec 07 2006 Shad L. Lords - Update to new release naming. No functional changes. - Make Packager generic * Thu Jun 23 2005 Gordon Rowell 3.22-3gr01 - Mini RPM with just stunnel-tls and makesock - Grr - why are RPM macros sooo broken - (percent)makeinstall is still executed even if # commented out in the (percent)install section * Fri Feb 18 2005 Charlie Brady 3.22-2es - CentOS build fix and recompile * Mon Mar 10 2003 Charlie Brady 3.22-1es - Add Scott Gifford's STARTTLS proxy patches and makesock program. * Wed Jan 2 2002 Nalin Dahyabhai 3.22-1 - update to 3.22, correcting a format-string vulnerability * Wed Oct 31 2001 Nalin Dahyabhai 3.21a-1 - update to 3.21a * Tue Aug 28 2001 Nalin Dahyabhai 3.20-1 - log using LOG_AUTHPRIV facility by default (#47289) - make permissions on stunnel binary 0755 - implicitly trust certificates in %%{_datadir}/ssl/trusted (#24034) * Fri Aug 10 2001 Nalin Dahyabhai 3.19-1 - update to 3.19 to avoid problems with stunnel being multithreaded, but tcp wrappers not being thrad-safe * Mon Jul 30 2001 Nalin Dahyabhai - update to 3.17 * Mon Jul 23 2001 Nalin Dahyabhai - update to 3.16 * Mon Jul 16 2001 Nalin Dahyabhai - update to 3.15 - enable tcp-wrappers support * Tue May 29 2001 Nalin Dahyabhai - remove explicit requirement on openssl (specific version isn't enough, we have to depend on shared library version anyway) * Fri Apr 27 2001 Nalin Dahyabhai - update to 3.14 * Mon Mar 26 2001 Preston Brown - depend on make (#33148) * Fri Mar 2 2001 Nalin Dahyabhai - rebuild in new environment * Tue Feb 6 2001 Nalin Dahyabhai - update to 3.13 to get pthread, OOB, 64-bit fixes - don't need sdf any more * Thu Dec 28 2000 Nalin Dahyabhai - pull in sdf to build the man page (#22892) * Fri Dec 22 2000 Nalin Dahyabhai - update to 3.11 - chuck the SIGHUP patch (went upstream) - chuck parts of the 64-bit clean patch (went upstream) * Thu Dec 21 2000 Nalin Dahyabhai - update to 3.10 - more 64-bit clean changes, hopefully the last bunch * Wed Dec 20 2000 Nalin Dahyabhai - change piddir from the default /var/stunnel to /var/run - clean out pid file on SIGHUP * Fri Dec 15 2000 Nalin Dahyabhai - update to 3.9 to get a security fix * Wed Oct 25 2000 Matt Wilson - change all unsigned longs to u_int32_t when dealing with network addresses * Fri Aug 18 2000 Nalin Dahyabhai - make stunnel.pem also be (missingok) * Thu Jun 29 2000 Nalin Dahyabhai - move to Applications/Internet group - clean up %post script - make stunnel.pem %ghost %config(noreplace) - provide a sample file for use with xinetd * Thu Jun 8 2000 Nalin Dahyabhai - FHS compliance fixes - modify defaults * Tue Mar 14 2000 Florian La Roche - update to 3.8 - do not create certificate if one already exists * Mon Feb 21 2000 Florian La Roche - update to 3.7 - add patch to find /usr/share/ssl - change some perms * Sat Oct 30 1999 Bernhard Rosenkraenzer - Modify spec file to match Red Hat standards * Fri Aug 12 1999 Damien Miller - Updated to 3.4a - Patched for OpenSSL 0.9.4 - Cleaned up files section * Sun Jul 11 1999 Damien Miller - Updated to 3.3 * Sat Nov 28 1998 Damien Miller - Initial RPMification