Date: Sat, 22 Nov 2025 19:55:25 +0000 From: Daniel Engberg <diizzy@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: ebf92aa65bdd - main - security/stunnel: Improve port Message-ID: <6922152d.29ef9.5840982b@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by diizzy: URL: https://cgit.FreeBSD.org/ports/commit/?id=ebf92aa65bdd1ef7379f65e5e7ad5fd65ba5a5f7 commit ebf92aa65bdd1ef7379f65e5e7ad5fd65ba5a5f7 Author: Daniel Engberg <diizzy@FreeBSD.org> AuthorDate: 2025-11-22 11:40:53 +0000 Commit: Daniel Engberg <diizzy@FreeBSD.org> CommitDate: 2025-11-22 19:55:18 +0000 security/stunnel: Improve port * Remove GNU_CONFIGURE_MANPREFIX (redundant) * Remove if statement for libressl, already covered by BROKEN_SSL definition * Rework multiple REINPLACE_CMD commands, remove no longer valid ones and remove requirement of -E switch. These should also be a bit easier to follow * Use modern framework helpers for options * Remove redundant LDFLAGS * Rework Makefile layout to more closely follow Porters Handbook and reduces Makefile size overall * Don't install stunnel.logrotate and stunnel.rh.init (cleans up pkg-plist) * Remove bash-completion from pkg-plist, not installed unless specified during configure stage PR: 290360 Approved by: maintainer timeout, blanket --- security/stunnel/Makefile | 121 +++++++++++++++++++++------------------------ security/stunnel/pkg-plist | 3 -- 2 files changed, 55 insertions(+), 69 deletions(-) diff --git a/security/stunnel/Makefile b/security/stunnel/Makefile index dcf88a4b70db..93a3c34c8ac5 100644 --- a/security/stunnel/Makefile +++ b/security/stunnel/Makefile @@ -11,98 +11,87 @@ COMMENT= SSL encryption wrapper for standard network daemons WWW= https://www.stunnel.org/ LICENSE= GPLv2+ +LICENSE_FILE= ${WRKSRC}/COPYING.md BROKEN_SSL= libressl libressl-devel BROKEN_SSL_REASON= missing upstream support USES= cpe libtool perl5 shebangfix ssl +SHEBANG_FILES= src/stunnel3.in USE_PERL5= build USE_LDCONFIG= yes + USE_RC_SUBR= stunnel GNU_CONFIGURE= yes -GNU_CONFIGURE_MANPREFIX=${PREFIX}/share -CONFIGURE_ARGS= --localstatedir=/var/tmp --enable-static --disable-systemd \ - --with-ssl="${OPENSSLBASE}" -SHEBANG_FILES= src/stunnel3.in + +STUNNEL_USER?= stunnel +STUNNEL_GROUP?= stunnel +STUNNEL_PIDFILE=/var/run/stunnel/stunnel.pid + +USERS= ${STUNNEL_USER} +GROUPS= ${STUNNEL_GROUP} + SUB_FILES= daemon.conf SUB_LIST= STUNNEL_PIDFILE=${STUNNEL_PIDFILE} \ STUNNEL_USER=${STUNNEL_USER} \ STUNNEL_GROUP=${STUNNEL_GROUP} -OPTIONS_DEFINE= DOCS EXAMPLES FIPS IPV6 LIBWRAP -OPTIONS_SINGLE= THREAD -OPTIONS_SINGLE_THREAD= FORK PTHREAD UCONTEXT -OPTIONS_DEFAULT= PTHREAD +CONFIGURE_ARGS= --localstatedir=/var/tmp \ + --enable-static \ + --disable-systemd \ + --with-ssl="${OPENSSLBASE}" -FIPS_CONFIGURE_ENABLE= fips -IPV6_CONFIGURE_ENABLE= ipv6 -LIBWRAP_CONFIGURE_ENABLE= libwrap +OPTIONS_DEFINE= DOCS EXAMPLES FIPS IPV6 LIBWRAP +OPTIONS_SINGLE= THREAD +OPTIONS_SINGLE_THREAD= FORK PTHREAD UCONTEXT +OPTIONS_DEFAULT= PTHREAD -FIPS_DESC= Enable OpenSSL FIPS mode -FORK_DESC= Use the fork(3) threading model -PTHREAD_DESC= Use the pthread(3) threading model -UCONTEXT_DESC= Use the ucontext(3) threading model +FIPS_DESC= Enable OpenSSL FIPS mode +FORK_DESC= Use the fork(3) threading model +PTHREAD_DESC= Use the pthread(3) threading model +UCONTEXT_DESC= Use the ucontext(3) threading model -STUNNEL_PIDFILE=/var/run/stunnel/stunnel.pid -STUNNEL_USER?= stunnel -STUNNEL_GROUP?= stunnel +FIPS_CONFIGURE_ENABLE= fips -USERS= ${STUNNEL_USER} -GROUPS= ${STUNNEL_GROUP} - -.include <bsd.port.options.mk> +FORK_CONFIGURE_ON= --with-threads=fork -.if ${PORT_OPTIONS:MLIBWRAP} -LDFLAGS+= -lwrap -.endif +IPV6_CONFIGURE_ENABLE= ipv6 -.if ${PORT_OPTIONS:MUCONTEXT} -CONFIGURE_ARGS+=--with-threads=ucontext -LDFLAGS+= -lpthread -.elif ${PORT_OPTIONS:MFORK} -CONFIGURE_ARGS+=--with-threads=fork -.else -CONFIGURE_ARGS+=--with-threads=pthread -LDFLAGS+= -lpthread -.endif +PTHREAD_CONFIGURE_ON= --with-threads=pthread -.include <bsd.port.pre.mk> - -.if ${PORT_OPTIONS:MFIPS} && ${SSL_DEFAULT:Mlibressl*} -IGNORE= LibreSSL does not support FIPS standard -.endif +LIBWRAP_CONFIGURE_ENABLE= libwrap -.if ${SSL_DEFAULT:Mlibressl*} -NO_PACKAGE= The stunnel license restricts distribution when linked to non-OpenSSL non-base SSL-libraries -.endif +UCONTEXT_CONFIGURE_ON= --with-threads=ucontext post-patch: -# place files under /var/tmp so that this can be run by an unprivileged -# user stunnel and group stunnel - @${REINPLACE_CMD} -E -e 's|\@prefix\@/var/lib/stunnel/|/var/tmp/stunnel|; \ - s|nobody|stunnel|;s|nogroup|stunnel|;s|;include |include |' \ - ${WRKSRC}/tools/stunnel.conf-sample.in - @${REINPLACE_CMD} -E -e 's|\$$\(prefix\)/var/run/stunnel/stunnel.pid|$$(localstatedir)/stunnel.pid|' \ - ${WRKSRC}/src/Makefile.in - @${FIND} ${WRKSRC} -type f -name Makefile.in | ${XARGS} ${REINPLACE_CMD} -E -e 's,@(ACLOCAL|AUTO(MAKE|CONF|HEADER))@,/usr/bin/true,' - @${REINPLACE_CMD} -E -e 's|install-confDATA install-data-local|install-confDATA|g' \ - ${WRKSRC}/tools/Makefile.in -.if empty(PORT_OPTIONS:MDOCS) - @${REINPLACE_CMD} -E -e 's/ install-docDATA/ /' ${WRKSRC}/Makefile.in - @${REINPLACE_CMD} -E -e '/install-data-am/s,install-docDATA,,' ${WRKSRC}/doc/Makefile.in -.endif -.if empty(PORT_OPTIONS:MEXAMPLES) - @${REINPLACE_CMD} -E -e 's/([^n])install-examplesDATA/\1/' \ - ${WRKSRC}/tools/Makefile.in -.else - @${REINPLACE_CMD} -E -e 's|\$$\(docdir\)/examples|${EXAMPLESDIR}|g' ${WRKSRC}/tools/Makefile.in -.endif - -post-build: - @${STRIP_CMD} ${WRKSRC}/src/.libs/libstunnel.so + @${REINPLACE_CMD} -e '\ + s|nobody|${STUNNEL_USER}|g; \ + s|;include |include |g' \ + ${PATCH_WRKSRC}/tools/stunnel.conf-sample.in + @${REINPLACE_CMD} -e 's|@DEFAULT_GROUP@|${STUNNEL_GROUP}|g' \ + ${PATCH_WRKSRC}/Makefile.in + @${REINPLACE_CMD} -e '\ + s|@DEFAULT_GROUP@|${STUNNEL_GROUP}|g; \ + s|install-confDATA install-data-local|install-confDATA|g; \ + s|stunnel.logrotate||g; \ + s|stunnel.rh.init||g' \ + ${PATCH_WRKSRC}/tools/Makefile.in + +post-patch-DOCS-off: + @${REINPLACE_CMD} -e 's|install-data-am: install-docDATA|install-data-am:|g' \ + ${PATCH_WRKSRC}/Makefile.in + +post-patch-EXAMPLES-off: + @${REINPLACE_CMD} -e 's|install-dist_bashcompDATA install-examplesDATA|install-dist_bashcompDATA|g' \ + ${PATCH_WRKSRC}/tools/Makefile.in + +post-patch-EXAMPLES-on: + @${REINPLACE_CMD} -e 's|$$(docdir)/examples|${EXAMPLESDIR}|g' \ + ${PATCH_WRKSRC}/tools/Makefile.in post-install: + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/stunnel/libstunnel.so ${MKDIR} ${STAGEDIR}${ETCDIR}/conf.d/ ${INSTALL_DATA} ${WRKDIR}/daemon.conf ${STAGEDIR}${ETCDIR}/conf.d/00-daemon.conf @@ -114,4 +103,4 @@ cert: @${ECHO} "" @(cd ${WRKSRC}/tools/; make cert) -.include <bsd.port.post.mk> +.include <bsd.port.mk> diff --git a/security/stunnel/pkg-plist b/security/stunnel/pkg-plist index fe3c917d76e2..ba82bb748ceb 100644 --- a/security/stunnel/pkg-plist +++ b/security/stunnel/pkg-plist @@ -16,8 +16,6 @@ share/man/man8/stunnel.pl.8.gz %%PORTEXAMPLES%%%%EXAMPLESDIR%%/stunnel.init %%PORTEXAMPLES%%%%EXAMPLESDIR%%/stunnel.service %%PORTEXAMPLES%%%%EXAMPLESDIR%%/stunnel.spec -@comment %%PORTEXAMPLES%%%%EXAMPLESDIR%%/stunnel.logrotate -@comment %%PORTEXAMPLES%%%%EXAMPLESDIR%%/stunnel.rh.init %%PORTEXAMPLES%%@dir %%EXAMPLESDIR%% %%PORTDOCS%%%%DOCSDIR%%/AUTHORS.md %%PORTDOCS%%%%DOCSDIR%%/BUGS.md @@ -32,7 +30,6 @@ share/man/man8/stunnel.pl.8.gz %%PORTDOCS%%%%DOCSDIR%%/README.md %%PORTDOCS%%%%DOCSDIR%%/TODO.md %%PORTDOCS%%@dir %%DOCSDIR%% -@comment share/bash-completion/completions/stunnel.bash @dir lib/stunnel @dir etc/stunnel @dir etc/stunnel/conf.dhome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6922152d.29ef9.5840982b>