From owner-freebsd-ports-bugs@FreeBSD.ORG Sun Mar 28 10:40:02 2010 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8FF101065672 for ; Sun, 28 Mar 2010 10:40:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 6CBAA8FC17 for ; Sun, 28 Mar 2010 10:40:02 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id o2SAe2fO032504 for ; Sun, 28 Mar 2010 10:40:02 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id o2SAe2uI032503; Sun, 28 Mar 2010 10:40:02 GMT (envelope-from gnats) Resent-Date: Sun, 28 Mar 2010 10:40:02 GMT Resent-Message-Id: <201003281040.o2SAe2uI032503@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Andrei Lavreniyuk Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1AF9D1065702 for ; Sun, 28 Mar 2010 10:30:01 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21]) by mx1.freebsd.org (Postfix) with ESMTP id 0692F8FC15 for ; Sun, 28 Mar 2010 10:30:01 +0000 (UTC) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.14.3/8.14.3) with ESMTP id o2SAU0KT013000 for ; Sun, 28 Mar 2010 10:30:00 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.14.3/8.14.3/Submit) id o2SAU0d3012999; Sun, 28 Mar 2010 10:30:00 GMT (envelope-from nobody) Message-Id: <201003281030.o2SAU0d3012999@www.freebsd.org> Date: Sun, 28 Mar 2010 10:30:00 GMT From: Andrei Lavreniyuk To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: ports/145103: [UPDATE] security/stunnel to version 4.32 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 Mar 2010 10:40:02 -0000 >Number: 145103 >Category: ports >Synopsis: [UPDATE] security/stunnel to version 4.32 >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Mar 28 10:40:01 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Andrei Lavreniyuk >Release: FreeBSD 8.0-STABLE >Organization: Technica-03, Inc. >Environment: FreeBSD datacenter.technica-03.local 8.0-STABLE FreeBSD 8.0-STABLE #0: Thu Mar 25 12:32:37 EET 2010 root@datacenter.technica-03.local:/usr/obj/usr/src/sys/SMP64 amd64 >Description: Version 4.32, 2010.03.25, urgency: MEDIUM: * New features - New service-level "libwrap" option for run-time control whether /etc/hosts.allow and /etc/hosts.deny are used for access control. Disabling libwrap significantly increases performance of stunnel. - Win32 DLLs for OpenSSL 0.9.8m. * Bugfixes - Fixed a transfer() loop issue with SSLv2 connections. - Fixed a "setsockopt IP_TRANSPARENT" warning with "local" option. - Logging subsystem bugfixes and cleanup. - Installer bugfixes for Vista and later versions of Windows. - FIPS mode can be enabled/disabled at runtime. Version 4.31, 2010.02.03, urgency: MEDIUM: * New features - Log file reopen on USR1 signal was added. * Bugfixes - Some regression issues introduced in 4.30 were fixed. Version 4.30, 2010.01.21, urgency: LOW/EXPERIMENTAL: * New features - Graceful configuration reload with HUP signal on Unix and with GUI on Windows. >How-To-Repeat: >Fix: Patch attached with submission follows: diff -ruN stunnel.bak/Makefile stunnel/Makefile --- stunnel.bak/Makefile 2010-02-03 18:03:20.000000000 +0200 +++ stunnel/Makefile 2010-03-28 13:25:41.921828498 +0300 @@ -6,7 +6,7 @@ # PORTNAME= stunnel -PORTVERSION= 4.29 +PORTVERSION= 4.32 CATEGORIES= security MASTER_SITES= http://www.stunnel.org/download/stunnel/src/ \ ftp://stunnel.mirt.net/stunnel/ \ diff -ruN stunnel.bak/distinfo stunnel/distinfo --- stunnel.bak/distinfo 2010-02-03 18:03:20.000000000 +0200 +++ stunnel/distinfo 2010-03-28 13:25:57.618751093 +0300 @@ -1,6 +1,3 @@ -MD5 (stunnel-4.29.tar.gz) = 14dc3f8412947f0548975cbce74d6863 -SHA256 (stunnel-4.29.tar.gz) = 018064e852a2a125bcfb4b81baa77b5701ccf6aabe6a47564bfc046b18d11f9b -SIZE (stunnel-4.29.tar.gz) = 544292 -MD5 (execargs.patch) = c893028f869f6d1f527373334605d639 -SHA256 (execargs.patch) = 88e682c0deee13d9768c8cbdd3e71f90dd26d92621d2e64542d5379a3939ac4c -SIZE (execargs.patch) = 756 +MD5 (stunnel-4.32.tar.gz) = 72379c615c5a4986c7981d0941ed2e6b +SHA256 (stunnel-4.32.tar.gz) = 2b6809de99cb18e69760b78f88da447f6071227606adab7f35db330c6f01e8bd +SIZE (stunnel-4.32.tar.gz) = 548951 diff -ruN stunnel.bak/files/ssl-noengine.patch stunnel/files/ssl-noengine.patch --- stunnel.bak/files/ssl-noengine.patch 2009-11-13 14:35:39.000000000 +0200 +++ stunnel/files/ssl-noengine.patch 2010-03-28 13:20:33.802239942 +0300 @@ -3,14 +3,14 @@ Author: Peter Pentchev Last-Update: 2009-11-13 ---- src/ssl.c.orig -+++ src/ssl.c -@@ -276,6 +276,8 @@ +--- src/ssl.c.orig 2010-02-25 14:30:56.000000000 +0200 ++++ src/ssl.c 2010-03-28 13:10:09.814652930 +0300 +@@ -288,6 +288,8 @@ } - static void init_engine() { + static char *init_engine(void) { + s_log(LOG_ERR, "This version of stunnel was compiled WITHOUT support for OpenSSL hardware engines! If you need this functionality, rebuild the FreeBSD port with the WITH_STUNNEL_SSL_ENGINE option set to 'yes'; contact Peter Pentchev for details."); + exit(1); if(engine_initialized) - return; + return NULL; /* OK */ engine_initialized=1; >Release-Note: >Audit-Trail: >Unformatted: