Version bump, resolves #344117

Package-Manager: portage-2.1.9.25/cvs/Linux x86_64
author: Lance Albertson <ramereth@gentoo.org> 2011-03-02 06:16:12 +0000
committer: Lance Albertson <ramereth@gentoo.org> 2011-03-02 06:16:12 +0000
commit: 208a618d583cdac73d8888de2a4acdeacea0b1f1 (patch)
tree: c5087ae75ff6d451f4283fd53056251317fe8de5 /net-misc/stunnel
parent: *portage-2.2.0_alpha26 (02 Mar 2011) (diff)
download: historical-208a618d583cdac73d8888de2a4acdeacea0b1f1.tar.gz
historical-208a618d583cdac73d8888de2a4acdeacea0b1f1.tar.bz2
historical-208a618d583cdac73d8888de2a4acdeacea0b1f1.zip
7 files changed, 413 insertions, 8 deletions
diff --git a/net-misc/stunnel/ChangeLog b/net-misc/stunnel/ChangeLog
index c014a882c363..8935a5344582 100644
--- a/net-misc/stunnel/ChangeLog
+++ b/net-misc/stunnel/ChangeLog
@@ -1,6 +1,16 @@
 # ChangeLog for net-misc/stunnel
-# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/ChangeLog,v 1.114 2010/07/07 05:41:40 ramereth Exp $
+# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/ChangeLog,v 1.115 2011/03/02 06:16:12 ramereth Exp $
+
+*stunnel-4.35 (02 Mar 2011)
+
+  02 Mar 2011; Lance Albertson <ramereth@gentoo.org>
+  +files/stunnel-4.34-listen-queue.diff, +stunnel-4.35.ebuild,
+  +files/stunnel-4.35-libwrap.patch,
+  +files/stunnel-4.35-xforwarded-for.diff, metadata.xml:
+  Version bump, resolves #344117
+
+  Thanks to Stefan Behte for contributing new patches/ebuild.
 
   07 Jul 2010; Lance Albertson <ramereth@gentoo.org> stunnel-4.33.ebuild:
   Fix missing xforward patch, resolves bug #324997
diff --git a/net-misc/stunnel/Manifest b/net-misc/stunnel/Manifest
index 6a4224f68998..374e0ccde453 100644
--- a/net-misc/stunnel/Manifest
+++ b/net-misc/stunnel/Manifest
@@ -5,6 +5,9 @@ AUX stunnel-3.26-gentoo.diff 941 RMD160 4ca4f85a8888c7c9dbeed9d1303bae182d19195d
 AUX stunnel-4.21-libwrap.patch 380 RMD160 c5ed7c06c3612bc5930ca8c77cac8bf58ec403f3 SHA1 fa1bf6674f775fa1b5934f4707c9e7eafed0d8a9 SHA256 b22f56707b96df785ebc20b48faf9761fb52cf4a362be875c60071b0d4572be1
 AUX stunnel-4.29-x-forwarded-for.patch 10800 RMD160 2760938f49a6fb8c032b8647dba2a431dfd79bc9 SHA1 aef4eec3cf321ea2fa1959502f29973bcfc429ec SHA256 227c1f7071b5930dd0d04be05b2a6f8d97227f6ac78e3513e1f813fef29f98ea
 AUX stunnel-4.31-x-forwarded-for.patch 10786 RMD160 a27d72b2025d7825915d9d65f8c652baabd5ecd8 SHA1 f15856dd0497789da8f88a448e9d76e0a10a7ccc SHA256 d2b2b03043e5692af07925d80d4775b92dba0179b85ebb64de9ab678761c560c
+AUX stunnel-4.34-listen-queue.diff 2225 RMD160 5f0bcab38f9fc12d48fc074e1ca33359366499f9 SHA1 608a1c311839fdb3532dbcdbc8df7eed82839278 SHA256 fa9df532c3cc6fdf1306469c333092d16e9794fb14fbcc618137a3b3e2a2230c
+AUX stunnel-4.35-libwrap.patch 376 RMD160 15f315eb2781b77b2bb60a8f9325f8914ffb0799 SHA1 090ac2e0a392d07238ba8e300ed2fd51caa2138f SHA256 b3ed3770174b9218ccc6d49b211677640e098d3653755ae1c51504dfdd0d2cdc
+AUX stunnel-4.35-xforwarded-for.diff 11107 RMD160 6ace7ec8453c8b407c144e9828700ad5e00f1ed7 SHA1 685e65c67cf40497f13ab8f94e160eb176204ca7 SHA256 f5c96080dce032cc15bca3ceea14cf79a55f0512096d8651533f2313f95eac37
 AUX stunnel.conf 1423 RMD160 606c53b0e241e44c8aabe423ca6772dc76aa69a9 SHA1 0b18a6dea836abc3c224c367f9ebd6fa30b931f2 SHA256 be8deb0e051f594e14c898c2ec8a4a6879adcd48a56286093653346d12c3f105
 AUX stunnel.initd 1986 RMD160 66b0631d02a665a0fadca460502c7c09fa5c7b9c SHA1 5330e325d2f82896e0d7dc374a7b3c1f840fb2ef SHA256 4f97093f81b854099851ba32552b36036906933933f7a794c7b1e6aa1c006e3b
 AUX stunnel.rc6 779 RMD160 3cb0ba8b6f90484a9cec951e3eb36eef45169f6d SHA1 7de8dc829e271b3ed248e3b44afb9b537621cc02 SHA256 b2128e3bfe38485ef4afad35b57d8711666281087f3fcf920d5d313642e06dea
@@ -13,17 +16,19 @@ DIST stunnel-4.25.tar.gz 532343 RMD160 dcb9962e5273e69f5aeaed6bf709495aa97baa52
 DIST stunnel-4.29.tar.gz 544292 RMD160 7861b38da0c9b1bf5c3aa8c1e9a654d7cedec5ba SHA1 f93ac9054c62b1db0dcf44f668d323d82cc0f413 SHA256 018064e852a2a125bcfb4b81baa77b5701ccf6aabe6a47564bfc046b18d11f9b
 DIST stunnel-4.31.tar.gz 548167 RMD160 813be2098bcd1fc0776d72d1ea6ee16b63c7f94d SHA1 f51fc544a0554f6eee2bfca1fcb8ddcb8386ce32 SHA256 187d0df2701d51c09b66f120cf6f1a62c4161e3e58dc84f893c1e5c7ccf30262
 DIST stunnel-4.33.tar.gz 560103 RMD160 b9d32b4c17cf250d3284e020bb9c6b3fc4463cc5 SHA1 695c7ef834952cb8ddbc790e10b6e32798fc2767 SHA256 240763140000dea6ab76b30f5f5571a8ef4d22ba0712176a9c31c221bb9a48fc
+DIST stunnel-4.35.tar.gz 541012 RMD160 29bdf0402114a460016192350f4164eae5bb5cce SHA1 b08b95a61f1d65cf9cc44068e0665a17ea5397c3 SHA256 a810e220498239483e14fae24eeb2a188a6167e9118958b903f8793768c4460f
 EBUILD stunnel-3.26.ebuild 742 RMD160 828bcad3275266e52a5036f6670e0612c90e926a SHA1 84966259d3b71ddfce3ffec4b2ee14d43811fd81 SHA256 ab1b1e4697849381ed5acc09728dd07457674148a4864091eec747918b16b5ee
 EBUILD stunnel-4.25.ebuild 2377 RMD160 ba0d4c2d24962f5afe8df92c350560a8cc4a4487 SHA1 1e839c2596930e41930cfb977b72b2120e5fae2e SHA256 6f7f27d4cae7ed03b28be646d6b04fe1dc9524e0b016411712f691b44128da33
 EBUILD stunnel-4.29-r1.ebuild 2242 RMD160 264645bc34707174e6c6b27556059844b6064118 SHA1 7b004e161fb0e924aba981538304caab2ed2817c SHA256 2ee64c194016480b992a3af6e60e172180e1f8820da107440ddbe6626a85c450
 EBUILD stunnel-4.31-r1.ebuild 2242 RMD160 c9f2ac8a27a3b27c216dcedffdc4faf09d9c7863 SHA1 819a1c1df6dc3d0b9a9d61583d9edec3d5a7963a SHA256 5731a98fa0cacf8d6315e8e0fac9c06aa3f21eeafc8a4d3074f7b6067c3446ed
 EBUILD stunnel-4.33.ebuild 2247 RMD160 8b800faf1095d1136a0b7df448e60cd86bffdeb5 SHA1 a870cf44a559fe62f920864583cbfd7fa5c03c92 SHA256 ec3206fa9c533e4057f0e0fd705488cdd20d29e4b269b7ef2e85956a880683e0
-MISC ChangeLog 16551 RMD160 d7664c8797161c9b15e5a3baf14360b45187544a SHA1 25632d8da25b27879c80f59e3698cb3b6666ae02 SHA256 2b165aa8ea6d0023b2ed5f581cd826d90a7a0079d80e109c14a92130c2eac667
-MISC metadata.xml 730 RMD160 bbd4ce0b27247c5969c171573a18d785b4893132 SHA1 eb5a0705fbb23a0c6cbbe61d2e03e0a14b601572 SHA256 e628cf7d971c59907c106bfc88a7e0fa1d313412cc306e160af7154aa804d64f
+EBUILD stunnel-4.35.ebuild 2319 RMD160 9fa89c58cd1f2c7c57d831191ad2ceaca1fedec7 SHA1 32ab6b9448bea90c9a690ace6cff74fc7abd7444 SHA256 a0461c4b4d500209c63e3d553477a604a0e688a932c951a195338b32fa6d916a
+MISC ChangeLog 16887 RMD160 8c317395dfc5113a9bf2c92278febd5c1679ba98 SHA1 4646282b54dda33891fc53e2ec16d4945acc81d4 SHA256 22cddbcd6b9baa9678c4251887a36adf513d09ea067a4c18ff1ed07ed9b7636a
+MISC metadata.xml 805 RMD160 640ce45c919ae96d8f1307ab665aa225377dd6a9 SHA1 2fbb035772903edcd8b3de5f3b425b382e58b9c0 SHA256 689b00472f1a16bf3b009106f2722da6786ad34e3380cb074db5a17cc498b78d
 -----BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.15 (GNU/Linux)
+Version: GnuPG v2.0.16 (GNU/Linux)
 
-iD8DBQFMNBObQW+hXSf0t0IRAguVAKCy43ZgVLdKF7tUYIDW4Pa8JQbgQgCgm3FT
-jWwY4w6fU5brmqz2Nw/v0oE=
-=fnp8
+iD8DBQFNbeCvQW+hXSf0t0IRAo3zAKDgspevM1rbFDFhYv9EWHHeX+hU9gCaAkUP
+VuKhkLczDr0CFv2VFgiu2cM=
+=8st2
 -----END PGP SIGNATURE-----
diff --git a/net-misc/stunnel/files/stunnel-4.34-listen-queue.diff b/net-misc/stunnel/files/stunnel-4.34-listen-queue.diff
new file mode 100644
index 000000000000..8b826ddb56f4
--- /dev/null
+++ b/net-misc/stunnel/files/stunnel-4.34-listen-queue.diff
@@ -0,0 +1,55 @@
+Patch by Thomas Franco, rediffed for 4.34.
+
+diff -ru stunnel-4.34/src/options.c stunnel-4.34-listen-queue/src/options.c
+--- stunnel-4.34/src/options.c	2010-09-14 17:09:36.000000000 +0200
++++ stunnel-4.34-listen-queue/src/options.c	2010-12-06 22:14:15.610223090 +0100
+@@ -1473,6 +1473,24 @@
+         break;
+     }
+ 
++    /* listenqueue */
++    switch(cmd) {
++    case CMD_INIT:
++        section->listenqueue=SOMAXCONN;
++        break;
++    case CMD_EXEC:
++        if(strcasecmp(opt, "listenqueue"))
++            break;
++        section->listenqueue=atoi(arg);
++        return (section->listenqueue?NULL:"Bad verify level");
++    case CMD_DEFAULT:
++        s_log(LOG_NOTICE, "%-15s = %d", "listenqueue", SOMAXCONN);
++        break;
++    case CMD_HELP:
++        s_log(LOG_NOTICE, "%-15s = defines the maximum length the queue of pending connections may grow to", "listenqueue");
++        break;
++    }
++
+     if(cmd==CMD_EXEC)
+         return option_not_found;
+     return NULL; /* OK */
+diff -ru stunnel-4.34/src/prototypes.h stunnel-4.34-listen-queue/src/prototypes.h
+--- stunnel-4.34/src/prototypes.h	2010-09-14 17:09:50.000000000 +0200
++++ stunnel-4.34-listen-queue/src/prototypes.h	2010-12-06 22:06:39.217327586 +0100
+@@ -158,6 +158,7 @@
+     int timeout_close; /* maximum close_notify time */
+     int timeout_connect; /* maximum connect() time */
+     int timeout_idle; /* maximum idle connection time */
++    int listenqueue; /* Listen baklog */
+     enum {FAILOVER_RR, FAILOVER_PRIO} failover; /* failover strategy */
+ 
+         /* protocol name for protocol.c */
+Seulement dans stunnel-4.34-listen-queue/src: prototypes.h~
+diff -ru stunnel-4.34/src/stunnel.c stunnel-4.34-listen-queue/src/stunnel.c
+--- stunnel-4.34/src/stunnel.c	2010-08-20 11:01:35.000000000 +0200
++++ stunnel-4.34-listen-queue/src/stunnel.c	2010-12-06 22:05:54.732885327 +0100
+@@ -204,7 +204,7 @@
+             }
+             s_log(LOG_DEBUG, "Service %s bound to %s",
+                 opt->servname, opt->local_address);
+-            if(listen(opt->fd, 5)) {
++            if(listen(opt->fd, opt->listenqueue)) {
+                 sockerror("listen");
+                 return 0;
+             }
+Seulement dans stunnel-4.34-listen-queue/src: stunnel.c~
diff --git a/net-misc/stunnel/files/stunnel-4.35-libwrap.patch b/net-misc/stunnel/files/stunnel-4.35-libwrap.patch
new file mode 100644
index 000000000000..2a0ef0442556
--- /dev/null
+++ b/net-misc/stunnel/files/stunnel-4.35-libwrap.patch
@@ -0,0 +1,10 @@
+--- stunnel-4.35/configure.ac	2011-02-07 16:28:03.000000000 +0100
++++ stunnel-4.35/configure.ac	2011-02-07 16:31:23.000000000 +0100
+@@ -357,6 +357,7 @@
+         case "$enableval" in
+             yes) AC_MSG_RESULT([no])
+                 AC_DEFINE(HAVE_LIBWRAP)
++                LIBS="$LIBS -lwrap"
+                 ;;
+             no) AC_MSG_RESULT([yes])
+                 ;;
diff --git a/net-misc/stunnel/files/stunnel-4.35-xforwarded-for.diff b/net-misc/stunnel/files/stunnel-4.35-xforwarded-for.diff
new file mode 100644
index 000000000000..d97c5eb90f8a
--- /dev/null
+++ b/net-misc/stunnel/files/stunnel-4.35-xforwarded-for.diff
@@ -0,0 +1,248 @@
+--- stunnel-4.35/doc/stunnel.fr.8.ori	2011-02-07 17:21:07.000000000 +0100
++++ stunnel-4.35-xforwarded-for/doc/stunnel.fr.8	2011-02-07 17:21:31.000000000 +0100
+@@ -394,6 +394,10 @@
+ .IP "\fBTIMEOUTidle\fR = secondes" 4
+ .IX Item "TIMEOUTidle = secondes"
+ Durée d'attente sur une connexion inactive
++.IP "\fBxforwardedfor\fR = yes | no" 4
++.IX Item "xforwardedfor = yes | no"
++Ajoute un en-tête 'X-Forwarded-For:' dans la requête HTTP fournissant
++au serveur l'adresse IP du client.
+ .IP "\fBtransparent\fR = yes | no (Unix seulement)" 4
+ .IX Item "transparent = yes | no (Unix seulement)"
+ Mode mandataire transparent
+diff -ru stunnel-4.35/doc/stunnel.8 stunnel-4.35-xforwarded-for/doc/stunnel.8
+--- stunnel-4.35/doc/stunnel.8	2010-09-15 09:11:21.000000000 +0200
++++ stunnel-4.35-xforwarded-for/doc/stunnel.8	2010-12-06 21:56:08.770829792 +0100
+@@ -527,6 +527,10 @@
+ .IP "\fBTIMEOUTidle\fR = seconds" 4
+ .IX Item "TIMEOUTidle = seconds"
+ time to keep an idle connection
++.IP "\fBxforwardedfor\fR = yes | no" 4
++.IX Item "xforwardedfor = yes | no"
++append an 'X-Forwarded-For:' HTTP request header providing the
++client's IP address to the server.
+ .IP "\fBtransparent\fR = none | source | destination | both (Unix only)" 4
+ .IX Item "transparent = none | source | destination | both (Unix only)"
+ enable transparent proxy support on selected platforms
+diff -ru stunnel-4.35/src/client.c stunnel-4.35-xforwarded-for/src/client.c
+--- stunnel-4.35/src/client.c	2010-09-14 17:03:43.000000000 +0200
++++ stunnel-4.35-xforwarded-for/src/client.c	2010-12-06 21:56:08.770829792 +0100
+@@ -84,6 +84,12 @@
+         return NULL;
+     }
+     c->opt=opt;
++    /* some options need space to add some information */
++    if (c->opt->option.xforwardedfor)
++        c->buffsize = BUFFSIZE - BUFF_RESERVED;
++    else
++        c->buffsize = BUFFSIZE;
++    c->crlf_seen=0;
+     c->local_rfd.fd=rfd;
+     c->local_wfd.fd=wfd;
+     return c;
+@@ -372,6 +378,28 @@
+     }
+ }
+ 
++/* Moves all data from the buffer <buffer> between positions <start> and <stop>
++ * to insert <string> of length <len>. <start> and <stop> are updated to their
++ * new respective values, and the number of characters inserted is returned.
++ * If <len> is too long, nothing is done and -1 is returned.
++ * Note that neither <string> nor <buffer> can be NULL.
++ */
++static int buffer_insert_with_len(char *buffer, int *start, int *stop, int limit, char *string, int len) {
++    if (len > limit - *stop)
++        return -1;
++    if (*start > *stop)
++        return -1;
++    memmove(buffer + *start + len, buffer + *start, *stop - *start);
++    memcpy(buffer + *start, string, len);
++    *start += len;
++    *stop += len;
++    return len;
++}
++
++static int buffer_insert(char *buffer, int *start, int *stop, int limit, char *string) {
++    return buffer_insert_with_len(buffer, start, stop, limit, string, strlen(string));
++}
++
+ /****************************** transfer data */
+ static void transfer(CLI *c) {
+     int watchdog=0; /* a counter to detect an infinite loop */
+@@ -390,7 +418,7 @@
+     do { /* main loop of client data transfer */
+         /****************************** initialize *_wants_* */
+         read_wants_read=
+-            ssl_open_rd && c->ssl_ptr<BUFFSIZE && !read_wants_write;
++            ssl_open_rd && c->ssl_ptr<c->buffsize && !read_wants_write;
+         write_wants_write=
+             ssl_open_wr && c->sock_ptr && !write_wants_read;
+ 
+@@ -399,7 +427,7 @@
+         /* for plain socket open data strem = open file descriptor */
+         /* make sure to add each open socket to receive exceptions! */
+         if(sock_open_rd)
+-            s_poll_add(&c->fds, c->sock_rfd->fd, c->sock_ptr<BUFFSIZE, 0);
++            s_poll_add(&c->fds, c->sock_rfd->fd, c->sock_ptr<c->buffsize, 0);
+         if(sock_open_wr)
+             s_poll_add(&c->fds, c->sock_wfd->fd, 0, c->ssl_ptr);
+         /* for SSL assume that sockets are open if there any pending requests */
+@@ -531,7 +559,7 @@
+         /****************************** read from socket */
+         if(sock_open_rd && sock_can_rd) {
+             num=readsocket(c->sock_rfd->fd,
+-                c->sock_buff+c->sock_ptr, BUFFSIZE-c->sock_ptr);
++                c->sock_buff+c->sock_ptr, c->buffsize-c->sock_ptr);
+             switch(num) {
+             case -1:
+                 parse_socket_error(c, "readsocket");
+@@ -567,7 +595,7 @@
+         /****************************** update *_wants_* based on new *_ptr */
+         /* this update is also required for SSL_pending() to be used */
+         read_wants_read=
+-            ssl_open_rd && c->ssl_ptr<BUFFSIZE && !read_wants_write;
++            ssl_open_rd && c->ssl_ptr<c->buffsize && !read_wants_write;
+         write_wants_write=
+             ssl_open_wr && c->sock_ptr && !write_wants_read;
+ 
+@@ -577,10 +605,71 @@
+                  * writesocket() above made some room in c->ssl_buff */
+                 (read_wants_write && ssl_can_wr)) {
+             read_wants_write=0;
+-            num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, BUFFSIZE-c->ssl_ptr);
++            num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, c->buffsize-c->ssl_ptr);
+             switch(err=SSL_get_error(c->ssl, num)) {
+             case SSL_ERROR_NONE:
+-                c->ssl_ptr+=num;
++                if (c->buffsize != BUFFSIZE && c->opt->option.xforwardedfor) { /* some work left to do */
++                    int last = c->ssl_ptr;
++                    c->ssl_ptr += num;
++
++                    /* Look for end of HTTP headers between last and ssl_ptr.
++                    * To achieve this reliably, we have to count the number of
++                    * successive [CR]LF and to memorize it in case it's spread
++                    * over multiple segments. --WT.
++                    */
++                    while (last < c->ssl_ptr) {
++                        if (c->ssl_buff[last] == '\n') {
++                            if (++c->crlf_seen == 2)
++                                break;
++                        } else if (last < c->ssl_ptr - 1 &&
++                                    c->ssl_buff[last] == '\r' &&
++                                    c->ssl_buff[last+1] == '\n') {
++                            if (++c->crlf_seen == 2)
++                                break;
++                            last++;
++                        } else if (c->ssl_buff[last] != '\r')
++                            /* don't refuse '\r' because we may get a '\n' on next read */
++                            c->crlf_seen = 0;
++                        last++;
++                    }
++                    if (c->crlf_seen >= 2) {
++                        /* We have all the HTTP headers now. We don't need to
++                        * reserve any space anymore. <ssl_ptr> points to the
++                        * first byte of unread data, and <last> points to the
++                        * exact location where we want to insert our headers,
++                        * which is right before the empty line.
++                        */
++                        c->buffsize = BUFFSIZE;
++
++                        if (c->opt->option.xforwardedfor) {
++                            /* X-Forwarded-For: xxxx \r\n\0 */
++                            char xforw[17 + IPLEN + 3];
++
++                            /* We will insert our X-Forwarded-For: header here.
++                            * We need to write the IP address, but if we use
++                            * sprintf, it will pad with the terminating 0.
++                            * So we will pass via a temporary buffer allocated
++                            * on the stack.
++                            */
++                            memcpy(xforw, "X-Forwarded-For: ", 17);
++                            if (getnameinfo(&c->peer_addr.addr[0].sa,
++                                    addr_len(c->peer_addr.addr[0]),
++                                    xforw + 17, IPLEN, NULL, 0,
++                                    NI_NUMERICHOST) == 0) {
++                                strcat(xforw + 17, "\r\n");
++                                buffer_insert(c->ssl_buff, &last, &c->ssl_ptr,
++                                            c->buffsize, xforw);
++                            }
++                            /* last still points to the \r\n and ssl_ptr to the
++                            * end of the buffer, so we may add as many headers
++                            * as wee need to.
++                            */
++                        }
++                    }
++                }
++                else
++                   c->ssl_ptr+=num;
++
+                 watchdog=0; /* reset watchdog */
+                 break;
+             case SSL_ERROR_WANT_WRITE:
+diff -ru stunnel-4.35/src/common.h stunnel-4.35-xforwarded-for/src/common.h
+--- stunnel-4.35/src/common.h	2010-09-14 17:00:36.000000000 +0200
++++ stunnel-4.35-xforwarded-for/src/common.h	2010-12-06 21:56:08.770829792 +0100
+@@ -53,6 +53,9 @@
+ /* I/O buffer size */
+ #define BUFFSIZE 16384
+ 
++/* maximum space reserved for header insertion in BUFFSIZE */
++#define BUFF_RESERVED 1024
++
+ /* length of strings (including the terminating '\0' character) */
+ /* it can't be lower than 256 bytes or NTLM authentication will break */
+ #define STRLEN 256
+diff -ru stunnel-4.35/src/options.c stunnel-4.35-xforwarded-for/src/options.c
+--- stunnel-4.35/src/options.c	2010-09-14 17:09:36.000000000 +0200
++++ stunnel-4.35-xforwarded-for/src/options.c	2010-12-06 21:56:08.774829832 +0100
+@@ -818,6 +818,29 @@
+     }
+ #endif
+ 
++    /* xforwardedfor */
++    switch(cmd) {
++    case CMD_INIT:
++        section->option.xforwardedfor=0;
++        break;
++    case CMD_EXEC:
++        if(strcasecmp(opt, "xforwardedfor"))
++            break;
++        if(!strcasecmp(arg, "yes"))
++            section->option.xforwardedfor=1;
++        else if(!strcasecmp(arg, "no"))
++            section->option.xforwardedfor=0;
++        else
++            return "argument should be either 'yes' or 'no'";
++        return NULL; /* OK */
++    case CMD_DEFAULT:
++        break;
++    case CMD_HELP:
++        s_log(LOG_NOTICE, "%-15s = yes|no append an HTTP X-Forwarded-For header",
++            "xforwardedfor");
++        break;
++    }
++
+     /* exec */
+     switch(cmd) {
+     case CMD_INIT:
+diff -ru stunnel-4.35/src/prototypes.h stunnel-4.35-xforwarded-for/src/prototypes.h
+--- stunnel-4.35/src/prototypes.h	2010-09-14 17:09:50.000000000 +0200
++++ stunnel-4.35-xforwarded-for/src/prototypes.h	2010-12-06 21:56:08.774829832 +0100
+@@ -171,6 +171,7 @@
+     struct {
+         unsigned int client:1;
+         unsigned int delayed_lookup:1;
++        unsigned int xforwardedfor:1;
+         unsigned int accept:1;
+         unsigned int remote:1;
+         unsigned int retry:1; /* loop remote+program */
+@@ -346,6 +347,8 @@
+     FD *ssl_rfd, *ssl_wfd; /* read and write SSL descriptors */
+     int sock_bytes, ssl_bytes; /* bytes written to socket and ssl */
+     s_poll_set fds; /* file descriptors */
++    int buffsize;  /* current buffer size, may be lower than BUFFSIZE */
++    int crlf_seen; /* the number of successive CRLF seen */
+ } CLI;
+ 
+ extern int max_fds, max_clients;
diff --git a/net-misc/stunnel/metadata.xml b/net-misc/stunnel/metadata.xml
index 18e0ef850fd0..ead2ba6993a0 100644
--- a/net-misc/stunnel/metadata.xml
+++ b/net-misc/stunnel/metadata.xml
@@ -15,5 +15,6 @@
 	</longdescription>
 	<use>
 		<flag name="xforward">Enable X-Forwarded-For support for Stunnel</flag>
+		<flag name="listen-queue">Enable Listen Queue support for Stunnel</flag>
 	</use>
 </pkgmetadata>
diff --git a/net-misc/stunnel/stunnel-4.35.ebuild b/net-misc/stunnel/stunnel-4.35.ebuild
new file mode 100644
index 000000000000..00b361220846
--- /dev/null
+++ b/net-misc/stunnel/stunnel-4.35.ebuild
@@ -0,0 +1,76 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/stunnel/stunnel-4.35.ebuild,v 1.1 2011/03/02 06:16:12 ramereth Exp $
+
+EAPI="2"
+
+inherit autotools ssl-cert eutils
+
+DESCRIPTION="TLS/SSL - Port Wrapper"
+HOMEPAGE="http://stunnel.mirt.net/"
+SRC_URI="ftp://ftp.stunnel.org/stunnel/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc ~x86"
+IUSE="ipv6 selinux tcpd xforward listen-queue"
+
+DEPEND="tcpd? ( sys-apps/tcp-wrappers )
+	>=dev-libs/openssl-0.9.8k"
+RDEPEND="${DEPEND}
+	selinux? ( sec-policy/selinux-stunnel )"
+
+pkg_setup() {
+	enewgroup stunnel
+	enewuser stunnel -1 -1 -1 stunnel
+}
+
+src_prepare() {
+	epatch "${FILESDIR}/${PN}-4.35-libwrap.patch"
+	use xforward && epatch "${FILESDIR}/stunnel-4.35-xforwarded-for.diff"
+	use listen-queue && epatch "${FILESDIR}/stunnel-4.34-listen-queue.diff"
+	eautoreconf
+
+	# Hack away generation of certificate
+	sed -i -e "s/^install-data-local:/do-not-run-this:/" \
+		tools/Makefile.in || die "sed failed"
+}
+
+src_configure() {
+	econf $(use_enable ipv6) \
+		$(use_enable tcpd libwrap) || die "econf died"
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die "emake install failed"
+	rm -rf "${D}"/usr/share/doc/${PN}
+	rm -f "${D}"/etc/stunnel/stunnel.conf-sample "${D}"/usr/bin/stunnel3 \
+		"${D}"/usr/share/man/man8/stunnel.{fr,pl}.8
+
+	# The binary was moved to /usr/bin with 4.21,
+	# symlink for backwards compatibility
+	dosym ../bin/stunnel /usr/sbin/stunnel
+
+	dodoc AUTHORS BUGS CREDITS PORTS README TODO ChangeLog
+	dohtml doc/stunnel.html doc/en/VNC_StunnelHOWTO.html tools/ca.html \
+		tools/importCA.html
+
+	insinto /etc/stunnel
+	doins "${FILESDIR}"/stunnel.conf
+	newinitd "${FILESDIR}"/stunnel.initd stunnel
+
+	keepdir /var/run/stunnel
+	fowners stunnel:stunnel /var/run/stunnel
+}
+
+pkg_postinst() {
+	if [ ! -f "${ROOT}"/etc/stunnel/stunnel.key ]; then
+		install_cert /etc/stunnel/stunnel
+		chown stunnel:stunnel "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
+		chmod 0640 "${ROOT}"/etc/stunnel/stunnel.{crt,csr,key,pem}
+	fi
+
+	einfo "If you want to run multiple instances of stunnel, create a new config"
+	einfo "file ending with .conf in /etc/stunnel/. **Make sure** you change "
+	einfo "\'pid= \' with a unique filename."
+}
author	Lance Albertson <ramereth@gentoo.org>	2011-03-02 06:16:12 +0000
committer	Lance Albertson <ramereth@gentoo.org>	2011-03-02 06:16:12 +0000
commit	208a618d583cdac73d8888de2a4acdeacea0b1f1 (patch)
tree	c5087ae75ff6d451f4283fd53056251317fe8de5 /net-misc/stunnel
parent	*portage-2.2.0_alpha26 (02 Mar 2011) (diff)
download	historical-208a618d583cdac73d8888de2a4acdeacea0b1f1.tar.gz historical-208a618d583cdac73d8888de2a4acdeacea0b1f1.tar.bz2 historical-208a618d583cdac73d8888de2a4acdeacea0b1f1.zip