From c38b70a70e1446d3efe1cb1ef6439a76d20a7964 Mon Sep 17 00:00:00 2001 From: Wang Mingyu Date: Tue, 17 Dec 2024 17:01:34 +0800 Subject: stunnel: upgrade 5.73 -> 5.74 fix-openssl-no-des.patch refreshed for 5.74 * Bugfixes - Fixed a stapling cache deallocation crash. - Fixed "redirect" with protocol negotiation. * Features - "protocolHost" support for "socks" protocol clients. - More detailed logs in OpenSSL 3.0 or later. Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj --- .../stunnel/stunnel/fix-openssl-no-des.patch | 8 +++--- .../recipes-support/stunnel/stunnel_5.73.bb | 33 ---------------------- .../recipes-support/stunnel/stunnel_5.74.bb | 33 ++++++++++++++++++++++ 3 files changed, 37 insertions(+), 37 deletions(-) delete mode 100644 meta-networking/recipes-support/stunnel/stunnel_5.73.bb create mode 100644 meta-networking/recipes-support/stunnel/stunnel_5.74.bb (limited to 'meta-networking/recipes-support') diff --git a/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch b/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch index 8c4ca55fbb..08edc254ae 100644 --- a/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch +++ b/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch @@ -1,4 +1,4 @@ -From c815368a3e41dd3f639eb8fd82d21bc0bab55d1e Mon Sep 17 00:00:00 2001 +From 71751d30ca6bdae6c62e41b8bdd20eb69cecd556 Mon Sep 17 00:00:00 2001 From: Kai Kang Date: Wed, 1 Nov 2017 09:23:41 -0400 Subject: [PATCH] stunnel: fix compile error when openssl disable des support @@ -31,7 +31,7 @@ index f112cf9..8d4be01 100644 #include #if OPENSSL_VERSION_NUMBER<0x10100000L diff --git a/src/protocol.c b/src/protocol.c -index c8c65ea..b071b06 100644 +index 616a65f..5ccbcb0 100644 --- a/src/protocol.c +++ b/src/protocol.c @@ -82,7 +82,7 @@ NOEXPORT void ldap_client_middle(CLI *); @@ -43,7 +43,7 @@ index c8c65ea..b071b06 100644 NOEXPORT void ntlm(CLI *); NOEXPORT char *ntlm1(void); NOEXPORT char *ntlm3(char *, char *, char *, char *); -@@ -1334,7 +1334,7 @@ NOEXPORT void connect_client_middle(CLI *c) { +@@ -1391,7 +1391,7 @@ NOEXPORT void connect_client_middle(CLI *c) { fd_printf(c, c->remote_fd.fd, "Host: %s", c->opt->protocol_host); if(c->opt->protocol_username && c->opt->protocol_password) { if(!strcasecmp(c->opt->protocol_authentication, "ntlm")) { @@ -52,7 +52,7 @@ index c8c65ea..b071b06 100644 ntlm(c); #else s_log(LOG_ERR, "NTLM authentication is not available"); -@@ -1377,7 +1377,7 @@ NOEXPORT void connect_client_middle(CLI *c) { +@@ -1434,7 +1434,7 @@ NOEXPORT void connect_client_middle(CLI *c) { str_free(line); } diff --git a/meta-networking/recipes-support/stunnel/stunnel_5.73.bb b/meta-networking/recipes-support/stunnel/stunnel_5.73.bb deleted file mode 100644 index e13b7871ca..0000000000 --- a/meta-networking/recipes-support/stunnel/stunnel_5.73.bb +++ /dev/null @@ -1,33 +0,0 @@ -SUMMARY = "Program for providing universal TLS/SSL tunneling service" -DESCRIPTION = "SSL encryption wrapper between remote client and local (inetd-startable) or remote server." -HOMEPAGE = "https://www.stunnel.org/" -SECTION = "net" -LICENSE = "GPL-2.0-or-later" -LIC_FILES_CHKSUM = "file://COPYING.md;md5=906ac034adaee9d093318e51b53453ca" - -DEPENDS = "autoconf-archive libnsl2 openssl" - -SRC_URI = "https://stunnel.org/archive/5.x/${BP}.tar.gz \ - file://fix-openssl-no-des.patch \ -" - -SRC_URI[sha256sum] = "bc917c3bcd943a4d632360c067977a31e85e385f5f4845f69749bce88183cb38" - -inherit autotools bash-completion pkgconfig - -PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6 systemd', d)} libwrap" - -PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," -PACKAGECONFIG[libwrap] = "--enable-libwrap,--disable-libwrap,tcp-wrappers" -PACKAGECONFIG[systemd] = "--enable-systemd,--disable-systemd,systemd" - -EXTRA_OECONF += "--with-ssl='${STAGING_EXECPREFIXDIR}' --disable-fips" - -# When cross compiling, configure defaults to nobody, but provides no option to change it. -EXTRA_OEMAKE += "DEFAULT_GROUP='nogroup'" - -# stunnel3 is a Perl wrapper to allow use of the legacy stunnel 3.x commandline -# syntax with stunnel >= 4.05 -PACKAGES =+ "stunnel3" -FILES:stunnel3 = "${bindir}/stunnel3" -RDEPENDS:stunnel3 += "${PN} perl" diff --git a/meta-networking/recipes-support/stunnel/stunnel_5.74.bb b/meta-networking/recipes-support/stunnel/stunnel_5.74.bb new file mode 100644 index 0000000000..558eacd709 --- /dev/null +++ b/meta-networking/recipes-support/stunnel/stunnel_5.74.bb @@ -0,0 +1,33 @@ +SUMMARY = "Program for providing universal TLS/SSL tunneling service" +DESCRIPTION = "SSL encryption wrapper between remote client and local (inetd-startable) or remote server." +HOMEPAGE = "https://www.stunnel.org/" +SECTION = "net" +LICENSE = "GPL-2.0-or-later" +LIC_FILES_CHKSUM = "file://COPYING.md;md5=906ac034adaee9d093318e51b53453ca" + +DEPENDS = "autoconf-archive libnsl2 openssl" + +SRC_URI = "https://stunnel.org/archive/5.x/${BP}.tar.gz \ + file://fix-openssl-no-des.patch \ +" + +SRC_URI[sha256sum] = "9bef235ab5d24a2a8dff6485dfd782ed235f4407e9bc8716deb383fc80cd6230" + +inherit autotools bash-completion pkgconfig + +PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6 systemd', d)} libwrap" + +PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," +PACKAGECONFIG[libwrap] = "--enable-libwrap,--disable-libwrap,tcp-wrappers" +PACKAGECONFIG[systemd] = "--enable-systemd,--disable-systemd,systemd" + +EXTRA_OECONF += "--with-ssl='${STAGING_EXECPREFIXDIR}' --disable-fips" + +# When cross compiling, configure defaults to nobody, but provides no option to change it. +EXTRA_OEMAKE += "DEFAULT_GROUP='nogroup'" + +# stunnel3 is a Perl wrapper to allow use of the legacy stunnel 3.x commandline +# syntax with stunnel >= 4.05 +PACKAGES =+ "stunnel3" +FILES:stunnel3 = "${bindir}/stunnel3" +RDEPENDS:stunnel3 += "${PN} perl" -- cgit v1.2.3-54-g00ecf