This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, master has been updated via abe7ef8936adf7d3eb6ca232b25743200b096d2e (commit) via d2d7a46b1e12ee676c84d946c096457035929cf0 (commit) from 6be2813368cc8a8cad9499aee525bc94afd087a9 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit abe7ef8936adf7d3eb6ca232b25743200b096d2e Merge: 6be2813 d2d7a46 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Apr 30 15:02:51 2014 +0200
Merge remote-tracking branch 'ms/stunnel-addon'
commit d2d7a46b1e12ee676c84d946c096457035929cf0 Author: Michael Tremer michael.tremer@ipfire.org Date: Fri Apr 25 12:42:52 2014 +0200
stunnel: New package.
-----------------------------------------------------------------------
Summary of changes: config/backup/includes/stunnel | 1 + config/etc/passwd | 1 + config/rootfiles/common/armv5tel/initscripts | 1 + config/rootfiles/common/i586/initscripts | 1 + config/rootfiles/packages/stunnel | 41 +++++++++++++++++++++++++++ config/stunnel/stunnel.conf | 21 ++++++++++++++ lfs/{avahi => stunnel} | 42 +++++++++++++++------------- make.sh | 1 + src/initscripts/init.d/stunnel | 39 ++++++++++++++++++++++++++ src/paks/{xinetd => stunnel}/install.sh | 17 ++++++----- src/paks/{avahi => stunnel}/uninstall.sh | 2 +- src/paks/{apcupsd => stunnel}/update.sh | 0 12 files changed, 139 insertions(+), 28 deletions(-) create mode 100644 config/backup/includes/stunnel create mode 100644 config/rootfiles/packages/stunnel create mode 100644 config/stunnel/stunnel.conf copy lfs/{avahi => stunnel} (83%) create mode 100644 src/initscripts/init.d/stunnel copy src/paks/{xinetd => stunnel}/install.sh (84%) copy src/paks/{avahi => stunnel}/uninstall.sh (98%) copy src/paks/{apcupsd => stunnel}/update.sh (100%)
Difference in files: diff --git a/config/backup/includes/stunnel b/config/backup/includes/stunnel new file mode 100644 index 0000000..e5702f1 --- /dev/null +++ b/config/backup/includes/stunnel @@ -0,0 +1 @@ +/etc/stunnel/ diff --git a/config/etc/passwd b/config/etc/passwd index ebc82d5..0c2527c 100644 --- a/config/etc/passwd +++ b/config/etc/passwd @@ -8,6 +8,7 @@ mysql:x:41:41:MySQL Server:/dev/null:/bin/false ftp:x:45:45:anonymous_user:/home/ftp:/bin/false vsftpd:x:47:47:vsftpd User:/home/ftp:/bin/false rsyncd:x:48:48:rsyncd Daemon:/home/rsync:/bin/false +stunnel:x:51:51:stunnel Daemon:/var/lib/stunnel:/bin/false sshd:x:74:74:sshd:/var/empty:/bin/false nobody:x:99:99:Nobody:/home/nobody:/bin/false postfix:x:100:100::/var/spool/postfix:/bin/false diff --git a/config/rootfiles/common/armv5tel/initscripts b/config/rootfiles/common/armv5tel/initscripts index 4716b97..ecd01ec 100644 --- a/config/rootfiles/common/armv5tel/initscripts +++ b/config/rootfiles/common/armv5tel/initscripts @@ -115,6 +115,7 @@ etc/rc.d/init.d/squid etc/rc.d/init.d/sshd #etc/rc.d/init.d/sslh etc/rc.d/init.d/static-routes +#etc/rc.d/init.d/stunnel etc/rc.d/init.d/swap etc/rc.d/init.d/sysctl etc/rc.d/init.d/sysklogd diff --git a/config/rootfiles/common/i586/initscripts b/config/rootfiles/common/i586/initscripts index 07a39f4..b34ea91 100644 --- a/config/rootfiles/common/i586/initscripts +++ b/config/rootfiles/common/i586/initscripts @@ -117,6 +117,7 @@ etc/rc.d/init.d/squid etc/rc.d/init.d/sshd #etc/rc.d/init.d/sslh etc/rc.d/init.d/static-routes +#etc/rc.d/init.d/stunnel etc/rc.d/init.d/swap etc/rc.d/init.d/sysctl etc/rc.d/init.d/sysklogd diff --git a/config/rootfiles/packages/stunnel b/config/rootfiles/packages/stunnel new file mode 100644 index 0000000..eaf7fce --- /dev/null +++ b/config/rootfiles/packages/stunnel @@ -0,0 +1,41 @@ +etc/rc.d/init.d/stunnel +etc/stunnel +etc/stunnel/stunnel.conf +#etc/stunnel/stunnel.conf-sample +usr/bin/stunnel +#usr/bin/stunnel3 +#usr/lib/stunnel +#usr/lib/stunnel/libstunnel.la +usr/lib/stunnel/libstunnel.so +#usr/share/doc/stunnel +#usr/share/doc/stunnel/AUTHORS +#usr/share/doc/stunnel/BUGS +#usr/share/doc/stunnel/COPYING +#usr/share/doc/stunnel/COPYRIGHT.GPL +#usr/share/doc/stunnel/CREDITS +#usr/share/doc/stunnel/ChangeLog +#usr/share/doc/stunnel/INSTALL +#usr/share/doc/stunnel/INSTALL.FIPS +#usr/share/doc/stunnel/INSTALL.W32 +#usr/share/doc/stunnel/INSTALL.WCE +#usr/share/doc/stunnel/PORTS +#usr/share/doc/stunnel/README +#usr/share/doc/stunnel/TODO +#usr/share/doc/stunnel/examples +#usr/share/doc/stunnel/examples/ca.html +#usr/share/doc/stunnel/examples/ca.pl +#usr/share/doc/stunnel/examples/importCA.html +#usr/share/doc/stunnel/examples/importCA.sh +#usr/share/doc/stunnel/examples/script.sh +#usr/share/doc/stunnel/examples/stunnel.init +#usr/share/doc/stunnel/examples/stunnel.service +#usr/share/doc/stunnel/examples/stunnel.spec +#usr/share/doc/stunnel/stunnel.fr.html +#usr/share/doc/stunnel/stunnel.html +#usr/share/doc/stunnel/stunnel.pl.html +#usr/share/man/man8/stunnel.8 +#usr/share/man/man8/stunnel.fr.8 +#usr/share/man/man8/stunnel.pl.8 +var/ipfire/backup/addons/includes/stunnel +var/lib/stunnel +var/lib/stunnel/run diff --git a/config/stunnel/stunnel.conf b/config/stunnel/stunnel.conf new file mode 100644 index 0000000..b172200 --- /dev/null +++ b/config/stunnel/stunnel.conf @@ -0,0 +1,21 @@ +; File: /etc/stunnel/stunnel.conf + +; Note: The pid and output locations are relative to the chroot location. + +pid = /run/stunnel.pid +chroot = /var/lib/stunnel +client = no +setuid = stunnel +setgid = stunnel +cert = /etc/stunnel/stunnel.pem + +;debug = 7 +;output = stunnel.log + +;[https] +;accept = 443 +;connect = 80 +;; "TIMEOUTclose = 0" is a workaround for a design flaw in Microsoft SSL +;; Microsoft implementations do not use SSL close-notify alert and thus +;; they are vulnerable to truncation attacks +;TIMEOUTclose = 0 diff --git a/lfs/stunnel b/lfs/stunnel new file mode 100644 index 0000000..f6f27e0 --- /dev/null +++ b/lfs/stunnel @@ -0,0 +1,101 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007 Michael Tremer & Christian Schmidt # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see http://www.gnu.org/licenses/. # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 5.01 + +THISAPP = stunnel-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) +PROG = stunnel +PAK_VER = 1 + +DEPS = "" + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = 7b63266b6fa05da696729e245100da65 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +dist: + @$(PAK) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && ./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --localstatedir=/var + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + + # Create secure directory + install -v -m750 -o stunnel -g stunnel -d /var/lib/stunnel/run + chown -v stunnel:stunnel /var/lib/stunnel + + # Install default configuration + -mkdir -pv /etc/stunnel + install -v -m 644 $(DIR_SRC)/config/stunnel/stunnel.conf \ + /etc/stunnel + + # Install backup include + install -v -m 644 $(DIR_SRC)/config/backup/includes/stunnel \ + /var/ipfire/backup/addons/includes + + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/make.sh b/make.sh index c702a7f..07d1371 100755 --- a/make.sh +++ b/make.sh @@ -798,6 +798,7 @@ buildipfire() { ipfiremake wavemon ipfiremake iptraf-ng ipfiremake iotop + ipfiremake stunnel }
buildinstaller() { diff --git a/src/initscripts/init.d/stunnel b/src/initscripts/init.d/stunnel new file mode 100644 index 0000000..9494b5d --- /dev/null +++ b/src/initscripts/init.d/stunnel @@ -0,0 +1,39 @@ +#!/bin/sh +######################################################################## +# Begin $rc_base/init.d/stunnel +# +# Description : Provides an SSL encryption wrapper. +# +######################################################################## + +. /etc/sysconfig/rc +. ${rc_functions} + +case "$1" in + start) + boot_mesg "Starting the Stunnel Daemon..." + loadproc /usr/bin/stunnel + ;; + + stop) + boot_mesg "Stopping the Stunnel Daemon..." + killproc /usr/bin/stunnel + ;; + + restart) + $0 stop + sleep 1 + $0 start + ;; + + status) + statusproc /usr/bin/stunnel + ;; + + *) + echo "Usage: $0 {start|stop|restart|status}" + exit 1 + ;; +esac + +# End $rc_base/init.d/stunnel diff --git a/src/paks/stunnel/install.sh b/src/paks/stunnel/install.sh new file mode 100644 index 0000000..efd3a9f --- /dev/null +++ b/src/paks/stunnel/install.sh @@ -0,0 +1,37 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team info@ipfire.org. # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh + +# Create Username and group. +getent passwd stunnel >/dev/null || \ + useradd -u 51 -g stunnel -d /var/lib/stunnel -s /bin/false \ + -c "stunnel Daemon" stunnel + +extract_files +ln -svf ../init.d/stunnel /etc/rc.d/rc3.d/S65stunnel +ln -svf ../init.d/stunnel /etc/rc.d/rc0.d/K35stunnel +ln -svf ../init.d/stunnel /etc/rc.d/rc6.d/K35stunnel + +restore_backup ${NAME} +start_service --background ${NAME} diff --git a/src/paks/stunnel/uninstall.sh b/src/paks/stunnel/uninstall.sh new file mode 100644 index 0000000..11f46d1 --- /dev/null +++ b/src/paks/stunnel/uninstall.sh @@ -0,0 +1,28 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team info@ipfire.org. # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +stop_service ${NAME} +make_backup ${NAME} +remove_files +rm -rf /etc/rc.d/rc*.d/*stunnel diff --git a/src/paks/stunnel/update.sh b/src/paks/stunnel/update.sh new file mode 100644 index 0000000..89c40d0 --- /dev/null +++ b/src/paks/stunnel/update.sh @@ -0,0 +1,26 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team info@ipfire.org. # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +./uninstall.sh +./install.sh
hooks/post-receive -- IPFire 2.x development tree