36 lines
1.5 KiB
Bash
36 lines
1.5 KiB
Bash
# Template file for 'stunnel'
|
|
pkgname=stunnel
|
|
version=5.40
|
|
revision=1
|
|
build_style=gnu-configure
|
|
configure_args="--enable-ipv6 --with-ssl=${XBPS_CROSS_BASE}/usr"
|
|
hostmakedepends="perl"
|
|
makedepends="libressl-devel"
|
|
short_desc="SSL encryption wrapper"
|
|
maintainer="Toyam Cox <Vaelatern@gmail.com>"
|
|
license="GPL-2"
|
|
homepage="https://www.stunnel.org/"
|
|
distfiles="https://www.stunnel.org/downloads/archive/5.x/${pkgname}-${version}.tar.gz"
|
|
checksum=23acdb390326ffd507d90f8984ecc90e0d9993f6bd6eac1d0a642456565c45ff
|
|
|
|
post_install() {
|
|
rm ${DESTDIR}/usr/share/man/man8/stunnel.??.8
|
|
vsconf tools/stunnel.conf-sample
|
|
rm -r ${DESTDIR}/etc/stunnel ${DESTDIR}/usr/share/doc/stunnel
|
|
}
|
|
|
|
# REMARKS:
|
|
# What. A. Pain. What a total pain.
|
|
# Using the archive is the only way to get builds to keep working after the
|
|
# new version is out. LibreSSL patches for stunnel 5.35 don't yet work. Not
|
|
# enough is made conditional.
|
|
# Significant thanks to the OpenBSD project for creating patch sets for 5.37
|
|
# One thing OpenBSD does that we don't do here is add a _stunnel user/group and
|
|
# modify the configuration samples to chroot and use this by default.
|
|
# As of 5.38 the signature expected for the CRYPTO_set_mem_functions seems to
|
|
# be out of line with what libressl provides.
|
|
# LibreSSL wants 'void (*)(void *)' but argument is of type 'void (*)(void *, const char *, int)'
|
|
# This is probably not a security problem.
|
|
# As of 5.39_2 it is patched to avoid the function call if using LibreSSL,
|
|
# and a different call to SSL_CTX_sess_set_get_cb gets a const unsigned char
|
|
# * instead of an unsigned char *
|