r8773 - in trunk/BOOK: . introduction/welcome postlfs/security

randy at linuxfromscratch.org randy at linuxfromscratch.org
Tue Jan 4 09:22:41 PST 2011


Author: randy
Date: 2011-01-04 10:22:36 -0700 (Tue, 04 Jan 2011)
New Revision: 8773

Modified:
   trunk/BOOK/general.ent
   trunk/BOOK/introduction/welcome/changelog.xml
   trunk/BOOK/postlfs/security/stunnel.xml
Log:
Updated to Stunnel-4.34

Modified: trunk/BOOK/general.ent
===================================================================
--- trunk/BOOK/general.ent	2011-01-04 16:40:08 UTC (rev 8772)
+++ trunk/BOOK/general.ent	2011-01-04 17:22:36 UTC (rev 8773)
@@ -106,7 +106,7 @@
 <!ENTITY heimdal-version              "1.4">
 <!ENTITY mitkrb-version               "1.6">
 <!ENTITY cyrus-sasl-version           "2.1.23">
-<!ENTITY stunnel-version              "4.21">
+<!ENTITY stunnel-version              "4.34">
 <!ENTITY sudo-version                 "1.7.4p4">
 <!ENTITY nss-version                  "3.12.8">
 <!ENTITY policykit-version            "0.9">

Modified: trunk/BOOK/introduction/welcome/changelog.xml
===================================================================
--- trunk/BOOK/introduction/welcome/changelog.xml	2011-01-04 16:40:08 UTC (rev 8772)
+++ trunk/BOOK/introduction/welcome/changelog.xml	2011-01-04 17:22:36 UTC (rev 8773)
@@ -45,6 +45,9 @@
       <para>January 4th, 2011</para>
       <itemizedlist>
         <listitem>
+          <para>[randy] - Updated to Stunnel-4.34.</para>
+        </listitem>
+        <listitem>
           <para>[randy] - Removed the obsolete G-Wrap package.</para>
         </listitem>
         <listitem>

Modified: trunk/BOOK/postlfs/security/stunnel.xml
===================================================================
--- trunk/BOOK/postlfs/security/stunnel.xml	2011-01-04 16:40:08 UTC (rev 8772)
+++ trunk/BOOK/postlfs/security/stunnel.xml	2011-01-04 17:22:36 UTC (rev 8773)
@@ -6,8 +6,8 @@
 
   <!ENTITY stunnel-download-http "http://www.stunnel.org/download/stunnel/src/stunnel-&stunnel-version;.tar.gz">
   <!ENTITY stunnel-download-ftp  "ftp://stunnel.mirt.net/stunnel/stunnel-&stunnel-version;.tar.gz">
-  <!ENTITY stunnel-md5sum        "1eaec5228979beca4d548f453304e311">
-  <!ENTITY stunnel-size          "528 KB">
+  <!ENTITY stunnel-md5sum        "bbd274e8364ea3ceca0ee5190e13edd1">
+  <!ENTITY stunnel-size          "526 KB">
   <!ENTITY stunnel-buildsize     "5 MB">
   <!ENTITY stunnel-time          "0.1 SBU">
 ]>
@@ -60,13 +60,13 @@
       </listitem>
     </itemizedlist>
 
-    <bridgehead renderas="sect3">Additional Downloads</bridgehead>
+    <!-- <bridgehead renderas="sect3">Additional Downloads</bridgehead>
     <itemizedlist spacing="compact">
       <listitem>
         <para>Required patch: <ulink
         url="&patch-root;/stunnel-&stunnel-version;-setuid-1.patch"/></para>
       </listitem>
-    </itemizedlist>
+    </itemizedlist> -->
 
     <bridgehead renderas="sect3">Stunnel Dependencies</bridgehead>
 
@@ -104,25 +104,24 @@
       <filename class='extension'>.pem</filename> file must be formatted as
       shown below:</para>
 
-<screen><literal>-----BEGIN RSA PRIVATE KEY-----
-<replaceable><many encrypted lines of unencrypted key></replaceable>
------END RSA PRIVATE KEY-----
+<screen><literal>-----BEGIN PRIVATE KEY-----
+<replaceable><many encrypted lines of private key></replaceable>
+-----END PRIVATE KEY-----
 -----BEGIN CERTIFICATE-----
 <replaceable><many encrypted lines of certificate></replaceable>
------END CERTIFICATE-----</literal></screen>
+-----END CERTIFICATE-----
+-----BEGIN DH PARAMETERS-----
+<replaceable><encrypted lines of dh parms></replaceable>
+-----END DH PARAMETERS-----</literal></screen>
     </note>
 
     <para>Install <application>Stunnel</application> by running the following
     commands:</para>
 
-<screen><userinput>patch -Np1 -i ../stunnel-&stunnel-version;-setuid-1.patch &&
-
-sed -i 's|nogroup|stunnel|g' configure &&
-sed -i 's|$(prefix)/var/lib|$(localstatedir)|' tools/Makefile.in &&
-
+<screen><userinput>sed -i 's|nogroup|stunnel|g' configure &&
 ./configure --prefix=/usr \
             --sysconfdir=/etc \
-            --localstatedir=/var/lib \
+            --localstatedir=/var \
             --disable-libwrap &&
 make</userinput></screen>
 
@@ -143,16 +142,11 @@
     <systemitem class="groupname">nogroup</systemitem> to
     <systemitem class="groupname">stunnel</systemitem>.</para>
 
-    <para><command>sed -i '...' tools/Makefile.in</command>: This command
-    ensures that the chroot jail will be located in
-    <filename class='directory'>/var/lib/stunnel</filename> instead of
-    <filename class='directory'>/usr/var/lib/stunnel</filename>.</para>
-
     <para><parameter>--sysconfdir=/etc</parameter>: This parameter forces
     the configuration directory to <filename class='directory'>/etc</filename>
     instead of <filename class='directory'>/usr/etc</filename>.</para>
 
-    <para><parameter>--localstatedir=/var/lib</parameter>: This parameter
+    <para><parameter>--localstatedir=/var</parameter>: This parameter
     sets the installation to use
     <filename class='directory'>/var/lib/stunnel</filename> instead of
     creating and using
@@ -211,7 +205,8 @@
 chroot = /var/lib/stunnel
 client = no
 setuid = stunnel
-setgid = stunnel</literal>
+setgid = stunnel
+cert   = /etc/stunnel/stunnel.pem</literal>
 
 EOF
 chmod -v 644 /etc/stunnel/stunnel.conf</userinput></screen>




More information about the blfs-book mailing list