[oe] [meta-oe][styhead][PATCH 26/90] stunnel: upgrade 5.72 -> 5.73

Tue, 05 Nov 2024 06:43:47 -0800 

From: Wang Mingyu <[email protected]>

fix-openssl-no-des.patch
refreshed for 5.73

Changelog:
===========
* Security bugfixes
  - OpenSSL DLLs updated to version 3.3.2.
  - OpenSSL FIPS Provider updated to version 3.0.9.
* Bugfixes
  - Fixed a memory leak while reloading stunnel.conf
    sections with "client=yes" and "delay=no".
  - Fixed TIMEOUTocsp with values greater than 4.
  - Fix the IPv6 test on a non-IPv6 machine.
* Features
  - HELO replaced with EHLO in the post-STARTTLS SMTP
    protocol negotiation (thx to Peter Pentchev).
  - OCSP stapling fetches moved away from server threads.
  - Improved client-side session resumption.
  - Added support for the mimalloc allocator.
  - Check for protocolHost moved to configuration file
    processing for the client-side CONNECT protocol.
  - Clarified some confusing OpenSSL's certificate
    verification error messages.
  - stunnel.nsi updated for Debian 13 and Fedora.
  - Improved NetBSD compatibility.

Signed-off-by: Wang Mingyu <[email protected]>
Signed-off-by: Khem Raj <[email protected]>
Signed-off-by: Armin Kuster <[email protected]>
---
 .../stunnel/stunnel/fix-openssl-no-des.patch  | 19 ++++++++-----------
 .../{stunnel_5.72.bb => stunnel_5.73.bb}      |  2 +-
 2 files changed, 9 insertions(+), 12 deletions(-)
 rename meta-networking/recipes-support/stunnel/{stunnel_5.72.bb => 
stunnel_5.73.bb} (93%)

diff --git 
a/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch 
b/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch
index 82d3551019..8c4ca55fbb 100644
--- a/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch
+++ b/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch
@@ -1,4 +1,4 @@
-From 7ff4eba20b5c4fc7365e5ee0dfb775ed29bdd5ce Mon Sep 17 00:00:00 2001
+From c815368a3e41dd3f639eb8fd82d21bc0bab55d1e Mon Sep 17 00:00:00 2001
 From: Kai Kang <[email protected]>
 Date: Wed, 1 Nov 2017 09:23:41 -0400
 Subject: [PATCH] stunnel: fix compile error when openssl disable des support
@@ -17,10 +17,10 @@ Signed-off-by: Kai Kang <[email protected]>
  2 files changed, 5 insertions(+), 3 deletions(-)
 
 diff --git a/src/common.h b/src/common.h
-index 2b4869f..180d31a 100644
+index f112cf9..8d4be01 100644
 --- a/src/common.h
 +++ b/src/common.h
-@@ -492,7 +492,9 @@ extern char *sys_errlist[];
+@@ -496,7 +496,9 @@ extern char *sys_errlist[];
  #ifndef OPENSSL_NO_MD4
  #include <openssl/md4.h>
  #endif /* !defined(OPENSSL_NO_MD4) */
@@ -31,19 +31,19 @@ index 2b4869f..180d31a 100644
  #include <openssl/dh.h>
  #if OPENSSL_VERSION_NUMBER<0x10100000L
 diff --git a/src/protocol.c b/src/protocol.c
-index cfe6d3b..3936aea 100644
+index c8c65ea..b071b06 100644
 --- a/src/protocol.c
 +++ b/src/protocol.c
-@@ -81,7 +81,7 @@ NOEXPORT void ldap_client_middle(CLI *);
- 
+@@ -82,7 +82,7 @@ NOEXPORT void ldap_client_middle(CLI *);
  NOEXPORT void connect_server_early(CLI *);
+ NOEXPORT const char *connect_client_init(SERVICE_OPTIONS *);
  NOEXPORT void connect_client_middle(CLI *);
 -#ifndef OPENSSL_NO_MD4
 +#if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_DES)
  NOEXPORT void ntlm(CLI *);
  NOEXPORT char *ntlm1(void);
  NOEXPORT char *ntlm3(char *, char *, char *, char *);
-@@ -1331,7 +1331,7 @@ NOEXPORT void connect_client_middle(CLI *c) {
+@@ -1334,7 +1334,7 @@ NOEXPORT void connect_client_middle(CLI *c) {
      fd_printf(c, c->remote_fd.fd, "Host: %s", c->opt->protocol_host);
      if(c->opt->protocol_username && c->opt->protocol_password) {
          if(!strcasecmp(c->opt->protocol_authentication, "ntlm")) {
@@ -52,7 +52,7 @@ index cfe6d3b..3936aea 100644
              ntlm(c);
  #else
              s_log(LOG_ERR, "NTLM authentication is not available");
-@@ -1374,7 +1374,7 @@ NOEXPORT void connect_client_middle(CLI *c) {
+@@ -1377,7 +1377,7 @@ NOEXPORT void connect_client_middle(CLI *c) {
      str_free(line);
  }
  
@@ -61,6 +61,3 @@ index cfe6d3b..3936aea 100644
  
  /*
   * NTLM code is based on the following documentation:
--- 
-2.34.1
-
diff --git a/meta-networking/recipes-support/stunnel/stunnel_5.72.bb 
b/meta-networking/recipes-support/stunnel/stunnel_5.73.bb
similarity index 93%
rename from meta-networking/recipes-support/stunnel/stunnel_5.72.bb
rename to meta-networking/recipes-support/stunnel/stunnel_5.73.bb
index 6d21027a16..e13b7871ca 100644
--- a/meta-networking/recipes-support/stunnel/stunnel_5.72.bb
+++ b/meta-networking/recipes-support/stunnel/stunnel_5.73.bb
@@ -11,7 +11,7 @@ SRC_URI = "https://stunnel.org/archive/5.x/${BP}.tar.gz \
            file://fix-openssl-no-des.patch \
 "
 
-SRC_URI[sha256sum] = 
"3d532941281ae353319735144e4adb9ae489a10b7e309c58a48157f08f42e949"
+SRC_URI[sha256sum] = 
"bc917c3bcd943a4d632360c067977a31e85e385f5f4845f69749bce88183cb38"
 
 inherit autotools bash-completion pkgconfig
 
-- 
2.43.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#113444): 
https://lists.openembedded.org/g/openembedded-devel/message/113444
Mute This Topic: https://lists.openembedded.org/mt/109406554/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to