Hello community,
here is the log from the commit of package stunnel for openSUSE:Factory checked
in at 2018-11-12 09:44:59
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/stunnel (Old)
and /work/SRC/openSUSE:Factory/.stunnel.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "stunnel"
Mon Nov 12 09:44:59 2018 rev:13 rq:648234 version:5.49
Changes:
--------
--- /work/SRC/openSUSE:Factory/stunnel/stunnel.changes 2018-02-07
18:42:23.509433948 +0100
+++ /work/SRC/openSUSE:Factory/.stunnel.new/stunnel.changes 2018-11-12
09:45:34.220814434 +0100
@@ -1,0 +2,56 @@
+Sun Nov 11 11:08:22 UTC 2018 - o...@botter.cc
+
+- disabled checks; checks depend on ncat and network accessibility
+
+-------------------------------------------------------------------
+Sun Nov 11 09:15:49 UTC 2018 - o...@botter.cc
+
+- update to version 5.49
+ * Logging of negotiated or resumed TLS session IDs (thx to ANSSI - National
Cybersecurity Agency of France).
+ * Merged Debian 10-enabled.patch and 11-killproc.patch (thx to Peter
Pentchev).
+ * OpenSSL DLLs updated to version 1.0.2p.
+ * PKCS#11 engine DLL updated to version 0.4.9.
+ * Fixed a crash in the session persistence implementation.
+ * Fixed syslog identifier after configuration file reload.
+ * Fixed non-interactive "make check" invocations.
+ * Fixed reloading syslog configuration.
+ * stunnel.pem created with SHA-256 instead of SHA-1.
+ * SHA-256 "make check" certificates.
+
+- includes new version 5.48
+ * Fixed requesting client certificate when specified as a global option.
+ * Certificate subject checks modified to accept certificates if at least one
of the specified checks matches.
+
+- includes new version 5.47
+ * Fast add_lock_callback for OpenSSL < 1.1.0. This largely improves
performance on heavy load.
+ * Automatic detection of Homebrew OpenSSL.
+ * Clarified port binding error logs.
+ * Various "make test" improvements.
+ * Fixed a crash on switching to SNI slave sections.
+
+- includes new version 5.46
+ * The default cipher list was updated to a safer value:
"HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK".
+ * Default accept address restored to INADDR_ANY.
+
+- includes new version 5.45
+ * Implemented delayed deallocation of service sections after configuration
file reload.
+ * OpenSSL DLLs updated to version 1.0.2o.
+ * Deprecated the sslVersion option.
+ * The "socket" option is now also available in service sections.
+ * Implemented try-restart in the SysV init script (thx to Peter Pentchev).
+ * TLS 1.3 compliant session handling for OpenSSL 1.1.1.
+ * Default "failover" value changed from "rr" to "prio".
+ * New "make check" tests.
+ * A service no longer refuses to start if binding fails for some (but not
all) addresses:ports.
+ * Fixed compression handling with OpenSSL 1.1.0 and later.
+ * _beginthread() replaced with safer _beginthreadex().
+ * Fixed exception handling in libwrap.
+ * Fixed exec+connect services.
+ * Fixed automatic resolver delaying.
+ * Fixed a Gentoo cross-compilation bug (thx to Joe Harvell).
+ * A number of "make check" framework fixes.
+ * Fixed false postive memory leak logs.
+ * Build fixes for OpenSSL versions down to 0.9.7.
+ * Fixed (again) round-robin failover in the FORK threading model.
+
+-------------------------------------------------------------------
Old:
----
stunnel-5.44.tar.gz
stunnel-5.44.tar.gz.asc
New:
----
stunnel-5.49.tar.gz
stunnel-5.49.tar.gz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ stunnel.spec ++++++
--- /var/tmp/diff_new_pack.UUwq2J/_old 2018-11-12 09:45:35.124813061 +0100
+++ /var/tmp/diff_new_pack.UUwq2J/_new 2018-11-12 09:45:35.128813054 +0100
@@ -38,10 +38,10 @@
%define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif
Name: stunnel
-Version: 5.44
+Version: 5.49
Release: 0
Summary: Universal SSL Tunnel
-License: GPL-2.0+
+License: GPL-2.0-or-later
Group: Productivity/Networking/Security
Url: http://www.stunnel.org/
Source: https://www.stunnel.org/downloads/%{name}-%{version}.tar.gz
@@ -100,8 +100,9 @@
--bindir=%{_sbindir}
make %{?_smp_mflags} LDADD="-pie -Wl,-z,defs,-z,relro"
-%check
-make %{?_smp_mflags} check
+# connot do checks with 5.49, checks depend on ncat and network interaction
+#%check
+#make %{?_smp_mflags} check
%install
%if 0%{?suse_version} >= 1210
++++++ stunnel-5.44.tar.gz -> stunnel-5.49.tar.gz ++++++
++++ 13498 lines of diff (skipped)
++++++ stunnel-listenqueue-option.patch ++++++
--- /var/tmp/diff_new_pack.UUwq2J/_old 2018-11-12 09:45:35.296812799 +0100
+++ /var/tmp/diff_new_pack.UUwq2J/_new 2018-11-12 09:45:35.296812799 +0100
@@ -1,16 +1,16 @@
-diff -ruN a/src/options.c b/src/options.c
---- a/src/options.c 2018-01-23 19:23:27.813960936 -0500
-+++ b/src/options.c 2018-01-23 19:28:05.463119114 -0500
-@@ -2997,8 +2997,6 @@
- switch(cmd) {
+diff -Naur a/src/options.c b/src/options.c
+--- a/src/options.c 2018-08-19 09:10:47.000000000 +0200
++++ b/src/options.c 2018-11-11 10:47:33.343794306 +0100
+@@ -3373,8 +3373,6 @@
case CMD_BEGIN:
+ section->ref=1;
break;
- case CMD_EXEC:
- return option_not_found;
case CMD_END:
if(new_service_options.next) { /* daemon mode checks */
if(endpoints!=2)
-@@ -3019,6 +3017,25 @@
+@@ -3411,6 +3409,25 @@
break;
}
@@ -36,21 +36,21 @@
return NULL; /* OK */
}
-diff -ruN a/src/prototypes.h b/src/prototypes.h
---- a/src/prototypes.h 2018-01-23 19:23:27.813960936 -0500
-+++ b/src/prototypes.h 2018-01-23 19:28:45.854124040 -0500
-@@ -251,6 +251,7 @@
+diff -Naur a/src/prototypes.h b/src/prototypes.h
+--- a/src/prototypes.h 2018-08-19 09:10:47.000000000 +0200
++++ b/src/prototypes.h 2018-11-11 10:47:33.347794278 +0100
+@@ -257,6 +257,7 @@
int timeout_close; /* maximum close_notify time
*/
int timeout_connect; /* maximum connect() time
*/
int timeout_idle; /* maximum idle connection time
*/
+ int listenqueue; /* Listen backlog
*/
enum {FAILOVER_RR, FAILOVER_PRIO} failover; /* failover strategy
*/
- unsigned seq; /* sequential number for round-robin failover
*/
+ unsigned rr; /* per-service sequential number for round-robin failover
*/
char *username;
-diff -ruN a/src/stunnel.c b/src/stunnel.c
---- a/src/stunnel.c 2018-01-23 19:23:27.813960936 -0500
-+++ b/src/stunnel.c 2018-01-23 19:29:26.365126071 -0500
-@@ -526,7 +526,7 @@
+diff -Naur a/src/stunnel.c b/src/stunnel.c
+--- a/src/stunnel.c 2018-08-25 09:15:03.000000000 +0200
++++ b/src/stunnel.c 2018-11-11 10:47:33.347794278 +0100
+@@ -572,7 +572,7 @@
closesocket(fd);
return INVALID_SOCKET;
}
