Hello community, here is the log from the commit of package stunnel for openSUSE:Factory checked in at 2018-11-12 09:44:59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/stunnel (Old) and /work/SRC/openSUSE:Factory/.stunnel.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "stunnel" Mon Nov 12 09:44:59 2018 rev:13 rq:648234 version:5.49 Changes: -------- --- /work/SRC/openSUSE:Factory/stunnel/stunnel.changes 2018-02-07 18:42:23.509433948 +0100 +++ /work/SRC/openSUSE:Factory/.stunnel.new/stunnel.changes 2018-11-12 09:45:34.220814434 +0100 @@ -1,0 +2,56 @@ +Sun Nov 11 11:08:22 UTC 2018 - o...@botter.cc + +- disabled checks; checks depend on ncat and network accessibility + +------------------------------------------------------------------- +Sun Nov 11 09:15:49 UTC 2018 - o...@botter.cc + +- update to version 5.49 + * Logging of negotiated or resumed TLS session IDs (thx to ANSSI - National Cybersecurity Agency of France). + * Merged Debian 10-enabled.patch and 11-killproc.patch (thx to Peter Pentchev). + * OpenSSL DLLs updated to version 1.0.2p. + * PKCS#11 engine DLL updated to version 0.4.9. + * Fixed a crash in the session persistence implementation. + * Fixed syslog identifier after configuration file reload. + * Fixed non-interactive "make check" invocations. + * Fixed reloading syslog configuration. + * stunnel.pem created with SHA-256 instead of SHA-1. + * SHA-256 "make check" certificates. + +- includes new version 5.48 + * Fixed requesting client certificate when specified as a global option. + * Certificate subject checks modified to accept certificates if at least one of the specified checks matches. + +- includes new version 5.47 + * Fast add_lock_callback for OpenSSL < 1.1.0. This largely improves performance on heavy load. + * Automatic detection of Homebrew OpenSSL. + * Clarified port binding error logs. + * Various "make test" improvements. + * Fixed a crash on switching to SNI slave sections. + +- includes new version 5.46 + * The default cipher list was updated to a safer value: "HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK". + * Default accept address restored to INADDR_ANY. + +- includes new version 5.45 + * Implemented delayed deallocation of service sections after configuration file reload. + * OpenSSL DLLs updated to version 1.0.2o. + * Deprecated the sslVersion option. + * The "socket" option is now also available in service sections. + * Implemented try-restart in the SysV init script (thx to Peter Pentchev). + * TLS 1.3 compliant session handling for OpenSSL 1.1.1. + * Default "failover" value changed from "rr" to "prio". + * New "make check" tests. + * A service no longer refuses to start if binding fails for some (but not all) addresses:ports. + * Fixed compression handling with OpenSSL 1.1.0 and later. + * _beginthread() replaced with safer _beginthreadex(). + * Fixed exception handling in libwrap. + * Fixed exec+connect services. + * Fixed automatic resolver delaying. + * Fixed a Gentoo cross-compilation bug (thx to Joe Harvell). + * A number of "make check" framework fixes. + * Fixed false postive memory leak logs. + * Build fixes for OpenSSL versions down to 0.9.7. + * Fixed (again) round-robin failover in the FORK threading model. + +------------------------------------------------------------------- Old: ---- stunnel-5.44.tar.gz stunnel-5.44.tar.gz.asc New: ---- stunnel-5.49.tar.gz stunnel-5.49.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ stunnel.spec ++++++ --- /var/tmp/diff_new_pack.UUwq2J/_old 2018-11-12 09:45:35.124813061 +0100 +++ /var/tmp/diff_new_pack.UUwq2J/_new 2018-11-12 09:45:35.128813054 +0100 @@ -38,10 +38,10 @@ %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: stunnel -Version: 5.44 +Version: 5.49 Release: 0 Summary: Universal SSL Tunnel -License: GPL-2.0+ +License: GPL-2.0-or-later Group: Productivity/Networking/Security Url: http://www.stunnel.org/ Source: https://www.stunnel.org/downloads/%{name}-%{version}.tar.gz @@ -100,8 +100,9 @@ --bindir=%{_sbindir} make %{?_smp_mflags} LDADD="-pie -Wl,-z,defs,-z,relro" -%check -make %{?_smp_mflags} check +# connot do checks with 5.49, checks depend on ncat and network interaction +#%check +#make %{?_smp_mflags} check %install %if 0%{?suse_version} >= 1210 ++++++ stunnel-5.44.tar.gz -> stunnel-5.49.tar.gz ++++++ ++++ 13498 lines of diff (skipped) ++++++ stunnel-listenqueue-option.patch ++++++ --- /var/tmp/diff_new_pack.UUwq2J/_old 2018-11-12 09:45:35.296812799 +0100 +++ /var/tmp/diff_new_pack.UUwq2J/_new 2018-11-12 09:45:35.296812799 +0100 @@ -1,16 +1,16 @@ -diff -ruN a/src/options.c b/src/options.c ---- a/src/options.c 2018-01-23 19:23:27.813960936 -0500 -+++ b/src/options.c 2018-01-23 19:28:05.463119114 -0500 -@@ -2997,8 +2997,6 @@ - switch(cmd) { +diff -Naur a/src/options.c b/src/options.c +--- a/src/options.c 2018-08-19 09:10:47.000000000 +0200 ++++ b/src/options.c 2018-11-11 10:47:33.343794306 +0100 +@@ -3373,8 +3373,6 @@ case CMD_BEGIN: + section->ref=1; break; - case CMD_EXEC: - return option_not_found; case CMD_END: if(new_service_options.next) { /* daemon mode checks */ if(endpoints!=2) -@@ -3019,6 +3017,25 @@ +@@ -3411,6 +3409,25 @@ break; } @@ -36,21 +36,21 @@ return NULL; /* OK */ } -diff -ruN a/src/prototypes.h b/src/prototypes.h ---- a/src/prototypes.h 2018-01-23 19:23:27.813960936 -0500 -+++ b/src/prototypes.h 2018-01-23 19:28:45.854124040 -0500 -@@ -251,6 +251,7 @@ +diff -Naur a/src/prototypes.h b/src/prototypes.h +--- a/src/prototypes.h 2018-08-19 09:10:47.000000000 +0200 ++++ b/src/prototypes.h 2018-11-11 10:47:33.347794278 +0100 +@@ -257,6 +257,7 @@ int timeout_close; /* maximum close_notify time */ int timeout_connect; /* maximum connect() time */ int timeout_idle; /* maximum idle connection time */ + int listenqueue; /* Listen backlog */ enum {FAILOVER_RR, FAILOVER_PRIO} failover; /* failover strategy */ - unsigned seq; /* sequential number for round-robin failover */ + unsigned rr; /* per-service sequential number for round-robin failover */ char *username; -diff -ruN a/src/stunnel.c b/src/stunnel.c ---- a/src/stunnel.c 2018-01-23 19:23:27.813960936 -0500 -+++ b/src/stunnel.c 2018-01-23 19:29:26.365126071 -0500 -@@ -526,7 +526,7 @@ +diff -Naur a/src/stunnel.c b/src/stunnel.c +--- a/src/stunnel.c 2018-08-25 09:15:03.000000000 +0200 ++++ b/src/stunnel.c 2018-11-11 10:47:33.347794278 +0100 +@@ -572,7 +572,7 @@ closesocket(fd); return INVALID_SOCKET; }