Merge remote-tracking branch 'ms/stunnel-addon'

2026-04-26 19:00:34 +02:00 · 2014-04-30 15:02:51 +02:00
parent 6be2813368 d2d7a46b1e
commit abe7ef8936
12 changed files with 298 additions and 0 deletions
--- a/config/backup/includes/stunnel
+++ b/config/backup/includes/stunnel
@@ -0,0 +1 @@
+/etc/stunnel/
--- a/config/etc/passwd
+++ b/config/etc/passwd
@@ -8,6 +8,7 @@ mysql:x:41:41:MySQL Server:/dev/null:/bin/false
 ftp:x:45:45:anonymous_user:/home/ftp:/bin/false
 vsftpd:x:47:47:vsftpd User:/home/ftp:/bin/false
 rsyncd:x:48:48:rsyncd Daemon:/home/rsync:/bin/false
+stunnel:x:51:51:stunnel Daemon:/var/lib/stunnel:/bin/false
 sshd:x:74:74:sshd:/var/empty:/bin/false
 nobody:x:99:99:Nobody:/home/nobody:/bin/false
 postfix:x:100:100::/var/spool/postfix:/bin/false
--- a/config/rootfiles/common/armv5tel/initscripts
+++ b/config/rootfiles/common/armv5tel/initscripts
@@ -115,6 +115,7 @@ etc/rc.d/init.d/squid
 etc/rc.d/init.d/sshd
 #etc/rc.d/init.d/sslh
 etc/rc.d/init.d/static-routes
+#etc/rc.d/init.d/stunnel
 etc/rc.d/init.d/swap
 etc/rc.d/init.d/sysctl
 etc/rc.d/init.d/sysklogd
--- a/config/rootfiles/common/i586/initscripts
+++ b/config/rootfiles/common/i586/initscripts
@@ -117,6 +117,7 @@ etc/rc.d/init.d/squid
 etc/rc.d/init.d/sshd
 #etc/rc.d/init.d/sslh
 etc/rc.d/init.d/static-routes
+#etc/rc.d/init.d/stunnel
 etc/rc.d/init.d/swap
 etc/rc.d/init.d/sysctl
 etc/rc.d/init.d/sysklogd
--- a/config/rootfiles/packages/stunnel
+++ b/config/rootfiles/packages/stunnel
@@ -0,0 +1,41 @@
+etc/rc.d/init.d/stunnel
+etc/stunnel
+etc/stunnel/stunnel.conf
+#etc/stunnel/stunnel.conf-sample
+usr/bin/stunnel
+#usr/bin/stunnel3
+#usr/lib/stunnel
+#usr/lib/stunnel/libstunnel.la
+usr/lib/stunnel/libstunnel.so
+#usr/share/doc/stunnel
+#usr/share/doc/stunnel/AUTHORS
+#usr/share/doc/stunnel/BUGS
+#usr/share/doc/stunnel/COPYING
+#usr/share/doc/stunnel/COPYRIGHT.GPL
+#usr/share/doc/stunnel/CREDITS
+#usr/share/doc/stunnel/ChangeLog
+#usr/share/doc/stunnel/INSTALL
+#usr/share/doc/stunnel/INSTALL.FIPS
+#usr/share/doc/stunnel/INSTALL.W32
+#usr/share/doc/stunnel/INSTALL.WCE
+#usr/share/doc/stunnel/PORTS
+#usr/share/doc/stunnel/README
+#usr/share/doc/stunnel/TODO
+#usr/share/doc/stunnel/examples
+#usr/share/doc/stunnel/examples/ca.html
+#usr/share/doc/stunnel/examples/ca.pl
+#usr/share/doc/stunnel/examples/importCA.html
+#usr/share/doc/stunnel/examples/importCA.sh
+#usr/share/doc/stunnel/examples/script.sh
+#usr/share/doc/stunnel/examples/stunnel.init
+#usr/share/doc/stunnel/examples/stunnel.service
+#usr/share/doc/stunnel/examples/stunnel.spec
+#usr/share/doc/stunnel/stunnel.fr.html
+#usr/share/doc/stunnel/stunnel.html
+#usr/share/doc/stunnel/stunnel.pl.html
+#usr/share/man/man8/stunnel.8
+#usr/share/man/man8/stunnel.fr.8
+#usr/share/man/man8/stunnel.pl.8
+var/ipfire/backup/addons/includes/stunnel
+var/lib/stunnel
+var/lib/stunnel/run
--- a/config/stunnel/stunnel.conf
+++ b/config/stunnel/stunnel.conf
@@ -0,0 +1,21 @@
+; File: /etc/stunnel/stunnel.conf
+
+; Note: The pid and output locations are relative to the chroot location.
+
+pid    = /run/stunnel.pid
+chroot = /var/lib/stunnel
+client = no
+setuid = stunnel
+setgid = stunnel
+cert   = /etc/stunnel/stunnel.pem
+
+;debug = 7
+;output = stunnel.log
+
+;[https]
+;accept  = 443
+;connect = 80
+;; "TIMEOUTclose = 0" is a workaround for a design flaw in Microsoft SSL
+;; Microsoft implementations do not use SSL close-notify alert and thus
+;; they are vulnerable to truncation attacks
+;TIMEOUTclose = 0