webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-28 03:33:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'ms/stunnel-addon'

Browse Source
This commit is contained in:
Michael Tremer
2014-04-30 15:02:51 +02:00
parent 6be2813368 d2d7a46b1e
commit abe7ef8936
12 changed files with 298 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
config/backup/includes/stunnel Normal file
View File

@@ -0,0 +1 @@
/etc/stunnel/

1
config/etc/passwd
View File

@@ -8,6 +8,7 @@ mysql:x:41:41:MySQL Server:/dev/null:/bin/false
ftp:x:45:45:anonymous_user:/home/ftp:/bin/false ftp:x:45:45:anonymous_user:/home/ftp:/bin/false
vsftpd:x:47:47:vsftpd User:/home/ftp:/bin/false vsftpd:x:47:47:vsftpd User:/home/ftp:/bin/false
rsyncd:x:48:48:rsyncd Daemon:/home/rsync:/bin/false rsyncd:x:48:48:rsyncd Daemon:/home/rsync:/bin/false
stunnel:x:51:51:stunnel Daemon:/var/lib/stunnel:/bin/false
sshd:x:74:74:sshd:/var/empty:/bin/false sshd:x:74:74:sshd:/var/empty:/bin/false
nobody:x:99:99:Nobody:/home/nobody:/bin/false nobody:x:99:99:Nobody:/home/nobody:/bin/false
postfix:x:100:100::/var/spool/postfix:/bin/false postfix:x:100:100::/var/spool/postfix:/bin/false

1
config/rootfiles/common/armv5tel/initscripts
View File

@@ -115,6 +115,7 @@ etc/rc.d/init.d/squid
etc/rc.d/init.d/sshd etc/rc.d/init.d/sshd
#etc/rc.d/init.d/sslh #etc/rc.d/init.d/sslh
etc/rc.d/init.d/static-routes etc/rc.d/init.d/static-routes
#etc/rc.d/init.d/stunnel
etc/rc.d/init.d/swap etc/rc.d/init.d/swap
etc/rc.d/init.d/sysctl etc/rc.d/init.d/sysctl
etc/rc.d/init.d/sysklogd etc/rc.d/init.d/sysklogd

1
config/rootfiles/common/i586/initscripts
View File

@@ -117,6 +117,7 @@ etc/rc.d/init.d/squid
etc/rc.d/init.d/sshd etc/rc.d/init.d/sshd
#etc/rc.d/init.d/sslh #etc/rc.d/init.d/sslh
etc/rc.d/init.d/static-routes etc/rc.d/init.d/static-routes
#etc/rc.d/init.d/stunnel
etc/rc.d/init.d/swap etc/rc.d/init.d/swap
etc/rc.d/init.d/sysctl etc/rc.d/init.d/sysctl
etc/rc.d/init.d/sysklogd etc/rc.d/init.d/sysklogd

41
config/rootfiles/packages/stunnel Normal file
View File

@@ -0,0 +1,41 @@
etc/rc.d/init.d/stunnel
etc/stunnel
etc/stunnel/stunnel.conf
#etc/stunnel/stunnel.conf-sample
usr/bin/stunnel
#usr/bin/stunnel3
#usr/lib/stunnel
#usr/lib/stunnel/libstunnel.la
usr/lib/stunnel/libstunnel.so
#usr/share/doc/stunnel
#usr/share/doc/stunnel/AUTHORS
#usr/share/doc/stunnel/BUGS
#usr/share/doc/stunnel/COPYING
#usr/share/doc/stunnel/COPYRIGHT.GPL
#usr/share/doc/stunnel/CREDITS
#usr/share/doc/stunnel/ChangeLog
#usr/share/doc/stunnel/INSTALL
#usr/share/doc/stunnel/INSTALL.FIPS
#usr/share/doc/stunnel/INSTALL.W32
#usr/share/doc/stunnel/INSTALL.WCE
#usr/share/doc/stunnel/PORTS
#usr/share/doc/stunnel/README
#usr/share/doc/stunnel/TODO
#usr/share/doc/stunnel/examples
#usr/share/doc/stunnel/examples/ca.html
#usr/share/doc/stunnel/examples/ca.pl
#usr/share/doc/stunnel/examples/importCA.html
#usr/share/doc/stunnel/examples/importCA.sh
#usr/share/doc/stunnel/examples/script.sh
#usr/share/doc/stunnel/examples/stunnel.init
#usr/share/doc/stunnel/examples/stunnel.service
#usr/share/doc/stunnel/examples/stunnel.spec
#usr/share/doc/stunnel/stunnel.fr.html
#usr/share/doc/stunnel/stunnel.html
#usr/share/doc/stunnel/stunnel.pl.html
#usr/share/man/man8/stunnel.8
#usr/share/man/man8/stunnel.fr.8
#usr/share/man/man8/stunnel.pl.8
var/ipfire/backup/addons/includes/stunnel
var/lib/stunnel
var/lib/stunnel/run

21
config/stunnel/stunnel.conf Normal file
View File

@@ -0,0 +1,21 @@
; File: /etc/stunnel/stunnel.conf
; Note: The pid and output locations are relative to the chroot location.
pid = /run/stunnel.pid
chroot = /var/lib/stunnel
client = no
setuid = stunnel
setgid = stunnel
cert = /etc/stunnel/stunnel.pem
;debug = 7
;output = stunnel.log
;[https]
;accept = 443
;connect = 80
;; "TIMEOUTclose = 0" is a workaround for a design flaw in Microsoft SSL
;; Microsoft implementations do not use SSL close-notify alert and thus
;; they are vulnerable to truncation attacks
;TIMEOUTclose = 0

101
lfs/stunnel Normal file
View File

@@ -0,0 +1,101 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation, either version 3 of the License, or #
# (at your option) any later version. #
# #
# This program is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with this program. If not, see <http://www.gnu.org/licenses/>. #
# #
###############################################################################
###############################################################################
# Definitions
###############################################################################
include Config
VER = 5.01
THISAPP = stunnel-$(VER)
DL_FILE = $(THISAPP).tar.gz
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = stunnel
PAK_VER = 1
DEPS = ""
###############################################################################
# Top-level Rules
###############################################################################
objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = 7b63266b6fa05da696729e245100da65
install : $(TARGET)
check : $(patsubst %,$(DIR_CHK)/%,$(objects))
download :$(patsubst %,$(DIR_DL)/%,$(objects))
md5 : $(subst %,%_MD5,$(objects))
dist:
@$(PAK)
###############################################################################
# Downloading, checking, md5sum
###############################################################################
$(patsubst %,$(DIR_CHK)/%,$(objects)) :
@$(CHECK)
$(patsubst %,$(DIR_DL)/%,$(objects)) :
@$(LOAD)
$(subst %,%_MD5,$(objects)) :
@$(MD5)
###############################################################################
# Installation Details
###############################################################################
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && ./configure \
--prefix=/usr \
--sysconfdir=/etc \
--localstatedir=/var
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
# Create secure directory
install -v -m750 -o stunnel -g stunnel -d /var/lib/stunnel/run
chown -v stunnel:stunnel /var/lib/stunnel
# Install default configuration
-mkdir -pv /etc/stunnel
install -v -m 644 $(DIR_SRC)/config/stunnel/stunnel.conf \
/etc/stunnel
# Install backup include
install -v -m 644 $(DIR_SRC)/config/backup/includes/stunnel \
/var/ipfire/backup/addons/includes
@rm -rf $(DIR_APP)
@$(POSTBUILD)

1
make.sh
View File

@@ -798,6 +798,7 @@ buildipfire() {
ipfiremake wavemon ipfiremake wavemon
ipfiremake iptraf-ng ipfiremake iptraf-ng
ipfiremake iotop ipfiremake iotop
ipfiremake stunnel
} }
buildinstaller() { buildinstaller() {

39
src/initscripts/init.d/stunnel Normal file
View File

@@ -0,0 +1,39 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/stunnel
#
# Description : Provides an SSL encryption wrapper.
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
case "$1" in
start)
boot_mesg "Starting the Stunnel Daemon..."
loadproc /usr/bin/stunnel
;;
stop)
boot_mesg "Stopping the Stunnel Daemon..."
killproc /usr/bin/stunnel
;;
restart)
$0 stop
sleep 1
$0 start
;;
status)
statusproc /usr/bin/stunnel
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
exit 1
;;
esac
# End $rc_base/init.d/stunnel

37
src/paks/stunnel/install.sh Normal file
View File

@@ -0,0 +1,37 @@
#!/bin/bash
############################################################################
# #
# This file is part of the IPFire Firewall. #
# #
# IPFire is free software; you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation; either version 2 of the License, or #
# (at your option) any later version. #
# #
# IPFire is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with IPFire; if not, write to the Free Software #
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
# #
# Copyright (C) 2007 IPFire-Team <info@ipfire.org>. #
# #
############################################################################
#
. /opt/pakfire/lib/functions.sh
# Create Username and group.
getent passwd stunnel >/dev/null || \
useradd -u 51 -g stunnel -d /var/lib/stunnel -s /bin/false \
-c "stunnel Daemon" stunnel
extract_files
ln -svf ../init.d/stunnel /etc/rc.d/rc3.d/S65stunnel
ln -svf ../init.d/stunnel /etc/rc.d/rc0.d/K35stunnel
ln -svf ../init.d/stunnel /etc/rc.d/rc6.d/K35stunnel
restore_backup ${NAME}
start_service --background ${NAME}

28
src/paks/stunnel/uninstall.sh Normal file
View File

@@ -0,0 +1,28 @@
#!/bin/bash
############################################################################
# #
# This file is part of the IPFire Firewall. #
# #
# IPFire is free software; you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation; either version 2 of the License, or #
# (at your option) any later version. #
# #
# IPFire is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with IPFire; if not, write to the Free Software #
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
# #
# Copyright (C) 2007 IPFire-Team <info@ipfire.org>. #
# #
############################################################################
#
. /opt/pakfire/lib/functions.sh
stop_service ${NAME}
make_backup ${NAME}
remove_files
rm -rf /etc/rc.d/rc*.d/*stunnel

26
src/paks/stunnel/update.sh Normal file
View File

@@ -0,0 +1,26 @@
#!/bin/bash
############################################################################
# #
# This file is part of the IPFire Firewall. #
# #
# IPFire is free software; you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation; either version 2 of the License, or #
# (at your option) any later version. #
# #
# IPFire is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with IPFire; if not, write to the Free Software #
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
# #
# Copyright (C) 2007 IPFire-Team <info@ipfire.org>. #
# #
############################################################################
#
. /opt/pakfire/lib/functions.sh
./uninstall.sh
./install.sh