2010-06-22 17:04:05 +00:00
|
|
|
require 'formula'
|
|
|
|
|
2011-03-10 05:11:03 +00:00
|
|
|
class Stunnel < Formula
|
2010-06-22 17:04:05 +00:00
|
|
|
homepage 'http://www.stunnel.org/'
|
2012-05-14 19:46:28 +00:00
|
|
|
url 'ftp://ftp.stunnel.org/stunnel/archive/4.x/stunnel-4.53.tar.gz'
|
2012-09-03 18:33:56 +00:00
|
|
|
sha1 'c167833c23fde388db697bd3edb4444aff0e449e'
|
2010-06-22 17:04:05 +00:00
|
|
|
|
2011-05-10 16:14:21 +00:00
|
|
|
# This patch installs a bogus .pem in lieu of interactive cert generation.
|
2012-02-04 08:24:54 +00:00
|
|
|
# - additionally stripping carriage-returns
|
2010-06-22 17:04:05 +00:00
|
|
|
def patches
|
|
|
|
DATA
|
|
|
|
end
|
|
|
|
|
|
|
|
def install
|
|
|
|
system "./configure", "--disable-dependency-tracking",
|
|
|
|
"--disable-libwrap",
|
|
|
|
"--prefix=#{prefix}",
|
2013-02-18 23:34:48 +00:00
|
|
|
"--sysconfdir=#{etc}",
|
2010-06-22 17:04:05 +00:00
|
|
|
"--mandir=#{man}"
|
|
|
|
system "make install"
|
|
|
|
end
|
|
|
|
|
|
|
|
def caveats
|
|
|
|
<<-EOS.undent
|
|
|
|
A bogus SSL server certificate has been installed to:
|
|
|
|
#{etc}/stunnel/stunnel.pem
|
|
|
|
|
2011-05-10 16:14:21 +00:00
|
|
|
This certificate will be used by default unless a config file says otherwise!
|
2010-06-22 17:04:05 +00:00
|
|
|
|
|
|
|
In your stunnel configuration, specify a SSL certificate with
|
|
|
|
the "cert =" option for each service.
|
|
|
|
EOS
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2011-05-10 16:14:21 +00:00
|
|
|
|
2010-06-22 17:04:05 +00:00
|
|
|
__END__
|
|
|
|
diff --git a/tools/stunnel.cnf b/tools/stunnel.cnf
|
2012-02-04 08:24:54 +00:00
|
|
|
index d8c3174..5ad26e0 100644
|
2010-06-22 17:04:05 +00:00
|
|
|
--- a/tools/stunnel.cnf
|
|
|
|
+++ b/tools/stunnel.cnf
|
2012-02-04 08:24:54 +00:00
|
|
|
@@ -1,42 +1,30 @@
|
|
|
|
-# OpenSSL configuration file to create a server certificate
|
|
|
|
-# by Michal Trojnara 1998-2012
|
|
|
|
-
|
|
|
|
-[ req ]
|
|
|
|
-# the default key length is secure and quite fast - do not change it
|
|
|
|
-default_bits = 2048
|
|
|
|
-# comment out the next line to protect the private key with a passphrase
|
|
|
|
-encrypt_key = no
|
|
|
|
-distinguished_name = req_dn
|
|
|
|
-x509_extensions = cert_type
|
|
|
|
-
|
|
|
|
-[ req_dn ]
|
|
|
|
-countryName = Country Name (2 letter code)
|
|
|
|
-countryName_default = PL
|
|
|
|
-countryName_min = 2
|
|
|
|
-countryName_max = 2
|
|
|
|
-
|
|
|
|
-stateOrProvinceName = State or Province Name (full name)
|
|
|
|
-stateOrProvinceName_default = Mazovia Province
|
|
|
|
-
|
|
|
|
-localityName = Locality Name (eg, city)
|
|
|
|
-localityName_default = Warsaw
|
|
|
|
-
|
|
|
|
-organizationName = Organization Name (eg, company)
|
|
|
|
-organizationName_default = Stunnel Developers
|
|
|
|
-
|
|
|
|
-organizationalUnitName = Organizational Unit Name (eg, section)
|
|
|
|
-organizationalUnitName_default = Provisional CA
|
|
|
|
-
|
|
|
|
-0.commonName = Common Name (FQDN of your server)
|
|
|
|
-0.commonName_default = localhost
|
|
|
|
-
|
|
|
|
-# To create a certificate for more than one name uncomment:
|
|
|
|
-# 1.commonName = DNS alias of your server
|
|
|
|
-# 2.commonName = DNS alias of your server
|
|
|
|
-# ...
|
|
|
|
-# See http://home.netscape.com/eng/security/ssl_2.0_certificate.html
|
|
|
|
-# to see how Netscape understands commonName.
|
|
|
|
-
|
|
|
|
-[ cert_type ]
|
|
|
|
-nsCertType = server
|
|
|
|
-
|
|
|
|
+# OpenSSL configuration file to create a server certificate
|
|
|
|
+# by Michal Trojnara 1998-2012
|
|
|
|
+
|
|
|
|
+[ req ]
|
|
|
|
+# the default key length is secure and quite fast - do not change it
|
|
|
|
+default_bits = 2048
|
|
|
|
+# comment out the next line to protect the private key with a passphrase
|
|
|
|
+encrypt_key = no
|
|
|
|
+distinguished_name = req_dn
|
|
|
|
+x509_extensions = cert_type
|
2011-07-30 00:06:43 +00:00
|
|
|
+prompt = no
|
2012-02-04 08:24:54 +00:00
|
|
|
+
|
|
|
|
+[ req_dn ]
|
2012-02-01 19:56:53 +00:00
|
|
|
+countryName = PL
|
2012-02-04 08:24:54 +00:00
|
|
|
+stateOrProvinceName = Mazovia Province
|
|
|
|
+localityName = Warsaw
|
|
|
|
+organizationName = Stunnel Developers
|
|
|
|
+organizationalUnitName = Provisional CA
|
|
|
|
+0.commonName = localhost
|
|
|
|
+
|
|
|
|
+# To create a certificate for more than one name uncomment:
|
|
|
|
+# 1.commonName = DNS alias of your server
|
|
|
|
+# 2.commonName = DNS alias of your server
|
|
|
|
+# ...
|
|
|
|
+# See http://home.netscape.com/eng/security/ssl_2.0_certificate.html
|
|
|
|
+# to see how Netscape understands commonName.
|
|
|
|
+
|
|
|
|
+[ cert_type ]
|
|
|
|
+nsCertType = server
|
|
|
|
+
|
|
|
|
--
|
|
|
|
1.7.9
|