Overview

File stunnel.spec of Package stunnel.6450

#
# spec file for package stunnel
#
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#


%define VENDOR SUSE

Name:           stunnel
Summary:        Universal SSL Tunnel
License:        SUSE-GPL-2.0-with-openssl-exception
Group:          Productivity/Networking/Security
Version:        5.00 
Release:        0
Url:            http://www.stunnel.org/
PreReq:         /usr/sbin/useradd fileutils textutils %fillup_prereq 
Source:         http://www.stunnel.org/download/stunnel/src/%{name}-%{version}.tar.bz2
Source1:        stunnel.conf
Source2:        stunnel.README
Source3:        sysconfig.syslog-stunnel
Source4:        stunnel.service
Patch0:         stunnel-listenqueue-option.patch
Patch1:         stunnel3-binpath.patch
Patch2:         stunnel-CVE-2015-3644.patch
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
BuildRequires:  openssl
BuildRequires:  openssl-devel
BuildRequires:  systemd
BuildRequires:  tcpd-devel
BuildRequires:  zlib-devel
%{?systemd_requires}

%description
The stunnel program is designed to work as an SSL encryption wrapper
between a remote client and the local (inetd-startable) or remote
server. The concept is that by having non-SSL aware daemons running on
your system, you can easily set them to communicate with clients over a
secure SSL channel. Stunnel can be used to add SSL functionality to
commonly used inetd daemons, such as POP-2, POP-3, and IMAP servers,
without any changes to the program code.



%prep
%setup -q -n stunnel-5.00
%patch0 -p0 
%patch1 -p0
%patch2 -p1

%build
sed -i 's/-m 1770 -g nogroup//g' tools/Makefile.in
%if %{?suse_version:%suse_version}%{?!suse_version:99999} > 930
fPIE="-fPIE"
pie="-pie"
%endif
export CFLAGS="$RPM_OPT_FLAGS $fPIE"
%configure \
		--enable-libwrap \
		--localstatedir=/var \
		--with-pem-dir=%{_sysconfdir}/stunnel
echo -e ".\n.\n.\n.\n.\n" | make LDADD="$pie -Wl,-z,defs,-z,relro"

%install
mkdir -p $RPM_BUILD_ROOT/%{_sbindir}
mkdir -p $RPM_BUILD_ROOT/var/lib/stunnel/{etc,dev,bin,sbin,%_lib,var/run}
mkdir -p $RPM_BUILD_ROOT/var/lib/stunnel
mkdir -p $RPM_BUILD_ROOT/etc/init.d/
mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates
make \
	confdir=%{_sysconfdir}/stunnel \
	sbindir=%{_sbindir} \
	libdir=%{_libdir} \
	mandir=%{_mandir} \
	docdir=%{_docdir}/%{name} \
	DESTDIR=$RPM_BUILD_ROOT \
	install
cp -p %{S:1} tools/stunnel.conf-sample
cp -p %{S:2} README.%VENDOR
cp -p %{S:3} $RPM_BUILD_ROOT/var/adm/fillup-templates/
install -D -m 0644 $RPM_SOURCE_DIR/stunnel.service $RPM_BUILD_ROOT/%_unitdir/stunnel.service
ln -s stunnel3 $RPM_BUILD_ROOT/usr/sbin/stunnel3_wrapper
mv $RPM_BUILD_ROOT/%{_bindir}/* $RPM_BUILD_ROOT/%{_sbindir}
rm $RPM_BUILD_ROOT/%{_sysconfdir}/stunnel/stunnel.conf-sample
rm $RPM_BUILD_ROOT/%{_libdir}/stunnel/*.la
rm -rf $RPM_BUILD_ROOT/usr/share/doc/stunnel
rm -rf $RPM_BUILD_ROOT/usr/share/doc/packages/stunnel/INSTALL
rm -rf $RPM_BUILD_ROOT/usr/share/doc/packages/stunnel/INSTALL.WCE
rm -rf $RPM_BUILD_ROOT/usr/share/doc/packages/stunnel/INSTALL.W32

%clean
rm -rf $RPM_BUILD_ROOT

%pre
if ! /usr/bin/getent passwd stunnel >/dev/null; then
   %{_sbindir}/useradd -r -c "Daemon user for stunnel (universal SSL tunnel)" -g nogroup -s /bin/false \
   -d /var/lib/stunnel stunnel 2> /dev/null || :
fi

%service_add_pre %{name}.service

%post 
%{fillup_only -ans syslog stunnel}
if ! test -s etc/stunnel/stunnel.conf; then 
	cp -p usr/share/doc/packages/stunnel/stunnel.conf-sample etc/stunnel/stunnel.conf 
	echo copying default config file to /etc/stunnel/stunnel.conf
fi
# first installation? 
if [ ${FIRST_ARG:-0} = 1 ]; then
if ! test -f etc/stunnel/stunnel.pem; then
	cat usr/share/doc/packages/stunnel/README.%VENDOR
fi
fi

%service_add_post %{name}.service

%preun
%service_del_preun %{name}.service

%postun
%service_del_postun %{name}.service

%files
%defattr(-, root, root)
%doc AUTHORS BUGS COPYING COPYRIGHT.GPL CREDITS ChangeLog NEWS PORTS README TODO
%doc README.%VENDOR
%doc doc/stunnel.html 
%doc doc/stunnel.*.html 
%doc doc/en/*
%doc doc/pl
%doc tools/stunnel.conf-sample
%doc tools/stunnel.cnf
%{_sbindir}/*
%{_libdir}/stunnel
%{_mandir}/man8/*
%dir %attr(700,root,root) %{_sysconfdir}/stunnel
%dir %attr(755,root,root) 	/var/lib/stunnel
%dir %attr(755,root,root) 	/var/lib/stunnel/bin
%dir %attr(755,root,root) 	/var/lib/stunnel/etc
%dir %attr(755,root,root) 	/var/lib/stunnel/dev
%dir %attr(755,root,root) 	/var/lib/stunnel/%_lib
%dir %attr(755,root,root) 	/var/lib/stunnel/sbin
%dir %attr(755,root,root) 	/var/lib/stunnel/var
%dir %attr(755,stunnel,root) 	/var/lib/stunnel/var/run
/var/adm/fillup-templates/sysconfig.syslog-stunnel
%_unitdir/stunnel.service

%changelog
openSUSE Build Service is sponsored by
Places