On Thu, Nov 08, 2007 at 11:59:15PM +0100, Pav Lucistnik wrote: > RW p??e v ?t 08. 11. 2007 v 22:06 +0000: > > > Stunnel doesn't seem to be working correctly on my 6.2 desktop, I'm > > getting the following in /var/log/messages, and I have no stunnel > > process [snip] > > stunnel: LOG3[926:134660096]: local socket: Protocol not supported (43) > > stunnel: warning: can't get client address: Bad file descriptor [snip] > > On my machines, I noticed 4.21 no longer understands domain names in > connect statement of configuration file. > > Try replacing that secure.new.seasynews.com by it's IP.
Could you try the attached patch? According to the stunnel developers, it should fix the problem. It has been submitted to the portmgr@ team for commit approval. I apologize for the apparently insufficient testing before the port update to version 4.21. G'luck, Peter -- Peter Pentchev [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 I've heard that this sentence is a rumor.
Index: ports/security/stunnel/Makefile =================================================================== --- ports/security/stunnel/Makefile (revision 1430) +++ ports/security/stunnel/Makefile (revision 1431) @@ -7,6 +7,7 @@ PORTNAME= stunnel PORTVERSION= 4.21 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= http://www.stunnel.org/download/stunnel/src/ \ ftp://stunnel.mirt.net/stunnel/ \ Index: ports/security/stunnel/files/patch-src::stunnel.c =================================================================== --- ports/security/stunnel/files/patch-src::stunnel.c (revision 0) +++ ports/security/stunnel/files/patch-src::stunnel.c (revision 1431) @@ -0,0 +1,92 @@ +An official patch obtained from ftp://stunnel.mirt.net/stunnel/setuid.patch + +--- src/stunnel.c.old 2007-11-12 11:30:38.000000000 +0200 ++++ src/stunnel.c 2007-11-12 11:30:48.000000000 +0200 +@@ -3,8 +3,8 @@ + * Copyright (c) 1998-2007 Michal Trojnara <[EMAIL PROTECTED]> + * All Rights Reserved + * +- * Version: 4.21 (stunnel.c) +- * Date: 2007.10.27 ++ * Version: 4.22 (stunnel.c) ++ * Date: 2007.11.xx + * + * Author: Michal Trojnara <[EMAIL PROTECTED]> + * +@@ -41,7 +41,7 @@ + static void accept_connection(LOCAL_OPTIONS *); + static void get_limits(void); /* setup global max_clients and max_fds */ + #if !defined (USE_WIN32) && !defined (__vms) +-static void make_chroot(void); ++static void drop_privileges(void); + static void daemonize(void); + static void create_pid(void); + static void delete_pid(void); +@@ -111,9 +111,6 @@ + } else { /* inetd mode */ + #if !defined (USE_WIN32) && !defined (__vms)&&!defined(USE_OS2) + max_fds=FD_SETSIZE; /* just in case */ +-#ifdef HAVE_CHROOT +- make_chroot(); +-#endif /* HAVE_CHROOT */ + drop_privileges(); + #endif + num_clients=1; +@@ -171,9 +168,6 @@ + #if !defined (USE_WIN32) && !defined (__vms) && !defined(USE_OS2) + if(!(options.option.foreground)) + daemonize(); +-#ifdef HAVE_CHROOT +- make_chroot(); +-#endif /* HAVE_CHROOT */ + drop_privileges(); + create_pid(); + #endif /* !defined USE_WIN32 && !defined (__vms) */ +@@ -299,24 +293,9 @@ + #endif + } + +-#ifdef HAVE_CHROOT +-static void make_chroot(void) { +- if(options.chroot_dir) { +- if(chroot(options.chroot_dir)) { +- sockerror("chroot"); +- exit(1); +- } +- if(chdir("/")) { +- sockerror("chdir"); +- exit(1); +- } +- } +-} +-#endif /* HAVE_CHROOT */ +- + #if !defined (USE_WIN32) && !defined (__vms) +- /* set process user and group(s) id */ +-void drop_privileges(void) { ++ /* chroot and set process user and group(s) id */ ++static void drop_privileges(void) { + int uid=0, gid=0; + struct group *gr; + #ifdef HAVE_SETGROUPS +@@ -350,6 +329,20 @@ + } + } + ++#ifdef HAVE_CHROOT ++ /* chroot */ ++ if(options.chroot_dir) { ++ if(chroot(options.chroot_dir)) { ++ sockerror("chroot"); ++ exit(1); ++ } ++ if(chdir("/")) { ++ sockerror("chdir"); ++ exit(1); ++ } ++ } ++#endif /* HAVE_CHROOT */ ++ + /* Set uid and gid */ + if(gid) { + if(setgid(gid)) { Index: ports/security/stunnel/files/patch-src::prototypes.h =================================================================== --- ports/security/stunnel/files/patch-src::prototypes.h (revision 0) +++ ports/security/stunnel/files/patch-src::prototypes.h (revision 1431) @@ -0,0 +1,12 @@ +An official patch obtained from ftp://stunnel.mirt.net/stunnel/setuid.patch + +--- src/prototypes.h.old 2007-11-12 11:30:43.000000000 +0200 ++++ src/prototypes.h 2007-11-12 11:30:48.000000000 +0200 +@@ -57,7 +57,6 @@ + void main_initialize(char *, char *); + void main_execute(void); + void stunnel_info(int); +-void drop_privileges(void); + + /**************************************** Prototypes for log.c */ +
pgpRJgjiE9xhp.pgp
Description: PGP signature
