# HG changeset patch # User Vladimir Kotal # Date 1492522656 0 # Node ID be9448144641bb9864b3f8d7e73579fc2f572da1 # Parent abff0726470cec78079d289910a4406866edf563 25749851 modify default stunnel.conf to include correct CA certificate directory diff -r abff0726470c -r be9448144641 components/stunnel/Makefile --- a/components/stunnel/Makefile Tue Apr 18 16:00:36 2017 -0700 +++ b/components/stunnel/Makefile Tue Apr 18 13:37:36 2017 +0000 @@ -20,7 +20,7 @@ # # -# Copyright (c) 2013, 2016, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2013, 2017, Oracle and/or its affiliates. All rights reserved. # include ../../make-rules/shared-macros.mk @@ -44,6 +44,8 @@ COMPONENT_PREP_ACTION += (cd $(@D) ; autoreconf -f) +PATCH_LEVEL = 0 + # need /usr/perl5/bin on path to access pod2man perl script, used by # the build to create docs COMPONENT_BUILD_ENV += PATH=$(USRDIR)/perl5/bin:$(PATH) diff -r abff0726470c -r be9448144641 components/stunnel/patches/00_stunnel.conf.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/components/stunnel/patches/00_stunnel.conf.patch Tue Apr 18 13:37:36 2017 +0000 @@ -0,0 +1,49 @@ +Patch origin: in-house +Patch status: Solaris-specific; not suitable for upstream + +Changes CA directory in the sample configuration file. + +--- tools/stunnel.conf-sample.in 2016-07-05 14:27:57.000000000 -0700 ++++ tools/stunnel.conf-sample.in 2017-03-21 02:49:10.831006080 -0700 +@@ -45,10 +45,10 @@ + + ; ***************************************** Example TLS client mode services + +-; The following examples use /etc/ssl/certs, which is the common location +-; of a hashed directory containing trusted CA certificates. This is not +-; a hardcoded path of the stunnel package, as it is not related to the +-; stunnel configuration in @sysconfdir@/stunnel/. ++; The following examples use /etc/openssl/certs, which is the location ++; of directory containing hashed links to trusted CA certificate on Solaris. ++; This is not a hardcoded path of the stunnel package, as it is not related ++; to the stunnel configuration in @sysconfdir@/stunnel/. + + [gmail-pop3] + client = yes +@@ -55,7 +55,7 @@ + accept = 127.0.0.1:110 + connect = pop.gmail.com:995 + verifyChain = yes +-CApath = /etc/ssl/certs ++CApath = /etc/openssl/certs + checkHost = pop.gmail.com + OCSPaia = yes + +@@ -64,7 +64,7 @@ + accept = 127.0.0.1:143 + connect = imap.gmail.com:993 + verifyChain = yes +-CApath = /etc/ssl/certs ++CApath = /etc/openssl/certs + checkHost = imap.gmail.com + OCSPaia = yes + +@@ -73,7 +73,7 @@ + accept = 127.0.0.1:25 + connect = smtp.gmail.com:465 + verifyChain = yes +-CApath = /etc/ssl/certs ++CApath = /etc/openssl/certs + checkHost = smtp.gmail.com + OCSPaia = yes +