From 1c6389467086677d32e07414e0262e1215f36668 Mon Sep 17 00:00:00 2001
From: diizzyy <diizzyy@gmail.com>
Date: Fri, 23 Sep 2016 14:07:51 +0200
Subject: [PATCH] stunnel: Update to 5.36, use pthreads and SSP.

Updates stunnel to 5.36, changes it from using forking to pthreads and
enables SSP linking. Also changes maintainer to myself.

Regarding pthreads vs forking, http://blog.haproxy.com/2011/09/16/benchmarking_ssl_performance/
SSP is short for Stack Smashing Protector and you can read about it here: http://wiki.osdev.org/Stack_Smashing_Protector

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
---
 net/stunnel/Makefile                          |  14 +-
 .../patches/011_disable_ssp_linking.patch     | 140 ------------------
 .../012-cron-without-pthread-fix.patch        |  14 --
 3 files changed, 8 insertions(+), 160 deletions(-)
 delete mode 100644 net/stunnel/patches/011_disable_ssp_linking.patch
 delete mode 100644 net/stunnel/patches/012-cron-without-pthread-fix.patch

diff --git a/net/stunnel/Makefile b/net/stunnel/Makefile
index 671ee511b..1e84e9c7f 100644
--- a/net/stunnel/Makefile
+++ b/net/stunnel/Makefile
@@ -8,16 +8,18 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=stunnel
-PKG_VERSION:=5.20
+PKG_VERSION:=5.36
 PKG_RELEASE:=1
 
 PKG_LICENSE:=GPL-2.0+
-PKG_MAINTAINER:=Michael Haas <haas@computerlinguist.org>
+PKG_MAINTAINER:=Daniel Engberg <daniel.engberg.lists@pyret.net>
 PKG_LICENSE_FILES:=COPYING COPYRIGHT.GPL
 
-PKG_SOURCE_URL:=http://stunnel.cybermirror.org/archive/5.x/
+PKG_SOURCE_URL:= \
+	http://ftp.nluug.nl/pub/networking/stunnel/ \
+	http://www.usenix.org.uk/mirrors/stunnel/
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_MD5SUM:=3264375026c2b496b5d258e243222de8
+PKG_MD5SUM:=b3c002c312e757d9a40caf95363800b3
 
 PKG_FIXUP:=autoreconf
 PKG_INSTALL:=1
@@ -27,7 +29,7 @@ include $(INCLUDE_DIR)/package.mk
 define Package/stunnel
   SECTION:=net
   CATEGORY:=Network
-  DEPENDS:=+libopenssl +zlib
+  DEPENDS:=+libopenssl +zlib +libpthread
   TITLE:=SSL TCP Wrapper
   URL:=http://www.stunnel.org/
 endef
@@ -47,7 +49,7 @@ endef
 
 CONFIGURE_ARGS+= \
 	--with-random=/dev/urandom \
-	--with-threads=fork \
+	--with-threads=pthread \
 	--with-ssl=$(STAGING_DIR)/usr \
 	--disable-libwrap \
 	--disable-systemd
diff --git a/net/stunnel/patches/011_disable_ssp_linking.patch b/net/stunnel/patches/011_disable_ssp_linking.patch
deleted file mode 100644
index 459c016da..000000000
--- a/net/stunnel/patches/011_disable_ssp_linking.patch
+++ /dev/null
@@ -1,140 +0,0 @@
---- a/configure
-+++ b/configure
-@@ -5646,66 +5646,66 @@ done
- 
- 
- 
--for flag in -fstack-protector; do
--  as_CACHEVAR=`$as_echo "ax_cv_check_cflags__$flag" | $as_tr_sh`
--{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
--$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
--if eval \${$as_CACHEVAR+:} false; then :
--  $as_echo_n "(cached) " >&6
--else
--
--  ax_check_save_flags=$CFLAGS
--  CFLAGS="$CFLAGS  $flag"
--  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
--/* end confdefs.h.  */
--
--int
--main ()
--{
--
--  ;
--  return 0;
--}
--_ACEOF
--if ac_fn_c_try_compile "$LINENO"; then :
--  eval "$as_CACHEVAR=yes"
--else
--  eval "$as_CACHEVAR=no"
--fi
--rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
--  CFLAGS=$ax_check_save_flags
--fi
--eval ac_res=\$$as_CACHEVAR
--	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
--$as_echo "$ac_res" >&6; }
--if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
--  if ${CFLAGS+:} false; then :
--  case " $CFLAGS " in
--    *" $flag "*)
--      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
--  (: CFLAGS already contains $flag) 2>&5
--  ac_status=$?
--  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
--  test $ac_status = 0; }
--      ;;
--    *)
--      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
--  (: CFLAGS="$CFLAGS $flag") 2>&5
--  ac_status=$?
--  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
--  test $ac_status = 0; }
--      CFLAGS="$CFLAGS $flag"
--      ;;
--   esac
--else
--  CFLAGS="$flag"
--fi
--
--else
--  :
--fi
--
--done
-+#for flag in -fstack-protector; do
-+#  as_CACHEVAR=`$as_echo "ax_cv_check_cflags__$flag" | $as_tr_sh`
-+#{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
-+#$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
-+#if eval \${$as_CACHEVAR+:} false; then :
-+#  $as_echo_n "(cached) " >&6
-+#else
-+#
-+#  ax_check_save_flags=$CFLAGS
-+#  CFLAGS="$CFLAGS  $flag"
-+#  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-+#/* end confdefs.h.  */
-+
-+#int
-+#main ()
-+#{
-+#
-+#  ;
-+#  return 0;
-+#}
-+#_ACEOF
-+#if ac_fn_c_try_compile "$LINENO"; then :
-+#  eval "$as_CACHEVAR=yes"
-+#else
-+#  eval "$as_CACHEVAR=no"
-+#fi
-+#rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-+#  CFLAGS=$ax_check_save_flags
-+#fi
-+#eval ac_res=\$$as_CACHEVAR
-+#	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-+#$as_echo "$ac_res" >&6; }
-+#if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
-+#  if ${CFLAGS+:} false; then :
-+#  case " $CFLAGS " in
-+#    *" $flag "*)
-+#      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
-+#  (: CFLAGS already contains $flag) 2>&5
-+#  ac_status=$?
-+#  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
-+#  test $ac_status = 0; }
-+#      ;;
-+#    *)
-+#      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
-+#  (: CFLAGS="$CFLAGS $flag") 2>&5
-+#  ac_status=$?
-+#  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
-+#  test $ac_status = 0; }
-+#      CFLAGS="$CFLAGS $flag"
-+#      ;;
-+#   esac
-+#else
-+#  CFLAGS="$flag"
-+#fi
-+#
-+#else
-+#  :
-+#fi
-+#
-+#done
- 
- 
- 
---- a/configure.ac
-+++ b/configure.ac
-@@ -71,7 +71,7 @@ AX_APPEND_COMPILE_FLAGS([-Wformat=2])
- AX_APPEND_COMPILE_FLAGS([-Wconversion])
- AX_APPEND_COMPILE_FLAGS([-Wno-long-long])
- AX_APPEND_COMPILE_FLAGS([-Wno-deprecated-declarations])
--AX_APPEND_COMPILE_FLAGS([-fstack-protector])
-+#AX_APPEND_COMPILE_FLAGS([-fstack-protector])
- AX_APPEND_COMPILE_FLAGS([-fPIE])
- AX_APPEND_COMPILE_FLAGS([-D_FORTIFY_SOURCE=2])
- AX_APPEND_LINK_FLAGS([-fPIE -pie])
diff --git a/net/stunnel/patches/012-cron-without-pthread-fix.patch b/net/stunnel/patches/012-cron-without-pthread-fix.patch
deleted file mode 100644
index 0f644b3c1..000000000
--- a/net/stunnel/patches/012-cron-without-pthread-fix.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-Index: stunnel-5.20/src/cron.c
-===================================================================
---- stunnel-5.20.orig/src/cron.c
-+++ stunnel-5.20/src/cron.c
-@@ -46,6 +46,9 @@ NOEXPORT void cron_thread(void *arg);
- #endif
- #if defined(USE_PTHREAD) || defined(USE_WIN32)
- NOEXPORT void cron_worker(void);
-+#endif
-+
-+#ifndef OPENSSL_NO_DH
- NOEXPORT void cron_dh_param(void);
- #endif
-