The registered URLs only point to the latest version. After adding the archive
URL we could now download older version again.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>

Update stunnel to 5.48

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>

Update PKG_RELEASE version to 4.
Remove Daniel Engberg from PGK_MAINTANER list.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>

If a service section is not presented in the configuration then stunnel will
always start anyway. This ends in a crash loop because the configuration is not
valid.
Checking in "uci" mode if a service section is presented and only then
start the stunnel service will solve this issue.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>

Do not send a SIGHUP on reload configuration let procd restart the
service with stop/start. This is saver.

Add uci generated stunnel file to procd "file" attribute to
reload/restart the stunnel service.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>

Add an enabled option for the service section, so you could keep your
configuration in place without apply this section on startup or service reload.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>

Add uci config support.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>

Update stunnel to 5.44
* Disable FIPS

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>

Update stunnel to 5.41
Add main site as last resort mirror

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>

Update stunnel to 5.40

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>

Updates stunnel to version 5.38

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>

Updates stunnel to version 5.37

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>

Updates stunnel to 5.36, changes it from using forking to pthreads and
enables SSP linking. Also changes maintainer to myself.

Regarding pthreads vs forking, http://blog.haproxy.com/2011/09/16/benchmarking_ssl_performance/
SSP is short for Stack Smashing Protector and you can read about it here: http://wiki.osdev.org/Stack_Smashing_Protector

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>

Signed-off-by: Felix Fietkau <nbd@nbd.name>

* 010_fix_getnameinfo.patch is no longer needed
* 011-cron-without-pthread-fix.patch added, fixes incorrect
  ifdef when building without pthreads

Signed-off-by: Michael Haas <haas@computerlinguist.org>

Also refresh patches.

Signed-Off-By: Michael Haas <haas@computerlinguist.org>

From: Michael Haas <haas@computerlinguist.org>

* init script no longer creates certificates (consider client mode as use
  case)
* patches/010_fix_getnameinfo.patch: Fix getnameinfo signature
* patches/011_disable_ssp_linking.patch: Disable -fstack-protector as it
  is not always available in OpenWRT
* old patches (in oldpackages) no longer necessary
* remove libwrap dependency
* remove libpthread dependency
* respect CONFIG_IPV6
* init script uses procd
* sample stunnel.conf runs in client mode - prevents start failure,
  does not require cert

Possible enhancement: automatically generate certificate as done in
uhttpd. However, as client mode is a possible use case, I'd rather not.
Additionally, stunnel may use several certs with user-defined locations
and we can't easily set a cert location via command-line args.

The package is based on
https://sites.google.com/site/twisteroidambassador/openwrt/stunnel

Signed-off-by: Michael Haas <haas@computerlinguist.org>