Группа :: Сети/Прочее
Пакет: stunnel4
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
Патч: stunnel-config.patch
Скачать
Скачать
--- stunnel4/tools/stunnel.conf-sample.in.fix 2018-09-26 11:26:04.386170478 +0300
+++ stunnel4/tools/stunnel.conf-sample.in 2018-09-26 11:36:46.412591738 +0300
@@ -7,17 +7,20 @@
; * Global options *
; **************************************************************************
+; A copy of some devices and system files is needed within the chroot jail
+chroot = /var/lib/stunnel/
+
; It is recommended to drop root privileges if stunnel is started by root
-;setuid = nobody
-;setgid = @DEFAULT_GROUP@
+setuid = stunnel
+setgid = stunnel
; PID file is created inside the chroot jail (if enabled)
-;pid = @localstatedir@/run/stunnel.pid
+pid = /stunnel.pid
; Debugging stuff (may be useful for troubleshooting)
;foreground = yes
;debug = info
-;output = @localstatedir@/log/stunnel.log
+output = /stunnel.log
; Enable FIPS 140-2 mode if needed for compliance
;fips = yes
@@ -35,6 +38,13 @@
; * Service defaults may also be specified in individual service sections *
; **************************************************************************
+; Certificate/key is needed in server mode and optional in client mode
+cert = /var/lib/ssl/certs/stunnel.cert
+key = /var/lib/ssl/private/stunnel.key
+
+;CAfile = /var/lib/ssl/cert.pem
+;CRLfile = /etc/stunnel/crls.pem
+
; Enable support for the insecure SSLv3 protocol
;options = -NO_SSLv3