From 6d8ae317ba7e7cc8359833be792deb6c03b2e6a4 Mon Sep 17 00:00:00 2001
From: Rob Austein
Date: Tue, 15 Oct 2013 11:49:19 -0400
Subject: stunnel: Add TLSv1.1 and TLSv1.2 support

The system copy of OpenSSL is too old to support TLS versions 1.1 and
1.2.  This matters because TLS v1.2 includes a number of ciphers that
are stronger than anything available in earlier versions, so people
who need to use those ciphers need TLS 1.2 support.

stunnel enables TLSv1.2 and the stronger ciphers automatically when
compiled with a sufficiently recent version of OpenSSL, so the change
here is just to add the usual "--with-brewed-openssl" option to the
stunnel formula.

Closes #23319.

Signed-off-by: Adam Vandenberg <flangy@gmail.com>
---
 Library/Formula/stunnel.rb | 24 +++++++++++++++++++-----
 1 file changed, 19 insertions(+), 5 deletions(-)

(limited to 'Library/Formula')

diff --git a/Library/Formula/stunnel.rb b/Library/Formula/stunnel.rb
index e676f2d90..352f79a7e 100644
--- a/Library/Formula/stunnel.rb
+++ b/Library/Formula/stunnel.rb
@@ -6,6 +6,11 @@ class Stunnel < Formula
   mirror 'http://ftp.nluug.nl/pub/networking/stunnel/stunnel-4.56.tar.gz'
   sha256 '9cae2cfbe26d87443398ce50d7d5db54e5ea363889d5d2ec8d2778a01c871293'
 
+  # We need Homebrew OpenSSL for TLSv1.2 support
+  option 'with-brewed-openssl', 'Build with Homebrew OpenSSL instead of the system version'
+
+  depends_on "openssl" if MacOS.version <= :leopard or build.with?('brewed-openssl')
+
   # This patch installs a bogus .pem in lieu of interactive cert generation.
   # - additionally stripping carriage-returns
   def patches
@@ -13,11 +18,20 @@ class Stunnel < Formula
   end
 
   def install
-    system "./configure", "--disable-dependency-tracking",
-                          "--disable-libwrap",
-                          "--prefix=#{prefix}",
-                          "--sysconfdir=#{etc}",
-                          "--mandir=#{man}"
+
+    args = [
+      "--disable-dependency-tracking",
+      "--disable-libwrap",
+      "--prefix=#{prefix}",
+      "--sysconfdir=#{etc}",
+      "--mandir=#{man}",
+    ]
+
+    if MacOS.version <= :leopard or build.with?('brewed-openssl')
+      args << "--with-ssl-dir=#{Formula.factory('openssl').opt_prefix}"
+    end
+
+    system "./configure", *args
     system "make install"
   end
 
-- 
cgit v1.2.3