Mercurial Mercurial > upstream > oracle > sfw-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
usr/src/cmd/stunnel/stunnel.sample
changeset 86 7cec84c09a67
parent 85 2b1f0bf1e1e8
child 87 f1183b751617 
--- a/usr/src/cmd/stunnel/stunnel.sample	Thu Jun 16 03:22:51 2011 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,106 +0,0 @@
-;
-;
-; CDDL HEADER START
-;
-; The contents of this file are subject to the terms of the
-; Common Development and Distribution License (the "License").
-; You may not use this file except in compliance with the License.
-;
-; You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
-; or http://www.opensolaris.org/os/licensing.
-; See the License for the specific language governing permissions
-; and limitations under the License.
-;
-; When distributing Covered Code, include this CDDL HEADER in each
-; file and include the License file at usr/src/OPENSOLARIS.LICENSE.
-; If applicable, add the following below this CDDL HEADER, with the
-; fields enclosed by brackets "[]" replaced with your own identifying
-; information: Portions Copyright [yyyy] [name of copyright owner]
-;
-; CDDL HEADER END
-;
-; Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
-; Use is subject to license terms.
-;
-;ident	"@(#)stunnel.sample	1.1	08/07/09 SMI"
-;
-; Sample stunnel configuration file, copy and edit as required.
-; The examples are commented out because the fictitious system names
-; would cause stunnel to fail with a bind error.
-;
-; Blank lines and lines that start with ';' are ignored.
-; These options are global to all stunnel processes using this file
-;
-; pid lock file
-pid = /var/run/stunnel.pid
-;
-; Global debug level (written to stdout or syslog(3C))
-; Default debug level is 5.
-debug = 7
-;
-; stunnel service defintions start with a [label], the label should be
-; unique and descriptive.
-;
-; The following block defines a sample service to allow a non-SSL aware
-; IMAP mail client to use SSL to connect to a secure mail server (imaps).
-; stunnel will listen on the "accept" address/port and forward packets
-; to the "connect" address/port. The mail client should be configured
-; to use "localhost" as its mail server.
-;[imapd]
-; 
-; verify = 0
-; accept = localhost:143
-; names and IP addresses work too.
-; accept = mysystem:143
-; accept = 192.168.0.12:143
-; Only use these ciphers, run this command to find supported ciphers:
-; 'openssl ciphers'
-; ciphers = DES-CBC3-SHA:IDEA-CBC-MD5
-; client = yes
-; connect = mymailserver.net:993
-
-; The following could be used by a non-privileged user to run a imaps proxy.
-; The bind port is not privileged, this assumes that no other process
-; is using this port, of course. The mail client would need to be configured
-; to use "localhost" as its mailserver and connect to port "14344".
-;[imap_user]
-; accept = localhost:14344
-; connect = mymailserver.net:993
-; client = yes
-
-; This definition allows 'https' connections to the "accept" address/port
-; and forwards them to an http server running on the localhost port 80.
-; To work in server mode, stunnel needs a pkcs#12 file. This contains
-; the server's pem-encoded private and public keys.
-;
-; The pkcs#12 file provides the servers identity, this file can be obtained
-; from an existing CA, either commercial or from somewhere within the
-; organization. Alternatively, openssl(5) can be used to generate self-signed
-; certificates, or be configured as a ca(1) and used to generate and sign CSR's.
-; The signed certificates are concatenated into a pkcs#12, the location is 
-; defined with the 'cert =' keyword (see below).
-;
-;[https]
-; verify = 1
-; accept = localhost:143
-; Location of a file that contains the system private key and public certificate
-; created with openssl. The file should be owned by root and have be read only
-; for root only (IE: chmod 0400)
-; see openssl(5) and ca(1)
-; cert = /etc/stunnel/stunnel.pem
-; accept = my_external_IP:443
-; connect = localhost:80
-; client = no
-;
-; For more information on setting up an openssl(5) CA, read the Solaris
-; man pages or one of the many Internet tutorials on the subject.
-; 
-; The source code for the version of stunnel shipped with Solaris can be
-; viewed on http://src.opensolaris.org/source/ (search for stunnel). This
-; source tree includes a sample script that can setup openssl(5) as a CA
-; and generate and sign the certificates.
-;
-;	setup_CA.sh - Configures openssl(5) as a CA, generates certificates.
-;	stunnel_ca_lib.sh - Library used by setup_CA.sh.
-;	test_stunnel.sh - For generating a test configuration.
-;
upstream/oracle/sfw-gate