jengelh/strongswan
SHA256
1
0
Fork 1
forked from pool/strongswan
Code Pull Requests Activity

OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/strongswan?expand=0&rev=5

Browse Source
This commit is contained in:
OBS User unknown 2008-07-11 20:15:59 +00:00 committed by Git OBS Bridge
parent 0bd5d2a61e
commit 288f1b2851
3 changed files with 44 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
strongswan.changes
View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Mon Jun 30 22:40:31 CEST 2008 - mt@suse.de
- Added fix that explicitly enables version 1 linux capabilities
on version 2 systems to aviod that the charon and pluto daemons
exit because of failed capset call (bnc#404989).
------------------------------------------------------------------- -------------------------------------------------------------------
Mon May 19 16:17:16 CEST 2008 - mt@suse.de Mon May 19 16:17:16 CEST 2008 - mt@suse.de

8
strongswan.spec
View File

@ -15,7 +15,7 @@ Name: strongswan
%define upstream_version 4.2.1 %define upstream_version 4.2.1
%define strongswan_docdir %{_docdir}/%{name} %define strongswan_docdir %{_docdir}/%{name}
Version: 4.2.1 Version: 4.2.1
Release: 8 Release: 16
License: GPL v2 or later License: GPL v2 or later
Group: Productivity/Networking/Security Group: Productivity/Networking/Security
Summary: StrongSwan -- OpenSource IPsec-based VPN Solution Summary: StrongSwan -- OpenSource IPsec-based VPN Solution
@ -33,6 +33,7 @@ Source3: %{name}-%{version}-rpmlintrc
Patch1: %{name}_modprobe_syslog.dif Patch1: %{name}_modprobe_syslog.dif
Patch2: %{name}-%{upstream_version}.dif Patch2: %{name}-%{upstream_version}.dif
Patch3: %{name}_crash_badcfg_reload.dif Patch3: %{name}_crash_badcfg_reload.dif
Patch4: %{name}_old-caps-version.diff
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: bison flex gmp-devel gperf pkg-config BuildRequires: bison flex gmp-devel gperf pkg-config
%if 0%{?suse_version} >= 1030 %if 0%{?suse_version} >= 1030
@ -130,6 +131,7 @@ Authors:
%patch1 -p0 %patch1 -p0
%patch2 -p0 %patch2 -p0
%patch3 -p0 %patch3 -p0
%patch4 -p2
sed -e 's|@libexecdir@|%_libexecdir|g' \ sed -e 's|@libexecdir@|%_libexecdir|g' \
< $RPM_SOURCE_DIR/strongswan.init.in \ < $RPM_SOURCE_DIR/strongswan.init.in \
> strongswan.init > strongswan.init
@ -260,6 +262,10 @@ fi
%{_mandir}/man8/starter.8* %{_mandir}/man8/starter.8*
%changelog %changelog
* Tue Jul 01 2008 mt@suse.de
- Added fix that explicitly enables version 1 linux capabilities
on version 2 systems to aviod that the charon and pluto daemons
exit because of failed capset call (bnc#404989).
* Mon May 19 2008 mt@suse.de * Mon May 19 2008 mt@suse.de
- Applied fix (strongswan_crash_badcfg_reload.dif) to avoid - Applied fix (strongswan_crash_badcfg_reload.dif) to avoid
a crash after reloading with bad config (bnc#392062). a crash after reloading with bad config (bnc#392062).

30
strongswan_old-caps-version.diff Normal file
View File

@ -0,0 +1,30 @@
Index: /trunk/src/charon/daemon.c
===================================================================
--- /trunk/src/charon/daemon.c (revision 3825)
+++ /trunk/src/charon/daemon.c (revision 3908)
@@ -267,5 +267,11 @@
}
+ /* we use the old capset version for now. For systems with version 2
+ * available, we specifiy version 1 excplicitly. */
+#ifdef _LINUX_CAPABILITY_VERSION_1
+ hdr.version = _LINUX_CAPABILITY_VERSION_1;
+#else
hdr.version = _LINUX_CAPABILITY_VERSION;
+#endif
hdr.pid = 0;
data.inheritable = data.effective = data.permitted = keep;
Index: /trunk/src/pluto/plutomain.c
===================================================================
--- /trunk/src/pluto/plutomain.c (revision 3253)
+++ /trunk/src/pluto/plutomain.c (revision 3914)
@@ -618,5 +620,9 @@
/* drop unneeded capabilities and change UID/GID */
+#ifdef _LINUX_CAPABILITY_VERSION_1
+ hdr.version = _LINUX_CAPABILITY_VERSION_1;
+#else
hdr.version = _LINUX_CAPABILITY_VERSION;
+#endif
hdr.pid = 0;
data.inheritable = data.effective = data.permitted =