Accepting request 451851 from home:darix:playground
- silence warning about %{_rundir}/openvpn - for non systemd case: just package the %{_rundir}/openvpn in the package - for systemd case: call systemd-tmpfiles and own the dir as %ghost in the filelist - refreshed patches to apply cleanly again openvpn-2.3-plugin-man.dif openvpn-fips140-2.3.2.patch - update to 2.3.14 - update year in copyright message - Document the --auth-token option - Repair topology subnet on FreeBSD 11 - Repair topology subnet on OpenBSD - Drop recursively routed packets - Support --block-outside-dns on multiple tunnels - When parsing '--setenv opt xx ..' make sure a third parameter is present - Map restart signals from event loop to SIGTERM during exit-notification wait - Correctly state the default dhcp server address in man page - Clean up format_hex_ex() - enabled pkcs11 support OBS-URL: https://build.opensuse.org/request/show/451851 OBS-URL: https://build.opensuse.org/package/show/network:vpn/openvpn?expand=0&rev=113
This commit is contained in:
parent
ce8599bf09
commit
9779642307
@ -1,6 +1,8 @@
|
|||||||
--- doc/openvpn.8
|
Index: doc/openvpn.8
|
||||||
+++ doc/openvpn.8 2015/03/02 08:58:02
|
===================================================================
|
||||||
@@ -2569,12 +2569,11 @@ plug-in modules, see the README file in
|
--- doc/openvpn.8.orig
|
||||||
|
+++ doc/openvpn.8
|
||||||
|
@@ -2690,12 +2690,11 @@ plug-in modules, see the README file in
|
||||||
.B plugin
|
.B plugin
|
||||||
folder of the OpenVPN source distribution.
|
folder of the OpenVPN source distribution.
|
||||||
|
|
||||||
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:9cde0c8000fd32d5275adb55f8bb1d8ba429ff3de35f60a36e81f3859b7537e0
|
|
||||||
size 829484
|
|
@ -1,7 +0,0 @@
|
|||||||
-----BEGIN PGP SIGNATURE-----
|
|
||||||
Version: GnuPG v1
|
|
||||||
|
|
||||||
iEYEABECAAYFAlgbEocACgkQwp2X7RmNIqOSJwCfQVrcS2k/XC71G1H8ABMQpPrS
|
|
||||||
MvAAn3TdER/TEpi82whq3SLABg8wTNuz
|
|
||||||
=Zf4E
|
|
||||||
-----END PGP SIGNATURE-----
|
|
3
openvpn-2.3.14.tar.xz
Normal file
3
openvpn-2.3.14.tar.xz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:f3a0d0eaf8d544409f76a9f2a238a0cd3dde9e1a9c1f98ac732a8b572bcdee98
|
||||||
|
size 831404
|
7
openvpn-2.3.14.tar.xz.asc
Normal file
7
openvpn-2.3.14.tar.xz.asc
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
-----BEGIN PGP SIGNATURE-----
|
||||||
|
Version: GnuPG v1
|
||||||
|
|
||||||
|
iEYEABECAAYFAlhH9nkACgkQwp2X7RmNIqOYtQCfbRsvCy0r7RnYXEAZJ3nzsaww
|
||||||
|
JoMAoIMDSlotKGn/9tey0L+Nj8+8kI+N
|
||||||
|
=D64i
|
||||||
|
-----END PGP SIGNATURE-----
|
@ -1,6 +1,8 @@
|
|||||||
--- openvpn-2.3.2/src/openvpn/crypto_backend.h
|
Index: openvpn-2.3.14/src/openvpn/crypto_backend.h
|
||||||
+++ openvpn-2.3.2/src/openvpn/crypto_backend.h 2015/02/19 09:15:02
|
===================================================================
|
||||||
@@ -452,10 +452,11 @@ void md_ctx_final (md_ctx_t *ctx, uint8_
|
--- openvpn-2.3.14.orig/src/openvpn/crypto_backend.h
|
||||||
|
+++ openvpn-2.3.14/src/openvpn/crypto_backend.h
|
||||||
|
@@ -480,10 +480,11 @@ void md_ctx_final (md_ctx_t *ctx, uint8_
|
||||||
* @param key The key to use for the HMAC
|
* @param key The key to use for the HMAC
|
||||||
* @param key_len The key length to use
|
* @param key_len The key length to use
|
||||||
* @param kt Static message digest parameters
|
* @param kt Static message digest parameters
|
||||||
@ -13,9 +15,11 @@
|
|||||||
|
|
||||||
/*
|
/*
|
||||||
* Free the given HMAC context.
|
* Free the given HMAC context.
|
||||||
--- openvpn-2.3.2/src/openvpn/crypto.c
|
Index: openvpn-2.3.14/src/openvpn/crypto.c
|
||||||
+++ openvpn-2.3.2/src/openvpn/crypto.c 2015/02/19 09:15:02
|
===================================================================
|
||||||
@@ -486,7 +486,7 @@ init_key_ctx (struct key_ctx *ctx, struc
|
--- openvpn-2.3.14.orig/src/openvpn/crypto.c
|
||||||
|
+++ openvpn-2.3.14/src/openvpn/crypto.c
|
||||||
|
@@ -505,7 +505,7 @@ init_key_ctx (struct key_ctx *ctx, struc
|
||||||
if (kt->digest && kt->hmac_length > 0)
|
if (kt->digest && kt->hmac_length > 0)
|
||||||
{
|
{
|
||||||
ALLOC_OBJ(ctx->hmac, hmac_ctx_t);
|
ALLOC_OBJ(ctx->hmac, hmac_ctx_t);
|
||||||
@ -24,7 +28,7 @@
|
|||||||
|
|
||||||
msg (D_HANDSHAKE,
|
msg (D_HANDSHAKE,
|
||||||
"%s: Using %d bit message hash '%s' for HMAC authentication",
|
"%s: Using %d bit message hash '%s' for HMAC authentication",
|
||||||
@@ -1409,61 +1409,61 @@ free_ssl_lib (void)
|
@@ -1421,61 +1421,61 @@ free_ssl_lib (void)
|
||||||
#endif /* ENABLE_SSL */
|
#endif /* ENABLE_SSL */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -102,9 +106,11 @@
|
|||||||
}
|
}
|
||||||
|
|
||||||
#endif /* ENABLE_CRYPTO */
|
#endif /* ENABLE_CRYPTO */
|
||||||
--- openvpn-2.3.2/src/openvpn/crypto.h
|
Index: openvpn-2.3.14/src/openvpn/crypto.h
|
||||||
+++ openvpn-2.3.2/src/openvpn/crypto.h 2015/02/19 09:15:02
|
===================================================================
|
||||||
@@ -364,24 +364,24 @@ void free_ssl_lib (void);
|
--- openvpn-2.3.14.orig/src/openvpn/crypto.h
|
||||||
|
+++ openvpn-2.3.14/src/openvpn/crypto.h
|
||||||
|
@@ -430,24 +430,24 @@ void free_ssl_lib (void);
|
||||||
#endif /* ENABLE_SSL */
|
#endif /* ENABLE_SSL */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -140,9 +146,11 @@
|
|||||||
|
|
||||||
/*
|
/*
|
||||||
* Inline functions
|
* Inline functions
|
||||||
--- openvpn-2.3.2/src/openvpn/crypto_openssl.c
|
Index: openvpn-2.3.14/src/openvpn/crypto_openssl.c
|
||||||
+++ openvpn-2.3.2/src/openvpn/crypto_openssl.c 2015/02/19 09:15:02
|
===================================================================
|
||||||
@@ -719,13 +719,17 @@ md_ctx_final (EVP_MD_CTX *ctx, uint8_t *
|
--- openvpn-2.3.14.orig/src/openvpn/crypto_openssl.c
|
||||||
|
+++ openvpn-2.3.14/src/openvpn/crypto_openssl.c
|
||||||
|
@@ -829,13 +829,17 @@ md_ctx_final (EVP_MD_CTX *ctx, uint8_t *
|
||||||
|
|
||||||
void
|
void
|
||||||
hmac_ctx_init (HMAC_CTX *ctx, const uint8_t *key, int key_len,
|
hmac_ctx_init (HMAC_CTX *ctx, const uint8_t *key, int key_len,
|
||||||
@ -161,8 +169,10 @@
|
|||||||
HMAC_Init_ex (ctx, key, key_len, kt, NULL);
|
HMAC_Init_ex (ctx, key, key_len, kt, NULL);
|
||||||
|
|
||||||
/* make sure we used a big enough key */
|
/* make sure we used a big enough key */
|
||||||
--- openvpn-2.3.2/src/openvpn/crypto_openssl.h
|
Index: openvpn-2.3.14/src/openvpn/crypto_openssl.h
|
||||||
+++ openvpn-2.3.2/src/openvpn/crypto_openssl.h 2015/02/19 09:15:02
|
===================================================================
|
||||||
|
--- openvpn-2.3.14.orig/src/openvpn/crypto_openssl.h
|
||||||
|
+++ openvpn-2.3.14/src/openvpn/crypto_openssl.h
|
||||||
@@ -33,6 +33,7 @@
|
@@ -33,6 +33,7 @@
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
#include <openssl/hmac.h>
|
#include <openssl/hmac.h>
|
||||||
@ -171,9 +181,11 @@
|
|||||||
|
|
||||||
/** Generic cipher key type %context. */
|
/** Generic cipher key type %context. */
|
||||||
typedef EVP_CIPHER cipher_kt_t;
|
typedef EVP_CIPHER cipher_kt_t;
|
||||||
--- openvpn-2.3.2/src/openvpn/crypto_polarssl.c
|
Index: openvpn-2.3.14/src/openvpn/crypto_polarssl.c
|
||||||
+++ openvpn-2.3.2/src/openvpn/crypto_polarssl.c 2015/02/19 09:15:02
|
===================================================================
|
||||||
@@ -608,7 +608,7 @@ md_ctx_final (md_context_t *ctx, uint8_t
|
--- openvpn-2.3.14.orig/src/openvpn/crypto_polarssl.c
|
||||||
|
+++ openvpn-2.3.14/src/openvpn/crypto_polarssl.c
|
||||||
|
@@ -695,7 +695,7 @@ md_ctx_final (md_context_t *ctx, uint8_t
|
||||||
* TODO: re-enable dmsg for crypto debug
|
* TODO: re-enable dmsg for crypto debug
|
||||||
*/
|
*/
|
||||||
void
|
void
|
||||||
@ -182,9 +194,11 @@
|
|||||||
{
|
{
|
||||||
ASSERT(NULL != kt && NULL != ctx);
|
ASSERT(NULL != kt && NULL != ctx);
|
||||||
|
|
||||||
--- openvpn-2.3.2/src/openvpn/init.c
|
Index: openvpn-2.3.14/src/openvpn/init.c
|
||||||
+++ openvpn-2.3.2/src/openvpn/init.c 2015/02/19 09:15:02
|
===================================================================
|
||||||
@@ -1352,12 +1352,12 @@ do_route (const struct options *options,
|
--- openvpn-2.3.14.orig/src/openvpn/init.c
|
||||||
|
+++ openvpn-2.3.14/src/openvpn/init.c
|
||||||
|
@@ -1360,12 +1360,12 @@ do_route (const struct options *options,
|
||||||
*/
|
*/
|
||||||
#if P2MP
|
#if P2MP
|
||||||
static void
|
static void
|
||||||
@ -199,7 +213,7 @@
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@@ -1649,8 +1649,8 @@ do_up (struct context *c, bool pulled_op
|
@@ -1713,8 +1713,8 @@ do_up (struct context *c, bool pulled_op
|
||||||
if (!c->c2.did_open_tun
|
if (!c->c2.did_open_tun
|
||||||
&& PULL_DEFINED (&c->options)
|
&& PULL_DEFINED (&c->options)
|
||||||
&& c->c1.tuntap
|
&& c->c1.tuntap
|
||||||
@ -210,7 +224,7 @@
|
|||||||
{
|
{
|
||||||
/* if so, close tun, delete routes, then reinitialize tun and add routes */
|
/* if so, close tun, delete routes, then reinitialize tun and add routes */
|
||||||
msg (M_INFO, "NOTE: Pulled options changed on restart, will need to close and reopen TUN/TAP device.");
|
msg (M_INFO, "NOTE: Pulled options changed on restart, will need to close and reopen TUN/TAP device.");
|
||||||
@@ -2697,11 +2697,11 @@ do_compute_occ_strings (struct context *
|
@@ -2792,11 +2792,11 @@ do_compute_occ_strings (struct context *
|
||||||
#ifdef ENABLE_CRYPTO
|
#ifdef ENABLE_CRYPTO
|
||||||
msg (D_SHOW_OCC_HASH, "Local Options hash (VER=%s): '%s'",
|
msg (D_SHOW_OCC_HASH, "Local Options hash (VER=%s): '%s'",
|
||||||
options_string_version (c->c2.options_string_local, &gc),
|
options_string_version (c->c2.options_string_local, &gc),
|
||||||
@ -224,8 +238,10 @@
|
|||||||
strlen (c->c2.options_string_remote), 9, &gc));
|
strlen (c->c2.options_string_remote), 9, &gc));
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
--- openvpn-2.3.2/src/openvpn/ntlm.c
|
Index: openvpn-2.3.14/src/openvpn/ntlm.c
|
||||||
+++ openvpn-2.3.2/src/openvpn/ntlm.c 2015/02/19 09:15:02
|
===================================================================
|
||||||
|
--- openvpn-2.3.14.orig/src/openvpn/ntlm.c
|
||||||
|
+++ openvpn-2.3.14/src/openvpn/ntlm.c
|
||||||
@@ -90,7 +90,7 @@ gen_hmac_md5 (const char* data, int data
|
@@ -90,7 +90,7 @@ gen_hmac_md5 (const char* data, int data
|
||||||
hmac_ctx_t hmac_ctx;
|
hmac_ctx_t hmac_ctx;
|
||||||
CLEAR(hmac_ctx);
|
CLEAR(hmac_ctx);
|
||||||
@ -235,9 +251,11 @@
|
|||||||
hmac_ctx_update(&hmac_ctx, (const unsigned char *)data, data_len);
|
hmac_ctx_update(&hmac_ctx, (const unsigned char *)data, data_len);
|
||||||
hmac_ctx_final(&hmac_ctx, (unsigned char *)result);
|
hmac_ctx_final(&hmac_ctx, (unsigned char *)result);
|
||||||
hmac_ctx_cleanup(&hmac_ctx);
|
hmac_ctx_cleanup(&hmac_ctx);
|
||||||
--- openvpn-2.3.2/src/openvpn/openvpn.h
|
Index: openvpn-2.3.14/src/openvpn/openvpn.h
|
||||||
+++ openvpn-2.3.2/src/openvpn/openvpn.h 2015/02/19 09:15:02
|
===================================================================
|
||||||
@@ -206,7 +206,7 @@ struct context_1
|
--- openvpn-2.3.14.orig/src/openvpn/openvpn.h
|
||||||
|
+++ openvpn-2.3.14/src/openvpn/openvpn.h
|
||||||
|
@@ -205,7 +205,7 @@ struct context_1
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* if client mode, hash of option strings we pulled from server */
|
/* if client mode, hash of option strings we pulled from server */
|
||||||
@ -246,7 +264,7 @@
|
|||||||
/**< Hash of option strings received from the
|
/**< Hash of option strings received from the
|
||||||
* remote OpenVPN server. Only used in
|
* remote OpenVPN server. Only used in
|
||||||
* client-mode. */
|
* client-mode. */
|
||||||
@@ -474,9 +474,9 @@ struct context_2
|
@@ -473,9 +473,9 @@ struct context_2
|
||||||
bool did_pre_pull_restore;
|
bool did_pre_pull_restore;
|
||||||
|
|
||||||
/* hash of pulled options, so we can compare when options change */
|
/* hash of pulled options, so we can compare when options change */
|
||||||
@ -259,9 +277,11 @@
|
|||||||
|
|
||||||
struct event_timeout server_poll_interval;
|
struct event_timeout server_poll_interval;
|
||||||
|
|
||||||
--- openvpn-2.3.2/src/openvpn/options.c
|
Index: openvpn-2.3.14/src/openvpn/options.c
|
||||||
+++ openvpn-2.3.2/src/openvpn/options.c 2015/02/19 09:15:10
|
===================================================================
|
||||||
@@ -828,6 +828,10 @@ init_options (struct options *o, const b
|
--- openvpn-2.3.14.orig/src/openvpn/options.c
|
||||||
|
+++ openvpn-2.3.14/src/openvpn/options.c
|
||||||
|
@@ -835,6 +835,10 @@ init_options (struct options *o, const b
|
||||||
#endif
|
#endif
|
||||||
#ifdef ENABLE_CRYPTO
|
#ifdef ENABLE_CRYPTO
|
||||||
o->ciphername = "BF-CBC";
|
o->ciphername = "BF-CBC";
|
||||||
@ -272,9 +292,11 @@
|
|||||||
o->ciphername_defined = true;
|
o->ciphername_defined = true;
|
||||||
o->authname = "SHA1";
|
o->authname = "SHA1";
|
||||||
o->authname_defined = true;
|
o->authname_defined = true;
|
||||||
--- openvpn-2.3.13.orig/src/openvpn/push.c
|
Index: openvpn-2.3.14/src/openvpn/push.c
|
||||||
+++ openvpn-2.3.13/src/openvpn/push.c 2016-12-03 22:57:58.198398996 +0100
|
===================================================================
|
||||||
@@ -408,7 +408,7 @@
|
--- openvpn-2.3.14.orig/src/openvpn/push.c
|
||||||
|
+++ openvpn-2.3.14/src/openvpn/push.c
|
||||||
|
@@ -408,7 +408,7 @@ push_reset (struct options *o)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
static void
|
static void
|
||||||
@ -283,7 +305,7 @@
|
|||||||
{
|
{
|
||||||
char line[OPTION_PARM_SIZE];
|
char line[OPTION_PARM_SIZE];
|
||||||
while (buf_parse (buf, ',', line, sizeof (line)))
|
while (buf_parse (buf, ',', line, sizeof (line)))
|
||||||
@@ -416,7 +416,7 @@
|
@@ -416,7 +416,7 @@ push_update_digest(struct md5_state *ctx
|
||||||
/* peer-id might change on restart and this should not trigger reopening tun */
|
/* peer-id might change on restart and this should not trigger reopening tun */
|
||||||
if (strstr (line, "peer-id ") != line)
|
if (strstr (line, "peer-id ") != line)
|
||||||
{
|
{
|
||||||
@ -292,7 +314,7 @@
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -472,10 +472,10 @@
|
@@ -472,10 +472,10 @@ process_incoming_push_msg (struct contex
|
||||||
if (ch == ',')
|
if (ch == ',')
|
||||||
{
|
{
|
||||||
struct buffer buf_orig = buf;
|
struct buffer buf_orig = buf;
|
||||||
@ -306,7 +328,7 @@
|
|||||||
}
|
}
|
||||||
if (!c->c2.did_pre_pull_restore)
|
if (!c->c2.did_pre_pull_restore)
|
||||||
{
|
{
|
||||||
@@ -493,8 +493,8 @@
|
@@ -493,8 +493,8 @@ process_incoming_push_msg (struct contex
|
||||||
{
|
{
|
||||||
case 0:
|
case 0:
|
||||||
case 1:
|
case 1:
|
||||||
@ -317,9 +339,11 @@
|
|||||||
ret = PUSH_MSG_REPLY;
|
ret = PUSH_MSG_REPLY;
|
||||||
break;
|
break;
|
||||||
case 2:
|
case 2:
|
||||||
--- openvpn-2.3.2/src/openvpn/ssl.c
|
Index: openvpn-2.3.14/src/openvpn/ssl.c
|
||||||
+++ openvpn-2.3.2/src/openvpn/ssl.c 2015/02/19 09:15:02
|
===================================================================
|
||||||
@@ -1342,8 +1342,8 @@ tls1_P_hash(const md_kt_t *md_kt,
|
--- openvpn-2.3.14.orig/src/openvpn/ssl.c
|
||||||
|
+++ openvpn-2.3.14/src/openvpn/ssl.c
|
||||||
|
@@ -1396,8 +1396,8 @@ tls1_P_hash(const md_kt_t *md_kt,
|
||||||
chunk = md_kt_size(md_kt);
|
chunk = md_kt_size(md_kt);
|
||||||
A1_len = md_kt_size(md_kt);
|
A1_len = md_kt_size(md_kt);
|
||||||
|
|
||||||
|
@ -1 +1 @@
|
|||||||
D /var/run/openvpn 0750 root root -
|
D /run/openvpn 0750 root root -
|
||||||
|
@ -1,3 +1,37 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Sun Jan 22 15:21:17 UTC 2017 - mrueckert@suse.de
|
||||||
|
|
||||||
|
- silence warning about %{_rundir}/openvpn
|
||||||
|
- for non systemd case: just package the %{_rundir}/openvpn in
|
||||||
|
the package
|
||||||
|
- for systemd case: call systemd-tmpfiles and own the dir as
|
||||||
|
%ghost in the filelist
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Sun Jan 22 14:51:44 UTC 2017 - mrueckert@suse.de
|
||||||
|
|
||||||
|
- refreshed patches to apply cleanly again
|
||||||
|
openvpn-2.3-plugin-man.dif
|
||||||
|
openvpn-fips140-2.3.2.patch
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Sun Jan 22 14:47:39 UTC 2017 - mrueckert@suse.de
|
||||||
|
|
||||||
|
- update to 2.3.14
|
||||||
|
- update year in copyright message
|
||||||
|
- Document the --auth-token option
|
||||||
|
- Repair topology subnet on FreeBSD 11
|
||||||
|
- Repair topology subnet on OpenBSD
|
||||||
|
- Drop recursively routed packets
|
||||||
|
- Support --block-outside-dns on multiple tunnels
|
||||||
|
- When parsing '--setenv opt xx ..' make sure a third parameter
|
||||||
|
is present
|
||||||
|
- Map restart signals from event loop to SIGTERM during
|
||||||
|
exit-notification wait
|
||||||
|
- Correctly state the default dhcp server address in man page
|
||||||
|
- Clean up format_hex_ex()
|
||||||
|
- enabled pkcs11 support
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Sat Dec 3 21:26:52 UTC 2016 - michael@stroeder.com
|
Sat Dec 3 21:26:52 UTC 2016 - michael@stroeder.com
|
||||||
|
|
||||||
|
10
openvpn.spec
10
openvpn.spec
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package openvpn
|
# spec file for package openvpn
|
||||||
#
|
#
|
||||||
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
|
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
@ -32,7 +32,7 @@ Url: http://openvpn.net/
|
|||||||
%else
|
%else
|
||||||
PreReq: %insserv_prereq %fillup_prereq
|
PreReq: %insserv_prereq %fillup_prereq
|
||||||
%endif
|
%endif
|
||||||
Version: 2.3.13
|
Version: 2.3.14
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: Full-featured SSL VPN solution using a TUN/TAP Interface
|
Summary: Full-featured SSL VPN solution using a TUN/TAP Interface
|
||||||
License: SUSE-GPL-2.0-with-openssl-exception and LGPL-2.1
|
License: SUSE-GPL-2.0-with-openssl-exception and LGPL-2.1
|
||||||
@ -154,6 +154,7 @@ export LDFLAGS
|
|||||||
--enable-iproute2 \
|
--enable-iproute2 \
|
||||||
--enable-x509-alt-username \
|
--enable-x509-alt-username \
|
||||||
--enable-password-save \
|
--enable-password-save \
|
||||||
|
--enable-pkcs11 \
|
||||||
%if %{with_systemd}
|
%if %{with_systemd}
|
||||||
--enable-systemd \
|
--enable-systemd \
|
||||||
%endif
|
%endif
|
||||||
@ -194,8 +195,8 @@ rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/{OpenVPN,%name}
|
|||||||
find sample -name .gitignore | xargs rm -f
|
find sample -name .gitignore | xargs rm -f
|
||||||
|
|
||||||
%post
|
%post
|
||||||
%__mkdir_p -m750 %{_rundir}/openvpn
|
|
||||||
%if %{with_systemd}
|
%if %{with_systemd}
|
||||||
|
systemd-tmpfiles --create /usr/lib/tmpfiles.d/%{name}.conf ||:
|
||||||
%service_add_post %{name}.target
|
%service_add_post %{name}.target
|
||||||
# try to migrate openvpn.service autostart to openvpn@<CONF>.service
|
# try to migrate openvpn.service autostart to openvpn@<CONF>.service
|
||||||
if test ${FIRST_ARG:-$1} -ge 1 -a \
|
if test ${FIRST_ARG:-$1} -ge 1 -a \
|
||||||
@ -265,13 +266,14 @@ rm -f /etc/sysconfig/openvpn || :
|
|||||||
%{_unitdir}/%{name}@.service
|
%{_unitdir}/%{name}@.service
|
||||||
%{_unitdir}/%{name}.target
|
%{_unitdir}/%{name}.target
|
||||||
%{_libexecdir}/tmpfiles.d/%{name}.conf
|
%{_libexecdir}/tmpfiles.d/%{name}.conf
|
||||||
|
%dir %attr(0750,root,root) %ghost %{_rundir}/openvpn/
|
||||||
%else
|
%else
|
||||||
%config %{_sysconfdir}/init.d/openvpn
|
%config %{_sysconfdir}/init.d/openvpn
|
||||||
/var/adm/fillup-templates/sysconfig.openvpn
|
/var/adm/fillup-templates/sysconfig.openvpn
|
||||||
|
%dir %attr(750,root,root) %{_rundir}/openvpn/
|
||||||
%endif
|
%endif
|
||||||
%{_sbindir}/rcopenvpn
|
%{_sbindir}/rcopenvpn
|
||||||
%{_sbindir}/openvpn
|
%{_sbindir}/openvpn
|
||||||
%attr(0750,root,root) %dir %ghost %{_rundir}/openvpn
|
|
||||||
|
|
||||||
%files down-root-plugin
|
%files down-root-plugin
|
||||||
%defattr(-,root,root)
|
%defattr(-,root,root)
|
||||||
|
Loading…
Reference in New Issue
Block a user