rpm/ocserv
SHA256
1
0
Fork 0
forked from pool/ocserv
Code Pull Requests Activity

Accepting request 580000 from home:MargueriteSu:branches:network:vpn

Browse Source 
- update version 0.11.10
  * see NEWS
- drop boo1021353-ocserv-doc-racing-in-parallel-build.patch
  * upstreamed
- add ocserv-LZ4_compress_default.patch
  * leap doesn't have LZ4_compress_default

OBS-URL: https://build.opensuse.org/request/show/580000
OBS-URL: https://build.opensuse.org/package/show/network:vpn/ocserv?expand=0&rev=13
This commit is contained in:
Marguerite Su 2018-02-26 02:10:00 +00:00 committed by Git OBS Bridge
parent 6ca2389310
commit 99d43d9130
7 changed files with 49 additions and 536 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

513
boo1021353-ocserv-doc-racing-in-parallel-build.patch
View File

@ -1,513 +0,0 @@
Index: b/doc/Makefile.am
===================================================================
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -10,12 +10,12 @@ ocserv.8: ../src/ocserv-args.def
@AUTOGEN@ -L../src -DMAN_SECTION=8 -Tagman-cmd.tpl "$<".tmp && \
rm -f "$<".tmp
-occtl.8: ../src/occtl/args.def
+occtl.8: ../src/occtl/occtl-args.def
-$(SED) 's/@subheading \(.*\)/@*\n@var{\1}\n@*/' $< > "$<".tmp && \
@AUTOGEN@ -L../src -DMAN_SECTION=8 -Tagman-cmd.tpl "$<".tmp && \
rm -f "$<".tmp
-ocpasswd.8: ../src/ocpasswd/args.def
+ocpasswd.8: ../src/ocpasswd/ocpasswd-args.def
-$(SED) 's/@subheading \(.*\)/@*\n@var{\1}\n@*/' $< > "$<".tmp && \
@AUTOGEN@ -L../src -DMAN_SECTION=8 -Tagman-cmd.tpl "$<".tmp && \
rm -f "$<".tmp
Index: b/src/occtl/Makefile.am
===================================================================
--- a/src/occtl/Makefile.am
+++ b/src/occtl/Makefile.am
@@ -5,7 +5,7 @@ AM_CPPFLAGS += -I$(srcdir)/../../gl/ -I$
$(LIBNL3_CFLAGS) $(LIBPROTOBUF_C_CFLAGS) $(LIBTALLOC_CFLAGS) \
-I$(srcdir)/../common/ -I$(builddir)/../common/ $(CODE_COVERAGE_CFLAGS)
-EXTRA_DIST = args.def
+EXTRA_DIST = occtl-args.def
bin_PROGRAMS = occtl
Index: b/src/occtl/args.def
===================================================================
--- a/src/occtl/args.def
+++ /dev/null
@@ -1,105 +0,0 @@
-AutoGen Definitions options;
-prog-name = occtl;
-prog-title = "OpenConnect VPN server control";
-prog-desc = "OpenConnect VPN server control.";
-disable-save;
-no-xlate = opt;
-gnu-usage;
-config-header = config.h;
-long-opts;
-no-misuse-usage;
-short-usage = "Usage: occtl [options] [command]\nocctl --help for usage instructions.\n";
-explain = "";
-#include ../version.inc
-
-detail = "Openconnect VPN server control (occtl) is a tool to control
-the ocserv VPN server.";
-
-copyright = {
- date = "2014-2016";
- owner = "Red Hat";
- author = "Nikos Mavrogiannopoulos";
- eaddr = "openconnect-devel@lists.infradead.org";
- type = gplv2;
-};
-
-help-value = h;
-
-flag = {
- name = socket-file;
- value = s;
- arg-type = file;
- descrip = "Specify the server's occtl socket file";
- doc = "This option is only needed if you have multiple servers.";
-};
-
-flag = {
- name = json;
- value = j;
- descrip = "Output will be JSON formatted";
- doc = "This option can only be used with non-interactive output, e.g., 'occtl --json show users'.";
-};
-
-flag = {
- name = no-pager;
- value = n;
- descrip = "No pager will be used over output data";
- doc = "";
-};
-
-
-doc-section = {
- ds-type = 'SYNOPSIS';
- ds-format = 'texi';
- ds-text = <<-_EOT_
-Openconnect VPN server control (occtl) is a tool to control
-the ocserv VPN server.
-_EOT_;
-};
-
-doc-section = {
- ds-type = 'DESCRIPTION';
- ds-format = 'texi';
- ds-text = <<-_EOT_
-This a control tool that can be used to send commands to ocserv. When
-called without any arguments the tool can be used interactively, where
-each command is entered on a command prompt; alternatively the tool
-can be called with the command specified as parameter. In the latter
-case the tool's exit code will reflect the successful execution of
-the command.
-_EOT_;
-};
-
-doc-section = {
- ds-type = 'EXAMPLES';
- ds-format = 'texi';
- ds-text = <<-_EOT_
-The tool can be run interactively when run with no arguments. When
-arguments are given they are interpreted as commands. For example:
-@example
-$ occtl show users
-@end example
-
-Any command line arguments to be used as options must preceed the
-command (if any), as shown below.
-@example
-$ occtl --json show users
-@end example
-_EOT_;
-};
-
-doc-section = {
- ds-type = 'IMPLEMENTATION NOTES';
- ds-format = 'texi';
- ds-text = <<-_EOT_
-This tool uses unix domain sockets to connect to ocserv.
-_EOT_;
-};
-
-doc-section = {
- ds-type = 'SEE ALSO';
- ds-format = 'man';
- ds-text = <<-_EOText_
-ocserv(8)
-_EOText_;
-};
Index: b/src/occtl/occtl-args.def
===================================================================
--- /dev/null
+++ b/src/occtl/occtl-args.def
@@ -0,0 +1,105 @@
+AutoGen Definitions options;
+prog-name = occtl;
+prog-title = "OpenConnect VPN server control";
+prog-desc = "OpenConnect VPN server control.";
+disable-save;
+no-xlate = opt;
+gnu-usage;
+config-header = config.h;
+long-opts;
+no-misuse-usage;
+short-usage = "Usage: occtl [options] [command]\nocctl --help for usage instructions.\n";
+explain = "";
+#include ../version.inc
+
+detail = "Openconnect VPN server control (occtl) is a tool to control
+the ocserv VPN server.";
+
+copyright = {
+ date = "2014-2016";
+ owner = "Red Hat";
+ author = "Nikos Mavrogiannopoulos";
+ eaddr = "openconnect-devel@lists.infradead.org";
+ type = gplv2;
+};
+
+help-value = h;
+
+flag = {
+ name = socket-file;
+ value = s;
+ arg-type = file;
+ descrip = "Specify the server's occtl socket file";
+ doc = "This option is only needed if you have multiple servers.";
+};
+
+flag = {
+ name = json;
+ value = j;
+ descrip = "Output will be JSON formatted";
+ doc = "This option can only be used with non-interactive output, e.g., 'occtl --json show users'.";
+};
+
+flag = {
+ name = no-pager;
+ value = n;
+ descrip = "No pager will be used over output data";
+ doc = "";
+};
+
+
+doc-section = {
+ ds-type = 'SYNOPSIS';
+ ds-format = 'texi';
+ ds-text = <<-_EOT_
+Openconnect VPN server control (occtl) is a tool to control
+the ocserv VPN server.
+_EOT_;
+};
+
+doc-section = {
+ ds-type = 'DESCRIPTION';
+ ds-format = 'texi';
+ ds-text = <<-_EOT_
+This a control tool that can be used to send commands to ocserv. When
+called without any arguments the tool can be used interactively, where
+each command is entered on a command prompt; alternatively the tool
+can be called with the command specified as parameter. In the latter
+case the tool's exit code will reflect the successful execution of
+the command.
+_EOT_;
+};
+
+doc-section = {
+ ds-type = 'EXAMPLES';
+ ds-format = 'texi';
+ ds-text = <<-_EOT_
+The tool can be run interactively when run with no arguments. When
+arguments are given they are interpreted as commands. For example:
+@example
+$ occtl show users
+@end example
+
+Any command line arguments to be used as options must preceed the
+command (if any), as shown below.
+@example
+$ occtl --json show users
+@end example
+_EOT_;
+};
+
+doc-section = {
+ ds-type = 'IMPLEMENTATION NOTES';
+ ds-format = 'texi';
+ ds-text = <<-_EOT_
+This tool uses unix domain sockets to connect to ocserv.
+_EOT_;
+};
+
+doc-section = {
+ ds-type = 'SEE ALSO';
+ ds-format = 'man';
+ ds-text = <<-_EOText_
+ocserv(8)
+_EOText_;
+};
Index: b/src/ocpasswd/Makefile.am
===================================================================
--- a/src/ocpasswd/Makefile.am
+++ b/src/ocpasswd/Makefile.am
@@ -6,21 +6,21 @@ AM_CPPFLAGS += -I$(srcdir)/../../gl/ -I$
$(CODE_COVERAGE_CFLAGS) $(LIBGNUTLS_CFLAGS)
-EXTRA_DIST = args.def
+EXTRA_DIST = ocpasswd-args.def
BUILT_SOURCES = args.c args.h
bin_PROGRAMS = ocpasswd
noinst_LIBRARIES = libcmd-ocpasswd.a
-libcmd_ocpasswd_a_SOURCES = args.def args.c args.h
+libcmd_ocpasswd_a_SOURCES = ocpasswd-args.def args.c args.h
ocpasswd_SOURCES = ocpasswd.c
ocpasswd_LDADD = ../../gl/libgnu.a $(NEEDED_LIBOPTS) libcmd-ocpasswd.a
ocpasswd_LDADD += $(LIBGNUTLS_LIBS) $(LIBCRYPT) $(CODE_COVERAGE_LDFLAGS) \
$(LIBNETTLE_LIBS)
-args.c: $(srcdir)/args.def $(builddir)/../version.inc
+args.c: $(srcdir)/ocpasswd-args.def $(builddir)/../version.inc
if test "$(AUTOGEN)" = ":";then \
rm -f $(builddir)/args.c; \
rm -f $(builddir)/args.h; \
Index: b/src/ocpasswd/args.def
===================================================================
--- a/src/ocpasswd/args.def
+++ /dev/null
@@ -1,111 +0,0 @@
-AutoGen Definitions options;
-prog-name = ocpasswd;
-prog-title = "OpenConnect server password utility";
-prog-desc = "OpenConnect VPN server plain password file handling program.";
-disable-save;
-no-xlate = opt;
-gnu-usage;
-config-header = config.h;
-long-opts;
-no-misuse-usage;
-short-usage = "Usage: ocpasswd -c [passwd] [options] username\nocpasswd --help for usage instructions.\n";
-explain = "";
-reorder-args;
-argument = "[username]";
-#include ../version.inc
-
-detail = "This program is openconnect password (ocpasswd) utility. It allows the generation
-and handling of a 'plain' password file used by ocserv.";
-
-copyright = {
- date = "2013-2016";
- owner = "Nikos Mavrogiannopoulos";
- author = "Nikos Mavrogiannopoulos";
- eaddr = "openconnect-devel@lists.infradead.org";
- type = gplv2;
-};
-
-flag = {
- name = passwd;
- value = c;
- arg-type = file;
- descrip = "Password file";
- doc = "";
-};
-
-flag = {
- name = groupname;
- value = g;
- arg-type = string;
- descrip = "User's group name";
- doc = "";
-};
-
-flag = {
- name = delete;
- value = d;
- descrip = "Delete user";
- doc = "Removes the specified user from the password file";
-};
-
-flag = {
- name = lock;
- value = l;
- descrip = "Lock user";
- doc = "Prevents the specified user from logging in";
-};
-
-flag = {
- name = unlock;
- value = u;
- descrip = "Unlock user";
- doc = "Re-enables login for the specified user";
-};
-
-help-value = h;
-
-
-doc-section = {
- ds-type = 'FILES';
- ds-format = 'texi';
- ds-text = <<-_EOT_
-@subheading Password file format
-The password format of ocpasswd is as follows.
-
-@example
-username:groupname:encoded-password
-@end example
-
-The crypt(3) encoding is used for the encoded-password.
-
-_EOT_;
-};
-
-doc-section = {
- ds-type = 'EXAMPLES';
- ds-format = 'texi';
- ds-text = <<-_EOT_
-@subheading Adding a user
-@example
-$ ocpasswd -c ocpasswd my_username
-@end example
-
-@subheading Locking a user
-@example
-$ ocpasswd -c ocpasswd -l my_username
-@end example
-
-@subheading Unlocking a user
-@example
-$ ocpasswd -c ocpasswd -u my_username
-@end example
-_EOT_;
-};
-
-doc-section = {
- ds-type = 'SEE ALSO';
- ds-format = 'man';
- ds-text = <<-_EOText_
-ocserv(8), occtl(8)
-_EOText_;
-};
Index: b/src/ocpasswd/ocpasswd-args.def
===================================================================
--- /dev/null
+++ b/src/ocpasswd/ocpasswd-args.def
@@ -0,0 +1,111 @@
+AutoGen Definitions options;
+prog-name = ocpasswd;
+prog-title = "OpenConnect server password utility";
+prog-desc = "OpenConnect VPN server plain password file handling program.";
+disable-save;
+no-xlate = opt;
+gnu-usage;
+config-header = config.h;
+long-opts;
+no-misuse-usage;
+short-usage = "Usage: ocpasswd -c [passwd] [options] username\nocpasswd --help for usage instructions.\n";
+explain = "";
+reorder-args;
+argument = "[username]";
+#include ../version.inc
+
+detail = "This program is openconnect password (ocpasswd) utility. It allows the generation
+and handling of a 'plain' password file used by ocserv.";
+
+copyright = {
+ date = "2013-2016";
+ owner = "Nikos Mavrogiannopoulos";
+ author = "Nikos Mavrogiannopoulos";
+ eaddr = "openconnect-devel@lists.infradead.org";
+ type = gplv2;
+};
+
+flag = {
+ name = passwd;
+ value = c;
+ arg-type = file;
+ descrip = "Password file";
+ doc = "";
+};
+
+flag = {
+ name = groupname;
+ value = g;
+ arg-type = string;
+ descrip = "User's group name";
+ doc = "";
+};
+
+flag = {
+ name = delete;
+ value = d;
+ descrip = "Delete user";
+ doc = "Removes the specified user from the password file";
+};
+
+flag = {
+ name = lock;
+ value = l;
+ descrip = "Lock user";
+ doc = "Prevents the specified user from logging in";
+};
+
+flag = {
+ name = unlock;
+ value = u;
+ descrip = "Unlock user";
+ doc = "Re-enables login for the specified user";
+};
+
+help-value = h;
+
+
+doc-section = {
+ ds-type = 'FILES';
+ ds-format = 'texi';
+ ds-text = <<-_EOT_
+@subheading Password file format
+The password format of ocpasswd is as follows.
+
+@example
+username:groupname:encoded-password
+@end example
+
+The crypt(3) encoding is used for the encoded-password.
+
+_EOT_;
+};
+
+doc-section = {
+ ds-type = 'EXAMPLES';
+ ds-format = 'texi';
+ ds-text = <<-_EOT_
+@subheading Adding a user
+@example
+$ ocpasswd -c ocpasswd my_username
+@end example
+
+@subheading Locking a user
+@example
+$ ocpasswd -c ocpasswd -l my_username
+@end example
+
+@subheading Unlocking a user
+@example
+$ ocpasswd -c ocpasswd -u my_username
+@end example
+_EOT_;
+};
+
+doc-section = {
+ ds-type = 'SEE ALSO';
+ ds-format = 'man';
+ ds-text = <<-_EOText_
+ocserv(8), occtl(8)
+_EOText_;
+};

3
ocserv-0.11.10.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:52c821dcd234a8f0d61f440ce3c80d0b23051d7fbd74c6d47dc2b884ae25966a
size 784420

3
ocserv-0.11.6.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:93203b344644f1a97ae7ca3cf08853c3f9793a1555e85366e16c425b8d65151e
size 567552

16
ocserv-LZ4_compress_default.patch Normal file
View File

@ -0,0 +1,16 @@
Index: ocserv-0.11.10/src/worker-http.c
===================================================================
--- ocserv-0.11.10.orig/src/worker-http.c
+++ ocserv-0.11.10/src/worker-http.c
@@ -137,7 +137,11 @@ int lz4_compress(void *dst, int dstlen,
{
/* we intentionally restrict output to srclen so that
* compression fails early for packets that expand. */
+#ifdef LZ4_COMPRESS_DEFAULT
return LZ4_compress_default(src, dst, srclen, srclen);
+#else
+ return LZ4_compress_limitedOutput(src, dst, srclen, srclen);
+#endif
}
#endif

10
ocserv.changes
View File

@ -1,3 +1,13 @@
-------------------------------------------------------------------
Sat Feb 24 05:43:55 UTC 2018 - i@marguerite.su
- update version 0.11.10
* see NEWS
- drop boo1021353-ocserv-doc-racing-in-parallel-build.patch
* upstreamed
- add ocserv-LZ4_compress_default.patch
* leap doesn't have LZ4_compress_default
-------------------------------------------------------------------
Thu May 11 08:35:51 UTC 2017 - dimstar@opensuse.org

32
ocserv.config.patch
View File

@ -1,8 +1,8 @@
Index: b/doc/sample.config
Index: ocserv-0.11.10/doc/sample.config
===================================================================
--- a/doc/sample.config
+++ b/doc/sample.config
@@ -41,7 +41,7 @@
--- ocserv-0.11.10.orig/doc/sample.config
+++ ocserv-0.11.10/doc/sample.config
@@ -47,7 +47,7 @@
#auth = "pam"
#auth = "pam[gid-min=1000]"
#auth = "plain[passwd=./sample.passwd,otp=./sample.otp]"
@ -11,7 +11,7 @@ Index: b/doc/sample.config
#auth = "certificate"
#auth = "radius[config=/etc/radiusclient/radiusclient.conf,groupconfig=true]"
@@ -74,8 +74,8 @@ auth = "plain[passwd=./sample.passwd]"
@@ -80,8 +80,8 @@ auth = "plain[passwd=./sample.passwd]"
#listen-host-is-dyndns = true
# TCP and UDP port number
@ -22,7 +22,7 @@ Index: b/doc/sample.config
# Accept connections using a socket file. It accepts HTTP
# connections (i.e., without SSL/TLS unlike its TCP counterpart),
@@ -110,8 +110,8 @@ socket-file = /var/run/ocserv-socket
@@ -124,8 +124,8 @@ socket-file = /var/run/ocserv-socket
#
# There may be multiple server-cert and server-key directives,
# but each key should correspond to the preceding certificate.
@ -33,7 +33,7 @@ Index: b/doc/sample.config
# Diffie-Hellman parameters. Only needed if you require support
# for the DHE ciphersuites (by default this server supports ECDHE).
@@ -137,7 +137,7 @@ server-key = ../tests/certs/server-key.p
@@ -151,7 +151,7 @@ server-key = ../tests/certs/server-key.p
# The Certificate Authority that will be used to verify
# client certificates (public keys) if certificate authentication
# is set.
@ -42,7 +42,7 @@ Index: b/doc/sample.config
### All configuration options below this line are reloaded on a SIGHUP.
@@ -157,7 +157,7 @@ ca-cert = ../tests/certs/ca.pem
@@ -171,7 +171,7 @@ ca-cert = ../tests/certs/ca.pem
# the isolation was tested at. If you get random failures on worker processes, try
# disabling that option and report the failures you, along with system and debugging
# information at: https://gitlab.com/ocserv/ocserv/issues
@ -51,8 +51,8 @@ Index: b/doc/sample.config
# A banner to be displayed on clients
#banner = "Welcome"
@@ -204,7 +204,7 @@ dpd = 90
mobile-dpd = 1800
@@ -234,7 +234,7 @@ mobile-dpd = 1800
switch-to-tcp-timeout = 25
# MTU discovery (DPD must be enabled)
-try-mtu-discovery = false
@ -60,7 +60,7 @@ Index: b/doc/sample.config
# If you have a certificate from a CA that provides an OCSP
# service you may provide a fresh OCSP status response within
@@ -362,8 +362,8 @@ rekey-method = ssl
@@ -398,8 +398,8 @@ rekey-method = ssl
# STATS_BYTES_OUT, STATS_DURATION that contain a 64-bit counter of the bytes
# output from the tun device, and the duration of the session in seconds.
@ -71,7 +71,7 @@ Index: b/doc/sample.config
# UTMP
# Register the connected clients to utmp. This will allow viewing
@@ -433,7 +433,8 @@ ipv4-netmask = 255.255.255.0
@@ -469,7 +469,8 @@ ipv4-netmask = 255.255.255.0
# The advertized DNS server. Use multiple lines for
# multiple servers.
# dns = fc00::4be0
@ -81,7 +81,7 @@ Index: b/doc/sample.config
# The NBNS server (if any)
#nbns = 192.168.1.3
@@ -472,8 +473,8 @@ ping-leases = false
@@ -508,8 +509,8 @@ ping-leases = false
# comment out all routes from the server, or use the special keyword
# 'default'.
@ -92,10 +92,10 @@ Index: b/doc/sample.config
#route = fef4:db8:1000:1001::/64
#route = default
Index: b/doc/systemd/socket-activated/ocserv.socket
Index: ocserv-0.11.10/doc/systemd/socket-activated/ocserv.socket
===================================================================
--- a/doc/systemd/socket-activated/ocserv.socket
+++ b/doc/systemd/socket-activated/ocserv.socket
--- ocserv-0.11.10.orig/doc/systemd/socket-activated/ocserv.socket
+++ ocserv-0.11.10/doc/systemd/socket-activated/ocserv.socket
@@ -2,8 +2,8 @@
Description=OpenConnect SSL VPN server Socket

8
ocserv.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package ocserv
#
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -17,7 +17,7 @@
Name: ocserv
Version: 0.11.6
Version: 0.11.10
Release: 0
Summary: OpenConnect VPN Server
License: GPL-2.0
@ -38,8 +38,8 @@ Source99: README.SUSE
Patch1: %{name}-enable-systemd.patch
#PATCH-FIX-UPSTREAM marguerite@opensuse.org tweak configuration
Patch2: %{name}.config.patch
#PATCH-FIX-UPSTREAM marguerite@opensuse.org avoid racing problem when building documentation in parallel
Patch3: boo1021353-ocserv-doc-racing-in-parallel-build.patch
#PATCH-FIX-OPENSUSE marguerite@opensuse.org leap doesn't have LZ4_compress_default
Patch3: %{name}-LZ4_compress_default.patch
BuildRequires: autogen
BuildRequires: dbus-1-devel
BuildRequires: freeradius-client-devel