From ec4f867b8faaf2baa6920d2747fdd16fb95ea0b8c1a0dd23ebcca733ca8d3e56 Mon Sep 17 00:00:00 2001 From: OBS User unknown Date: Thu, 22 May 2008 23:58:33 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openvpn?expand=0&rev=5 --- openvpn-2.0.9-plugin-dir.dif | 30 ------------------------------ openvpn.changes | 12 ++++++++++++ openvpn.init | 2 +- openvpn.spec | 28 ++++++++++++++++++---------- 4 files changed, 31 insertions(+), 41 deletions(-) delete mode 100644 openvpn-2.0.9-plugin-dir.dif diff --git a/openvpn-2.0.9-plugin-dir.dif b/openvpn-2.0.9-plugin-dir.dif deleted file mode 100644 index 4d7b55f..0000000 --- a/openvpn-2.0.9-plugin-dir.dif +++ /dev/null @@ -1,30 +0,0 @@ ---- plugin.c -+++ plugin.c 2007/11/28 08:58:20 -@@ -182,7 +182,26 @@ plugin_init_item (struct plugin *p, cons - p->plugin_type_mask = plugin_supported_types (); - - #if defined(USE_LIBDL) -- p->handle = dlopen (p->so_pathname, RTLD_NOW); -+ p->handle = NULL; -+#if defined(PLUGIN_LIBDIR) -+ if (!strchr(p->so_pathname, '/')) -+ { -+ char full[PATH_MAX], *name; -+ -+ snprintf(full, sizeof(full), "%s/%s", PLUGIN_LIBDIR, p->so_pathname); -+ p->handle = dlopen (full, RTLD_NOW); -+#if defined(ENABLE_PLUGIN_SEARCH) -+ if (!p->handle) -+ { -+ p->handle = dlopen (p->so_pathname, RTLD_NOW); -+ } -+#endif -+ } -+ else -+#endif -+ { -+ p->handle = dlopen (p->so_pathname, RTLD_NOW); -+ } - if (!p->handle) - msg (M_ERR, "PLUGIN_INIT: could not load plugin shared object %s: %s", p->so_pathname, dlerror()); - libdl_resolve_symbol (p->handle, (void*)&p->open, "openvpn_plugin_open_v1", p->so_pathname, PLUGIN_SYMBOL_REQUIRED); diff --git a/openvpn.changes b/openvpn.changes index dd43b35..acfa682 100644 --- a/openvpn.changes +++ b/openvpn.changes @@ -1,3 +1,15 @@ +------------------------------------------------------------------- +Thu May 22 18:21:59 CEST 2008 - mt@suse.de + +- Added -lpam to LDFLAGS of openvpn, because linking the openvpn + auth-pam plugin against pam is not sufficient. Many pam modules + that are loaded by pam during the authentication process are not + linked against pam and contain undefined symbols, causing the + authentication to fail (bnc#334773). +- Replaced patch loading plugins from /usr/%_lib/openvpn/plugin/lib + with -rpath linker flags (bnc#334773). +- Fixed init script to use startproc to return 0 when started twice. + ------------------------------------------------------------------- Tue Feb 19 11:32:55 CET 2008 - mt@suse.de diff --git a/openvpn.init b/openvpn.init index 47714c2..d1abbd2 100644 --- a/openvpn.init +++ b/openvpn.init @@ -77,7 +77,7 @@ case "$1" in for conf in $confdir/*.conf; do pidfile=$(basename ${conf%%.conf}).pid - $openvpn --daemon \ + startproc -p $piddir/$pidfile $openvpn --daemon \ --writepid $piddir/$pidfile \ --config $conf \ --cd $confdir \ diff --git a/openvpn.spec b/openvpn.spec index 65467c2..011d4fa 100644 --- a/openvpn.spec +++ b/openvpn.spec @@ -20,15 +20,14 @@ AutoReqProv: on PreReq: %insserv_prereq %fillup_prereq %endif Version: 2.0.9 -Release: 70 +Release: 90 Summary: Full-featured SSL VPN solution using a TUN/TAP Interface Source: http://openvpn.net/release/openvpn-%{version}.tar.gz Source1: http://openvpn.net/signatures/openvpn-%{version}.tar.gz.asc Source2: openvpn.init Source3: openvpn.README.SUSE -Patch1: %{name}-%{version}-plugin-dir.dif -Patch2: %{name}-%{version}-plugin-man.dif -Patch3: %{name}-%{version}-plugin-build.dif +Patch1: %{name}-%{version}-plugin-man.dif +Patch2: %{name}-%{version}-plugin-build.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: lzo-devel openssl-devel BuildRequires: pam-devel @@ -61,6 +60,7 @@ Authors: James Yonan %package down-root-plugin +License: GPL v2 or later; LGPL v2.1 or later Summary: OpenVPN down-root plugin Group: Productivity/Networking/Security AutoReqProv: on @@ -85,6 +85,7 @@ Authors: James Yonan %package auth-pam-plugin +License: GPL v2 or later; LGPL v2.1 or later Summary: OpenVPN auth-pam plugin Group: Productivity/Networking/Security AutoReqProv: on @@ -114,7 +115,6 @@ Authors: %setup -q %patch1 -p0 %patch2 -p0 -%patch3 -p0 sed -e "s|@PLUGIN_DIR@|%{plugin_dir}|g" \ -e "s|@PLUGIN_LIBDIR@|%{plugin_libdir}|g" \ -e "s|@PLUGIN_DOCDIR@|%{_defaultdocdir}/%{name}|g" \ @@ -123,13 +123,12 @@ sed -e "s|@PLUGIN_DIR@|%{plugin_dir}|g" \ %build autoreconf -fi export CFLAGS="$RPM_OPT_FLAGS -W -Wall" -export LDFLAGS="" -PLUGIN_DEFS="-DPLUGIN_LIBDIR='\"%{_libdir}/%{name}/plugin/lib\"'" -PLUGIN_DEFS="$PLUGIN_FLAGS -DENABLE_PLUGIN_SEARCH" +export LDFLAGS %configure \ - --enable-pthread --enable-iproute2 \ + --enable-pthread --enable-iproute2 \ --with-lzo-headers=%_includedir/lzo \ - CFLAGS="$CFLAGS -fPIE $PLUGIN_DEFS" LDFLAGS="$LDFLAGS -pie" + CFLAGS="$CFLAGS -fPIE $PLUGIN_DEFS" \ + LDFLAGS="$LDFLAGS -pie -lpam -rdynamic -Wl,-rpath,%{_libdir}/%{name}/plugin/lib" make # # Build down-root plugin @@ -216,6 +215,15 @@ if ! test -f /.buildenv; then rm -rf $RPM_BUILD_ROOT; fi %{plugin_libdir}/openvpn-auth-pam.so %changelog +* Thu May 22 2008 mt@suse.de +- Added -lpam to LDFLAGS of openvpn, because linking the openvpn + auth-pam plugin against pam is not sufficient. Many pam modules + that are loaded by pam during the authentication process are not + linked against pam and contain undefined symbols, causing the + authentication to fail (bnc#334773). +- Replaced patch loading plugins from /usr/%%_lib/openvpn/plugin/lib + with -rpath linker flags (bnc#334773). +- Fixed init script to use startproc to return 0 when started twice. * Tue Feb 19 2008 mt@suse.de - Fixed spec file to not set pie flags when building plugins * Thu Jan 17 2008 mt@suse.de