SHA256
1
0
forked from pool/strongswan
OBS User unknown 2008-02-19 13:17:02 +00:00 committed by Git OBS Bridge
parent 6e9e4ef022
commit 3a50c4dfde
9 changed files with 62 additions and 71 deletions

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:9d2761b780fd8b11eafce63dc44336ece6941405dae819bd03e62a5f6b2f82fb
size 2234335

View File

@ -0,0 +1,9 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iQCVAwUAR7TA89YbDnNAmVNZAQJS6wQAil7xDrAGwYgFOaDpv4h6tF53TnQBepLK
FhEnxtPNmk5YAwhu8t3qsHIOERzctKt8vwh0fnNZTKP3GeKWl+7f4zYOlQPKEW+S
ltsE9dfLBjNDPlToTJHKre6i+u9l+scndf8087vinzsgnqK/JXyGKQ58cAts0ytV
JbBe/WhlOiA=
=t33J
-----END PGP SIGNATURE-----

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:37ea5119dc54cb150d444302f82f84854a15d35e45a817e3a29be86b7d750587
size 2176339

View File

@ -1,9 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iQCVAwUAR1Wm+dYbDnNAmVNZAQIvkAQAolk4x+wmuJEIBHQ+24S2v2fOJoZKud6L
Fl8cqH2GPe4yYZkuaJ+djgK+GslBfY8qyqXKC49SUkwWtA/yMKkItwDNv2RwhXdQ
jzjAI1Ad8nCck3XFkIYg9gxL/p2caooRqu6PUr0qfTpVl1lKMW0tHVssavUnCWJv
NcjWTSUihl0=
=GC6L
-----END PGP SIGNATURE-----

View File

@ -1,3 +1,22 @@
-------------------------------------------------------------------
Tue Feb 19 11:44:03 CET 2008 - mt@suse.de
- Updated to 4.1.11 maintenance release, providing following fixes:
* IKE rekeying in NAT situations did not inherit the NAT conditions
to the rekeyed IKE_SA so that the UDP encapsulation was lost with
the next CHILD_SA rekeying.
* Wrong type definition of the next_payload variable in id_payload.c
caused an INVALID_SYNTAX error on PowerPC platforms.
* Implemented IKEv2 EAP-SIM server and client test modules that use
triplets stored in a file. For details on the configuration see
the scenario 'ikev2/rw-eap-sim-rsa'.
- The 4.1.10 final version, declared upstream as "Fully tested support
of IPv6 IPsec tunnel connections", fixes ordering error in oscp cache,
IPv6 defaults of the nexthop parameter, adds support for new EAP
modules [disabled in this build] and obsoletes our strongswan_path
and strongswan_ipsec_script_msg patches.
- Removed a sed call from init script.
------------------------------------------------------------------- -------------------------------------------------------------------
Sat Dec 8 13:03:42 CET 2007 - mt@suse.de Sat Dec 8 13:03:42 CET 2007 - mt@suse.de

View File

@ -208,7 +208,7 @@ rc_reset
case "$1" in case "$1" in
start) start)
$IPSEC_CMD start 2>&1 | sed -e "s/ -- .*//g" $IPSEC_CMD start 2>&1
rc_status -v1 rc_status -v1
;; ;;
stop) stop)

View File

@ -1,7 +1,7 @@
# #
# spec file for package strongswan (Version 4.1.9) # spec file for package strongswan (Version 4.1.11)
# #
# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine # This file and all modifications and additions to the pristine
# package are under the same license as the package itself. # package are under the same license as the package itself.
# #
@ -10,11 +10,12 @@
# norootforbuild # norootforbuild
Name: strongswan Name: strongswan
%define upstream_version 4.1.9 %define upstream_version 4.1.11
%define strongswan_docdir %{_docdir}/%{name} %define strongswan_docdir %{_docdir}/%{name}
Version: 4.1.9 Version: 4.1.11
Release: 6 Release: 1
License: GPL v2 or later License: GPL v2 or later
Group: Productivity/Networking/Security Group: Productivity/Networking/Security
Summary: StrongSwan -- OpenSource IPsec-based VPN Solution Summary: StrongSwan -- OpenSource IPsec-based VPN Solution
@ -28,9 +29,7 @@ AutoReqProv: on
Source0: http://download.strongswan.org/strongswan-%{upstream_version}.tar.bz2 Source0: http://download.strongswan.org/strongswan-%{upstream_version}.tar.bz2
Source1: http://download.strongswan.org/strongswan-%{upstream_version}.tar.bz2.sig Source1: http://download.strongswan.org/strongswan-%{upstream_version}.tar.bz2.sig
Source2: %{name}.init.in Source2: %{name}.init.in
Patch1: %{name}_path.dif Patch1: %{name}_modprobe_syslog.dif
Patch2: %{name}_ipsec_script_msg.dif
Patch3: %{name}_modprobe_syslog.dif
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: bison flex gmp-devel gperf pkg-config BuildRequires: bison flex gmp-devel gperf pkg-config
%if 0%{?suse_version} >= 1030 %if 0%{?suse_version} >= 1030
@ -49,9 +48,11 @@ StrongSwan is an OpenSource IPsec-based VPN Solution for Linux
* runs both on Linux 2.4 (KLIPS IPsec) and Linux 2.6 (NETKEY IPsec) * runs both on Linux 2.4 (KLIPS IPsec) and Linux 2.6 (NETKEY IPsec)
kernels kernels
* supports both the IKEv1 and IKEv2 (RFC 4306) key exchange * implements both the IKEv1 and IKEv2 (RFC 4306) key exchange
protocols protocols
* NEW: Fully tested support of IPv6 IPsec tunnel connections
* Dynamical IP address and interface update with IKEv2 MOBIKE (RFC * Dynamical IP address and interface update with IKEv2 MOBIKE (RFC
4555) 4555)
@ -123,8 +124,6 @@ Authors:
%prep %prep
%setup -q -n %{name}-%{upstream_version} %setup -q -n %{name}-%{upstream_version}
%patch1 -p0 %patch1 -p0
%patch2 -p0
%patch3 -p0
sed -e 's|@libexecdir@|%_libexecdir|g' \ sed -e 's|@libexecdir@|%_libexecdir|g' \
< $RPM_SOURCE_DIR/strongswan.init.in \ < $RPM_SOURCE_DIR/strongswan.init.in \
> strongswan.init > strongswan.init
@ -251,8 +250,25 @@ fi
%{_mandir}/man8/pluto.8* %{_mandir}/man8/pluto.8*
%{_mandir}/man8/scepclient.8* %{_mandir}/man8/scepclient.8*
%{_mandir}/man8/starter.8* %{_mandir}/man8/starter.8*
%changelog %changelog
* Sat Dec 08 2007 - mt@suse.de * Tue Feb 19 2008 mt@suse.de
- Updated to 4.1.11 maintenance release, providing following fixes:
* IKE rekeying in NAT situations did not inherit the NAT conditions
to the rekeyed IKE_SA so that the UDP encapsulation was lost with
the next CHILD_SA rekeying.
* Wrong type definition of the next_payload variable in id_payload.c
caused an INVALID_SYNTAX error on PowerPC platforms.
* Implemented IKEv2 EAP-SIM server and client test modules that use
triplets stored in a file. For details on the configuration see
the scenario 'ikev2/rw-eap-sim-rsa'.
- The 4.1.10 final version, declared upstream as "Fully tested support
of IPv6 IPsec tunnel connections", fixes ordering error in oscp cache,
IPv6 defaults of the nexthop parameter, adds support for new EAP
modules [disabled in this build] and obsoletes our strongswan_path
and strongswan_ipsec_script_msg patches.
- Removed a sed call from init script.
* Sat Dec 08 2007 mt@suse.de
- Updated to 4.1.9 final, including all our patches. - Updated to 4.1.9 final, including all our patches.
- Changed init script to use ipsec cmd using LSB codes now. - Changed init script to use ipsec cmd using LSB codes now.
- Added strongswan_path.dif setting a PATH in scripts (updown). - Added strongswan_path.dif setting a PATH in scripts (updown).
@ -260,9 +276,9 @@ fi
ipsec script messages. ipsec script messages.
- Added strongswan_modprobe_syslog.dif redirecting modprobe - Added strongswan_modprobe_syslog.dif redirecting modprobe
output to syslog. output to syslog.
* Mon Nov 26 2007 - mt@suse.de * Mon Nov 26 2007 mt@suse.de
- Renamed charon plugins to avoid rpm conflicts with existing - Renamed charon plugins to avoid rpm conflicts with existing
libraries (libstroke). Patch: strongswan-libconflicts.dif libraries (libstroke). Patch: strongswan-libconflicts.dif
- Added init script. Template file: strongswan.init.in - Added init script. Template file: strongswan.init.in
* Thu Nov 22 2007 - mt@suse.de * Thu Nov 22 2007 mt@suse.de
- Initial, unfinished package - Initial, unfinished package

View File

@ -1,20 +0,0 @@
--- src/ipsec/ipsec.in
+++ src/ipsec/ipsec.in 2007/12/06 09:21:17
@@ -166,7 +166,7 @@ reload)
echo "Reloading strongSwan IPsec configuration..." >&2
kill -s USR1 `cat $IPSEC_STARTER_PID` 2>/dev/null && rc=0
else
- echo "ipsec starter is not running" >&2
+ echo "Reloading strongSwan IPsec: starter is not running" >&2
fi
exit "$rc"
;;
@@ -285,7 +285,7 @@ stop)
fi
fi
else
- echo "ipsec starter is not running" >&2
+ echo "Stopping strongSwan IPsec: starter is not running" >&2
fi
exit 0
;;

View File

@ -1,24 +0,0 @@
--- src/ipsec/ipsec.in
+++ src/ipsec/ipsec.in 2007/12/05 08:15:29
@@ -16,6 +16,9 @@
#
# RCSID $Id: ipsec.in 3370 2007-11-29 18:27:04Z andreas $
+PATH="/sbin:/bin:/usr/sbin:/usr/bin"
+export PATH
+
# name and version of the ipsec implementation
IPSEC_NAME="@IPSEC_NAME@"
IPSEC_VERSION="U@IPSEC_VERSION@/K`uname -r`"
--- src/_updown/_updown.in
+++ src/_updown/_updown.in 2007/12/05 08:15:29
@@ -118,6 +118,9 @@
# restricted on the peer side.
#
+PATH="/sbin:/bin:/usr/sbin:/usr/bin"
+export PATH
+
# uncomment to log VPN connections
VPN_LOGGING=1
#