rpms
/
NetworkManager-libreswan
21
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

import NetworkManager-libreswan-1.2.22-3.el10

Browse Source
i10cs changed/i10cs/NetworkManager-libreswan-1.2.22-3.el10
MSVSphere Packaging Team 2 months ago
commit fb3b63c574
Signed by: sys_gitsync
GPG Key ID: B2B0B9F29E528FE8
5 changed files with 691 additions and 0 deletions
Show Stats Download Patch File Download Diff File

1
.NetworkManager-libreswan.metadata
Unescape View File

@ -0,0 +1 @@
7f62450f66f2a21789fd6cfebbf3355ae99553ea SOURCES/NetworkManager-libreswan-1.2.22.tar.xz

1
.gitignore vendored
Unescape View File

@ -0,0 +1 @@
SOURCES/NetworkManager-libreswan-1.2.22.tar.xz

81
SOURCES/1001-editor-connect-stuff_changed_cb-from-populate_widget.patch
Unescape View File

@ -0,0 +1,81 @@
From 4957f0123c109df05885b2c85bfabc8f7311fe62 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=8D=C3=B1igo=20Huguet?= <ihuguet@redhat.com>
Date: Mon, 9 Sep 2024 12:25:58 +0200
Subject: [PATCH] editor: connect stuff_changed_cb from populate_widget
There is no need to do it in 2 different steps, we always have to
connect it after creating the widget. Let's do it all together so no
developer forgets.
---
properties/nm-libreswan-editor.c | 47 --------------------------------
1 file changed, 47 deletions(-)
diff --git a/properties/nm-libreswan-editor.c b/properties/nm-libreswan-editor.c
index b03d2fe..5687dc7 100644
--- a/properties/nm-libreswan-editor.c
+++ b/properties/nm-libreswan-editor.c
@@ -351,27 +351,6 @@ populate_widget (LibreswanEditor *self,
}
gtk_combo_box_set_active (GTK_COMBO_BOX (widget), idx);
}
-}
-
-
-/* Init the widget on the basis of its actual type.
- * widget_name: the name of the widget
- * key_name: the name of the key where the config value is stored
- * alt_key_name:alternative name of the key
- * match_value: used only for toggle_button and combo_box widgets; when matched
- * in the former it will set the toggle button as active, in the latter
- * will be used as a match for enabling the third index of possible values
- * (a three-valued logic value is expected: "no", "yes" or "match_value").
- */
-static void
-hook_stuff_changed_cb (LibreswanEditor *self,
- const char *widget_name)
-{
- LibreswanEditorPrivate *priv = LIBRESWAN_EDITOR_GET_PRIVATE (self);
- GtkWidget *widget;
-
- widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, widget_name));
- g_return_if_fail (widget);
g_signal_connect (G_OBJECT (widget),
GTK_IS_CHECK_BUTTON (widget) ? "toggled" : "changed",
@@ -471,33 +450,7 @@ init_editor_plugin (LibreswanEditor *self,
populate_widget (self, "group_entry", NM_LIBRESWAN_KEY_LEFTID, NULL, NULL);
populate_widget (self, "cert_entry", NM_LIBRESWAN_KEY_LEFTCERT, NULL, NULL);
populate_widget (self, "remoteid_entry", NM_LIBRESWAN_KEY_RIGHTID, NULL, NULL);
- hook_stuff_changed_cb (self, "gateway_entry");
- hook_stuff_changed_cb (self, "user_entry");
- hook_stuff_changed_cb (self, "group_entry");
- hook_stuff_changed_cb (self, "cert_entry");
- hook_stuff_changed_cb (self, "remoteid_entry");
-
- /* Advanced Dialog */
populate_adv_dialog (self);
- hook_stuff_changed_cb (self, "domain_entry");
- hook_stuff_changed_cb (self, "phase1_entry");
- hook_stuff_changed_cb (self, "phase2_entry");
- hook_stuff_changed_cb (self, "phase1_lifetime_entry");
- hook_stuff_changed_cb (self, "phase2_lifetime_entry");
- hook_stuff_changed_cb (self, "rekey_checkbutton");
- hook_stuff_changed_cb (self, "pfs_checkbutton");
- hook_stuff_changed_cb (self, "local_network_entry");
- hook_stuff_changed_cb (self, "remote_network_entry");
- hook_stuff_changed_cb (self, "narrowing_checkbutton");
- hook_stuff_changed_cb (self, "fragmentation_combo");
- hook_stuff_changed_cb (self, "mobike_combo");
- hook_stuff_changed_cb (self, "dpd_delay_entry");
- hook_stuff_changed_cb (self, "dpd_timeout_entry");
- hook_stuff_changed_cb (self, "dpd_action_combo");
- hook_stuff_changed_cb (self, "ipsec_interface_entry");
- hook_stuff_changed_cb (self, "authby_entry");
- hook_stuff_changed_cb (self, "disable_modecfgclient_checkbutton");
- hook_stuff_changed_cb (self, "remote_cert_entry");
priv->advanced_dialog = GTK_WIDGET (gtk_builder_get_object (priv->builder, "libreswan-advanced-dialog"));
g_return_val_if_fail (priv->advanced_dialog != NULL, FALSE);
--
2.44.0

182
SOURCES/1002-properties-add-require-id-on-certificate.patch
Unescape View File

@ -0,0 +1,182 @@
From 95517f4dd6de399f4608c63f48658228ac902c93 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=8D=C3=B1igo=20Huguet?= <ihuguet@redhat.com>
Date: Mon, 9 Sep 2024 11:47:57 +0200
Subject: [PATCH] properties: add require-id-on-certificate
From `man ipsec.conf`:
require-id-on-certificate:
When using certificates, check whether the IKE peer ID is present as
a subjectAltName (SAN) on the peer certificate. Accepted values are
yes (the default) or no. This check should only be disabled when
intentionally using certificates that do not have their peer ID specified
as a SAN on the certificate. These certificates violate RFC 4945 Section
3.1 and are normally rejected to prevent a compromised host from assuming
the IKE identity of another host. The SAN limits the IDs that the
peer is able to assume.
---
properties/nm-libreswan-dialog.ui | 26 +++++++++++++++++++++++++
properties/nm-libreswan-editor-plugin.c | 2 ++
properties/nm-libreswan-editor.c | 9 +++++++++
shared/nm-service-defines.h | 1 +
shared/utils.c | 5 +++++
src/nm-libreswan-service.c | 1 +
6 files changed, 44 insertions(+)
diff --git a/properties/nm-libreswan-dialog.ui b/properties/nm-libreswan-dialog.ui
index b682895..17a7171 100644
--- a/properties/nm-libreswan-dialog.ui
+++ b/properties/nm-libreswan-dialog.ui
@@ -1222,6 +1222,32 @@ config: authby &lt;value&gt;
<property name="top_attach">0</property>
</packing>
</child>
+ <child>
+ <object class="GtkLabel" id="require_id_on_certificate_label">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="label" translatable="yes">Don't require remote certificate name</property>
+ <property name="use_underline">True</property>
+ <property name="mnemonic_widget">require_id_on_certificate_checkbutton</property>
+ <property name="xalign">1</property>
+ </object>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="top_attach">1</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkCheckButton" id="require_id_on_certificate_checkbutton">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="receives_default">False</property>
+ <property name="draw_indicator">True</property>
+ </object>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="top_attach">1</property>
+ </packing>
+ </child>
</object>
</child>
</object>
diff --git a/properties/nm-libreswan-editor-plugin.c b/properties/nm-libreswan-editor-plugin.c
index fe473d1..7aa528e 100644
--- a/properties/nm-libreswan-editor-plugin.c
+++ b/properties/nm-libreswan-editor-plugin.c
@@ -214,6 +214,8 @@ import_from_file (NMVpnEditorPlugin *self,
nm_setting_vpn_add_data_item (s_vpn, NM_LIBRESWAN_KEY_HOSTADDRFAMILY, str + NM_STRLEN("hostaddrfamily="));
else if (g_str_has_prefix (str, "clientaddrfamily="))
nm_setting_vpn_add_data_item (s_vpn, NM_LIBRESWAN_KEY_CLIENTADDRFAMILY, str + NM_STRLEN("clientaddrfamily="));
+ else if (g_str_has_prefix (str, "require-id-on-certificate="))
+ nm_setting_vpn_add_data_item (s_vpn, NM_LIBRESWAN_KEY_REQUIRE_ID_ON_CERTIFICATE, str + NM_STRLEN("require-id-on-certificate="));
else if (g_str_has_prefix (str, "rightsubnet=")) {
if (!g_str_has_prefix (str, "rightsubnet=0.0.0.0/0"))
nm_setting_vpn_add_data_item (s_vpn, NM_LIBRESWAN_KEY_REMOTENETWORK, &str[12]);
diff --git a/properties/nm-libreswan-editor.c b/properties/nm-libreswan-editor.c
index 5687dc7..b350819 100644
--- a/properties/nm-libreswan-editor.c
+++ b/properties/nm-libreswan-editor.c
@@ -379,6 +379,7 @@ populate_adv_dialog (LibreswanEditor *self)
populate_widget (self, "authby_entry", NM_LIBRESWAN_KEY_AUTHBY, NULL, NULL);
populate_widget (self, "disable_modecfgclient_checkbutton", NM_LIBRESWAN_KEY_LEFTMODECFGCLIENT, NULL, "no");
populate_widget (self, "remote_cert_entry", NM_LIBRESWAN_KEY_RIGHTCERT, NULL, NULL);
+ populate_widget (self, "require_id_on_certificate_checkbutton", NM_LIBRESWAN_KEY_REQUIRE_ID_ON_CERTIFICATE, NULL, "no");
}
static gboolean
@@ -642,6 +643,14 @@ update_adv_settings (LibreswanEditor *self, NMSettingVpn *s_vpn)
nm_setting_vpn_add_data_item (s_vpn, NM_LIBRESWAN_KEY_RIGHTCERT, str);
else
nm_setting_vpn_remove_data_item (s_vpn, NM_LIBRESWAN_KEY_RIGHTCERT);
+
+ /* Disable Require ID on certificate */
+ widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "require_id_on_certificate_checkbutton"));
+ if (gtk_check_button_get_active (GTK_CHECK_BUTTON (widget)))
+ nm_setting_vpn_add_data_item (s_vpn, NM_LIBRESWAN_KEY_REQUIRE_ID_ON_CERTIFICATE, "no");
+ else
+ nm_setting_vpn_remove_data_item (s_vpn, NM_LIBRESWAN_KEY_REQUIRE_ID_ON_CERTIFICATE);
+
}
static gboolean
diff --git a/shared/nm-service-defines.h b/shared/nm-service-defines.h
index 167b837..5f523bd 100644
--- a/shared/nm-service-defines.h
+++ b/shared/nm-service-defines.h
@@ -73,6 +73,7 @@
#define NM_LIBRESWAN_KEY_TYPE "type"
#define NM_LIBRESWAN_KEY_HOSTADDRFAMILY "hostaddrfamily"
#define NM_LIBRESWAN_KEY_CLIENTADDRFAMILY "clientaddrfamily"
+#define NM_LIBRESWAN_KEY_REQUIRE_ID_ON_CERTIFICATE "require-id-on-certificate"
#define NM_LIBRESWAN_IKEV2_NO "no"
#define NM_LIBRESWAN_IKEV2_NEVER "never"
diff --git a/shared/utils.c b/shared/utils.c
index 65bc603..9394099 100644
--- a/shared/utils.c
+++ b/shared/utils.c
@@ -122,6 +122,7 @@ nm_libreswan_config_write (gint fd,
const char *mobike;
const char *pfs;
const char *client_family;
+ const char *require_id_on_certificate;
const char *item;
gboolean is_ikev2 = FALSE;
@@ -173,6 +174,10 @@ nm_libreswan_config_write (gint fd,
if (client_family && strlen (client_family))
WRITE_CHECK (fd, debug_write_fcn, error, " clientaddrfamily=%s", client_family);
+ require_id_on_certificate = nm_setting_vpn_get_data_item (s_vpn, NM_LIBRESWAN_KEY_REQUIRE_ID_ON_CERTIFICATE);
+ if (require_id_on_certificate && strlen (require_id_on_certificate))
+ WRITE_CHECK (fd, debug_write_fcn, error, " require-id-on-certificate=%s", require_id_on_certificate);
+
leftrsasigkey = nm_setting_vpn_get_data_item (s_vpn, NM_LIBRESWAN_KEY_LEFTRSASIGKEY);
rightrsasigkey = nm_setting_vpn_get_data_item (s_vpn, NM_LIBRESWAN_KEY_RIGHTRSASIGKEY);
leftcert = nm_setting_vpn_get_data_item (s_vpn, NM_LIBRESWAN_KEY_LEFTCERT);
diff --git a/src/nm-libreswan-service.c b/src/nm-libreswan-service.c
index e5956af..984e991 100644
--- a/src/nm-libreswan-service.c
+++ b/src/nm-libreswan-service.c
@@ -274,6 +274,7 @@ static ValidProperty valid_properties[] = {
{ NM_LIBRESWAN_KEY_TYPE, G_TYPE_STRING, 0, 0 },
{ NM_LIBRESWAN_KEY_HOSTADDRFAMILY, G_TYPE_STRING, 0, 0 },
{ NM_LIBRESWAN_KEY_CLIENTADDRFAMILY, G_TYPE_STRING, 0, 0 },
+ { NM_LIBRESWAN_KEY_REQUIRE_ID_ON_CERTIFICATE, G_TYPE_STRING, 0, 0 },
/* Ignored option for internal use */
{ NM_LIBRESWAN_KEY_PSK_INPUT_MODES, G_TYPE_NONE, 0, 0 },
{ NM_LIBRESWAN_KEY_XAUTH_PASSWORD_INPUT_MODES, G_TYPE_NONE, 0, 0 },
--- a/gtk4/nm-libreswan-dialog.ui
+++ b/gtk4/nm-libreswan-dialog.ui
@@ -979,6 +979,27 @@
</layout>
</object>
</child>
+ <child>
+ <object class="GtkLabel" id="require_id_on_certificate_label">
+ <property name="label" translatable="1">Don&apos;t require remote certificate name</property>
+ <property name="use_underline">1</property>
+ <property name="mnemonic_widget">require_id_on_certificate_checkbutton</property>
+ <property name="xalign">1</property>
+ <layout>
+ <property name="column">0</property>
+ <property name="row">1</property>
+ </layout>
+ </object>
+ </child>
+ <child>
+ <object class="GtkCheckButton" id="require_id_on_certificate_checkbutton">
+ <property name="focusable">1</property>
+ <layout>
+ <property name="column">1</property>
+ <property name="row">1</property>
+ </layout>
+ </object>
+ </child>
</object>
</child>
</object>
--
2.44.0

426
SPECS/NetworkManager-libreswan.spec
Unescape View File

@ -0,0 +1,426 @@
%if 0%{?fedora} < 28 && 0%{?rhel} < 8
%bcond_without libnm_glib
%else
%bcond_with libnm_glib
%endif
%if 0%{?fedora} < 36 && 0%{?rhel} < 10
%bcond_with gtk4
%else
%bcond_without gtk4
%endif
%global nm_version 1:1.2.0
%global nma_version 1.2.0
Summary: NetworkManager VPN plug-in for IPsec VPN
Name: NetworkManager-libreswan
Version: 1.2.22
Release: 3%{?dist}
License: GPL-2.0-or-later
URL: https://gitlab.gnome.org/GNOME/NetworkManager-libreswan
Source0: https://download.gnome.org/sources/NetworkManager-libreswan/1.2/%{name}-%{version}.tar.xz
# These are not bugfixes, hence they are also relevant after
# the next rebase of the source tarball.
# Patch0001: 0001-some.patch
# Bugfixes that are only relevant until next rebase of the package.
# Patch1001: 1001-some.patch
Patch1001: 1001-editor-connect-stuff_changed_cb-from-populate_widget.patch
Patch1002: 1002-properties-add-require-id-on-certificate.patch
BuildRequires: make
BuildRequires: gcc
BuildRequires: gtk3-devel
BuildRequires: libnl3-devel
BuildRequires: NetworkManager-libnm-devel >= %{nm_version}
BuildRequires: libnma-devel >= %{nma_version}
BuildRequires: libsecret-devel
BuildRequires: intltool gettext
%if %with libnm_glib
BuildRequires: NetworkManager-devel >= %{nm_version}
BuildRequires: NetworkManager-glib-devel >= %{nm_version}
BuildRequires: libnm-gtk-devel >= %{nma_version}
%endif
%if %with gtk4
BuildRequires: libnma-gtk4-devel
%endif
Requires: NetworkManager >= %{nm_version}
Requires: dbus-common
Requires: /usr/sbin/ipsec
Provides: NetworkManager-openswan = %{version}-%{release}
Obsoletes: NetworkManager-openswan < %{version}-%{release}
%global _privatelibs libnm-libreswan-properties[.]so.*
%global __provides_exclude ^(%{_privatelibs})$
%global __requires_exclude ^(%{_privatelibs})$
%description
This package contains software for integrating the libreswan VPN software
with NetworkManager and the GNOME desktop
%package -n NetworkManager-libreswan-gnome
Summary: NetworkManager VPN plugin for libreswan - GNOME files
Requires: %{name}%{?_isa} = %{version}-%{release}
Requires: shared-mime-info
Provides: NetworkManager-openswan-gnome = %{version}-%{release}
Obsoletes: NetworkManager-openswan-gnome < %{version}-%{release}
%description -n NetworkManager-libreswan-gnome
This package contains software for integrating VPN capabilities with
the libreswan server with NetworkManager (GNOME files).
%prep
%autosetup -p1
%build
%configure \
--disable-static \
%if %with gtk4
--with-gtk4 \
%endif
%if %without libnm_glib
--without-libnm-glib \
%endif
--enable-more-warnings=yes \
--with-dist-version=%{version}-%{release}
%make_build
%install
%make_install
rm -f %{buildroot}%{_libdir}/NetworkManager/lib*.la
mv %{buildroot}%{_sysconfdir}/dbus-1 %{buildroot}%{_datadir}/
%find_lang %{name}
%files -f %{name}.lang
%{_libdir}/NetworkManager/libnm-vpn-plugin-libreswan.so
%{_datadir}/dbus-1/system.d/nm-libreswan-service.conf
%{_prefix}/lib/NetworkManager/VPN/nm-libreswan-service.name
%{_libexecdir}/nm-libreswan-service
%{_libexecdir}/nm-libreswan-service-helper
%{_mandir}/man5/nm-settings-libreswan.5.gz
%doc AUTHORS NEWS
%license COPYING
%files -n NetworkManager-libreswan-gnome
%{_libexecdir}/nm-libreswan-auth-dialog
%{_libdir}/NetworkManager/libnm-vpn-plugin-libreswan-editor.so
%{_metainfodir}/network-manager-libreswan.metainfo.xml
%if %with libnm_glib
%{_libdir}/NetworkManager/libnm-*-properties.so
%{_sysconfdir}/NetworkManager/VPN/nm-libreswan-service.name
%endif
%if %with gtk4
%{_libdir}/NetworkManager/libnm-gtk4-vpn-plugin-libreswan-editor.so
%endif
%changelog
* Fri Oct 25 2024 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 1.2.22-3
- Rebuilt for MSVSphere 10
* Thu Sep 12 2024 Íñigo Huguet <ihuguet@redhat.com> - 1.2.22-3
- Support require-id-on-certificate (RHEL-58812)
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1.2.22-2
- Bump release for June 2024 mass rebuild
* Wed May 22 2024 Beniamino Galvani <bgalvani@redhat.com> - 1.2.22-1
- Add IPv6 support (RHEL-21875)
* Fri Apr 19 2024 Íñigo Huguet <ihuguet@redhat.com> - 1.2.20-2
- Added gating.yaml
* Wed Apr 17 2024 Íñigo Huguet <ihuguet@redhat.com> - 1.2.20-1
- Update to 1.2.20 release
* Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.18-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.18-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Dec 15 2023 Beniamino Galvani <bgalvani@redhat.com> - 1.2.18-1
- Update to 1.2.18 release
* Fri Sep 08 2023 Till Maas <opensource@till.name> - 1.2.16-5
- Migrate to spdx license
- Cleanup whitespace
- Use make macros
- Fix changelog
- Update URL
* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.16-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed Jan 18 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.16-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.16-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Fri Mar 11 2022 Lubomir Rintel <lkundrak@v3.sk> - 1.2.16-1
- Update to 1.2.16 release
* Wed Jan 19 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.14-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.14-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Mon Feb 15 2021 Lubomir Rintel <lkundrak@v3.sk> - 1.2.14-2
- Move dbus service file into /usr/share/dbus-1
* Mon Jan 25 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.14-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Jan 12 2021 Beniamino Galvani <bgalvani@redhat.com> - 1.2.14-1
- Update to 1.2.14 release
* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.12-1.2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.12-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Wed Jul 31 2019 Francesco Giudici <fgiudici@redhat.com> - 1.2.12-1
- Updated to 1.2.12
* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.10-1.2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.10-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Thu Oct 18 2018 Francesco Giudici <fgiudici@redhat.com> - 1.2.10-1
- Updated to 1.2.10
- Import latest translations from upstream
* Wed Aug 22 2018 Paul Wouters <pwouters@redhat.com> - 1.2.6-1
- Updated to 1.2.6
- Upstream patches for IKEv2 support
* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.4-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.4-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Thu Nov 30 2017 Lubomir Rintel <lkundrak@v3.sk> - 1.2.4-4
- Drop libnm-glib for Fedora 28
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Thu Jun 30 2016 Thomas Haller <thaller@redhat.com> - 1.2.4-1
- Update to 1.2.4 release
- Move base VPN plugin library to base libreswan package
- Don't require nm-connection-editor anymore
* Wed May 11 2016 Lubomir Rintel <lkundrak@v3.sk> - 1.2.2-1
- Update to 1.2.2 release
* Wed Apr 20 2016 Lubomir Rintel <lkundrak@v3.sk> - 1.2.0-1
- Update to 1.2.0 release
* Tue Apr 5 2016 Lubomir Rintel <lkundrak@v3.sk> - 1.2.0-0.4.rc1
- Update to NetworkManager-libreswan 1.2-rc1
* Tue Mar 1 2016 Lubomir Rintel <lkundrak@v3.sk> - 1.2.0-0.4.beta2
- Update to NetworkManager-libreswan 1.2-beta2
* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.0-0.4.beta1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Mon Feb 1 2016 Lubomir Rintel <lkundrak@v3.sk> - 1.2.0-0.3.beta1
- Update to support Main mode & better Libreswan integration
* Tue Jan 19 2016 Lubomir Rintel <lkundrak@v3.sk> - 1.2.0-0.2.beta1
- Update to NetworkManager-libreswan 1.2-beta1
* Wed Dec 16 2015 Lubomir Rintel <lkundrak@v3.sk> - 1.2.0-0.1.20151216gite52aff0
- A newer git snapshot with import/export support
* Mon Nov 16 2015 Lubomir Rintel <lkundrak@v3.sk> - 1.2.0-0.1.20151116git15db395
- Rename to NetworkManager-libreswan
- A newer git snapshot with multiple connection support
* Fri Oct 23 2015 Lubomir Rintel <lkundrak@v3.sk> - 1.2.0-0.1.20151023git8a39c0f
- Update to a newer git snapshot
* Tue Sep 1 2015 Lubomir Rintel <lkundrak@v3.sk> - 1.2.0-0.1.20150901git92f1611
- Update to 1.2 git snapshot with libnm-based properties plugin
* Fri Aug 28 2015 Lubomir Rintel <lkundrak@v3.sk> - 1.0.6-2
- Don't unconditionally set cisco-unity=yes
* Thu Aug 27 2015 Lubomir Rintel <lkundrak@v3.sk> - 1.0.6-1
- Update to 1.0.6 release
* Tue Jun 16 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Tue May 5 2015 Lubomir Rintel <lkundrak@v3.sk> - 1.0.2-1
- Update to 1.0.2 release
* Mon Dec 22 2014 Dan Williams <dcbw@redhat.com> - 1.0.0-1
- Update to 1.0
* Fri Aug 15 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.8.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Fri Jun 06 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.8.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Thu Dec 12 2013 Avesh Agarwal <avagarwa@redhat.com> - 0.9.8.4-2
- Fixes 1035786 (and its duplicate 1040924)
* Tue Dec 10 2013 Avesh Agarwal <avagarwa@redhat.com> - 0.9.8.4-1
- New upstream release 0.9.8.4
- Fixed 926225
- Fixed dependency to libreswan.
- Created a new sub package NetworkManager-openswan-gnome
- Various other spec file fixes.
- Additional code changes are as follows:
- Fixed an issue where proper network stack is not loaded unless
_stackmanager is run before starting pluto daemon service.
- Fixed the termination operation of pluto daemon to comply with
libreswan changes.
- Fixed various debug messages.
- Fixed initiation of pluto daemon by this plugin to reflect the
changes in libreaswan.
- Fixed defaults values for more parameters to help the VPN
connection stay more reliable.
- Rewrote pluto watch API which watches the pluto process for its status.
Fixed memory leak issues as not all child processes were reaped correctly.
Also g_spwan_close_pid was not being called after children were reaped.
Also modified debugs and added more to help with debugging in the future.
- Fixed an issue where nm-openswan service is searching for ipsec binary in
both /sbin and /usr/sbin leading to same operation twice, as /sbin is just
symlink to /usr/sbin, so removed /sbin from the search paths.
- Fixed some libreswan related macro changes.
- Fixed netmask issue when sending IP information to the nm openswan
plugin service.
- Fixed the current code as it does not set the default route field
NM_VPN_PLUGIN_IP4_CONFIG_NEVER_DEFAULT when sending VPN information
to nm-openswan plugin. This fix sets the field to TRUE.
- Fixed some issues found by coverity scan.
- Fixed an issue where writing configuration on stdin should not end with
\n as it gives error. It used to work previously, but not with latest
NetworkManager versions.
- libreswan related fixes, as some macros have been modified after forking
to libreswan from openswan.
- openswan/libreswan does not provide tun0 interface, so fixed the code
where it sends tun0 interface.
- Fix prcoessing of nm-openswan-dialog.ui file and added more error notifications.
- Fixed dead code based on coverity scan.
- Fixed gnomekeyring lib dependencies.
- Fixed Networkmanager and related lib dependencies.
- Fixed gtk label max width issue by setting it to 35.
- NM-openswan was missing support for nm-openswan-auth-dialog.desktop.in.in.
So added a new nm-openswan-auth-dialog.desktop.in.in, and modified related
Makefile and configure.ac files.
* Mon Aug 5 2013 Avesh Agarwal <avagarwa@redhat.com> - 0.9.8.0-1
- Rebase to latest upstream version 0.9.8.0
- Fixed several issues with the packaging
* Fri Aug 02 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.3.995-6.git20120302
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.3.995-5.git20120302
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Thu Dec 13 2012 Avesh Agarwal <avagarwa@redhat.com> - 0.9.3.995-4
Resolves: #845599, #865883
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.3.995-3.git20120302
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Apr 27 2012 Avesh Agarwal <avagarwa@redhat.com> - 0.9.3.995-2
- Ported changes from rhel to fedora
* Fri Mar 2 2012 Dan Williams <dcbw@redhat.com> - 0.9.3.995-1
- Update to 0.9.3.995 (0.9.4-beta1)
- ui: add support for external UI mode, eg GNOME Shell
* Thu Jan 12 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Dec 06 2011 Adam Jackson <ajax@redhat.com> - 0.9.0-2
- Rebuild for new libpng
* Fri Aug 26 2011 Dan Williams <dcbw@redhat.com> - 0.9.0-1
- Update to 0.9.0
- ui: translation fixes
* Thu Jul 21 2011 Dan Williams <dcbw@redhat.com> - 0.8.999-2.git20110721
- Update to git snapshot
- Fixes for secrets handling and saving
* Tue May 03 2011 Dan Williams <dcbw@redhat.com> - 0.8.999-1
- Update to 0.8.999 (0.9-rc2)
- Port to GTK 3.0 and GtkBuilder
- Fix some issues with secrets storage
* Sun Mar 27 2011 Christopher Aillon <caillon@redhat.com> - 0.8.0-9.20100411git
- Rebuild against NetworkManager 0.9
* Wed Feb 16 2011 Avesh Agarwal <avagarwa@redhat.com> - 0.8.0-8.20100411git
- fixes for compile time errors
* Mon Feb 07 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.0-7.20100411git
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Tue Sep 7 2010 Avesh Agarwal <avagarwa@redhat.com> - 0.8.0-6.20100411git
- Modified import and export interfaces to import_from_file and export_to_file, respectively,
due to changes in NMVpnPluginUiInterface struct in NM (bz 631159).
* Mon Jul 26 2010 Avesh Agarwal <avagarwa@redhat.com> - 0.8.0-5.20100411git
Resolves: #616910
- Support for reading phase1 and phase2 algorithms through GUI
* Tue Jul 13 2010 Avesh Agarwal <avagarwa@redhat.com> - 0.8.0-4.20100411git
- Modified fix for the bz 607352
- Fix to read connection configuration from stdin
- Fix to read Xauth user password from stdin
- Fix to delete the secret file as soon as read by Openswan
* Thu Jul 8 2010 Avesh Agarwal <avagarwa@redhat.com> - 0.8.0-3.20100411git
- Modified the patch so that it does not pass user password to
"ipsec whack" command.
* Thu Jul 8 2010 Avesh Agarwal <avagarwa@redhat.com> - 0.8.0-2.20100411git
- Modified to initiate VPN connections with openswan whack interface
- Fixed the issue of world readable conf and secret files
- Cleaned conf and secret files after VPN connection is stopped
- Fixed the issue of storing sensitive information like user
password in a file (rhbz# 607352)
- Changed PLUTO_SERVERBANNER to PLUTO_PEER_BANNER due
to the same change in Openswan
- Modifed GUI to remove unused configuration boxes
* Tue Jun 15 2010 Avesh Agarwal <avagarwa@redhat.com> - 0.8.0-1.20100%{version}t
- Initial build
Write Preview
Loading…
Cancel
Save