From 8b5809d60867fc718851c72497601c75be5eee3b Mon Sep 17 00:00:00 2001 From: Daniel Williams Date: Tue, 30 Sep 2008 20:12:04 +0000 Subject: [PATCH] - Fix order of Password TLS certificate choosers (rh #464765) - Use %find_lang for locale-specific files (rh #448551) - Fix --script-security issues with OpenVPN 2.1-rc9 and later (rh #460754) --- NetworkManager-openvpn.spec | 17 +++++++++++++++-- nm-openvpn-fix-pw-tls-entries.patch | 21 +++++++++++++++++++++ nm-openvpn-script-security.patch | 17 +++++++++++++++++ 3 files changed, 53 insertions(+), 2 deletions(-) create mode 100644 nm-openvpn-fix-pw-tls-entries.patch create mode 100644 nm-openvpn-script-security.patch diff --git a/NetworkManager-openvpn.spec b/NetworkManager-openvpn.spec index 6fd8e99..5e2b68d 100644 --- a/NetworkManager-openvpn.spec +++ b/NetworkManager-openvpn.spec @@ -10,7 +10,7 @@ Summary: NetworkManager VPN integration for OpenVPN Name: NetworkManager-openvpn Epoch: 1 Version: 0.7.0 -Release: 15.%{svn_snapshot}%{?dist} +Release: 16.%{svn_snapshot}%{?dist} License: GPLv2+ URL: http://www.gnome.org/projects/NetworkManager/ Group: System Environment/Base @@ -21,6 +21,9 @@ Group: System Environment/Base # - make distcheck # - use generated NetworkManager-openvpn-0.7.0.tar.gz Source: %{name}-%{version}.%{svn_snapshot}.tar.gz +Patch0: nm-openvpn-fix-pw-tls-entries.patch +Patch10: nm-openvpn-script-security.patch + BuildRoot: %{_tmppath}/%{name}-%{version}-root BuildRequires: gtk2-devel >= %{gtk2_version} BuildRequires: dbus-devel >= %{dbus_version} @@ -55,6 +58,9 @@ with NetworkManager and the GNOME desktop. %prep %setup -q -n %{name}-%{version} +%patch0 -p1 -b .pw-tls-entries +%patch10 -p1 -b .script-security + %build if [ ! -f configure ]; then ./autogen.sh @@ -68,6 +74,8 @@ make install DESTDIR=%{buildroot} INSTALL="%{__install} -p" rm -f %{buildroot}%{_libdir}/NetworkManager/lib*.la +%find_lang %{name} + %clean rm -rf %{buildroot} @@ -87,7 +95,7 @@ if [ -x /usr/bin/gtk-update-icon-cache ]; then /usr/bin/gtk-update-icon-cache --quiet %{_datadir}/icons/hicolor || : fi -%files +%files -f %{name}.lang %defattr(-, root, root) %doc AUTHORS ChangeLog README @@ -103,6 +111,11 @@ fi %{_datadir}/locale/*/LC_MESSAGES/NetworkManager-openvpn.mo %changelog +* Tue Sep 30 2008 Dan Williams 1:0.7.0-16.svn4027 +- Fix order of Password TLS certificate choosers (rh #464765) +- Use %find_lang for locale-specific files (rh #448551) +- Fix --script-security issues with OpenVPN 2.1-rc9 and later (rh #460754) + * Fri Aug 29 2008 Dan Williams 1:0.7.0-15.svn4027 - Rebuild for updated NetworkManager diff --git a/nm-openvpn-fix-pw-tls-entries.patch b/nm-openvpn-fix-pw-tls-entries.patch new file mode 100644 index 0000000..a8f1bd0 --- /dev/null +++ b/nm-openvpn-fix-pw-tls-entries.patch @@ -0,0 +1,21 @@ +diff -up NetworkManager-openvpn-0.7.0/properties/nm-openvpn-dialog.glade.entries NetworkManager-openvpn-0.7.0/properties/nm-openvpn-dialog.glade +--- NetworkManager-openvpn-0.7.0/properties/nm-openvpn-dialog.glade.entries 2008-09-30 15:59:39.000000000 -0400 ++++ NetworkManager-openvpn-0.7.0/properties/nm-openvpn-dialog.glade 2008-09-30 16:01:37.000000000 -0400 +@@ -426,7 +426,7 @@ + + True + 0 +- CA Certificate: ++ User Certificate: + + + 1 +@@ -438,7 +438,7 @@ + + True + 0 +- User Certificate: ++ CA Certificate: + + + 2 diff --git a/nm-openvpn-script-security.patch b/nm-openvpn-script-security.patch new file mode 100644 index 0000000..4342d9a --- /dev/null +++ b/nm-openvpn-script-security.patch @@ -0,0 +1,17 @@ +diff -up NetworkManager-openvpn-0.7.0/src/nm-openvpn-service.c.script-security NetworkManager-openvpn-0.7.0/src/nm-openvpn-service.c +--- NetworkManager-openvpn-0.7.0/src/nm-openvpn-service.c.script-security 2008-09-30 15:56:42.000000000 -0400 ++++ NetworkManager-openvpn-0.7.0/src/nm-openvpn-service.c 2008-09-30 15:57:03.000000000 -0400 +@@ -611,6 +611,13 @@ nm_openvpn_start_openvpn_binary (NMOpenv + add_openvpn_arg (args, "--syslog"); + add_openvpn_arg (args, "nm-openvpn"); + ++ /* Punch script security in the face; this option was added to OpenVPN 2.1-rc9 ++ * and defaults to disallowing any scripts, a behavior change from previous ++ * versions. ++ */ ++ add_openvpn_arg (args, "--script-security"); ++ add_openvpn_arg (args, "2"); ++ + /* Up script, called when connection has been established or has been restarted */ + add_openvpn_arg (args, "--up"); + add_openvpn_arg (args, NM_OPENVPN_HELPER_PATH);