|
|
|
# For Fedora 17 and below, for now, build a compat libopenconnect.so.1 with OpenSSL so
|
|
|
|
# that the upgrade path is easier.
|
|
|
|
%define build_compat_lib 0%{?fedora} && 0%{?fedora} < 18
|
|
|
|
|
|
|
|
# RHEL6 still has GnuTLS which is even more ancient than Fedora's!
|
|
|
|
%define use_gnutls 0%{?fedora}
|
|
|
|
|
|
|
|
# RHEL5 has no libproxy, and no %make_install macro
|
|
|
|
%if 0%{?rhel} && 0%{?rhel} <= 5
|
|
|
|
%define use_libproxy 0
|
|
|
|
%define make_install %{__make} install DESTDIR=%{?buildroot}
|
|
|
|
%else
|
|
|
|
%define use_libproxy 1
|
|
|
|
%endif
|
|
|
|
|
|
|
|
Name: openconnect
|
|
|
|
Version: 4.00
|
|
|
|
Release: 1%{?dist}
|
|
|
|
Summary: Open client for Cisco AnyConnect VPN
|
|
|
|
|
|
|
|
Group: Applications/Internet
|
|
|
|
License: LGPLv2+
|
|
|
|
URL: http://www.infradead.org/openconnect.html
|
|
|
|
# git reset --hard b40dcae ; make tmp-dist
|
|
|
|
Source0: ftp://ftp.infradead.org/pub/openconnect/openconnect-%{version}.tar.gz
|
|
|
|
Source1: library15.c
|
|
|
|
Source2: libopenconnect15.map
|
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
|
|
|
|
|
|
|
BuildRequires: openssl-devel libxml2-devel gtk2-devel GConf2-devel dbus-devel
|
|
|
|
BuildRequires: autoconf automake libtool trousers-devel python gettext
|
|
|
|
Requires: vpnc-script
|
|
|
|
Requires: openssl >= 0.9.8k-4
|
|
|
|
%if %use_gnutls
|
|
|
|
# We need the fix for https://bugzilla.redhat.com/show_bug.cgi?id=826293
|
|
|
|
BuildRequires: gnutls-devel >= 2.12.14-3
|
|
|
|
Requires: gnutls >= 2.12.14-3
|
|
|
|
%endif
|
|
|
|
%if %{use_libproxy}
|
|
|
|
BuildRequires: libproxy-devel
|
|
|
|
%endif
|
|
|
|
|
|
|
|
# Older versions of NetworkManager-openconnect won't find openconnect in /usr/sbin
|
|
|
|
Conflicts: NetworkManager-openconnect < 0.9.0-3
|
|
|
|
|
|
|
|
%description
|
|
|
|
This package provides a client for Cisco's "AnyConnect" VPN, which uses
|
|
|
|
HTTPS and DTLS protocols.
|
|
|
|
|
|
|
|
%package devel
|
|
|
|
Summary: Development package for OpenConnect VPN authentication tools
|
|
|
|
Group: Applications/Internet
|
|
|
|
Requires: %{name} = %{version}-%{release}
|
|
|
|
|
|
|
|
%description devel
|
|
|
|
This package provides the core HTTP and authentication support from
|
|
|
|
the OpenConnect VPN client, to be used by GUI authentication dialogs
|
|
|
|
for NetworkManager etc.
|
|
|
|
|
|
|
|
%package lib-compat
|
|
|
|
Summary: Compatibility library for OpenConnect authentication clients
|
|
|
|
Group: Applications/Internet
|
|
|
|
Requires: %{name} = %{version}-%{release}
|
|
|
|
|
|
|
|
%description lib-compat
|
|
|
|
This package provides a backward-compatible library for use by GNOME and KDE
|
|
|
|
NetworkManager clients which have not yet been rebuilt to use the new version
|
|
|
|
of the library.
|
|
|
|
|
|
|
|
%prep
|
|
|
|
%setup -q
|
|
|
|
%if %{build_compat_lib}
|
|
|
|
cp %{SOURCE1} .
|
|
|
|
cp %{SOURCE2} libopenconnect15.map.in
|
|
|
|
# In Fedora 16 we fixed the gnutls_record_get_direction() bug without upgrading
|
|
|
|
sed 's/2\.12\.16/2.12.14/' -i configure
|
|
|
|
touch version.c
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%build
|
|
|
|
%if %{build_compat_lib}
|
|
|
|
mkdir compat
|
|
|
|
cd compat
|
|
|
|
%global _configure ../configure
|
|
|
|
%configure --with-vpnc-script=/etc/vpnc/vpnc-script --htmldir=%{_docdir}/%{name}-%{version}
|
|
|
|
# Hack: Build with library15.c instead of library.c and use the old version
|
|
|
|
# script and soname.
|
|
|
|
sed -e 's/library\./library15./g' \
|
|
|
|
-e 's/libopenconnect.map/libopenconnect15.map/g' \
|
|
|
|
-e 's/-version-number 2:0/-version-number 1:5/g' \
|
|
|
|
Makefile > Makefile.lib15
|
|
|
|
# We configure with --disable-dependency-tracking so we do not need this:
|
|
|
|
# cp .deps/libopenconnect_la-library.Plo .deps/libopenconnect_la-library2.Plo
|
|
|
|
|
|
|
|
# Do not let it rebuild the symbol map that we provided
|
|
|
|
cp %{SOURCE2} .
|
|
|
|
make -f Makefile.lib15 libopenconnect.la V=1
|
|
|
|
cd ..
|
|
|
|
%global _configure ./configure
|
|
|
|
%endif # {build_compat_lib}
|
|
|
|
|
|
|
|
%configure --with-vpnc-script=/etc/vpnc/vpnc-script \
|
|
|
|
%if %{use_gnutls}
|
|
|
|
--with-gnutls \
|
|
|
|
%endif
|
|
|
|
--htmldir=%{_docdir}/%{name}-%{version}
|
|
|
|
make %{?_smp_mflags} V=1
|
|
|
|
|
|
|
|
|
|
|
|
%install
|
|
|
|
rm -rf $RPM_BUILD_ROOT
|
|
|
|
%if %{build_compat_lib}
|
|
|
|
mkdir -p $RPM_BUILD_ROOT/%{_libdir}
|
|
|
|
install -m0755 compat/.libs/libopenconnect.so.1.5.0 ${RPM_BUILD_ROOT}/%{_libdir}
|
|
|
|
ln -sf libopenconnect.so.1.5.0 ${RPM_BUILD_ROOT}/%{_libdir}/libopenconnect.so.1
|
|
|
|
%endif
|
|
|
|
%make_install
|
|
|
|
rm -f $RPM_BUILD_ROOT/%{_libdir}/libopenconnect.la
|
|
|
|
%find_lang %{name}
|
|
|
|
|
|
|
|
%clean
|
|
|
|
rm -rf $RPM_BUILD_ROOT
|
|
|
|
|
|
|
|
%post -p /sbin/ldconfig
|
|
|
|
|
|
|
|
%postun -p /sbin/ldconfig
|
|
|
|
|
|
|
|
%files -f %{name}.lang
|
|
|
|
%defattr(-,root,root,-)
|
|
|
|
%{_libdir}/libopenconnect.so.2*
|
|
|
|
%{_sbindir}/openconnect
|
|
|
|
%{_mandir}/man8/*
|
|
|
|
%doc TODO COPYING.LGPL
|
|
|
|
|
|
|
|
%if %{build_compat_lib}
|
|
|
|
%files lib-compat
|
|
|
|
%{_libdir}/libopenconnect.so.1*
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%files devel
|
|
|
|
%defattr(-,root,root,-)
|
|
|
|
%{_libdir}/libopenconnect.so
|
|
|
|
/usr/include/openconnect.h
|
|
|
|
%{_libdir}/pkgconfig/openconnect.pc
|
|
|
|
|
|
|
|
%changelog
|
|
|
|
* Wed Jun 20 2012 David Woodhouse <David.Woodhouse@intel.com> - 4.00-1
|
|
|
|
- Update to 4.00 release
|
|
|
|
|
|
|
|
* Wed Jun 20 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-8
|
|
|
|
- Add support for building on RHEL[56]
|
|
|
|
|
|
|
|
* Wed Jun 20 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-7
|
|
|
|
- Add OpenSSL encrypted PEM file support for GnuTLS
|
|
|
|
|
|
|
|
* Mon Jun 18 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-6
|
|
|
|
- Fix crash on cleanup when no client certificate is set (#833141)
|
|
|
|
|
|
|
|
* Sat Jun 16 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-5
|
|
|
|
- Enable building compatibility libopenconnect.so.1
|
|
|
|
|
|
|
|
* Thu Jun 14 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-4
|
|
|
|
- Last patch needs autoreconf
|
|
|
|
|
|
|
|
* Thu Jun 14 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-3
|
|
|
|
- Fix library not to reference OpenSSL symbols when linked against GnuTLS 2
|
|
|
|
|
|
|
|
* Thu Jun 14 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-2
|
|
|
|
- Fix GnuTLS BuildRequires
|
|
|
|
|
|
|
|
* Thu Jun 14 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-1
|
|
|
|
- Update to OpenConnect v3.99, use GnuTLS (enables PKCS#11 support)
|
|
|
|
|
|
|
|
* Sat May 19 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.20-2
|
|
|
|
- openconnect-devel package should require precisely matching openconnect
|
|
|
|
|
|
|
|
* Fri May 18 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.20-1
|
|
|
|
- Update to 3.20.
|
|
|
|
|
|
|
|
* Thu May 17 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.19-1
|
|
|
|
- Update to 3.19.
|
|
|
|
|
|
|
|
* Thu Apr 26 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.18-1
|
|
|
|
- Update to 3.18.
|
|
|
|
|
|
|
|
* Fri Apr 20 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.17-1
|
|
|
|
- Update to 3.17.
|
|
|
|
|
|
|
|
* Sun Apr 08 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.16-1
|
|
|
|
- Update to 3.16.
|
|
|
|
|
|
|
|
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.15-2
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
|
|
|
|
|
|
|
* Fri Nov 25 2011 David Woodhouse <David.Woodhouse@intel.com> - 3.15-1
|
|
|
|
- Update to 3.15.
|
|
|
|
|
|
|
|
* Fri Sep 30 2011 David Woodhouse <David.Woodhouse@intel.com> - 3.14-1
|
|
|
|
- Update to 3.14.
|
|
|
|
|
|
|
|
* Fri Sep 30 2011 David Woodhouse <David.Woodhouse@intel.com> - 3.13-1
|
|
|
|
- Update to 3.13. (Add localisation support, --cert-expire-warning)
|
|
|
|
|
|
|
|
* Mon Sep 12 2011 David Woodhouse <David.Woodhouse@intel.com> - 3.12-1
|
|
|
|
* Update to 3.12. (Fix DTLS compatibility issue with new ASA firmware)
|
|
|
|
|
|
|
|
* Wed Jul 20 2011 David Woodhouse <David.Woodhouse@intel.com> - 3.11-1
|
|
|
|
- Update to 3.11. (Fix compatibility issue with servers requiring TLS)
|
|
|
|
|
|
|
|
* Thu Jun 30 2011 David Woodhouse <David.Woodhouse@intel.com> - 3.10-1
|
|
|
|
- Update to 3.10. (Drop static library, ship libopenconnect.so.1)
|
|
|
|
|
|
|
|
* Tue Apr 19 2011 David Woodhouse <David.Woodhouse@intel.com> - 3.02-2
|
|
|
|
- Fix manpage (new tarball)
|
|
|
|
|
|
|
|
* Tue Apr 19 2011 David Woodhouse <David.Woodhouse@intel.com> - 3.02-1
|
|
|
|
- Update to 3.02.
|
|
|
|
|
|
|
|
* Thu Mar 17 2011 David Woodhouse <David.Woodhouse@intel.com> - 3.01-2
|
|
|
|
- Provide openconnect-devel-static (#688349)
|
|
|
|
|
|
|
|
* Wed Mar 9 2011 David Woodhouse <David.Woodhouse@intel.com> - 3.01-1
|
|
|
|
- Update to 3.01.
|
|
|
|
|
|
|
|
* Wed Mar 9 2011 David Woodhouse <David.Woodhouse@intel.com> - 3.00-1
|
|
|
|
- Update to 3.00.
|
|
|
|
|
|
|
|
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.26-5
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
|
|
|
|
|
|
|
* Sun Nov 21 2010 David Woodhouse <David.Woodhouse@intel.com> - 2.26-4
|
|
|
|
- Fix bug numbers in changelog
|
|
|
|
|
|
|
|
* Wed Sep 29 2010 jkeating - 2.26-3
|
|
|
|
- Rebuilt for gcc bug 634757
|
|
|
|
|
|
|
|
* Wed Sep 22 2010 David Woodhouse <David.Woodhouse@intel.com> - 2.26-1
|
|
|
|
- Update to 2.26. (#629979: SIGSEGV in nm-openconnect-auth-dialog)
|
|
|
|
|
|
|
|
* Thu Aug 12 2010 David Woodhouse <David.Woodhouse@intel.com> - 2.25-2
|
|
|
|
- Rebuild for new libproxy
|
|
|
|
|
|
|
|
* Sat May 15 2010 David Woodhouse <David.Woodhouse@intel.com> - 2.25-1
|
|
|
|
- Update to 2.25.
|
|
|
|
|
|
|
|
* Fri May 7 2010 David Woodhouse <David.Woodhouse@intel.com> - 2.24-1
|
|
|
|
- Update to 2.24.
|
|
|
|
|
|
|
|
* Fri Apr 9 2010 David Woodhouse <David.Woodhouse@intel.com> - 2.23-1
|
|
|
|
- Update to 2.23.
|
|
|
|
|
|
|
|
* Sun Mar 7 2010 David Woodhouse <David.Woodhouse@intel.com> - 2.22-1
|
|
|
|
- Update to 2.22. (Works around server bug in ASA version 8.2.2.5)
|
|
|
|
|
|
|
|
* Sun Jan 10 2010 David Woodhouse <David.Woodhouse@intel.com> - 2.21-1
|
|
|
|
- Update to 2.21.
|
|
|
|
|
|
|
|
* Mon Jan 4 2010 David Woodhouse <David.Woodhouse@intel.com> - 2.20-1
|
|
|
|
- Update to 2.20.
|
|
|
|
|
|
|
|
* Mon Dec 7 2009 David Woodhouse <David.Woodhouse@intel.com> - 2.12-1
|
|
|
|
- Update to 2.12.
|
|
|
|
|
|
|
|
* Tue Nov 17 2009 David Woodhouse <David.Woodhouse@intel.com> - 2.11-1
|
|
|
|
- Update to 2.11.
|
|
|
|
|
|
|
|
* Wed Nov 4 2009 David Woodhouse <David.Woodhouse@intel.com> - 2.10-1
|
|
|
|
- Update to 2.10.
|
|
|
|
|
|
|
|
* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 2.01-3
|
|
|
|
- rebuilt with new openssl
|
|
|
|
|
|
|
|
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.01-2
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
|
|
|
|
|
|
|
|
* Wed Jun 24 2009 David Woodhouse <David.Woodhouse@intel.com> - 2.01-1
|
|
|
|
- Update to 2.01.
|
|
|
|
|
|
|
|
* Wed Jun 3 2009 David Woodhouse <David.Woodhouse@intel.com> - 2.00-1
|
|
|
|
- Update to 2.00.
|
|
|
|
|
|
|
|
* Wed May 27 2009 David Woodhouse <David.Woodhouse@intel.com> - 1.40-1
|
|
|
|
- Update to 1.40.
|
|
|
|
|
|
|
|
* Wed May 13 2009 David Woodhouse <David.Woodhouse@intel.com> - 1.30-1
|
|
|
|
- Update to 1.30.
|
|
|
|
|
|
|
|
* Fri May 8 2009 David Woodhouse <David.Woodhouse@intel.com> - 1.20-1
|
|
|
|
- Update to 1.20.
|
|
|
|
|
|
|
|
* Tue Apr 21 2009 David Woodhouse <David.Woodhouse@intel.com> - 1.10-2
|
|
|
|
- Require openssl0.9.8k-4, which has all required DTLS patches.
|
|
|
|
|
|
|
|
* Wed Apr 1 2009 David Woodhouse <David.Woodhouse@intel.com> - 1.10-1
|
|
|
|
- Update to 1.10.
|
|
|
|
|
|
|
|
* Wed Mar 18 2009 David Woodhouse <David.Woodhouse@intel.com> - 1.00-1
|
|
|
|
- Update to 1.00.
|
|
|
|
|
|
|
|
* Thu Feb 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.99-3
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
|
|
|
|
|
|
|
|
* Sat Jan 17 2009 Tomas Mraz <tmraz@redhat.com> - 0.99-2
|
|
|
|
- rebuild with new openssl
|
|
|
|
|
|
|
|
* Tue Dec 16 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.99-1
|
|
|
|
- Update to 0.99.
|
|
|
|
- Fix BuildRequires
|
|
|
|
|
|
|
|
* Mon Nov 24 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.98-1
|
|
|
|
- Update to 0.98.
|
|
|
|
|
|
|
|
* Thu Nov 13 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.97-1
|
|
|
|
- Update to 0.97. Add man page, validate server certs.
|
|
|
|
|
|
|
|
* Tue Oct 28 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.96-1
|
|
|
|
- Update to 0.96. Handle split-includes, MacOS port, more capable SecurID.
|
|
|
|
|
|
|
|
* Thu Oct 09 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.95-1
|
|
|
|
- Update to 0.95. A few bug fixes.
|
|
|
|
|
|
|
|
* Thu Oct 09 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.94-3
|
|
|
|
- Include COPYING.LGPL file
|
|
|
|
|
|
|
|
* Mon Oct 07 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.94-2
|
|
|
|
- Fix auth-dialog crash
|
|
|
|
|
|
|
|
* Mon Oct 06 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.94-1
|
|
|
|
- Take cookie on stdin so it's not visible in ps.
|
|
|
|
- Support running 'script' and passing traffic to it via a socket
|
|
|
|
- Fix abort when fetching XML config fails
|
|
|
|
|
|
|
|
* Sun Oct 05 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.93-1
|
|
|
|
- Work around unexpected disconnection (probably OpenSSL bug)
|
|
|
|
- Handle host list and report errors in NM auth dialog
|
|
|
|
|
|
|
|
* Sun Oct 05 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.92-1
|
|
|
|
- Rename to 'openconnect'
|
|
|
|
- Include NetworkManager auth helper
|
|
|
|
|
|
|
|
* Thu Oct 02 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.91-1
|
|
|
|
- Update to 0.91
|
|
|
|
|
|
|
|
* Thu Oct 02 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.90-1
|
|
|
|
- First package
|