# For Fedora 17 and below, for now, build a compat libopenconnect.so.1 with OpenSSL so # that the upgrade path is easier. %define build_compat_lib 0%{?fedora} && 0%{?fedora} < 18 # RHEL6 still has GnuTLS which is even more ancient than Fedora's! %define use_gnutls 0%{?fedora} || 0%{?rhel} >= 7 # RHEL5 has no libproxy, and no %make_install macro %if 0%{?rhel} && 0%{?rhel} <= 5 %define use_libproxy 0 %define make_install %{__make} install DESTDIR=%{?buildroot} %else %define use_libproxy 1 %endif Name: openconnect Version: 4.05 Release: 1%{?dist} Summary: Open client for Cisco AnyConnect VPN Group: Applications/Internet License: LGPLv2+ URL: http://www.infradead.org/openconnect.html Source0: ftp://ftp.infradead.org/pub/openconnect/openconnect-%{version}.tar.gz Source1: library15.c Source2: libopenconnect15.map BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: openssl-devel libxml2-devel gtk2-devel GConf2-devel dbus-devel BuildRequires: autoconf automake libtool trousers-devel python gettext %if 0%{?fedora} Requires: vpnc-script # Older versions in F16 won't find openconnect in /usr/sbin: Conflicts: NetworkManager-openconnect < 0.9.0-3 %else Requires: vpnc %endif %if %use_gnutls # For F16, we need the fix for https://bugzilla.redhat.com/show_bug.cgi?id=826293 BuildRequires: gnutls-devel >= 2.12.14-3 Requires: gnutls >= 2.12.14-3 %endif %if %{use_libproxy} BuildRequires: libproxy-devel %endif %description This package provides a client for Cisco's "AnyConnect" VPN, which uses HTTPS and DTLS protocols. %package devel Summary: Development package for OpenConnect VPN authentication tools Group: Applications/Internet Requires: %{name} = %{version}-%{release} # RHEL5 needs these spelled out because it doesn't automatically infer from pkgconfig Requires: openssl-devel zlib-devel %description devel This package provides the core HTTP and authentication support from the OpenConnect VPN client, to be used by GUI authentication dialogs for NetworkManager etc. %package lib-compat Summary: Compatibility library for OpenConnect authentication clients Group: Applications/Internet Requires: %{name} = %{version}-%{release} %description lib-compat This package provides a backward-compatible library for use by GNOME and KDE NetworkManager clients which have not yet been rebuilt to use the new version of the library. %prep %setup -q %if %{build_compat_lib} cp %{SOURCE1} . cp %{SOURCE2} libopenconnect15.map.in # In Fedora 16 we fixed the gnutls_record_get_direction() bug without upgrading sed 's/2\.12\.16/2.12.14/' -i configure touch version.c %endif %build %if %{build_compat_lib} mkdir compat cd compat %global _configure ../configure %configure --with-vpnc-script=/etc/vpnc/vpnc-script --htmldir=%{_docdir}/%{name}-%{version} # Hack: Build with library15.c instead of library.c and use the old version # script and soname. sed -e 's/library\./library15./g' \ -e 's/libopenconnect.map/libopenconnect15.map/g' \ -e 's/-version-number 2:0/-version-number 1:5/g' \ Makefile > Makefile.lib15 # We configure with --disable-dependency-tracking so we do not need this: # cp .deps/libopenconnect_la-library.Plo .deps/libopenconnect_la-library2.Plo # Do not let it rebuild the symbol map that we provided cp %{SOURCE2} . make -f Makefile.lib15 libopenconnect.la V=1 cd .. %global _configure ./configure %endif # {build_compat_lib} %configure --with-vpnc-script=/etc/vpnc/vpnc-script \ %if %{use_gnutls} --with-gnutls \ %endif --htmldir=%{_docdir}/%{name}-%{version} make %{?_smp_mflags} V=1 %install rm -rf $RPM_BUILD_ROOT %if %{build_compat_lib} mkdir -p $RPM_BUILD_ROOT/%{_libdir} install -m0755 compat/.libs/libopenconnect.so.1.5.0 ${RPM_BUILD_ROOT}/%{_libdir} ln -sf libopenconnect.so.1.5.0 ${RPM_BUILD_ROOT}/%{_libdir}/libopenconnect.so.1 %endif %make_install rm -f $RPM_BUILD_ROOT/%{_libdir}/libopenconnect.la %find_lang %{name} %clean rm -rf $RPM_BUILD_ROOT %post -p /sbin/ldconfig %postun -p /sbin/ldconfig %files -f %{name}.lang %defattr(-,root,root,-) %{_libdir}/libopenconnect.so.2* %{_sbindir}/openconnect %{_mandir}/man8/* %doc TODO COPYING.LGPL %if %{build_compat_lib} %files lib-compat %{_libdir}/libopenconnect.so.1* %endif %files devel %defattr(-,root,root,-) %{_libdir}/libopenconnect.so /usr/include/openconnect.h %{_libdir}/pkgconfig/openconnect.pc %changelog * Thu Jul 12 2012 David Woodhouse - 4.05-1 - Update to 4.05 release (PKCS#11 fixes) * Thu Jul 05 2012 David Woodhouse - 4.04-1 - Update to 4.04 release (Fix PKCS#8 password handling) * Mon Jul 02 2012 David Woodhouse - 4.03-1 - Update to 4.03 release (#836558) * Thu Jun 27 2012 David Woodhouse - 4.02-1 - Update to 4.02 release * Thu Jun 27 2012 David Woodhouse - 4.01-1 - Update to 4.01 release * Thu Jun 21 2012 David Woodhouse - 4.00-3 - Remove zlib from openconnect.pc dependencies * Thu Jun 21 2012 David Woodhouse - 4.00-2 - Fix dependencies for RHEL[56] * Wed Jun 20 2012 David Woodhouse - 4.00-1 - Update to 4.00 release * Wed Jun 20 2012 David Woodhouse - 3.99-8 - Add support for building on RHEL[56] * Wed Jun 20 2012 David Woodhouse - 3.99-7 - Add OpenSSL encrypted PEM file support for GnuTLS * Mon Jun 18 2012 David Woodhouse - 3.99-6 - Fix crash on cleanup when no client certificate is set (#833141) * Sat Jun 16 2012 David Woodhouse - 3.99-5 - Enable building compatibility libopenconnect.so.1 * Thu Jun 14 2012 David Woodhouse - 3.99-4 - Last patch needs autoreconf * Thu Jun 14 2012 David Woodhouse - 3.99-3 - Fix library not to reference OpenSSL symbols when linked against GnuTLS 2 * Thu Jun 14 2012 David Woodhouse - 3.99-2 - Fix GnuTLS BuildRequires * Thu Jun 14 2012 David Woodhouse - 3.99-1 - Update to OpenConnect v3.99, use GnuTLS (enables PKCS#11 support) * Sat May 19 2012 David Woodhouse - 3.20-2 - openconnect-devel package should require precisely matching openconnect * Fri May 18 2012 David Woodhouse - 3.20-1 - Update to 3.20. * Thu May 17 2012 David Woodhouse - 3.19-1 - Update to 3.19. * Thu Apr 26 2012 David Woodhouse - 3.18-1 - Update to 3.18. * Fri Apr 20 2012 David Woodhouse - 3.17-1 - Update to 3.17. * Sun Apr 08 2012 David Woodhouse - 3.16-1 - Update to 3.16. * Fri Jan 13 2012 Fedora Release Engineering - 3.15-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Fri Nov 25 2011 David Woodhouse - 3.15-1 - Update to 3.15. * Fri Sep 30 2011 David Woodhouse - 3.14-1 - Update to 3.14. * Fri Sep 30 2011 David Woodhouse - 3.13-1 - Update to 3.13. (Add localisation support, --cert-expire-warning) * Mon Sep 12 2011 David Woodhouse - 3.12-1 * Update to 3.12. (Fix DTLS compatibility issue with new ASA firmware) * Wed Jul 20 2011 David Woodhouse - 3.11-1 - Update to 3.11. (Fix compatibility issue with servers requiring TLS) * Thu Jun 30 2011 David Woodhouse - 3.10-1 - Update to 3.10. (Drop static library, ship libopenconnect.so.1) * Tue Apr 19 2011 David Woodhouse - 3.02-2 - Fix manpage (new tarball) * Tue Apr 19 2011 David Woodhouse - 3.02-1 - Update to 3.02. * Thu Mar 17 2011 David Woodhouse - 3.01-2 - Provide openconnect-devel-static (#688349) * Wed Mar 9 2011 David Woodhouse - 3.01-1 - Update to 3.01. * Wed Mar 9 2011 David Woodhouse - 3.00-1 - Update to 3.00. * Tue Feb 08 2011 Fedora Release Engineering - 2.26-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Sun Nov 21 2010 David Woodhouse - 2.26-4 - Fix bug numbers in changelog * Wed Sep 29 2010 jkeating - 2.26-3 - Rebuilt for gcc bug 634757 * Wed Sep 22 2010 David Woodhouse - 2.26-1 - Update to 2.26. (#629979: SIGSEGV in nm-openconnect-auth-dialog) * Thu Aug 12 2010 David Woodhouse - 2.25-2 - Rebuild for new libproxy * Sat May 15 2010 David Woodhouse - 2.25-1 - Update to 2.25. * Fri May 7 2010 David Woodhouse - 2.24-1 - Update to 2.24. * Fri Apr 9 2010 David Woodhouse - 2.23-1 - Update to 2.23. * Sun Mar 7 2010 David Woodhouse - 2.22-1 - Update to 2.22. (Works around server bug in ASA version 8.2.2.5) * Sun Jan 10 2010 David Woodhouse - 2.21-1 - Update to 2.21. * Mon Jan 4 2010 David Woodhouse - 2.20-1 - Update to 2.20. * Mon Dec 7 2009 David Woodhouse - 2.12-1 - Update to 2.12. * Tue Nov 17 2009 David Woodhouse - 2.11-1 - Update to 2.11. * Wed Nov 4 2009 David Woodhouse - 2.10-1 - Update to 2.10. * Fri Aug 21 2009 Tomas Mraz - 2.01-3 - rebuilt with new openssl * Sat Jul 25 2009 Fedora Release Engineering - 2.01-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Wed Jun 24 2009 David Woodhouse - 2.01-1 - Update to 2.01. * Wed Jun 3 2009 David Woodhouse - 2.00-1 - Update to 2.00. * Wed May 27 2009 David Woodhouse - 1.40-1 - Update to 1.40. * Wed May 13 2009 David Woodhouse - 1.30-1 - Update to 1.30. * Fri May 8 2009 David Woodhouse - 1.20-1 - Update to 1.20. * Tue Apr 21 2009 David Woodhouse - 1.10-2 - Require openssl0.9.8k-4, which has all required DTLS patches. * Wed Apr 1 2009 David Woodhouse - 1.10-1 - Update to 1.10. * Wed Mar 18 2009 David Woodhouse - 1.00-1 - Update to 1.00. * Thu Feb 26 2009 Fedora Release Engineering - 0.99-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Sat Jan 17 2009 Tomas Mraz - 0.99-2 - rebuild with new openssl * Tue Dec 16 2008 David Woodhouse - 0.99-1 - Update to 0.99. - Fix BuildRequires * Mon Nov 24 2008 David Woodhouse - 0.98-1 - Update to 0.98. * Thu Nov 13 2008 David Woodhouse - 0.97-1 - Update to 0.97. Add man page, validate server certs. * Tue Oct 28 2008 David Woodhouse - 0.96-1 - Update to 0.96. Handle split-includes, MacOS port, more capable SecurID. * Thu Oct 09 2008 David Woodhouse - 0.95-1 - Update to 0.95. A few bug fixes. * Thu Oct 09 2008 David Woodhouse - 0.94-3 - Include COPYING.LGPL file * Mon Oct 07 2008 David Woodhouse - 0.94-2 - Fix auth-dialog crash * Mon Oct 06 2008 David Woodhouse - 0.94-1 - Take cookie on stdin so it's not visible in ps. - Support running 'script' and passing traffic to it via a socket - Fix abort when fetching XML config fails * Sun Oct 05 2008 David Woodhouse - 0.93-1 - Work around unexpected disconnection (probably OpenSSL bug) - Handle host list and report errors in NM auth dialog * Sun Oct 05 2008 David Woodhouse - 0.92-1 - Rename to 'openconnect' - Include NetworkManager auth helper * Thu Oct 02 2008 David Woodhouse - 0.91-1 - Update to 0.91 * Thu Oct 02 2008 David Woodhouse - 0.90-1 - First package