You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
openconnect/openconnect.spec

355 lines
11 KiB

# For Fedora 17 and below, for now, build a compat libopenconnect.so.1 with OpenSSL so
# that the upgrade path is easier.
%define build_compat_lib 0%{?fedora} && 0%{?fedora} < 18
# RHEL6 still has GnuTLS which is even more ancient than Fedora's!
%define use_gnutls 0%{?fedora}
# RHEL5 has no libproxy, and no %make_install macro
%if 0%{?rhel} && 0%{?rhel} <= 5
%define use_libproxy 0
%define make_install %{__make} install DESTDIR=%{?buildroot}
%else
%define use_libproxy 1
%endif
Name: openconnect
Version: 4.01
Release: 1%{?dist}
Summary: Open client for Cisco AnyConnect VPN
Group: Applications/Internet
License: LGPLv2+
URL: http://www.infradead.org/openconnect.html
Source0: ftp://ftp.infradead.org/pub/openconnect/openconnect-%{version}.tar.gz
Source1: library15.c
Source2: libopenconnect15.map
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: openssl-devel libxml2-devel gtk2-devel GConf2-devel dbus-devel
BuildRequires: autoconf automake libtool trousers-devel python gettext
%if 0%{?fedora}
Requires: vpnc-script
# Older versions in F16 won't find openconnect in /usr/sbin:
Conflicts: NetworkManager-openconnect < 0.9.0-3
%else
Requires: vpnc
%endif
%if %use_gnutls
# For F16, we need the fix for https://bugzilla.redhat.com/show_bug.cgi?id=826293
BuildRequires: gnutls-devel >= 2.12.14-3
Requires: gnutls >= 2.12.14-3
%endif
%if %{use_libproxy}
BuildRequires: libproxy-devel
%endif
%description
This package provides a client for Cisco's "AnyConnect" VPN, which uses
HTTPS and DTLS protocols.
%package devel
Summary: Development package for OpenConnect VPN authentication tools
Group: Applications/Internet
Requires: %{name} = %{version}-%{release}
%description devel
This package provides the core HTTP and authentication support from
the OpenConnect VPN client, to be used by GUI authentication dialogs
for NetworkManager etc.
%package lib-compat
Summary: Compatibility library for OpenConnect authentication clients
Group: Applications/Internet
Requires: %{name} = %{version}-%{release}
%description lib-compat
This package provides a backward-compatible library for use by GNOME and KDE
NetworkManager clients which have not yet been rebuilt to use the new version
of the library.
%prep
%setup -q
%if %{build_compat_lib}
cp %{SOURCE1} .
cp %{SOURCE2} libopenconnect15.map.in
# In Fedora 16 we fixed the gnutls_record_get_direction() bug without upgrading
sed 's/2\.12\.16/2.12.14/' -i configure
touch version.c
%endif
%build
%if %{build_compat_lib}
mkdir compat
cd compat
%global _configure ../configure
%configure --with-vpnc-script=/etc/vpnc/vpnc-script --htmldir=%{_docdir}/%{name}-%{version}
# Hack: Build with library15.c instead of library.c and use the old version
# script and soname.
sed -e 's/library\./library15./g' \
-e 's/libopenconnect.map/libopenconnect15.map/g' \
-e 's/-version-number 2:0/-version-number 1:5/g' \
Makefile > Makefile.lib15
# We configure with --disable-dependency-tracking so we do not need this:
# cp .deps/libopenconnect_la-library.Plo .deps/libopenconnect_la-library2.Plo
# Do not let it rebuild the symbol map that we provided
cp %{SOURCE2} .
make -f Makefile.lib15 libopenconnect.la V=1
cd ..
%global _configure ./configure
%endif # {build_compat_lib}
%configure --with-vpnc-script=/etc/vpnc/vpnc-script \
%if %{use_gnutls}
--with-gnutls \
%endif
--htmldir=%{_docdir}/%{name}-%{version}
make %{?_smp_mflags} V=1
%install
rm -rf $RPM_BUILD_ROOT
%if %{build_compat_lib}
mkdir -p $RPM_BUILD_ROOT/%{_libdir}
install -m0755 compat/.libs/libopenconnect.so.1.5.0 ${RPM_BUILD_ROOT}/%{_libdir}
ln -sf libopenconnect.so.1.5.0 ${RPM_BUILD_ROOT}/%{_libdir}/libopenconnect.so.1
%endif
%make_install
rm -f $RPM_BUILD_ROOT/%{_libdir}/libopenconnect.la
%find_lang %{name}
%clean
rm -rf $RPM_BUILD_ROOT
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
%files -f %{name}.lang
%defattr(-,root,root,-)
%{_libdir}/libopenconnect.so.2*
%{_sbindir}/openconnect
%{_mandir}/man8/*
%doc TODO COPYING.LGPL
%if %{build_compat_lib}
%files lib-compat
%{_libdir}/libopenconnect.so.1*
%endif
%files devel
%defattr(-,root,root,-)
%{_libdir}/libopenconnect.so
/usr/include/openconnect.h
%{_libdir}/pkgconfig/openconnect.pc
%changelog
* Thu Jun 27 2012 David Woodhouse <David.Woodhouse@intel.com> - 4.01-1
- Update to 4.01 release
* Thu Jun 21 2012 David Woodhouse <David.Woodhouse@intel.com> - 4.00-2
- Fix dependencies for RHEL[56]
* Wed Jun 20 2012 David Woodhouse <David.Woodhouse@intel.com> - 4.00-1
- Update to 4.00 release
* Wed Jun 20 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-8
- Add support for building on RHEL[56]
* Wed Jun 20 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-7
- Add OpenSSL encrypted PEM file support for GnuTLS
* Mon Jun 18 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-6
- Fix crash on cleanup when no client certificate is set (#833141)
* Sat Jun 16 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-5
- Enable building compatibility libopenconnect.so.1
* Thu Jun 14 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-4
- Last patch needs autoreconf
* Thu Jun 14 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-3
- Fix library not to reference OpenSSL symbols when linked against GnuTLS 2
* Thu Jun 14 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-2
- Fix GnuTLS BuildRequires
* Thu Jun 14 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-1
- Update to OpenConnect v3.99, use GnuTLS (enables PKCS#11 support)
* Sat May 19 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.20-2
- openconnect-devel package should require precisely matching openconnect
* Fri May 18 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.20-1
- Update to 3.20.
* Thu May 17 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.19-1
- Update to 3.19.
* Thu Apr 26 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.18-1
- Update to 3.18.
* Fri Apr 20 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.17-1
- Update to 3.17.
* Sun Apr 08 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.16-1
- Update to 3.16.
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.15-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Fri Nov 25 2011 David Woodhouse <David.Woodhouse@intel.com> - 3.15-1
- Update to 3.15.
* Fri Sep 30 2011 David Woodhouse <David.Woodhouse@intel.com> - 3.14-1
- Update to 3.14.
* Fri Sep 30 2011 David Woodhouse <David.Woodhouse@intel.com> - 3.13-1
- Update to 3.13. (Add localisation support, --cert-expire-warning)
* Mon Sep 12 2011 David Woodhouse <David.Woodhouse@intel.com> - 3.12-1
* Update to 3.12. (Fix DTLS compatibility issue with new ASA firmware)
* Wed Jul 20 2011 David Woodhouse <David.Woodhouse@intel.com> - 3.11-1
- Update to 3.11. (Fix compatibility issue with servers requiring TLS)
* Thu Jun 30 2011 David Woodhouse <David.Woodhouse@intel.com> - 3.10-1
- Update to 3.10. (Drop static library, ship libopenconnect.so.1)
* Tue Apr 19 2011 David Woodhouse <David.Woodhouse@intel.com> - 3.02-2
- Fix manpage (new tarball)
* Tue Apr 19 2011 David Woodhouse <David.Woodhouse@intel.com> - 3.02-1
- Update to 3.02.
* Thu Mar 17 2011 David Woodhouse <David.Woodhouse@intel.com> - 3.01-2
- Provide openconnect-devel-static (#688349)
* Wed Mar 9 2011 David Woodhouse <David.Woodhouse@intel.com> - 3.01-1
- Update to 3.01.
* Wed Mar 9 2011 David Woodhouse <David.Woodhouse@intel.com> - 3.00-1
- Update to 3.00.
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.26-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Sun Nov 21 2010 David Woodhouse <David.Woodhouse@intel.com> - 2.26-4
- Fix bug numbers in changelog
* Wed Sep 29 2010 jkeating - 2.26-3
- Rebuilt for gcc bug 634757
* Wed Sep 22 2010 David Woodhouse <David.Woodhouse@intel.com> - 2.26-1
- Update to 2.26. (#629979: SIGSEGV in nm-openconnect-auth-dialog)
* Thu Aug 12 2010 David Woodhouse <David.Woodhouse@intel.com> - 2.25-2
- Rebuild for new libproxy
* Sat May 15 2010 David Woodhouse <David.Woodhouse@intel.com> - 2.25-1
- Update to 2.25.
* Fri May 7 2010 David Woodhouse <David.Woodhouse@intel.com> - 2.24-1
- Update to 2.24.
* Fri Apr 9 2010 David Woodhouse <David.Woodhouse@intel.com> - 2.23-1
- Update to 2.23.
* Sun Mar 7 2010 David Woodhouse <David.Woodhouse@intel.com> - 2.22-1
- Update to 2.22. (Works around server bug in ASA version 8.2.2.5)
* Sun Jan 10 2010 David Woodhouse <David.Woodhouse@intel.com> - 2.21-1
- Update to 2.21.
* Mon Jan 4 2010 David Woodhouse <David.Woodhouse@intel.com> - 2.20-1
- Update to 2.20.
* Mon Dec 7 2009 David Woodhouse <David.Woodhouse@intel.com> - 2.12-1
- Update to 2.12.
* Tue Nov 17 2009 David Woodhouse <David.Woodhouse@intel.com> - 2.11-1
- Update to 2.11.
* Wed Nov 4 2009 David Woodhouse <David.Woodhouse@intel.com> - 2.10-1
- Update to 2.10.
* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 2.01-3
- rebuilt with new openssl
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.01-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Wed Jun 24 2009 David Woodhouse <David.Woodhouse@intel.com> - 2.01-1
- Update to 2.01.
* Wed Jun 3 2009 David Woodhouse <David.Woodhouse@intel.com> - 2.00-1
- Update to 2.00.
* Wed May 27 2009 David Woodhouse <David.Woodhouse@intel.com> - 1.40-1
- Update to 1.40.
* Wed May 13 2009 David Woodhouse <David.Woodhouse@intel.com> - 1.30-1
- Update to 1.30.
* Fri May 8 2009 David Woodhouse <David.Woodhouse@intel.com> - 1.20-1
- Update to 1.20.
* Tue Apr 21 2009 David Woodhouse <David.Woodhouse@intel.com> - 1.10-2
- Require openssl0.9.8k-4, which has all required DTLS patches.
* Wed Apr 1 2009 David Woodhouse <David.Woodhouse@intel.com> - 1.10-1
- Update to 1.10.
* Wed Mar 18 2009 David Woodhouse <David.Woodhouse@intel.com> - 1.00-1
- Update to 1.00.
* Thu Feb 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.99-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Sat Jan 17 2009 Tomas Mraz <tmraz@redhat.com> - 0.99-2
- rebuild with new openssl
* Tue Dec 16 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.99-1
- Update to 0.99.
- Fix BuildRequires
* Mon Nov 24 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.98-1
- Update to 0.98.
* Thu Nov 13 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.97-1
- Update to 0.97. Add man page, validate server certs.
* Tue Oct 28 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.96-1
- Update to 0.96. Handle split-includes, MacOS port, more capable SecurID.
* Thu Oct 09 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.95-1
- Update to 0.95. A few bug fixes.
* Thu Oct 09 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.94-3
- Include COPYING.LGPL file
* Mon Oct 07 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.94-2
- Fix auth-dialog crash
* Mon Oct 06 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.94-1
- Take cookie on stdin so it's not visible in ps.
- Support running 'script' and passing traffic to it via a socket
- Fix abort when fetching XML config fails
* Sun Oct 05 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.93-1
- Work around unexpected disconnection (probably OpenSSL bug)
- Handle host list and report errors in NM auth dialog
* Sun Oct 05 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.92-1
- Rename to 'openconnect'
- Include NetworkManager auth helper
* Thu Oct 02 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.91-1
- Update to 0.91
* Thu Oct 02 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.90-1
- First package