|
|
@ -1,42 +1,55 @@
|
|
|
|
%define _hardened_build 1
|
|
|
|
%define _hardened_build 1
|
|
|
|
#define prerelease rc22
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Build conditionals
|
|
|
|
# Build conditionals
|
|
|
|
# tests_long - Enabled by default, enables long running tests in %%check
|
|
|
|
# tests_long - Enabled by default, enables long running tests in %%check
|
|
|
|
%bcond_without tests_long
|
|
|
|
%bcond_without tests_long
|
|
|
|
|
|
|
|
|
|
|
|
Name: openvpn
|
|
|
|
Name: openvpn
|
|
|
|
Version: 2.4.9
|
|
|
|
Version: 2.5.0
|
|
|
|
Release: 2%{?prerelease:.%{prerelease}}%{?dist}
|
|
|
|
Release: 1%{?dist}
|
|
|
|
Summary: A full-featured SSL VPN solution
|
|
|
|
Summary: A full-featured TLS VPN solution
|
|
|
|
URL: https://community.openvpn.net/
|
|
|
|
URL: https://community.openvpn.net/
|
|
|
|
Source0: https://build.openvpn.net/downloads/releases/%{name}-%{version}%{?prerelease:_%{prerelease}}.tar.xz
|
|
|
|
Source0: https://build.openvpn.net/downloads/releases/%{name}-%{version}.tar.xz
|
|
|
|
Source1: https://build.openvpn.net/downloads/releases/%{name}-%{version}%{?prerelease:_%{prerelease}}.tar.xz.asc
|
|
|
|
Source1: https://build.openvpn.net/downloads/releases/%{name}-%{version}.tar.xz.asc
|
|
|
|
Source2: roadwarrior-server.conf
|
|
|
|
Source2: roadwarrior-server.conf
|
|
|
|
Source3: roadwarrior-client.conf
|
|
|
|
Source3: roadwarrior-client.conf
|
|
|
|
# Upstream signing key
|
|
|
|
# Upstream signing key
|
|
|
|
Source6: gpgkey-F554A3687412CFFEBDEFE0A312F5F7B42F2B01E7.gpg
|
|
|
|
Source10: gpgkey-F554A3687412CFFEBDEFE0A312F5F7B42F2B01E7.gpg
|
|
|
|
Patch1: 0001-Change-the-default-cipher-to-AES-256-GCM-for-server-.patch
|
|
|
|
Patch1: 0001-Change-the-default-cipher-to-AES-256-GCM-for-server-.patch
|
|
|
|
Patch50: openvpn-2.4-change-tmpfiles-permissions.patch
|
|
|
|
Patch50: openvpn-2.4-change-tmpfiles-permissions.patch
|
|
|
|
License: GPLv2
|
|
|
|
License: GPLv2
|
|
|
|
BuildRequires: gnupg2
|
|
|
|
BuildRequires: gnupg2
|
|
|
|
BuildRequires: gcc
|
|
|
|
BuildRequires: gcc
|
|
|
|
BuildRequires: systemd-devel
|
|
|
|
BuildRequires: automake
|
|
|
|
|
|
|
|
BuildRequires: autoconf
|
|
|
|
|
|
|
|
BuildRequires: autoconf-archive
|
|
|
|
|
|
|
|
BuildRequires: libtool
|
|
|
|
|
|
|
|
BuildRequires: gettext
|
|
|
|
BuildRequires: lzo-devel
|
|
|
|
BuildRequires: lzo-devel
|
|
|
|
BuildRequires: lz4-devel
|
|
|
|
BuildRequires: lz4-devel
|
|
|
|
BuildRequires: openssl-devel
|
|
|
|
BuildRequires: openssl-devel
|
|
|
|
BuildRequires: pkcs11-helper-devel >= 1.11
|
|
|
|
BuildRequires: pkcs11-helper-devel >= 1.11
|
|
|
|
BuildRequires: pam-devel
|
|
|
|
BuildRequires: pam-devel
|
|
|
|
BuildRequires: libselinux-devel
|
|
|
|
BuildRequires: libselinux-devel
|
|
|
|
# For the perl_default_filter macro
|
|
|
|
BuildRequires: libcmocka-devel
|
|
|
|
BuildRequires: perl-macros
|
|
|
|
|
|
|
|
BuildRequires: systemd
|
|
|
|
BuildRequires: systemd
|
|
|
|
|
|
|
|
BuildRequires: systemd-devel
|
|
|
|
|
|
|
|
|
|
|
|
%{?systemd_requires}
|
|
|
|
%{?systemd_requires}
|
|
|
|
# For /sbin/ip.
|
|
|
|
|
|
|
|
BuildRequires: iproute
|
|
|
|
|
|
|
|
Requires: iproute
|
|
|
|
|
|
|
|
Requires(pre): /usr/sbin/useradd
|
|
|
|
Requires(pre): /usr/sbin/useradd
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%if 0%{?rhel} > 7 || 0%{?fedora} > 29
|
|
|
|
|
|
|
|
BuildRequires: python3-docutils
|
|
|
|
|
|
|
|
%else
|
|
|
|
|
|
|
|
# We cannot use python36-docutils on RHEL-7 as
|
|
|
|
|
|
|
|
# the ./configure script does not currently find
|
|
|
|
|
|
|
|
# the rst2man-3 executable, it only looks for rst2man
|
|
|
|
|
|
|
|
BuildRequires: python-docutils
|
|
|
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# For the perl_default_filter macro
|
|
|
|
|
|
|
|
BuildRequires: perl-macros
|
|
|
|
|
|
|
|
|
|
|
|
# Filter out the perl(Authen::PAM) dependency.
|
|
|
|
# Filter out the perl(Authen::PAM) dependency.
|
|
|
|
# No perl dependency is really needed at all.
|
|
|
|
# No perl dependency is really needed at all.
|
|
|
|
%{?perl_default_filter}
|
|
|
|
%{?perl_default_filter}
|
|
|
@ -60,20 +73,18 @@ to similar features as the various script-hooks.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%prep
|
|
|
|
%prep
|
|
|
|
gpgv2 --quiet --keyring %{SOURCE6} %{SOURCE1} %{SOURCE0}
|
|
|
|
gpgv2 --quiet --keyring %{SOURCE10} %{SOURCE1} %{SOURCE0}
|
|
|
|
%setup -q -n %{name}-%{version}%{?prerelease:_%{prerelease}}
|
|
|
|
%setup -q -n %{name}-%{version}
|
|
|
|
%patch1 -p1 -b .ch_default_cipher
|
|
|
|
%patch1 -p1 -b .ch_default_cipher
|
|
|
|
%patch50 -p1
|
|
|
|
%patch50 -p1
|
|
|
|
|
|
|
|
|
|
|
|
sed -i -e 's,%{_datadir}/openvpn/plugin,%{_libdir}/openvpn/plugin,' doc/openvpn.8
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# %%doc items shouldn't be executable.
|
|
|
|
# %%doc items shouldn't be executable.
|
|
|
|
find contrib sample -type f -perm /100 \
|
|
|
|
find contrib sample -type f -perm /100 \
|
|
|
|
-exec chmod a-x {} \;
|
|
|
|
-exec chmod a-x {} \;
|
|
|
|
|
|
|
|
|
|
|
|
%build
|
|
|
|
%build
|
|
|
|
%configure \
|
|
|
|
%configure \
|
|
|
|
--enable-iproute2 \
|
|
|
|
--enable-silent-rules \
|
|
|
|
--with-crypto-library=openssl \
|
|
|
|
--with-crypto-library=openssl \
|
|
|
|
--enable-pkcs11 \
|
|
|
|
--enable-pkcs11 \
|
|
|
|
--enable-selinux \
|
|
|
|
--enable-selinux \
|
|
|
@ -82,8 +93,7 @@ find contrib sample -type f -perm /100 \
|
|
|
|
--enable-async-push \
|
|
|
|
--enable-async-push \
|
|
|
|
--docdir=%{_pkgdocdir} \
|
|
|
|
--docdir=%{_pkgdocdir} \
|
|
|
|
SYSTEMD_UNIT_DIR=%{_unitdir} \
|
|
|
|
SYSTEMD_UNIT_DIR=%{_unitdir} \
|
|
|
|
TMPFILES_DIR=%{_tmpfilesdir} \
|
|
|
|
TMPFILES_DIR=%{_tmpfilesdir}
|
|
|
|
IPROUTE=/sbin/ip
|
|
|
|
|
|
|
|
%{__make}
|
|
|
|
%{__make}
|
|
|
|
|
|
|
|
|
|
|
|
%check
|
|
|
|
%check
|
|
|
@ -156,7 +166,6 @@ getent passwd openvpn &>/dev/null || \
|
|
|
|
%postun
|
|
|
|
%postun
|
|
|
|
%systemd_postun_with_restart openvpn-client@\*.service
|
|
|
|
%systemd_postun_with_restart openvpn-client@\*.service
|
|
|
|
%systemd_postun_with_restart openvpn-server@\*.service
|
|
|
|
%systemd_postun_with_restart openvpn-server@\*.service
|
|
|
|
%systemd_postun_with_restart openvpn@\*.service
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%files
|
|
|
|
%files
|
|
|
|
%{_pkgdocdir}
|
|
|
|
%{_pkgdocdir}
|
|
|
@ -183,6 +192,9 @@ getent passwd openvpn &>/dev/null || \
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%changelog
|
|
|
|
%changelog
|
|
|
|
|
|
|
|
* Wed Oct 28 2020 David Sommerseth <dazo@eurephia.org> - 2.5.0-1
|
|
|
|
|
|
|
|
- Update to upstream OpenVPN 2.5.0
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.9-2
|
|
|
|
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.9-2
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
|
|
|
|
|
|
|
|
|
|
|