%define plugins down-root auth-pam Name: openvpn Version: 2.0.2 Release: 1%{?dist} Summary: A full-featured SSL VPN solution URL: http://openvpn.net/ Source0: http://openvpn.net/release/%{name}-%{version}.tar.gz Source1: http://openvpn.net/signatures/%{name}-%{version}.tar.gz.asc # Sample 2.0 config files Source2: roadwarrior-server.conf Source3: roadwarrior-client.conf # Don't start openvpn by default. Patch0: openvpn-init.patch License: GPL Group: Applications/Internet BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-%(id -un) BuildRequires: lzo-devel BuildRequires: openssl-devel BuildRequires: pam-devel # We need /dev/net/tun. # This will work with RH9+ dev or udev. Requires: dev >= 0:3.3.2-5 Requires(pre): /usr/sbin/useradd Requires(post): /sbin/chkconfig Requires(preun): /sbin/chkconfig, /sbin/service Requires(postun): /sbin/service # Filter out the perl(Authen::PAM) dependency. # No perl dependency is really needed at all. %define __perl_requires sh -c 'cat > /dev/null' %description OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumer's LZO library for compression. %prep %setup -q -n %{name}-%{version}%{?prever:_%{prever}} %patch0 -p0 sed -i -e 's,%{_datadir}/openvpn/plugin,%{_libdir}/openvpn/plugin,' openvpn.8 %build # --enable-pthread Enable pthread support (Experimental for OpenVPN 2.0) # --enable-password-save Allow --askpass and --auth-user-pass passwords to be # read from a file # --enable-iproute2 Enable support for iproute2 %configure --enable-pthread --enable-password-save --enable-iproute2 %{__make} # Build plugins for plugin in %{plugins} ; do %{__make} -C plugin/$plugin done %check || : # Test Crypto: ./openvpn --genkey --secret key ./openvpn --test-crypto --secret key # Test SSL/TLS negotiations (runs for 2 minutes): ./openvpn --config sample-config-files/loopback-client & ./openvpn --config sample-config-files/loopback-server wait %install rm -rf $RPM_BUILD_ROOT install -D -m 0755 %{name}.8 $RPM_BUILD_ROOT%{_mandir}/man8/%{name}.8 install -D -m 0755 %{name} $RPM_BUILD_ROOT%{_sbindir}/%{name} install -D -m 0755 sample-scripts/%{name}.init \ $RPM_BUILD_ROOT%{_initrddir}/%{name} install -d -m 0755 $RPM_BUILD_ROOT%{_sysconfdir}/%{name} mkdir -p $RPM_BUILD_ROOT%{_datadir}/%{name} cp -pR easy-rsa $RPM_BUILD_ROOT%{_datadir}/%{name}/ rm -rf $RPM_BUILD_ROOT%{_datadir}/%{name}/easy-rsa/Windows cp %{SOURCE2} %{SOURCE3} sample-config-files/ mkdir -p $RPM_BUILD_ROOT%{_libdir}/%{name}/plugin/lib for plugin in %{plugins} ; do install -m 0755 plugin/$plugin/openvpn-$plugin.so \ $RPM_BUILD_ROOT%{_libdir}/%{name}/plugin/lib/openvpn-$plugin.so cp plugin/$plugin/README plugin/$plugin.txt done mkdir -m 755 -p $RPM_BUILD_ROOT%{_var}/run/%{name} %clean rm -rf $RPM_BUILD_ROOT %pre if ! id openvpn > /dev/null 2>&1 ; then /usr/sbin/useradd -r -s /sbin/nologin -c OpenVPN -d /etc/openvpn openvpn fi %post /sbin/chkconfig --add %{name} %preun if [ "$1" = 0 ]; then /sbin/service %{name} stop /sbin/chkconfig --del %{name} fi %postun if [ "$1" -ge 1 ]; then /sbin/service %{name} condrestart >/dev/null 2>&1 fi %files %defattr(-,root,root,0755) %doc AUTHORS COPYING COPYRIGHT.GPL INSTALL PORTS README # Add NEWS when it isn't zero-length. %doc plugin/*.txt %doc contrib sample-config-files sample-keys sample-scripts %{_mandir}/man8/%{name}.8* %{_sbindir}/%{name} %{_datadir}/%{name}/ %{_libdir}/%{name}/ %{_initrddir}/%{name} %{_var}/run/%{name}/ %config %dir %{_sysconfdir}/%{name}/ %changelog * Thu Aug 25 2005 Steven Pritchard 2.0.2-1 - Update to 2.0.2 - Refine roadwarrior-server.conf a bit * Mon Aug 22 2005 Steven Pritchard 2.0.1-1 - Update to 2.0.1 * Mon Jun 27 2005 Steven Pritchard 2.0-2 - Move the plugin directory to _libdir - Drop the easy-rsa/Windows directory - Comment cleanups - Add "processname" header to init script - The init script isn't a config file - Tag contrib, sample-config-files, sample-keys, and sample-scripts as doc - Create/own pid dir * Sat Jun 25 2005 Steven Pritchard 2.0-1 - Update to 2.0 final - Drop Epoch: 0 and rebuild for Fedora Extras * Wed Feb 16 2005 Steven Pritchard 0:2.0-0.fdr.0.14.rc13 - Fix/add paths to useradd * Mon Feb 14 2005 Steven Pritchard 0:2.0-0.fdr.0.13.rc13 - Update to 2.0_rc13 - More spec cleanup (suggestions from Matthias Saou) * Tue Feb 08 2005 Steven Pritchard 0:2.0-0.fdr.0.12.rc12 - Update to 2.0_rc12 - Small spec cleanups - Drop perl auto-requirements entirely * Mon Dec 20 2004 Steven Pritchard 0:2.0-0.fdr.0.11.rc6 - Add down-root and auth-pam plugins - Add --enable-password-save and --enable-iproute2 - Add crypto and loopback tests (somewhat time-consuming) * Thu Dec 16 2004 Steven Pritchard 0:2.0-0.fdr.0.10.rc5 - Update to 2.0_rc5 - Change the port to 1194 in the roadwarrior-*.conf samples - Change openvpn-init.patch to reformat the description in the init script - Modify the Summary and description (OpenVPN isn't UDP-only) * Tue Dec 14 2004 Steven Pritchard 0:2.0-0.fdr.0.9.rc1 - Remove the perl(Authen::PAM) dependency * Thu Dec 09 2004 Steven Pritchard 0:2.0-0.fdr.0.8.rc1 - Update to 2.0_rc1 * Tue Nov 16 2004 Steven Pritchard 0:2.0-0.fdr.0.7.beta17 - Update to 2.0_beta17 - Require dev instead of /dev/net/tun (for udev compatibility) - Change openvpn-init.patch to match upstream (starts even earlier now) * Wed Aug 04 2004 Steven Pritchard 0:2.0-0.fdr.0.6.beta10 - Remove unnecessary BuildRequires: kernel-headers * Tue Aug 03 2004 Steven Pritchard 0:2.0-0.fdr.0.5.beta10 - Update to 2.0_beta10 - Minor fix to configuration example - Change the init script to start a little earlier and stop much later (after netfs) by default - Remove a lot of unnecessary macro use (install/mkdir/cp) - Don't create /dev/net/tun, use Requires instead * Sat Jul 17 2004 Steven Pritchard 0:2.0-0.fdr.0.4.beta7 - Update to 2.0_beta7 - Include gpg signature in source rpm - Include 2.0-style configuration examples - Minor spec cleanup * Wed Apr 28 2004 Steven Pritchard 0:2.0-0.fdr.0.3.test23 - Add openvpn-init.patch to leave the init script disabled by default * Wed Apr 28 2004 Steven Pritchard 0:2.0-0.fdr.0.2.test23 - Fix URL and Source0 - Add an openvpn user * Wed Apr 28 2004 Steven Pritchard 0:2.0-0.fdr.0.1.test23 - Update to 2.0_test23 - BuildRequires lzo-devel, kernel-headers, openssl-devel - Lots of spec cleanup * Sun Feb 23 2003 Matthias Andree 1.3.2.14-1 - Have the version number filled in by autoconf. * Wed Jul 10 2002 James Yonan 1.3.1-1 - Fixed %preun to only remove service on final uninstall * Mon Jun 17 2002 bishop clark (LC957) 1.2.2-1 - Added condrestart to openvpn.spec & openvpn.init. * Wed May 22 2002 James Yonan 1.2.0-1 - Added mknod for Linux 2.4. * Wed May 15 2002 Doug Keller 1.1.1.16-2 - Added init scripts - Added conf file support * Mon May 13 2002 bishop clark (LC957) 1.1.1.14-1 - Added new directories for config examples and such * Sun May 12 2002 bishop clark (LC957) 1.1.1.13-1 - Updated buildroot directive and cleanup command - added easy-rsa utilities * Mon Mar 25 2002 bishop clark (LC957) 1.0-1 - Initial build.