source: projects/specs/branches/6/v/vpnc/vpnc-vl.spec @ 7739

Revision 7739, 7.0 KB checked in by Takemikaduchi, 11 years ago (diff)

rebuild packages & security fix

Line 
1Name:           vpnc
2Version:        0.5.3
3Release:        2%{?_dist_release}
4
5Summary:        IPSec VPN client compatible with Cisco equipment
6Summary(ja):    Cisco 機器互換の IPSec VPN クライアント
7
8Group:          Applications/Internet
9License:        GPLv2+
10URL:            http://www.unix-ag.uni-kl.de/~massar/vpnc/
11Source0:        http://www.unix-ag.uni-kl.de/~massar/vpnc/%{name}-%{version}.tar.gz
12Source1:        generic-vpnc.conf
13Source2:        vpnc.consolehelper
14Source3:        vpnc-disconnect.consolehelper
15Source4:        vpnc.pam
16Source5:        vpnc-helper
17Patch2:         vpnc-0.5.3-cloexec.patch
18Patch3:         vpnc-0.5.1-dpd.patch
19
20BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
21
22BuildRequires:  libgcrypt-devel > 1.1.90
23Requires:       iproute
24
25%description
26A VPN client compatible with Cisco's EasyVPN equipment.
27
28Supports IPSec (ESP) with Mode Configuration and Xauth.  Supports only
29shared-secret IPSec authentication, 3DES, MD5, and IP tunneling.
30
31%package consoleuser
32Summary:        Allows console user to run the VPN client directly
33Summary(ja):    コンソールユーザに直接VPNクライアントの実行許可を与える
34Group:          Applications/Internet
35Requires:       vpnc = %{version}-%{release}
36Requires:       usermode
37
38%description consoleuser
39Allows the console user to run the IPSec VPN client directly without
40switching to the root account.
41
42%prep
43%setup -q
44%patch2 -p1 -b .cloexec
45%patch3 -p1 -b .dpd
46
47%build
48CFLAGS="$RPM_OPT_FLAGS -fPIE" LDFLAGS="$RPM_OPT_FLAGS -pie" make PREFIX=/usr
49
50%install
51rm -rf $RPM_BUILD_ROOT
52make install DESTDIR="$RPM_BUILD_ROOT" PREFIX=/usr
53rm -f $RPM_BUILD_ROOT%{_bindir}/pcf2vpnc
54chmod 0644 pcf2vpnc
55rm -f $RPM_BUILD_ROOT%{_mandir}/man1/pcf2vpnc.1
56chmod 0644 $RPM_BUILD_ROOT%{_mandir}/man8/vpnc.8
57install -m 0600 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/vpnc/default.conf
58mkdir -p $RPM_BUILD_ROOT%{_var}/run/vpnc
59touch $RPM_BUILD_ROOT%{_var}/run/vpnc/pid \
60      $RPM_BUILD_ROOT%{_var}/run/vpnc/defaultroute \
61      $RPM_BUILD_ROOT%{_var}/run/vpnc/resolv.conf-backup
62install -Dp -m 0644 %{SOURCE2} \
63    $RPM_BUILD_ROOT%{_sysconfdir}/security/console.apps/vpnc
64install -Dp -m 0644 %{SOURCE3} \
65    $RPM_BUILD_ROOT%{_sysconfdir}/security/console.apps/vpnc-disconnect
66install -Dp -m 0644 %{SOURCE4} \
67    $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/vpnc
68install -Dp -m 0644 %{SOURCE4} \
69    $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/vpnc-disconnect
70install -m 0755 %{SOURCE5} \
71    $RPM_BUILD_ROOT%{_sbindir}/vpnc-helper
72mkdir -p $RPM_BUILD_ROOT%{_bindir}
73ln -sf consolehelper $RPM_BUILD_ROOT%{_bindir}/vpnc
74ln -sf consolehelper $RPM_BUILD_ROOT%{_bindir}/vpnc-disconnect
75rm -f $RPM_BUILD_ROOT%{_datadir}/doc/vpnc/COPYING
76
77%clean
78rm -rf $RPM_BUILD_ROOT
79
80%files
81%defattr(-,root,root)
82%doc README COPYING pcf2vpnc pcf2vpnc.1
83
84%dir %{_sysconfdir}/vpnc
85%config(noreplace) %{_sysconfdir}/vpnc/vpnc-script
86%config(noreplace) %{_sysconfdir}/vpnc/default.conf
87%{_sbindir}/vpnc
88%{_bindir}/cisco-decrypt
89%{_sbindir}/vpnc-disconnect
90%{_mandir}/man8/vpnc.*
91%{_mandir}/man1/cisco-decrypt.*
92%dir %{_var}/run/vpnc
93%ghost %verify(not md5 size mtime) %{_var}/run/vpnc/pid
94%ghost %verify(not md5 size mtime) %{_var}/run/vpnc/defaultroute
95%ghost %verify(not md5 size mtime) %{_var}/run/vpnc/resolv.conf-backup
96
97%files consoleuser
98%defattr(-,root,root)
99%config(noreplace) %{_sysconfdir}/security/console.apps/vpnc*
100%config(noreplace) %{_sysconfdir}/pam.d/vpnc*
101%{_bindir}/vpnc*
102%{_sbindir}/vpnc-helper
103
104%changelog
105* Sun Jul 28 2013 Yoji TOYODA <bsyamato@sea.plala.or.jp> 0.5.3-2
106- rebuild with current Vine6 environment
107
108* Tue May 26 2009 Daisuke SUZUKI <daisuke@linux.or.jp> 0.5.3-1
109- initial build for Vine Linux
110
111* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.5.3-3
112- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
113
114* Thu Nov 20 2008 Tomas Mraz <tmraz@redhat.com> - 0.5.3-2
115- upgrade to new version
116- fix race in vpnc-cleanup (#465315)
117
118* Thu Jul 24 2008 Tomas Mraz <tmraz@redhat.com> - 0.5.1-6
119- do not modify domain in resolv.conf (#446404)
120- clean up modified resolv.conf on startup (#455899)
121
122* Sat Apr  5 2008 Michal Schmidt <mschmidt@redhat.com> - 0.5.1-5
123- vpnc-script: fix 'ip link ...' syntax.
124
125* Thu Apr  3 2008 Tomas Mraz <tmraz@redhat.com> - 0.5.1-4
126- drop autogenerated perl requires (#440304)
127- compute MTU based on default route device (#433846)
128
129* Wed Feb 20 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 0.5.1-3
130- Autorebuild for GCC 4.3
131
132* Tue Nov 13 2007 Tomas Mraz <tmraz@redhat.com> - 0.5.1-2
133- try to make DPD less sensitive (#345281)
134
135* Thu Sep 20 2007 Tomas Mraz <tmraz@redhat.com> - 0.5.1-1
136- upgrade to latest upstream
137
138* Mon Sep  3 2007 Tomas Mraz <tmraz@redhat.com> - 0.4.0-4
139- fix long standing bug causing problems on x86_64 (#232565) now for real
140
141* Wed Aug 22 2007 Tomas Mraz <tmraz@redhat.com> - 0.4.0-3
142- license tag fix
143
144* Tue Mar 20 2007 Tomas Mraz <tmraz@redhat.com> - 0.4.0-2
145- -fstack-protector miscompilation on x86_64 is back (#232565)
146
147* Mon Feb 26 2007 Tomas Mraz <tmraz@redhat.com> - 0.4.0-1
148- upgrade to new upstream version
149
150* Wed Jan 17 2007 Tomas Mraz <tmraz@redhat.com> - 0.3.3-15
151- do not overwrite personalized vpnc scripts (#195842)
152- we must not allow commandline options to vpnc when run through consolehelper
153
154* Wed Jan 17 2007 Tomas Mraz <tmraz@redhat.com> - 0.3.3-14
155- add consoleuser subpackage (#160571)
156- fix permissions on manpage (#222578)
157
158* Tue Nov  7 2006 Tomas Mraz <tmraz@redhat.com> - 0.3.3-13
159- don't leak socket fds
160
161* Tue Sep 12 2006 Tomas Mraz <tmraz@redhat.com> - 0.3.3-12
162- drop hoplimit from ip route output (#205923)
163- let's try enabling -fstack-protector again, seems to work now
164
165* Thu Sep  7 2006 Tomas Mraz <tmraz@redhat.com> - 0.3.3-11
166- rebuilt for FC6
167
168* Wed Jun  7 2006 Tomas Mraz <tmraz@redhat.com> 0.3.3-9
169- drop the -fstack-protector not -f-stack-protector
170
171* Tue May 30 2006 Tomas Mraz <tmraz@redhat.com> 0.3.3-8
172- drop -fstack-protector from x86_64 build (workaround for #172145)
173- make rekeying a little bit better
174
175* Thu Mar  9 2006 Tomas Mraz <tmraz@redhat.com> 0.3.3-7
176- add basic rekeying support (the patch includes NAT keepalive support
177  by Brian Downing)
178- dropped disconnect patch (solved differently)
179
180* Wed Feb 15 2006 Tomas Mraz <tmraz@redhat.com> 0.3.3-6
181- rebuild with new gcc
182
183* Tue Jan 24 2006 Tomas Mraz <tmraz@redhat.com> 0.3.3-5
184- send the disconnect packet properly (patch by Laurence Moindrot)
185
186* Thu Sep 22 2005 Tomas Mraz <tmraz@redhat.com> 0.3.3-4
187- improve compatibility with some Ciscos
188
189* Wed Jun 15 2005 Tomas Mraz <tmraz@redhat.com> 0.3.3-3
190- improve fix_ip_get_output in vpnc-script (#160364)
191
192* Mon May 30 2005 Tomas Mraz <tmraz@redhat.com> 0.3.3-2
193- package /var/run/vpnc and ghost files it can contain (#159015)
194- add /sbin /usr/sbin to the path in vpnc-script (#159099)
195
196* Mon May 16 2005 Tomas Mraz <tmraz@redhat.com> 0.3.3-1
197- new upstream version
198
199* Fri Apr  7 2005 Michael Schwendt <mschwendt[AT]users.sf.net>
200- rebuilt
201
202* Wed Jan 05 2005 Warren Togami <wtogami@redhat.com> 0.3.2-3
203- Fix 64bit
204
205* Thu Dec 23 2004 Warren Togami <wtogami@redhat.com> 0.3.2-2
206- make PIE (davej)
207
208* Mon Dec 20 2004 Warren Togami <wtogami@redhat.com> 0.3.2-1
209- 0.3.2
Note: See TracBrowser for help on using the repository browser.