Overview

File openvpn.spec of Package openvpn

%define realname openvpn
%define realver  2.6.9
%define srcext   tar.gz

%bcond_without dco

# Common info
Name:          %{realname}
Version:       %{realver}
Release:       wiz%{?extraver:0.}1%{?dist}
License:       GPL-2.0
Group:         Productivity/Networking/Security
URL:           https://openvpn.net/community/
Summary:       A Secure tunneling daemon

# Install-time parameters
Requires:      logrotate
%if 0%{?suse_version} && %{without systemd}
Requires:      %insserv_prereq %fillup_prereq
%endif
%if %{with dco}
Requires:      openvpn-dco-dkms
%endif

# Build-time parameters
BuildRequires: autoconf automake libtool
BuildRequires: pkg-config iproute xz
BuildRequires: libselinux-devel
BuildRequires: pam-devel
BuildRequires: pkgconfig(libpkcs11-helper-1) >= 1.11
BuildRequires: pkgconfig(libnl-genl-3.0) >= 3.4.0
BuildRequires: pkgconfig(libcap-ng)
BuildRequires: pkgconfig(openssl) >= 1.0.2
BuildRequires: lzo-devel
BuildRequires: pkgconfig(liblz4) >= 1.7.1 pkgconfig(liblz4) < 100
BuildRequires: systemd-devel
# Docs
BuildRequires: python3-docutils
BuildRoot:     %{_tmppath}/%{name}-root
Source0:       http://swupdate.openvpn.org/community/releases/%{realname}-%{realver}.%{srcext}
Source1:       openvpn.logrotate

%description
OpenVPN is a robust and highly flexible VPN daemon. OpenVPN supports SSL/TLS
security, ethernet bridging, TCP or UDP tunnel transport through proxies or NAT,
support for dynamic IP addresses and DHCP, scalability to hundreds or thousands
of users, and portability to most major OS platforms.

OpenVPN is tightly bound to the OpenSSL library, and derives much of its crypto
capabilities from it.

OpenVPN supports conventional encryption using a pre-shared secret key (Static
Key mode) or public key security (SSL/TLS mode) using client & server
certificates. OpenVPN also supports non-encrypted TCP/UDP tunnels.

OpenVPN is designed to work with the TUN/TAP virtual networking interface that
exists on most platforms.

Overall, OpenVPN aims to offer many of the key features of IPSec but with
a relatively lightweight footprint.

# Preparation step (unpackung and patching if necessary)
%prep
%setup -q -n %{realname}-%{realver}
# WTF???
sed -ri '/^\s+.git/d' Makefile.am
autoreconf --force --install

%build
%configure \
 --enable-x509-alt-username \
%if %{with dco}
 --enable-dco \
 --disable-iproute2 \
%else
 --enable-iproute2 \
%endif
 --enable-pam-dlopen \
 --enable-selinux \
 --enable-systemd \
 CFLAGS="%{optflags} -fno-strict-aliasing -fpie %{?gcc_lto}" \
 LDFLAGS="-Wl,--as-needed -Wl,--strip-all -Wl,--no-undefined -Wl,-z,noexecstack -Wl,-z,now -Wl,-z,relro -pie %{?gcc_lto}" \
 SYSTEMD_UNIT_DIR="%{?_unitdir}" \
 TMPFILES_DIR="%{?_tmpfilesdir}" \
 RST2MAN=%{_bindir}/rst2man.py \
 RST2HTML=%{_bindir}/rst2html.py
%{__make} %{?_smp_mflags}

%install
%{__make} install DESTDIR=%{buildroot}
%{__install} -D -m644 %{S:1} %{buildroot}%{_sysconfdir}/logrotate.d/openvpn
%{__install} -d -m755 %{buildroot}%{_sysconfdir}/openvpn/client
%{__install} -d -m755 %{buildroot}%{_sysconfdir}/openvpn/server
%{__install} -D -m644 sample/sample-config-files/server.conf %{buildroot}%{_sysconfdir}/openvpn/server/default.conf
%{__install} -d -m755 %{buildroot}/var/log/openvpn
# Remove unwanted docs
[ "%{buildroot}" != "/" ] && rm -rvf %{buildroot}%{_datadir}/doc

%clean
[ "%{buildroot}" != "/" ] && rm -rf %{buildroot}

%files
%defattr(-,root,root)
%license COPYING COPYRIGHT.GPL
%doc AUTHORS README doc/README.plugins doc/management-notes.txt
%{_sbindir}/*
%dir %{_sysconfdir}/openvpn/client
%dir %{_sysconfdir}/openvpn/server
%config(noreplace) %{_sysconfdir}/openvpn/server/default.conf
%{_unitdir}/*.service
%{_tmpfilesdir}/openvpn.conf
%ghost %dir /run/openvpn-client
%ghost %dir /run/openvpn-server
%dir %{_sysconfdir}/openvpn
%config(noreplace) %{_sysconfdir}/logrotate.d/openvpn
%doc %{_mandir}/man5/*
%doc %{_mandir}/man8/*
%{_includedir}/openvpn-msg.h
%{_includedir}/openvpn-plugin.h
%dir %{_libdir}/openvpn/plugins
%dir %{_libdir}/openvpn
%{_libdir}/openvpn/plugins/*.so
%exclude %{_libdir}/openvpn/plugins/*.la
%dir %attr(0755,nobody,nobody) /var/log/openvpn

%if 0%{?suse_version}

%pre
%{service_add_pre %{name}-client@.service}
%{service_add_pre %{name}-server@.service}

%post
%{service_add_post %{name}-client@.service}
%{service_add_post %{name}-server@.service}
%{tmpfiles_create %{_tmpfilesdir}/openvpn.conf}

%preun
%{service_del_preun %{name}-client@.service}
%{service_del_preun %{name}-server@.service}

%postun
%{service_del_postun %{name}-client@.service}
%{service_del_postun %{name}-server@.service}

%endif

%changelog
openSUSE Build Service is sponsored by
Places