Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:msmeissn:openssl1
openvpn-openssl1
openvpn-openssl1.spec
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openvpn-openssl1.spec of Package openvpn-openssl1
# # spec file for package openvpn # # Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # norootforbuild Name: openvpn-openssl1 Url: http://openvpn.net/ AutoReqProv: on %if 0%{?suse_version} PreReq: %insserv_prereq %fillup_prereq %endif Version: 2.3.2 Release: 0 Summary: Full-featured SSL VPN solution using a TUN/TAP Interface License: SUSE-GPL-2.0-with-openssl-exception and LGPL-2.1 Group: Productivity/Networking/Security Source: http://swupdate.openvpn.org/community/releases/openvpn-%{version}.tar.gz Source1: http://swupdate.openvpn.org/community/releases/openvpn-%{version}.tar.gz.asc Source2: openvpn.init Source6: openvpn.sysconfig Source3: openvpn.README.SUSE Source4: client-netconfig.up Source5: client-netconfig.down Patch1: openvpn-2.3-plugin-man.dif Patch5: openvpn-2.3.0-man-dot.diff Patch6: openvpn-fips140-2.3.2.patch Patch7: 0007-Drop-too-short-control-channel-packets.CVE-2014-8104.patch Patch8: openvpn-use-newertls.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: lzo-devel %if "%{name}" == "openvpn-openssl1" BuildRequires: libopenssl1-devel Conflicts: openvpn %else BuildRequires: openssl-devel Conflicts: openvpn-openssl1 %endif BuildRequires: iproute2 pam-devel %description OpenVPN is a full-featured SSL VPN solution which can accomodate a wide range of configurations, including remote access, site-to-site VPNs, WiFi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. OpenVPN implements OSI layer 2 or 3 secure network extension using the industry standard SSL/TLS protocol, supports flexible client authentication methods based on certificates, smart cards, and/or 2-factor authentication, and allows user or group-specific access control policies using firewall rules applied to the VPN virtual interface. OpenVPN runs on: Linux, Windows 2000/XP and higher, OpenBSD, FreeBSD, NetBSD, Mac OS X, and Solaris. OpenVPN is not a web application proxy and does not operate through a web browser. %package down-root-plugin License: GPL v2 or later; LGPL v2.1 or later Summary: OpenVPN down-root plugin Group: Productivity/Networking/Security AutoReqProv: on Requires: %{name} = %{version} %description down-root-plugin The OpenVPN down-root plugin allows an OpenVPN configuration to call a down script with root privileges, even when privileges have been dropped using --user/--group/--chroot. This module uses a split privilege execution model which will fork() before OpenVPN drops root privileges, at the point where the --up script is usually called. The plugin will then remain in a wait state until it receives a message from OpenVPN via pipe to execute the down script. Thus, the down script will be run in the same execution environment as the up script. %package auth-pam-plugin License: GPL v2 or later; LGPL v2.1 or later Summary: OpenVPN auth-pam plugin Group: Productivity/Networking/Security AutoReqProv: on Requires: %{name} = %{version} %description auth-pam-plugin The OpenVPN auth-pam plugin implements username/password authentication via PAM, and essentially allows any authentication method supported by PAM (such as LDAP, RADIUS, or Linux Shadow passwords) to be used with OpenVPN. While PAM supports username/password authentication, this can be combined with X509 certificates to provide two indepedent levels of authentication. This plugin uses a split privilege execution model which will function even if you drop openvpn daemon privileges using the user, group, or chroot directives. %prep %setup -q -n openvpn-%version %patch1 -p0 %patch5 -p0 %patch6 -p1 %patch7 -p1 %patch8 -p1 sed -e "s|\" __DATE__|$(date '+%b %e %Y' -r version.m4)\"|g" -i src/openvpn/options.c # %%doc items shouldn't be executable. find contrib sample -type f -exec chmod a-x \{\} \; %build autoreconf -fi export CFLAGS="$RPM_OPT_FLAGS -W -Wall" %if "%{name}" == "openvpn-openssl1" export LDFLAGS="-Wl,-rpath,/opt/suse/%_lib" %endif %configure \ --enable-iproute2 \ --enable-x509-alt-username \ --enable-password-save \ --enable-plugins \ --enable-plugin-down-root \ --enable-plugin-auth-pam \ --with-lzo-headers=%_includedir/lzo \ --with-plugindir=/%_libdir/%name/plugins/ \ CFLAGS="$CFLAGS -fPIE $PLUGIN_DEFS" \ LDFLAGS="$LDFLAGS -pie -lpam -rdynamic -Wl,-rpath,%{_libdir}/%{name}/plugins" make %install make DESTDIR=$RPM_BUILD_ROOT install find $RPM_BUILD_ROOT -name '*.la' | xargs rm -f mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/openvpn mkdir -p $RPM_BUILD_ROOT/%{_localstatedir}/run/openvpn mkdir -p $RPM_BUILD_ROOT/%{_datadir}/openvpn install -D -m 755 $RPM_SOURCE_DIR/openvpn.init $RPM_BUILD_ROOT/%{_sysconfdir}/init.d/openvpn ln -sv %{_sysconfdir}/init.d/openvpn $RPM_BUILD_ROOT/%{_sbindir}/rcopenvpn # the /etc/sysconfig/openvpn template only with sysvinit, no needed with systemd install -d -m0755 %{buildroot}/var/adm/fillup-templates install -m0600 %{SOURCE6} \ %{buildroot}/var/adm/fillup-templates/sysconfig.openvpn cp -p $RPM_SOURCE_DIR/openvpn.README.SUSE README.SUSE install -m 755 $RPM_SOURCE_DIR/client-netconfig.up sample/sample-scripts/client-netconfig.up install -m 755 $RPM_SOURCE_DIR/client-netconfig.down sample/sample-scripts/client-netconfig.down # we install docs via spec into _defaultdocdir/name/management-notes.txt rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/{OpenVPN,openvpn} %post %{?fillup_and_insserv:%fillup_and_insserv} %preun %{?stop_on_removal:%stop_on_removal openvpn} %postun %{?insserv_cleanup:%insserv_cleanup} %files %defattr(-,root,root) %doc AUTHORS COPYING COPYRIGHT.GPL ChangeLog PORTS README %doc src/plugins/{auth-pam/README.auth-pam,down-root/README.down-root} %doc README.* %doc contrib %doc sample/sample-config-files %doc sample/sample-keys %doc sample/sample-scripts %doc doc/management-notes.txt %doc %{_mandir}/man8/openvpn.8.gz %config(noreplace) %{_sysconfdir}/openvpn/ /var/adm/fillup-templates/sysconfig.openvpn %config %{_sysconfdir}/init.d/openvpn %{_sbindir}/openvpn %{_sbindir}/rcopenvpn %dir %{_localstatedir}/run/openvpn %dir %{_datadir}/openvpn %dir %{_libdir}/%{name} /usr/include/openvpn-plugin.h %files down-root-plugin %defattr(-,root,root) %dir %{_libdir}/%{name} %dir %{_libdir}/%{name}/plugins %{_libdir}/%{name}/plugins/openvpn-plugin-down-root.so %files auth-pam-plugin %defattr(-,root,root) %dir %{_libdir}/%{name} %dir %{_libdir}/%{name}/plugins %{_libdir}/%{name}/plugins/openvpn-plugin-auth-pam.so %changelog
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor