--- rpms/smeserver-libreswan/contribs9/smeserver-libreswan.spec 2016/03/22 17:28:08 1.5 +++ rpms/smeserver-libreswan/contribs9/smeserver-libreswan.spec 2018/06/21 13:02:20 1.15 @@ -1,6 +1,6 @@ %define name smeserver-libreswan %define version 0.5 -%define release 17 +%define release 28 Summary: Plugin to enable IPSEC connections Name: %{name} Version: %{version} @@ -11,17 +11,76 @@ Group: SMEserver/addon Source: %{name}-%{version}.tar.gz Patch1: smeserver-libreswan-fix-masq-templates.patch Patch2: smeserver-libreswan-move-logfile.patch +Patch3: smeserver-libreswan-add-debug-key.patch +Patch4: smeserver-libreswan-fix-rsa-id.patch +Patch5: smeserver-libreswan-fix-createlinks.patch +Patch6: smeserver-libreswan-ikev2-logrotate.patch +Patch7: smeserver-libreswan-add-certificates.patch +Patch8: smeserver-libreswan-modify-identifiers.patch +Patch9: smeserver-libreswan-modify-identifiers1.patch +Patch10: smeserver-libreswan-forceencaps-l2tpd.patch +Patch11: smeserver-libreswan-variable-network-interfaces.patch +Patch12: smeserver-libreswan-remove-obsoletes.patch + BuildRoot: /var/tmp/%{name}-%{version} BuildArchitectures: noarch BuildRequires: e-smith-devtools -Requires: e-smith-release >= 9.0 -Requires: libreswan >= 3.16 +Requires: e-smith-release >= 9.2 +Requires: libreswan >= 3.23 AutoReqProv: no %description Libreswan is a free software implementation of the most widely supported and standardised VPN protocol based on ("IPsec") and the Internet Key Exchange ("IKE") %changelog +* Thu Jun 21 2018 John Crisp 0.5-28.sme +- Bump required Libreswan to 3.23 +- Chamge forceencaps to encapsulation +- Remove obsolete nat_traversal +- Modify ipsec.conf for no rightsubnet in xl2tpd + +* Tue Sep 19 2017 John Crisp 0.5-27.sme +- Allow variable network interface names - Stefano Zamboni + +* Thu Jun 15 2017 John Crisp 0.5-26.sme +- add keep-alive option in main ipsec.conf +- add forceencaps option overall default and per connection +- small code tidy +- Add support for L2TPD + +* Thu Jan 26 2017 John Crisp 0.5-25.sme + - Fix the ipsec.conf as well + - remove automatic \@ in IDs - Fixes [SME: 9729] + +* Thu Jan 26 2017 John Crisp 0.5-24.sme + - remove automatic \@ in IDs - Fixes [SME: 9729] + - fix swapped left/right IDs in password file + +* Wed Jan 25 2017 John Crisp 0.5-23.sme +- Add the ability to use PEM/PKCS#12 certificates - fixes [SME: 9942] +- lots of code tidying + +* Wed Dec 21 2016 John Crisp 0.5-22.sme +- update logrotate completely now I realise it is symlinked +- remove UPDPort and add UPDPorts due to ipsec v2 + +* Wed Dec 21 2016 John Crisp 0.5-21.sme +- add more variations for ike v1/2 +- remove logrotate template +- add /etc/e-smith/events/logrotate/logfiles2timestamp/var/log/pluto.log +- Fix some log noise when first installed and still disabled + +* Sat Apr 23 2016 John Crisp 0.5-20.sme +- Fix typo in createlinks for sysctl.conf + +* Mon Apr 04 2016 John Crisp 0.5-19.sme +- Fix ID in ipsec.secrets if ID is set + +* Thu Mar 24 2016 John Crisp 0.5-18.sme +- Add debug db key to /etc/ipsec.conf +- Remove setting public/private keys as they won't affect unless templates are re-expanded +- Set xfrm_larval_drop drop correctly + * Tue Mar 22 2016 John Crisp 0.5-17.sme - Move pluto.log to /var/log/pluto - bump libreswan requires version to 3.16 @@ -129,6 +188,16 @@ Libreswan is a free software implementat %setup %patch1 -p1 %patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 +%patch7 -p1 +%patch8 -p1 +%patch9 -p1 +%patch10 -p1 +%patch11 -p1 +%patch12 -p1 %build perl createlinks @@ -151,12 +220,13 @@ rm -rf %{name}-%{version} %pre %preun %post + /sbin/e-smith/expand-template /etc/rc.d/init.d/masq /sbin/e-smith/expand-template /etc/inittab /sbin/init q -echo "see http://wiki.contribs.org/VPN" +echo "see https://wiki.contribs.org/Libreswan" %postun /sbin/e-smith/expand-template /etc/rc.d/init.d/masq