# $Id: smeserver-openvpn-bridge.spec,v 1.33 2010/03/03 04:02:52 slords Exp $ # Authority: vip-ire # Name: Daniel Berteaud Summary: OpenVPN, a strong VPN solution build over SSL, pre-configured for bridge mode %define name smeserver-openvpn-bridge Name: %{name} %define version 2.0 %define release 35 Version: %{version} Release: %{release}%{?dist} License: GPL Group: Networking/Remote access Source: %{name}-%{version}.tar.gz Patch0: smeserver-openvpn-bridge-2.0-remove_dup_migrate.patch Patch1: smeserver-openvpn-bridge-2.0-pull.patch Patch2: smeserver-openvpn-bridge-2.0-config_required.patch Patch3: smeserver-openvpn-bridge-2.0-config_cleanup.patch Patch4: smeserver-openvpn-bridge-2.0-add_rule.patch Patch5: smeserver-openvpn-bridge-2.0-locale1.patch #atch6: smeserver-openvpn-bridge-2.0-openvpn_db.patch Patch7: smeserver-openvpn-bridge-2.0-check_certs.patch Patch8: smeserver-openvpn-bridge-2.0-check_bridge.patch Patch9: smeserver-openvpn-bridge-2.0-configure_crl_url.patch Patch10: smeserver-openvpn-bridge-2.0-check_certs.patch2 Patch11: smeserver-openvpn-bridge-2.0-create_openvpn_db.patch Patch12: smeserver-openvpn-bridge-2.0-local_fr_1.patch Patch13: smeserver-openvpn-bridge-2.0-fixtranslation.patch Patch14: smeserver-openvpn-bridge-2.0-removedups.patch Patch15: smeserver-openvpn-bridge-2.0-fixlangtag.patch Patch16: smeserver-openvpn-bridge-2.0-fix-en-us-locale.patch Patch17: smeserver-openvpn-bridge-2.0-fix-en-us-locale2.patch Patch18: smeserver-openvpn-bridge-2.0-fix-en-us-locale3.patch Patch19: smeserver-openvpn-bridge-2.0-locale-2009-03-03.patch Patch20: smeserver-openvpn-bridge-2.0-openvpn_2_1_compat.patch Patch21: smeserver-openvpn-bridge-2.0-cipher_auto.patch Patch22: smeserver-openvpn-bridge-2.0-remove_obsolete_init_scripts.patch Patch23: smeserver-openvpn-bridge-2.0-fix_perms_on_pub_dir.patch Patch24: smeserver-openvpn-bridge-2.0-locale-2009-04-27.patch Patch25: smeserver-openvpn-bridge-2.0-locale-2009-04-30.patch Patch26: smeserver-openvpn-bridge-2.0-locale-2009-05-24.patch Patch27: smeserver-openvpn-bridge-2.0-locale-2009-05-26.patch Patch28: smeserver-openvpn-bridge-2.0-update_networks.patch Patch29: smeserver-openvpn-bridge-2.0-locale-2009-07-22.patch Patch30: smeserver-openvpn-bridge-2.0-locale-2009-08-24.patch Patch31: smeserver-openvpn-bridge-2.0-tls_client.patch Patch32: smeserver-openvpn-bridge-2.0-locale-2009-09-28.patch Patch33: smeserver-openvpn-bridge-2.0-locale-2009-10-21.patch Patch34: smeserver-openvpn-bridge-2.0-locale-2009-10-27.patch Patch35: smeserver-openvpn-bridge-2.0-update_crl.patch Patch36: smeserver-openvpn-bridge-2.0-locale-2009-11-17.patch Patch37: smeserver-openvpn-bridge-2.0-code_cleanup1.patch Patch38: smeserver-openvpn-bridge-2.0-code_cleanup2.patch Patch39: smeserver-openvpn-bridge-2.0-locale-2010-03-02.patch Patch40: smeserver-openvpn-bridge-2.0-set_tos.patch Patch41: smeserver-openvpn-bridge-2.0-push_complzo.patch Patch42: smeserver-openvpn-bridge-2.0-locale-2010-04-29.patch BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot BuildArchitectures: noarch BuildRequires: e-smith-devtools Requires: e-smith-base Requires: openvpn Requires: smeserver-bridge-interface Requires: perl(Net::OpenVPN::Manage) Obsoletes: smeserver-openvpn-bridge-fws Obsoletes: smeserver-openvpn-bridge.fws %description This package contains all the needed scripts and templates to have a full working openvpn server running in bridge mode. %changelog * Fri Apr 30 2010 Daniel B. 2.0-35.sme - add the passtos option - push the comp-lzo option to the client - apply locale 2010-04-29 patch * Tue Mar 02 2010 SME Translation Server 2.0-34.sme - apply locale 2010-03-02 patch * Wed Nov 18 2009 Daniel B. 2.0-33.sme - code cleanup * Tue Nov 17 2009 Daniel B. 2.0-32.sme - apply locale 2009-11-17 patch - Fix CRL update on event (openvpn-bridge-update) * Tue Oct 27 2009 SME Translation Server 2.0-31.sme - apply locale 2009-10-27 patch * Wed Oct 21 2009 Daniel B. 2.0-30.sme - apply locale 2009-10-21 patch * Tue Sep 29 2009 Daniel B. 2.0-29.sme - Put tls-client directive in client config file even when additional TLS auth is disabled (required for the main TLS auth) [SME: 5495] - apply locale 2009-09-28 patch * Mon Aug 24 2009 SME Translation Server 2.0-28.sme - apply locale 2009-08-24 patch * Wed Jul 22 2009 Daniel B. 2.0-27.sme - apply locale 2009-07-22 patch * Thu Jun 25 2009 Daniel B. 2.0-26.sme - expand config and restart the service when local networks are added or removed so the new routes are pushed * Tue May 26 2009 Daniel B. 2.0-25.sme - apply locale 2009-05-26 patch * Sun May 24 2009 Daniel B. 2.0-24.sme - apply locale 2009-05-24 patch * Thu Apr 30 2009 Daniel B. 2.0-23.sme - apply local 2009-04-30 patch * Mon Apr 27 2009 SME Translation Server 2.0-22.sme - apply locale 2009-04-27 patch * Tue Apr 14 2009 Daniel B. [2.0-21] - Fixe permissions on public directory (pub and ccd) which must be readable by everyone (especially user nobody) * Sun Apr 12 2009 Daniel B. [2.0-20] - remove obsolete init scripts reset-openvpn and openvpn-bridge * Wed Mar 18 2009 Daniel B. [2.0-19] - Do not add cipher directive in client configuration file if set to 'auto' * Wed Mar 11 2009 Daniel B. [2.0-18] - Compatibility with openvpn 2.1 (detect plugin dir location) [SME: 5060] * Mon Mar 09 2009 Daniel B. [2.0-17] - Add smeserver-bridge-interface as dependency - Update spec description * Tue Mar 03 2009 SME Translation Server [2.0-16] - apply locale 2009-03-03 patch * Tue Mar 03 2009 Jonathan Martens [2.0-15] - Fix some more errors in the en-us locale - Remove tabs from SPEC file as some editors act weird with them, e.g. nano * Tue Mar 03 2009 Jonathan Martens [2.0-14] - Fix some grammar errors in the en-us locale * Tue Mar 03 2009 Jonathan Martens [2.0-13] - Fix a typo in the en-us locale * Tue Mar 03 2009 Shad L. Lords [2.0-12] - Fix xml language tag to be correct * Tue Mar 03 2009 Shad L. Lords [2.0-11] - Remove duplicate translations that break pootle * Tue Mar 03 2009 Shad L. Lords [2.0-10] - Rename locale/en to locale/en-us to pootle works * Tue Mar 03 2009 Daniel B. [2.0-9] - Apply locale patch fr 1 - Add e-smith-devtools as a build dependency * Thu Jan 29 2009 Daniel B. [2.0-8] - Fix an error with the creation of the db * Wed Jan 28 2009 Daniel B. [2.0-7] - Cleanly create openvpn-bridge db * Fri Jan 16 2009 Daniel B. [2.0-6] - Just warn if openvpn db is missing - Fix certificates check - Warn if bridge service isn't enabled - Configure the CRL update URL * Mon Jan 12 2009 Daniel B. [2.0-5] - localization patch * Mon Dec 22 2008 Daniel B. [2.0-4] - Add validate_common_name routine * Wed Dec 19 2008 Daniel B. [2.0-3] - Added option configRequired (accept only certificate listed in the rules section) - Clean config templates * Tue Dec 16 2008 Daniel B. [2.0-2] - Add missing pull directive in client config * Fri Dec 12 2008 Daniel B. [2.0-1] - Remove useless migrate fragment (now handled by the bridge package) * Thu Dec 04 2008 Daniel B. [2.0-0] - The bridge stuff is now in a separated rpm - Restarting the service doesn't cut the InternalInterface as the bridge isn't restarted - Correct (truely this time) the bug with dhcpd looping - Panel re-writen in FormMagick (much more simple now) - Removed the certificate manager, now handled by phpki - Real-time clients info using Net::OpenVPN::Manage - Routes to local networks are pushed to clients * Tue Feb 06 2007 Daniel Berteaud - [1.1-1] - Bugs fixes (repported by Stephan Braunstein) - corrections in the en language * Tue Feb 06 2007 Daniel Berteaud - [1.1-0] - panel enhancement - little correction in the local file * Fri Dec 11 2006 Daniel Berteaud - [1.0-3] - correction of permissions on startup and shutdown scripts - little correction in the local file * Fri Dec 08 2006 Daniel Berteaud - [1.0-2] - Added missing directory keys/bridge * Fri Dec 06 2006 Daniel Berteaud - [1.0-1] - Removed useless parameters from the panel (tap, br and localInf) - Added a stop script (k20openvpn-bridge) - panel renamed to openvpn-bridge for futur compatibility %prep %setup -q -n %{name}-%{version} %patch0 -p1 %patch1 -p1 %patch2 -p1 %patch3 -p1 %patch4 -p1 %patch5 -p1 #%patch6 -p1 %patch7 -p1 %patch8 -p1 %patch9 -p1 %patch10 -p1 %patch11 -p1 %patch12 -p1 %patch13 -p1 %patch14 -p1 %patch15 -p1 %patch16 -p1 %patch17 -p1 %patch18 -p1 %patch19 -p1 %patch20 -p1 %patch21 -p1 %patch22 -p1 %patch23 -p1 %patch24 -p1 %patch25 -p1 %patch26 -p1 %patch27 -p1 %patch28 -p1 %patch29 -p1 %patch30 -p1 %patch31 -p1 %patch32 -p1 %patch33 -p1 %patch34 -p1 %patch35 -p1 %patch36 -p1 %patch37 -p1 %patch38 -p1 %patch39 -p1 %patch40 -p1 %patch41 -p1 %patch42 -p1 %build perl createlinks %{__mkdir_p} root/etc/openvpn/bridge/ccd %{__mkdir_p} root/etc/openvpn/bridge/priv %{__mkdir_p} root/etc/openvpn/bridge/pub %{__mkdir_p} root/var/log/openvpn-bridge %install /bin/rm -rf $RPM_BUILD_ROOT (cd root ; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT) /bin/rm -f %{name}-%{version}-filelist /sbin/e-smith/genfilelist $RPM_BUILD_ROOT \ --file /var/service/openvpn-bridge/run 'attr(0755,root,root)' \ --file /var/service/openvpn-bridge/log/run 'attr(0755,root,root)' \ --dir /var/log/openvpn-bridge 'attr(0750,smelog,smelog)' \ --dir /etc/openvpn/bridge/pub 'attr(0755,root,root)' \ --dir /etc/openvpn/bridge/priv 'attr(0750,root,root)' \ --dir /etc/openvpn/bridge/ccd 'attr(0755,root,root)' \ --file /usr/bin/ovpn-bridge-update-crl 'attr(0750,root,root)' \ > %{name}-%{version}-filelist %files -f %{name}-%{version}-filelist %defattr(-,root,root) %clean rm -rf $RPM_BUILD_ROOT %post %preun if [ $1 -eq 0 ] ; then /sbin/e-smith/db configuration setprop openvpn-bridge status disabled sv d /service/openvpn-bridge fi true