--- rpms/smeserver-openvpn-s2s/contribs10/smeserver-openvpn-s2s.spec	2021/02/05 12:17:48	1.2
+++ rpms/smeserver-openvpn-s2s/contribs10/smeserver-openvpn-s2s.spec	2021/04/02 02:12:09	1.6
@@ -1,4 +1,4 @@
-# $Id: smeserver-openvpn-s2s.spec,v 1.1 2021/02/04 16:21:25 brianr Exp $
+# $Id: smeserver-openvpn-s2s.spec,v 1.5 2021/03/31 20:54:55 jpp Exp $
 # Authority: vip-ire
 # Name: Daniel Berteaud
 
@@ -6,7 +6,7 @@ Summary: OpenVPN, a strong VPN solution
 %define name smeserver-openvpn-s2s
 Name: %{name}
 %define version 0.2
-%define release 9
+%define release 13
 Version: %{version}
 Release: %{release}%{?dist}
 License: GPL
@@ -19,6 +19,7 @@ Patch2: smeserver-openvpn-s2s-0.2-locale
 Patch3: smeserver-openvpn-s2s-0.2-fix_daemon_id_validation.patch
 Patch4: smeserver-openvpn-s2s-0.2-locale-2017-12-02.patch
 Patch5: smeserver-openvpn-s2s-0.2-Alter-for-systemd-startup.patch
+Patch6: smeserver-openvpn-s2s-0.2-sme10.patch
 
 BuildArchitectures: noarch
 
@@ -33,6 +34,21 @@ This package contains all the needed scr
 to run openvpn in client or server mode for site to site tunnels
 
 %changelog
+* Thu Apr 01 2021 Jean-Philippe Pialasse <tests@pialasse.com> 0.2-13.sme
+- fix permission on log dir [SME: 11516]
+
+* Wed Mar 31 2021 Jean-Philippe Pialasse <tests@pialasse.com> 0.2-12.sme
+- fix typos [SME: 11498]
+
+* Tue Mar 30 2021 Jean-Philippe Pialasse <tests@pialasse.com> 0.2-11.sme
+- enforce better cipher with settings [SME: 11498]
+- enforce better HMAC with setting [SME: 11498]
+- enforce TLS 1.2 or better with setting [SME: 11498]
+- enforce strong TLS ciphers with setting [SME: 11498]
+- better list of vpn connections [SME: 11337]
+- allow soft reload of individual connection [SME: 11337]
+- fix incorect permission on private keys [SME: 11337]
+
 * Thu Feb 04 2021 Brian Read <brianr@bjsystems.co.uk> 0.2-9.sme
 - Initial import to SME10 [SME: 11337]
 - Alter-for-systemd-startup
@@ -144,6 +160,7 @@ to run openvpn in client or server mode
 %patch3 -p1
 %patch4 -p1
 %patch5 -p1
+%patch6 -p1
 
 %build
 perl createlinks
@@ -164,7 +181,7 @@ perl createlinks
   --dir /etc/openvpn/s2s/pub 'attr(0755,root,root)' \
   --dir /etc/openvpn/s2s/priv 'attr(0750,root,root)' \
   --dir /etc/openvpn/s2s/tmp 'attr(0750,root,root)' \
-  --dir /var/log/openvpn-s2s 'attr(0770,root,nobody)' \
+  --dir /var/log/openvpn-s2s 'attr(0770,root,root)' \
   --file /etc/openvpn/s2s/bin/up 'attr(4750,root,openvpn)' \
   > %{name}-%{version}-filelist
 
@@ -179,6 +196,6 @@ rm -rf $RPM_BUILD_ROOT
 if [ \! -c /etc/openvpn/s2s/dev/urandom ]; then
     mknod -m 0444 /etc/openvpn/s2s/dev/urandom c 1 9
 fi
-
+#chown root:root /var/log/openvpn-s2s
 %preun