| 1 |
# $Id: smeserver-openvpn-s2s.spec,v 1.6 2015/02/17 12:14:06 vip-ire Exp $ |
| 2 |
# Authority: vip-ire |
| 3 |
# Name: Daniel Berteaud |
| 4 |
|
| 5 |
Summary: OpenVPN, a strong VPN solution built over SSL, for site to site tunnels |
| 6 |
%define name smeserver-openvpn-s2s |
| 7 |
Name: %{name} |
| 8 |
%define version 0.1 |
| 9 |
%define release 27 |
| 10 |
Version: %{version} |
| 11 |
Release: %{release}%{?dist} |
| 12 |
License: GPL |
| 13 |
Group: Networking/Remote access |
| 14 |
Source: %{name}-%{version}.tar.gz |
| 15 |
|
| 16 |
Patch0: smeserver-openvpn-s2s-0.1-default_to_enabled.patch |
| 17 |
Patch1: smeserver-openvpn-s2s-0.1-limit_network_delete_and_create.patch |
| 18 |
Patch2: smeserver-openvpn-s2s-0.1-fix_validation_on_update.patch |
| 19 |
Patch3: smeserver-openvpn-s2s-0.1-check_for_local_nets.patch |
| 20 |
Patch4: smeserver-openvpn-s2s-0.1-update_templates_on_boostrap.patch |
| 21 |
Patch5: smeserver-openvpn-s2s-0.1-default_to_enabled_on_create.patch |
| 22 |
Patch6: smeserver-openvpn-s2s-0.1-allow_inbound_prop.patch |
| 23 |
Patch7: smeserver-openvpn-s2s-0.1-fix_add_route.patch |
| 24 |
Patch8: smeserver-openvpn-s2s-0.1-denylog_instead_of_drop.patch |
| 25 |
Patch9: smeserver-openvpn-s2s-0.1-check_multiple_networks.patch |
| 26 |
Patch10: smeserver-openvpn-s2s-0.1-add_net_is_local_lexicon.patch |
| 27 |
Patch11: smeserver-openvpn-s2s-0.1-rename_logrotate_conf.patch |
| 28 |
Patch12: smeserver-openvpn-s2s-0.1-support_per_conf_customization.patch |
| 29 |
Patch13: smeserver-openvpn-s2s-0.1-tls_auth_1.patch |
| 30 |
Patch14: smeserver-openvpn-s2s-0.1-tls_locale_1.patch |
| 31 |
Patch15: smeserver-openvpn-s2s-0.1-tls_locale_2.patch |
| 32 |
Patch16: smeserver-openvpn-s2s-0.1-tls_locale_3.patch |
| 33 |
Patch17: smeserver-openvpn-s2s-0.1-set_network_non_removable.patch |
| 34 |
Patch18: smeserver-openvpn-s2s-0.1-implement_crl_verification.patch |
| 35 |
Patch19: smeserver-openvpn-s2s-0.1-fix_masq_templates.patch |
| 36 |
Patch20: smeserver-openvpn-s2s-0.1-various_conf_optimization.patch |
| 37 |
Patch21: smeserver-openvpn-s2s-0.1-set_wget_timeout.patch |
| 38 |
Patch22: smeserver-openvpn-s2s-0.1-fix_crontab_template.patch |
| 39 |
Patch23: smeserver-openvpn-s2s-0.1-fix_removable_typo.patch |
| 40 |
Patch24: smeserver-openvpn-s2s-0.1-expand_and_restart_smb.patch |
| 41 |
Patch25: smeserver-openvpn-s2s-0.1-remove_nice.patch |
| 42 |
Patch26: smeserver-openvpn-s2s-0.1-locale-2010-11-04.patch |
| 43 |
Patch27: smeserver-openvpn-s2s-0.1-locale-2010-11-08.patch |
| 44 |
Patch28: smeserver-openvpn-s2s-0.1-fix_type_variable.patch |
| 45 |
Patch29: smeserver-openvpn-s2s-0.1-remove_useless_samba_template.patch |
| 46 |
Patch30: smeserver-openvpn-s2s-0.1-locale-2011-03-06.patch |
| 47 |
Patch31: smeserver-openvpn-s2s-0.1-reduce_ping_restart.patch |
| 48 |
Patch32: smeserver-openvpn-s2s-0.1-snat_outbound.patch |
| 49 |
Patch33: smeserver-openvpn-s2s-0.1-fix_remote_host_desc.patch |
| 50 |
Patch34: smeserver-openvpn-s2s-0.1-locale-2011-10-13.patch |
| 51 |
Patch35: smeserver-openvpn-s2s-0.1-locale-2013-07-14.patch |
| 52 |
Patch36: smeserver-openvpn-s2s-0.1-use_verify_x509_name.patch |
| 53 |
Patch37: smeserver-openvpn-s2s-0.1-locale-2014-11-02.patch |
| 54 |
Patch38: smeserver-openvpn-s2s-0.1-locale-2015-02-17.patch |
| 55 |
|
| 56 |
BuildArchitectures: noarch |
| 57 |
|
| 58 |
BuildRequires: e-smith-devtools |
| 59 |
BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot |
| 60 |
|
| 61 |
Requires: e-smith-base |
| 62 |
Requires: openvpn >= 2.1 |
| 63 |
|
| 64 |
%description |
| 65 |
This package contains all the needed scripts and templates |
| 66 |
to run openvpn in client or server mode for site to site tunnels |
| 67 |
|
| 68 |
%changelog |
| 69 |
* Mon Feb 8 2016 Daniel Berteaud <daniel@firewall-services.com> 0.1-27.sme |
| 70 |
- Create /etc/openvpn/s2s/dev/urandom [SME: 9238] |
| 71 |
|
| 72 |
* Tue Feb 17 2015 Daniel Berteaud <daniel@firewall-services.com> 0.1-26.sme |
| 73 |
- Apply locale 2015-02-17 patch |
| 74 |
|
| 75 |
* Thu Dec 18 2014 Daniel Berteaud <daniel@firewall-services.com> 0.1-25.sme |
| 76 |
- Create required but unused /etc/openvpn/s2s/tmp dir |
| 77 |
|
| 78 |
* Sun Nov 2 2014 Daniel Berteaud <daniel@firewall-services.com> 0.1-24.sme |
| 79 |
- Apply locale 2014-11-02 patch |
| 80 |
|
| 81 |
* Thu Nov 14 2013 Daniel Berteaud <daniel@firewall-services.com> 0.1-23.sme |
| 82 |
- Use verify-x509-name instead of tls-remote |
| 83 |
|
| 84 |
* Sun Jul 14 2013 JP Pialasse <tests@pialasse.com> 0.1-22.sme |
| 85 |
- apply locale 2013-07-14 patch |
| 86 |
|
| 87 |
* Thu Oct 13 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-21.sme |
| 88 |
- Apply locale 2011-10-13 patch |
| 89 |
|
| 90 |
* Thu Jun 2 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-20.sme |
| 91 |
- Fix remote host description |
| 92 |
|
| 93 |
* Wed Jun 1 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-19.sme |
| 94 |
- SNAT outbound connexions to use the local IP as source |
| 95 |
|
| 96 |
* Tue Apr 19 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-18.sme |
| 97 |
- Reduce inactivity timeout |
| 98 |
|
| 99 |
* Sun Mar 06 2011 SME Translation Server <translations@contribs.org> 0.1-17.sme |
| 100 |
- apply locale 2011-03-06 patch |
| 101 |
|
| 102 |
* Tue Jan 25 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-16.sme |
| 103 |
- Stop disabling service on rpm removal (spec change only) |
| 104 |
|
| 105 |
* Tue Dec 7 2010 Daniel Berteaud <daniel@firewall-services.com> 0.1-15.sme |
| 106 |
- Remove useless smb.conf template |
| 107 |
|
| 108 |
* Tue Dec 7 2010 Daniel Berteaud <daniel@firewall-services.com> 0.1-14.sme |
| 109 |
- Fix type variable (thks M. Doerner) |
| 110 |
|
| 111 |
* Mon Nov 8 2010 Daniel Berteaud <daniel@firewall-services.com> 0.1-13.sme |
| 112 |
- Apply locale 2010-11-08 patch |
| 113 |
|
| 114 |
* Thu Nov 4 2010 Daniel Berteaud <daniel@firewall-services.com> 0.1-12.sme |
| 115 |
- Apply locale 2010-11-04 patch |
| 116 |
|
| 117 |
* Tue Nov 02 2010 Daniel Berteaud <daniel@firewall-services.com> 0.1-11.sme |
| 118 |
- Remove the nice directive |
| 119 |
|
| 120 |
* Mon Oct 18 2010 Daniel Berteaud <daniel@firewall-services.com> 0.1-10.sme |
| 121 |
- Expand smb.conf and restart samba services |
| 122 |
|
| 123 |
* Mon Oct 18 2010 Daniel Berteaud <daniel@firewall-services.com> 0.1-9.sme |
| 124 |
- Fix typo in up script |
| 125 |
|
| 126 |
* Mon Oct 18 2010 Daniel Berteaud <daniel@firewall-services.com> 0.1-8.sme |
| 127 |
- Various enhancement in templates |
| 128 |
- Set wget timeout |
| 129 |
- Fix crontab templates |
| 130 |
|
| 131 |
* Sun Oct 17 2010 Daniel Berteaud <daniel@firewall-services.com> 0.1-7.sme |
| 132 |
- Implement CRL updates and verification |
| 133 |
- Fix masq template |
| 134 |
|
| 135 |
* Sun Oct 17 2010 Daniel Berteaud <daniel@firewall-services.com> 0.1-6.sme |
| 136 |
- Set VPN networks non removable |
| 137 |
|
| 138 |
* Sun Oct 17 2010 Daniel Berteaud <daniel@firewall-services.com> 0.1-5.sme |
| 139 |
- Rename logrotate configuration file |
| 140 |
- Add missingok to logrotate conf |
| 141 |
- Support per configuration customization |
| 142 |
- Add TLS auth support |
| 143 |
|
| 144 |
* Mon Oct 4 2010 Daniel Berteaud <daniel@firewall-services.com> 0.1-4.sme |
| 145 |
- Fix adding routes in up script |
| 146 |
- Log drop trafic |
| 147 |
- Fix multiple net validation |
| 148 |
|
| 149 |
* Mon Oct 4 2010 Daniel Berteaud <daniel@firewall-services.com> 0.1-3.sme |
| 150 |
- allow one-way VPN with AllowInbound prop |
| 151 |
|
| 152 |
* Mon Oct 4 2010 Daniel Berteaud <daniel@firewall-services.com> 0.1-3.sme |
| 153 |
- Various fixes |
| 154 |
|
| 155 |
* Mon Oct 4 2010 Daniel Berteaud <daniel@firewall-services.com> 0.1-1.sme |
| 156 |
- initiale release (based on work from Florian Dejan) |
| 157 |
|
| 158 |
%prep |
| 159 |
|
| 160 |
%setup -q -n %{name}-%{version} |
| 161 |
%patch0 -p1 |
| 162 |
%patch1 -p1 |
| 163 |
%patch2 -p1 |
| 164 |
%patch3 -p1 |
| 165 |
%patch4 -p1 |
| 166 |
%patch5 -p1 |
| 167 |
%patch6 -p1 |
| 168 |
%patch7 -p1 |
| 169 |
%patch8 -p1 |
| 170 |
%patch9 -p1 |
| 171 |
%patch10 -p1 |
| 172 |
%patch11 -p1 |
| 173 |
%patch12 -p1 |
| 174 |
%patch13 -p1 |
| 175 |
%patch14 -p1 |
| 176 |
%patch15 -p1 |
| 177 |
%patch16 -p1 |
| 178 |
%patch17 -p1 |
| 179 |
%patch18 -p1 |
| 180 |
%patch19 -p1 |
| 181 |
%patch20 -p1 |
| 182 |
%patch21 -p1 |
| 183 |
%patch22 -p1 |
| 184 |
%patch23 -p1 |
| 185 |
%patch24 -p1 |
| 186 |
%patch25 -p1 |
| 187 |
%patch26 -p1 |
| 188 |
%patch27 -p1 |
| 189 |
%patch28 -p1 |
| 190 |
%patch29 -p1 |
| 191 |
%patch30 -p1 |
| 192 |
%patch31 -p1 |
| 193 |
%patch32 -p1 |
| 194 |
%patch33 -p1 |
| 195 |
%patch34 -p1 |
| 196 |
%patch35 -p1 |
| 197 |
%patch36 -p1 |
| 198 |
%patch37 -p1 |
| 199 |
%patch38 -p1 |
| 200 |
|
| 201 |
%build |
| 202 |
perl createlinks |
| 203 |
|
| 204 |
%{__mkdir_p} root/etc/openvpn/s2s/priv |
| 205 |
%{__mkdir_p} root/etc/openvpn/s2s/pub |
| 206 |
%{__mkdir_p} root/etc/openvpn/s2s/tmp |
| 207 |
%{__mkdir_p} root/etc/openvpn/s2s/dev |
| 208 |
%{__mkdir_p} root/var/run/openvpn-s2s |
| 209 |
%{__mkdir_p} root/var/log/openvpn-s2s |
| 210 |
|
| 211 |
%install |
| 212 |
/bin/rm -rf $RPM_BUILD_ROOT |
| 213 |
(cd root ; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT) |
| 214 |
/bin/rm -f %{name}-%{version}-filelist |
| 215 |
/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \ |
| 216 |
--dir /etc/openvpn/s2s/pub 'attr(0755,root,root)' \ |
| 217 |
--dir /etc/openvpn/s2s/priv 'attr(0750,root,root)' \ |
| 218 |
--dir /etc/openvpn/s2s/tmp 'attr(0750,root,root)' \ |
| 219 |
--dir /var/log/openvpn-s2s 'attr(0770,root,nobody)' \ |
| 220 |
--file /etc/openvpn/s2s/bin/up 'attr(4750,root,openvpn)' \ |
| 221 |
> %{name}-%{version}-filelist |
| 222 |
|
| 223 |
%files -f %{name}-%{version}-filelist |
| 224 |
%defattr(-,root,root) |
| 225 |
|
| 226 |
%clean |
| 227 |
rm -rf $RPM_BUILD_ROOT |
| 228 |
|
| 229 |
%post |
| 230 |
if [ \! -c /etc/openvpn/s2s/dev/urandom ]; then |
| 231 |
mknod -m 0444 /etc/openvpn/s2s/dev/urandom c 1 9 |
| 232 |
fi |
| 233 |
|
| 234 |
%preun |
| 235 |
|
Parent Directory
| 
Revision Log
| 
Revision Graph
