rpms-fedora-extras/strongswan
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enabled TNCCS 1.1 protocol

Browse Source 
- Fixed libxm2-devel build dependency
- Patch to fix the issue with loading of plugins
This commit is contained in:
Avesh Agarwal
2013-06-11 12:01:15 -04:00
committed by Jamie Nguyen
parent 84852c31c6
commit 8bc5b16e8f
2 changed files with 28 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
libstrongswan-plugin.patch Normal file
View File

@@ -0,0 +1,12 @@
diff -urNp strongswan-5.0.4-patched/src/libstrongswan/plugins/plugin_loader.c strongswan-5.0.4-current/src/libstrongswan/plugins/plugin_loader.c
--- strongswan-5.0.4-patched/src/libstrongswan/plugins/plugin_loader.c 2013-05-01 15:50:51.375560719 -0400
+++ strongswan-5.0.4-current/src/libstrongswan/plugins/plugin_loader.c 2013-05-22 16:30:24.121091911 -0400
@@ -267,7 +267,7 @@ static bool load_plugin(private_plugin_l
return FALSE;
}
}
- handle = dlopen(file, RTLD_LAZY);
+ handle = dlopen(file, RTLD_NOW|RTLD_GLOBAL);
if (handle == NULL)
{
DBG1(DBG_LIB, "plugin '%s' failed to load: %s", name, dlerror());

18
strongswan.spec
View File

@@ -1,6 +1,6 @@
Name: strongswan Name: strongswan
Version: 5.0.4 Version: 5.0.4
Release: 1%{?dist} Release: 2%{?dist}
Summary: An OpenSource IPsec-based VPN Solution Summary: An OpenSource IPsec-based VPN Solution
Group: System Environment/Daemons Group: System Environment/Daemons
License: GPLv2+ License: GPLv2+
@@ -8,6 +8,7 @@ URL: http://www.strongswan.org/
Source0: http://download.strongswan.org/%{name}-%{version}.tar.bz2 Source0: http://download.strongswan.org/%{name}-%{version}.tar.bz2
Patch0: strongswan-init.patch Patch0: strongswan-init.patch
Patch1: strongswan-pts-ecp-disable.patch Patch1: strongswan-pts-ecp-disable.patch
Patch2: libstrongswan-plugin.patch
BuildRequires: gmp-devel BuildRequires: gmp-devel
BuildRequires: libcurl-devel BuildRequires: libcurl-devel
BuildRequires: openldap-devel BuildRequires: openldap-devel
@@ -17,6 +18,7 @@ BuildRequires: NetworkManager-glib-devel
BuildRequires: sqlite-devel BuildRequires: sqlite-devel
BuildRequires: gettext-devel BuildRequires: gettext-devel
BuildRequires: trousers-devel BuildRequires: trousers-devel
BuildRequires: libxml2-devel
%if 0%{?fedora} >= 15 || 0%{?rhel} >= 7 %if 0%{?fedora} >= 15 || 0%{?rhel} >= 7
BuildRequires: systemd-units BuildRequires: systemd-units
@@ -56,6 +58,8 @@ IF-IMC/IMV interface.
%setup -q %setup -q
%patch0 -p1 %patch0 -p1
%patch1 -p1 %patch1 -p1
%patch2 -p1
echo "For migration from 4.6 to 5.0 see http://wiki.strongswan.org/projects/strongswan/wiki/CharonPlutoIKEv1" > README.Fedora echo "For migration from 4.6 to 5.0 see http://wiki.strongswan.org/projects/strongswan/wiki/CharonPlutoIKEv1" > README.Fedora
%build %build
@@ -90,6 +94,8 @@ echo "For migration from 4.6 to 5.0 see http://wiki.strongswan.org/projects/stro
--enable-imc-os \ --enable-imc-os \
--enable-eap-tnc \ --enable-eap-tnc \
--enable-tnccs-20 \ --enable-tnccs-20 \
--enable-tnccs-11 \
--enable-tnccs-dynamic \
--enable-tnc-imc \ --enable-tnc-imc \
--enable-tnc-imv \ --enable-tnc-imv \
--enable-eap-radius \ --enable-eap-radius \
@@ -97,6 +103,7 @@ echo "For migration from 4.6 to 5.0 see http://wiki.strongswan.org/projects/stro
--enable-eap-identity --enable-eap-identity
#make %{?_smp_mflags} IPSEC_CONFDIR=%{_sysconfdir}/%{name}
make %{?_smp_mflags} make %{?_smp_mflags}
sed -i 's/\t/ /' src/strongswan.conf src/starter/ipsec.conf sed -i 's/\t/ /' src/strongswan.conf src/starter/ipsec.conf
@@ -232,6 +239,8 @@ install -D -m 755 init/sysvinit/%{name} %{buildroot}/%{_initddir}/%{name}
%{_libdir}/%{name}/plugins/lib%{name}-tnc-imv.so %{_libdir}/%{name}/plugins/lib%{name}-tnc-imv.so
%{_libdir}/%{name}/plugins/lib%{name}-tnc-tnccs.so %{_libdir}/%{name}/plugins/lib%{name}-tnc-tnccs.so
%{_libdir}/%{name}/plugins/lib%{name}-tnccs-20.so %{_libdir}/%{name}/plugins/lib%{name}-tnccs-20.so
%{_libdir}/%{name}/plugins/lib%{name}-tnccs-11.so
%{_libdir}/%{name}/plugins/lib%{name}-tnccs-dynamic.so
%{_libdir}/%{name}/plugins/lib%{name}-eap-radius.so %{_libdir}/%{name}/plugins/lib%{name}-eap-radius.so
%dir %{_libexecdir}/%{name} %dir %{_libexecdir}/%{name}
%{_libexecdir}/%{name}/attest %{_libexecdir}/%{name}/attest
@@ -280,9 +289,14 @@ fi
%endif %endif
%changelog %changelog
* Tue Jun 11 2013 Avesh Agarwal <avagarwa@redhat.com> - 5.0.4-2
- Enabled TNCCS 1.1 protocol
- Fixed libxm2-devel build dependency
- Patch to fix the issue with loading of plugins
* Wed May 1 2013 Avesh Agarwal <avagarwa@redhat.com> - 5.0.4-1 * Wed May 1 2013 Avesh Agarwal <avagarwa@redhat.com> - 5.0.4-1
- New upstream release - New upstream release
- Fixes fo CVE-2013-2944 - Fixes for CVE-2013-2944
- Enabled support for OS IMV/IMC - Enabled support for OS IMV/IMC
- Created and applied a patch to disable ECP in fedora, because - Created and applied a patch to disable ECP in fedora, because
Openssl in Fedora does not allow ECP_256 and ECP_384. It makes Openssl in Fedora does not allow ECP_256 and ECP_384. It makes