Bump version

Patch vici for NHRP
update rundir patch
2021-03-01 22:55:39 +01:00 · 2021-03-01 22:55:29 +01:00 · 2021-02-12 14:07:45 -05:00 · 2021-02-12 13:52:44 -05:00 · 2021-02-12 13:47:19 -05:00 · 2021-02-11 13:26:29 -08:00
5 changed files with 45 additions and 18 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
 /strongswan-5.8.4.tar.bz2
 /strongswan-5.9.0.tar.bz2
 /strongswan-5.9.1.tar.bz2
--- a/2
+++ b/2
@@ -1 +1 @@
-SHA512 (strongswan-5.9.0.tar.bz2) = b982ce7c3e940ad75ab71b02ce3e2813b41c6b098cde5b6f3f3513d095f409fe989ae6e38a31eff51c57423bf452c3610cd5cd8cd7f45ff932581d9859df1821
+SHA512 (strongswan-5.9.1.tar.bz2) = 222625e77bd86959da6dd7346cfa9f92569fc396a494bb95ddf2c8e0680b7e8041541e8a14320517a0c735d713ae0fdc0d0c4694215e812817814b0b4efc3497
--- a/strongswan-5.8.2-extern-global.patch
+++ b/strongswan-5.8.2-extern-global.patch
@@ -1,11 +0,0 @@
 --- strongswan-5.8.2/src/swanctl/swanctl.h.orig	2020-02-23 00:35:39.051000000 +0200
 +++ strongswan-5.8.2/src/swanctl/swanctl.h	2020-02-23 00:35:51.930355656 +0200
@@ -30,7 +30,7 @@
 /**
  * Base directory for credentials and config
  */
 -char *swanctl_dir;
 +extern char *swanctl_dir;
 /**
  * Configuration file for connections, etc.
--- a/strongswan-5.9.1-runtime-dir.patch
+++ b/strongswan-5.9.1-runtime-dir.patch
@@ -0,0 +1,12 @@
 diff -Naur strongswan-5.9.1-orig/init/systemd-starter/strongswan-starter.service.in strongswan-5.9.1/init/systemd-starter/strongswan-starter.service.in
 --- strongswan-5.9.1-orig/init/systemd-starter/strongswan-starter.service.in	2020-10-16 08:36:37.000000000 -0400
 +++ strongswan-5.9.1/init/systemd-starter/strongswan-starter.service.in	2021-02-12 14:06:09.985042362 -0500
@@ -5,6 +5,8 @@
 [Service]
 ExecStart=@SBINDIR@/@IPSEC_SCRIPT@ start --nofork
 Restart=on-abnormal
 +RuntimeDirectory=strongswan
 +RuntimeDirectoryMode=0755
 [Install]
 WantedBy=multi-user.target
--- a/strongswan.spec
+++ b/strongswan.spec
@@ -3,14 +3,14 @@
 %global dist .nhrp.3%{?dist}
 Name:           strongswan
-Version:        5.9.0
+Version:        5.9.1
 Release:        1%{?dist}
 Summary:        An OpenSource IPsec-based VPN and TNC solution
 License:        GPLv2+
 URL:            http://www.strongswan.org/
 Source0:        http://download.strongswan.org/%{name}-%{version}%{?prerelease}.tar.bz2
 Source1:        tmpfiles-strongswan.conf
-Patch0:         strongswan-5.8.4-runtime-dir.patch
+Patch0:         strongswan-5.9.1-runtime-dir.patch
 Patch1:         strongswan-5.6.0-uintptr_t.patch
 Patch3:         strongswan-5.6.2-CVE-2018-5388.patch
@@ -25,6 +25,7 @@ Patch16:        0007-vyos-terminate-connections-source-dest.patch
 # only needed for pre-release versions
 #BuildRequires:  autoconf automake
 BuildRequires: make
 BuildRequires:  gcc
 BuildRequires:  systemd-devel
 BuildRequires:  gmp-devel
@@ -40,6 +41,7 @@ BuildRequires:  json-c-devel
 BuildRequires:  libgcrypt-devel
 BuildRequires:  systemd-devel
 BuildRequires:  iptables-devel
 BuildRequires:  libcap-devel
 BuildRequires:  NetworkManager-libnm-devel
 Requires(post): systemd
@@ -116,6 +118,7 @@ PT-TLS to support TNC over TLS.
    --bindir=%{_libexecdir}/strongswan \
    --with-ipseclibdir=%{_libdir}/strongswan \
    --with-piddir=%{_rundir}/strongswan \
    --with-nm-ca-dir=%{_sysconfdir}/strongswan/ipsec.d/cacerts/ \
    --enable-bypass-lan \
    --enable-tss-trousers \
    --enable-nm \
@@ -188,7 +191,9 @@ PT-TLS to support TNC over TLS.
 %ifarch x86_64 %{ix86}
    --enable-aesni \
 %endif
-    --enable-kernel-libipsec
+    --enable-kernel-libipsec \
    --with-capabilities=libcap \
    CPPFLAGS="-DSTARTER_ALLOW_NON_ROOT"
 # disable certain plugins in the daemon configuration by default
 for p in bypass-lan; do
@@ -288,11 +293,34 @@ install -D -m 0644 %{SOURCE1} %{buildroot}/%{_tmpfilesdir}/strongswan.conf
 %{_libexecdir}/strongswan/charon-nm
 %changelog
 * Fri Feb 12 2021 Paul Wouters <pwouters@redhat.com> - 5.9.1-1
 - Resolves: rhbz# 1896545 strongswan-5.9.1 is available
 * Thu Feb 11 2021 Davide Cavalca <dcavalca@fedoraproject.org> - 5.9.0-4
 - Build with with capabilities support
 - Resolves: rhbz#1911572 StrongSwan not configured with libcap support
 * Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 5.9.0-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
 * Thu Oct 22 12:43:48 EDT 2020 Paul Wouters <pwouters@redhat.com> - 5.9.0-2
 - Resolves: rhbz#1886759 charon looking for certificates in the wrong place
 * Mon Sep 28 12:36:45 EDT 2020 Paul Wouters <pwouters@redhat.com> - 5.9.0-1
 - Resolves: rhbz#1861747 strongswan-5.9.0 is available
 - Remove --enable-fips-mode=2, which defaults strongswan to FIPS only.
  (use fips_mode = 2 in plugins {} openssl {} in strongswan.conf to enable FIPS)
 * Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 5.8.4-5
 - Second attempt - Rebuilt for
  https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
 * Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 5.8.4-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
 * Tue Apr 21 2020 Björn Esser <besser82@fedoraproject.org> - 5.8.4-3
 - Rebuild (json-c)
 * Sun Apr 12 2020 Mikhail Zabaluev <mikhail.zabaluev@gmail.com> - 5.8.4-2
 - Patch0: Add RuntimeDirectory options to service files (#1789263)
@@ -300,9 +328,6 @@ install -D -m 0644 %{SOURCE1} %{buildroot}/%{_tmpfilesdir}/strongswan.conf
 - Updated to 5.8.4
 - Patch4 has been applied upstream
 * Sun Apr 12 2020 Mikhail Zabaluev <mikhail.zabaluev@gmail.com> - 5.8.2-6
 - Patch0: Add RuntimeDirectory options to service files (#1789263)
 * Sat Feb 22 2020 Mikhail Zabaluev <mikhail.zabaluev@gmail.com> - 5.8.2-5
 - Patch to declare a global variable with extern (#1800117)
Author	SHA1	Message	Date
Zoran Peričić	c8476bf3d8	Bump version	2021-03-01 22:55:39 +01:00
Zoran Peričić	61c7333e9d	Patch vici for NHRP	2021-03-01 22:55:29 +01:00
Paul Wouters	dafd128e1f	update rundir patch	2021-02-12 14:07:45 -05:00
Paul Wouters	7e67e8cca6	- Resolves: rhbz# 1896545 strongswan-5.9.1 is available	2021-02-12 13:52:44 -05:00
Paul Wouters	04aee4b450	update changelog with rhbz	2021-02-12 13:47:19 -05:00
Davide Cavalca	8f80a71a01	Build with with capabilities support	2021-02-11 13:26:29 -08:00
Fedora Release Engineering	5449a7c2dc	- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2021-01-27 21:09:17 +00:00
Tom Stellard	0bc1b9e952	Add BuildRequires: make https://fedoraproject.org/wiki/Changes/Remove_make_from_BuildRoot	2021-01-08 22:02:14 +00:00
Paul Wouters	d2bf10503b	* Thu Oct 22 12:43:48 EDT 2020 Paul Wouters <pwouters@redhat.com> - 5.9.0-2 - Resolves: rhbz#1886759 charon looking for certificates in the wrong place	2020-10-22 12:46:04 -04:00
Paul Wouters	206f1fff39	* Mon Sep 28 12:36:45 EDT 2020 Paul Wouters <pwouters@redhat.com> - 5.9.0-1 - Resolves: rhbz#1861747 strongswan-5.9.0 is available - Remove --enable-fips-mode=2, which defaults strongswan to FIPS only. (use fips_mode = 2 in plugins {} openssl {} in strongswan.conf to enable FIPS)	2020-09-28 13:15:59 -04:00
Fedora Release Engineering	c671c8eddf	- Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2020-08-01 09:12:59 +00:00
Fedora Release Engineering	2054770361	- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2020-07-29 11:35:14 +00:00
Björn Esser	1bd38c323e	Rebuild (json-c)	2020-04-22 00:12:55 +02:00
Mikhail Zabaluev	6c46f34786	Patch0: Add RuntimeDirectory options to service files (#1789263 )	2020-04-12 12:13:28 +03:00
Mikhail Zabaluev	66c97839f3	Updated to 5.8.4 Patch4 has been applied upstream	2020-04-12 11:24:37 +03:00
`@@ -1 +1 @@`
	`SHA512 (strongswan-5.9.0.tar.bz2) = b982ce7c3e940ad75ab71b02ce3e2813b41c6b098cde5b6f3f3513d095f409fe989ae6e38a31eff51c57423bf452c3610cd5cd8cd7f45ff932581d9859df1821`	`SHA512 (strongswan-5.9.1.tar.bz2) = 222625e77bd86959da6dd7346cfa9f92569fc396a494bb95ddf2c8e0680b7e8041541e8a14320517a0c735d713ae0fdc0d0c4694215e812817814b0b4efc3497`