merge in master branch changes (5.8.4-2)

Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>

.gitignore

@@ -1,3 +1 @@
-/strongswan-5.7.2.tar.bz2
+/strongswan-5.8.4.tar.bz2
-/strongswan-5.8.1.tar.bz2
-/strongswan-5.8.2.tar.bz2

sources

@@ -1 +1 @@
-SHA512 (strongswan-5.8.2.tar.bz2) = 423e7924acfe8a03ad7d4359ae9086fd516798fcf5eb948a27b52ea719f4d8954b83ea30ce94191ea1647616611df8a1215cb4d5c7ec48676624df6c41853e1d
+SHA512 (strongswan-5.8.4.tar.bz2) = 15e866b0d6cc4ea94f17856b519d926ae08c15d3b62f675f62685d0722ca8fa26b46afb1ad1c866e9d5f347d77a747f57d0c6d7f6bd57762f37d7798f9e28103

strongswan-5.8.2-extern-global.patch

@@ -0,0 +1,11 @@
+--- strongswan-5.8.2/src/swanctl/swanctl.h.orig	2020-02-23 00:35:39.051000000 +0200
++++ strongswan-5.8.2/src/swanctl/swanctl.h	2020-02-23 00:35:51.930355656 +0200
+@@ -30,7 +30,7 @@
+ /**
+  * Base directory for credentials and config
+  */
+-char *swanctl_dir;
++extern char *swanctl_dir;
+ 
+ /**
+  * Configuration file for connections, etc.

strongswan-5.8.4-runtime-dir.patch

@@ -0,0 +1,24 @@
+diff -ur strongswan-5.8.4.orig/init/systemd/strongswan.service.in strongswan-5.8.4/init/systemd/strongswan.service.in
+--- strongswan-5.8.4.orig/init/systemd/strongswan.service.in	2019-08-27 16:26:53.000000000 +0300
++++ strongswan-5.8.4/init/systemd/strongswan.service.in	2020-04-12 12:05:57.383596844 +0300
+@@ -9,6 +9,8 @@
+ ExecReload=@SBINDIR@/swanctl --reload
+ ExecReload=@SBINDIR@/swanctl --load-all --noprompt
+ Restart=on-abnormal
++RuntimeDirectory=strongswan
++RuntimeDirectoryMode=0755
+ 
+ [Install]
+ WantedBy=multi-user.target
+diff -ur strongswan-5.8.4.orig/init/systemd-starter/strongswan-starter.service.in strongswan-5.8.4/init/systemd-starter/strongswan-starter.service.in
+--- strongswan-5.8.4.orig/init/systemd-starter/strongswan-starter.service.in	2019-08-27 16:26:53.000000000 +0300
++++ strongswan-5.8.4/init/systemd-starter/strongswan-starter.service.in	2020-04-12 12:05:51.810559482 +0300
+@@ -6,6 +6,8 @@
+ ExecStart=@SBINDIR@/@IPSEC_SCRIPT@ start --nofork
+ StandardOutput=syslog
+ Restart=on-abnormal
++RuntimeDirectory=strongswan
++RuntimeDirectoryMode=0755
+ 
+ [Install]
+ WantedBy=multi-user.target

strongswan.spec

@@ -2,12 +2,14 @@
 #%%define prerelease dr1
 
 Name:           strongswan
-Version:        5.8.2
+Version:        5.8.4
 Release:        2%{?dist}
 Summary:        An OpenSource IPsec-based VPN and TNC solution
 License:        GPLv2+
 URL:            http://www.strongswan.org/
 Source0:        http://download.strongswan.org/%{name}-%{version}%{?prerelease}.tar.bz2
+Source1:        tmpfiles-strongswan.conf
+Patch0:         strongswan-5.8.4-runtime-dir.patch
 Patch1:         strongswan-5.6.0-uintptr_t.patch
 Patch3:         strongswan-5.6.2-CVE-2018-5388.patch
 
@@ -78,6 +80,7 @@ PT-TLS to support TNC over TLS.
 
 %prep
 %setup -q -n %{name}-%{version}%{?prerelease}
+%patch0 -p1
 %patch1 -p1
 %patch3 -p1
 
@@ -198,6 +201,7 @@ for i in aacerts acerts certs cacerts crls ocspcerts private reqs; do
     install -d -m 700 %{buildroot}%{_sysconfdir}/strongswan/ipsec.d/${i}
 done
 install -d -m 0700 %{buildroot}%{_rundir}/strongswan
+install -D -m 0644 %{SOURCE1} %{buildroot}/%{_tmpfilesdir}/strongswan.conf
 
 %post
 %systemd_post %{name}.service
@@ -240,6 +244,7 @@ install -d -m 0700 %{buildroot}%{_rundir}/strongswan
 %{_datadir}/strongswan/templates/config/
 %{_datadir}/strongswan/templates/database/
 %attr(0755,root,root) %dir %{_rundir}/strongswan
+%attr(0644,root,root) %{_tmpfilesdir}/strongswan.conf
 
 %files sqlite
 %{_libdir}/strongswan/plugins/libstrongswan-sqlite.so
@@ -267,6 +272,25 @@ install -d -m 0700 %{buildroot}%{_rundir}/strongswan
 %{_libexecdir}/strongswan/charon-nm
 
 %changelog
+* Sun Apr 12 2020 Mikhail Zabaluev <mikhail.zabaluev@gmail.com> - 5.8.4-2
+- Patch0: Add RuntimeDirectory options to service files (#1789263)
+
+* Sun Apr 12 2020 Mikhail Zabaluev <mikhail.zabaluev@gmail.com> - 5.8.4-1
+- Updated to 5.8.4
+- Patch4 has been applied upstream
+
+* Sun Apr 12 2020 Mikhail Zabaluev <mikhail.zabaluev@gmail.com> - 5.8.2-6
+- Patch0: Add RuntimeDirectory options to service files (#1789263)
+
+* Sat Feb 22 2020 Mikhail Zabaluev <mikhail.zabaluev@gmail.com> - 5.8.2-5
+- Patch to declare a global variable with extern (#1800117)
+
+* Mon Feb 10 2020 Paul Wouters <pwouters@redhat.com> - 5.8.2-4
+- use tmpfile to ensure rundir is present
+
+* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 5.8.2-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
 * Sat Dec 28 2019 Paul Wouters <pwouters@redhat.com> - 5.8.2-2
 - Use /run/strongswan as rundir to support strongswans in namespaces
 

tmpfiles-strongswan.conf

@@ -0,0 +1 @@
+D /run/strongswan 0755 root root -