rpms/tcpcrypt
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: rpms:rawhide
Branches Tags
rpms:rawhide
rpms:f43
rpms:main
rpms:f42
rpms:f41
rpms:f40
rpms:f39
rpms:f37
rpms:f38
rpms:f36
rpms:f35
rpms:f34
rpms:f33
rpms:f32
rpms:f31
rpms:f30
rpms:f29
rpms:f28
rpms:f27
rpms:f26
rpms:f25
rpms:f24
rpms:f23
rpms:epel7
rpms:f21
rpms:f22
rpms:el6
..
compare: rpms:f24
Branches Tags
rpms:f43
rpms:main
rpms:rawhide
rpms:f42
rpms:f41
rpms:f40
rpms:f39
rpms:f37
rpms:f38
rpms:f36
rpms:f35
rpms:f34
rpms:f33
rpms:f32
rpms:f31
rpms:f30
rpms:f29
rpms:f28
rpms:f27
rpms:f26
rpms:f25
rpms:f24
rpms:f23
rpms:epel7
rpms:f21
rpms:f22
rpms:el6

No commits in common. "rawhide" and "f24" have entirely different histories.
rawhide ... f24

4 changed files with 35 additions and 117 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.gitignore vendored
View file

@ -1,3 +1 @@
/tcpcrypt-bb990b1bfb0e411f0613abdaf3b71fdce50a82cf.tar.gz
/tcpcrypt-0.4.tar.gz
/tcpcrypt-0.5.tar.gz

2
sources
View file

@ -1 +1 @@
SHA512 (tcpcrypt-0.5.tar.gz) = aa7068e24c16449e84cc06450bbbac0a245df4f7883eef3c5cc10afb3592f194d42103d06e3e072ad997d09835545fa71bfecd57209ee45c07433f64fb6f0048
a664a62b58c891eb0b769234bab34a9b tcpcrypt-bb990b1bfb0e411f0613abdaf3b71fdce50a82cf.tar.gz

143
tcpcrypt.spec
View file

@ -1,27 +1,31 @@
%global _hardened_build 1
%global snapshot 0
%global commit bb990b1bfb0e411f0613abdaf3b71fdce50a82cf
%global shortcommit %(c=%{commit}; echo ${c:0:8})
# Requested upstream to do proper release so we dont need auto* tools
# and we dont have github tar ball diffs
# Reported old macro use AC_PROG_LIBTOOL https://github.com/scslab/tcpcrypt/pull/3
Summary: Opportunistically encrypt TCP connections
Name: tcpcrypt
Version: 0.5
Release: 19%{?dist}
# Automatically converted from old format: BSD - review is highly recommended.
License: LicenseRef-Callaway-BSD
Version: 0.4
Release: 0.5.%{shortcommit}%{?dist}
Group: System Environment/Libraries
License: BSD
Url: http://tcpcrypt.org/
Source0: http://tcpcrypt.org//%{name}-%{version}.tar.gz
Source0: https://github.com/scslab/%{name}/archive/%{commit}/%{name}-%{commit}.tar.gz
SOURCE1: tmpfiles-tcpcrypt.conf
SOURCE2: tcpcryptd.service
SOURCE3: tcpcryptd-firewall
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
BuildRequires: make
BuildRequires: gcc
BuildRequires: openssl-devel libnetfilter_queue-devel libcap-devel
BuildRequires: libnetfilter_conntrack-devel libpcap-devel
BuildRequires: libtool autoconf automake
BuildRequires: libtool, autoconf, automake
BuildRequires: systemd
Requires(post): systemd
Requires(preun): systemd
Requires(postun): systemd
Requires(pre): shadow-utils
%description
Provides a protocol that attempts to encrypt (almost) all of your
@ -32,6 +36,7 @@ end does not support
%package devel
Summary: Development package that includes the tcpcrypt header files
Group: Development/Libraries
Requires: %{name}%{?_isa} = %{version}-%{release}
%description devel
@ -39,25 +44,24 @@ The devel package contains the tcpcrypt library and the include files
%package libs
Summary: Libraries used by tcpcryptd server and tcpcrypt-aware applications
Group: Applications/System
Requires(post): /sbin/ldconfig
Requires(postun): /sbin/ldconfig
%description libs
Contains libraries used by tcpcryptd server and tcpcrypt-aware applications
%prep
%autosetup
# Create a sysusers.d config file
cat >tcpcrypt.sysusers.conf <<EOF
u tcpcryptd - 'tcpcrypt daemon account' /var/run/tcpcryptd -
EOF
%setup -qn %{name}-%{commit}
%build
sh bootstrap.sh
# git snapsots only
./bootstrap.sh
%configure --disable-static --disable-rpath
%make_build
make %{?_smp_mflags}
%install
%make_install
make DESTDIR=%{buildroot} INSTALL="%{__install} -p" install
install -m 0755 %{SOURCE3} %{buildroot}/%{_bindir}
rm %{buildroot}%{_libdir}/*.la
mkdir -p %{buildroot}%{_sysconfdir}/tmpfiles.d/ %{buildroot}/run/tcpcryptd
@ -65,16 +69,12 @@ install -D -m 0644 %{SOURCE1} %{buildroot}%{_tmpfilesdir}/tcpcrypt.conf
mkdir -p %{buildroot}%{_unitdir}
install -m 0755 %{SOURCE2} %{buildroot}/%{_unitdir}/tcpcryptd.service
install -m0644 -D tcpcrypt.sysusers.conf %{buildroot}%{_sysusersdir}/tcpcrypt.conf
%files libs
%doc README.markdown
%license LICENSE
%doc README.markdown LICENSE
%{_libdir}/libtcpcrypt.so.*
%files
%doc README.markdown
%license LICENSE
%doc README.markdown LICENSE
%{_bindir}/tcnetstat
%{_bindir}/tcpcryptd
%{_bindir}/tcpcryptd-firewall
@ -83,15 +83,20 @@ install -m0644 -D tcpcrypt.sysusers.conf %{buildroot}%{_sysusersdir}/tcpcrypt.co
%attr(0644,root,root) %{_tmpfilesdir}/tcpcrypt.conf
%attr(0644,root,root) %{_unitdir}/tcpcryptd.service
%attr(0755,tcpcryptd,tcpcryptd) %dir /run/tcpcryptd
%{_sysusersdir}/tcpcrypt.conf
%files devel
%{_libdir}/libtcpcrypt.so
%dir %{_includedir}/tcpcrypt
%{_includedir}/tcpcrypt/*.h
%ldconfig_scriptlets libs
%post libs -p /sbin/ldconfig
%postun libs -p /sbin/ldconfig
%pre
getent group tcpcryptd >/dev/null || groupadd -r tcpcryptd
getent passwd tcpcryptd >/dev/null || \
useradd -r -g tcpcryptd -d /var/run/tcpcryptd -s /sbin/nologin \
-c "tcpcrypt daemon account" tcpcrypt || exit 0
%post
%systemd_post tcpcryptd.service
@ -103,90 +108,6 @@ install -m0644 -D tcpcrypt.sysusers.conf %{buildroot}%{_sysusersdir}/tcpcrypt.co
%systemd_postun_with_restart tcpcryptd.service
%changelog
* Fri Jul 25 2025 Fedora Release Engineering <releng@fedoraproject.org> - 0.5-19
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Tue Feb 11 2025 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 0.5-18
- Add sysusers.d config file to allow rpm to create users/groups automatically
* Sun Jan 19 2025 Fedora Release Engineering <releng@fedoraproject.org> - 0.5-17
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Wed Sep 04 2024 Miroslav Suchý <msuchy@redhat.com> - 0.5-16
- convert license to SPDX
* Sat Jul 20 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.5-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Sat Jan 27 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.5-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sat Jul 22 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.5-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu Feb 23 2023 Eric Garver <eric@garver.life> - 0.5-12
- remove bash-isms from tcpcryptd-firewall
* Thu Feb 23 2023 Eric Garver <eric@garver.life> - 0.5-11
- remove broken firewalld service definition
* Sat Jan 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.5-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.5-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.5-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 0.5-7
- Rebuilt with OpenSSL 3.0.0
* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.5-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 0.5-5
- Rebuilt for updated systemd-rpm-macros
See https://pagure.io/fesco/issue/2583.
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.5-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Sun Aug 04 2019 Filipe Rosset <rosset.filipe@gmail.com> - 0.5-1
- Update to 0.5 plus spec cleanup and modernization
* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.4-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.4-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.4-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.4-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Sun Mar 06 2016 Paul Wouters <pwouters@redhat.com> - 0.4-1
- Updated to 0.4
- Resolves: rhbz#1213128 wrong user tcpcrypt
- Resolves: rhbz#1312703 Package systemd ExecStartPre/ExecStopPost script broken
* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.4-0.5.bb990b1b
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild

5
tcpcryptd-firewall
View file

@ -1,7 +1,6 @@
#!/bin/sh
# use iptables manually
if [ "$1" = "start" ]
if [ "$1" == "start" ]
then
iptables -t raw -N tcpcrypt
iptables -t raw -A tcpcrypt -p tcp -m mark --mark 0x0/0x10 -j NFQUEUE --queue-num 666
@ -13,7 +12,7 @@ then
# launch `tcpcryptd` with `-x 0x10`
fi
if [ "$1" = "stop" ]
if [ "$1" == "stop" ]
then
iptables -t raw -F tcpcrypt
iptables -t raw -D PREROUTING -j tcpcrypt