From f0a497afb4aded1e368f767b212b9c403bc3949e Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 23 Jul 2021 20:40:24 +0000 Subject: [PATCH 01/15] - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- vpnc.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vpnc.spec b/vpnc.spec index b370ea2..e4dba89 100644 --- a/vpnc.spec +++ b/vpnc.spec @@ -2,7 +2,7 @@ Name: vpnc Version: 0.5.3 -Release: 41%{snapshot}%{?dist} +Release: 42%{snapshot}%{?dist} Summary: IPSec VPN client compatible with Cisco equipment License: GPLv2+ URL: http://www.unix-ag.uni-kl.de/~massar/vpnc/ @@ -100,6 +100,9 @@ install -m 0644 %{SOURCE8} %{buildroot}%{_tmpfilesdir}/%{name}.conf %changelog +* Fri Jul 23 2021 Fedora Release Engineering - 0.5.3-42.svn550 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + * Wed Jan 27 2021 Fedora Release Engineering - 0.5.3-41.svn550 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild From e4ab75f9ae450251bfc4c20089c46fa94a34f14d Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sat, 22 Jan 2022 04:10:57 +0000 Subject: [PATCH 02/15] - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- vpnc.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vpnc.spec b/vpnc.spec index e4dba89..73de3bd 100644 --- a/vpnc.spec +++ b/vpnc.spec @@ -2,7 +2,7 @@ Name: vpnc Version: 0.5.3 -Release: 42%{snapshot}%{?dist} +Release: 43%{snapshot}%{?dist} Summary: IPSec VPN client compatible with Cisco equipment License: GPLv2+ URL: http://www.unix-ag.uni-kl.de/~massar/vpnc/ @@ -100,6 +100,9 @@ install -m 0644 %{SOURCE8} %{buildroot}%{_tmpfilesdir}/%{name}.conf %changelog +* Sat Jan 22 2022 Fedora Release Engineering - 0.5.3-43.svn550 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + * Fri Jul 23 2021 Fedora Release Engineering - 0.5.3-42.svn550 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild From e30824a8569075923d26d06b0f1d596853640580 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sat, 23 Jul 2022 12:06:46 +0000 Subject: [PATCH 03/15] Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- vpnc.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vpnc.spec b/vpnc.spec index 73de3bd..fd7f6de 100644 --- a/vpnc.spec +++ b/vpnc.spec @@ -2,7 +2,7 @@ Name: vpnc Version: 0.5.3 -Release: 43%{snapshot}%{?dist} +Release: 44%{snapshot}%{?dist} Summary: IPSec VPN client compatible with Cisco equipment License: GPLv2+ URL: http://www.unix-ag.uni-kl.de/~massar/vpnc/ @@ -100,6 +100,9 @@ install -m 0644 %{SOURCE8} %{buildroot}%{_tmpfilesdir}/%{name}.conf %changelog +* Sat Jul 23 2022 Fedora Release Engineering - 0.5.3-44.svn550 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + * Sat Jan 22 2022 Fedora Release Engineering - 0.5.3-43.svn550 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild From d2bba55e61dc19ae486b266c196080c93a5ff9f2 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sat, 21 Jan 2023 06:30:23 +0000 Subject: [PATCH 04/15] Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- vpnc.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vpnc.spec b/vpnc.spec index fd7f6de..5b56485 100644 --- a/vpnc.spec +++ b/vpnc.spec @@ -2,7 +2,7 @@ Name: vpnc Version: 0.5.3 -Release: 44%{snapshot}%{?dist} +Release: 45%{snapshot}%{?dist} Summary: IPSec VPN client compatible with Cisco equipment License: GPLv2+ URL: http://www.unix-ag.uni-kl.de/~massar/vpnc/ @@ -100,6 +100,9 @@ install -m 0644 %{SOURCE8} %{buildroot}%{_tmpfilesdir}/%{name}.conf %changelog +* Sat Jan 21 2023 Fedora Release Engineering - 0.5.3-45.svn550 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + * Sat Jul 23 2022 Fedora Release Engineering - 0.5.3-44.svn550 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild From 558b857e48d254557b83f523a2848e828b62dbf3 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sat, 22 Jul 2023 17:52:31 +0000 Subject: [PATCH 05/15] Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- vpnc.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vpnc.spec b/vpnc.spec index 5b56485..b1f9e3b 100644 --- a/vpnc.spec +++ b/vpnc.spec @@ -2,7 +2,7 @@ Name: vpnc Version: 0.5.3 -Release: 45%{snapshot}%{?dist} +Release: 46%{snapshot}%{?dist} Summary: IPSec VPN client compatible with Cisco equipment License: GPLv2+ URL: http://www.unix-ag.uni-kl.de/~massar/vpnc/ @@ -100,6 +100,9 @@ install -m 0644 %{SOURCE8} %{buildroot}%{_tmpfilesdir}/%{name}.conf %changelog +* Sat Jul 22 2023 Fedora Release Engineering - 0.5.3-46.svn550 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + * Sat Jan 21 2023 Fedora Release Engineering - 0.5.3-45.svn550 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild From a86660625a380ba6b2af357b72d5c0ca5eae15ad Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sat, 27 Jan 2024 08:12:51 +0000 Subject: [PATCH 06/15] Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild --- vpnc.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vpnc.spec b/vpnc.spec index b1f9e3b..921f606 100644 --- a/vpnc.spec +++ b/vpnc.spec @@ -2,7 +2,7 @@ Name: vpnc Version: 0.5.3 -Release: 46%{snapshot}%{?dist} +Release: 47%{snapshot}%{?dist} Summary: IPSec VPN client compatible with Cisco equipment License: GPLv2+ URL: http://www.unix-ag.uni-kl.de/~massar/vpnc/ @@ -100,6 +100,9 @@ install -m 0644 %{SOURCE8} %{buildroot}%{_tmpfilesdir}/%{name}.conf %changelog +* Sat Jan 27 2024 Fedora Release Engineering - 0.5.3-47.svn550 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + * Sat Jul 22 2023 Fedora Release Engineering - 0.5.3-46.svn550 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild From 4c9adffdb907a9343bcb8950b3376cab4909facd Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sat, 20 Jul 2024 09:01:09 +0000 Subject: [PATCH 07/15] Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild --- vpnc.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vpnc.spec b/vpnc.spec index 921f606..2e42e3d 100644 --- a/vpnc.spec +++ b/vpnc.spec @@ -2,7 +2,7 @@ Name: vpnc Version: 0.5.3 -Release: 47%{snapshot}%{?dist} +Release: 48%{snapshot}%{?dist} Summary: IPSec VPN client compatible with Cisco equipment License: GPLv2+ URL: http://www.unix-ag.uni-kl.de/~massar/vpnc/ @@ -100,6 +100,9 @@ install -m 0644 %{SOURCE8} %{buildroot}%{_tmpfilesdir}/%{name}.conf %changelog +* Sat Jul 20 2024 Fedora Release Engineering - 0.5.3-48.svn550 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + * Sat Jan 27 2024 Fedora Release Engineering - 0.5.3-47.svn550 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild From 4fa14c69f4d4f38fd565f9e318703cbc7cedcea8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miroslav=20Such=C3=BD?= Date: Fri, 26 Jul 2024 03:36:53 +0200 Subject: [PATCH 08/15] convert GPLv2+ license to SPDX This is part of https://fedoraproject.org/wiki/Changes/SPDX_Licenses_Phase_4 --- vpnc.spec | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/vpnc.spec b/vpnc.spec index 2e42e3d..bea7623 100644 --- a/vpnc.spec +++ b/vpnc.spec @@ -2,9 +2,10 @@ Name: vpnc Version: 0.5.3 -Release: 48%{snapshot}%{?dist} +Release: 49%{snapshot}%{?dist} Summary: IPSec VPN client compatible with Cisco equipment -License: GPLv2+ +# Automatically converted from old format: GPLv2+ - review is highly recommended. +License: GPL-2.0-or-later URL: http://www.unix-ag.uni-kl.de/~massar/vpnc/ Source0: http://www.unix-ag.uni-kl.de/~massar/vpnc/%{name}-%{version}%{snapshot}.tar.gz @@ -100,6 +101,9 @@ install -m 0644 %{SOURCE8} %{buildroot}%{_tmpfilesdir}/%{name}.conf %changelog +* Fri Jul 26 2024 Miroslav Suchý - 0.5.3-49.svn550 +- convert license to SPDX + * Sat Jul 20 2024 Fedora Release Engineering - 0.5.3-48.svn550 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild From d07b2d49698ee71b4d71ddc02ea8db1432e2959d Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sun, 19 Jan 2025 14:37:49 +0000 Subject: [PATCH 09/15] Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild --- vpnc.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vpnc.spec b/vpnc.spec index bea7623..a474898 100644 --- a/vpnc.spec +++ b/vpnc.spec @@ -2,7 +2,7 @@ Name: vpnc Version: 0.5.3 -Release: 49%{snapshot}%{?dist} +Release: 50%{snapshot}%{?dist} Summary: IPSec VPN client compatible with Cisco equipment # Automatically converted from old format: GPLv2+ - review is highly recommended. License: GPL-2.0-or-later @@ -101,6 +101,9 @@ install -m 0644 %{SOURCE8} %{buildroot}%{_tmpfilesdir}/%{name}.conf %changelog +* Sun Jan 19 2025 Fedora Release Engineering - 0.5.3-50.svn550 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + * Fri Jul 26 2024 Miroslav Suchý - 0.5.3-49.svn550 - convert license to SPDX From 4224a5e07d5f907fa4b467f316326383e4d07841 Mon Sep 17 00:00:00 2001 From: Lubomir Rintel Date: Wed, 13 Nov 2024 11:10:54 +0000 Subject: [PATCH 10/15] Drop vpnc-0.5.3-cloexec.patch It has been applied upstream: commit 6b2b9bcedbd6f89db57a0dcc3e33de902bb4ba22 Author: Joerg Mayer Date: Tue Aug 14 12:38:01 2007 +0000 From Fedora 6 (no author given): we forgot to apply the FD_CLOEXEC to the tunnel-fd. git-svn-id: http://svn.unix-ag.uni-kl.de/vpnc/trunk@200 315857ad-0bdb-0310-b42e-dec37551a5f0 --- vpnc-0.5.3-cloexec.patch | 12 ------------ 1 file changed, 12 deletions(-) delete mode 100644 vpnc-0.5.3-cloexec.patch diff --git a/vpnc-0.5.3-cloexec.patch b/vpnc-0.5.3-cloexec.patch deleted file mode 100644 index 3c224f9..0000000 --- a/vpnc-0.5.3-cloexec.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up vpnc-0.5.3/vpnc.c.cloexec vpnc-0.5.3/vpnc.c ---- vpnc-0.5.3/vpnc.c.cloexec 2008-11-19 21:55:51.000000000 +0100 -+++ vpnc-0.5.3/vpnc.c 2008-11-20 11:48:07.000000000 +0100 -@@ -2877,6 +2877,8 @@ static void do_phase2_qm(struct sa_block - close_tunnel(s); - error(1, errno, "Couldn't open socket of ESP. Maybe something registered ESP already.\nPlease try '--natt-mode force-natt' or disable whatever is using ESP.\nsocket(PF_INET, SOCK_RAW, IPPROTO_ESP)"); - } -+ fcntl(s->esp_fd, F_SETFD, FD_CLOEXEC); -+ - #ifdef IP_HDRINCL - if (setsockopt(s->esp_fd, IPPROTO_IP, IP_HDRINCL, &hincl, sizeof(hincl)) == -1) { - close_tunnel(s); From bbce69b7419bc21a4d1f1399f6666f2c04a6e76c Mon Sep 17 00:00:00 2001 From: Lubomir Rintel Date: Wed, 13 Nov 2024 11:41:28 +0000 Subject: [PATCH 11/15] Fix the license tag Some files are BSD licensed (perhaps coming from BSD, racoon). Newer vpnc upstream (follow-up patch) also uses these SPDX tags. While at that, drop the reminder to check the tag. --- vpnc.spec | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/vpnc.spec b/vpnc.spec index a474898..c9f033d 100644 --- a/vpnc.spec +++ b/vpnc.spec @@ -4,8 +4,7 @@ Name: vpnc Version: 0.5.3 Release: 50%{snapshot}%{?dist} Summary: IPSec VPN client compatible with Cisco equipment -# Automatically converted from old format: GPLv2+ - review is highly recommended. -License: GPL-2.0-or-later +License: GPL-2.0-or-later and BSD-2-Clause URL: http://www.unix-ag.uni-kl.de/~massar/vpnc/ Source0: http://www.unix-ag.uni-kl.de/~massar/vpnc/%{name}-%{version}%{snapshot}.tar.gz From 36f9cc0d4a66a53b0ce84a75221f90a9f1dc188b Mon Sep 17 00:00:00 2001 From: Lubomir Rintel Date: Thu, 14 Nov 2024 10:08:45 +0000 Subject: [PATCH 12/15] Switch to a snapshot from a maintenance repository The original upstream has fizzled out and another contributor has set up an alternate repository for the purposes of merging the most necessary fixes: https://lists.unix-ag.uni-kl.de/pipermail/vpnc-devel/2017-November/004233.html Debian has switched to using this and NetworkManager-vpnc has now merged support for options available only from here. Let's also switch. While at that, our patches have been submitted and merged: https://github.com/streambinder/vpnc/pull/51 https://github.com/streambinder/vpnc/pull/52 --- .gitignore | 2 ++ sources | 2 +- vpnc-0.5.1-dpd.patch | 63 ------------------------------------ vpnc-0.5.3-use-autodie.patch | 12 ------- vpnc.spec | 45 +++++++++++++++++--------- 5 files changed, 32 insertions(+), 92 deletions(-) delete mode 100644 vpnc-0.5.1-dpd.patch delete mode 100644 vpnc-0.5.3-use-autodie.patch diff --git a/.gitignore b/.gitignore index 8371d4e..35ff967 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,5 @@ vpnc-0.5.3.tar.gz /vpnc-0.5.3.svn457.tar.gz /vpnc-0.5.3.svn550.tar.gz +/vpnc-c4837a1.tar.gz +/vpnc-11e15a1.tar.gz diff --git a/sources b/sources index ec107ec..0437011 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -d45438923db1879efe3479ec27ec1000 vpnc-0.5.3.svn550.tar.gz +SHA512 (vpnc-11e15a1.tar.gz) = 80524bfa3224f56a002892b43c633db729663eff09d5252cc997b0c5a26d0b92a471f1b268b6b422bb3f7cfabbecc93f634216b14fdbdfaef81c88d6823a1755 diff --git a/vpnc-0.5.1-dpd.patch b/vpnc-0.5.1-dpd.patch deleted file mode 100644 index fd934fd..0000000 --- a/vpnc-0.5.1-dpd.patch +++ /dev/null @@ -1,63 +0,0 @@ -diff -up vpnc-0.5.1/vpnc.c.dpd vpnc-0.5.1/vpnc.c ---- vpnc-0.5.1/vpnc.c.dpd 2007-09-20 11:01:35.000000000 +0200 -+++ vpnc-0.5.1/vpnc.c 2007-11-12 23:11:05.000000000 +0100 -@@ -681,13 +681,13 @@ void dpd_ike(struct sa_block *s) - send_dpd(s, 0, s->ike.dpd_seqno); - } else { - /* Our last dpd request has not yet been acked. If it's been -- ** less than 5 seconds since we sent it do nothing. Otherwise -+ ** less than 1/10th of idle timeout since we sent it do nothing. Otherwise - ** decrement dpd_attempts. If dpd_attempts is 0 dpd fails and we - ** terminate otherwise we send it again with the same sequence - ** number and record current time. - */ - time_t now = time(NULL); -- if (now < s->ike.dpd_sent + 5) -+ if (now < s->ike.dpd_sent + s->ike.dpd_idle/10) - return; - if (--s->ike.dpd_attempts == 0) { - DEBUG(2, printf("dead peer detected, terminating\n")); -@@ -695,6 +695,8 @@ void dpd_ike(struct sa_block *s) - return; - } - s->ike.dpd_sent = now; -+ if (s->ike.dpd_attempts == 3) -+ ++s->ike.dpd_seqno; /* maybe just the dpd reply got lost let's try new seq no */ - send_dpd(s, 0, s->ike.dpd_seqno); - } - } -diff -up vpnc-0.5.1/tunip.c.dpd vpnc-0.5.1/tunip.c ---- vpnc-0.5.1/tunip.c.dpd 2007-09-06 22:05:14.000000000 +0200 -+++ vpnc-0.5.1/tunip.c 2007-11-12 22:42:17.000000000 +0100 -@@ -865,7 +865,7 @@ static void vpnc_main_loop(struct sa_blo - time_t now = time(NULL); - if (s->ike.dpd_seqno != s->ike.dpd_seqno_ack) { - /* Wake up more often for dpd attempts */ -- select_timeout.tv_sec = 5; -+ select_timeout.tv_sec = s->ike.dpd_idle/10; - select_timeout.tv_usec = 0; - dpd_ike(s); - next_ike_dpd = now + s->ike.dpd_idle; -@@ -925,8 +925,8 @@ static void vpnc_main_loop(struct sa_blo - if (s->ike.dpd_seqno != s->ike.dpd_seqno_ack) { - dpd_ike(s); - next_ike_dpd = now + s->ike.dpd_idle; -- if (now + 5 < next_up) -- next_up = now + 5; -+ if (now + s->ike.dpd_idle/10 < next_up) -+ next_up = now + s->ike.dpd_idle/10; - } - else if (now >= next_ike_dpd) { - dpd_ike(s); -diff -up vpnc-0.5.1/config.c.dpd vpnc-0.5.1/config.c ---- vpnc-0.5.1/config.c.dpd 2007-11-12 22:40:01.000000000 +0100 -+++ vpnc-0.5.1/config.c 2007-11-12 23:17:39.000000000 +0100 -@@ -242,7 +242,7 @@ static const char *config_def_udp_port(v - - static const char *config_def_dpd_idle(void) - { -- return "300"; -+ return "600"; - } - - static const char *config_ca_dir(void) diff --git a/vpnc-0.5.3-use-autodie.patch b/vpnc-0.5.3-use-autodie.patch deleted file mode 100644 index 4ad5d6c..0000000 --- a/vpnc-0.5.3-use-autodie.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up vpnc-0.5.3/makeman.pl.autodie vpnc-0.5.3/makeman.pl ---- vpnc-0.5.3/makeman.pl.autodie 2009-11-19 18:03:47.000000000 +0100 -+++ vpnc-0.5.3/makeman.pl 2013-03-07 11:21:43.524106709 +0100 -@@ -17,7 +17,7 @@ - - use strict; - use warnings; --use Fatal qw(open close); -+use autodie qw(open close); - use filetest qw(access); # to always get errno-values on filetests - use POSIX qw(strftime setlocale LC_ALL); - diff --git a/vpnc.spec b/vpnc.spec index c9f033d..ab2d495 100644 --- a/vpnc.spec +++ b/vpnc.spec @@ -1,13 +1,14 @@ -%define snapshot .svn550 +%global commit 11e15a143d6a00fb4e532cad271c70b401a6b9ef +%global shortcommit %(c=%{commit}; echo ${c:0:7}) Name: vpnc -Version: 0.5.3 -Release: 50%{snapshot}%{?dist} +Version: 0.5.3^20241114.git%{shortcommit} +Release: 1%{?dist} Summary: IPSec VPN client compatible with Cisco equipment License: GPL-2.0-or-later and BSD-2-Clause -URL: http://www.unix-ag.uni-kl.de/~massar/vpnc/ +URL: https://davidepucci.it/doc/vpnc/ -Source0: http://www.unix-ag.uni-kl.de/~massar/vpnc/%{name}-%{version}%{snapshot}.tar.gz +Source0: https://github.com/streambinder/vpnc/archive/%{commit}/%{name}-%{shortcommit}.tar.gz Source1: generic-vpnc.conf Source2: vpnc.consolehelper Source3: vpnc-disconnect.consolehelper @@ -17,9 +18,6 @@ Source8: %{name}-tmpfiles.conf # script used to generate the svn snapshot, not used in the actual build process Source99: fetch-sources.sh -Patch1: vpnc-0.5.1-dpd.patch -Patch2: vpnc-0.5.3-use-autodie.patch - BuildRequires: make BuildRequires: gcc BuildRequires: libgcrypt-devel > 1.1.90 @@ -29,14 +27,15 @@ BuildRequires: perl-interpreter BuildRequires: perl(autodie) BuildRequires: perl(filetest) BuildRequires: perl(if) -BuildRequires: systemd +BuildRequires: systemd-rpm-macros Requires: iproute vpnc-script %description -A VPN client compatible with Cisco's EasyVPN equipment. +An IPSec VPN client with support for IP tunelling, Xauth, ESP, +Mode Configuration and shared-secret IPSec authentication. + +Compatible with Cisco's EasyVPN equipment. -Supports IPSec (ESP) with Mode Configuration and Xauth. Supports only -shared-secret IPSec authentication, 3DES, MD5, and IP tunneling. %package consoleuser Summary: Allows console user to run the VPN client directly @@ -48,7 +47,7 @@ Allows the console user to run the IPSec VPN client directly without switching to the root account. %prep -%autosetup +%autosetup -p1 -n %{name}-%{commit} %build CFLAGS="$RPM_OPT_FLAGS -fPIE" LDFLAGS="$RPM_OPT_FLAGS -pie" make PREFIX=/usr @@ -56,7 +55,7 @@ CFLAGS="$RPM_OPT_FLAGS -fPIE" LDFLAGS="$RPM_OPT_FLAGS -pie" make PREFIX=/usr %install make install DESTDIR="$RPM_BUILD_ROOT" PREFIX=/usr rm -f $RPM_BUILD_ROOT%{_bindir}/pcf2vpnc -chmod 0644 pcf2vpnc +chmod 0644 src/pcf2vpnc rm -f $RPM_BUILD_ROOT%{_mandir}/man1/pcf2vpnc.1 chmod 0644 $RPM_BUILD_ROOT%{_mandir}/man8/vpnc.8 install -m 0600 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/vpnc/default.conf @@ -76,13 +75,23 @@ ln -sf consolehelper $RPM_BUILD_ROOT%{_bindir}/vpnc-disconnect rm -f $RPM_BUILD_ROOT%{_datadir}/doc/vpnc/COPYING # vpnc-script is packaged in a separate package rm -f $RPM_BUILD_ROOT%{_sysconfdir}/vpnc/vpnc-script +rm -f $RPM_BUILD_ROOT%{_docdir}/vpnc/*.md mkdir -p %{buildroot}%{_tmpfilesdir} install -m 0644 %{SOURCE8} %{buildroot}%{_tmpfilesdir}/%{name}.conf +%post +%systemd_post vpnc@.service + +%preun +%systemd_preun vpnc@.service + +%postun +%systemd_postun vpnc@.service + %files -%license COPYING -%doc README pcf2vpnc pcf2vpnc.1 +%license LICENSE LICENSE.BSD2 +%doc docs/*.md src/pcf2vpnc src/pcf2vpnc.1 %{_tmpfilesdir}/%{name}.conf %config(noreplace) %{_sysconfdir}/vpnc/default.conf @@ -91,6 +100,7 @@ install -m 0644 %{SOURCE8} %{buildroot}%{_tmpfilesdir}/%{name}.conf %{_sbindir}/vpnc-disconnect %{_mandir}/man8/vpnc.* %{_mandir}/man1/cisco-decrypt.* +%{_unitdir}/vpnc@.service %files consoleuser %config(noreplace) %{_sysconfdir}/security/console.apps/vpnc* @@ -100,6 +110,9 @@ install -m 0644 %{SOURCE8} %{buildroot}%{_tmpfilesdir}/%{name}.conf %changelog +* Mon Mar 24 2025 Lubomir Rintel - 0.5.3^20241114.gitc4837a1-1 +- Update to a snapshot from an active upstream Git repository + * Sun Jan 19 2025 Fedora Release Engineering - 0.5.3-50.svn550 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild From 6a7e69531c39cf66598f906468407e1b0b068ded Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Mon, 24 Mar 2025 14:25:24 +0100 Subject: [PATCH 13/15] Fix build when sbindir != /usr/sbin --- vpnc.spec | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/vpnc.spec b/vpnc.spec index ab2d495..9988454 100644 --- a/vpnc.spec +++ b/vpnc.spec @@ -53,7 +53,7 @@ switching to the root account. CFLAGS="$RPM_OPT_FLAGS -fPIE" LDFLAGS="$RPM_OPT_FLAGS -pie" make PREFIX=/usr %install -make install DESTDIR="$RPM_BUILD_ROOT" PREFIX=/usr +make install DESTDIR="$RPM_BUILD_ROOT" PREFIX=/usr SBINDIR=%{_sbindir} rm -f $RPM_BUILD_ROOT%{_bindir}/pcf2vpnc chmod 0644 src/pcf2vpnc rm -f $RPM_BUILD_ROOT%{_mandir}/man1/pcf2vpnc.1 @@ -105,7 +105,8 @@ install -m 0644 %{SOURCE8} %{buildroot}%{_tmpfilesdir}/%{name}.conf %files consoleuser %config(noreplace) %{_sysconfdir}/security/console.apps/vpnc* %config(noreplace) %{_sysconfdir}/pam.d/vpnc* -%{_bindir}/vpnc* +%{_bindir}/vpnc +%{_bindir}/vpnc-disconnect %{_sbindir}/vpnc-helper From 0179968143ffc9ba049b027f2917983cbf05e88f Mon Sep 17 00:00:00 2001 From: Christian Krause Date: Sat, 3 May 2025 00:59:29 +0200 Subject: [PATCH 14/15] Fix issues with /usr/bin/ and /usr/sbin/ merge problems - Fixes #2363531 - Always use consolehelper, implicitly allowed for root, remove consoleuser sub-package - Remove pam_console.so from vpnc.pam (not available anymore) --- vpnc-disconnect.consolehelper | 2 +- vpnc-helper | 10 ++++++++- vpnc.consolehelper | 2 +- vpnc.pam | 1 - vpnc.spec | 41 +++++++++++++++-------------------- 5 files changed, 29 insertions(+), 27 deletions(-) diff --git a/vpnc-disconnect.consolehelper b/vpnc-disconnect.consolehelper index 27cb504..2011c06 100644 --- a/vpnc-disconnect.consolehelper +++ b/vpnc-disconnect.consolehelper @@ -1,2 +1,2 @@ USER=root -PROGRAM=/usr/sbin/vpnc-disconnect +PROGRAM=/usr/libexec/vpnc-disconnect diff --git a/vpnc-helper b/vpnc-helper index 0e906d9..91ef213 100755 --- a/vpnc-helper +++ b/vpnc-helper @@ -1,2 +1,10 @@ #!/bin/sh -/usr/sbin/vpnc + +if [ "$USERHELPER_UID" = "0" ]; then + # if started by root, forward all arguments + /usr/libexec/vpnc "$@" +else + # if started as unprivileged user, discard all arguments + # vpnc will use its default config file /etc/vpnc/default.conf + /usr/libexec/vpnc +fi diff --git a/vpnc.consolehelper b/vpnc.consolehelper index 0170585..fbd2e95 100644 --- a/vpnc.consolehelper +++ b/vpnc.consolehelper @@ -1,2 +1,2 @@ USER=root -PROGRAM=/usr/sbin/vpnc-helper +PROGRAM=/usr/libexec/vpnc-helper diff --git a/vpnc.pam b/vpnc.pam index ddb3673..85cf06e 100644 --- a/vpnc.pam +++ b/vpnc.pam @@ -1,5 +1,4 @@ #%PAM-1.0 auth sufficient pam_rootok.so -auth sufficient pam_console.so auth include config-util account include config-util diff --git a/vpnc.spec b/vpnc.spec index 9988454..a289ed2 100644 --- a/vpnc.spec +++ b/vpnc.spec @@ -3,7 +3,7 @@ Name: vpnc Version: 0.5.3^20241114.git%{shortcommit} -Release: 1%{?dist} +Release: 2%{?dist} Summary: IPSec VPN client compatible with Cisco equipment License: GPL-2.0-or-later and BSD-2-Clause URL: https://davidepucci.it/doc/vpnc/ @@ -19,7 +19,7 @@ Source8: %{name}-tmpfiles.conf Source99: fetch-sources.sh BuildRequires: make -BuildRequires: gcc +BuildRequires: gcc BuildRequires: libgcrypt-devel > 1.1.90 BuildRequires: gnutls-devel # required for ./makeman.pl @@ -27,8 +27,9 @@ BuildRequires: perl-interpreter BuildRequires: perl(autodie) BuildRequires: perl(filetest) BuildRequires: perl(if) -BuildRequires: systemd-rpm-macros -Requires: iproute vpnc-script +BuildRequires: systemd-rpm-macros +Requires: iproute vpnc-script usermode +Obsoletes: vpnc-consoleuser < 0.5.3^20241114.git11e15a1-2 %description An IPSec VPN client with support for IP tunelling, Xauth, ESP, @@ -36,16 +37,6 @@ Mode Configuration and shared-secret IPSec authentication. Compatible with Cisco's EasyVPN equipment. - -%package consoleuser -Summary: Allows console user to run the VPN client directly -Requires: vpnc = %{version}-%{release} -Requires: usermode - -%description consoleuser -Allows the console user to run the IPSec VPN client directly without -switching to the root account. - %prep %autosetup -p1 -n %{name}-%{commit} @@ -53,7 +44,7 @@ switching to the root account. CFLAGS="$RPM_OPT_FLAGS -fPIE" LDFLAGS="$RPM_OPT_FLAGS -pie" make PREFIX=/usr %install -make install DESTDIR="$RPM_BUILD_ROOT" PREFIX=/usr SBINDIR=%{_sbindir} +make install DESTDIR="$RPM_BUILD_ROOT" PREFIX=/usr SBINDIR=%{_libexecdir} rm -f $RPM_BUILD_ROOT%{_bindir}/pcf2vpnc chmod 0644 src/pcf2vpnc rm -f $RPM_BUILD_ROOT%{_mandir}/man1/pcf2vpnc.1 @@ -68,7 +59,7 @@ install -Dp -m 0644 %{SOURCE4} \ install -Dp -m 0644 %{SOURCE4} \ $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/vpnc-disconnect install -m 0755 %{SOURCE5} \ - $RPM_BUILD_ROOT%{_sbindir}/vpnc-helper + $RPM_BUILD_ROOT%{_libexecdir}/vpnc-helper mkdir -p $RPM_BUILD_ROOT%{_bindir} ln -sf consolehelper $RPM_BUILD_ROOT%{_bindir}/vpnc ln -sf consolehelper $RPM_BUILD_ROOT%{_bindir}/vpnc-disconnect @@ -95,22 +86,26 @@ install -m 0644 %{SOURCE8} %{buildroot}%{_tmpfilesdir}/%{name}.conf %{_tmpfilesdir}/%{name}.conf %config(noreplace) %{_sysconfdir}/vpnc/default.conf -%{_sbindir}/vpnc %{_bindir}/cisco-decrypt -%{_sbindir}/vpnc-disconnect +%{_bindir}/vpnc +%{_bindir}/vpnc-disconnect +%{_libexecdir}/vpnc +%{_libexecdir}/vpnc-disconnect +%{_libexecdir}/vpnc-helper %{_mandir}/man8/vpnc.* %{_mandir}/man1/cisco-decrypt.* %{_unitdir}/vpnc@.service - -%files consoleuser %config(noreplace) %{_sysconfdir}/security/console.apps/vpnc* %config(noreplace) %{_sysconfdir}/pam.d/vpnc* -%{_bindir}/vpnc -%{_bindir}/vpnc-disconnect -%{_sbindir}/vpnc-helper %changelog +* Wed May 07 2025 Christian Krause - 0.5.3^20241114.git11e15a1-2 +- Fix issues with /usr/bin/ and /usr/sbin/ merge (#2363531) +- Always use consolehelper, implicitly allowed for root, + remove consoleuser sub-package +- Remove pam_console.so from vpnc.pam (not available anymore) + * Mon Mar 24 2025 Lubomir Rintel - 0.5.3^20241114.gitc4837a1-1 - Update to a snapshot from an active upstream Git repository From 0cce311a1168178f53d2d9f12b1e7ccc8f5618d1 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 25 Jul 2025 20:13:55 +0000 Subject: [PATCH 15/15] Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild --- vpnc.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vpnc.spec b/vpnc.spec index a289ed2..fa35006 100644 --- a/vpnc.spec +++ b/vpnc.spec @@ -3,7 +3,7 @@ Name: vpnc Version: 0.5.3^20241114.git%{shortcommit} -Release: 2%{?dist} +Release: 3%{?dist} Summary: IPSec VPN client compatible with Cisco equipment License: GPL-2.0-or-later and BSD-2-Clause URL: https://davidepucci.it/doc/vpnc/ @@ -100,6 +100,9 @@ install -m 0644 %{SOURCE8} %{buildroot}%{_tmpfilesdir}/%{name}.conf %changelog +* Fri Jul 25 2025 Fedora Release Engineering - 0.5.3^20241114.git11e15a1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild + * Wed May 07 2025 Christian Krause - 0.5.3^20241114.git11e15a1-2 - Fix issues with /usr/bin/ and /usr/sbin/ merge (#2363531) - Always use consolehelper, implicitly allowed for root,