diff --git a/openvpn.spec b/openvpn.spec index ba4f7f9..edcab58 100644 --- a/openvpn.spec +++ b/openvpn.spec @@ -1,25 +1,20 @@ #define prerelease rc22 -%define plugins down-root auth-pam +# Build conditionals +# tests_long - Enabled by default, enables long running tests in %%check +%bcond_without tests_long Name: openvpn Version: 2.4.1 -Release: 2%{?prerelease:.%{prerelease}}%{?dist} +Release: 3%{?prerelease:.%{prerelease}}%{?dist} Summary: A full-featured SSL VPN solution URL: https://community.openvpn.net/ Source0: https://swupdate.openvpn.org/community/releases/%{name}-%{version}%{?prerelease:_%{prerelease}}.tar.xz Source1: https://swupdate.openvpn.org/community/releases/%{name}-%{version}%{?prerelease:_%{prerelease}}.tar.xz.asc -# Sample 2.0 config files Source2: roadwarrior-server.conf Source3: roadwarrior-client.conf Source4: openvpn.init -# Don't start openvpn by default. -#Patch0: openvpn-init.patch -#Patch1: openvpn-script-security.patch -#Patch2: openvpn-2.1.1-init.patch -#Patch3: openvpn-2.1.1-initinfo.patch -Patch4: 0001-Re-introduce-tls-remote-for-Fedora-EPEL-6-and-EPEL-7.patch - +Patch0: 0001-Re-introduce-tls-remote-for-Fedora-EPEL-6-and-EPEL-7.patch License: GPLv2 Group: Applications/Internet BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-%(id -un) @@ -47,16 +42,24 @@ Requires(postun): /sbin/service OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP -port. It can use the Marcus Franz Xaver Johannes Oberhumer's LZO library +port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for compression. +%package devel +Group: Applications/Internet +Summary: Development headers and examples for OpenVPN plug-ins + +%description devel +OpenVPN can be extended through the --plugin option, which provides +possibilities to add specialized authentication, user accounting, +packet filtering and related features. These plug-ins need to be +written in C and provides a more low-level and information rich access +to similar features as the various script-hooks. + + %prep %setup -q -n %{name}-%{version}%{?prerelease:_%{prerelease}} -#%patch0 -p0 -#%patch1 -p1 -#%patch2 -p0 -#%patch3 -p0 -%patch4 -p1 +%patch0 -p1 sed -i -e 's,%{_datadir}/openvpn/plugin,%{_libdir}/openvpn/plugin,' doc/openvpn.8 @@ -65,33 +68,21 @@ find contrib sample -type f -perm +100 \ -exec chmod a-x {} \; %build -# --enable-pthread Enable pthread support (Experimental for OpenVPN 2.0) -# --enable-password-save Allow --askpass and --auth-user-pass passwords to be -# read from a file -# --enable-iproute2 Enable support for iproute2 -# --with-ifconfig-path=PATH Path to ifconfig tool -# --with-iproute-path=PATH Path to iproute tool -# --with-route-path=PATH Path to route tool %configure \ --enable-iproute2 \ - --enable-plugins \ - --enable-plugin-down-root \ - --enable-plugin-auth-pam \ --enable-pkcs11 \ --enable-x509-alt-username \ + --enable-selinux \ + --docdir=%{_pkgdocdir} \ IPROUTE=/sbin/ip %{__make} -# Build plugins -for plugin in %{plugins} ; do - %{__make} -C src/plugins/$plugin -done - %check # Test Crypto: ./src/openvpn/openvpn --genkey --secret key ./src/openvpn/openvpn --test-crypto --secret key +%if %{with tests_long} # Randomize ports for tests to avoid conflicts on the build servers. cport=$[ 50000 + ($RANDOM % 15534) ] sport=$[ $cport + 1 ] @@ -115,34 +106,26 @@ popd rm -f %{_tmppath}/%{name}-%{version}-%{release}-%(%{__id_u})-loopback-client \ %{_tmppath}/%{name}-%{version}-%{release}-%(%{__id_u})-loopback-server +%endif %install rm -rf $RPM_BUILD_ROOT - -install -D -m 0644 doc/%{name}.8 $RPM_BUILD_ROOT%{_mandir}/man8/%{name}.8 -install -D -m 0755 src/openvpn/%{name} $RPM_BUILD_ROOT%{_sbindir}/%{name} -install -D -m 0755 %{SOURCE4} \ - $RPM_BUILD_ROOT%{_initrddir}/%{name} -install -d -m 0755 $RPM_BUILD_ROOT%{_sysconfdir}/%{name} - -mkdir -p $RPM_BUILD_ROOT%{_datadir}/%{name} -#cp -pR easy-rsa $RPM_BUILD_ROOT%{_datadir}/%{name}/ -#rm -rf $RPM_BUILD_ROOT%{_datadir}/%{name}/easy-rsa/Windows +%{__make} install DESTDIR=$RPM_BUILD_ROOT +find $RPM_BUILD_ROOT -name '*.la' | xargs rm -f +install -D -m 0755 %{SOURCE4} $RPM_BUILD_ROOT%{_initrddir}/%{name} cp %{SOURCE2} %{SOURCE3} sample/sample-config-files/ -mkdir -p $RPM_BUILD_ROOT%{_libdir}/%{name}/plugins/ -for plugin in %{plugins} ; do - install -m 0755 src/plugins/$plugin/.libs/openvpn-plugin-$plugin.so \ - $RPM_BUILD_ROOT%{_libdir}/%{name}/plugins/openvpn-plugin-$plugin.so - cp src/plugins/$plugin/README* src/plugins/ -done - -mkdir -p $RPM_BUILD_ROOT%{_libdir}/%{name}/plugin/lib -for plugin in %{plugins} ; do - ln -s %{_libdir}/%{name}/plugins/openvpn-plugin-$plugin.so $RPM_BUILD_ROOT%{_libdir}/%{name}/plugin/lib/openvpn-$plugin.so -done - +# Package installs into %%{_pkgdocdir} directly +# Add further files +cp -a AUTHORS contrib sample $RPM_BUILD_ROOT%{_pkgdocdir} mkdir -m 755 -p $RPM_BUILD_ROOT%{_var}/run/%{name} +mkdir -m 755 -p $RPM_BUILD_ROOT%{_sysconfdir}/%{name} + +# Remove some files which does not really belong here +rm -f $RPM_BUILD_ROOT%{_pkgdocdir}/sample/Makefile{,.in,.am} +rm -f $RPM_BUILD_ROOT%{_pkgdocdir}/contrib/multilevel-init.patch +rm -rf $RPM_BUILD_ROOT%{_pkgdocdir}/sample/sample-keys +rm -rf $RPM_BUILD_ROOT%{_pkgdocdir}/contrib/keychain-mcd %clean rm -rf $RPM_BUILD_ROOT @@ -169,19 +152,32 @@ fi %files %defattr(-,root,root,0755) -%doc AUTHORS COPYING COPYRIGHT.GPL INSTALL PORTS README Changes.rst -# Add NEWS when it isn't zero-length. -%doc src/plugins/README.* -%doc contrib sample +%{_pkgdocdir} +%exclude %{_pkgdocdir}/README.IPv6 +%exclude %{_pkgdocdir}/README.polarssl +%exclude %{_pkgdocdir}/sample/sample-plugins %{_mandir}/man8/%{name}.8* %{_sbindir}/%{name} -%{_datadir}/%{name}/ %{_libdir}/%{name}/ %{_initrddir}/%{name} %{_var}/run/%{name}/ %config %dir %{_sysconfdir}/%{name}/ +%files devel +%{_pkgdocdir}/sample/sample-plugins +%{_includedir}/openvpn-plugin.h +%{_includedir}/openvpn-msg.h + + %changelog +* Wed Mar 29 2017 David Sommerseth - 2.4.1-3 +- Various cleanups +- Splitting out -devel files into a separate package +- Removed several contrib and sample files which makes is not + strictly needed in this package. +- build: Long running tests can be disabled with "--without tests_long" +- build: Removed defined %%{plugins} macro not in use + * Thu Mar 23 2017 David Sommerseth - 2.4.1-2 - Fedora EPEL exception: Re-introduce the --tls-remote feature - Package Changes.rst file