Update to 4.9
Also switch to using %autopatch as in Fedora. Resolves: #2128669 Signed-off-by: Daiki Ueno <dueno@redhat.com>
This commit is contained in:
parent
d36dffc2c8
commit
28de992c74
1
.gitignore
vendored
1
.gitignore
vendored
@ -41,3 +41,4 @@
|
||||
/libreswan-4.4.tar.gz
|
||||
/libreswan-4.5.tar.gz
|
||||
/libreswan-4.6.tar.gz
|
||||
/libreswan-4.9.tar.gz
|
||||
|
@ -58,23 +58,6 @@ index 5b5aba723f..68fbccf442 100644
|
||||
|
||||
#ifdef HAVE_LABELED_IPSEC
|
||||
SOPT(KBF_SECCTX, SECCTX);
|
||||
diff --git a/programs/pluto/server.c b/programs/pluto/server.c
|
||||
index 665f0ed8b9..448dbca076 100644
|
||||
--- a/programs/pluto/server.c
|
||||
+++ b/programs/pluto/server.c
|
||||
@@ -188,12 +188,7 @@ bool pluto_listen_tcp = false;
|
||||
enum ddos_mode pluto_ddos_mode = DDOS_AUTO; /* default to auto-detect */
|
||||
|
||||
enum global_ikev1_policy pluto_ikev1_pol =
|
||||
-#ifdef USE_IKEv1
|
||||
- GLOBAL_IKEv1_ACCEPT;
|
||||
-#else
|
||||
- /* there is no IKEv1 code compiled in to send a REJECT */
|
||||
GLOBAL_IKEv1_DROP;
|
||||
-#endif
|
||||
|
||||
#ifdef HAVE_SECCOMP
|
||||
enum seccomp_mode pluto_seccomp_mode = SECCOMP_DISABLED;
|
||||
--
|
||||
2.34.1
|
||||
|
||||
|
@ -30,8 +30,8 @@
|
||||
Name: libreswan
|
||||
Summary: Internet Key Exchange (IKEv1 and IKEv2) implementation for IPsec
|
||||
# version is generated in the release script
|
||||
Version: 4.6
|
||||
Release: %{?prever:0.}3%{?prever:.%{prever}}%{?dist}
|
||||
Version: 4.9
|
||||
Release: %{?prever:0.}1%{?prever:.%{prever}}%{?dist}
|
||||
License: GPLv2
|
||||
Url: https://libreswan.org/
|
||||
Source0: https://download.libreswan.org/%{?prever:development/}%{name}-%{version}%{?prever}.tar.gz
|
||||
@ -40,8 +40,7 @@ Source1: https://download.libreswan.org/cavs/ikev1_dsa.fax.bz2
|
||||
Source2: https://download.libreswan.org/cavs/ikev1_psk.fax.bz2
|
||||
Source3: https://download.libreswan.org/cavs/ikev2.fax.bz2
|
||||
%endif
|
||||
Patch0: libreswan-4.6-openssl3.patch
|
||||
Patch1: libreswan-4.6-ikev1-policy-defaults-to-drop.patch
|
||||
Patch: libreswan-4.6-ikev1-policy-defaults-to-drop.patch
|
||||
|
||||
BuildRequires: audit-libs-devel
|
||||
BuildRequires: bison
|
||||
@ -95,10 +94,9 @@ Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04
|
||||
|
||||
%prep
|
||||
%setup -q -n libreswan-%{version}%{?prever}
|
||||
%patch0 -p1 -b .openssl3
|
||||
%patch1 -p1 -b .ikev1-drop
|
||||
# enable crypto-policies support
|
||||
sed -i "s:#[ ]*include \(.*\)\(/crypto-policies/back-ends/libreswan.config\)$:include \1\2:" configs/ipsec.conf.in
|
||||
%autopatch -p1
|
||||
|
||||
%build
|
||||
make %{?_smp_mflags} \
|
||||
@ -198,6 +196,10 @@ certutil -N -d sql:$tmpdir --empty-password
|
||||
%doc %{_mandir}/*/*
|
||||
|
||||
%changelog
|
||||
* Wed Jan 4 2023 Daiki Ueno <dueno@redhat.com> - 4.9-1
|
||||
- Update to 4.9. Resolves: rhbz#2128669
|
||||
- Switch to using %%autopatch as in Fedora
|
||||
|
||||
* Wed Feb 2 2022 Daiki Ueno <dueno@redhat.com> - 4.6-3
|
||||
- Drop IKEv1 packets by default, based on the Debian patch
|
||||
by Daniel Kahn Gillmor (rhbz#2039877)
|
||||
|
2
sources
2
sources
@ -1,4 +1,4 @@
|
||||
SHA512 (ikev1_dsa.fax.bz2) = 627cbac14248bd68e8d22fbca247668a7749ef0c2e41df8d776d62df9a21403d3a246c0bd82c3faedce62de90b9f91a87f753e17b056319000bba7d2038461ac
|
||||
SHA512 (ikev1_psk.fax.bz2) = 1b2daec32edc56b410c036db2688c92548a9bd9914994bc7e555b301dd6db4497a6b3e89dc12ddf36826ae90b40fcde501a5a45c0d59098e07839073d219d467
|
||||
SHA512 (ikev2.fax.bz2) = 0d3748d1bd574f6f1f3e4db847eca126ce649566ea710ef227426f433122752b80d1d6b8acf9d0df07b5597c1e45447e3a2fcb3391756e834e8e75f99df8e51e
|
||||
SHA512 (libreswan-4.6.tar.gz) = c1c3efd7665dee6caaf08cb5aa50fcd37c299acad4b62648284fdb04edd50ba8fc8d33a9fb210edaf2312697f8cd251f33a6b16587eb2cfefd1269b4482dd499
|
||||
SHA512 (libreswan-4.9.tar.gz) = 4a43b09b0ef1bacc64ca1b74e7c268df7f024d8b6a9633a489f373ecd9327b173e9508dbc13c4d25ee74f3e2ba569d9d38dfd851fd98cf3cde4a61ef90a1d9d5
|
||||
|
Loading…
Reference in New Issue
Block a user