Update to 4.9

Also switch to using %autopatch as in Fedora. Resolves: #2128669 Signed-off-by: Daiki Ueno <dueno@redhat.com>
2023-01-04 11:27:11 +09:00 · 2023-01-04 11:27:11 +09:00 · 28de992c74
commit 28de992c74
parent d36dffc2c8
4 changed files with 10 additions and 24 deletions
--- a/.gitignore
+++ b/.gitignore
@ -41,3 +41,4 @@
 /libreswan-4.4.tar.gz
 /libreswan-4.5.tar.gz
 /libreswan-4.6.tar.gz
+/libreswan-4.9.tar.gz
--- a/libreswan-4.6-ikev1-policy-defaults-to-drop.patch
+++ b/libreswan-4.6-ikev1-policy-defaults-to-drop.patch
@ -58,23 +58,6 @@ index 5b5aba723f..68fbccf442 100644
 
 #ifdef HAVE_LABELED_IPSEC
 	SOPT(KBF_SECCTX, SECCTX);
-diff --git a/programs/pluto/server.c b/programs/pluto/server.c
-index 665f0ed8b9..448dbca076 100644
--- a/programs/pluto/server.c
-+++ b/programs/pluto/server.c
-@@ -188,12 +188,7 @@ bool pluto_listen_tcp = false;
- enum ddos_mode pluto_ddos_mode = DDOS_AUTO; /* default to auto-detect */
- 
- enum global_ikev1_policy pluto_ikev1_pol =
-#ifdef USE_IKEv1
-	 GLOBAL_IKEv1_ACCEPT;
-#else
-	/* there is no IKEv1 code compiled in to send a REJECT */
- 	GLOBAL_IKEv1_DROP;
-#endif
- 
- #ifdef HAVE_SECCOMP
- enum seccomp_mode pluto_seccomp_mode = SECCOMP_DISABLED;
 -- 
 2.34.1

--- a/libreswan.spec
+++ b/libreswan.spec
@ -30,8 +30,8 @@
 Name: libreswan
 Summary: Internet Key Exchange (IKEv1 and IKEv2) implementation for IPsec
 # version is generated in the release script
-Version: 4.6
-Release: %{?prever:0.}3%{?prever:.%{prever}}%{?dist}
+Version: 4.9
+Release: %{?prever:0.}1%{?prever:.%{prever}}%{?dist}
 License: GPLv2
 Url: https://libreswan.org/
 Source0: https://download.libreswan.org/%{?prever:development/}%{name}-%{version}%{?prever}.tar.gz
@ -40,8 +40,7 @@ Source1: https://download.libreswan.org/cavs/ikev1_dsa.fax.bz2
 Source2: https://download.libreswan.org/cavs/ikev1_psk.fax.bz2
 Source3: https://download.libreswan.org/cavs/ikev2.fax.bz2
 %endif
-Patch0: libreswan-4.6-openssl3.patch
-Patch1: libreswan-4.6-ikev1-policy-defaults-to-drop.patch
+Patch: libreswan-4.6-ikev1-policy-defaults-to-drop.patch

 BuildRequires: audit-libs-devel
 BuildRequires: bison
@ -95,10 +94,9 @@ Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04

 %prep
 %setup -q -n libreswan-%{version}%{?prever}
-%patch0 -p1 -b .openssl3
-%patch1 -p1 -b .ikev1-drop
 # enable crypto-policies support
 sed -i "s:#[ ]*include \(.*\)\(/crypto-policies/back-ends/libreswan.config\)$:include \1\2:" configs/ipsec.conf.in
+%autopatch -p1

 %build
 make %{?_smp_mflags} \
@ -198,6 +196,10 @@ certutil -N -d sql:$tmpdir --empty-password
 %doc %{_mandir}/*/*

 %changelog
+* Wed Jan  4 2023 Daiki Ueno <dueno@redhat.com> - 4.9-1
+- Update to 4.9. Resolves: rhbz#2128669
+- Switch to using %%autopatch as in Fedora
+
 * Wed Feb  2 2022 Daiki Ueno <dueno@redhat.com> - 4.6-3
 - Drop IKEv1 packets by default, based on the Debian patch
  by Daniel Kahn Gillmor (rhbz#2039877)
--- a/2
+++ b/2
@ -1,4 +1,4 @@
 SHA512 (ikev1_dsa.fax.bz2) = 627cbac14248bd68e8d22fbca247668a7749ef0c2e41df8d776d62df9a21403d3a246c0bd82c3faedce62de90b9f91a87f753e17b056319000bba7d2038461ac
 SHA512 (ikev1_psk.fax.bz2) = 1b2daec32edc56b410c036db2688c92548a9bd9914994bc7e555b301dd6db4497a6b3e89dc12ddf36826ae90b40fcde501a5a45c0d59098e07839073d219d467
 SHA512 (ikev2.fax.bz2) = 0d3748d1bd574f6f1f3e4db847eca126ce649566ea710ef227426f433122752b80d1d6b8acf9d0df07b5597c1e45447e3a2fcb3391756e834e8e75f99df8e51e
-SHA512 (libreswan-4.6.tar.gz) = c1c3efd7665dee6caaf08cb5aa50fcd37c299acad4b62648284fdb04edd50ba8fc8d33a9fb210edaf2312697f8cd251f33a6b16587eb2cfefd1269b4482dd499
+SHA512 (libreswan-4.9.tar.gz) = 4a43b09b0ef1bacc64ca1b74e7c268df7f024d8b6a9633a489f373ecd9327b173e9508dbc13c4d25ee74f3e2ba569d9d38dfd851fd98cf3cde4a61ef90a1d9d5