import libreswan-4.4-1.el8
This commit is contained in:
parent
ccb65ec817
commit
eae0d5c58f
2
.gitignore
vendored
2
.gitignore
vendored
@ -1,4 +1,4 @@
|
|||||||
SOURCES/ikev1_dsa.fax.bz2
|
SOURCES/ikev1_dsa.fax.bz2
|
||||||
SOURCES/ikev1_psk.fax.bz2
|
SOURCES/ikev1_psk.fax.bz2
|
||||||
SOURCES/ikev2.fax.bz2
|
SOURCES/ikev2.fax.bz2
|
||||||
SOURCES/libreswan-4.3.tar.gz
|
SOURCES/libreswan-4.4.tar.gz
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
b35cd50b8bc0a08b9c07713bf19c72d53bfe66bb SOURCES/ikev1_dsa.fax.bz2
|
b35cd50b8bc0a08b9c07713bf19c72d53bfe66bb SOURCES/ikev1_dsa.fax.bz2
|
||||||
861d97bf488f9e296cad8c43ab72f111a5b1a848 SOURCES/ikev1_psk.fax.bz2
|
861d97bf488f9e296cad8c43ab72f111a5b1a848 SOURCES/ikev1_psk.fax.bz2
|
||||||
fcaf77f3deae3d8e99cdb3b1f8abea63167a0633 SOURCES/ikev2.fax.bz2
|
fcaf77f3deae3d8e99cdb3b1f8abea63167a0633 SOURCES/ikev2.fax.bz2
|
||||||
6f86811420df8873f43e8ff98f718f1aee5836f3 SOURCES/libreswan-4.3.tar.gz
|
c75da86c032fe15979a13f4e779a9fe41386203a SOURCES/libreswan-4.4.tar.gz
|
||||||
|
11
SOURCES/libreswan-4.3-1934186-config.patch
Normal file
11
SOURCES/libreswan-4.3-1934186-config.patch
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
diff -Naur libreswan-4.3-orig/configs/ipsec.conf.in libreswan-4.3/configs/ipsec.conf.in
|
||||||
|
--- libreswan-4.3-orig/configs/ipsec.conf.in 2021-03-04 14:29:50.591912834 -0500
|
||||||
|
+++ libreswan-4.3/configs/ipsec.conf.in 2021-03-04 14:30:27.227389433 -0500
|
||||||
|
@@ -32,6 +32,7 @@
|
||||||
|
# listen-tcp=yes
|
||||||
|
# To enable IKE and IPsec over TCP for VPN client, also specify
|
||||||
|
# tcp-remote-port=4500 in the client's conn section.
|
||||||
|
+ virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v4:100.64.0.0/10,%v6:fd00::/8,%v6:fe80::/10
|
||||||
|
|
||||||
|
# if it exists, include system wide crypto-policy defaults
|
||||||
|
# include /etc/crypto-policies/back-ends/libreswan.config
|
@ -36,7 +36,7 @@
|
|||||||
Name: libreswan
|
Name: libreswan
|
||||||
Summary: IPsec implementation with IKEv1 and IKEv2 keying protocols
|
Summary: IPsec implementation with IKEv1 and IKEv2 keying protocols
|
||||||
# version is generated in the release script
|
# version is generated in the release script
|
||||||
Version: 4.3
|
Version: 4.4
|
||||||
Release: %{?prever:0.}1%{?prever:.%{prever}}%{?dist}
|
Release: %{?prever:0.}1%{?prever:.%{prever}}%{?dist}
|
||||||
License: GPLv2
|
License: GPLv2
|
||||||
Url: https://libreswan.org/
|
Url: https://libreswan.org/
|
||||||
@ -51,6 +51,7 @@ Source3: https://download.libreswan.org/cavs/ikev2.fax.bz2
|
|||||||
Patch1: libreswan-4.3-maintain-different-v1v2-split.patch
|
Patch1: libreswan-4.3-maintain-different-v1v2-split.patch
|
||||||
Patch2: libreswan-3.32-1861360-nodefault-rsa-pss.patch
|
Patch2: libreswan-3.32-1861360-nodefault-rsa-pss.patch
|
||||||
Patch3: libreswan-4.1-maintain-obsolete-keywords.patch
|
Patch3: libreswan-4.1-maintain-obsolete-keywords.patch
|
||||||
|
Patch6: libreswan-4.3-1934186-config.patch
|
||||||
|
|
||||||
BuildRequires: audit-libs-devel
|
BuildRequires: audit-libs-devel
|
||||||
BuildRequires: bison
|
BuildRequires: bison
|
||||||
@ -108,6 +109,7 @@ Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04
|
|||||||
%patch1 -p1
|
%patch1 -p1
|
||||||
%patch2 -p1
|
%patch2 -p1
|
||||||
%patch3 -p1
|
%patch3 -p1
|
||||||
|
%patch6 -p1
|
||||||
|
|
||||||
# linking to freebl is not needed
|
# linking to freebl is not needed
|
||||||
sed -i "s/-lfreebl //" mk/config.mk
|
sed -i "s/-lfreebl //" mk/config.mk
|
||||||
@ -211,6 +213,15 @@ certutil -N -d sql:$tmpdir --empty-password
|
|||||||
%attr(0644,root,root) %doc %{_mandir}/*/*
|
%attr(0644,root,root) %doc %{_mandir}/*/*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed May 26 2021 Daiki Ueno <dueno@redhat.com> - 4.4-1
|
||||||
|
- Resolves: rhbz#1958968 Rebase libreswan to 4.4
|
||||||
|
- Resolves: rhbz#1954423 Libreswan: TS_UNACCEPTABLE on multiple connections between the same peers
|
||||||
|
|
||||||
|
* Thu Mar 04 2021 Paul Wouters <pwouters@redhat.com> - 4.3-3
|
||||||
|
- Resolves: rhbz#1933064 - IKEv2 support for Labeled IPsec
|
||||||
|
- Resolves: rhbz#1935150 RFE: Support IKE and ESP over TCP: RFC 8229
|
||||||
|
- Resolves: rhbz#1935339 virtual_private setting is missing in the default config
|
||||||
|
|
||||||
* Sun Feb 21 2021 Paul Wouters <pwouters@redhat.com> - 4.3-1
|
* Sun Feb 21 2021 Paul Wouters <pwouters@redhat.com> - 4.3-1
|
||||||
- Resolves: rhbz#1025061 - IKEv2 support for Labeled IPsec [update]
|
- Resolves: rhbz#1025061 - IKEv2 support for Labeled IPsec [update]
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user