[xl2tpd/el6] * Tue Jun 12 2012 Paul Wouters <pwouters at redhat.com> - 1.3.1-6 - Added patch for xl2tpd.conf to impr

Paul Wouters pwouters at fedoraproject.org
Tue Jun 12 17:46:26 UTC 2012 

commit 8b1f1a381a20b47a7675ca891b8fbaf344f4e28f
Author: Paul Wouters <paul at libreswan.org>
Date:   Tue Jun 12 13:45:28 2012 -0400

    * Tue Jun 12 2012 Paul Wouters <pwouters at redhat.com> - 1.3.1-6
    - Added patch for xl2tpd.conf to improve interop settings
      (no longer need to say "no encryption" on Windows)
    - Improved patch, more doc fixed (esp. "force userspace" option)
    - don't use old version of if_pppol2tp.h

 xl2tpd-1.3.1-conf.patch |   63 +++++++++++++++++++++++++++++++++++++++++++++++
 xl2tpd.spec             |   11 +++++++-
 2 files changed, 73 insertions(+), 1 deletions(-)
---
diff --git a/xl2tpd-1.3.1-conf.patch b/xl2tpd-1.3.1-conf.patch
new file mode 100644
index 0000000..7c240fc
--- /dev/null
+++ b/xl2tpd-1.3.1-conf.patch
@@ -0,0 +1,63 @@
+diff -Naur xl2tpd-1.3.1-orig/examples/chapsecrets.sample xl2tpd-1.3.1/examples/chapsecrets.sample
+--- xl2tpd-1.3.1-orig/examples/chapsecrets.sample	2011-10-06 15:22:05.000000000 -0400
++++ xl2tpd-1.3.1/examples/chapsecrets.sample	2012-06-12 12:08:26.850851970 -0400
+@@ -1,7 +1,9 @@
+-# Secrets for authentication using CHAP
+-# client        server  secret                  IP addresses
+-jacco           *       "mysecret"              192.168.1.128/25
+-*               jacco   "mysecret"              192.168.1.128/25
+-sam             *       "rumpelstiltskin"       192.168.1.5
+-*               sam     "rumpelstiltskin"       192.168.1.5
+-
++# Secrets for authentication on server using CHAP
++# client	server	secret			IP addresses
++jacco		*	"mysecret"		192.168.1.128/25 # Dynamic IP
++sam		*	"rumpelstiltskin"	192.168.1.5	 # Static IP
++#
++# Secrets for authentication on client using CHAP
++# client	server	secret			IP addresses
++*		jacco	"mysecret"
++*		sam	"rumpelstiltskin"
+diff -Naur xl2tpd-1.3.1-orig/examples/README xl2tpd-1.3.1/examples/README
+--- xl2tpd-1.3.1-orig/examples/README	2011-10-06 15:22:05.000000000 -0400
++++ xl2tpd-1.3.1/examples/README	2012-06-12 12:08:26.850851970 -0400
+@@ -1,2 +1,4 @@
+-These are example files for use with xl2tpd. The xl2tpd*conf files are
+-examples to use xl2tpd with Openswan's IPsec. See www.openswan.org
++These are example files for use with xl2tpd.
++
++Openswan carries config examples for use with l2tp-over-ipsec.
++See http://www.openswan.org/
+diff -Naur xl2tpd-1.3.1-orig/examples/xl2tpd.conf xl2tpd-1.3.1/examples/xl2tpd.conf
+--- xl2tpd-1.3.1-orig/examples/xl2tpd.conf	2011-10-06 15:22:05.000000000 -0400
++++ xl2tpd-1.3.1/examples/xl2tpd.conf	2012-06-12 12:27:00.922911049 -0400
+@@ -14,6 +14,11 @@
+ ; in the example below). Yet another IP address (local ip, e.g. 192.168.1.99)
+ ; will be used by xl2tpd as its address on pppX interfaces.
+ 
++
++; IMPORTANT: always set listen-addr to a specific address, to work around a
++; udpfromto bug!!!
++
++
+ [global]
+ ; listen-addr = 192.168.1.98
+ ;
+@@ -24,14 +29,15 @@
+ ;  when using any of the SAref kernel patches for kernels up to 2.6.35.
+ ; ipsec refinfo = 30
+ ;
+-; forceuserspace = yes
++; force userspace = yes
+ ;
+ ; debug tunnel = yes
+ 
+ [lns default]
+ ip range = 192.168.1.128-192.168.1.254
+ local ip = 192.168.1.99
+-require chap = yes
++; leave chap unspecified for maximum compatibility with windows, iOS, etc
++; require chap = yes
+ refuse pap = yes
+ require authentication = yes
+ name = LinuxVPNserver
diff --git a/xl2tpd.spec b/xl2tpd.spec
index 0c42c36..6a9503e 100644
--- a/xl2tpd.spec
+++ b/xl2tpd.spec
@@ -1,7 +1,7 @@
 Summary: Layer 2 Tunnelling Protocol Daemon (RFC 2661)
 Name: xl2tpd
 Version: 1.3.1
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: GPL+
 Url: http://www.xelerance.com/software/xl2tpd/
 Group: System Environment/Daemons
@@ -9,6 +9,7 @@ Source0: http://www.xelerance.com/software/xl2tpd/xl2tpd-%{version}.tar.gz
 Patch1: xl2tpd-1.3.1-Wunused.patch
 Patch2: xl2tpd-bz80693.patch
 Patch3: xl2tpd-1.3.0-kernelmode.patch
+Patch4: xl2tpd-1.3.1-conf.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Requires: ppp > 2.4.5-5
 BuildRequires: libpcap-devel
@@ -46,6 +47,8 @@ It was de-facto maintained by Jacco de Leeuw <jacco2 at dds.nl> in 2002 and 2003.
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
+%patch4 -p1
+rm linux/include/linux/if_pppol2tp.h 
 
 %build
 #make DFLAGS="$RPM_OPT_FLAGS -g -DDEBUG_HELLO -DDEBUG_CLOSE -DDEBUG_FLOW -DDEBUG_PAYLOAD -DDEBUG_CONTROL -DDEBUG_CONTROL_XMIT -DDEBUG_FLOW_MORE -DDEBUG_MAGIC -DDEBUG_ENTROPY -DDEBUG_HIDDEN -DDEBUG_PPPD -DDEBUG_AAA -DDEBUG_FILE -DDEBUG_FLOW -DDEBUG_HELLO -DDEBUG_CLOSE -DDEBUG_ZLB -DDEBUG_AUTH"
@@ -95,6 +98,12 @@ fi
 %ghost %attr(0600,root,root) %{_localstatedir}/run/xl2tpd/l2tp-control
 
 %changelog
+* Tue Jun 12 2012 Paul Wouters <pwouters at redhat.com> - 1.3.1-3
+- Added patch for xl2tpd.conf to improve interop settings
+  (no longer need to say "no encryption" on Windows)
+- Improved patch, more doc fixed (esp. "force userspace" option)
+- don't use old version of if_pppol2tp.h
+
 * Sun Apr 22 2012 Paul Wouters <pwouters at redhat.com> - 1.3.1-2
 - Added support for CONFIG_PPPOL2TP by sigwall <fionov at gmail.com>
 - Require current ppp because some old versions lacked pppol2tp.so plugin

More information about the scm-commits mailing list