[openconnect] Update to what is almost the final 4.00 release, enable v1 library on <= f17
David Woodhouse
dwmw2 at fedoraproject.org
Sat Jun 16 21:46:48 UTC 2012
commit 4e232f81837494a483a357c6c00f1b3fc153115d
Author: David Woodhouse <David.Woodhouse at intel.com>
Date: Sat Jun 16 22:42:36 2012 +0100
Update to what is almost the final 4.00 release, enable v1 library on <= f17
.gitignore | 1 +
libopenconnect15.map | 51 ++++++++++++++++++++++++++++++++
library15.c | 33 +++++++++++++++++++++
openconnect.spec | 79 ++++++++++++++++++++++++++++++++++++++++++++-----
sources | 2 +-
5 files changed, 157 insertions(+), 9 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index a91f548..f907def 100644
--- a/.gitignore
+++ b/.gitignore
@@ -15,3 +15,4 @@ openconnect-2.25.tar.gz
/openconnect-3.19.tar.gz
/openconnect-3.20.tar.gz
/openconnect-3.99.tar.gz
+/openconnect-3.99-26-gb40dcae.tar.gz
diff --git a/libopenconnect15.map b/libopenconnect15.map
new file mode 100644
index 0000000..39e5f31
--- /dev/null
+++ b/libopenconnect15.map
@@ -0,0 +1,51 @@
+OPENCONNECT_1.0 {
+ global:
+ openconnect_clear_cookie;
+ openconnect_get_cert_sha1;
+ openconnect_get_cookie;
+ openconnect_get_hostname;
+ openconnect_get_peer_cert;
+ openconnect_get_port;
+ openconnect_get_urlpath;
+ openconnect_get_version;
+ openconnect_init_openssl;
+ openconnect_obtain_cookie;
+ openconnect_parse_url;
+ openconnect_passphrase_from_fsid;
+ openconnect_reset_ssl;
+ openconnect_set_cafile;
+ openconnect_set_client_cert;
+ openconnect_set_hostname;
+ openconnect_set_http_proxy;
+ openconnect_setup_csd;
+ openconnect_set_urlpath;
+ openconnect_set_xmlsha1;
+ openconnect_vpninfo_new;
+ local:
+ *;
+};
+OPENCONNECT_1.1 {
+ global:
+ openconnect_vpninfo_free;
+} OPENCONNECT_1.0;
+
+OPENCONNECT_1.2 {
+ global:
+ openconnect_vpninfo_new_with_cbdata;
+} OPENCONNECT_1.1;
+
+OPENCONNECT_1.3 {
+ global:
+ openconnect_set_cert_expiry_warning;
+} OPENCONNECT_1.2;
+
+OPENCONNECT_1.4 {
+ global:
+ openconnect_set_cancel_fd;
+} OPENCONNECT_1.3;
+
+OPENCONNECT_1.5 {
+ global:
+ openconnect_get_cert_details;
+ openconnect_get_cert_DER;
+} OPENCONNECT_1.4;
diff --git a/library15.c b/library15.c
new file mode 100644
index 0000000..0496cdf
--- /dev/null
+++ b/library15.c
@@ -0,0 +1,33 @@
+#ifndef OPENCONNECT_OPENSSL
+#error Cannot pretend to be compatible if not building with OpenSSL
+#endif
+
+#define openconnect_vpninfo_new openconnect_vpninfo_new_with_cbdata
+#include "library.c"
+#undef openconnect_vpninfo_new
+
+struct openconnect_info *
+openconnect_vpninfo_new (char *useragent,
+ openconnect_validate_peer_cert_vfn validate_peer_cert,
+ openconnect_write_new_config_vfn write_new_config,
+ openconnect_process_auth_form_vfn process_auth_form,
+ openconnect_progress_vfn progress);
+struct openconnect_info *
+openconnect_vpninfo_new (char *useragent,
+ openconnect_validate_peer_cert_vfn validate_peer_cert,
+ openconnect_write_new_config_vfn write_new_config,
+ openconnect_process_auth_form_vfn process_auth_form,
+ openconnect_progress_vfn progress)
+{
+ return openconnect_vpninfo_new_with_cbdata(useragent,
+ validate_peer_cert,
+ write_new_config,
+ process_auth_form,
+ progress, NULL);
+}
+
+void openconnect_init_openssl(void);
+void openconnect_init_openssl(void)
+{
+ openconnect_init_ssl();
+}
diff --git a/openconnect.spec b/openconnect.spec
index 0f39098..1443114 100644
--- a/openconnect.spec
+++ b/openconnect.spec
@@ -1,20 +1,31 @@
+# For Fedora 17 and below, for now, build a compat libopenconnect.so.1 with OpenSSL so
+# that the upgrade path is easier.
+%if 0%fedora < 18
+%define build_compat_lib 1
+%else
+%define build_compat_lib 0
+%endif
+
Name: openconnect
Version: 3.99
-Release: 4%{?dist}
+Release: 5%{?dist}
Summary: Open client for Cisco AnyConnect VPN
Group: Applications/Internet
License: LGPLv2+
URL: http://www.infradead.org/openconnect.html
-Source0: ftp://ftp.infradead.org/pub/openconnect/openconnect-%{version}.tar.gz
-Patch1: 0001-Fix-GnuTLS-2.12-library-still-referencing-OpenSSL-ER.patch
+# git reset --hard b40dcae ; make tmp-dist
+Source0: ftp://ftp.infradead.org/pub/openconnect/openconnect-%{version}-26-gb40dcae.tar.gz
+Source1: library15.c
+Source2: libopenconnect15.map
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: openssl-devel libxml2-devel gtk2-devel GConf2-devel dbus-devel
-BuildRequires: libproxy-devel python gettext pkgconfig(gnutls) >= 2.12.16
-BuildRequires: autoconf automake libtool
+BuildRequires: libproxy-devel python gettext gnutls-devel >= 2.12.14-3
+BuildRequires: autoconf automake libtool trousers-devel
Requires: vpnc-script
Requires: openssl >= 0.9.8k-4
+Requires: gnutls >= 2.12.14-3
# Older versions of NetworkManager-openconnect won't find openconnect in /usr/sbin
Conflicts: NetworkManager-openconnect < 0.9.0-3
@@ -32,20 +43,64 @@ This package provides the core HTTP and authentication support from
the OpenConnect VPN client, to be used by GUI authentication dialogs
for NetworkManager etc.
+%package lib-compat
+Summary: Compatibility library for OpenConnect authentication clients
+Group: Applications/Internet
+Requires: %{name} = %{version}-%{release}
+
+%description lib-compat
+This package provides a backward-compatible library for use by GNOME and KDE
+NetworkManager clients which have not yet been rebuilt to use the new version
+of the library.
+
%prep
-%setup -q
-%patch1 -p1
-autoreconf
+%setup -q -n openconnect-3.99-26-gb40dcae
+%if %{build_compat_lib}
+cp %{SOURCE1} .
+cp %{SOURCE2} libopenconnect15.map.in
+# In Fedora 16 we fixed the gnutls_record_get_direction() bug without upgrading
+sed 's/2\.12\.16/2.12.14/' -i configure
+touch version.c
+%endif
%build
+%global _configure ../configure
+%if %{build_compat_lib}
+mkdir compat
+cd compat
+%configure --with-vpnc-script=/etc/vpnc/vpnc-script --htmldir=%{_docdir}/%{name}-%{version}
+# Hack: Build with library15.c instead of library.c and use the old version
+# script and soname.
+sed -e 's/library\./library15./g' \
+ -e 's/libopenconnect.map/libopenconnect15.map/g' \
+ -e 's/-version-number 2:0/-version-number 1:5/g' \
+ Makefile > Makefile.lib15
+# We configure with --disable-dependency-tracking so we do not need this:
+# cp .deps/libopenconnect_la-library.Plo .deps/libopenconnect_la-library2.Plo
+
+# Do not let it rebuild the symbol map that we provided
+cp %{SOURCE2} .
+make -f Makefile.lib15 libopenconnect.la
+
+cd ..
+%endif
+mkdir gnutls
+cd gnutls
%configure --with-vpnc-script=/etc/vpnc/vpnc-script --htmldir=%{_docdir}/%{name}-%{version} --with-gnutls
make %{?_smp_mflags}
%install
rm -rf $RPM_BUILD_ROOT
+%if %{build_compat_lib}
+mkdir -p $RPM_BUILD_ROOT/%{_libdir}
+install -m0755 compat/.libs/libopenconnect.so.1.5.0 ${RPM_BUILD_ROOT}/%{_libdir}
+ln -sf libopenconnect.so.1.5.0 ${RPM_BUILD_ROOT}/%{_libdir}/libopenconnect.so.1
+%endif
+cd gnutls
%make_install
rm -f $RPM_BUILD_ROOT/%{_libdir}/libopenconnect.la
+cd ..
%find_lang %{name}
%clean
@@ -62,6 +117,11 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man8/*
%doc TODO COPYING.LGPL
+%if %{build_compat_lib}
+%files lib-compat
+%{_libdir}/libopenconnect.so.1*
+%endif
+
%files devel
%defattr(-,root,root,-)
%{_libdir}/libopenconnect.so
@@ -69,6 +129,9 @@ rm -rf $RPM_BUILD_ROOT
%{_libdir}/pkgconfig/openconnect.pc
%changelog
+* Sat Jun 16 2012 David Woodhouse <David.Woodhouse at intel.com> - 3.99-5
+- Enable building compatibility libopenconnect.so.1
+
* Thu Jun 14 2012 David Woodhouse <David.Woodhouse at intel.com> - 3.99-4
- Last patch needs autoreconf
diff --git a/sources b/sources
index a4a0cd9..007ed63 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-5b71a825b5e13a2ffab72971cdb92ce9 openconnect-3.99.tar.gz
+88b8fe7f32f2164c938a20e1a7765c26 openconnect-3.99-26-gb40dcae.tar.gz
More information about the scm-commits
mailing list