[strongswan] Enabled TNCCS 1.1 protocol
avesh
avesh at fedoraproject.org
Tue Jun 11 16:01:27 UTC 2013
commit 44d903a54adc65b1e5169e860c3b8d65c9dc2db0
Author: Avesh Agarwal <avagarwa at redhat.com>
Date: Tue Jun 11 12:01:15 2013 -0400
Enabled TNCCS 1.1 protocol
- Fixed libxm2-devel build dependency
- Patch to fix the issue with loading of plugins
libstrongswan-plugin.patch | 12 ++++++++++++
strongswan.spec | 18 ++++++++++++++++--
2 files changed, 28 insertions(+), 2 deletions(-)
---
diff --git a/libstrongswan-plugin.patch b/libstrongswan-plugin.patch
new file mode 100644
index 0000000..0f4dc32
--- /dev/null
+++ b/libstrongswan-plugin.patch
@@ -0,0 +1,12 @@
+diff -urNp strongswan-5.0.4-patched/src/libstrongswan/plugins/plugin_loader.c strongswan-5.0.4-current/src/libstrongswan/plugins/plugin_loader.c
+--- strongswan-5.0.4-patched/src/libstrongswan/plugins/plugin_loader.c 2013-05-01 15:50:51.375560719 -0400
++++ strongswan-5.0.4-current/src/libstrongswan/plugins/plugin_loader.c 2013-05-22 16:30:24.121091911 -0400
+@@ -267,7 +267,7 @@ static bool load_plugin(private_plugin_l
+ return FALSE;
+ }
+ }
+- handle = dlopen(file, RTLD_LAZY);
++ handle = dlopen(file, RTLD_NOW|RTLD_GLOBAL);
+ if (handle == NULL)
+ {
+ DBG1(DBG_LIB, "plugin '%s' failed to load: %s", name, dlerror());
diff --git a/strongswan.spec b/strongswan.spec
index af19112..a2e3612 100644
--- a/strongswan.spec
+++ b/strongswan.spec
@@ -1,6 +1,6 @@
Name: strongswan
Version: 5.0.4
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: An OpenSource IPsec-based VPN Solution
Group: System Environment/Daemons
License: GPLv2+
@@ -8,6 +8,7 @@ URL: http://www.strongswan.org/
Source0: http://download.strongswan.org/%{name}-%{version}.tar.bz2
Patch0: strongswan-init.patch
Patch1: strongswan-pts-ecp-disable.patch
+Patch2: libstrongswan-plugin.patch
BuildRequires: gmp-devel
BuildRequires: libcurl-devel
BuildRequires: openldap-devel
@@ -17,6 +18,7 @@ BuildRequires: NetworkManager-glib-devel
BuildRequires: sqlite-devel
BuildRequires: gettext-devel
BuildRequires: trousers-devel
+BuildRequires: libxml2-devel
%if 0%{?fedora} >= 15 || 0%{?rhel} >= 7
BuildRequires: systemd-units
@@ -56,6 +58,8 @@ IF-IMC/IMV interface.
%setup -q
%patch0 -p1
%patch1 -p1
+%patch2 -p1
+
echo "For migration from 4.6 to 5.0 see http://wiki.strongswan.org/projects/strongswan/wiki/CharonPlutoIKEv1" > README.Fedora
%build
@@ -90,6 +94,8 @@ echo "For migration from 4.6 to 5.0 see http://wiki.strongswan.org/projects/stro
--enable-imc-os \
--enable-eap-tnc \
--enable-tnccs-20 \
+ --enable-tnccs-11 \
+ --enable-tnccs-dynamic \
--enable-tnc-imc \
--enable-tnc-imv \
--enable-eap-radius \
@@ -97,6 +103,7 @@ echo "For migration from 4.6 to 5.0 see http://wiki.strongswan.org/projects/stro
--enable-eap-identity
+#make %{?_smp_mflags} IPSEC_CONFDIR=%{_sysconfdir}/%{name}
make %{?_smp_mflags}
sed -i 's/\t/ /' src/strongswan.conf src/starter/ipsec.conf
@@ -232,6 +239,8 @@ install -D -m 755 init/sysvinit/%{name} %{buildroot}/%{_initddir}/%{name}
%{_libdir}/%{name}/plugins/lib%{name}-tnc-imv.so
%{_libdir}/%{name}/plugins/lib%{name}-tnc-tnccs.so
%{_libdir}/%{name}/plugins/lib%{name}-tnccs-20.so
+%{_libdir}/%{name}/plugins/lib%{name}-tnccs-11.so
+%{_libdir}/%{name}/plugins/lib%{name}-tnccs-dynamic.so
%{_libdir}/%{name}/plugins/lib%{name}-eap-radius.so
%dir %{_libexecdir}/%{name}
%{_libexecdir}/%{name}/attest
@@ -280,9 +289,14 @@ fi
%endif
%changelog
+* Tue Jun 11 2013 Avesh Agarwal <avagarwa at redhat.com> - 5.0.4-2
+- Enabled TNCCS 1.1 protocol
+- Fixed libxm2-devel build dependency
+- Patch to fix the issue with loading of plugins
+
* Wed May 1 2013 Avesh Agarwal <avagarwa at redhat.com> - 5.0.4-1
- New upstream release
-- Fixes fo CVE-2013-2944
+- Fixes for CVE-2013-2944
- Enabled support for OS IMV/IMC
- Created and applied a patch to disable ECP in fedora, because
Openssl in Fedora does not allow ECP_256 and ECP_384. It makes
More information about the scm-commits
mailing list