[ocserv] updated to 0.9.1
Nikos Mavrogiannopoulos
nmav at fedoraproject.org
Mon Feb 16 09:47:26 UTC 2015
commit e4fe6e80bfa43aed425551071cf3fb9a5dbf85db
Author: Nikos Mavrogiannopoulos <nmav at redhat.com>
Date: Mon Feb 16 10:45:16 2015 +0100
updated to 0.9.1
.gitignore | 2 ++
ocserv.conf | 25 +++++++++----------------
ocserv.spec | 9 ++++++---
sources | 4 ++--
4 files changed, 19 insertions(+), 21 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 0ef6c80..291a6a8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -24,3 +24,5 @@
/ocserv-0.8.9.tar.xz
/ocserv-0.9.0.tar.xz
/ocserv-0.9.0.tar.xz.sig
+/ocserv-0.9.1.tar.xz.sig
+/ocserv-0.9.1.tar.xz
diff --git a/ocserv.conf b/ocserv.conf
index aa5dbaf..20da17f 100644
--- a/ocserv.conf
+++ b/ocserv.conf
@@ -1,16 +1,11 @@
# User authentication method. Could be set multiple times and in
# that case all should succeed. To enable multiple methods use
-# multiple auth directives. Available options: certificate, certificate[optional],
+# multiple auth directives. Available options: certificate,
# plain, pam, radius[configfile,groupconfig].
# certificate:
# This indicates that all connecting users must present a certificate.
#
-# certificate[optional]:
-# This indicates that a user may present a certificate. When that option
-# is set, individual users or user groups can be forced to present a valid
-# certificate by adding "require-cert=true" in the per-user configuration file.
-#
# pam[gid-min=1000]:
# The gid-min option is used by auto-select-group option, in order to
# select the minimum valid group ID.
@@ -31,7 +26,6 @@
# Framed-IP-Address, Framed-IP-Netmask, MS-Primary-DNS-Server, MS-Secondary-DNS-Server
#auth = "certificate"
-#auth = "certificate[optional]"
auth = "pam"
#auth = "pam[gid-min=1000]"
#auth = "plain[/etc/ocserv/ocpasswd]"
@@ -293,13 +287,20 @@ predictable-ips = true
# The default domain to be advertised
default-domain = example.com
-# The pool of addresses that leases will be given from.
+# The pool of addresses that leases will be given from. If the leases
+# are given via Radius, or via explicit-ip? per-user config option then
+# these network values should contain a network with at least a single
+# address that will remain under the full control of ocserv (that is
+# to be able to assign the local part of the tun device address).
#ipv4-network = 192.168.1.0
#ipv4-netmask = 255.255.255.0
# An alternative way of specifying the network:
#ipv4-network = 192.168.1.0/24
+# The IPv6 subnet that leases will be given from.
+#ipv6-network = fda9:4efe:7e3b:03ea::/64
+
# The advertized DNS server. Use multiple lines for
# multiple servers.
# dns = fc00::4be0
@@ -308,9 +309,6 @@ default-domain = example.com
# The NBNS server (if any)
#nbns = 192.168.1.3
-# The IPv6 subnet that leases will be given from.
-#ipv6-network = fda9:4efe:7e3b:03ea::/64
-
# The domains over which the provided DNS should be used. Use
# multiple lines for multiple domains.
#split-dns = example.com
@@ -384,11 +382,6 @@ ping-leases = false
#default-user-config = /etc/ocserv/defaults/user.conf
#default-group-config = /etc/ocserv/defaults/group.conf
-# This option is only valid in a user/group configuration file. If the
-# auth mode is certificate[optional], it requires a certificate for this
-# particular user or group.
-#require-cert = true
-
# The system command to use to setup a route. %{R} will be replaced with the
# route/mask and %{D} with the (tun) device.
#
diff --git a/ocserv.spec b/ocserv.spec
index 18362fa..c8bf84c 100644
--- a/ocserv.spec
+++ b/ocserv.spec
@@ -1,8 +1,8 @@
%global _hardened_build 1
Name: ocserv
-Version: 0.9.0
-Release: 2%{?dist}
+Version: 0.9.1
+Release: 1%{?dist}
Summary: OpenConnect SSL VPN server
# For a breakdown of the licensing, see PACKAGE-LICENSING
@@ -33,7 +33,7 @@ BuildRequires: libnl3-devel
BuildRequires: readline-devel
BuildRequires: autogen
BuildRequires: gperf
-%ifarch x86_64 #%{ix86}
+%ifarch x86_64 %{ix86}
BuildRequires: libseccomp-devel
%endif
BuildRequires: pcllib-devel
@@ -152,6 +152,9 @@ rm -rf %{buildroot}
%{_localstatedir}/lib/ocserv/profile.xml
%changelog
+* Mon Feb 16 2015 Nikos Mavrogiannopoulos <nmav at redhat.com> - 0.9.1-1
+- new upstream release
+
* Thu Jan 29 2015 Nikos Mavrogiannopoulos <nmav at redhat.com> - 0.9.0-2
- only enable seccomp in x86-64. It seems to be broken in x86:
http://sourceforge.net/p/libseccomp/mailman/message/33275762/
diff --git a/sources b/sources
index cb7074e..7c25dd1 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-50994bf7e40fd6bedda33bb2f99b1f11 ocserv-0.9.0.tar.xz
-62942bdda7e101c0049622c68fd13dd4 ocserv-0.9.0.tar.xz.sig
+c7e0d60139372b9fbb866cd271ded8c4 ocserv-0.9.1.tar.xz.sig
+5dee08e1386258a32a73caf2cb47749c ocserv-0.9.1.tar.xz
More information about the scm-commits
mailing list