lkundrak pushed to NetworkManager-openvpn (master). "Merge branch 'f22'"
notifications at fedoraproject.org
notifications at fedoraproject.org
Tue May 5 12:56:09 UTC 2015
>From 1e586a25927256352e85eb17c983ed4ca20573a5 Mon Sep 17 00:00:00 2001
From: Dan Williams <dcbw at redhat.com>
Date: Wed, 8 Apr 2015 10:08:12 -0500
Subject: Default client renegotiation interval to zero (rh #969433)
diff --git a/0001-core-use-a-default-renegotiation-interval-of-zero-rh.patch b/0001-core-use-a-default-renegotiation-interval-of-zero-rh.patch
new file mode 100644
index 0000000..2ea57b3
--- /dev/null
+++ b/0001-core-use-a-default-renegotiation-interval-of-zero-rh.patch
@@ -0,0 +1,42 @@
+From 81149fd01897166cee5649d2da3801f2a5a45b5c Mon Sep 17 00:00:00 2001
+From: Dan Williams <dcbw at redhat.com>
+Date: Wed, 8 Apr 2015 09:37:56 -0500
+Subject: [PATCH] core: use a default renegotiation interval of zero (rh
+ #969433)
+
+Since the client and server do not negotiate options, each side gets
+to specify its own --reneg-sec to control when each side renegotiates.
+OpenVPN defaults to 3600, so if the client and server don't agree this
+causes too-frequent renegotiations.
+
+This is worse with two-factor authentication, becuase it can mean that
+the client requests a password/PIN from the user much more often then
+the server actually wants.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=969433
+---
+ src/nm-openvpn-service.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/src/nm-openvpn-service.c b/src/nm-openvpn-service.c
+index 8282573..93ced6c 100644
+--- a/src/nm-openvpn-service.c
++++ b/src/nm-openvpn-service.c
+@@ -1115,6 +1115,14 @@ nm_openvpn_start_openvpn_binary (NMOpenvpnPlugin *plugin,
+ free_openvpn_args (args);
+ return FALSE;
+ }
++ } else {
++ /* Either the server and client must agree on the renegotiation
++ * interval, or it should be disabled on one side to prevent
++ * too-frequent renegotiations, which make two-factor auth quite
++ * painful.
++ */
++ add_openvpn_arg (args, "--reneg-sec");
++ add_openvpn_arg (args, "0");
+ }
+
+ if (debug) {
+--
+2.1.0
+
diff --git a/NetworkManager-openvpn.spec b/NetworkManager-openvpn.spec
index df84c19..88687d4 100644
--- a/NetworkManager-openvpn.spec
+++ b/NetworkManager-openvpn.spec
@@ -5,7 +5,7 @@ Summary: NetworkManager VPN plugin for OpenVPN
Name: NetworkManager-openvpn
Epoch: 1
Version: 1.0.0
-Release: 2%{?snapshot}%{?dist}
+Release: 3%{?snapshot}%{?dist}
License: GPLv2+
URL: http://www.gnome.org/projects/NetworkManager/
Group: System Environment/Base
@@ -16,6 +16,8 @@ Group: System Environment/Base
# mv NetworkManager-openvpn-0.9.9.0.tar.bz2 NetworkManager-openvpn-0.9.9.0-5afb8eb.tar.bz2
Source0: http://ftp.gnome.org/pub/GNOME/sources/%{name}/1.0/%{name}-%{version}%{?commit:-%{commit}}.tar.xz
+Patch0: 0001-core-use-a-default-renegotiation-interval-of-zero-rh.patch
+
BuildRequires: gtk3-devel
BuildRequires: dbus-devel
BuildRequires: NetworkManager-devel
@@ -58,6 +60,7 @@ the OpenVPN server with NetworkManager (GNOME files).
%prep
%setup -q -n %{name}-%{version}
+%patch0 -p1
%build
if [ ! -f configure ]; then
@@ -95,6 +98,9 @@ rm -f %{buildroot}%{_libdir}/NetworkManager/lib*.la
%{_datadir}/gnome-vpn-properties/openvpn/nm-openvpn-dialog.ui
%changelog
+* Wed Apr 8 2015 Dan Williams <dcbw at redhat.com> - 1:1.0.0-3
+- Default client renegotiation interval to zero (rh #969433)
+
* Mon Feb 23 2015 Lubomir Rintel <lkundrak at v3.sk> - 1:1.0.0-2
- Fix Source url
--
cgit v0.10.2
>From 4ac86f4a127e86b03d3e172ec7384953f52fd7ca Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak at v3.sk>
Date: Tue, 5 May 2015 14:45:45 +0200
Subject: Update to 1.0.2 release
diff --git a/.gitignore b/.gitignore
index 6d13e0f..7c74d22 100644
--- a/.gitignore
+++ b/.gitignore
@@ -9,3 +9,4 @@ NetworkManager-openvpn-0.8.1.tar.bz2
/NetworkManager-openvpn-0.9.9.0-5afb8eb.tar.bz2
/NetworkManager-openvpn-0.9.9.0-da5fb9b.tar.bz2
/NetworkManager-openvpn-1.0.0.tar.xz
+/NetworkManager-openvpn-1.0.2.tar.xz
diff --git a/0001-core-use-a-default-renegotiation-interval-of-zero-rh.patch b/0001-core-use-a-default-renegotiation-interval-of-zero-rh.patch
deleted file mode 100644
index 2ea57b3..0000000
--- a/0001-core-use-a-default-renegotiation-interval-of-zero-rh.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-From 81149fd01897166cee5649d2da3801f2a5a45b5c Mon Sep 17 00:00:00 2001
-From: Dan Williams <dcbw at redhat.com>
-Date: Wed, 8 Apr 2015 09:37:56 -0500
-Subject: [PATCH] core: use a default renegotiation interval of zero (rh
- #969433)
-
-Since the client and server do not negotiate options, each side gets
-to specify its own --reneg-sec to control when each side renegotiates.
-OpenVPN defaults to 3600, so if the client and server don't agree this
-causes too-frequent renegotiations.
-
-This is worse with two-factor authentication, becuase it can mean that
-the client requests a password/PIN from the user much more often then
-the server actually wants.
-
-https://bugzilla.redhat.com/show_bug.cgi?id=969433
----
- src/nm-openvpn-service.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/src/nm-openvpn-service.c b/src/nm-openvpn-service.c
-index 8282573..93ced6c 100644
---- a/src/nm-openvpn-service.c
-+++ b/src/nm-openvpn-service.c
-@@ -1115,6 +1115,14 @@ nm_openvpn_start_openvpn_binary (NMOpenvpnPlugin *plugin,
- free_openvpn_args (args);
- return FALSE;
- }
-+ } else {
-+ /* Either the server and client must agree on the renegotiation
-+ * interval, or it should be disabled on one side to prevent
-+ * too-frequent renegotiations, which make two-factor auth quite
-+ * painful.
-+ */
-+ add_openvpn_arg (args, "--reneg-sec");
-+ add_openvpn_arg (args, "0");
- }
-
- if (debug) {
---
-2.1.0
-
diff --git a/NetworkManager-openvpn.spec b/NetworkManager-openvpn.spec
index 88687d4..a22fc73 100644
--- a/NetworkManager-openvpn.spec
+++ b/NetworkManager-openvpn.spec
@@ -4,8 +4,8 @@
Summary: NetworkManager VPN plugin for OpenVPN
Name: NetworkManager-openvpn
Epoch: 1
-Version: 1.0.0
-Release: 3%{?snapshot}%{?dist}
+Version: 1.0.2
+Release: 1%{?snapshot}%{?dist}
License: GPLv2+
URL: http://www.gnome.org/projects/NetworkManager/
Group: System Environment/Base
@@ -16,8 +16,6 @@ Group: System Environment/Base
# mv NetworkManager-openvpn-0.9.9.0.tar.bz2 NetworkManager-openvpn-0.9.9.0-5afb8eb.tar.bz2
Source0: http://ftp.gnome.org/pub/GNOME/sources/%{name}/1.0/%{name}-%{version}%{?commit:-%{commit}}.tar.xz
-Patch0: 0001-core-use-a-default-renegotiation-interval-of-zero-rh.patch
-
BuildRequires: gtk3-devel
BuildRequires: dbus-devel
BuildRequires: NetworkManager-devel
@@ -60,7 +58,6 @@ the OpenVPN server with NetworkManager (GNOME files).
%prep
%setup -q -n %{name}-%{version}
-%patch0 -p1
%build
if [ ! -f configure ]; then
@@ -98,6 +95,9 @@ rm -f %{buildroot}%{_libdir}/NetworkManager/lib*.la
%{_datadir}/gnome-vpn-properties/openvpn/nm-openvpn-dialog.ui
%changelog
+* Tue May 5 2015 Lubomir Rintel <lkundrak at v3.sk> - 1:1.0.2-1
+- Update to 1.0.2 release
+
* Wed Apr 8 2015 Dan Williams <dcbw at redhat.com> - 1:1.0.0-3
- Default client renegotiation interval to zero (rh #969433)
diff --git a/sources b/sources
index 8574823..ca314a1 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-1ed64b76a363dd1c7999eafcecef0e14 NetworkManager-openvpn-1.0.0.tar.xz
+511eae0d4ac17c6d2659a3da2646296f NetworkManager-openvpn-1.0.2.tar.xz
--
cgit v0.10.2
http://pkgs.fedoraproject.org/cgit/NetworkManager-openvpn.git/commit/?h=master&id=71634683cb7ab9ac115129ed6613620aac1a3298
More information about the scm-commits
mailing list