lkundrak pushed to NetworkManager-openvpn (master). "Merge branch 'f22'"

notifications at fedoraproject.org notifications at fedoraproject.org
Tue May 5 12:56:09 UTC 2015 

>From 1e586a25927256352e85eb17c983ed4ca20573a5 Mon Sep 17 00:00:00 2001
From: Dan Williams <dcbw at redhat.com>
Date: Wed, 8 Apr 2015 10:08:12 -0500
Subject: Default client renegotiation interval to zero (rh #969433)


diff --git a/0001-core-use-a-default-renegotiation-interval-of-zero-rh.patch b/0001-core-use-a-default-renegotiation-interval-of-zero-rh.patch
new file mode 100644
index 0000000..2ea57b3
--- /dev/null
+++ b/0001-core-use-a-default-renegotiation-interval-of-zero-rh.patch
@@ -0,0 +1,42 @@
+From 81149fd01897166cee5649d2da3801f2a5a45b5c Mon Sep 17 00:00:00 2001
+From: Dan Williams <dcbw at redhat.com>
+Date: Wed, 8 Apr 2015 09:37:56 -0500
+Subject: [PATCH] core: use a default renegotiation interval of zero (rh
+ #969433)
+
+Since the client and server do not negotiate options, each side gets
+to specify its own --reneg-sec to control when each side renegotiates.
+OpenVPN defaults to 3600, so if the client and server don't agree this
+causes too-frequent renegotiations.
+
+This is worse with two-factor authentication, becuase it can mean that
+the client requests a password/PIN from the user much more often then
+the server actually wants.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=969433
+---
+ src/nm-openvpn-service.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/src/nm-openvpn-service.c b/src/nm-openvpn-service.c
+index 8282573..93ced6c 100644
+--- a/src/nm-openvpn-service.c
++++ b/src/nm-openvpn-service.c
+@@ -1115,6 +1115,14 @@ nm_openvpn_start_openvpn_binary (NMOpenvpnPlugin *plugin,
+ 			free_openvpn_args (args);
+ 			return FALSE;
+ 		}
++	} else {
++		/* Either the server and client must agree on the renegotiation
++		 * interval, or it should be disabled on one side to prevent
++		 * too-frequent renegotiations, which make two-factor auth quite
++		 * painful.
++		 */
++		add_openvpn_arg (args, "--reneg-sec");
++		add_openvpn_arg (args, "0");
+ 	}
+ 
+ 	if (debug) {
+-- 
+2.1.0
+
diff --git a/NetworkManager-openvpn.spec b/NetworkManager-openvpn.spec
index df84c19..88687d4 100644
--- a/NetworkManager-openvpn.spec
+++ b/NetworkManager-openvpn.spec
@@ -5,7 +5,7 @@ Summary:   NetworkManager VPN plugin for OpenVPN
 Name:      NetworkManager-openvpn
 Epoch:     1
 Version:   1.0.0
-Release:   2%{?snapshot}%{?dist}
+Release:   3%{?snapshot}%{?dist}
 License:   GPLv2+
 URL:       http://www.gnome.org/projects/NetworkManager/
 Group:     System Environment/Base
@@ -16,6 +16,8 @@ Group:     System Environment/Base
 # mv NetworkManager-openvpn-0.9.9.0.tar.bz2 NetworkManager-openvpn-0.9.9.0-5afb8eb.tar.bz2
 Source0:   http://ftp.gnome.org/pub/GNOME/sources/%{name}/1.0/%{name}-%{version}%{?commit:-%{commit}}.tar.xz
 
+Patch0:    0001-core-use-a-default-renegotiation-interval-of-zero-rh.patch
+
 BuildRequires: gtk3-devel
 BuildRequires: dbus-devel
 BuildRequires: NetworkManager-devel
@@ -58,6 +60,7 @@ the OpenVPN server with NetworkManager (GNOME files).
 
 %prep
 %setup -q -n %{name}-%{version}
+%patch0 -p1
 
 %build
 if [ ! -f configure ]; then
@@ -95,6 +98,9 @@ rm -f %{buildroot}%{_libdir}/NetworkManager/lib*.la
 %{_datadir}/gnome-vpn-properties/openvpn/nm-openvpn-dialog.ui
 
 %changelog
+* Wed Apr  8 2015 Dan Williams <dcbw at redhat.com> - 1:1.0.0-3
+- Default client renegotiation interval to zero (rh #969433)
+
 * Mon Feb 23 2015 Lubomir Rintel <lkundrak at v3.sk> - 1:1.0.0-2
 - Fix Source url
 
-- 
cgit v0.10.2


>From 4ac86f4a127e86b03d3e172ec7384953f52fd7ca Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak at v3.sk>
Date: Tue, 5 May 2015 14:45:45 +0200
Subject: Update to 1.0.2 release


diff --git a/.gitignore b/.gitignore
index 6d13e0f..7c74d22 100644
--- a/.gitignore
+++ b/.gitignore
@@ -9,3 +9,4 @@ NetworkManager-openvpn-0.8.1.tar.bz2
 /NetworkManager-openvpn-0.9.9.0-5afb8eb.tar.bz2
 /NetworkManager-openvpn-0.9.9.0-da5fb9b.tar.bz2
 /NetworkManager-openvpn-1.0.0.tar.xz
+/NetworkManager-openvpn-1.0.2.tar.xz
diff --git a/0001-core-use-a-default-renegotiation-interval-of-zero-rh.patch b/0001-core-use-a-default-renegotiation-interval-of-zero-rh.patch
deleted file mode 100644
index 2ea57b3..0000000
--- a/0001-core-use-a-default-renegotiation-interval-of-zero-rh.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-From 81149fd01897166cee5649d2da3801f2a5a45b5c Mon Sep 17 00:00:00 2001
-From: Dan Williams <dcbw at redhat.com>
-Date: Wed, 8 Apr 2015 09:37:56 -0500
-Subject: [PATCH] core: use a default renegotiation interval of zero (rh
- #969433)
-
-Since the client and server do not negotiate options, each side gets
-to specify its own --reneg-sec to control when each side renegotiates.
-OpenVPN defaults to 3600, so if the client and server don't agree this
-causes too-frequent renegotiations.
-
-This is worse with two-factor authentication, becuase it can mean that
-the client requests a password/PIN from the user much more often then
-the server actually wants.
-
-https://bugzilla.redhat.com/show_bug.cgi?id=969433
----
- src/nm-openvpn-service.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/src/nm-openvpn-service.c b/src/nm-openvpn-service.c
-index 8282573..93ced6c 100644
---- a/src/nm-openvpn-service.c
-+++ b/src/nm-openvpn-service.c
-@@ -1115,6 +1115,14 @@ nm_openvpn_start_openvpn_binary (NMOpenvpnPlugin *plugin,
- 			free_openvpn_args (args);
- 			return FALSE;
- 		}
-+	} else {
-+		/* Either the server and client must agree on the renegotiation
-+		 * interval, or it should be disabled on one side to prevent
-+		 * too-frequent renegotiations, which make two-factor auth quite
-+		 * painful.
-+		 */
-+		add_openvpn_arg (args, "--reneg-sec");
-+		add_openvpn_arg (args, "0");
- 	}
- 
- 	if (debug) {
--- 
-2.1.0
-
diff --git a/NetworkManager-openvpn.spec b/NetworkManager-openvpn.spec
index 88687d4..a22fc73 100644
--- a/NetworkManager-openvpn.spec
+++ b/NetworkManager-openvpn.spec
@@ -4,8 +4,8 @@
 Summary:   NetworkManager VPN plugin for OpenVPN
 Name:      NetworkManager-openvpn
 Epoch:     1
-Version:   1.0.0
-Release:   3%{?snapshot}%{?dist}
+Version:   1.0.2
+Release:   1%{?snapshot}%{?dist}
 License:   GPLv2+
 URL:       http://www.gnome.org/projects/NetworkManager/
 Group:     System Environment/Base
@@ -16,8 +16,6 @@ Group:     System Environment/Base
 # mv NetworkManager-openvpn-0.9.9.0.tar.bz2 NetworkManager-openvpn-0.9.9.0-5afb8eb.tar.bz2
 Source0:   http://ftp.gnome.org/pub/GNOME/sources/%{name}/1.0/%{name}-%{version}%{?commit:-%{commit}}.tar.xz
 
-Patch0:    0001-core-use-a-default-renegotiation-interval-of-zero-rh.patch
-
 BuildRequires: gtk3-devel
 BuildRequires: dbus-devel
 BuildRequires: NetworkManager-devel
@@ -60,7 +58,6 @@ the OpenVPN server with NetworkManager (GNOME files).
 
 %prep
 %setup -q -n %{name}-%{version}
-%patch0 -p1
 
 %build
 if [ ! -f configure ]; then
@@ -98,6 +95,9 @@ rm -f %{buildroot}%{_libdir}/NetworkManager/lib*.la
 %{_datadir}/gnome-vpn-properties/openvpn/nm-openvpn-dialog.ui
 
 %changelog
+* Tue May 5 2015 Lubomir Rintel <lkundrak at v3.sk> - 1:1.0.2-1
+- Update to 1.0.2 release
+
 * Wed Apr  8 2015 Dan Williams <dcbw at redhat.com> - 1:1.0.0-3
 - Default client renegotiation interval to zero (rh #969433)
 
diff --git a/sources b/sources
index 8574823..ca314a1 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-1ed64b76a363dd1c7999eafcecef0e14  NetworkManager-openvpn-1.0.0.tar.xz
+511eae0d4ac17c6d2659a3da2646296f  NetworkManager-openvpn-1.0.2.tar.xz
-- 
cgit v0.10.2


	http://pkgs.fedoraproject.org/cgit/NetworkManager-openvpn.git/commit/?h=master&id=71634683cb7ab9ac115129ed6613620aac1a3298

More information about the scm-commits mailing list