|
@@ -1,5 +1,4 @@
|
|
|
%bcond_with systemd
|
|
|
-%bcond_with fips2
|
|
|
%bcond_without tss
|
|
|
|
|
|
%global _unpackaged_files_terminate_build 1
|
|
@@ -7,7 +6,7 @@
|
|
|
#%%define prerelease dr1
|
|
|
|
|
|
Name: strongswan
|
|
|
-Version: 5.9.2
|
|
|
+Version: 5.9.3
|
|
|
Release: 1%{?_dist_release}%{?with_systemd:.systemd}
|
|
|
Summary: An OpenSource IPsec-based VPN and TNC solution
|
|
|
Summary(ja): オープンソースのIPsec VPN/TNCソリューション
|
|
@@ -23,6 +22,7 @@ Source1000: strongswan.init
|
|
|
Patch0: strongswan-5.8.4-runtime-dir.patch
|
|
|
Patch1: strongswan-5.6.0-uintptr_t.patch
|
|
|
Patch3: strongswan-5.6.2-CVE-2018-5388.patch
|
|
|
+Patch100: strongswan-openssl3.patch
|
|
|
|
|
|
# only needed for pre-release versions
|
|
|
#BuildRequires: autoconf automake
|
|
@@ -37,6 +37,7 @@ BuildRequires: libxml2-devel
|
|
|
BuildRequires: pam-devel
|
|
|
BuildRequires: libgcrypt-devel
|
|
|
BuildRequires: iptables-devel
|
|
|
+BuildRequires: libcap-devel
|
|
|
%if %{with tss}
|
|
|
BuildRequires: trousers-devel
|
|
|
BuildRequires: json-c-devel >= 0.14
|
|
@@ -110,6 +111,7 @@ PT-TLS to support TNC over TLS.
|
|
|
%patch0 -p1
|
|
|
%patch1 -p1
|
|
|
%patch3 -p1
|
|
|
+%patch100 -p1
|
|
|
|
|
|
|
|
|
%build
|
|
@@ -126,12 +128,7 @@ PT-TLS to support TNC over TLS.
|
|
|
--with-ipsecdir=%{_libexecdir}/strongswan \
|
|
|
--bindir=%{_libexecdir}/strongswan \
|
|
|
--with-ipseclibdir=%{_libdir}/strongswan \
|
|
|
-%if %{with fips2}
|
|
|
- --with-fips-mode=2 \
|
|
|
-%endif
|
|
|
-%if "%{?_dist_release}" != "vl6"
|
|
|
--enable-nm \
|
|
|
-%endif
|
|
|
--enable-openssl \
|
|
|
--enable-unity \
|
|
|
--enable-ctr \
|
|
@@ -167,6 +164,7 @@ PT-TLS to support TNC over TLS.
|
|
|
--enable-ha \
|
|
|
--enable-led \
|
|
|
--enable-sqlite \
|
|
|
+ --enable-sql \
|
|
|
--enable-tnc-ifmap \
|
|
|
--enable-tnc-pdp \
|
|
|
--enable-tnc-imc \
|
|
@@ -177,6 +175,7 @@ PT-TLS to support TNC over TLS.
|
|
|
--enable-curl \
|
|
|
--enable-cmd \
|
|
|
--enable-acert \
|
|
|
+ --enable-aikgen \
|
|
|
--enable-vici \
|
|
|
--enable-swanctl \
|
|
|
--enable-duplicheck \
|
|
@@ -205,7 +204,9 @@ PT-TLS to support TNC over TLS.
|
|
|
%if %{with systemd}
|
|
|
--enable-systemd \
|
|
|
%endif
|
|
|
- --enable-kernel-libipsec
|
|
|
+ --enable-kernel-libipsec \
|
|
|
+ --with-capabilities=libcap \
|
|
|
+ %{nil}
|
|
|
|
|
|
make %{?_smp_mflags}
|
|
|
|
|
@@ -345,6 +346,11 @@ fi
|
|
|
|
|
|
|
|
|
%changelog
|
|
|
+* Sun Oct 17 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> - 5.9.3-1
|
|
|
+- new upstream release.
|
|
|
+- built with openssl-3.0.0.
|
|
|
+- imported Patch100 from upstream.
|
|
|
+
|
|
|
* Mon May 03 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> - 5.9.2-1
|
|
|
- new upstream release.
|
|
|
|