rpms/vpnc/EL-5 vpnc-0.5.1-dpd.patch, NONE, 1.1 vpnc-0.5.3-cloexec.patch, NONE, 1.1 .cvsignore, 1.4, 1.5 sources, 1.4, 1.5 vpnc.spec, 1.19, 1.20
Huzaifa Sidhpurwala
huzaifas at fedoraproject.org
Tue Jan 5 10:37:07 UTC 2010
- Previous message (by thread): rpms/PackageKit/F-12 .cvsignore, 1.62, 1.63 PackageKit.spec, 1.128, 1.129 sources, 1.63, 1.64
- Next message (by thread): rpms/vpnc/EL-5 vpnc-0.3.3-sbin-path.patch, 1.1, NONE vpnc-0.4.0-cloexec.patch, 1.1, NONE vpnc-0.4.0-pie.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: huzaifas
Update of /cvs/pkgs/rpms/vpnc/EL-5
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv20393
Modified Files:
.cvsignore sources vpnc.spec
Added Files:
vpnc-0.5.1-dpd.patch vpnc-0.5.3-cloexec.patch
Log Message:
Upgrade
vpnc-0.5.1-dpd.patch:
config.c | 2 +-
tunip.c | 6 +++---
vpnc.c | 6 ++++--
3 files changed, 8 insertions(+), 6 deletions(-)
--- NEW FILE vpnc-0.5.1-dpd.patch ---
diff -up vpnc-0.5.1/vpnc.c.dpd vpnc-0.5.1/vpnc.c
--- vpnc-0.5.1/vpnc.c.dpd 2007-09-20 11:01:35.000000000 +0200
+++ vpnc-0.5.1/vpnc.c 2007-11-12 23:11:05.000000000 +0100
@@ -681,13 +681,13 @@ void dpd_ike(struct sa_block *s)
send_dpd(s, 0, s->ike.dpd_seqno);
} else {
/* Our last dpd request has not yet been acked. If it's been
- ** less than 5 seconds since we sent it do nothing. Otherwise
+ ** less than 1/10th of idle timeout since we sent it do nothing. Otherwise
** decrement dpd_attempts. If dpd_attempts is 0 dpd fails and we
** terminate otherwise we send it again with the same sequence
** number and record current time.
*/
time_t now = time(NULL);
- if (now < s->ike.dpd_sent + 5)
+ if (now < s->ike.dpd_sent + s->ike.dpd_idle/10)
return;
if (--s->ike.dpd_attempts == 0) {
DEBUG(2, printf("dead peer detected, terminating\n"));
@@ -695,6 +695,8 @@ void dpd_ike(struct sa_block *s)
return;
}
s->ike.dpd_sent = now;
+ if (s->ike.dpd_attempts == 3)
+ ++s->ike.dpd_seqno; /* maybe just the dpd reply got lost let's try new seq no */
send_dpd(s, 0, s->ike.dpd_seqno);
}
}
diff -up vpnc-0.5.1/tunip.c.dpd vpnc-0.5.1/tunip.c
--- vpnc-0.5.1/tunip.c.dpd 2007-09-06 22:05:14.000000000 +0200
+++ vpnc-0.5.1/tunip.c 2007-11-12 22:42:17.000000000 +0100
@@ -865,7 +865,7 @@ static void vpnc_main_loop(struct sa_blo
time_t now = time(NULL);
if (s->ike.dpd_seqno != s->ike.dpd_seqno_ack) {
/* Wake up more often for dpd attempts */
- select_timeout.tv_sec = 5;
+ select_timeout.tv_sec = s->ike.dpd_idle/10;
select_timeout.tv_usec = 0;
dpd_ike(s);
next_ike_dpd = now + s->ike.dpd_idle;
@@ -925,8 +925,8 @@ static void vpnc_main_loop(struct sa_blo
if (s->ike.dpd_seqno != s->ike.dpd_seqno_ack) {
dpd_ike(s);
next_ike_dpd = now + s->ike.dpd_idle;
- if (now + 5 < next_up)
- next_up = now + 5;
+ if (now + s->ike.dpd_idle/10 < next_up)
+ next_up = now + s->ike.dpd_idle/10;
}
else if (now >= next_ike_dpd) {
dpd_ike(s);
diff -up vpnc-0.5.1/config.c.dpd vpnc-0.5.1/config.c
--- vpnc-0.5.1/config.c.dpd 2007-11-12 22:40:01.000000000 +0100
+++ vpnc-0.5.1/config.c 2007-11-12 23:17:39.000000000 +0100
@@ -242,7 +242,7 @@ static const char *config_def_udp_port(v
static const char *config_def_dpd_idle(void)
{
- return "300";
+ return "600";
}
static const char *config_ca_dir(void)
vpnc-0.5.3-cloexec.patch:
vpnc.c | 2 ++
1 file changed, 2 insertions(+)
--- NEW FILE vpnc-0.5.3-cloexec.patch ---
diff -up vpnc-0.5.3/vpnc.c.cloexec vpnc-0.5.3/vpnc.c
--- vpnc-0.5.3/vpnc.c.cloexec 2008-11-19 21:55:51.000000000 +0100
+++ vpnc-0.5.3/vpnc.c 2008-11-20 11:48:07.000000000 +0100
@@ -2877,6 +2877,8 @@ static void do_phase2_qm(struct sa_block
close_tunnel(s);
error(1, errno, "Couldn't open socket of ESP. Maybe something registered ESP already.\nPlease try '--natt-mode force-natt' or disable whatever is using ESP.\nsocket(PF_INET, SOCK_RAW, IPPROTO_ESP)");
}
+ fcntl(s->esp_fd, F_SETFD, FD_CLOEXEC);
+
#ifdef IP_HDRINCL
if (setsockopt(s->esp_fd, IPPROTO_IP, IP_HDRINCL, &hincl, sizeof(hincl)) == -1) {
close_tunnel(s);
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/vpnc/EL-5/.cvsignore,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -p -r1.4 -r1.5
--- .cvsignore 1 Aug 2007 19:33:32 -0000 1.4
+++ .cvsignore 5 Jan 2010 10:37:06 -0000 1.5
@@ -1,2 +1 @@
-vpnc-0.4.0.tar.gz
-clog
+vpnc-0.5.3.tar.gz
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/vpnc/EL-5/sources,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -p -r1.4 -r1.5
--- sources 1 Aug 2007 19:33:32 -0000 1.4
+++ sources 5 Jan 2010 10:37:06 -0000 1.5
@@ -1 +1 @@
-604807e7dd90fce00a4e2344ee29c76d vpnc-0.4.0.tar.gz
+4378f9551d5b077e1770bbe09995afb3 vpnc-0.5.3.tar.gz
Index: vpnc.spec
===================================================================
RCS file: /cvs/pkgs/rpms/vpnc/EL-5/vpnc.spec,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -p -r1.19 -r1.20
--- vpnc.spec 1 Aug 2007 19:33:32 -0000 1.19
+++ vpnc.spec 5 Jan 2010 10:37:06 -0000 1.20
@@ -1,11 +1,11 @@
Name: vpnc
-Version: 0.4.0
-Release: 2%{?dist}
+Version: 0.5.3
+Release: 5%{?dist}
Summary: IPSec VPN client compatible with Cisco equipment
Group: Applications/Internet
-License: GPL
+License: GPLv2+
URL: http://www.unix-ag.uni-kl.de/~massar/vpnc/
Source0: http://www.unix-ag.uni-kl.de/~massar/vpnc/%{name}-%{version}.tar.gz
Source1: generic-vpnc.conf
@@ -13,14 +13,14 @@ Source2: vpnc.consolehelper
Source3: vpnc-disconnect.consolehelper
Source4: vpnc.pam
Source5: vpnc-helper
-Patch0: vpnc-0.4.0-pie.patch
-Patch1: vpnc-0.3.3-sbin-path.patch
-Patch2: vpnc-0.4.0-cloexec.patch
+Source6: vpnc-cleanup
+Patch2: vpnc-0.5.3-cloexec.patch
+Patch3: vpnc-0.5.1-dpd.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: libgcrypt-devel > 1.1.90
-Requires: kernel >= 2.4
+Requires: upstart iproute
%description
A VPN client compatible with Cisco's EasyVPN equipment.
@@ -40,20 +40,18 @@ switching to the root account.
%prep
%setup -q
-%patch0 -p1 -b .pie
-%patch1 -p1 -b .sbin-path
%patch2 -p1 -b .cloexec
+%patch3 -p1 -b .dpd
%build
-%ifarch x86_64
-RPM_OPT_FLAGS=$(echo $RPM_OPT_FLAGS | sed s/-fstack-protector//g)
-%endif
-make PREFIX=/usr
+CFLAGS="$RPM_OPT_FLAGS -fPIE" LDFLAGS="$RPM_OPT_FLAGS -pie" make PREFIX=/usr
%install
rm -rf $RPM_BUILD_ROOT
make install DESTDIR="$RPM_BUILD_ROOT" PREFIX=/usr
rm -f $RPM_BUILD_ROOT%{_bindir}/pcf2vpnc
+chmod 0644 pcf2vpnc
+rm -f $RPM_BUILD_ROOT%{_mandir}/man1/pcf2vpnc.1
chmod 0644 $RPM_BUILD_ROOT%{_mandir}/man8/vpnc.8
install -m 0600 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/vpnc/default.conf
mkdir -p $RPM_BUILD_ROOT%{_var}/run/vpnc
@@ -73,20 +71,26 @@ install -m 0755 %{SOURCE5} \
mkdir -p $RPM_BUILD_ROOT%{_bindir}
ln -sf consolehelper $RPM_BUILD_ROOT%{_bindir}/vpnc
ln -sf consolehelper $RPM_BUILD_ROOT%{_bindir}/vpnc-disconnect
+install -Dp -m 0644 %{SOURCE6} \
+ $RPM_BUILD_ROOT%{_sysconfdir}/event.d/vpnc-cleanup
+rm -f $RPM_BUILD_ROOT%{_datadir}/doc/vpnc/COPYING
%clean
rm -rf $RPM_BUILD_ROOT
%files
%defattr(-,root,root)
-%doc README COPYING pcf2vpnc
+%doc README COPYING pcf2vpnc pcf2vpnc.1
%dir %{_sysconfdir}/vpnc
%config(noreplace) %{_sysconfdir}/vpnc/vpnc-script
%config(noreplace) %{_sysconfdir}/vpnc/default.conf
+%config(noreplace) %{_sysconfdir}/event.d/vpnc-cleanup
%{_sbindir}/vpnc
+%{_bindir}/cisco-decrypt
%{_sbindir}/vpnc-disconnect
-%{_mandir}/man8/*
+%{_mandir}/man8/vpnc.*
+%{_mandir}/man1/cisco-decrypt.*
%dir %{_var}/run/vpnc
%ghost %verify(not md5 size mtime) %{_var}/run/vpnc/pid
%ghost %verify(not md5 size mtime) %{_var}/run/vpnc/defaultroute
@@ -100,6 +104,45 @@ rm -rf $RPM_BUILD_ROOT
%{_sbindir}/vpnc-helper
%changelog
+* Tue Jan 05 2009 Huzaifa Sidhpurwala <huzaifas at redhat.com> - 0.5.3-4
+- Build from F-12 branch
+
+* Sun Jul 26 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.5.3-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Wed Feb 25 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.5.3-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+* Thu Nov 20 2008 Tomas Mraz <tmraz at redhat.com> - 0.5.3-2
+- upgrade to new version
+- fix race in vpnc-cleanup (#465315)
+
+* Thu Jul 24 2008 Tomas Mraz <tmraz at redhat.com> - 0.5.1-6
+- do not modify domain in resolv.conf (#446404)
+- clean up modified resolv.conf on startup (#455899)
+
+* Sat Apr 5 2008 Michal Schmidt <mschmidt at redhat.com> - 0.5.1-5
+- vpnc-script: fix 'ip link ...' syntax.
+
+* Thu Apr 3 2008 Tomas Mraz <tmraz at redhat.com> - 0.5.1-4
+- drop autogenerated perl requires (#440304)
+- compute MTU based on default route device (#433846)
+
+* Wed Feb 20 2008 Fedora Release Engineering <rel-eng at fedoraproject.org> - 0.5.1-3
+- Autorebuild for GCC 4.3
+
+* Tue Nov 13 2007 Tomas Mraz <tmraz at redhat.com> - 0.5.1-2
+- try to make DPD less sensitive (#345281)
+
+* Thu Sep 20 2007 Tomas Mraz <tmraz at redhat.com> - 0.5.1-1
+- upgrade to latest upstream
+
+* Mon Sep 3 2007 Tomas Mraz <tmraz at redhat.com> - 0.4.0-4
+- fix long standing bug causing problems on x86_64 (#232565) now for real
+
+* Wed Aug 22 2007 Tomas Mraz <tmraz at redhat.com> - 0.4.0-3
+- license tag fix
+
* Tue Mar 20 2007 Tomas Mraz <tmraz at redhat.com> - 0.4.0-2
- -fstack-protector miscompilation on x86_64 is back (#232565)
- Previous message (by thread): rpms/PackageKit/F-12 .cvsignore, 1.62, 1.63 PackageKit.spec, 1.128, 1.129 sources, 1.63, 1.64
- Next message (by thread): rpms/vpnc/EL-5 vpnc-0.3.3-sbin-path.patch, 1.1, NONE vpnc-0.4.0-cloexec.patch, 1.1, NONE vpnc-0.4.0-pie.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list