1 |
%define auth_ldap_version 2.0.3 |
2 |
%define easy_rsa_version 2.2.0_master |
3 |
%define develname %mklibname %{name} -d |
4 |
|
5 |
|
6 |
%define plugindir %_libdir/%name/plugins |
7 |
%bcond_without ldap |
8 |
|
9 |
# There is an issue with gcc, so disable for amd64 |
10 |
# waiting reply/fix |
11 |
%ifarch amd64 |
12 |
%bcond_without ldap |
13 |
%endif |
14 |
|
15 |
Summary: A Secure TCP/UDP Tunneling Daemon |
16 |
Name: openvpn |
17 |
Version: 2.3.0 |
18 |
Release: %mkrel 2 |
19 |
URL: http://openvpn.net/ |
20 |
Source0: http://openvpn.net/release/openvpn-%{version}.tar.gz |
21 |
Source2: http://openvpn-auth-ldap.googlecode.com/files/auth-ldap-%{auth_ldap_version}.tar.gz |
22 |
Source3: dhcp.sh |
23 |
Source4: openvpn-tmpfile.conf |
24 |
Source5: openvpn@.service |
25 |
Source6: openvpn.target |
26 |
Source7: https://github.com/downloads/OpenVPN/easy-rsa/easy-rsa-%{easy_rsa_version}.tar.gz |
27 |
Patch1: openvpn-2.3.openvpn_user.patch |
28 |
Patch2: openvpn-auth-ldap-2.0.3-disable-tests.patch |
29 |
Patch3: openvpn-2.1_rc15-wformat.patch |
30 |
Patch4: openvpn-2.2.2-systemd-console-input.patch |
31 |
Patch5: openvpn-2.3.0-automake-1.13.patch |
32 |
Patch1001: openvpn-auth-ldap-2.0.3-objc.patch |
33 |
License: GPLv2 |
34 |
Group: Networking/Other |
35 |
BuildRequires: liblzo-devel openssl-devel |
36 |
BuildRequires: pam-devel |
37 |
BuildRequires: libpkcs11-helper-devel |
38 |
BuildRequires: automake1.8 |
39 |
%if %with ldap |
40 |
BuildRequires: gcc-objc |
41 |
BuildRequires: openldap-devel |
42 |
BuildRequires: re2c |
43 |
%endif |
44 |
Requires(post): systemd >= %{systemd_required_version} |
45 |
Requires(post): rpm-helper >= 0.24.8-1 |
46 |
Requires(preun): rpm-helper >= 0.24.8-1 |
47 |
|
48 |
%description |
49 |
OpenVPN is a robust and highly flexible tunneling application that uses |
50 |
all of the encryption, authentication, and certification features of the |
51 |
OpenSSL library to securely tunnel IP networks over a single UDP port. |
52 |
|
53 |
|
54 |
%package -n %develname |
55 |
Summary: Development package for OpenVPN plugins |
56 |
Group: System/Libraries |
57 |
Requires: %{name} = %version-%release |
58 |
|
59 |
%description -n %develname |
60 |
OpenVPN .h files. |
61 |
|
62 |
%if %with ldap |
63 |
This package contains the auth-ldap plugin |
64 |
%endif |
65 |
|
66 |
%prep |
67 |
%setup -q -n openvpn-%{version} -a 7 |
68 |
%if %with ldap |
69 |
%setup -q -n openvpn-%{version} -a 2 -a 7 |
70 |
%{__mv} auth-ldap-%{auth_ldap_version}/README auth-ldap-%{auth_ldap_version}/README-openvpn-auth-ldap |
71 |
pushd auth-ldap-%{auth_ldap_version} |
72 |
%patch1001 -p1 |
73 |
%patch2 -p1 |
74 |
popd |
75 |
%endif |
76 |
%patch1 -p1 |
77 |
#patch3 -p1 |
78 |
#patch4 -p1 |
79 |
%patch5 -p1 -b .automake-1_13 |
80 |
|
81 |
%build |
82 |
%serverbuild |
83 |
#./pre-touch |
84 |
libtoolize --copy --force --install |
85 |
aclocal |
86 |
automake -a -c -f -i |
87 |
autoreconf -fi |
88 |
|
89 |
%configure2_5x \ |
90 |
--enable-systemd \ |
91 |
--enable-pthread \ |
92 |
--with-lzo-headers=%{_includedir}/lzo \ |
93 |
--enable-password-save || cat config.log |
94 |
|
95 |
%make |
96 |
|
97 |
# plugins |
98 |
%make -C src/plugins/down-root |
99 |
%make -C src/plugins/auth-pam |
100 |
|
101 |
%if %with ldap |
102 |
pushd auth-ldap-%{auth_ldap_version} |
103 |
%configure2_5x \ |
104 |
--with-openvpn=`pwd`/../include \ |
105 |
--libdir=%{plugindir} \ |
106 |
--with-objc-runtime=GNU |
107 |
# workaround parallel build problem with generated header |
108 |
%make -C tools |
109 |
make -C src TRConfigParser.h |
110 |
%make |
111 |
popd |
112 |
%endif |
113 |
|
114 |
pushd easy-rsa-%{easy_rsa_version} |
115 |
%configure2_5x \ |
116 |
--with-easyrsadir=%{_datadir}/%{name}/easy-rsa |
117 |
%make |
118 |
popd |
119 |
|
120 |
%install |
121 |
rm -rf %{buildroot} |
122 |
%makeinstall_std |
123 |
%makeinstall_std -C easy-rsa-%{easy_rsa_version} |
124 |
|
125 |
install -d %{buildroot}%{_sysconfdir}/%{name} |
126 |
|
127 |
mkdir -p %{buildroot}%{_datadir}/%{name} |
128 |
install -d %{buildroot}%{_localstatedir}/lib/%{name} |
129 |
|
130 |
# (cg) Nuke sysvinit script |
131 |
rm -f %{buildroot}%{_datadir}/%{name}/sample-scripts/openvpn.init |
132 |
|
133 |
# (cg) Add systemd units |
134 |
install -D -m 644 %{SOURCE4} %{buildroot}%{_tmpfilesdir}/openvpn.conf |
135 |
install -D -m 644 %{SOURCE5} %{buildroot}%{_unitdir}/openvpn@.service |
136 |
install -D -m 644 %{SOURCE6} %{buildroot}%{_unitdir}/openvpn.target |
137 |
|
138 |
#plugins |
139 |
mkdir -p %{buildroot}%{plugindir} |
140 |
|
141 |
%if %with ldap |
142 |
pushd auth-ldap-%{auth_ldap_version} |
143 |
%makeinstall_std |
144 |
popd |
145 |
%endif |
146 |
|
147 |
install -m755 %{SOURCE3} %{buildroot}%{_datadir}/%{name} |
148 |
|
149 |
%pre |
150 |
%_pre_useradd %{name} %{_localstatedir}/lib/%{name} /bin/true |
151 |
|
152 |
%post |
153 |
# (cg) This is a templated unit, so we have to manually convert to systemd |
154 |
if [ ! -f %{_localstatedir}/lib/rpm-helper/systemd-migration/%{name} ]; then |
155 |
if [ -f %{_sysconfdir}/rc3.d/S??%{name} ]; then |
156 |
for conf in %{_sysconfdir}/%{name}/*.conf; do |
157 |
[ "$conf" = "%{_sysconfdir}/%{name}/*.conf" ] && continue |
158 |
conf=$(basename $conf .conf) |
159 |
mkdir -p %{_sysconfdir}/systemd/system/%{name}.target.wants |
160 |
ln -s %{_unitdir}/%{name}@.service %{_sysconfdir}/systemd/system/%{name}.target.wants/%{name}@$conf.service |
161 |
done |
162 |
systemctl --quiet enable %{name}.target |
163 |
fi |
164 |
mkdir -p %{_localstatedir}/lib/rpm-helper/systemd-migration |
165 |
touch %{_localstatedir}/lib/rpm-helper/systemd-migration/%{name} |
166 |
else |
167 |
# (cg) Older versions were not controlled by their own target |
168 |
UNITS= |
169 |
for unit in %{_sysconfdir}/systemd/system/multi-user.target.wants/%{name}@?*.service; do |
170 |
[ "$unit" = "%{_sysconfdir}/systemd/system/multi-user.target.wants/%{name}@?*.service" ] && continue |
171 |
UNITS="$UNITS $unit" |
172 |
done |
173 |
if [ -n "$UNITS" ]; then |
174 |
mkdir %{_sysconfdir}/systemd/system/%{name}.target.wants |
175 |
mv $UNITS %{_sysconfdir}/systemd/system/%{name}.target.wants |
176 |
systemctl --quiet enable %{name}.target |
177 |
fi |
178 |
fi |
179 |
%_tmpfilescreate %{name} |
180 |
%_post_service %{name} %{name}.target |
181 |
|
182 |
%preun |
183 |
%_preun_service %{name} %{name}.target |
184 |
|
185 |
%postun |
186 |
%_postun_userdel %{name} |
187 |
|
188 |
%files |
189 |
%doc AUTHORS INSTALL PORTS README |
190 |
%doc src/plugins/*/README.* |
191 |
%doc |
192 |
%if %with ldap |
193 |
%doc auth-ldap-%auth_ldap_version/README-openvpn-auth-ldap |
194 |
%endif |
195 |
%{_mandir}/man8/%{name}.8* |
196 |
%{_sbindir}/%{name} |
197 |
%{_datadir}/%{name} |
198 |
%dir %{_sysconfdir}/%{name} |
199 |
#{_datadir}/%{name}/dhcp.sh |
200 |
%{_unitdir}/%{name}*.service |
201 |
%{_unitdir}/%{name}.target |
202 |
%{_tmpfilesdir}/%{name}.conf |
203 |
%dir %{_localstatedir}/lib/%{name} |
204 |
%dir %plugindir |
205 |
%plugindir/* |
206 |
%exclude %{_docdir}/easy-rsa/COPYING |
207 |
%exclude %{_docdir}/easy-rsa/COPYRIGHT.GPL |
208 |
%exclude %{_docdir}/easy-rsa/README-2.0 |
209 |
|
210 |
%files -n %develname |
211 |
%{_includedir}/openvpn-plugin.h |