diff --git a/strongswan.spec b/strongswan.spec index 47851e381bfa4e27d8273a2b680afd4a6a6add68..581740169e7b0ea1955ed13f4486519ddfcfacb6 100644 --- a/strongswan.spec +++ b/strongswan.spec @@ -1,41 +1,60 @@ Name: strongswan Version: 5.7.2 -Release: 5 +Release: 6 Summary: An OpenSource IPsec-based VPN and TNC solution License: GPLv2+ URL: http://www.strongswan.org/ Source0: http://download.strongswan.org/strongswan-%{version}.tar.bz2 - BuildRequires: gcc systemd-devel gmp-devel libcurl-devel NetworkManager-libnm-devel openldap-devel BuildRequires: openssl-devel sqlite-devel gettext-devel trousers-devel libxml2-devel pam-devel BuildRequires: json-c-devel libgcrypt-devel systemd-devel iptables-devel Requires(post): systemd Requires(preun): systemd Requires(postun): systemd -Provides: strongswan-libipsec = %{version}-%{release} -Provides: strongswan-charon-nm = %{version}-%{release} -Provides: strongswan-sqlite = %{version}-%{release} -Provides: strongswan-tnc-imcvs = %{version}-%{release} -Provides: strongswan-libipsec%{?_isa} = %{version}-%{release} -Provides: strongswan-charon-nm%{?_isa} = %{version}-%{release} -Provides: strongswan-sqlite%{?_isa} = %{version}-%{release} -Provides: strongswan-tnc-imcvs%{?_isa} = %{version}-%{release} -Obsoletes: strongswan-libipsec < %{version}-%{release} -Obsoletes: strongswan-charon-nm < %{version}-%{release} -Obsoletes: strongswan-sqlite < %{version}-%{release} -Obsoletes: strongswan-tnc-imcvs < %{version}-%{release} -Obsoletes: %{name}-NetworkManager < 0:5.0.4-5 -Conflicts: %{name}-NetworkManager < 0:5.0.4-5 -Conflicts: NetworkManager-strongswan < 1.4.2-1 %description The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key exchange protocols in conjunction with the native NETKEY IPsec stack of the Linux kernel. -%package_help +%package libipsec +Summary: Strongswan's libipsec backend +%description libipsec +The kernel-libipsec plugin provides an IPsec backend that works entirely in userland, using TUN devices and its own IPsec implementation libipsec. + +%package charon-nm +Summary:NetworkManager plugin for Strongswan +Requires:dbus +Obsoletes: %{name}-NetworkManager < 0:5.0.4-5 +Conflicts: %{name}-NetworkManager < 0:5.0.4-5 +Conflicts: NetworkManager-strongswan < 1.4.2-1 + +%description charon-nm +NetworkManager plugin integrates a subset of Strongswan capabilities to NetworkManager. + +%package sqlite +Summary: SQLite support for strongSwan +Requires: %{name} = %{version}-%{release} + +%description sqlite +The sqlite plugin adds an SQLite database backend to strongSwan. + +%package tnc-imcvs +Summary: Trusted network connect (TNC)'s IMC/IMV functionality +Requires: %{name} = %{version}-%{release} +Requires: %{name}-sqlite = %{version}-%{release} + +%description tnc-imcvs +This package provides Trusted Network Connect's (TNC) architec ture support. +It includes support for TNC client and server (IF-TNCCS), IMC and IMV message +exchange (IF-M), interface between IMC/IMV and TNC client/server (IF-IMC +and IF-IMV). It also includes PTS based IMC/IMV for TPM based remote +attestation, SWID IMC/IMV, and OS IMC/IMV. It's IMC/IMV dynamic libraries +modules can be used by any third party TNC Client/Server imple mentation +possessing a standard IF-IMC/IMV interface. In addition, it im plements +PT-TLS to support TNC over TLS. %prep -%autosetup -n %{name}-%{version} +%autosetup -n %{name}-%{version} -p1 %build %configure --disable-static --with-ipsec-script=strongswan --sysconfdir=%{_sysconfdir}/strongswan \ @@ -94,33 +113,66 @@ install -d -m 700 %{buildroot}%{_sysconfdir}/strongswan/ipsec.d/{aacerts acerts %systemd_postun_with_restart strongswan.service %files -%defattr(-,root,root) -%doc README ChangeLog TODO NEWS +%doc README NEWS TODO ChangeLog %license COPYING %dir %attr(0700,root,root) %{_sysconfdir}/strongswan %config(noreplace) %{_sysconfdir}/strongswan/* %dir %{_libdir}/strongswan +%exclude %{_libdir}/strongswan/imcvs %dir %{_libdir}/strongswan/plugins -%dir %{_libdir}/strongswan/imcvs %dir %{_libexecdir}/strongswan -%{_unitdir}/*.service -%{_sbindir}/* +%{_unitdir}/strongswan.service +%{_unitdir}/strongswan-swanctl.service +%{_sbindir}/charon-cmd +%{_sbindir}/charon-systemd +%{_sbindir}/strongswan +%{_sbindir}/swanctl %{_libdir}/strongswan/*.so.* +%exclude %{_libdir}/strongswan/libimcv.so.* +%exclude %{_libdir}/strongswan/libtnccs.so.* +%exclude %{_libdir}/strongswan/libipsec.so.* %{_libdir}/strongswan/plugins/*.so -%{_libdir}/strongswan/imcvs/*.so +%exclude %{_libdir}/strongswan/plugins/libstrongswan-sqlite.so +%exclude %{_libdir}/strongswan/plugins/libstrongswan-*tnc*.so +%exclude %{_libdir}/strongswan/plugins/libstrongswan-kernel-libipsec.so %{_libexecdir}/strongswan/* +%exclude %{_libexecdir}/strongswan/attest +%exclude %{_libexecdir}/strongswan/pt-tls-client +%exclude %{_libexecdir}/strongswan/charon-nm +%exclude %dir %{_datadir}/strongswan/swidtag +%{_mandir}/man?/*.gz %{_datadir}/strongswan/templates/config/ %{_datadir}/strongswan/templates/database/ + +%files sqlite +%{_libdir}/strongswan/plugins/libstrongswan-sqlite.so + +%files tnc-imcvs +%{_sbindir}/sw-collector +%{_sbindir}/sec-updater +%dir %{_libdir}/strongswan/imcvs +%dir %{_libdir}/strongswan/plugins +%{_libdir}/strongswan/libimcv.so.* +%{_libdir}/strongswan/libtnccs.so.* +%{_libdir}/strongswan/plugins/libstrongswan-*tnc*.so +%{_libexecdir}/strongswan/attest +%{_libexecdir}/strongswan/pt-tls-client %dir %{_datadir}/strongswan/swidtag %{_datadir}/strongswan/swidtag/*.swidtag -%{_sysconfdir}/dbus-1/system.d/nm-strongswan-service.conf -%files help -%{_mandir}/man1/*1.gz -%{_mandir}/man5/*5.gz -%{_mandir}/man8/*8.gz +%files libipsec +%{_libdir}/strongswan/libipsec.so.* +%{_libdir}/strongswan/plugins/libstrongswan-kernel-libipsec.so + +%files charon-nm +%doc COPYING +%{_sysconfdir}/dbus-1/system.d/nm-strongswan-service.conf +%{_libexecdir}/strongswan/charon-nm %changelog +* Sat Jul 18 2020 yaokai13 - 5.7.2-6 +- Unpack the merged package to fix the issue #l1N2UN + * Thu May 28 2020 Senlin Xia - 5.7.2-5 - prefix man pages