Hello community, here is the log from the commit of package vpnc for openSUSE:Factory checked in at 2012-10-10 09:35:08 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/vpnc (Old) and /work/SRC/openSUSE:Factory/.vpnc.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "vpnc", Maintainer is "coolo@suse.com" Changes: -------- --- /work/SRC/openSUSE:Factory/vpnc/vpnc.changes 2012-02-08 17:21:30.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.vpnc.new/vpnc.changes 2012-10-10 09:41:01.000000000 +0200 @@ -1,0 +2,8 @@ +Tue Oct 9 08:56:14 UTC 2012 - tittiatcoke@gmail.com + +- Update to rev 517 of nortel branch + - Check Vendor vs nat traversal mode + - Fix compatibility with Solaris 10 /bin/sh +- Package now owns the /var/run/vpnc directory (bnc#773379) + +------------------------------------------------------------------- Old: ---- vpnc-0.5.3r512.tar.bz2 New: ---- vpnc-0.5.3r517.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ vpnc.spec ++++++ --- /var/tmp/diff_new_pack.aIyNLJ/_old 2012-10-10 09:41:06.000000000 +0200 +++ /var/tmp/diff_new_pack.aIyNLJ/_new 2012-10-10 09:41:06.000000000 +0200 @@ -21,13 +21,14 @@ BuildRequires: libgcrypt-devel BuildRequires: libgnutls-devel BuildRequires: pkg-config -Version: 0.5.3r512 +Version: 0.5.3r517 Release: 0 Summary: A Client for Cisco VPN concentrator License: GPL-2.0+ Group: Productivity/Networking/Security Url: http://svn.unix-ag.uni-kl.de/vpnc/branches/vpnc-nortel -Requires: /usr/bin/sed /sbin/ip +Requires: /sbin/ip +Requires: /usr/bin/sed Source: %{name}-%{version}.tar.bz2 # only for checkin warnings... Source1: checkout_svn.sh @@ -73,8 +74,7 @@ make PREFIX=/usr %install -mkdir -p \ - ${RPM_BUILD_ROOT}/%{_localstatedir}/run/vpnc +mkdir -p ${RPM_BUILD_ROOT}/%{_localstatedir}/run/vpnc %{__make} install \ DESTDIR=${RPM_BUILD_ROOT} \ PREFIX=/usr @@ -86,6 +86,7 @@ %files %defattr(-,root,root) %attr(0600,root,root) %config(noreplace) %ghost %{_sysconfdir}/vpnc/default.conf +%ghost %{_localstatedir}/run/vpnc %dir %{_sysconfdir}/vpnc %{_sysconfdir}/vpnc/vpnc-script %{_sbindir}/vpnc ++++++ vpnc-0.5.3r512.tar.bz2 -> vpnc-0.5.3r517.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vpnc/config.c new/vpnc/config.c --- old/vpnc/config.c 2012-01-14 08:57:51.000000000 +0100 +++ new/vpnc/config.c 2012-01-29 12:23:05.000000000 +0100 @@ -15,7 +15,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - $Id: config.c 511 2012-01-14 07:57:51Z Antonio Borneo $ + $Id: config.c 514 2012-01-29 11:23:05Z Antonio Borneo $ */ #define _GNU_SOURCE @@ -828,6 +828,19 @@ printf("%s: unknown nat traversal mode %s\nknown modes: natt none force-natt cisco-udp nortel-udp\n", argv[0], config[CONFIG_NATT_MODE]); exit(1); } + if ((opt_vendor == VENDOR_NORTEL) && + (opt_natt_mode != NATT_NONE) && + (opt_natt_mode != NATT_NORTEL_UDP)) { + printf("%s: Vendor nortel only accepts nat traversal modes: none nortel-udp\n" + "\tdefaults to \"none\"\n", argv[0]); + opt_natt_mode = NATT_NONE; + } + if ((opt_vendor != VENDOR_NORTEL) && + (opt_natt_mode == NATT_NORTEL_UDP)) { + printf("%s: nat traversal mode nortel-udp allowed for Vendor nortel only\n" + "\tdefaults to \"none\"\n", argv[0]); + opt_natt_mode = NATT_NONE; + } if (!strcmp(config[CONFIG_IF_MODE], "tun")) { opt_if_mode = IF_MODE_TUN; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vpnc/mk-version new/vpnc/mk-version --- old/vpnc/mk-version 2012-01-14 10:04:23.000000000 +0100 +++ new/vpnc/mk-version 2012-03-24 16:07:00.000000000 +0100 @@ -3,45 +3,45 @@ # print vpnc version from file VERSION, appending the string printed # by svnversion(1) if appropriate -function git_svn_version () +in_git_repository () { - local key value svn_log svn_commit svn_ver - - # exit if not in git repository - if [ "true" != "$(git rev-parse --is-inside-work-tree 2>/dev/null)" ]; then - return - fi + git rev-parse --is-inside-work-tree > /dev/null 2>&1 + return $? +} +git_svn_version () +{ # search for svn-remote defined in git configuration + svn_url_pattern="" while read key value; do - svn_url_pattern+="\\|$value" + svn_url_pattern="${svn_url_pattern}\\|${value}" done << EOF $(git config --get-regexp '^svn-remote\..*\.url$' 2>/dev/null) EOF # exit if no svn-remote defined - if [ ${#svn_url_pattern} -eq 0 ]; then + if [ -z "${svn_url_pattern}" ]; then return fi # scan git-log for latest commit from any svn-remote above - svn_log=($(git log --first-parent -1 \ - --grep="^git-svn-id: \(${svn_url_pattern:2}\)@" 2>/dev/null)) + set -- $(git log --first-parent -1 \ + --grep="^git-svn-id: \(${svn_url_pattern#??}\)@" 2>/dev/null) # check commit hash is 40 hex digits - svn_commit=${svn_log[1]} - if [ ${#svn_commit} -ne 40 -o -n "${svn_commit//[0-9a-f]/}" ]; then + svn_commit=$2 + if [ ${#svn_commit} -ne 40 -o -z "${svn_commit##*[!0-9a-f]*}" ]; then return fi # check svn version is numeric - svn_ver=${svn_log[ ${#svn_log[@]} - 2 ]} - svn_ver=${svn_ver#*@} - if [ -z "${#svn_ver}" -o -n "${svn_ver//[0-9]/}" ]; then + shift $(($# - 2)) + svn_ver=${1#*@} + if [ -z "${svn_ver}" -o -z "${svn_ver##*[!0-9]*}" ]; then return fi - if [ $(git rev-list --count HEAD...${svn_commit}) -eq 0 ]; then + if [ $(git rev-list HEAD...${svn_commit} | wc -l) -eq 0 ]; then if [ `git status -s | grep -vc '^??'` -eq 0 ]; then # no git commits and tree clean echo "${svn_ver}" @@ -56,12 +56,12 @@ _version="`cat VERSION`" if [ -d .svn ]; then - if command -v svnversion >/dev/null; then + if which svnversion > /dev/null; then _version="$_version-`svnversion`" else _version="$_version-`sed -n '/^dir$/{n;p;q;}' .svn/entries`" fi -elif command -v git >/dev/null; then +elif which git > /dev/null && in_git_repository; then git_ext=$(git_svn_version) if [ -n "${git_ext}" ]; then _version="$_version-${git_ext}" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vpnc/vpnc-script new/vpnc/vpnc-script --- old/vpnc/vpnc-script 2012-01-14 08:57:25.000000000 +0100 +++ new/vpnc/vpnc-script 2012-04-21 17:56:11.000000000 +0200 @@ -108,10 +108,10 @@ if [ -n "$INTERNAL_IP4_MTU" ]; then MTU=$INTERNAL_IP4_MTU elif [ -n "$IPROUTE" ]; then - MTUDEV=$($IPROUTE route get "$VPNGATEWAY" | sed -ne 's/^.*dev \([a-z0-9]*\).*$/\1/p') - MTU=$($IPROUTE link show "$MTUDEV" | sed -ne 's/^.*mtu \([[:digit:]]\+\).*$/\1/p') + MTUDEV=`$IPROUTE route get "$VPNGATEWAY" | sed -ne 's/^.*dev \([a-z0-9]*\).*$/\1/p'` + MTU=`$IPROUTE link show "$MTUDEV" | sed -ne 's/^.*mtu \([[:digit:]]\+\).*$/\1/p'` if [ -n "$MTU" ]; then - MTU=$(( $MTU - 88 )) + MTU=`expr $MTU - 88` fi fi @@ -417,7 +417,7 @@ } restore_resolvconf_generic() { - if [ ! -e "$RESOLV_CONF_BACKUP" ]; then + if [ ! -f "$RESOLV_CONF_BACKUP" ]; then return fi grep '^#@VPNC_GENERATED@' /etc/resolv.conf > /dev/null 2>&1 && cat "$RESOLV_CONF_BACKUP" > /etc/resolv.conf @@ -579,9 +579,8 @@ i=`expr $i + 1` done for i in $INTERNAL_IP4_DNS ; do - if ! echo "$i" | grep : >/dev/null; then + echo "$i" | grep : >/dev/null || \ set_network_route "$i" "255.255.255.255" "32" - fi done elif [ -n "$INTERNAL_IP4_ADDRESS" ]; then set_default_route diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vpnc/vpnc.c new/vpnc/vpnc.c --- old/vpnc/vpnc.c 2012-01-14 08:57:39.000000000 +0100 +++ new/vpnc/vpnc.c 2012-03-24 16:07:08.000000000 +0100 @@ -18,7 +18,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - $Id: vpnc.c 510 2012-01-14 07:57:39Z Antonio Borneo $ + $Id: vpnc.c 516 2012-03-24 15:07:08Z Antonio Borneo $ */ #define _GNU_SOURCE @@ -2933,7 +2933,7 @@ seen_auth, NULL, 0)->name)); if (s->ipsec.cry_algo == GCRY_CIPHER_DES && !opt_1des) { error(1, 0, "peer selected (single) DES as \"encrytion\" method.\n" - "This algorithm is considered to weak today\n" + "This algorithm is considered too weak today\n" "If your vpn concentrator admin still insists on using DES\n" "use the \"--enable-1des\" option.\n"); } else if (s->ipsec.cry_algo == GCRY_CIPHER_NONE && !opt_no_encryption) { @@ -3335,7 +3335,7 @@ seen_auth, NULL, 0)->name)); if (s->ipsec.cry_algo == GCRY_CIPHER_DES && !opt_1des) { error(1, 0, "peer selected (single) DES as \"encrytion\" method.\n" - "This algorithm is considered to weak today\n" + "This algorithm is considered too weak today\n" "If your vpn concentrator admin still insists on using DES\n" "use the \"--enable-1des\" option.\n"); } else if (s->ipsec.cry_algo == GCRY_CIPHER_NONE && !opt_no_encryption) { -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org