Hello community, here is the log from the commit of package openvpn for openSUSE:Factory checked in at Tue Aug 30 16:11:26 CEST 2011. -------- --- openvpn/openvpn.changes 2011-07-11 16:51:08.000000000 +0200 +++ openvpn/openvpn.changes 2011-08-29 20:33:56.000000000 +0200 @@ -1,0 +2,19 @@ +Mon Aug 29 18:05:30 UTC 2011 - mt@suse.com + +- Marked /var/run/openvpn as ghost (bnc#710270), man page and + other rpmlint warning fixes + +------------------------------------------------------------------- +Tue Aug 23 15:41:00 UTC 2011 - crrodriguez@opensuse.org + +- BuildRequires libselinux-devel +- Use SSL_MODE_RELEASE_BUFFERS to keep memory usage low, sent + upstream as https://community.openvpn.net/openvpn/ticket/157 + +------------------------------------------------------------------- +Mon Aug 22 09:55:44 UTC 2011 - fcrozat@novell.com + +- Add openvpn-2.1-systemd-passwd.patch / modify openvpn.init to + support systemd password query (bnc#675406) + +------------------------------------------------------------------- calling whatdependson for head-i586 New: ---- 0001-Use-SSL_MODE_RELEASE_BUFFERS-if-available.patch openvpn-2.1-systemd-passwd.patch openvpn-2.2.1-man-dot.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openvpn.spec ++++++ --- /var/tmp/diff_new_pack.yq4BYo/_old 2011-08-30 16:07:55.000000000 +0200 +++ /var/tmp/diff_new_pack.yq4BYo/_new 2011-08-30 16:07:55.000000000 +0200 @@ -27,7 +27,7 @@ PreReq: %insserv_prereq %fillup_prereq %endif Version: 2.2.1 -Release: 1 +Release: 16 %define upstream_version %version Summary: Full-featured SSL VPN solution using a TUN/TAP Interface Source: http://openvpn.net/release/openvpn-%{upstream_version}.tar.gz @@ -38,9 +38,13 @@ Source5: client-netconfig.down Patch1: %{name}-2.1-plugin-man.dif Patch2: %{name}-2.1-plugin-build.dif +Patch3: openvpn-2.1-systemd-passwd.patch +Patch4: 0001-Use-SSL_MODE_RELEASE_BUFFERS-if-available.patch +Patch5: openvpn-2.2.1-man-dot.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: lzo-devel openssl-devel BuildRequires: iproute2 pam-devel +BuildRequires: libselinux-devel %if 0%{?suse_version} > 1030 BuildRequires: pkcs11-helper-devel Requires: pkcs11-helper @@ -129,6 +133,9 @@ %setup -q -n %{name}-%{upstream_version} %patch1 -p0 %patch2 -p0 +%patch3 -p1 +%patch4 -p1 +%patch5 -p0 sed -e "s|@PLUGIN_DIR@|%{plugin_dir}|g" \ -e "s|@PLUGIN_LIBDIR@|%{plugin_libdir}|g" \ -e "s|@PLUGIN_DOCDIR@|%{_defaultdocdir}/%{name}|g" \ @@ -187,7 +194,7 @@ install -m 755 plugin/$pi/openvpn-$pi.so \ $RPM_BUILD_ROOT%{plugin_libdir}/ done -# we install docs via spec into %{_defaultdocdir}/name/management-notes.txt +# we install docs via spec into _defaultdocdir/name/management-notes.txt rm $RPM_BUILD_ROOT%{_datadir}/doc/%name/management-notes.txt rmdir $RPM_BUILD_ROOT%{_datadir}/doc/%name @@ -205,7 +212,7 @@ %files %defattr(-,root,root) -%doc AUTHORS COPYING COPYRIGHT.GPL ChangeLog INSTALL NEWS PORTS README +%doc AUTHORS COPYING COPYRIGHT.GPL ChangeLog PORTS README %doc README.* %doc contrib %doc sample-config-files @@ -218,7 +225,7 @@ %config %{_sysconfdir}/init.d/openvpn %{_sbindir}/openvpn %{_sbindir}/rcopenvpn -%dir %{_localstatedir}/run/openvpn +%attr(0755,root,root) %dir %ghost %{_localstatedir}/run/openvpn %dir %{_datadir}/openvpn %{_datadir}/openvpn/easy-rsa %dir %{_libdir}/%{name} ++++++ 0001-Use-SSL_MODE_RELEASE_BUFFERS-if-available.patch ++++++
From db33132094f4748ccc63aadbfa4b7446bb95b350 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= <crrodriguez@opensuse.org> Date: Sat, 20 Aug 2011 18:12:28 -0400 Subject: [PATCH] Use SSL_MODE_RELEASE_BUFFERS if available MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit
Signed-off-by: Cristian Rodríguez <crrodriguez@opensuse.org> --- ssl.c | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diff --git a/ssl.c b/ssl.c index ea7b204..459e66c 100644 --- a/ssl.c +++ b/ssl.c @@ -2073,6 +2073,9 @@ init_ssl (const struct options *options) } /* Set SSL options */ +#ifdef SSL_MODE_RELEASE_BUFFERS + SSL_CTX_set_mode (ctx, SSL_MODE_RELEASE_BUFFERS); +#endif SSL_CTX_set_session_cache_mode (ctx, SSL_SESS_CACHE_OFF); SSL_CTX_set_options (ctx, SSL_OP_SINGLE_DH_USE); -- 1.7.4.1 ++++++ openvpn-2.1-systemd-passwd.patch ++++++ Index: openvpn-2.2.1/misc.c =================================================================== --- openvpn-2.2.1.orig/misc.c +++ openvpn-2.2.1/misc.c @@ -1333,26 +1333,49 @@ get_console_input (const char *prompt, c ASSERT (input); ASSERT (capacity > 0); input[0] = '\0'; + bool is_systemd_running; + struct stat a, b; + + /* We simply test whether the systemd cgroup hierarchy is + * mounted */ + + is_systemd_running = (lstat("/sys/fs/cgroup", &a) == 0) + && (lstat("/sys/fs/cgroup/systemd", &b) == 0) + && (a.st_dev != b.st_dev); #if defined(WIN32) return get_console_input_win32 (prompt, echo, input, capacity); #elif defined(HAVE_GETPASS) - if (echo) + if (echo || is_systemd_running) { FILE *fp; - fp = open_tty (true); - fprintf (fp, "%s", prompt); - fflush (fp); - close_tty (fp); + if (is_systemd_running) + { + char *cmd; + + asprintf(&cmd, "/bin/systemd-ask-password "%s"", prompt); + fp = popen (cmd, "re"); + free (cmd); + } + else + { + fp = open_tty (true); + fprintf (fp, "%s", prompt); + fflush (fp); + close_tty (fp); - fp = open_tty (false); + fp = open_tty (false); + } if (fgets (input, capacity, fp) != NULL) { chomp (input); ret = true; } - close_tty (fp); + if (is_systemd_running) + fclose (fp); + else + close_tty (fp); } else { ++++++ openvpn-2.2.1-man-dot.diff ++++++ --- openvpn.8 +++ openvpn.8 2011/08/29 18:26:40 @@ -21,13 +21,13 @@ ." 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ." ." Manual page for openvpn -.\ +." ." SH section heading ." SS subsection heading ." LP paragraph ." IP indented paragraph ." TP hanging label -.\ +." ." .nf -- no formatting ." .fi -- resume formatting ." .ft 3 -- boldface ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org