%global gitsnapshot 1 %if 0%{?gitsnapshot} %global snapcommit 3e36871d6dd3dc476b259a39fcb3925af4ca5c0d %global snapcount 170 %global shortcommit %(c=%{snapcommit}; echo ${c:0:7}) %global snapver .git.%{snapcount}.%{shortcommit} %endif %global tagver 9.12 # RHEL6 still has ancient GnuTLS %define use_gnutls 0%{?fedora} || 0%{?rhel} >= 7 # Fedora has tss2-sys from F29 onwards, and RHEL from 8 onwards. %if 0%{?fedora} >= 29 || 0%{?rhel} >= 8 %define use_tss2_esys 1 %else %define use_tss2_esys 0 %endif %{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}} Name: openconnect Version: %{tagver}%{?snapver} Release: 0%{?dist} Summary: Open multi-protocol SSL VPN client License: LGPLv2 URL: https://www.infradead.org/openconnect.html %if 0%{?gitsnapshot} Source0: https://github.com/openconnect/%{name}/archive/%{snapcommit}/%{name}-%{shortcommit}.tar.gz %else Source0: https://www.infradead.org/openconnect/download/%{name}-%{version}.tar.gz %endif Source2: gpgkey-BE07D9FD54809AB2C4B0FF5F63762CDA67E2F359.asc Source3: macros.gpg BuildRequires: make xdg-utils BuildRequires: pkgconfig(libxml-2.0) pkgconfig(libpcsclite) krb5-devel gnupg2 BuildRequires: autoconf automake libtool gettext pkgconfig(liblz4) BuildRequires: pkgconfig(uid_wrapper) pkgconfig(socket_wrapper) BuildRequires: pkgconfig(libproxy-1.0) BuildRequires: pkgconfig(stoken) pkgconfig(libpskc) %if 0%{?fedora} BuildRequires: pkgconfig(json-parser) %endif %if 0%{?fedora} || 0%{?rhel} <= 7 # SoftHSM doesn't install on EPEL8: https://bugzilla.redhat.com/show_bug.cgi?id=1829480 BuildRequires: softhsm %endif %if 0%{?fedora} || 0%{?rhel} >= 7 Obsoletes: openconnect-lib-compat < %{version}-%{release} Requires: vpnc-script %else Requires: vpnc %endif %if 0%{?fedora} >= 30 || 0%{?rhel} >= 9 BuildRequires: glibc-langpack-cs %endif %if %{use_gnutls} BuildRequires: pkgconfig(gnutls) trousers-devel # Anywhere we use GnuTLS ,there should be an ocserv package too BuildRequires: ocserv %else BuildRequires: pkgconfig(openssl) pkgconfig(libp11) pkgconfig(p11-kit-1) %endif %if %{use_tss2_esys} BuildRequires: pkgconfig(tss2-esys) pkgconfig(tss2-tctildr) pkgconfig(tss2-mu) # https://bugzilla.redhat.com/show_bug.cgi?id=1638961 BuildRequires: libgcrypt-devel %if 0%{?fedora} > 32 # Older versions of tss2-esys don't have the swtpm TCTI BuildRequires: swtpm swtpm-tools %endif %endif %description This package provides a multiprotocol VPN client for Cisco AnyConnect, Juniper SSL VPN / Pulse Connect Secure, and Palo Alto Networks GlobalProtect SSL VPN. %package devel Summary: Development package for OpenConnect VPN authentication tools Requires: %{name}%{?_isa} = %{version}-%{release} %description devel This package provides the core HTTP and authentication support from the OpenConnect VPN client, to be used by GUI authentication dialogs for NetworkManager etc. %include %SOURCE3 %prep %if 0%{?gitsnapshot} %setup -q -n %{name}-%{shortcommit} NOCONFIGURE=x ./autogen.sh %else %gpg_verify %setup -q if [ ! -x configure ]; then NOCONFIGURE=x ./autogen.sh fi %endif %build %configure --with-vpnc-script=/etc/vpnc/vpnc-script \ --disable-dsa-tests \ %if %{use_gnutls} %if 0%{?fedora} || 0%{?rhel} > 7 --with-default-gnutls-priority="@OPENCONNECT,SYSTEM" \ --without-gnutls-version-check \ %endif %else --with-openssl --without-openssl-version-check \ %endif --htmldir=%{_pkgdocdir} make %{?_smp_mflags} V=1 %install %make_install mkdir -p $RPM_BUILD_ROOT/%{_pkgdocdir} rm -f $RPM_BUILD_ROOT/%{_libdir}/libopenconnect.la rm -f $RPM_BUILD_ROOT/%{_libexecdir}/openconnect/tncc-wrapper.py rm -f $RPM_BUILD_ROOT/%{_libexecdir}/openconnect/hipreport-android.sh %find_lang %{name} %check %if 0%{?fedora} || 0%{?rhel} > 7 # Clear RDRAND capability bit to work around # https://bugzilla.redhat.com/show_bug.cgi?id=1831086 make VERBOSE=1 OPENSSL_ia32cap=~0x4000000000000000 XFAIL_TESTS="obsolete-server-crypto" check %else # Test setup for OpenSSL builds in RHEL6. make VERBOSE=1 XFAIL_TESTS="auth-nonascii bad_dtls_test" check %endif %ldconfig_scriptlets %files -f %{name}.lang %{_libdir}/libopenconnect.so.5* %{_sbindir}/openconnect %{_libexecdir}/openconnect/ %{_mandir}/man8/* %{_datadir}/bash-completion/completions/openconnect %doc TODO COPYING.LGPL %doc %{_pkgdocdir} %files devel %{_libdir}/libopenconnect.so %{_includedir}/openconnect.h %{_libdir}/pkgconfig/openconnect.pc %changelog * Tue Jul 16 2019 David Woodhouse - %{version}-%{release} - Autopackaging for COPR