%global sslcert %{_sysconfdir}/pki/%{name}/server.cert.pem
%global sslkey %{_sysconfdir}/pki/%{name}/server.key.pem
%bcond_without maxmind
Summary: Open Source IRC server
Name: unrealircd
Version: 6.0.4.2
Release: 1%{?dist}
# UnrealIRCd declares itself as GPL-2.0-or-later as it's the common denominator for
# a GPL-1.0-or-later and GPL-2.0-or-later mixture, breakdown of other source codes:
# BSD-3-Clause: include/mempool.h and src/mempool.c
# ISC: src/openssl_hostname_validation.c
# LicenseRef-Fedora-Public-Domain: include/crypt_blowfish.h and src/crypt_blowfish.c
# MIT: include/openssl_hostname_validation.h
License: GPL-1.0-or-later AND GPL-2.0-or-later AND BSD-3-Clause AND ISC AND LicenseRef-Fedora-Public-Domain AND MIT
URL: https://www.unrealircd.org/
Source0: https://www.unrealircd.org/downloads/%{name}-%{version}.tar.gz
Source1: https://www.unrealircd.org/downloads/%{name}-%{version}.tar.gz.asc
Source2: gpgkey-1D2D2B03A0B68ED11D68A24BA7A21B0A108FF4A9.gpg
Source3: %{name}.service
Source4: %{name}.tmpfilesd
Source5: %{name}.sysusersd
# Apply Fedora system-wide crypto policy
Patch0: unrealircd-6.0.4-crypto-policy.patch
# Disable GeoIP to avoid dependency to legacy GeoIP
Patch1: unrealircd-6.0.1.1-geoip.patch
# Same options like in unrealircd(ctl) shell script
Patch2: unrealircd-6.0.3-unrealircdctl.patch
BuildRequires: gnupg2
BuildRequires: gcc
BuildRequires: make
BuildRequires: %{_bindir}/openssl
%if 0%{?fedora} || 0%{?rhel} > 7
BuildRequires: openssl-devel
%else
BuildRequires: openssl11-devel
%endif
%if 0%{?fedora} || 0%{?rhel} > 8
BuildRequires: pcre2-devel >= 10.34
%else
BuildRequires: pcre2-devel >= 10.00
%endif
BuildRequires: libargon2-devel >= 20161029
BuildRequires: libsodium-devel >= 1.0.16
BuildRequires: c-ares-devel >= 1.6.0
BuildRequires: jansson-devel >= 2.0.0
BuildRequires: libcurl-devel
BuildRequires: systemd-rpm-macros
Requires(post): %{_bindir}/openssl
%{?systemd_requires}
%{?sysusers_requires_compat}
%description
UnrealIRCd is an Open Source IRC server based on the branch of IRCu called
Dreamforge, formerly used by the DALnet IRC network. Since the beginning of
development on UnrealIRCd in May of 1999, it has become a highly advanced
IRCd with a strong focus on modularity, an advanced and highly configurable
configuration file. Key features include SSL/TLS, cloaking, advanced anti-
flood and anti-spam systems, swear filtering and module support.
%if %{with maxmind}
%package maxmind
Summary: GeoIP module using MaxMind databases for UnrealIRCd
%if 0%{?fedora} || 0%{?rhel} > 8
BuildRequires: libmaxminddb-devel >= 1.4.3
%else
BuildRequires: libmaxminddb-devel >= 1.2.0
%endif
Requires: %{name}%{?_isa} = %{version}-%{release}
%description maxmind
UnrealIRCd is an Open Source IRC server with a strong focus on modularity.
This package provides an UnrealIRCd module to support GeoIP using MaxMind's
GeoIP2 C library and databases.
%endif
%prep
%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'
%setup -q
%if 0%{?fedora} || 0%{?rhel} >= 8
%patch0 -p1 -b .crypto-policy
touch -c -r doc/conf/examples/example.conf{.crypto-policy,}
%endif
%patch1 -p1 -b .geoip
touch -c -r doc/conf/modules.default.conf{.geoip,}
%patch2 -p1 -b .unrealircdctl
%build
%if 0%{?rhel} == 7
sed \
-e 's|include/openssl/|include/openssl11/openssl/|g' \
-e 's|\(CRYPTOLIB="-lssl -lcrypto\).*|\1 -L%{_libdir}/openssl11"\nCFLAGS="$CFLAGS -I%{_includedir}/openssl11"|' \
-i configure
%endif
# https://github.com/unrealircd/unrealircd/pull/183
%if %{with maxmind} && 0%{?rhel} && 0%{?rhel} < 9
sed -e 's|libmaxminddb >= 1.4.3|libmaxminddb >= 1.2.0|g' -i configure
%endif
# https://github.com/unrealircd/unrealircd/pull/196
%if 0%{?rhel} && 0%{?rhel} < 9
sed -e 's|libpcre2-8 >= 10.34|libpcre2-8 >= 10.00|g' -i configure
%endif
# Mention new unrealircdctl tool rather than shell script
for file in src/{conf,ircd,misc,modulemanager,proc_io_server,unrealircdctl}.c doc/conf/examples/*.conf; do
sed -e 's|\./unrealircd\([ "]\)|unrealircdctl\1|g' ${file} > ${file}.tmp
touch -c -r ${file} ${file}.tmp && mv -f ${file}.tmp ${file}
done
%configure \
--enable-ssl \
--with-system-pcre2 \
--with-system-argon2 \
--with-system-sodium \
--with-system-cares \
--with-system-jansson \
--enable-libcurl \
%{?with_maxmind:--enable-libmaxminddb=yes} \
--with-bindir=%{_bindir} \
--with-scriptdir=unused \
--with-confdir=%{_sysconfdir}/%{name} \
--with-modulesdir=%{_libdir}/%{name} \
--with-logdir=%{_localstatedir}/log/%{name} \
--with-cachedir=%{_localstatedir}/cache/%{name} \
--with-tmpdir=%{_localstatedir}/lib/%{name}/tmp \
--with-datadir=%{_localstatedir}/lib/%{name} \
--with-docdir=unused \
--with-pidfile=%{_rundir}/%{name}/%{name}.pid \
--with-controlfile=%{_rundir}/%{name}/%{name}.ctl \
--with-permissions=0640 \
--enable-dynamic-linking \
--with-privatelibdir=no
%make_build
%install
%make_install
# Fix strange default permissions
chmod -R g+rX,o+rX $RPM_BUILD_ROOT
# Provide default configuration based on default example
mv -f $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/{examples/example.conf,%{name}.conf}
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/examples/
# Remove module repository configuration (for module manager)
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/modules.sources.list
# Remove upgrade script intended only for source code users
rm -f $RPM_BUILD_ROOT%{_bindir}/unrealircd-upgrade-script
# Move tls directory and symlink it
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pki/
mv -f $RPM_BUILD_ROOT%{_sysconfdir}/{%{name}/tls,pki/%{name}}/
ln -s ../pki/%{name}/ $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/tls
ln -sf ../tls/certs/ca-bundle.crt $RPM_BUILD_ROOT%{_sysconfdir}/pki/%{name}/curl-ca-bundle.crt
# Install systemd and tmpfiles files
install -D -p -m 0644 %{SOURCE3} $RPM_BUILD_ROOT%{_unitdir}/%{name}.service
install -D -p -m 0644 %{SOURCE4} $RPM_BUILD_ROOT%{_tmpfilesdir}/%{name}.conf
install -D -p -m 0644 %{SOURCE5} $RPM_BUILD_ROOT%{_sysusersdir}/%{name}.conf
mkdir -p $RPM_BUILD_ROOT%{_rundir}/%{name}/
%pre
%sysusers_create_compat %{SOURCE5}
%post
%systemd_post %{name}.service
if [ ! -f %{sslkey} ]; then
umask 077
%{_bindir}/openssl genrsa 4096 > %{sslkey} 2> /dev/null
chown root:%{name} %{sslkey}
chmod 640 %{sslkey}
fi
if [ ! -f %{sslcert} ]; then
FQDN=`hostname 2> /dev/null`
if [ "x${FQDN}" = "x" ]; then
FQDN=localhost.localdomain
fi
%{_bindir}/openssl req -new -key %{sslkey} -x509 -sha256 -days 365 -set_serial $RANDOM -out %{sslcert} \
-subj "/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=${FQDN}/emailAddress=root@${FQDN}"
chmod 644 %{sslcert}
fi
%preun
%systemd_preun %{name}.service
%postun
%systemd_postun_with_restart %{name}.service
%files
%license LICENSE
%doc doc/Authors doc/coding-guidelines doc/tao.of.irc
%doc README.md doc/RELEASE-NOTES.md
%dir %attr(0750,root,%{name}) %{_sysconfdir}/pki/%{name}/
%{_sysconfdir}/pki/%{name}/curl-ca-bundle.crt
%dir %attr(0750,root,%{name}) %{_sysconfdir}/%{name}/
%config(noreplace) %attr(0640,root,%{name}) %{_sysconfdir}/%{name}/*.conf
%dir %attr(0750,root,%{name}) %{_sysconfdir}/%{name}/aliases/
%config(noreplace) %attr(0640,root,%{name}) %{_sysconfdir}/%{name}/aliases/*.conf
%dir %attr(0750,root,%{name}) %{_sysconfdir}/%{name}/help/
%config(noreplace) %attr(0640,root,%{name}) %{_sysconfdir}/%{name}/help/*.conf
%{_sysconfdir}/%{name}/tls
%{_unitdir}/%{name}.service
%{_sysusersdir}/%{name}.conf
%{_tmpfilesdir}/%{name}.conf
%{_bindir}/%{name}
%{_bindir}/unrealircdctl
%{_libdir}/%{name}/
%{?with_maxmind:%exclude %{_libdir}/%{name}/geoip_maxmind.so}
%dir %attr(0750,%{name},%{name}) %{_localstatedir}/cache/%{name}/
%dir %attr(0750,%{name},%{name}) %{_localstatedir}/lib/%{name}/
%dir %attr(0750,%{name},%{name}) %{_localstatedir}/lib/%{name}/tmp/
%dir %attr(0750,%{name},%{name}) %{_localstatedir}/log/%{name}/
%dir %attr(0755,%{name},%{name}) %{_rundir}/%{name}/
%if %{with maxmind}
%files maxmind
%{_libdir}/%{name}/geoip_maxmind.so
%endif
%changelog
* Sat Nov 19 2022 Robert Scheck <robert@fedoraproject.org> 6.0.4.2-1
- Upgrade to 6.0.4.2 (#2143921)
* Mon Aug 29 2022 Robert Scheck <robert@fedoraproject.org> 6.0.4.1-1
- Upgrade to 6.0.4.1 (#2122120)
* Fri Jul 29 2022 Robert Scheck <robert@fedoraproject.org> 6.0.4-3
- Added sysusers.d file to achieve user() and group() provides
* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 6.0.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Sat Jun 18 2022 Robert Scheck <robert@fedoraproject.org> 6.0.4-1
- Upgrade to 6.0.4 (#2090417)
* Sat Apr 02 2022 Robert Scheck <robert@fedoraproject.org> 6.0.3-1
- Upgrade to 6.0.3 (#2071197)
* Mon Mar 21 2022 Robert Scheck <robert@fedoraproject.org> 6.0.2-1
- Upgrade to 6.0.2 (#2038245)
* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 6.0.1.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Fri Dec 31 2021 Robert Scheck <robert@fedoraproject.org> 6.0.1.1-1
- Upgrade to 6.0.1.1 (#2033813)
* Thu Dec 30 2021 Robert Scheck <robert@fedoraproject.org> 6.0.1-1
- Upgrade to 6.0.1 (#2033813)
* Wed Dec 29 2021 Robert Scheck <robert@fedoraproject.org> 6.0.0-1
- Upgrade to 6.0.0 (#2033813)
* Wed Dec 29 2021 Robert Scheck <robert@fedoraproject.org> 5.2.3-1
- Upgrade to 5.2.3
* Sun Oct 03 2021 Robert Scheck <robert@fedoraproject.org> 5.2.2-1
- Upgrade to 5.2.2 (#2010085)
* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 5.2.1.1-3
- Rebuilt with OpenSSL 3.0.0
* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 5.2.1.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Sat Jul 10 2021 Robert Scheck <robert@fedoraproject.org> 5.2.1.1-1
- Upgrade to 5.2.1.1 (#1978927 #c2)
* Fri Jul 09 2021 Robert Scheck <robert@fedoraproject.org> 5.2.1-1
- Upgrade to 5.2.1 (#1978927)
* Fri Jun 25 2021 Robert Scheck <robert@fedoraproject.org> 5.2.0.2-1
- Upgrade to 5.2.0.2 (#1976246)
* Wed Jun 16 2021 Robert Scheck <robert@fedoraproject.org> 5.2.0.1-1
- Upgrade to 5.2.0.1 (#1972543)
* Tue Jun 15 2021 Robert Scheck <robert@fedoraproject.org> 5.2.0-1
- Upgrade to 5.2.0 (#1967860)
* Fri Mar 26 2021 Robert Scheck <robert@fedoraproject.org> 5.0.9.1-1
- Upgrade to 5.0.9.1 (#1943492)
* Sun Mar 21 2021 Robert Scheck <robert@fedoraproject.org> 5.0.9-1
- Upgrade to 5.0.9 (#1938404)
* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 5.0.8-3
- Rebuilt for updated systemd-rpm-macros
See https://pagure.io/fesco/issue/2583.
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 5.0.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Fri Jan 08 2021 Robert Scheck <robert@fedoraproject.org> 5.0.8-1
- Upgrade to 5.0.8 (#1911652)
* Sat Nov 07 2020 Robert Scheck <robert@fedoraproject.org> 5.0.7-2
- Remove build-time path from rpath (#1891370 #c1)
- Apply Fedora system-wide crypto policy (#1891370 #c1)
- License breakdown in spec file (#1891370 #c1)
* Sun Oct 18 2020 Robert Scheck <robert@fedoraproject.org> 5.0.7-1
- Upgrade to 5.0.7 (#1891370)
* Wed Apr 16 2008 Robert Scheck <robert@fedoraproject.org> 3.2.7-2
- Rebuild for openssl 0.9.8g and curl 7.18.0
* Thu Sep 06 2007 Robert Scheck <robert@fedoraproject.org> 3.2.7-1
- Upgrade to 3.2.7
* Sun Jun 10 2007 Robert Scheck <robert@fedoraproject.org> 3.2.6-2
- Rebuild for curl 7.16.2
* Sat Dec 23 2006 Robert Scheck <robert@fedoraproject.org> 3.2.6-1
- Upgrade to 3.2.6
* Sun Nov 05 2006 Robert Scheck <robert@fedoraproject.org> 3.2.5-2
- Enabled ziplinks and remote includes by linking zlib and curl
* Wed Nov 01 2006 Robert Scheck <robert@fedoraproject.org> 3.2.5-1
- Upgrade to 3.2.5 and rebuilt against glibc 2.5
* Sun May 07 2006 Robert Scheck <robert@fedoraproject.org> 3.2.4-3
- Added proxyscan 1.1 module for scanning open proxy servers (DNSBL,
HTTP-CONNECT and -POST, Socks 4 and 5, Wingate and Cisco routers)
* Mon Mar 20 2006 Robert Scheck <robert@fedoraproject.org> 3.2.4-2
- Install Anope IRC Services aliases configuration files
* Thu Mar 16 2006 Robert Scheck <robert@fedoraproject.org> 3.2.4-1
- Upgrade to 3.2.4 and rebuilt against gcc 4.1 and glibc 2.4
- Re-added nocodes, privdeaf, ircops, sanick and timedbans modules
- Backported native cgiirc support from latest UnrealIRCd CVS
* Sat Oct 22 2005 Robert Scheck <robert@fedoraproject.org> 3.2.3-5
- Added timedbans 1.0 module to provide timebased channel bans
- Added cgiirc 1.7 module for hostname rewriting at CGI:IRC webchats
- Added cmdflood 1.8 module to limit the use of IRC commands
- Added chgswhois 1.3 module for easy changing SWHOIS information
* Sat Aug 27 2005 Robert Scheck <robert@fedoraproject.org> 3.2.3-4
- Added uline 1.13 module for allowing u:lined network admins
- Added netadmins 1.8 module for having unkillable netadmins
- Fixed IPv6 problem with gcc 4.0 in a sane way from UnrealIRCd CVS
- Added clones 1.8 module for displaying users with the same IP
* Sun Aug 21 2005 Robert Scheck <robert@fedoraproject.org> 3.2.3-3
- Added sanick 1.2 module for changing as IRC op a user's nickname
- Show nick!user@host of the person who set the topic, rather nick
- Added privdeaf 0.0.6 module for avoiding private messages/notices
- Added ircops 3.6 module for displaying a list of all IRC operators
* Tue Aug 09 2005 Robert Scheck <robert@fedoraproject.org> 3.2.3-2
- Added the nocodes 0.1 module for striping bold, underlined etc.
- Show the modes a channel has set in the /list output
- Rebuilt against gcc 4.0.1 and glibc 2.3.90
* Mon Mar 21 2005 Robert Scheck <robert@fedoraproject.org> 3.2.3-1
- Upgrade to 3.2.3 and rebuilt against gcc 4.0
* Sun Feb 06 2005 Robert Scheck <robert@fedoraproject.org> 3.2.2b-3
- Fixed system user creation and logging behaviour
- Adapted unrealircd.conf default configuration file
* Sun Jan 30 2005 Robert Scheck <robert@fedoraproject.org> 3.2.2b-2
- Fixed initscript
* Sun Jan 16 2005 Robert Scheck <robert@fedoraproject.org> 3.2.2b-1
- Upgrade to 3.2.2b
* Mon Nov 29 2004 Robert Scheck <robert@fedoraproject.org> 3.2.2-1
- Upgrade to 3.2.2
- Initial spec file for Red Hat Linux and Fedora Core