-
Notifications
You must be signed in to change notification settings - Fork 1
/
xl2tpd.spec
355 lines (284 loc) · 13.7 KB
/
xl2tpd.spec
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
Summary: Layer 2 Tunnelling Protocol Daemon (RFC 2661)
Name: xl2tpd
Version: 1.2.7
Release: 4%{?dist}.R
# No version specified.
License: GPL+
Url: http://www.xelerance.com/software/xl2tpd/
Group: System Environment/Daemons
Source0: http://www.xelerance.com/software/xl2tpd/xl2tpd-%{version}.tar.gz
Patch00: xl2tpd.c.patch
Patch01: control.c.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires: ppp
%if 0%{?el3}%{?el4}
BuildRequires: libpcap
%else
BuildRequires: libpcap-devel
%endif
Requires(post): /sbin/chkconfig
Requires(preun): /sbin/chkconfig
Requires(preun): /sbin/service
%description
xl2tpd is an implementation of the Layer 2 Tunnelling Protocol (RFC 2661).
L2TP allows you to tunnel PPP over UDP. Some ISPs use L2TP to tunnel user
sessions from dial-in servers (modem banks, ADSL DSLAMs) to back-end PPP
servers. Another important application is Virtual Private Networks where
the IPsec protocol is used to secure the L2TP connection (L2TP/IPsec,
RFC 3193). The L2TP/IPsec protocol is mainly used by Windows and
Mac OS X clients. On Linux, xl2tpd can be used in combination with IPsec
implementations such as Openswan.
Example configuration files for such a setup are included in this RPM.
xl2tpd works by opening a pseudo-tty for communicating with pppd.
It runs completely in userspace.
xl2tpd supports IPsec SA Reference tracking to enable overlapping internak
NAT'ed IP's by different clients (eg all clients connecting from their
linksys internal IP 192.168.1.101) as well as multiple clients behind
the same NAT router.
xl2tpd supports the pppol2tp kernel mode operations on 2.6.23 or higher,
or via a patch in contrib for 2.4.x kernels.
Xl2tpd is based on the 0.69 L2TP by Jeff McAdams <[email protected]>
It was de-facto maintained by Jacco de Leeuw <[email protected]> in 2002 and 2003.
%prep
%setup -q
%patch00 -p1
%patch01 -p1
%build
make DFLAGS="$RPM_OPT_FLAGS -g -DDEBUG_HELLO -DDEBUG_CLOSE -DDEBUG_FLOW -DDEBUG_PAYLOAD -DDEBUG_CONTROL -DDEBUG_CONTROL_XMIT -DDEBUG_FLOW_MORE -DDEBUG_MAGIC -DDEBUG_ENTROPY -DDEBUG_HIDDEN -DDEBUG_PPPD -DDEBUG_AAA -DDEBUG_FILE -DDEBUG_FLOW -DDEBUG_HELLO -DDEBUG_CLOSE -DDEBUG_ZLB -DDEBUG_AUTH"
%install
rm -rf %{buildroot}
make DESTDIR=%{buildroot} PREFIX=%{_prefix} install
install -p -D -m644 examples/xl2tpd.conf %{buildroot}%{_sysconfdir}/xl2tpd/xl2tpd.conf
install -p -D -m644 examples/ppp-options.xl2tpd %{buildroot}%{_sysconfdir}/ppp/options.xl2tpd
install -p -D -m600 doc/l2tp-secrets.sample %{buildroot}%{_sysconfdir}/xl2tpd/l2tp-secrets
install -p -D -m600 examples/chapsecrets.sample %{buildroot}%{_sysconfdir}/ppp/chap-secrets.sample
install -p -D -m755 packaging/fedora/xl2tpd.init %{buildroot}%{_initrddir}/xl2tpd
install -p -D -m755 -d %{buildroot}%{_localstatedir}/run/xl2tpd
%clean
rm -rf %{buildroot}
%post
/sbin/chkconfig --add xl2tpd
%preun
if [ $1 -eq 0 ]; then
/sbin/service xl2tpd stop > /dev/null 2>&1
/sbin/chkconfig --del xl2tpd
fi
%postun
if [ $1 -ge 1 ]; then
/sbin/service xl2tpd condrestart 2>&1 >/dev/null
fi
%files
%defattr(-,root,root)
%doc BUGS CHANGES CREDITS LICENSE README.* TODO doc/rfc2661.txt
%doc doc/README.patents examples/chapsecrets.sample
%{_sbindir}/xl2tpd
%{_bindir}/pfc
%{_mandir}/*/*
%dir %{_sysconfdir}/xl2tpd
%config(noreplace) %{_sysconfdir}/xl2tpd/*
%config(noreplace) %{_sysconfdir}/ppp/*
%attr(0755,root,root) %{_initrddir}/xl2tpd
%dir %{_localstatedir}/run/xl2tpd
%changelog
* Tue Jul 19 2011 <[email protected]> - 1.2.7-4.R
- added patches for vpnpptp
* Mon Feb 07 2011 Fedora Release Engineering <[email protected]> - 1.2.7-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Tue Nov 30 2010 Paul Wouters <[email protected]> - 1.2.7-2
- fix md5 of init script in sources
* Tue Nov 30 2010 Paul Wouters <[email protected]> - 1.2.7-1
- Updated to 1.2.7
- Added more DEBUG build options to the make command
- Minor cleanups
* Sat Jan 09 2010 Paul Wouters <[email protected]> - 1.2.5-2
- Bump for EVR
* Sat Jan 09 2010 Paul Wouters <[email protected]> - 1.2.5-1
- Upgraded to 1.2.5. (fixes interop with two Windows machines behind same NAT)
- Fix mix space/tab in spec file
- Added missing keyword Default-Stop
* Mon Jul 27 2009 Fedora Release Engineering <[email protected]> - 1.2.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Sun Mar 08 2009 Paul Wouters <[email protected]> - 1.2.4-3
- Bump version for tagging mistake
* Sun Mar 08 2009 Paul Wouters <[email protected]> - 1.2.4-2
-Fix initscript for https://bugzilla.redhat.com/show_bug.cgi?id=247100
* Sun Mar 08 2009 Paul Wouters <[email protected]> - 1.2.4-1
- Upgraded to 1.2.4
- Merged spec file with upstream
* Thu Feb 26 2009 Fedora Release Engineering <[email protected]> - 1.2.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Thu Oct 9 2008 Paul Wouters <[email protected]> - 1.2.0-1
- Updated to new upstream release
* Sat Sep 6 2008 Tom "spot" Callaway <[email protected]> 1.1.12-3
- fix license tag
* Tue Feb 19 2008 Fedora Release Engineering <[email protected]> - 1.1.12-2
- Autorebuild for GCC 4.3
* Fri Oct 26 2007 Paul Wouters <[email protected]> 1.1.12-1
- Upgraded to new release upstream
- Removed l2tpd to xl2tpd migration in post
* Wed Aug 29 2007 Fedora Release Engineering <rel-eng at fedoraproject dot org> - 1.1.11-3
- Rebuild for selinux ppc32 issue.
* Sat Jul 28 2007 Paul Wouters <[email protected]> 1.1.11-2
- Upgraded to 1.1.11
- Include new split README.*
* Mon Mar 19 2007 Paul Wouters <[email protected]> 1.1.09-1
- Upgraded to 1.1.09
* Fri Feb 23 2007 Paul Wouters <[email protected]> 1.1.08-2
- Bump for EVR
* Fri Feb 23 2007 Paul Wouters <[email protected]> 1.1.08-1
- Upgraded to 1.1.08
- This works around the ppp-2.4.2-6.4 issue of not dying on SIGTERM
* Tue Feb 20 2007 Paul Wouters <[email protected]> 1.1.07-2
- Fixed version usage in source macro
* Tue Feb 20 2007 Paul Wouters <[email protected]> 1.1.07-1
- Upgraded to 1.1.07
- Added /var/run/xl2tpd to the spec file so this pacakge
owns /var/run/xl2tpd
* Thu Dec 7 2006 Paul Wouters <[email protected]> 1.1.06-5
- Changed space/tab replacing method
* Wed Dec 6 2006 Paul Wouters <[email protected]> 1.1.06-4
- Added -p to keep original timestamps
- Added temporary hack to change space/tab in init file.
- Added /sbin/service dependancy
* Tue Dec 5 2006 Paul Wouters <[email protected]> 1.1.06-3
- Added Requires(post) / Requires(preun)
- changed init file to create /var/run/xl2tpd fixed a tab/space
- changed control file to be within /var/run/xl2tpd/
* Tue Dec 5 2006 Paul Wouters <[email protected]> 1.1.06-2
- Changed Mr. Karlsen's name to not be a utf8 problem
- Fixed Obosoletes/Provides to be more specific wrt l2tpd.
- Added dist tag which accidentally got deleted.
* Mon Dec 4 2006 Paul Wouters <[email protected]> 1.1.06-1
- Rebased spec file on Fedora Extras copy, but using xl2tpd as package name
* Sun Nov 27 2005 Paul Wouters <[email protected]> 0.69.20051030
- Pulled up sourceforget.net CVS fixes.
- various debugging added, but debugging should not be on by default.
- async/sync conversion routines must be ready for possibility that the read
will block due to routing loops.
- refactor control socket handling.
- move all logic about pty usage to pty.c. Try ptmx first, if it fails try
legacy ptys
- rename log() to l2tp_log(), as "log" is a math function.
- if we aren't deamonized, then log to stderr.
- added install: and DESTDIR support.
* Thu Oct 20 2005 Paul Wouters <[email protected]> 0.69-13
- Removed suse/mandrake specifics. Comply for Fedora Extras guidelines
* Tue Jun 21 2005 Jacco de Leeuw <[email protected]> 0.69-12jdl
- Added log() patch by Paul Wouters so that l2tpd compiles on FC4.
* Sat Jun 4 2005 Jacco de Leeuw <[email protected]>
- l2tpd.org has been hijacked. Project moved back to SourceForge:
http://l2tpd.sourceforge.net
* Tue May 3 2005 Jacco de Leeuw <[email protected]>
- Small Makefile fixes. Explicitly use gcc instead of cc.
Network services library was not linked on Solaris due to typo.
* Thu Mar 17 2005 Jacco de Leeuw <[email protected]> 0.69-11jdl
- Choosing between SysV or BSD style ptys is now configurable through
a compile-time boolean "unix98pty".
* Fri Feb 4 2005 Jacco de Leeuw <[email protected]>
- Added code from Roaring Penguin (rp-l2tp) to support SysV-style ptys.
Requires the N_HDLC kernel module.
* Fri Nov 26 2004 Jacco de Leeuw <[email protected]>
- Updated the README.
* Wed Nov 10 2004 Jacco de Leeuw <[email protected]> 0.69-10jdl
- Patch by Marald Klein and Roger Luethi. Fixes writing PID file.
(http://l2tpd.graffl.net/msg01790.html)
Long overdue. Rereleasing 10jdl.
* Tue Nov 9 2004 Jacco de Leeuw <[email protected]> 0.69-10jdl
- [SECURITY FIX] Added fix from Debian because of a bss-based
buffer overflow.
(http://www.mail-archive.com/[email protected]/msg01071.html)
- Mandrake's FreeS/WAN, Openswan and Strongswan RPMS use configuration
directories /etc/{freeswan,openswan,strongswan}. Install our
configuration files to /etc/ipsec.d and create symbolic links in
those directories.
* Tue Aug 18 2004 Jacco de Leeuw <[email protected]>
- Removed 'leftnexthop=' lines. Not relevant for recent versions
of FreeS/WAN and derivates.
* Tue Jan 20 2004 Jacco de Leeuw <[email protected]> 0.69-9jdl
- Added "noccp" because of too much MPPE/CCP messages sometimes.
* Wed Dec 31 2003 Jacco de Leeuw <[email protected]>
- Added patch in order to prevent StopCCN messages.
* Sat Aug 23 2003 Jacco de Leeuw <[email protected]>
- MTU/MRU 1410 seems to be the lowest possible for MSL2TP.
For Windows 2000/XP it doesn't seem to matter.
- Typo in l2tpd.conf (192.168.128/25).
* Fri Aug 8 2003 Jacco de Leeuw <[email protected]> 0.69-8jdl
- Added MTU/MRU 1400 to options.l2tpd. I don't know the optimal
value but some apps had problems with the default value.
* Fri Aug 1 2003 Jacco de Leeuw <[email protected]>
- Added workaround for the missing hostname bug in the MSL2TP client
('Specify your hostname', error 629: "You have been disconnected
from the computer you are dialing").
* Thu Jul 20 2003 Jacco de Leeuw <[email protected]> 0.69-7jdl
- Added the "listen-addr" global parameter for l2tpd.conf. By
default, the daemon listens on *all* interfaces. Use
"listen-addr" if you want it to bind to one specific
IP address (interface), for security reasons. (See also:
http://www.jacco2.dds.nl/networking/freeswan-l2tp.html#Firewallwarning)
- Explained in l2tpd.conf that two different IP addresses should be
used for 'listen-addr' and 'local ip'.
- Modified init script. Upgrades should work better now. You
still need to start/chkconfig l2tpd manually.
- Renamed the example Openswan .conf files to better reflect
the situation. There are two variants using different portselectors.
Previously I thought Windows 2000/XP used portselector 17/0
and the rest used 17/1701. But with the release of an updated
IPsec client by Microsoft, it turns out that 17/0 must have
been a mistake: the updated client now also uses 17/1701.
* Mon Apr 10 2003 Jacco de Leeuw <[email protected]> 0.69-6jdl
- Changed sample chap-secrets to be valid only for specific
IP addresses.
* Thu Mar 13 2003 Bernhard Thoni <[email protected]>
- Adjustments for SuSE8.x (thanks, Bernhard!)
- Added sample chap-secrets.
* Thu Mar 6 2003 Jacco de Leeuw <[email protected]> 0.69-5jdl
- Replaced Dominique's patch by Damion de Soto's, which does not
depend on the N_HDLC kernel module.
* Wed Feb 26 2003 Jacco de Leeuw <[email protected]> 0.69-4jdl
- Seperate example config files for Win9x (MSL2TP) and Win2K/XP
due to left/rightprotoport differences.
Fixing preun for Red Hat.
* Mon Feb 3 2003 Jacco de Leeuw <[email protected]> 0.69-3jdl
- Mandrake uses /etc/freeswan/ instead of /etc/ipsec.d/
Error fixed: source6 was used for both PSK and CERT.
* Wed Jan 29 2003 Jacco de Leeuw <[email protected]> 0.69-3jdl
- Added Dominique Cressatti's pty patch in another attempt to
prevent the Windows 2000 Professional "loopback detected" error.
Seems to work!
* Wed Dec 25 2002 Jacco de Leeuw <[email protected]> 0.69-2jdl
- Added 'connect-delay' to PPP parameters in an attempt to
prevent the Windows 2000 Professional "loopback detected" error.
Didn't seem to work.
* Fri Dec 13 2002 Jacco de Leeuw <[email protected]> 0.69-1jdl
- Did not build on Red Hat 8.0. Solved by adding comments(?!).
Bug detected in spec file: chkconfig --list l2tpd does not work
on Red Hat 8.0. Not important enough to look into yet.
* Sun Nov 17 2002 Jacco de Leeuw <[email protected]> 0.69-1jdl
- Tested on Red Hat, required some changes. No gprintf. Used different
pty patch, otherwise wouldn't run. Added buildroot sanity check.
* Sun Nov 10 2002 Jacco de Leeuw <[email protected]>
- Specfile adapted from Mandrake Cooker. The original RPM can be
retrieved through:
http://www.rpmfind.net/linux/rpm2html/search.php?query=l2tpd
- Config path changed from /etc/l2tp/ to /etc/l2tpd/
(Seems more logical and rp-l2tp already uses /etc/l2tp/).
- Do not run at boot or install. The original RPM uses a config file
which is completely commented out, but it still starts l2tpd on all
interfaces. Could be a security risk. This RPM does not start l2tpd,
the sysadmin has to edit the config file and start l2tpd explicitly.
- Renamed patches to start with l2tpd-
- Added dependencies for pppd, glibc-devel.
- Use %%{name} as much as possible.
- l2tp-secrets contains passwords, thus should not be world readable.
- Removed dependency on rpm-helper.
* Mon Oct 21 2002 Lenny Cartier <[email protected]> 0.69-3mdk
- from Per 0yvind Karlsen <[email protected]> :
- PreReq and Requires
- Fix preun_service
* Thu Oct 17 2002 Per 0yvind Karlsen <[email protected]> 0.69-2mdk
- Move l2tpd from /usr/bin to /usr/sbin
- Added SysV initscript
- Patch0
- Patch1
* Thu Oct 17 2002 Per 0yvind Karlsen <[email protected]> 0.69-1mdk
- Initial release