%global _hardened_build 1 %global commit bb990b1bfb0e411f0613abdaf3b71fdce50a82cf %global shortcommit %(c=%{commit}; echo ${c:0:8}) # Requested upstream to do proper release so we dont need auto* tools # and we dont have github tar ball diffs # Reported old macro use AC_PROG_LIBTOOL https://github.com/scslab/tcpcrypt/pull/3 Summary: Opportunistically encrypt TCP connections Name: tcpcrypt Version: 0.4 Release: 0.3.%{shortcommit}%{?dist} Group: System Environment/Libraries License: BSD Url: http://tcpcrypt.org/ Source0: https://github.com/scslab/%{name}/archive/%{commit}/%{name}-%{commit}.tar.gz SOURCE1: tmpfiles-tcpcrypt.conf SOURCE2: tcpcryptd.service SOURCE3: tcpcryptd-firewall Requires: %{name}-libs%{?_isa} = %{version}-%{release} BuildRequires: openssl-devel libnetfilter_queue-devel libcap-devel BuildRequires: libtool, autoconf, automake BuildRequires: systemd Requires(post): systemd Requires(preun): systemd Requires(postun): systemd Requires(pre): shadow-utils %description Provides a protocol that attempts to encrypt (almost) all of your network traffic. Unlike other security mechanisms, Tcpcrypt works out of the box: it requires no configuration, no changes to applications, and your network connections will continue to work even if the remote end does not support %package devel Summary: Development package that includes the tcpcrypt header files Group: Development/Libraries Requires: %{name}%{?_isa} = %{version}-%{release} %description devel The devel package contains the tcpcrypt library and the include files %package libs Summary: Libraries used by tcpcryptd server and tcpcrypt-aware applications Group: Applications/System Requires(post): /sbin/ldconfig Requires(postun): /sbin/ldconfig %description libs Contains libraries used by tcpcryptd server and tcpcrypt-aware applications %prep %setup -qn %{name}-%{commit} %build # git snapsots only ./bootstrap.sh %configure --disable-static --disable-rpath make %{?_smp_mflags} %install make DESTDIR=%{buildroot} INSTALL="%{__install} -p" install install -m 0755 %{SOURCE3} %{buildroot}/%{_bindir} rm %{buildroot}%{_libdir}/*.la mkdir -p %{buildroot}%{_sysconfdir}/tmpfiles.d/ %{buildroot}/run/tcpcryptd install -D -m 0644 %{SOURCE1} %{buildroot}%{_tmpfilesdir}/tcpcrypt.conf mkdir -p %{buildroot}%{_unitdir} install -m 0755 %{SOURCE2} %{buildroot}/%{_unitdir}/tcpcryptd.service %files libs %doc README.markdown LICENSE %{_libdir}/libtcpcrypt.so.* %files %doc README.markdown LICENSE %{_bindir}/tcnetstat %{_bindir}/tcpcryptd %{_bindir}/tcpcryptd-firewall %{_bindir}/tcs %{_mandir}/man8/* %attr(0644,root,root) %{_tmpfilesdir}/tcpcrypt.conf %attr(0644,root,root) %{_unitdir}/tcpcryptd.service %attr(0755,tcpcryptd,tcpcryptd) %dir /run/tcpcryptd %files devel %{_libdir}/libtcpcrypt.so %dir %{_includedir}/tcpcrypt %{_includedir}/tcpcrypt/*.h %post libs -p /sbin/ldconfig %postun libs -p /sbin/ldconfig %pre getent group tcpcryptd >/dev/null || groupadd -r tcpcryptd getent passwd tcpcryptd >/dev/null || \ useradd -r -g tcpcryptd -d /var/run/tcpcryptd -s /sbin/nologin \ -c "tcpcrypt daemon account" tcpcrypt || exit 0 %post %systemd_post tcpcryptd.service %preun %systemd_preun tcpcryptd.service %postun %systemd_postun_with_restart tcpcryptd.service %changelog * Thu Jan 29 2015 Paul Wouters - 0.4-0.3.bb990b1b - fix groupadd - remove rm -rf buildroot in install target * Thu Jan 29 2015 Paul Wouters - 0.4-0.2.bb990b1b - Bundle tcpcrypd-firewall to start/stop the custom firewall rules - Use macros for tmpfiles - updated service file * Mon Jan 19 2015 Paul Wouters - 0.4-0.1.bb990b1b - Update to latest git, fix versioning * Mon Aug 25 2014 Paul Wouters - 0-3.cacd9789 - Enabled autoconf Buildrequires for snapshot release * Wed Aug 20 2014 Paul Wouters - 0-2.cacd9789 - Updated to latest git, removed patched merged upstream - Added systemd service file - Removed no longer needed rpath fixes * Fri Aug 08 2014 Paul Wouters - 0-1.c8b7efa - Patch for missing-call-to-chdir-with-chroot and missing-call-to-setgroups - Remove RPATH * Thu Jul 24 2014 Paul Wouters - 0-0.c8b7efa - Initial package for review