%global _hardened_build 1 %global commit bb990b1bfb0e411f0613abdaf3b71fdce50a82cf %global shortcommit %(c=%{commit}; echo ${c:0:8}) Summary: Opportunistically encrypt TCP connections Name: tcpcrypt Version: 0.4 Release: 0.2.%{shortcommit}%{?dist} Group: System Environment/Libraries License: BSD Url: http://tcpcrypt.org/ Source0: https://github.com/scslab/%{name}/archive/%{commit}/%{name}-%{commit}.tar.gz SOURCE1: tmpfiles-tcpcrypt.conf SOURCE2: tcpcryptd.init Requires: %{name}-libs%{?_isa} = %{version}-%{release} BuildRequires: openssl-devel libnetfilter_queue-devel libcap-devel BuildRequires: libtool, autoconf, automake Requires(pre): shadow-utils Requires(preun): initscripts chkconfig Requires(post): /sbin/chkconfig Requires(preun): /sbin/chkconfig Requires(preun): /sbin/service %description Provides a protocol that attempts to encrypt (almost) all of your network traffic. Unlike other security mechanisms, Tcpcrypt works out of the box: it requires no configuration, no changes to applications, and your network connections will continue to work even if the remote end does not support %package devel Summary: Development package that includes the tcpcrypt header files Group: Development/Libraries Requires: %{name}%{?_isa} = %{version}-%{release} %description devel The devel package contains the tcpcrypt library and the include files %package libs Summary: Libraries used by tcpcryptd server and tcpcrypt-aware applications Group: Applications/System Requires(post): /sbin/ldconfig Requires(postun): /sbin/ldconfig %description libs Contains libraries used by tcpcryptd server and tcpcrypt-aware applications %prep %setup -qn %{name}-%{commit} %build # git snapsots only ./bootstrap.sh %configure --disable-static --disable-rpath make %{?_smp_mflags} %install rm -rf %{buildroot} make DESTDIR=%{buildroot} INSTALL="%{__install} -p" install rm %{buildroot}%{_libdir}/*.la mkdir -p %{buildroot}%{_localstatedir/run/tcpcryptd install -m 0755 %{SOURCE2} %{buildroot}%{_initrddir}/tcpcryptd %files libs %doc README.markdown LICENSE %{_libdir}/libtcpcrypt.so.* %files %doc README.markdown LICENSE %{_bindir}/tcnetstat %{_bindir}/tcpcryptd %{_bindir}/tcpcryptd-firewall %{_bindir}/tcs %{_mandir}/man8/* %attr(0755,tcpcryptd,tcpcryptd) %dir %{_localstatedir}/run/tcpcryptd %files devel %{_libdir}/libtcpcrypt.so %dir %{_includedir}/tcpcrypt %{_includedir}/tcpcrypt/*.h %post libs -p /sbin/ldconfig %postun libs -p /sbin/ldconfig %pre getent group tcpcryptd >/dev/null || groupadd -r tcpcryptd getent passwd tcpcryptd >/dev/null || \ useradd -r -g tcpcrypt -d /var/run/tcpcryptd -s /sbin/nologin \ -c "tcpcrypt daemon account" tcpcrypt || exit 0 %preun if [ $1 -eq 0 ]; then /sbin/service tcpcryptd stop > /dev/null 2>&1 || : /sbin/chkconfig --del tcpcryptd fi %postun if [ $1 -ge 1 ] ; then /sbin/service tcpcryptd condrestart 2>&1 >/dev/null || : fi %post /sbin/chkconfig --add tcpcryptd || : %changelog * Thu Jan 29 2015 Paul Wouters - 0.4-0.2.bb990b1b - initscript support * Mon Jan 19 2015 Paul Wouters - 0.4-0.1.bb990b1b - Update to latest git, fix versioning * Mon Aug 25 2014 Paul Wouters - 0-3.cacd9789 - Enabled autoconf Buildrequires for snapshot release * Wed Aug 20 2014 Paul Wouters - 0-2.cacd9789 - Updated to latest git, removed patched merged upstream - Added systemd service file - Removed no longer needed rpath fixes * Fri Aug 08 2014 Paul Wouters - 0-1.c8b7efa - Patch for missing-call-to-chdir-with-chroot and missing-call-to-setgroups - Remove RPATH * Thu Jul 24 2014 Paul Wouters - 0-0.c8b7efa - Initial package for review