Update to upstream 1.1.2 release
This commit is contained in:
Nikos Mavrogiannopoulos
parent
1400361cdd
commit
e9d48e920a
|
|
@ -229,3 +229,5 @@
|
|||
/ocserv-1.1.0.tar.xz.sig
|
||||
/ocserv-1.1.1.tar.xz
|
||||
/ocserv-1.1.1.tar.xz.sig
|
||||
/ocserv-1.1.2.tar.xz
|
||||
/ocserv-1.1.2.tar.xz.sig
|
||||
|
|
|
|||
|
|
@ -1,19 +0,0 @@
|
|||
diff --git a/src/worker-privs.c b/src/worker-privs.c
|
||||
index ea503cd0..3d4d5fa4 100644
|
||||
--- a/src/worker-privs.c
|
||||
+++ b/src/worker-privs.c
|
||||
@@ -166,6 +166,14 @@ int disable_system_calls(struct worker_st *ws)
|
||||
ADD_SYSCALL(fstat, 0);
|
||||
ADD_SYSCALL(lseek, 0);
|
||||
|
||||
+ /* if running under socketwrapper ensure we allow its calls */
|
||||
+ if (getenv("SOCKET_WRAPPER_DIR") != NULL) {
|
||||
+ ADD_SYSCALL(stat64, 0);
|
||||
+ ADD_SYSCALL(readlink, 0);
|
||||
+ ADD_SYSCALL(newfstatat, 0);
|
||||
+ ADD_SYSCALL(mmap, 0);
|
||||
+ }
|
||||
+
|
||||
ADD_SYSCALL(getsockopt, 0);
|
||||
ADD_SYSCALL(setsockopt, 0);
|
||||
|
||||
|
|
@ -89,12 +89,6 @@ auth = "pam"
|
|||
tcp-port = 443
|
||||
udp-port = 443
|
||||
|
||||
# Accept connections using a socket file. It accepts HTTP
|
||||
# connections (i.e., without SSL/TLS unlike its TCP counterpart),
|
||||
# and uses it as the primary channel. That option cannot be
|
||||
# combined with certificate authentication.
|
||||
#listen-clear-file = /var/run/ocserv-conn.socket
|
||||
|
||||
# The user the worker processes will be run as. It should be
|
||||
# unique (no other services run as this user).
|
||||
run-as-user = ocserv
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
Version: 1.1.1
|
||||
Release: 5%{?dist}
|
||||
Version: 1.1.2
|
||||
Release: 1%{?dist}
|
||||
%global _hardened_build 1
|
||||
|
||||
%if 0%{?fedora} || 0%{?rhel} >= 7
|
||||
|
|
@ -44,7 +44,6 @@ Source8: ocserv-genkey
|
|||
Source9: ocserv-script
|
||||
Source10: gpgkey-56EE7FA9E8173B19FE86268D763712747F343FA7.gpg
|
||||
Source11: ocserv.init
|
||||
Patch0: ocserv-1.1.1-socketwrapper.patch
|
||||
|
||||
# Taken from upstream:
|
||||
# http://git.infradead.org/ocserv.git/commitdiff/7d70006a2dbddf783213f1856374bacc74217e09
|
||||
|
|
@ -285,6 +284,9 @@ install -D -m 0755 %{SOURCE11} %{buildroot}/%{_initrddir}/%{name}
|
|||
%endif
|
||||
|
||||
%changelog
|
||||
* Sat Dec 6 2020 Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com> - 1.1.2-1
|
||||
- Update to upstream 1.1.2 release
|
||||
|
||||
* Mon Nov 23 2020 Nikos Mavrogiannopoulos <nmav@redhat.com> - 1.1.1-5
|
||||
- Rebuilt for ronn successor
|
||||
|
||||
|
|
|
|||
4
sources
4
sources
|
|
@ -1,2 +1,2 @@
|
|||
SHA512 (ocserv-1.1.1.tar.xz) = 1173416f0d32f9faf98e539c8e73316a50ac93b519d1ade19374a3df865d10d975e13ac53e0c5a5e77c80f3605d7a810287b18b85b798887d227389761b54220
|
||||
SHA512 (ocserv-1.1.1.tar.xz.sig) = 9fe0f3e2ea4daaf1d053c2cdc87d38dc8256feb11c16f93e7e677500457914a82e659901f77f6ec4ca175fceeec74e3f8d001412c969c18dcf486545bac83393
|
||||
SHA512 (ocserv-1.1.2.tar.xz) = 8a145ff729414482c10ab763ac891e21f588fb8f61265fb4e6e61684a9b48c5fcaaafaad1ddcaeaf4ffad85377be45c002b628b27d9a7d08f5b403668f62c3f0
|
||||
SHA512 (ocserv-1.1.2.tar.xz.sig) = 3de64d1b4812c836ce809dd31adbf0ba7f2b11f408bb279bdd64f915be7c70b6601f098281e219a986febd0f5ddabaa6eba2448a0b9baf0ae025187b06aec3ce
|
||||
|
|
|
|||
Loading…
Reference in New Issue