From e9d48e920a2233ac3640faa91d5afc25da24dda0 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
Date: Sun, 6 Dec 2020 14:11:06 +0100
Subject: [PATCH] Update to upstream 1.1.2 release

---
 .gitignore                       |  2 ++
 ocserv-1.1.1-socketwrapper.patch | 19 -------------------
 ocserv.conf                      |  6 ------
 ocserv.spec                      |  8 +++++---
 sources                          |  4 ++--
 5 files changed, 9 insertions(+), 30 deletions(-)
 delete mode 100644 ocserv-1.1.1-socketwrapper.patch

diff --git a/.gitignore b/.gitignore
index 20cd616..48fba86 100644
--- a/.gitignore
+++ b/.gitignore
@@ -229,3 +229,5 @@
 /ocserv-1.1.0.tar.xz.sig
 /ocserv-1.1.1.tar.xz
 /ocserv-1.1.1.tar.xz.sig
+/ocserv-1.1.2.tar.xz
+/ocserv-1.1.2.tar.xz.sig
diff --git a/ocserv-1.1.1-socketwrapper.patch b/ocserv-1.1.1-socketwrapper.patch
deleted file mode 100644
index 9f8b3c9..0000000
--- a/ocserv-1.1.1-socketwrapper.patch
+++ /dev/null
@@ -1,19 +0,0 @@
-diff --git a/src/worker-privs.c b/src/worker-privs.c
-index ea503cd0..3d4d5fa4 100644
---- a/src/worker-privs.c
-+++ b/src/worker-privs.c
-@@ -166,6 +166,14 @@ int disable_system_calls(struct worker_st *ws)
- 	ADD_SYSCALL(fstat, 0);
- 	ADD_SYSCALL(lseek, 0);
- 
-+	/* if running under socketwrapper ensure we allow its calls */
-+	if (getenv("SOCKET_WRAPPER_DIR") != NULL) {
-+		ADD_SYSCALL(stat64, 0);
-+		ADD_SYSCALL(readlink, 0);
-+		ADD_SYSCALL(newfstatat, 0);
-+		ADD_SYSCALL(mmap, 0);
-+	}
-+
- 	ADD_SYSCALL(getsockopt, 0);
- 	ADD_SYSCALL(setsockopt, 0);
- 
diff --git a/ocserv.conf b/ocserv.conf
index 5daa176..d5e0814 100644
--- a/ocserv.conf
+++ b/ocserv.conf
@@ -89,12 +89,6 @@ auth = "pam"
 tcp-port = 443
 udp-port = 443
 
-# Accept connections using a socket file. It accepts HTTP
-# connections (i.e., without SSL/TLS unlike its TCP counterpart),
-# and uses it as the primary channel. That option cannot be
-# combined with certificate authentication.
-#listen-clear-file = /var/run/ocserv-conn.socket
-
 # The user the worker processes will be run as. It should be
 # unique (no other services run as this user).
 run-as-user = ocserv
diff --git a/ocserv.spec b/ocserv.spec
index e7178a9..7b9ad2f 100644
--- a/ocserv.spec
+++ b/ocserv.spec
@@ -1,5 +1,5 @@
-Version:	1.1.1
-Release: 5%{?dist}
+Version:	1.1.2
+Release: 1%{?dist}
 %global _hardened_build 1
 
 %if 0%{?fedora} || 0%{?rhel} >= 7
@@ -44,7 +44,6 @@ Source8:	ocserv-genkey
 Source9:	ocserv-script
 Source10:	gpgkey-56EE7FA9E8173B19FE86268D763712747F343FA7.gpg
 Source11:	ocserv.init
-Patch0:		ocserv-1.1.1-socketwrapper.patch
 
 # Taken from upstream:
 # http://git.infradead.org/ocserv.git/commitdiff/7d70006a2dbddf783213f1856374bacc74217e09
@@ -285,6 +284,9 @@ install -D -m 0755 %{SOURCE11} %{buildroot}/%{_initrddir}/%{name}
 %endif
 
 %changelog
+* Sat Dec  6 2020 Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com> - 1.1.2-1
+- Update to upstream 1.1.2 release
+
 * Mon Nov 23 2020 Nikos Mavrogiannopoulos <nmav@redhat.com> - 1.1.1-5
 - Rebuilt for ronn successor
 
diff --git a/sources b/sources
index b716d8a..9c321dd 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (ocserv-1.1.1.tar.xz) = 1173416f0d32f9faf98e539c8e73316a50ac93b519d1ade19374a3df865d10d975e13ac53e0c5a5e77c80f3605d7a810287b18b85b798887d227389761b54220
-SHA512 (ocserv-1.1.1.tar.xz.sig) = 9fe0f3e2ea4daaf1d053c2cdc87d38dc8256feb11c16f93e7e677500457914a82e659901f77f6ec4ca175fceeec74e3f8d001412c969c18dcf486545bac83393
+SHA512 (ocserv-1.1.2.tar.xz) = 8a145ff729414482c10ab763ac891e21f588fb8f61265fb4e6e61684a9b48c5fcaaafaad1ddcaeaf4ffad85377be45c002b628b27d9a7d08f5b403668f62c3f0
+SHA512 (ocserv-1.1.2.tar.xz.sig) = 3de64d1b4812c836ce809dd31adbf0ba7f2b11f408bb279bdd64f915be7c70b6601f098281e219a986febd0f5ddabaa6eba2448a0b9baf0ae025187b06aec3ce