Browse Source

iodine package update

Signed-off-by: webbuilder_pel7x64builder0 <webbuilder@powerel.org>
master
webbuilder_pel7x64builder0 6 years ago
parent
commit
826d26a46d
  1. 1090
      SOURCES/iodine-0.7.0.split-man.patch
  2. 6
      SOURCES/iodine-client.conf
  3. 103
      SOURCES/iodine-client.init
  4. 11
      SOURCES/iodine-client.service
  5. 6
      SOURCES/iodine-server.conf
  6. 103
      SOURCES/iodine-server.init
  7. 11
      SOURCES/iodine-server.service
  8. 7
      SOURCES/iodine.logrotate.client
  9. 7
      SOURCES/iodine.logrotate.server
  10. 306
      SPECS/iodine.spec

1090
SOURCES/iodine-0.7.0.split-man.patch

File diff suppressed because it is too large Load Diff

6
SOURCES/iodine-client.conf

@ -0,0 +1,6 @@ @@ -0,0 +1,6 @@
# You may provide password in two way, uncomment next line, or provide it in OPTIONS
#IODINE_PASS="my_cool_passwd"

# For more detailes see 'man iodine'
#OPTIONS="-P PASSWORD NAMESERVER DOMAIN"
OPTIONS=""

103
SOURCES/iodine-client.init

@ -0,0 +1,103 @@ @@ -0,0 +1,103 @@
#!/bin/sh
#
# iodine-client Startup script for the iodine client
#
# chkconfig: - 80 30
# description: iodine lets you tunnel IPv4 data through a DNS server

### BEGIN INIT INFO
# Provides: iodine-client
# Required-Start: $local_fs $network
# Required-Stop: $local_fs $network
# Should-Start:
# Should-Stop:
# Default-Start:
# Default-Stop: 0 1 2 3 4 5 6
# Short-Description: start and stop iodine-client
# Description: iodine lets you tunnel IPv4 data through a DNS server
### END INIT INFO

# Source function library.
. /etc/rc.d/init.d/functions

exec_short="iodine"
exec="/usr/sbin/${exec_short}"
prog="iodine-client"
logfile="/var/log/${prog}.log"

[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog

lockfile=/var/lock/subsys/$prog

start() {
[ -x $exec ] || exit 5
echo -n $"Starting $prog: "
daemon "/usr/bin/setsid $exec $OPTIONS >> $logfile 2>&1 &"
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}

stop() {
echo -n $"Stopping $prog: "
killproc $exec_short
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}

restart() {
stop
start
}

reload() {
restart
}

force_reload() {
restart
}

rh_status() {
status $exec_short
}

rh_status_q() {
rh_status >/dev/null 2>&1
}


case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
restart
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
exit 2
esac
exit $?

11
SOURCES/iodine-client.service

@ -0,0 +1,11 @@ @@ -0,0 +1,11 @@
[Unit]
Description=Iodine Client
After=local-fs.target network.target

[Service]
EnvironmentFile=-/etc/sysconfig/iodine-client
ExecStart=/usr/sbin/iodine $OPTIONS
StandardOutput=syslog

[Install]
WantedBy=multi-user.target

6
SOURCES/iodine-server.conf

@ -0,0 +1,6 @@ @@ -0,0 +1,6 @@
# You may provide password in two way, uncomment next line, or provide it in OPTIONS
#IODINED_PASS="my_cool_passwd"

# See `man iodine`
#OPTIONS="-P PASSWORD TUNNEL_IP DOMAIN"
OPTIONS=""

103
SOURCES/iodine-server.init

@ -0,0 +1,103 @@ @@ -0,0 +1,103 @@
#!/bin/sh
#
# iodine-server Startup script for the iodine server
#
# chkconfig: - 80 30
# description: iodine lets you tunnel IPv4 data through a DNS server

### BEGIN INIT INFO
# Provides: iodine-server
# Required-Start: $local_fs $network
# Required-Stop: $local_fs $network
# Should-Start:
# Should-Stop:
# Default-Start:
# Default-Stop: 0 1 2 3 4 5 6
# Short-Description: start and stop iodine-server
# Description: iodine lets you tunnel IPv4 data through a DNS server
### END INIT INFO

# Source function library.
. /etc/rc.d/init.d/functions

exec_short="iodined"
exec="/usr/sbin/${exec_short}"
prog="iodine-server"
logfile="/var/log/${prog}.log"

[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog

lockfile=/var/lock/subsys/$prog

start() {
[ -x $exec ] || exit 5
echo -n $"Starting $prog: "
daemon "/usr/bin/setsid $exec $OPTIONS >> $logfile 2>&1 &"
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}

stop() {
echo -n $"Stopping $prog: "
killproc $exec_short
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}

restart() {
stop
start
}

reload() {
restart
}

force_reload() {
restart
}

rh_status() {
status $exec_short
}

rh_status_q() {
rh_status >/dev/null 2>&1
}


case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
restart
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
exit 2
esac
exit $?

11
SOURCES/iodine-server.service

@ -0,0 +1,11 @@ @@ -0,0 +1,11 @@
[Unit]
Description=Iodine Server
After=local-fs.target network.target

[Service]
EnvironmentFile=-/etc/sysconfig/iodine-server
ExecStart=/usr/sbin/iodined $OPTIONS
StandardOutput=syslog

[Install]
WantedBy=multi-user.target

7
SOURCES/iodine.logrotate.client

@ -0,0 +1,7 @@ @@ -0,0 +1,7 @@
/var/log/iodine-client.log {
missingok
create 0600 root root
postrotate
/etc/init.d/iodine-client condrestart > /dev/null 2>&1 || :
endscript
}

7
SOURCES/iodine.logrotate.server

@ -0,0 +1,7 @@ @@ -0,0 +1,7 @@
/var/log/iodine-server.log {
missingok
create 0600 root root
postrotate
/etc/init.d/iodine-server condrestart > /dev/null 2>&1 || :
endscript
}

306
SPECS/iodine.spec

@ -0,0 +1,306 @@ @@ -0,0 +1,306 @@
#% global prerel -rc1

Name: iodine
Version: 0.7.0
Release: 1%{?dist}
Summary: Solution to tunnel IPv4 data through a DNS server
Summary(ru): Решение для туннелирования IPv4 трафика через DNS сервер
Group: System Environment/Daemons
License: ISC
URL: http://code.kryo.se/iodine/
Source0: http://code.kryo.se/%{name}/%{name}-%{version}%{?prerel}.tar.gz
# Initscripts and separate configs made by Nikolay Ulyanitsky
Source1: %{name}-client.conf
Source2: %{name}-server.conf

Source3: %{name}-client.init
Source4: %{name}-server.init

Source5: %{name}.logrotate.client
Source6: %{name}.logrotate.server

Source7: %{name}-client.service
Source8: %{name}-server.service

# It still needed for EPEL5
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)

# http://dev.kryo.se/iodine/ticket/119
Patch1: iodine-0.7.0.split-man.patch

BuildRequires: zlib-devel
Requires(post): chkconfig
Requires(preun): chkconfig, initscripts
Requires(postun): initscripts

BuildRequires: systemd

Requires: %{name}-client
Requires: %{name}-server

%description
iodine lets you tunnel IPv4 data through a DNS server. This can be usable in
different situations where internet access is firewalled, but DNS queries are
allowed.

It runs on Linux, Mac OS X, FreeBSD, NetBSD, OpenBSD and Windows and needs a
TUN/TAP device. The bandwidth is asymmetrical with limited upstream and up to
1 Mbit/s downstream.

This is meta-package to install both client and server.
It also contain three documantation files: CHANGELOG, README, TODO.

%description -l ru
iodine предоставляет возможность пробросить IPv4 туннель сквозь DNS сервер.
Это может быть очень полезно в разных ситуациях, когда доступ в интернет
запрещён фаерволом, но DNS запросы пропускаются нормально.

Iodine работает на Linux, Mac OS X, FreeBSD, NetBSD, OpenBSD и Windows и
использует TUN/TAP устройство. Пропускная способность асимметрична - аплоад не
быстр, скачивание до 1 Mbit/s.

Это мета-пакет для инсталляции обоих пакетов, клиента и сервера.
Он также содержит 3 файла документации: CHANGELOG, README, TODO.

%package client
Summary: Client part of solution to tunnel IPv4 data through a DNS server
Summary(ru): Клиент для туннелирования IPv4 трафика через DNS сервер
Requires(post): systemd
Requires(preun): systemd
Requires(postun): systemd
# This is actually needed for the %%triggerun script but Requires(triggerun)
# is not valid. We can use %%post because this particular %%triggerun script
# should fire just after this package is installed.
Requires(post): systemd-sysv
Provides: bundled(md5-deutsch)

%description client
This is the client part of iodine sulution.

%description client -l ru
Это пакет клиентской части.

%package client-sysvinit
Summary: Legacy sysvinit scripts for cleint daemon
Summary(ru): Устаревшие скрипты инициализации клиента в стиле sysvinit
Requires(post): chkconfig
Requires(preun): chkconfig, initscripts
Requires(postun): initscripts

%description client-sysvinit
May be needed f.e. on CentOS.

%description client-sysvinit -l ru
Могут понадобиться например на CentOS.

%package server
Summary: Server part of solution to tunnel IPv4 data through a DNS server
Summary(ru): Сервер для туннелирования IPv4 трафика через DNS сервер
Requires(post): systemd
Requires(preun): systemd
Requires(postun): systemd
# This is actually needed for the %%triggerun script but Requires(triggerun)
# is not valid. We can use %%post because this particular %%triggerun script
# should fire just after this package is installed.
Requires(post): systemd-sysv
# /sbin/ifconfig and /sbin/route (bz#922225)
Requires: net-tools
Provides: bundled(md5-deutsch)

%description server
This is the server part of iodine solution.

%description server -l ru
Это пакет серверной части

%package server-sysvinit
Summary: Legacy sysvinit scripts for server daemon
Summary(ru): Устаревшие скрипты инициализации сервера в стиле sysvinit
Requires(post): chkconfig
Requires(preun): chkconfig, initscripts
Requires(postun): initscripts

%description server-sysvinit
May be needed f.e. on CentOS.

%description client-sysvinit -l ru
Могут понадобиться например на CentOS.

%prep
%setup -q -n %{name}-%{version}%{?prerel}
%patch1 -p1 -b .split-man

%build
# It is fail to build without -c gcc flag (comes from upstream Makefile).
make %{?_smp_mflags} prefix=%{_prefix} CFLAGS="-c %{optflags} -DLINUX"

%install
make install prefix=%{buildroot}%{_prefix}

install -Dp -m 0644 %{SOURCE1} %{buildroot}/%{_sysconfdir}/sysconfig/%{name}-client
install -Dp -m 0644 %{SOURCE2} %{buildroot}/%{_sysconfdir}/sysconfig/%{name}-server

install -Dp -m 0755 %{SOURCE3} %{buildroot}/%{_initrddir}/%{name}-client
install -Dp -m 0755 %{SOURCE4} %{buildroot}/%{_initrddir}/%{name}-server

install -Dp -m 0644 %{SOURCE5} %{buildroot}/%{_sysconfdir}/logrotate.d/%{name}-client
install -Dp -m 0644 %{SOURCE6} %{buildroot}/%{_sysconfdir}/logrotate.d/%{name}-server

install -Dp -m 0644 %{SOURCE7} %{buildroot}/%{_unitdir}/%{name}-client.service
install -Dp -m 0644 %{SOURCE8} %{buildroot}/%{_unitdir}/%{name}-server.service

%post client
%systemd_post %{name}-client.service

%preun client
%systemd_preun %{name}-client.service

%postun client
%systemd_postun_with_restart %{name}-client.service

%post client-sysvinit
/sbin/chkconfig --add %{name}-client

%post server-sysvinit
/sbin/chkconfig --add %{name}-server

%preun client-sysvinit
if [ $1 = 0 ] ; then
/sbin/service %{name}-client stop >/dev/null 2>&1
/sbin/chkconfig --del %{name}-client
fi

%post server
%systemd_post %{name}-server.service

%preun server
%systemd_preun %{name}-server.service

%postun server
%systemd_postun_with_restart %{name}-server.service

%preun server-sysvinit
if [ $1 = 0 ] ; then
/sbin/service %{name}-server stop >/dev/null 2>&1
/sbin/chkconfig --del %{name}-server
fi

%postun client-sysvinit
if [ "$1" -ge "1" ] ; then
/sbin/service %{name}-client condrestart >/dev/null 2>&1 || :
fi

%postun server-sysvinit
if [ "$1" -ge "1" ] ; then
/sbin/service %{name}-server condrestart >/dev/null 2>&1 || :
fi

# https://fedoraproject.org/wiki/Packaging:ScriptletSnippets#Systemd
%triggerun -- %{name}-client < 0.6.0-0.rc1.9
/usr/bin/systemd-sysv-convert --save %{name}-client >/dev/null 2>&1 ||:

# Run these because the SysV package being removed won't do them
/sbin/chkconfig --del %{name}-client >/dev/null 2>&1 || :
/bin/systemctl try-restart %{name}-client.service >/dev/null 2>&1 || :

%triggerun -- %{name}-server < 0.6.0-0.rc1.9
/usr/bin/systemd-sysv-convert --save %{name}-server >/dev/null 2>&1 ||:

# Run these because the SysV package being removed won't do them
/sbin/chkconfig --del %{name}-client >/dev/null 2>&1 || :
/bin/systemctl try-restart %{name}-server.service >/dev/null 2>&1 || :

# https://fedoraproject.org/wiki/Packaging:SysVInitScript#Initscripts_in_addition_to_systemd_unit_files
%triggerpostun -n %{name}-client-sysvinit -- %{name}-client < 0.6.0-0.rc1.9
/sbin/chkconfig --add %{name}-client >/dev/null 2>&1 || :

%triggerpostun -n %{name}-server-sysvinit -- %{name}-server < 0.6.0-0.rc1.9
/sbin/chkconfig --add %{name}-server >/dev/null 2>&1 || :

%files
%doc CHANGELOG README TODO

%files client
%{_sbindir}/%{name}
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/%{name}-client
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}-client
%{_initrddir}/%{name}-client
%{_mandir}/man8/%{name}.8.gz
%{_unitdir}/%{name}-client.service

%files server
%{_sbindir}/%{name}d
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/%{name}-server
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}-server
%{_initrddir}/%{name}-server
%{_mandir}/man8/%{name}d.8.gz
%{_unitdir}/%{name}-server.service

%changelog
* Tue Jul 22 2014 Pavel Alexeev <Pahan@Hubbitus.info> - 0.7.0-1
- Update to 0.7.0 to fix CVE-2014-4168 iodine: authentication bypass vulnerability (bz#1110339, bz#1110338 [bz#1110340, bz#1110341, bz#1110342]).
- Drop old Patch0: iodine-0.5.2-prefix.patch
- Rebase iodine-0.6.0-rc1.split-man.patch -> iodine-0.7.0.split-man.patch
- Some spec cleanup.

* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6.0-0.rc1.12.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

* Tue Jan 7 2014 Pavel Alexeev <Pahan@Hubbitus.info> - 0.6.0-0.rc1.12
- Step to systemd macroses (#850160)

* Tue Jan 7 2014 Pavel Alexeev <Pahan@Hubbitus.info> - 0.6.0-0.rc1.11
- Add Provides: bundled(md5-deutsch) to client and server sub-packages (#1046028)

* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6.0-0.rc1.10.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild

* Sun Apr 14 2013 Pavel Alexeev <Pahan@Hubbitus.info> - 0.6.0-0.rc1.10
- Add Requires: net-tools (bz#922225) for server package.

* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6.0-0.rc1.9.2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild

* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6.0-0.rc1.9.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

* Thu Feb 23 2012 Pavel Alexeev <Pahan@Hubbitus.info> - 0.6.0-0.rc1.9
- Introduce systemd support. Move legacy sysvinit part into subpackages (bz#789697).

* Sun Jan 8 2012 Pavel Alexeev <Pahan@Hubbitus.info> - 0.6.0-0.rc1.8
- Split man pages also.

* Mon Jan 2 2012 Pavel Alexeev <Pahan@Hubbitus.info> - 0.6.0-0.rc1.7
- By request bz#758930 split to subpackages.

* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6.0-0.rc1.6.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

* Tue Oct 26 2010 Pavel Alexeev <Pahan@Hubbitus.info> - 0.6.0-0.rc1.6
- Add -DLINUX to build options (BZ#644310, thanks to Andy Shevchenko)
- Fix service scripts to find binaries in /usr/sbin instead of /usr/bin (BZ#644299 thanks to Andy Shevchenko)
- Add 0600 file attributes to prevent password access from regular users (BZ#644305).
- In comments configs add IODINE(D)_PASS variables description (BZ#644317).

* Wed Sep 29 2010 jkeating - 0.6.0-0.rc1.4.2
- Rebuilt for gcc bug 634757

* Wed Sep 29 2010 jkeating - 0.6.0-0.rc1.4.1
- Rebuilt for gcc bug 634757

* Sun Sep 12 2010 Pavel Alexeev <Pahan@Hubbitus.info> - 0.6.0-0.rc1.4
- Build new version 0.6.0rc1
- Define prerel.

* Sat Mar 6 2010 Pavel Alexeev <Pahan@Hubbitus.info> - 0.5.2-3
- Honor CFLAGS

* Mon Feb 22 2010 Pavel Alexeev <Pahan@Hubbitus.info> - 0.5.2-2
- Import some items from Nikolay Ulyanitsky package ( https://bugzilla.redhat.com/show_bug.cgi?id=530747#c1 ):
o Add initscripts support (modified)
o Add logrotate support
o Exclude README-win32.txt and respective delete dos2unix BR.
o Add BR zlib-devel

* Sat Oct 24 2009 Pavel Alexeev <Pahan@Hubbitus.info> - 0.5.2-1
- Initial spec.
Loading…
Cancel
Save