%define majorversion 4
%define minorversion 29
%define buildversion 9680
%define dateversion 2019.02.28
%define buildrelease rtm

Name:           softethervpn
Version:        %{majorversion}.%{minorversion}.%{buildversion}
Release:        1%{?dist}
Summary:        An Open-Source Free Cross-platform Multi-protocol VPN Program

Group:          Applications/Internet
License:        GPLv2
URL:            http://www.softether.org/
Source0:        https://www.softether-download.com/files/softether/v%{majorversion}.%{minorversion}-%{buildversion}-%{buildrelease}-%{dateversion}-tree/Source_Code/softether-src-v%{majorversion}.%{minorversion}-%{buildversion}-%{buildrelease}.tar.gz

BuildRequires:  ncurses-devel
BuildRequires:	openssl-devel
BuildRequires:	readline-devel

Requires(post):		chkconfig
Requires(postun):	initscripts
Requires(preun):	chkconfig
Requires(preun):	initscripts

%description
SoftEther VPN is one of the world's most powerful and easy-to-use multi-protocol VPN software. It runs on Windows, Linux, Mac, FreeBSD, and Solaris.

%prep
%setup -q -n v%{majorversion}.%{minorversion}-%{buildversion}

%build
%ifarch i386 i686
cp %{_builddir}/v%{majorversion}.%{minorversion}-%{buildversion}/centos/SOURCES/linux_32bit.mak Makefile
%else
cp %{_builddir}/v%{majorversion}.%{minorversion}-%{buildversion}/centos/SOURCES/linux_64bit.mak Makefile
%endif
make

%install
rm -rf $RPM_BUILD_ROOT
make install DESTDIR=$RPM_BUILD_ROOT
install -m 755 -d $RPM_BUILD_ROOT/usr/bin/
install -m 755 -d $RPM_BUILD_ROOT/etc/rc.d/init.d
install -m 755 %{_builddir}/v%{majorversion}.%{minorversion}-%{buildversion}/centos/SOURCES/scripts/vpnserver $RPM_BUILD_ROOT/usr/bin/vpnserver
install -m 755 %{_builddir}/v%{majorversion}.%{minorversion}-%{buildversion}/centos/SOURCES/scripts/vpnbridge $RPM_BUILD_ROOT/usr/bin/vpnbridge
install -m 755 %{_builddir}/v%{majorversion}.%{minorversion}-%{buildversion}/centos/SOURCES/scripts/vpnclient $RPM_BUILD_ROOT/usr/bin/vpnclient
install -m 755 %{_builddir}/v%{majorversion}.%{minorversion}-%{buildversion}/centos/SOURCES/scripts/vpncmd $RPM_BUILD_ROOT/usr/bin/vpncmd
install -m 755 %{_builddir}/v%{majorversion}.%{minorversion}-%{buildversion}/centos/SOURCES/init.d/vpnserver $RPM_BUILD_ROOT/etc/rc.d/init.d/vpnserver

%clean
rm -rf $RPM_BUILD_ROOT

%files
%defattr(-,root,root,-)
%{_usr}/bin/vpnserver
%{_usr}/bin/vpnbridge
%{_usr}/bin/vpnclient
%{_usr}/bin/vpncmd
%{_usr}/vpnserver/hamcore.se2
%{_usr}/vpnserver/vpnserver
%{_usr}/vpnbridge/hamcore.se2
%{_usr}/vpnbridge/vpnbridge
%{_usr}/vpnclient/hamcore.se2
%{_usr}/vpnclient/vpnclient
%{_usr}/vpncmd/hamcore.se2
%{_usr}/vpncmd/vpncmd
%{_usr}/vpnserver/
%{_usr}/vpnbridge/
%{_usr}/vpnclient/
%{_usr}/vpncmd/
%{_initddir}/vpnserver
%doc AUTHORS.TXT BUILD_UNIX.TXT BUILD_WINDOWS.TXT ChangeLog ChangeLog.txt LICENSE LICENSE.TXT README README.TXT THIRD_PARTY.TXT WARNING.TXT

%post
/sbin/chkconfig --add vpnserver

#%postun
#if [ "$1" -ge "1" ]; then
#	/sbin/service vpnserver condrestart >/dev/null 2>&1 || :
#fi

%preun
if [ $1 -eq 0 ]; then
	/sbin/service vpnserver stop >/dev/null 2>&1
	/sbin/chkconfig --del vpnserver
fi

%changelog
* Thu Feb 28 2019 - 4.29.9680-rtm
- Switched the license of SoftEther VPN from GPLv2 to Apache License 2.0. Text messages on source codes and UIs have been modified.
- Supports 4-digit expiration date on X.509 certificates.
- Replaced SHA-0 implementation.
- Improved integrity and security of C source codes. Fixed several buffer overflows and integer overflows. Enforced NULL pointer checks. Fixed problems on the size of malloc() and Zero Memory functions. These problems include a vulnerability that a malformed packet will cause the buffer overflow at the receive path. This vulnerability may occur abnormal process exit with the buffer security check mechanism built-in with SoftEther VPN binary. Although this buffer overflow can theoretically bypass the security check in theory, in the actual binary it is detected by the buffer security check inserted by the C compiler and the process is forcibly terminated. Therefore, as a result, it can be abused by a DoS attacker. Acknowledgments: The last problems is discovered and reported by Fabrizio Steiner.
- Modified the behavior at the executing of the ethtool command to call just the command name instead of the full path.
- Fixed a single code on the SecureNAT function that SYN and ACK were reverse.
- Fixed the bug on the creating of SingleInstance objects that the temporary file will remain as a garbage after the file lock will fail on UNIX operating systems.
- Fixed the problem that the full path of the home directory will be sometimes obtained as wrong value on UNIX operating systems.
- Fixed the problem that processing the system datetime values which are before 1970-01-01.