openvpn-down-root-plugin-2.1.4-11.14.1>t  DH`pM_iG/=„ȚXz06:&igNJYc%j_)8)A6=CmE?Tg|6T Y@䙱g^*1$Mzg"}w5(w4:ӏeL &Xm#_FV*5**K|+ 0y|{[Qe=إ$#S+Xmqy]6KI_bcNҜ>- -!){xi52eed4bb9b62c2e66bf306d4fc1846654b69b7b4)*M_iG/=„>V画hfَ:[` CPd P- U]"bdi55pӅkĩ@UXȪ]$#hrדK=끬zC%1[}xq\ í4[Cu%X 9GHeo)S7>7SYn< 'ja-^&6K4L0\ފ l U6,`(|viyhMV_ಗ8)`kf(5UN!xֶDrR53^p'>5?d! ) B $*04 6 8 < ] `din(8 9 : FHG\H`IdXhYt\]^bcRdeflzCopenvpn-down-root-plugin2.1.411.14.1OpenVPN down-root pluginThe OpenVPN down-root plugin allows an OpenVPN configuration to call a down script with root privileges, even when privileges have been dropped using --user/--group/--chroot. This module uses a split privilege execution model which will fork() before OpenVPN drops root privileges, at the point where the --up script is usually called. The plugin will then remain in a wait state until it receives a message from OpenVPN via pipe to execute the down script. Thus, the down script will be run in the same execution environment as the up script. Authors: -------- James Yonan M_iNbuild24%openSUSE 11.4openSUSEGPLv2+ ; LGPLv2.1+http://bugs.opensuse.orgProductivity/Networking/Securityhttp://openvpn.net/linuxi586%M_iI4dfe45f2e3012a2b30d07e00b99f2057rootrootopenvpn-2.1.4-11.14.1.src.rpmopenvpn-down-root.soopenvpn-down-root-pluginopenvpn-down-root-plugin(x86-32)  @@@@ openvpnrpmlib(PayloadFilesHavePrefix)rpmlib(CompressedFileNames)libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.3.4)rpmlib(PayloadIsLzma)2.1.44.0-13.0.4-14.4.6-14.8.0M] Lr@LzLk@L%@K@K*@J@J/@Imt@suse.demt@suse.decristian.rodriguez@opensuse.orgmt@suse.deanschneider@exsuse.demt@suse.demt@suse.demt@suse.demt@suse.demt@suse.de- Added X-Interactive: true LSB tag to the init script.- Updated to openvpn 2.1.4, providing several bug fixes and improvements, such as: * Fix of a problem with special case route targets * Try to ensure, that the tun/tap interface gets closed on non-graceful aborts. * Several AUTH_FAILED reporting fixes causing the connection to fail without any error indication. * Enable exponential backoff in reliability layer retransmits. * Proxy improvements Please review the ChangeLog file for a complete and exact list.- Do not include build date in binaries- Improved netconfig based client up and down sample scripts.- Added netconfig based client up and down scripts to samples.- Updated to openvpn 2.1.1; linux related changes since 2.1_rc20: * Fixed a couple issues in sample plugins auth-pam.c and down-root.c. (1) Fail gracefully rather than segfault if calloc returns NULL. (2) The openvpn_plugin_abort_v1 function can potentially be called with handle == NULL. Add code to detect this case, and if so, avoid dereferencing pointers derived from handle (Thanks to David Sommerseth for finding this bug). * Documented "multihome" option in the man page. * Added a hard failure when peer provides a certificate chain with depth > 16. Previously, a warning was issued. * Added additional session renegotiation hardening. OpenVPN has always required that mid-session renegotiations build up a new SSL/TLS session from scratch. While the client certificate common name is already locked against changes in mid-session TLS renegotiations, we now extend this locking to the auth-user-pass username as well as all certificate content in the full client certificate chain. - Improved openvpn init script adding messages giving a hint about pid write failure and to look into the log messages (bnc#559041). - Added -fno-strict-aliasing to compile flags in the spec file.- Updated to openvpn 2.1 2.1_rc20, fixing problems in route and option handling provided by the from server (bnc#552440). For complete list of changes, see ChangeLog file, here just the IMO most important: * Fixed a bug introduced in 2.1_rc17 (svn r4436) where using the redirect-gateway option by itself, without any extra parameters, would cause the option to be ignored. * Optimized PUSH_REQUEST handshake sequence to shave several seconds off of a typical client connection initiation. * The maximum number of "route" directives (specified in the config file or pulled from a server) can now be configured via the new "max-routes" directive. * Eliminated the limitation on the number of options that can be pushed to clients, including routes. Previously, all pushed options needed to fit within a 1024 byte options string. * Added --server-poll-timeout option : when polling possible remote servers to connect to in a round-robin fashion, spend no more than n seconds waiting for a response before trying the next server. * Added the ability for the server to provide a custom reason string when an AUTH_FAILED message is returned to the client. This string can be set by the server-side managment interface and read by the client-side management interface. * client-kill management interface command, when issued on server, will now send a RESTART message to client. This feature is intended to make UDP clients respond the same as TCP clients in the case where the server issues a RESTART message in order to force the client to reconnect and pull a new options/route list.- Added network-remotefs to init script dependencies (bnc#522279).- Updated to openvpn 2.1 [2.1_rc18] series (fate#305289). - Enabled pkcs11-helper for openSUSE > 10.3 (bnc#487558). - Adopted spec file and patches, improved init script. - Disabled installation of easy-rsa for Windows.- Improved init script to show config name in action messages and allow to specify a config name in the second argument.build24 1298098510 [2.1.4-11.14.12.1.4-11.14.1openvpn-down-root.so/usr/lib/openvpn/plugin/lib/-fomit-frame-pointer -fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -gobs://build.opensuse.org/openSUSE:11.4/standard/0d54ec8382691d9c616df52629feb5d4-openvpncpiolzma5i586-suse-linux2 k# ~{z%X%?] cMB lb&.^s0 A|*# \E@H#稅.bH$vȝV·/!xDa?ͷkZz3 [STي妻(dYqF\7gޫk\98STNH #pF&)V(cj'&;I;"HK(7((ҏl9{ot=RF4}l-]X>D压@IԮA!WJ!U+ɀEOk#wấ'za$jZ XE=al1#]z3XɆnjStS7V2-[L'[;9-Wre+̔%բ솮DAf2h oah\2Bذ`qL+)A͉4Mh j-xEUH!13ơRX#88E YNx9)›jNHJpL ,=Q+L\`0Gc;Ar?E#zf%؀JW56n@ļ ) *Q1GF?umcOls7=N=8%4 WG`>gʲBoҞw#$zHJnRדj.khh(HRR0tIG@Z2ϖl\'tʸrt1qF5ϸaHܢpf z[A` xz#Vshջp-/Qݐڑ] ]'ANO= ܃X>uFQ)_sSjl-f" \%(c*Vm^S$/Kzҩ?N.٪D.!iطBP-Pz#WM ~An:+@u=G07{kldvS[Dj(SH(@Ֆ^ܨJvxH/oXT/x)uݿ"=71L70)QaRiaJJp!- !Vy!G#DJkO#ӛ[W<3MpK.J;ۢmxorzSח,70)vI/O.M) uN1@@ׁ3mzP&yJKcCxM&<ė w9%tS ܺMW)t+Ϻ\PgCycN/HVJ{OpޚN9i<W tN9. 3zdth">=֒N%{=i 5}Ԓb(kKT`њ獏Cج]6O`xԭEnj DM!{m: f&u  ŽQ۶Sq4@Q U͞dV?eDlIlZR.@7iw_tg[zX/?,/!(!S)T#2R}D!E2>Fhڸk32`Y֑u4|XAM%2M*Um wgf kB3ZӡEKP>hzP7QƂ/S`p FFnmRNmy,Ё63 C?82&ub$>L,H:1WxZ!5܃+]/!cSۉRcV뿪X3ӧ~N;mȀ뻇IYt.E^.*K/ː,RgӁ41y@g`c>se?Zbm=g^A SXƩu0;]|| L畊: @%-M 盲K/ +{'N=c^X fWW<l J3TGk QZt &t;lJ uxQ%KU{'}Ec\)9h+F@ۿW) 6yڀ9HJ7]q4-M|X/?+BoRC,iDC`[:OgujwC$SrEAk+癭jqK.ѥ$־+HyVzqus_'1\9Ma];:C?dѓ'_J뺩{]ץpcד;-=Tǧ;MwnsjƐePn-\t6"AG|ZW<DapY'U%ͪ#$5NeI@1uuqvj/"`{VP̮+Vw+κ}zރ0y3<.h6bS*&j