]> git.pld-linux.org Git - packages/freeswan.git/blob - freeswan.spec
projects / packages / freeswan.git / blob
? search:


09fba8388ab699c2e74b3915719941d120745960
[packages/freeswan.git] / freeswan.spec
1 # Conditional builds
2 %bcond_with     NAT             # with NAT-Traversal
3 %bcond_without  x509            # without x509 support
4 %bcond_without  dist_kernel     # without sources of distribution kernel
5 %bcond_without  modules         # build only library+programs, no kernel modules
6 #
7 %define x509ver         x509-1.4.8
8 %define nat_tr_ver      0.6
9 %define _25x_ver        20030825
10 Summary:        Free IPSEC implemetation
11 Summary(pl):    Publicznie dostêpna implementacja IPSEC
12 Name:           freeswan
13 Version:        2.04
14 %define _rel    0.1
15 Release:        %{_rel}
16 License:        GPL
17 Group:          Networking/Daemons
18 Source0:        ftp://ftp.xs4all.nl/pub/crypto/freeswan/%{name}-%{version}.tar.gz
19 # Source0-md5:  37a15f760ca43317fe7c5d6e6859689c
20 Source1:        http://www.mif.pg.gda.pl/homepages/ankry/man-PLD/%{name}-pl-man-pages.tar.bz2
21 # Source1-md5:  6bd0b509015a2795cfb895aaab0bbc55
22 Source2:        http://www.strongsec.com/freeswan/%{x509ver}-%{name}-%{version}.tar.gz
23 # Source2-md5:  d5ff93ed3dc33afcc3ab5d00ca11008b
24 Source3:        http://open-source.arkoon.net/freeswan/NAT-Traversal-%{nat_tr_ver}.tar.gz
25 # Source3-md5:  6858a8535aa2611769d17e86e6735db2
26 Patch0:         %{name}-showhostkey.patch
27 Patch1:         %{name}-init.patch
28 Patch2:         %{name}-paths.patch
29 Patch3:         %{name}-confread.patch
30 URL:            http://www.freeswan.org/
31 BuildRequires:  gmp-devel
32 BuildRequires:  rpmbuild(macros) >= 1.118
33 Requires:       rc-scripts
34 %{?with_dist_kernel:%{?with_modules:BuildRequires:      kernel-doc}}
35 %{?with_dist_kernel:%{?with_modules:BuildRequires:      kernel-headers}}
36 %{?with_dist_kernel:%{?with_modules:BuildRequires:      kernel-source}}
37 Requires(post,preun):   /sbin/chkconfig
38 Requires:       gawk
39 Requires:       gmp
40 # XFree86 is required to use usefull lndir
41 %{?with_dist_kernel:%{?with_modules:BuildRequires:      XFree86}}
42 BuildRoot:      %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
43
44 %description
45 This package contains FreeS/WAN daemon and utilities. FreeS/WAN is a
46 free implementation of the IPsec protocol for Linux. It allows to
47 build secure tunnels through untrusted networks. The basic idea of
48 IPsec is to provide security functions (authentication and encryption)
49 at the IP (Internet Protocol) level.
50
51 %description -l pl
52 Ten pakiet zawiera demona i narzêdzia FreeS/WAN. FreeS/WAN jest woln±
53 implementacj± protoko³u IPsec dla Linuksa. Umo¿liwia zestawianie
54 bezpiecznych tuneli przez niezaufane sieci. Podstawowa idea IPsec to
55 zapewnienie funkcji bezpieczeñstwa (autentykacji i szyfrowania) na
56 poziomie IP.
57
58 %package -n kernel-net-ipsec
59 Summary:        Kernel module for Linux IPSEC
60 Summary(pl):    Modu³ j±dra dla IPSEC
61 Release:        %{_rel}@%{_kernel_ver_str}
62 Group:          Base/Kernel
63 %{?with_dist_kernel:%requires_releq_kernel_up}
64 Requires:       modutils >= 2.4.6-4
65 Requires(post,postun):  /sbin/depmod
66 Requires:       %{name} = %{version}
67 Conflicts:      kernel <= 2.4.20-9
68
69 %description -n kernel-net-ipsec
70 Kernel module for FreeS/WAN.
71
72 %description -n kernel-net-ipsec -l pl
73 Modu³ j±dra wykorzystywany przez FreeS/WAN.
74
75 %package -n kernel-smp-net-ipsec
76 Summary:        SMP kernel module for Linux IPSEC
77 Summary(pl):    Modu³ j±dra SMP dla IPSEC
78 Release:        %{_rel}@%{_kernel_ver_str}
79 Group:          Base/Kernel
80 %{?with_dist_kernel:%requires_releq_kernel_up}
81 Requires:       modutils >= 2.4.6-4
82 Requires(post,postun):  /sbin/depmod
83 Requires:       %{name} = %{version}
84 Conflicts:      kernel-smp <= 2.4.20-9
85
86 %description -n kernel-smp-net-ipsec
87 SMP kernel module for FreeS/WAN.
88
89 %description -n kernel-smp-net-ipsec -l pl
90 Modu³ j±dra SMP wykorzystywany przez FreeS/WAN.
91
92 %prep
93 %setup -q -a2 -a3
94 %patch0 -p1
95 %patch1 -p1
96 %{?with_x509:patch -p1 -s <%{x509ver}-%{name}-%{version}/freeswan.diff}
97 %patch3 -p1
98 %{?with_NAT:patch -p1 -s <NAT-Traversal-%{nat_tr_ver}/NAT-Traversal-%{nat_tr_ver}-freeswan-2.00-x509-1.3.5.diff}
99
100 %build
101 %define _kver `echo "%{_kernel_ver}" |awk -F. '{print $2}'`
102 %if %{with modules}
103   install -d kernelsrc
104   lndir -silent %{_kernelsrcdir} kernelsrc
105   mv kernelsrc/.config kernelsrc/.config.old
106   cp kernelsrc/.config.old kernelsrc/.config
107   %if %{with dist_kernel}
108     rm -rf kernelsrc/include/asm
109     cd kernelsrc
110     patch -R -p1 <../linux/net/Makefile.fs2_%{_kver}.patch
111     patch -R -p1 <../linux/net/Config.in.fs2_%{_kver}.patch
112     patch -R -p1 <../linux/net/ipv4/af_inet.c.fs2_%{_kver}.patch
113     patch -R -p1 <../linux/Documentation/Configure.help.fs2_%{_kver}.patch
114     cd ..
115     rm -rf kernelsrc/{crypto,include/{freeswan,zlib,crypto},lib/{zlib,libfreeswan},net/ipsec}
116     rm kernelsrc/include/{freeswan,pfkey,pfkeyv2}.h
117     cp kernelsrc/config-up kernelsrc/.config
118   %endif
119   echo "CONFIG_IPSEC=m" >> kernelsrc/.config
120   echo "CONFIG_IPSEC_IPIP=y" >> kernelsrc/.config
121   echo "CONFIG_IPSEC_AH=y" >> kernelsrc/.config
122   echo "CONFIG_IPSEC_AUTH_HMAC_MD5=y" >> kernelsrc/.config
123   echo "CONFIG_IPSEC_AUTH_HMAC_SHA1=y" >> kernelsrc/.config
124   echo "CONFIG_IPSEC_ESP=y" >> kernelsrc/.config
125   echo "CONFIG_IPSEC_ENC_3DES=y" >> kernelsrc/.config
126   echo "CONFIG_IPSEC_IPCOMP=y" >> kernelsrc/.config
127   echo "CONFIG_IPSEC_DEBUG=y" >> kernelsrc/.config
128 %endif
129
130 USERCOMPILE="%{rpmcflags}" ; export USERCOMPILE
131 OPT_FLAGS="%{rpmcflags}"; export OPT_FLAGS
132 CC="%{__cc}"; export CC
133
134
135 %if %{with modules}
136   %{__make} precheck verset kpatch ocf confcheck module \
137         BIND9STATICLIBDIR=%{_libdir} \
138         FINALCONFDIR=%{_sysconfdir}/ipsec \
139         FINALCONFFILE=%{_sysconfdir}/ipsec/ipsec.conf \
140         INC_USRLOCAL=/usr \
141         INC_MANDIR=share/man \
142         FINALRCDIR=%{_sysconfdir}/rc.d/init.d \
143         FINALLIBEXECDIR=%{_libdir}/ipsec \
144         KERNELSRC="`pwd`/kernelsrc"
145
146   install linux/net/ipsec/ipsec.o .
147
148   %if %{with smp}
149     rm -rf kernelsrc
150     install -d kernelsrc
151     lndir -silent /usr/src/linux kernelsrc
152     mv kernelsrc/.config kernelsrc/.config.old
153     cp kernelsrc/.config.old kernelsrc/.config
154     %if %{with dist_kernel}
155       rm -rf kernelsrc/include/asm
156       cd kernelsrc
157       patch -R -p1 <../linux/net/Makefile.fs2_%{_kver}.patch
158       patch -R -p1 <../linux/net/Config.in.fs2_%{_kver}.patch
159       patch -R -p1 <../linux/net/ipv4/af_inet.c.fs2_%{_kver}.patch
160       patch -R -p1 <../linux/Documentation/Configure.help.fs2_%{_kver}.patch
161       cd ..
162       rm -rf kernelsrc/{crypto,include/{freeswan,zlib,crypto},lib/{zlib,libfreeswan},net/ipsec}
163       rm kernelsrc/include/{freeswan,pfkey,pfkeyv2}.h
164       cp kernelsrc/config-smp kernelsrc/.config
165     %endif
166     echo "CONFIG_IPSEC=m" >> kernelsrc/.config
167     echo "CONFIG_IPSEC_IPIP=y" >> kernelsrc/.config
168     echo "CONFIG_IPSEC_AH=y" >> kernelsrc/.config
169     echo "CONFIG_IPSEC_AUTH_HMAC_MD5=y" >> kernelsrc/.config
170     echo "CONFIG_IPSEC_AUTH_HMAC_SHA1=y" >> kernelsrc/.config
171     echo "CONFIG_IPSEC_ESP=y" >> kernelsrc/.config
172     echo "CONFIG_IPSEC_ENC_3DES=y" >> kernelsrc/.config
173     echo "CONFIG_IPSEC_IPCOMP=y" >> kernelsrc/.config
174     echo "CONFIG_IPSEC_DEBUG=y" >> kernelsrc/.config
175
176     %{__make} precheck verset kpatch ocf confcheck module \
177         BIND9STATICLIBDIR=%{_libdir} \
178         FINALCONFDIR=%{_sysconfdir}/ipsec \
179         FINALCONFFILE=%{_sysconfdir}/ipsec/ipsec.conf \
180         INC_USRLOCAL=/usr \
181         INC_MANDIR=share/man \
182         FINALRCDIR=%{_sysconfdir}/rc.d/init.d \
183         FINALLIBEXECDIR=%{_libdir}/ipsec \
184         KERNELSRC="`pwd`/kernelsrc"
185   %endif
186 %endif
187
188
189 %{__make} programs \
190         BIND9STATICLIBDIR=%{_libdir} \
191         FINALCONFDIR=%{_sysconfdir}/ipsec \
192         FINALCONFFILE=%{_sysconfdir}/ipsec/ipsec.conf \
193         INC_USRLOCAL=/usr \
194         INC_MANDIR=share/man \
195         FINALRCDIR=%{_sysconfdir}/rc.d/init.d \
196         FINALLIBEXECDIR=%{_libdir}/ipsec \
197         KERNELSRC="`pwd`/kernelsrc"
198
199 %install
200 rm -rf $RPM_BUILD_ROOT
201 install -d $RPM_BUILD_ROOT{%{_sysconfdir}/ipsec,/etc/rc.d/init.d,/var/run/pluto}
202
203 %{__make} install \
204         BIND9STATICLIBDIR=%{_libdir} \
205         DESTDIR="$RPM_BUILD_ROOT" \
206         FINALCONFDIR=%{_sysconfdir}/ipsec \
207         FINALCONFFILE=%{_sysconfdir}/ipsec/ipsec.conf \
208         FINALRCDIR=%{_sysconfdir}/rc.d/init.d \
209         FINALLIBEXECDIR=%{_libdir}/ipsec \
210         FINALEXAMPLECONFDIR=/usr/share/doc/%{name}-%{version} \
211         INC_USRLOCAL=/usr \
212         INC_MANDIR=share/man
213
214
215 %if %{with x509}
216   install -d  $RPM_BUILD_ROOT%{_sysconfdir}/ipsec/ipsec.d
217   for i in crls cacerts private policies; do
218         install -d  $RPM_BUILD_ROOT%{_sysconfdir}/ipsec/ipsec.d/$i
219   done
220   for i in CHANGES README; do
221         install  %{x509ver}-%{name}-%{version}/$i $i.x509 ;
222   done
223 %endif
224
225 bzip2 -dc %{SOURCE1} | tar xf - -C $RPM_BUILD_ROOT%{_mandir}
226
227 %if %{with modules}
228   install -d $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/misc
229   install ipsec.o $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/misc
230   %if %{with smp}
231     install -d $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}smp/misc
232     install linux/net/ipsec/ipsec.o $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}smp/misc
233   %endif
234 %endif
235
236 %clean
237 rm -rf $RPM_BUILD_ROOT
238
239 %post
240 # generate RSA private key... if, and only if, /etc/ipsec/ipsec.secrets does
241 # not already exist
242 if [ ! -f %{_sysconfdir}/ipsec/ipsec.secrets ];
243 then
244     echo generate RSA private key...
245     /usr/sbin/ipsec newhostkey --output %{_sysconfdir}/ipsec/ipsec.secrets
246     chmod 600 %{_sysconfdir}/ipsec/ipsec.secrets
247 fi
248
249 /sbin/chkconfig --add ipsec
250 if [ -f /var/lock/subsys/ipsec ]; then
251         /etc/rc.d/init.d/ipsec restart >&2
252 else
253         echo "Run '/etc/rc.d/init.d/ipsec start' to start IPSEC services." >&2
254 fi
255
256 %preun
257 if [ "$1" = "0" ]; then
258         if [ -f /var/lock/subsys/ipsec ]; then
259                 /etc/rc.d/init.d/ipsec stop >&2
260         fi
261         /sbin/chkconfig --del ipsec >&2
262 fi
263
264 %post   -n kernel-net-ipsec
265 %depmod %{_kernel_ver}
266
267 %postun -n kernel-net-ipsec
268 %depmod %{_kernel_ver}
269
270 %post   -n kernel-smp-net-ipsec
271 %depmod %{_kernel_ver}
272
273 %postun -n kernel-smp-net-ipsec
274 %depmod %{_kernel_ver}
275
276 %files
277 %defattr(644,root,root,755)
278 %doc README CREDITS CHANGES BUGS
279 %doc doc/{kernel.notes,impl.notes,examples,prob.report,std} doc/*.html
280 %{?with_NAT:%doc NAT-Traversal-%{nat_tr_ver}/README.NAT-Traversal}
281 %{?with_x509:%doc CHANGES.x509 README.x509}
282 %{_mandir}/man*/*
283 %lang(pl) %{_mandir}/pl/man*/*
284 %attr(755,root,root) %{_sbindir}/*
285 %attr(754,root,root) /etc/rc.d/init.d/*
286 %dir %{_libdir}/ipsec
287 %attr(755,root,root) %{_libdir}/ipsec/*
288 %attr(751,root,root) %dir %{_sysconfdir}/ipsec
289 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/ipsec/ipsec.conf
290 %if %{with x509}
291 %attr(700,root,root) %dir %{_sysconfdir}/ipsec/ipsec.d
292 %attr(700,root,root) %dir %{_sysconfdir}/ipsec/ipsec.d/certs
293 %attr(700,root,root) %dir %{_sysconfdir}/ipsec/ipsec.d/crls
294 %attr(700,root,root) %dir %{_sysconfdir}/ipsec/ipsec.d/cacerts
295 %attr(700,root,root) %dir %{_sysconfdir}/ipsec/ipsec.d/private
296 %attr(700,root,root) %dir %{_sysconfdir}/ipsec/ipsec.d/policies
297 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/ipsec/ipsec.d/policies/*
298 %endif
299
300 %if %{with modules}
301 %files -n kernel-net-ipsec
302 %defattr(644,root,root,755)
303 /lib/modules/%{_kernel_ver}/misc/ipsec*
304 %if %{with smp}
305 %files -n kernel-smp-net-ipsec
306 %defattr(644,root,root,755)
307 /lib/modules/%{_kernel_ver}smp/misc/ipsec*
308 %endif
309 %endif
Free IPSEC implemetation
This page took 0.050544 seconds and 2 git commands to generate.