]> git.pld-linux.org Git - packages/freeswan.git/blob - freeswan.spec
projects / packages / freeswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
- xorg dep
[packages/freeswan.git] / freeswan.spec
1 # Conditional builds
2 %bcond_with     NAT             # with NAT-Traversal
3 %bcond_without  x509            # without x509 support
4 %bcond_without  dist_kernel     # without sources of distribution kernel
5 %bcond_without  modules         # build only library+programs, no kernel modules
6 #
7 %define x509ver         x509-1.4.8
8 %define nat_tr_ver      0.6
9 %define _25x_ver        20030825
10 %define _rel    0.1
11 Summary:        Free IPSEC implemetation
12 Summary(pl.UTF-8):      Publicznie dostępna implementacja IPSEC
13 Name:           freeswan
14 Version:        2.04
15 Release:        %{_rel}
16 License:        GPL
17 Group:          Networking/Daemons
18 Source0:        ftp://ftp.xs4all.nl/pub/crypto/freeswan/%{name}-%{version}.tar.gz
19 # Source0-md5:  37a15f760ca43317fe7c5d6e6859689c
20 Source1:        http://www.mif.pg.gda.pl/homepages/ankry/man-PLD/%{name}-pl-man-pages.tar.bz2
21 # Source1-md5:  6bd0b509015a2795cfb895aaab0bbc55
22 Source2:        http://www.strongsec.com/freeswan/%{x509ver}-%{name}-%{version}.tar.gz
23 # Source2-md5:  d5ff93ed3dc33afcc3ab5d00ca11008b
24 Source3:        http://open-source.arkoon.net/freeswan/NAT-Traversal-%{nat_tr_ver}.tar.gz
25 # Source3-md5:  6858a8535aa2611769d17e86e6735db2
26 Patch0:         %{name}-showhostkey.patch
27 Patch1:         %{name}-init.patch
28 Patch2:         %{name}-paths.patch
29 Patch3:         %{name}-confread.patch
30 URL:            http://www.freeswan.org/
31 BuildRequires:  gmp-devel
32 %{?with_dist_kernel:%{?with_modules:BuildRequires:      kernel-doc}}
33 %{?with_dist_kernel:%{?with_modules:BuildRequires:      kernel-headers}}
34 %{?with_dist_kernel:%{?with_modules:BuildRequires:      kernel-source}}
35 BuildRequires:  rpmbuild(macros) >= 1.118
36 # for useful lndir
37 %{?with_modules:BuildRequires:  xorg-util-lndir}
38 Requires(post,preun):   /sbin/chkconfig
39 Requires:       gawk
40 Requires:       gmp
41 Requires:       rc-scripts
42 BuildRoot:      %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
43
44 %description
45 This package contains FreeS/WAN daemon and utilities. FreeS/WAN is a
46 free implementation of the IPsec protocol for Linux. It allows to
47 build secure tunnels through untrusted networks. The basic idea of
48 IPsec is to provide security functions (authentication and encryption)
49 at the IP (Internet Protocol) level.
50
51 %description -l pl.UTF-8
52 Ten pakiet zawiera demona i narzędzia FreeS/WAN. FreeS/WAN jest wolną
53 implementacją protokołu IPsec dla Linuksa. Umożliwia zestawianie
54 bezpiecznych tuneli przez niezaufane sieci. Podstawowa idea IPsec to
55 zapewnienie funkcji bezpieczeństwa (autentykacji i szyfrowania) na
56 poziomie IP.
57
58 %package -n kernel-net-ipsec
59 Summary:        Kernel module for Linux IPSEC
60 Summary(pl.UTF-8):      Moduł jądra dla IPSEC
61 Release:        %{_rel}@%{_kernel_ver_str}
62 Group:          Base/Kernel
63 %{?with_dist_kernel:%requires_releq_kernel_up}
64 Requires(post,postun):  /sbin/depmod
65 Requires:       %{name} = %{version}-%{release}
66 Requires:       modutils >= 2.4.6-4
67 Conflicts:      kernel <= 2.4.20-9
68
69 %description -n kernel-net-ipsec
70 Kernel module for FreeS/WAN.
71
72 %description -n kernel-net-ipsec -l pl.UTF-8
73 Moduł jądra wykorzystywany przez FreeS/WAN.
74
75 %package -n kernel-smp-net-ipsec
76 Summary:        SMP kernel module for Linux IPSEC
77 Summary(pl.UTF-8):      Moduł jądra SMP dla IPSEC
78 Release:        %{_rel}@%{_kernel_ver_str}
79 Group:          Base/Kernel
80 %{?with_dist_kernel:%requires_releq_kernel_up}
81 Requires(post,postun):  /sbin/depmod
82 Requires:       %{name} = %{version}-%{release}
83 Requires:       modutils >= 2.4.6-4
84 Conflicts:      kernel-smp <= 2.4.20-9
85
86 %description -n kernel-smp-net-ipsec
87 SMP kernel module for FreeS/WAN.
88
89 %description -n kernel-smp-net-ipsec -l pl.UTF-8
90 Moduł jądra SMP wykorzystywany przez FreeS/WAN.
91
92 %prep
93 %setup -q -a2 -a3
94 %patch0 -p1
95 %patch1 -p1
96 %{?with_x509:patch -p1 -s <%{x509ver}-%{name}-%{version}/freeswan.diff}
97 %patch3 -p1
98 %{?with_NAT:patch -p1 -s <NAT-Traversal-%{nat_tr_ver}/NAT-Traversal-%{nat_tr_ver}-freeswan-2.00-x509-1.3.5.diff}
99
100 %build
101 %define _kver   `echo "%{_kernel_ver}" |awk -F. '{print $2}'`
102
103 %if %{with modules}
104 install -d kernelsrc
105 lndir -silent %{_kernelsrcdir} kernelsrc
106 mv kernelsrc/.config kernelsrc/.config.old
107 cp kernelsrc/.config.old kernelsrc/.config
108
109 %if %{with dist_kernel}
110 rm -rf kernelsrc/include/asm
111 cd kernelsrc
112 patch -R -p1 <../linux/net/Makefile.fs2_%{_kver}.patch
113 patch -R -p1 <../linux/net/Config.in.fs2_%{_kver}.patch
114 patch -R -p1 <../linux/net/ipv4/af_inet.c.fs2_%{_kver}.patch
115 patch -R -p1 <../linux/Documentation/Configure.help.fs2_%{_kver}.patch
116 cd ..
117 rm -rf kernelsrc/{crypto,include/{freeswan,zlib,crypto},lib/{zlib,libfreeswan},net/ipsec}
118 rm kernelsrc/include/{freeswan,pfkey,pfkeyv2}.h
119 cp kernelsrc/config-up kernelsrc/.config
120 %endif
121
122 echo "CONFIG_IPSEC=m" >> kernelsrc/.config
123 echo "CONFIG_IPSEC_IPIP=y" >> kernelsrc/.config
124 echo "CONFIG_IPSEC_AH=y" >> kernelsrc/.config
125 echo "CONFIG_IPSEC_AUTH_HMAC_MD5=y" >> kernelsrc/.config
126 echo "CONFIG_IPSEC_AUTH_HMAC_SHA1=y" >> kernelsrc/.config
127 echo "CONFIG_IPSEC_ESP=y" >> kernelsrc/.config
128 echo "CONFIG_IPSEC_ENC_3DES=y" >> kernelsrc/.config
129 echo "CONFIG_IPSEC_IPCOMP=y" >> kernelsrc/.config
130 echo "CONFIG_IPSEC_DEBUG=y" >> kernelsrc/.config
131 %endif
132
133 USERCOMPILE="%{rpmcflags}" ; export USERCOMPILE
134 OPT_FLAGS="%{rpmcflags}"; export OPT_FLAGS
135 CC="%{__cc}"; export CC
136
137
138 %if %{with modules}
139 %{__make} precheck verset kpatch ocf confcheck module \
140         BIND9STATICLIBDIR=%{_libdir} \
141         FINALCONFDIR=%{_sysconfdir}/ipsec \
142         FINALCONFFILE=%{_sysconfdir}/ipsec/ipsec.conf \
143         INC_USRLOCAL=/usr \
144         INC_MANDIR=share/man \
145         FINALRCDIR=%{_sysconfdir}/rc.d/init.d \
146         FINALLIBEXECDIR=%{_libdir}/ipsec \
147         KERNELSRC="`pwd`/kernelsrc"
148
149 install linux/net/ipsec/ipsec.o .
150
151 %if %{with smp}
152 rm -rf kernelsrc
153 install -d kernelsrc
154 lndir -silent %{_kernelsrcdir} kernelsrc
155 mv kernelsrc/.config kernelsrc/.config.old
156 cp kernelsrc/.config.old kernelsrc/.config
157
158 %if %{with dist_kernel}
159 rm -rf kernelsrc/include/asm
160 cd kernelsrc
161 patch -R -p1 <../linux/net/Makefile.fs2_%{_kver}.patch
162 patch -R -p1 <../linux/net/Config.in.fs2_%{_kver}.patch
163 patch -R -p1 <../linux/net/ipv4/af_inet.c.fs2_%{_kver}.patch
164 patch -R -p1 <../linux/Documentation/Configure.help.fs2_%{_kver}.patch
165 cd ..
166 rm -rf kernelsrc/{crypto,include/{freeswan,zlib,crypto},lib/{zlib,libfreeswan},net/ipsec}
167 rm kernelsrc/include/{freeswan,pfkey,pfkeyv2}.h
168 cp kernelsrc/config-smp kernelsrc/.config
169 %endif
170
171 echo "CONFIG_IPSEC=m" >> kernelsrc/.config
172 echo "CONFIG_IPSEC_IPIP=y" >> kernelsrc/.config
173 echo "CONFIG_IPSEC_AH=y" >> kernelsrc/.config
174 echo "CONFIG_IPSEC_AUTH_HMAC_MD5=y" >> kernelsrc/.config
175 echo "CONFIG_IPSEC_AUTH_HMAC_SHA1=y" >> kernelsrc/.config
176 echo "CONFIG_IPSEC_ESP=y" >> kernelsrc/.config
177 echo "CONFIG_IPSEC_ENC_3DES=y" >> kernelsrc/.config
178 echo "CONFIG_IPSEC_IPCOMP=y" >> kernelsrc/.config
179 echo "CONFIG_IPSEC_DEBUG=y" >> kernelsrc/.config
180 %{__make} precheck verset kpatch ocf confcheck module \
181         BIND9STATICLIBDIR=%{_libdir} \
182         FINALCONFDIR=%{_sysconfdir}/ipsec \
183         FINALCONFFILE=%{_sysconfdir}/ipsec/ipsec.conf \
184         INC_USRLOCAL=/usr \
185         INC_MANDIR=share/man \
186         FINALRCDIR=%{_sysconfdir}/rc.d/init.d \
187         FINALLIBEXECDIR=%{_libdir}/ipsec \
188         KERNELSRC="`pwd`/kernelsrc"
189 %endif
190
191 %endif
192
193 %{__make} programs \
194         BIND9STATICLIBDIR=%{_libdir} \
195         FINALCONFDIR=%{_sysconfdir}/ipsec \
196         FINALCONFFILE=%{_sysconfdir}/ipsec/ipsec.conf \
197         INC_USRLOCAL=/usr \
198         INC_MANDIR=share/man \
199         FINALRCDIR=%{_sysconfdir}/rc.d/init.d \
200         FINALLIBEXECDIR=%{_libdir}/ipsec \
201         KERNELSRC="`pwd`/kernelsrc"
202
203 %install
204 rm -rf $RPM_BUILD_ROOT
205 install -d $RPM_BUILD_ROOT{%{_sysconfdir}/ipsec,/etc/rc.d/init.d,/var/run/pluto}
206
207 %{__make} install \
208         BIND9STATICLIBDIR=%{_libdir} \
209         DESTDIR="$RPM_BUILD_ROOT" \
210         FINALCONFDIR=%{_sysconfdir}/ipsec \
211         FINALCONFFILE=%{_sysconfdir}/ipsec/ipsec.conf \
212         FINALRCDIR=%{_sysconfdir}/rc.d/init.d \
213         FINALLIBEXECDIR=%{_libdir}/ipsec \
214         FINALEXAMPLECONFDIR=/usr/share/doc/%{name}-%{version} \
215         INC_USRLOCAL=/usr \
216         INC_MANDIR=share/man
217
218
219 %if %{with x509}
220 install -d  $RPM_BUILD_ROOT%{_sysconfdir}/ipsec/ipsec.d
221 for i in crls cacerts private policies; do
222         install -d  $RPM_BUILD_ROOT%{_sysconfdir}/ipsec/ipsec.d/$i
223 done
224 for i in CHANGES README; do
225         install  %{x509ver}-%{name}-%{version}/$i $i.x509 ;
226 done
227 %endif
228
229 bzip2 -dc %{SOURCE1} | tar xf - -C $RPM_BUILD_ROOT%{_mandir}
230
231 %if %{with modules}
232 install -d $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/misc
233 install ipsec.o $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/misc
234
235 %if %{with smp}
236 install -d $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}smp/misc
237 install linux/net/ipsec/ipsec.o $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}smp/misc
238 %endif
239
240 %endif
241
242 %clean
243 rm -rf $RPM_BUILD_ROOT
244
245 %post
246 # generate RSA private key... if, and only if, /etc/ipsec/ipsec.secrets does
247 # not already exist
248 if [ ! -f %{_sysconfdir}/ipsec/ipsec.secrets ];
249 then
250         echo generate RSA private key...
251         /usr/sbin/ipsec newhostkey --output %{_sysconfdir}/ipsec/ipsec.secrets
252         chmod 600 %{_sysconfdir}/ipsec/ipsec.secrets
253 fi
254
255 /sbin/chkconfig --add ipsec
256 if [ -f /var/lock/subsys/ipsec ]; then
257         /etc/rc.d/init.d/ipsec restart >&2
258 else
259         echo "Run '/etc/rc.d/init.d/ipsec start' to start IPSEC services." >&2
260 fi
261
262 %preun
263 if [ "$1" = "0" ]; then
264         if [ -f /var/lock/subsys/ipsec ]; then
265                 /etc/rc.d/init.d/ipsec stop >&2
266         fi
267         /sbin/chkconfig --del ipsec >&2
268 fi
269
270 %post   -n kernel-net-ipsec
271 %depmod %{_kernel_ver}
272
273 %postun -n kernel-net-ipsec
274 %depmod %{_kernel_ver}
275
276 %post   -n kernel-smp-net-ipsec
277 %depmod %{_kernel_ver}
278
279 %postun -n kernel-smp-net-ipsec
280 %depmod %{_kernel_ver}
281
282 %files
283 %defattr(644,root,root,755)
284 %doc README CREDITS CHANGES BUGS
285 %doc doc/{kernel.notes,impl.notes,examples,prob.report,std} doc/*.html
286 %{?with_NAT:%doc NAT-Traversal-%{nat_tr_ver}/README.NAT-Traversal}
287 %{?with_x509:%doc CHANGES.x509 README.x509}
288 %{_mandir}/man*/*
289 %lang(pl) %{_mandir}/pl/man*/*
290 %attr(755,root,root) %{_sbindir}/*
291 %attr(754,root,root) /etc/rc.d/init.d/*
292 %dir %{_libdir}/ipsec
293 %attr(755,root,root) %{_libdir}/ipsec/*
294 %attr(751,root,root) %dir %{_sysconfdir}/ipsec
295 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/ipsec/ipsec.conf
296 %if %{with x509}
297 %attr(700,root,root) %dir %{_sysconfdir}/ipsec/ipsec.d
298 %attr(700,root,root) %dir %{_sysconfdir}/ipsec/ipsec.d/certs
299 %attr(700,root,root) %dir %{_sysconfdir}/ipsec/ipsec.d/crls
300 %attr(700,root,root) %dir %{_sysconfdir}/ipsec/ipsec.d/cacerts
301 %attr(700,root,root) %dir %{_sysconfdir}/ipsec/ipsec.d/private
302 %attr(700,root,root) %dir %{_sysconfdir}/ipsec/ipsec.d/policies
303 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/ipsec/ipsec.d/policies/*
304 %endif
305
306 %if %{with modules}
307 %files -n kernel-net-ipsec
308 %defattr(644,root,root,755)
309 /lib/modules/%{_kernel_ver}/misc/ipsec*
310 %if %{with smp}
311 %files -n kernel-smp-net-ipsec
312 %defattr(644,root,root,755)
313 /lib/modules/%{_kernel_ver}smp/misc/ipsec*
314 %endif
315 %endif
Free IPSEC implemetation
This page took 0.084025 seconds and 3 git commands to generate.