7 %define x509ver x509patch-0.9.11
9 Summary: Free IPSEC implemetation
10 Summary(pl): Publicznie dostêpna implementacja IPSEC
15 Group: Networking/Daemons
16 Source0: ftp://ftp.xs4all.nl/pub/crypto/%{name}/%{name}-%{version}.tar.gz
17 Source1: http://www.mif.pg.gda.pl/homepages/ankry/man-PLD/%{name}-pl-man-pages.tar.bz2
18 Source2: http://www.strongsec.com/%{name}/%{x509ver}-%{name}-%{version}.tar.gz
19 Source3: %{name}-kernel.config
20 Patch0: %{name}-Makefile.patch
21 Patch1: %{name}-manlink.patch
22 Patch2: %{name}-config.patch
23 Patch3: %{name}-init.patch
24 Patch4: %{name}-keygen.patch
25 Patch5: x509-config.patch
26 Patch6: %{name}-kernel-module.patch
27 Patch7: %{name}-make-module.patch
28 URL: http://www.freeswan.org/
29 Prereq: /sbin/chkconfig
31 BuildRequires: gmp-devel
32 BuildRequires: kernel-source
33 BuildRequires: kernel-headers
34 BuildRequires: kernel-doc
35 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
39 %{?_without_klips:%define klips 0}
41 %{?_without_x509:%define x509 0}
44 The basic idea of IPSEC is to provide security functions
45 (authentication and encryption) at the IP (Internet Protocol) level.
46 It will be required in IP version 6 (better known as IPng, the next
47 generation) and is optional for the current IP, version 4.
49 FreeS/WAN is a freely-distributable implementation of IPSEC protocol.
50 FreeS/WAN utilities%{?!_without_x509: compiled with X.509 certificate support}.
53 Podstawowa idea IPSEC to zapewnienie funkcji bezpieczeñstwa
54 (autentykacji i szyfrowania) na poziomie IP. Bêdzie wymagany do IP w
55 wersji 6 (znanego tak¿e jako IPng, IP nastêpnej generacji) i jest
56 opcjonalny dla aktualnego IP, w wersji 4.
58 FreeS/WAN jest darmow± implementacj± protoko³u IPSEC.
61 %package -n kernel-%{_kernel_ver}-ipsec
62 Summary: FreeS/WAN IPSec kernel module
63 Summary(pl): Modu³ IPSec do j±dra
64 Group: System Environment/Kernel
69 %description -n kernel-%{_kernel_ver}-ipsec
70 FreeS/WAN IPSec Kernel Module (KLIPS)
90 %{?!_without_x509:patch -p1 <%{x509ver}-%{name}-%{version}/freeswan.diff}
91 %{?!_without_x509:%patch5 -p1 }
98 cp -pR %{_kernelsrcdir}/ linux
99 %{__make} KERNELSRC=linux insert
100 #%{?!_with_oldconfig:%{?kextra:perl -p -i -e "s/^EXTRAVERSION.*/EXTRAVERSION = -%{kextra}/" linux/Makefile}}
103 #if [ -f .config ]; then
104 # cat %{SOURCE3} >> .config
107 # if [ -f configs/kernel-%{_kernel_ver}-%{_target_cpu}%{?_with_smp:-smp}.config ]; then
108 # cp configs/kernel-%{_kernel_ver}-%{_target_cpu}%{?_with_smp:-smp}.config .config
110 # echo "ERROR: There is no kernel configuration available."
111 # echo "Configure your kernel first and add --with oldconfig"
112 # echo "to rpmbuild command line when trying to build with"
113 # echo "klips module next time."
116 # make oldconfig_nonint 1>/dev/null 2>&1
118 #%{__make} -s include/linux/version.h
123 OPT_FLAGS="%{rpmcflags}"; export OPT_FLAGS
124 CC=%{__cc}; export CC
125 %{__make} %{?_with_klips:KERNELSRC=linux precheck insert ocf module} programs
128 rm -rf $RPM_BUILD_ROOT
129 install -d $RPM_BUILD_ROOT{%{_sysconfdir}/ipsec,/etc/rc.d/init.d,/var/run/pluto}
132 DESTDIR="$RPM_BUILD_ROOT"
135 install -d $RPM_BUILD_ROOT%{_sysconfdir}/ipsec.d
136 for i in crls cacerts private; do
137 install -d $RPM_BUILD_ROOT%{_sysconfdir}/ipsec.d/$i
139 for i in CHANGES README; do
140 install %{x509ver}-%{name}-%{version}/$i $i.x509 ;
147 install -d $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/ipsec
148 install linux/net/ipsec/ipsec.o $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/ipsec/ipsec.o
151 bzip2 -dc %{SOURCE1} | tar xf - -C $RPM_BUILD_ROOT%{_mandir}
153 gzip -9nf README CREDITS CHANGES BUGS \
154 doc/{kernel.notes,impl.notes,examples,prob.report,standards}
158 rm -rf $RPM_BUILD_ROOT
161 # generate RSA private key... if, and only if, /etc/ipsec/ipsec.secrets does
163 if [ ! -f %{_sysconfdir}/ipsec/ipsec.secrets ];
165 echo generate RSA private key...
166 /usr/sbin/ipsec newhostkey --output %{_sysconfdir}/ipsec/ipsec.secrets
167 chmod 600 %{_sysconfdir}/ipsec/ipsec.secrets
170 /sbin/chkconfig --add ipsec
171 if [ -f /var/lock/subsys/ipsec ]; then
172 /etc/rc.d/init.d/ipsec restart >&2
174 echo "Run '/etc/rc.d/init.d/ipsec start' to start IPSEC services." >&2
178 if [ "$1" = "0" ]; then
179 if [ -f /var/lock/subsys/ipsec ]; then
180 /etc/rc.d/init.d/ipsec stop >&2
182 /sbin/chkconfig --del ipsec >&2
186 %defattr(644,root,root,755)
187 %doc *.gz doc/*.gz doc/*.html
188 %{?!_without_x509:%doc CHANGES.x509.gz README.x509.gz}
190 %lang(pl) %{_mandir}/pl/man*/*
191 %attr(755,root,root) %{_sbindir}/*
192 %attr(754,root,root) /etc/rc.d/init.d/*
193 %dir %{_libdir}/ipsec
194 %attr(755,root,root) %{_libdir}/ipsec/*
195 %attr(751,root,root) %dir %{_sysconfdir}/ipsec
196 %attr(640,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/ipsec/*
198 %attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d
199 %attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d/crls
200 %attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d/cacerts
201 %attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d/private
205 %files -n kernel%{?_with_smp:-smp}-%{_kernel_ver}%{?kext:-%{kext}}-ipsec
206 %defattr(644,root,root,755)
207 /lib/modules/%{kverrel}/kernel/net/ipsec