6 %define x509ver x509patch-0.9.11
8 Summary: Free IPSEC implemetation
9 Summary(pl): Publicznie dostêpna implementacja IPSEC
14 Group: Networking/Daemons
15 Source0: ftp://ftp.xs4all.nl/pub/crypto/%{name}/%{name}-%{version}.tar.gz
16 Source1: http://www.mif.pg.gda.pl/homepages/ankry/man-PLD/%{name}-pl-man-pages.tar.bz2
17 Source2: http://www.strongsec.com/%{name}/%{x509ver}-%{name}-%{version}.tar.gz
18 Source3: %{name}-kernel.config
19 Patch0: %{name}-Makefile.patch
20 Patch1: %{name}-manlink.patch
21 Patch2: %{name}-config.patch
22 Patch3: %{name}-init.patch
23 Patch4: %{name}-keygen.patch
24 Patch5: x509-config.patch
25 URL: http://www.freeswan.org/
26 Prereq: /sbin/chkconfig
28 BuildRequires: gmp-devel
29 BuildRequires: kernel-headers
30 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
34 %{?_without_x509:%define x509 0}
37 The basic idea of IPSEC is to provide security functions
38 (authentication and encryption) at the IP (Internet Protocol) level.
39 It will be required in IP version 6 (better known as IPng, the next
40 generation) and is optional for the current IP, version 4.
42 FreeS/WAN is a freely-distributable implementation of IPSEC protocol.
43 FreeS/WAN utilities%{?!_without_x509: compiled with X.509 certificate support}.
46 Podstawowa idea IPSEC to zapewnienie funkcji bezpieczeñstwa
47 (autentykacji i szyfrowania) na poziomie IP. Bêdzie wymagany do IP w
48 wersji 6 (znanego tak¿e jako IPng, IP nastêpnej generacji) i jest
49 opcjonalny dla aktualnego IP, w wersji 4.
51 FreeS/WAN jest darmow± implementacj± protoko³u IPSEC.
62 %{?!_without_x509:patch -p1 <%{x509ver}-%{name}-%{version}/freeswan.diff}
63 %{?!_without_x509:%patch5 -p1 }
67 USERCOMPILE="%{rpmcflags}" ; export USERCOMPILE
68 OPT_FLAGS="%{rpmcflags}"; export OPT_FLAGS
73 rm -rf $RPM_BUILD_ROOT
74 install -d $RPM_BUILD_ROOT{%{_sysconfdir}/ipsec,/etc/rc.d/init.d,/var/run/pluto}
77 DESTDIR="$RPM_BUILD_ROOT"
80 install -d $RPM_BUILD_ROOT%{_sysconfdir}/ipsec.d
81 for i in crls cacerts private; do
82 install -d $RPM_BUILD_ROOT%{_sysconfdir}/ipsec.d/$i
84 for i in CHANGES README; do
85 install %{x509ver}-%{name}-%{version}/$i $i.x509 ;
91 bzip2 -dc %{SOURCE1} | tar xf - -C $RPM_BUILD_ROOT%{_mandir}
93 gzip -9nf README CREDITS CHANGES BUGS \
94 doc/{kernel.notes,impl.notes,examples,prob.report,standards}
99 # generate RSA private key... if, and only if, /etc/ipsec/ipsec.secrets does
101 if [ ! -f %{_sysconfdir}/ipsec/ipsec.secrets ];
103 echo generate RSA private key...
104 /usr/sbin/ipsec newhostkey --output %{_sysconfdir}/ipsec/ipsec.secrets
105 chmod 600 %{_sysconfdir}/ipsec/ipsec.secrets
108 /sbin/chkconfig --add ipsec
109 if [ -f /var/lock/subsys/ipsec ]; then
110 /etc/rc.d/init.d/ipsec restart >&2
112 echo "Run '/etc/rc.d/init.d/ipsec start' to start IPSEC services." >&2
116 if [ "$1" = "0" ]; then
117 if [ -f /var/lock/subsys/ipsec ]; then
118 /etc/rc.d/init.d/ipsec stop >&2
120 /sbin/chkconfig --del ipsec >&2
124 rm -rf $RPM_BUILD_ROOT
128 %defattr(644,root,root,755)
129 %doc *.gz doc/*.gz doc/*.html
130 %{?!_without_x509:%doc CHANGES.x509.gz README.x509.gz}
132 %lang(pl) %{_mandir}/pl/man*/*
133 %attr(755,root,root) %{_sbindir}/*
134 %attr(754,root,root) /etc/rc.d/init.d/*
135 %dir %{_libdir}/ipsec
136 %attr(755,root,root) %{_libdir}/ipsec/*
137 %attr(751,root,root) %dir %{_sysconfdir}/ipsec
138 %attr(640,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/ipsec/*
140 %attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d
141 %attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d/crls
142 %attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d/cacerts
143 %attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d/private