# Conditional builds
-# _without_x509 - without x509 support
-# _without_dist_kernel - without sources of distribution kernel
-# _with_NAT - without NAT-Traversal
-# _with_25x - without FreeS/WAN's keying daemon to work with
-# the 2.5 kernel IPsec implementation
-# _without_modules - build only library+programs, no kernel modules
-%define x509ver x509-1.4.7
+bcond_with NAT # with NAT-Traversal
+bcond_without x509 # without x509 support
+bcond_without dist_kernel # without sources of distribution kernel
+bcond_without modules # build only library+programs, no kernel modules
+##bcond_with 25x # witht FreeS/WAN's keying daemon to work with
+ # the 2.5 kernel IPsec implementation
+#
+%define x509ver x509-1.4.8
%define nat_tr_ver 0.6
%define _25x_ver 20030825
Summary: Free IPSEC implemetation
Summary(pl): Publicznie dostêpna implementacja IPSEC
Name: freeswan
-Version: 2.02
-%define _rel 0.2
+Version: 2.04
+%define _rel 0.1
Release: %{_rel}
License: GPL
Group: Networking/Daemons
Source0: ftp://ftp.xs4all.nl/pub/crypto/%{name}/%{name}-%{version}.tar.gz
-# Source0-md5: e7a5ff59b2abbb8c812221bbe7fd6e09
+# Source0-md5: 37a15f760ca43317fe7c5d6e6859689c
Source1: http://www.mif.pg.gda.pl/homepages/ankry/man-PLD/%{name}-pl-man-pages.tar.bz2
# Source1-md5: 6bd0b509015a2795cfb895aaab0bbc55
Source2: http://www.strongsec.com/%{name}/%{x509ver}-%{name}-%{version}.tar.gz
-# Source2-md5: 9a2715ff083194754c283af90c57d657
+# Source2-md5: d5ff93ed3dc33afcc3ab5d00ca11008b
Source3: http://open-source.arkoon.net/freeswan/NAT-Traversal-%{nat_tr_ver}.tar.gz
# Source3-md5: 6858a8535aa2611769d17e86e6735db2
##Source4: http://gondor.apana.org.au/~herbert/freeswan/%{version}/freeswan-%{version}-linux-ipsec-%{_25x_ver}.patch.gz
Requires(post,preun): /sbin/chkconfig
Requires: gawk
Requires: gmp
-%{!?_without_dist_kernel:%{!?_without_modules:BuildRequires: kernel-headers}}
-%{!?_without_dist_kernel:%{!?_without_modules:BuildRequires: kernel-source}}
-%{!?_without_dist_kernel:%{!?_without_modules:BuildRequires: kernel-doc}}
+%{?with_dist_kernel:%{?with_modules:BuildRequires: kernel-headers}}
+%{?with_dist_kernel:%{?with_modules:BuildRequires: kernel-source}}
+%{?with_dist_kernel:%{?with_modules:BuildRequires: kernel-doc}}
# XFree86 is required to use usefull lndir
-%{!?_without_dist_kernel:%{!?_without_modules:BuildRequires: XFree86}}
+%{?with_dist_kernel:%{?with_modules:BuildRequires: XFree86}}
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%description
generation) and is optional for the current IP, version 4.
FreeS/WAN is a freely-distributable implementation of IPSEC protocol.
-FreeS/WAN utilities%{?!_without_x509: compiled with X.509 certificate support}.
+FreeS/WAN utilities%{?with_x509: compiled with X.509 certificate support}.
%description -l pl
Podstawowa idea IPSEC to zapewnienie funkcji bezpieczeñstwa
Summary(pl): Modu³ j±dra dla IPSEC
Release: %{_rel}@%{_kernel_ver_str}
Group: Base/Kernel
-%{!?_without_dist_kernel:%requires_releq_kernel_up}
+%{?with_dist_kernel:%requires_releq_kernel_up}
PreReq: modutils >= 2.4.6-4
Requires(post,postun): /sbin/depmod
Requires: %{name} = %{version}
Summary(pl): Modu³ j±dra SMP dla IPSEC
Release: %{_rel}@%{_kernel_ver_str}
Group: Base/Kernel
-%{!?_without_dist_kernel:%requires_releq_kernel_up}
+%{?with_dist_kernel:%requires_releq_kernel_up}
PreReq: modutils >= 2.4.6-4
Requires(post,postun): /sbin/depmod
Requires: %{name} = %{version}
%setup -q -a2 -a3
%patch0 -p1
%patch1 -p1
-%{?!_without_x509:patch -p1 -s <%{x509ver}-%{name}-%{version}/freeswan.diff}
+%{?with_x509:patch -p1 -s <%{x509ver}-%{name}-%{version}/freeswan.diff}
#%patch2 -p1
+#%%{?with_25x:gzip -d <%{SOURCE4}| patch -p1 -s}
%patch3 -p1
-%{?_with_NAT:patch -p1 -s <NAT-Traversal-%{nat_tr_ver}/NAT-Traversal-%{nat_tr_ver}-freeswan-2.00-x509-1.3.5.diff}
-%{?_with_25x:gzip -d <%{SOURCE4}| patch -p1 -s}
-
+%{?with_NAT:patch -p1 -s <NAT-Traversal-%{nat_tr_ver}/NAT-Traversal-%{nat_tr_ver}-freeswan-2.00-x509-1.3.5.diff}
%build
%define _kver `echo "%{_kernel_ver}" |awk -F. '{print $2}'`
-%if 0%{!?_without_modules:1}
+%if %{with modules}
install -d kernelsrc
lndir -silent /usr/src/linux kernelsrc
mv kernelsrc/.config kernelsrc/.config.old
cp kernelsrc/.config.old kernelsrc/.config
- %if 0%{!?_without_dist_kernel:1}
+ %if %{with dist_kernel}
rm -rf kernelsrc/include/asm
cd kernelsrc
patch -R -p1 <../linux/net/Makefile.fs2_%{_kver}.patch
CC=%{__cc}; export CC
-%if 0%{!?_without_modules:1}
+%if %{with modules}
%{__make} precheck verset kpatch ocf confcheck module \
BIND9STATICLIBDIR=%{_libdir} \
FINALCONFDIR=%{_sysconfdir}/ipsec \
install linux/net/ipsec/ipsec.o .
- %if 0%{!?_without_smp:1}
+ %if %{with smp}
rm -rf kernelsrc
install -d kernelsrc
lndir -silent /usr/src/linux kernelsrc
mv kernelsrc/.config kernelsrc/.config.old
cp kernelsrc/.config.old kernelsrc/.config
- %if 0%{!?_without_dist_kernel:1}
+ %if %{with dist_kernel}
rm -rf kernelsrc/include/asm
cd kernelsrc
patch -R -p1 <../linux/net/Makefile.fs2_%{_kver}.patch
FINALLIBEXECDIR=%{_libdir}/ipsec \
KERNELSRC="`pwd`/kernelsrc"
-
-
%install
rm -rf $RPM_BUILD_ROOT
install -d $RPM_BUILD_ROOT{%{_sysconfdir}/ipsec,/etc/rc.d/init.d,/var/run/pluto}
INC_MANDIR=share/man
-%if 0%{!?_without_x509:1}
+%if %{with x509}
install -d $RPM_BUILD_ROOT%{_sysconfdir}/ipsec/ipsec.d
for i in crls cacerts private policies; do
install -d $RPM_BUILD_ROOT%{_sysconfdir}/ipsec/ipsec.d/$i
bzip2 -dc %{SOURCE1} | tar xf - -C $RPM_BUILD_ROOT%{_mandir}
-%if 0%{!?_without_modules:1}
+%if %{with modules}
install -d $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/misc
install ipsec.o $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/misc
- %if 0%{!?_without_smp:1}
+ %if %{with smp}
install -d $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}smp/misc
install linux/net/ipsec/ipsec.o $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}smp/misc
%endif
%files
%defattr(644,root,root,755)
%doc README CREDITS CHANGES BUGS
-%doc doc/{kernel.notes,impl.notes,examples,prob.report,standards} doc/*.html
-%{?_with_NAT:%doc NAT-Traversal-%{nat_tr_ver}/README.NAT-Traversal}
-%{?!_without_x509:%doc CHANGES.x509 README.x509}
+%doc doc/{kernel.notes,impl.notes,examples,prob.report,std} doc/*.html
+%{?with_NAT:%doc NAT-Traversal-%{nat_tr_ver}/README.NAT-Traversal}
+%{?with_x509:%doc CHANGES.x509 README.x509}
%{_mandir}/man*/*
%lang(pl) %{_mandir}/pl/man*/*
%attr(755,root,root) %{_sbindir}/*
%attr(755,root,root) %{_libdir}/ipsec/*
%attr(751,root,root) %dir %{_sysconfdir}/ipsec
%attr(640,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/ipsec/ipsec.conf
-%if 0%{!?_without_x509:1}
+%if %{with x509}
%attr(0700,root,root) %dir %{_sysconfdir}/ipsec/ipsec.d
%attr(0700,root,root) %dir %{_sysconfdir}/ipsec/ipsec.d/certs
%attr(0700,root,root) %dir %{_sysconfdir}/ipsec/ipsec.d/crls
%attr(640,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/ipsec/ipsec.d/policies/*
%endif
-%if 0%{!?_without_modules:1}
+%if %{with modules}
%files -n kernel-net-ipsec
%defattr(644,root,root,755)
/lib/modules/%{_kernel_ver}/misc/ipsec*
-%if 0%{!?_without_smp:1}
+%if %{with smp}
%files -n kernel-smp-net-ipsec
%defattr(644,root,root,755)
/lib/modules/%{_kernel_ver}smp/misc/ipsec*