+# Conditional builds
+# _without_x509
+
+%define x509ver x509patch-0.9.11
+
Summary: Free IPSEC implemetation
Summary(pl): Publicznie dostêpna implementacja IPSEC
Name: freeswan
-Version: 1.96
-Release: 2
+Version: 1.97
+Release: 0.1
License: GPL
Group: Networking/Daemons
-Source0: ftp://ftp.xs4all.nl/pub/crypto/freeswan/%{name}-%{version}.tar.gz
+Source0: ftp://ftp.xs4all.nl/pub/crypto/%{name}/%{name}-%{version}.tar.gz
Source1: http://www.mif.pg.gda.pl/homepages/ankry/man-PLD/%{name}-pl-man-pages.tar.bz2
+Source2: http://www.strongsec.com/%{name}/%{x509ver}-%{name}-%{version}.tar.gz
Patch0: %{name}-Makefile.patch
Patch1: %{name}-manlink.patch
Patch2: %{name}-config.patch
Patch3: %{name}-init.patch
Patch4: %{name}-keygen.patch
+Patch5: x509-config.patch
URL: http://www.freeswan.org/
Prereq: /sbin/chkconfig
Prereq: rc-scripts
BuildRequires: gmp-devel
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+%define x509 1
+%{?_without_x509:%define x509 0}
+
%description
The basic idea of IPSEC is to provide security functions
(authentication and encryption) at the IP (Internet Protocol) level.
generation) and is optional for the current IP, version 4.
FreeS/WAN is a freely-distributable implementation of IPSEC protocol.
+FreeS/WAN utilities%{?!_without_x509: compiled with X.509 certificate support}.
%description -l pl
Podstawowa idea IPSEC to zapewnienie funkcji bezpieczeñstwa
FreeS/WAN jest darmow± implementacj± protoko³u IPSEC.
%prep
-%setup -q
+%setup -q -a2
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
+%patch5 -p1
+
+%{?!_without_x509:patch -p1 <%{x509ver}-%{name}-%{version}/freeswan.diff}
%build
OPT_FLAGS="%{rpmcflags}"; export OPT_FLAGS
%{__make} install \
DESTDIR="$RPM_BUILD_ROOT"
+%if %{x509}
+ install -d $RPM_BUILD_ROOT%{_sysconfdir}/ipsec.d
+ for i in crls cacerts private; do
+ install -d $RPM_BUILD_ROOT%{_sysconfdir}/ipsec.d/$i
+done
+for i in CHANGES README; do
+ install %{x509ver}-%{name}-%{version}/$i $i.x509 ;
+ gzip -9nf $i.x509 ;
+
+done
+%endif
+
bzip2 -dc %{SOURCE1} | tar xf - -C $RPM_BUILD_ROOT%{_mandir}
gzip -9nf README CREDITS CHANGES BUGS \
- doc/{kernel.notes,impl.notes,examples,prob.report,standards}
+ doc/{kernel.notes,impl.notes,examples,prob.report,standards}
+
%clean
rm -rf $RPM_BUILD_ROOT
%files
%defattr(644,root,root,755)
%doc *.gz doc/*.gz doc/*.html
+%{?!_without_x509:%doc CHANGES.x509.gz README.x509.gz}
%{_mandir}/man*/*
%lang(pl) %{_mandir}/pl/man*/*
%attr(755,root,root) %{_sbindir}/*
%attr(755,root,root) %{_libdir}/ipsec/*
%attr(751,root,root) %dir %{_sysconfdir}/ipsec
%attr(640,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/ipsec/*
+%if %{x509}
+%attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d
+%attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d/crls
+%attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d/cacerts
+%attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d/private
+%endif