- started update to 1.97

- add new patch x509 that enable certificate support for  FreeS/WAN
- some cosmetics
- relase 0.1

Changed files:
    freeswan.spec -> 1.30

diff --git a/freeswan.spec b/freeswan.spec
index c607d027ec302f216724cfbaa23b803b1b65947e..b9914d781a13c1535db879af5036af1df74b4ccd 100644 (file)
--- a/freeswan.spec
+++ b/freeswan.spec
@@ -1,23 +1,33 @@
+# Conditional builds
+# _without_x509
+
+%define x509ver                 x509patch-0.9.11
+
 Summary:       Free IPSEC implemetation
 Summary(pl):   Publicznie dostêpna implementacja IPSEC
 Name:          freeswan
-Version:       1.96
-Release:       2
+Version:       1.97
+Release:       0.1
 License:       GPL
 Group:         Networking/Daemons
-Source0:       ftp://ftp.xs4all.nl/pub/crypto/freeswan/%{name}-%{version}.tar.gz
+Source0:       ftp://ftp.xs4all.nl/pub/crypto/%{name}/%{name}-%{version}.tar.gz
 Source1:       http://www.mif.pg.gda.pl/homepages/ankry/man-PLD/%{name}-pl-man-pages.tar.bz2
+Source2:       http://www.strongsec.com/%{name}/%{x509ver}-%{name}-%{version}.tar.gz
 Patch0:                %{name}-Makefile.patch
 Patch1:                %{name}-manlink.patch
 Patch2:                %{name}-config.patch
 Patch3:                %{name}-init.patch
 Patch4:                %{name}-keygen.patch
+Patch5:                x509-config.patch
 URL:           http://www.freeswan.org/
 Prereq:                /sbin/chkconfig
 Prereq:                rc-scripts
 BuildRequires: gmp-devel
 BuildRoot:     %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
 
+%define x509 1
+%{?_without_x509:%define x509 0}
+
 %description
 The basic idea of IPSEC is to provide security functions
 (authentication and encryption) at the IP (Internet Protocol) level.
@@ -25,6 +35,7 @@ It will be required in IP version 6 (better known as IPng, the next
 generation) and is optional for the current IP, version 4.
 
 FreeS/WAN is a freely-distributable implementation of IPSEC protocol.
+FreeS/WAN utilities%{?!_without_x509: compiled with X.509 certificate support}.
 
 %description -l pl
 Podstawowa idea IPSEC to zapewnienie funkcji bezpieczeñstwa
@@ -35,12 +46,15 @@ opcjonalny dla aktualnego IP, w wersji 4.
 FreeS/WAN jest darmow± implementacj± protoko³u IPSEC.
 
 %prep
-%setup  -q
+%setup  -q -a2
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
 %patch4 -p1
+%patch5 -p1
+
+%{?!_without_x509:patch -p1 <%{x509ver}-%{name}-%{version}/freeswan.diff}
 
 %build
 OPT_FLAGS="%{rpmcflags}"; export OPT_FLAGS
@@ -53,10 +67,23 @@ install -d $RPM_BUILD_ROOT{%{_sysconfdir}/ipsec,/etc/rc.d/init.d,/var/run/pluto}
 %{__make} install \
        DESTDIR="$RPM_BUILD_ROOT"
 
+%if %{x509}
+ install -d  $RPM_BUILD_ROOT%{_sysconfdir}/ipsec.d
+ for i in crls cacerts private; do
+  install -d  $RPM_BUILD_ROOT%{_sysconfdir}/ipsec.d/$i
+done
+for i in CHANGES README; do
+  install  %{x509ver}-%{name}-%{version}/$i $i.x509 ;  
+       gzip -9nf $i.x509 ;
+
+done
+%endif
+
 bzip2 -dc %{SOURCE1} | tar xf - -C $RPM_BUILD_ROOT%{_mandir}
 
 gzip -9nf README CREDITS CHANGES BUGS \
-          doc/{kernel.notes,impl.notes,examples,prob.report,standards}
+          doc/{kernel.notes,impl.notes,examples,prob.report,standards} 
+               
 
 %clean
 rm -rf $RPM_BUILD_ROOT
@@ -89,6 +116,7 @@ fi
 %files
 %defattr(644,root,root,755)
 %doc *.gz doc/*.gz doc/*.html
+%{?!_without_x509:%doc CHANGES.x509.gz README.x509.gz}
 %{_mandir}/man*/*
 %lang(pl) %{_mandir}/pl/man*/*
 %attr(755,root,root) %{_sbindir}/*
@@ -97,3 +125,9 @@ fi
 %attr(755,root,root) %{_libdir}/ipsec/*
 %attr(751,root,root) %dir %{_sysconfdir}/ipsec
 %attr(640,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/ipsec/*
+%if %{x509}
+%attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d
+%attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d/crls
+%attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d/cacerts
+%attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d/private
+%endif