2 # - libreswan.init needs update (since openswan 2.6.x)
3 # - warning: Installed (but unpackaged) file(s) found:
4 # /usr/share/doc/libreswan/index.html
5 # /usr/share/doc/libreswan/ipsec.conf-sample
7 # NOTE (TODO: check validity for current libreswan):
8 # - 32-bit tncfg and starter won't work on 64-bit kernels because of FUBAR
9 # ioctls (only ifru_data pointer is supported in 32->64 conversion of
10 # SIOCDEVPRIV ioctl, but openswan puts some static data in structure there)
12 Summary: Open Source implementation of IPsec for the Linux operating system
13 Summary(pl.UTF-8): Otwarta implementacja IPseca dla systemu operacyjnego Linux
17 License: GPL v2 with linking permission, BSD (DES and radij code)
18 Group: Networking/Daemons
19 Source0: https://download.libreswan.org/%{name}-%{version}.tar.gz
20 # Source0-md5: ad6e6715cd01c143a4501f933c044a88
22 Patch0: %{name}-gawk.patch
23 URL: https://libreswan.org/
25 BuildRequires: curl-devel
26 BuildRequires: docbook-dtd412-xml
28 BuildRequires: libcap-ng-devel
29 BuildRequires: libevent-devel >= 2
30 BuildRequires: libselinux-devel
31 BuildRequires: nss-devel >= 3
32 BuildRequires: nspr-devel >= 4
33 BuildRequires: pam-devel
34 BuildRequires: perl-tools-pod
35 BuildRequires: pkgconfig
36 BuildRequires: rpmbuild(macros) >= 1.268
37 BuildRequires: sed >= 4.0
38 BuildRequires: unbound-devel
41 Requires(post,preun): /sbin/chkconfig
49 Obsoletes: ipsec-tools
52 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
55 Libreswan is an IPsec implementation for Linux. It has support for
56 most of the extensions (RFC + IETF drafts) related to IPsec, including
57 IKEv2, X.509 Digital Certificates, NAT Traversal, and many others.
58 Libreswan uses the native Linux IPsec stack (NETKEY/XFRM) per default,
59 but may also use the alternative Libreswan kernel IPsec stack (KLIPS).
61 Libreswan was forked from Openswan 2.6.38, which was forked from
64 %description -l pl.UTF-8
65 Libreswan to implementacja standardu IPsec dla Linuksa. Obsługuje
66 większość rozszerzeń IPseca (RFC + szkice IETF), w tym IKEv2,
67 certyfikaty X.509, przechodzenie NAT i wiele innych. Libreswan
68 wykorzystuje domyślnie natywny stos IPsec Linuksa (NETKEY/XFRM),
69 ale może używać też alternatywnego (KLIPS).
71 Libreswan wywodzi się z projektu Openswan w wersji 2.6.38, który z
72 kolei wywodzi się z projektu FreeS/WAN w wersji 2.04.
81 %{__make} -j1 programs \
83 INC_USRLOCAL=%{_prefix} \
84 FINALLIBEXECDIR=%{_libexecdir}/ipsec \
86 USERCOMPILE="%{rpmcflags}" \
87 IPSECVERSION=%{version}
90 rm -rf $RPM_BUILD_ROOT
91 install -d $RPM_BUILD_ROOT{/etc/rc.d/init.d,/var/run/pluto}
94 DESTDIR=$RPM_BUILD_ROOT \
95 INC_USRLOCAL=%{_prefix} \
96 FINALLIBEXECDIR=%{_libexecdir}/ipsec \
97 MANTREE=$RPM_BUILD_ROOT%{_mandir} \
98 IPSECVERSION=%{version}
100 install %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/ipsec
101 %{__sed} -i -e "s#/lib/ipsec#/%{_lib}/ipsec#g#" $RPM_BUILD_ROOT/etc/rc.d/init.d/ipsec
103 install -d $RPM_BUILD_ROOT%{systemdtmpfilesdir}
104 cat >$RPM_BUILD_ROOT%{systemdtmpfilesdir}/libreswan.conf <<EOF
105 d /var/run/pluto 0755 root root -
109 rm -rf $RPM_BUILD_ROOT
112 /sbin/chkconfig --add ipsec
113 %service ipsec restart "IPSEC daemon"
116 if [ "$1" = "0" ]; then
118 /sbin/chkconfig --del ipsec
122 %defattr(644,root,root,755)
123 %doc CHANGES CREDITS LICENSE README* TRADEMARK
124 %attr(755,root,root) %{_sbindir}/ipsec
125 %dir %{_libexecdir}/ipsec
126 %attr(755,root,root) %{_libexecdir}/ipsec/*
127 %attr(754,root,root) /etc/rc.d/init.d/ipsec
128 %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/pluto
129 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/ipsec.conf
130 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/ipsec.secrets
131 %dir %{_sysconfdir}/ipsec.d
132 %dir %{_sysconfdir}/ipsec.d/policies
133 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/ipsec.d/policies/block
134 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/ipsec.d/policies/clear
135 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/ipsec.d/policies/clear-or-private
136 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/ipsec.d/policies/private
137 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/ipsec.d/policies/private-or-clear
138 %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/pluto
140 %{systemdtmpfilesdir}/libreswan.conf
141 %{_mandir}/man5/ipsec.conf.5*
142 %{_mandir}/man5/ipsec.secrets.5*
143 %{_mandir}/man5/ipsec_*.5*
144 %{_mandir}/man8/ipsec.8*
145 %{_mandir}/man8/ipsec_*.8*
146 %{_mandir}/man8/pluto.8*