File ipsec-tools.spec of Package ipsec-tools.2290
#
# spec file for package ipsec-tools
#
# Copyright (c) 2016 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: ipsec-tools
Summary: IPsec Utilities
License: BSD-3-Clause
Group: Productivity/Networking/Security
Version: 0.8.0
Release: 0
Url: http://ipsec-tools.sourceforge.net/
Source: http://prdownloads.sourceforge.net/ipsec-tools/ipsec-tools-%{version}.tar.bz2
Source2: sysconfig.racoon
Source3: setkey.conf.sample
Source4: racoon.pam
Source5: racoon.service
Source6: racoon-setkey.service
Patch0: racoon.conf_macros.patch
Patch1: racoon.psk.patch
Patch2: ipsec-tools-0.7.3-linkerflag.patch
Patch3: ipsec-tools-0.8.0-nodevel.patch
Patch4: ipsec-tools-0.8.0-certasn1txtbroken.patch
Patch5: racoon-no-md5.patch
Patch6: racoon-fips-rsa.patch
Patch7: fix-gssapi-null-dereference.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: %insserv_prereq %fillup_prereq
BuildRequires: bison
BuildRequires: flex
BuildRequires: krb5-devel
BuildRequires: libtool
BuildRequires: linux-glibc-devel
BuildRequires: openldap2-devel
BuildRequires: openssl-devel
BuildRequires: pam
BuildRequires: pam-devel
BuildRequires: readline-devel
BuildRequires: pkgconfig(systemd)
%if 0%{?suse_version} >= 1100
BuildRequires: fdupes
BuildRequires: libselinux-devel
%endif
Provides: racoon
%{?systemd_requires}
%description
This is the IPsec-Tools package. This package is needed to really make
use of the IPsec functionality in the version 2.5 and 2.6 Linux
kernels. This package builds:
- libipsec, a PFKeyV2 library
- setkey, a program to directly manipulate policies and SAs
- racoon, an IKEv1 keying daemon
These sources can be found at the IPsec-Tools home page at:
http://ipsec-tools.sourceforge.net/
%prep
%setup -q
%patch0 -p1
%patch1 -p1
%patch2
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
./bootstrap
sed -i 's|-Werror||g' configure
%build
export PATH=$PATH:/usr/lib/mit/bin
%configure \
--disable-shared \
--libexecdir=%{_libdir} \
--sysconfdir=/etc/racoon \
--sharedstatedir=/run \
--localstatedir=/run \
--with-kernel-headers="/usr/include" \
--enable-dpd \
--enable-hybrid \
--enable-frag \
--enable-natt=yes \
--enable-gssapi=yes \
--enable-stats=yes \
--enable-adminport \
--with-libpam \
%if 0%{?suse_version} >= 1100
--enable-security-context=yes \
%else
--enable-security-context=no \
%endif
--with-libldap
make
%check
make check
%install
make install DESTDIR=$RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT/etc/pam.d
install -m 0644 %{S:4} $RPM_BUILD_ROOT/etc/pam.d/racoon
%{__install} -d $RPM_BUILD_ROOT/etc/racoon/cert
# unify the permissions of psk.txt - fdupes is sensitive on permissions now (bnc#784670)
chmod 0600 src/racoon/samples/psk.txt
install -m 0600 src/racoon/samples/psk.txt $RPM_BUILD_ROOT/etc/racoon/
install -m 0644 src/racoon/samples/racoon.conf $RPM_BUILD_ROOT/etc/racoon/
cp -v $RPM_SOURCE_DIR/setkey.conf.sample $RPM_BUILD_ROOT/etc/racoon/setkey.conf
mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates
install -m 644 $RPM_SOURCE_DIR/sysconfig.racoon $RPM_BUILD_ROOT/var/adm/fillup-templates/
# manage doc
mkdir -p $RPM_BUILD_ROOT/usr/share/doc/packages/%{name}/examples/{setkey,racoon}
cp -rv src/racoon/samples $RPM_BUILD_ROOT/usr/share/doc/packages/%{name}/examples/racoon
cp -v src/setkey/sample* $RPM_BUILD_ROOT/usr/share/doc/packages/%{name}/examples/setkey
for i in ChangeLog NEWS README; do
install -D -m 0644 $i $RPM_BUILD_ROOT/usr/share/doc/packages/%{name}/
done
#some rpmlint stuff
%if 0%{?suse_version} >= 1100
%fdupes -s $RPM_BUILD_ROOT/
%endif
install -d %{buildroot}%{_tmpfilesdir}
echo 'd /run/racoon 0700 root root -' > %{buildroot}%{_tmpfilesdir}/racoon.conf
install -D -m 0644 %{S:5} %{buildroot}%{_unitdir}/racoon.service
install -D -m 0644 %{S:6} %{buildroot}%{_unitdir}/racoon-setkey.service
%pre
%service_add_pre racoon.service racoon-setkey.service
%post
%{fillup_only -n racoon}
# _tmpfilesdir is not defined in systemd macros up to openSUSE 13.2
%{!?_tmpfilesdir: %global _tmpfilesdir %{_libexecdir}/tmpfiles.d }
# Use %%tmpfiles_create when 13.2 is oldest in support scope
/usr/bin/systemd-tmpfiles --create %{_tmpfilesdir}/racoon.conf || :
%service_add_post racoon.service racoon-setkey.service
%preun
%service_del_preun racoon.service racoon-setkey.service
%postun
%service_del_postun racoon.service racoon-setkey.service
%files
%defattr(-,root,root)
%{_unitdir}/*.service
%{_tmpfilesdir}/racoon.conf
%doc /usr/share/doc/packages/%{name}/
%config(noreplace) /etc/racoon/psk.txt
%config(noreplace) /etc/racoon/racoon.conf
%config(noreplace) /etc/racoon/setkey.conf
%config /etc/pam.d/racoon
%dir /etc/racoon
%dir /etc/racoon/cert
/usr/sbin/racoon
/usr/sbin/racoonctl
/usr/sbin/setkey
/usr/sbin/plainrsa-gen
/var/adm/fillup-templates/sysconfig.racoon
%{_mandir}/man*/*
%changelog