Overview

File openswan.spec of Package openSWAN

#
# spec file for package 
#
# Copyright (c) 2011 Johannes Engel.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#

# norootforbuild

Name:           openswan
Version:	2.6.50
Release:	1
License:	GPL-2.0
Summary:	An implementation of IPSec for Linux
Url:		http://www.openswan.org/
Group:		Productivity/Networking/Security
Source:		%{name}-%{version}.tar.gz
BuildRequires:	gcc-c++ gawk bison flex gmp-devel sed iptables bash coreutils xmlto
PreReq:		%insserv_prereq %fillup_prereq perl
Requires:	iproute2 >= 2.6.8
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
Provides:	ipsec

%description
Openswan is a free implementation of IPSEC & IKE for Linux.  IPSEC is
the Internet Protocol Security and uses strong cryptography to provide
both authentication and encryption services.  These services allow you
to build secure tunnels through untrusted networks.  Everything passing
through the untrusted net is encrypted by the ipsec gateway machine and
decrypted by the gateway at the other end of the tunnel.  The resulting
tunnel is a virtual private network or VPN.

This package contains the daemons and userland tools for setting up
Openswan on a freeswan enabled kernel. It optionally also builds the
Openswan KLIPS IPsec stack that is an alternative for the NETKEY/XFRM
IPsec stack that exists in the default Linux kernel.

%prep
%setup -q
sed -i 's/-Werror/#-Werror/' lib/libdns/Makefile
sed -i 's/-Werror/#-Werror/' lib/libisc/Makefile
sed -i 's/-Werror/#-Werror/' lib/liblwres/Makefile

%build
%{__make} \
  INC_USRLOCAL=%{_prefix} \
  FINALLIBDIR=%{_libdir}/ipsec \
  FINALBINDIR=%{_libdir}/ipsec \
  FINALLIBEXECDIR=%{_libdir}/ipsec \
  MANTREE=%{_mandir} \
  INC_RCDEFAULT=%{_initrddir} \
  INC_RCDIRS='/etc/init.d /etc/rc.d/init.d /etc/rc.d /sbin/init.d' \
  INC_DOCDIR=share/doc/packages \
  programs

%install
%{__make} \
  DESTDIR=%{buildroot} \
  INC_USRLOCAL=%{_prefix} \
  FINALLIBDIR=%{_libdir}/ipsec \
  FINALBINDIR=%{_libdir}/ipsec \
  FINALLIBEXECDIR=%{_libdir}/ipsec \
  MANTREE=%{buildroot}%{_mandir} \
  INC_RCDEFAULT=%{_initrddir} \
  install
rm -rf $RPM_BUILD_ROOT/usr/share/doc/openswan
rm -rf $RPM_BUILD_ROOT/%{_initrddir}/setup
rm -rf $RPM_BUILD_ROOT/etc/ipsec.d/examples
find $RPM_BUILD_ROOT%{_mandir}  -type f | xargs chmod a-x
install -d -m 0700 $RPM_BUILD_ROOT%{_localstatedir}/run/pluto
install -d $RPM_BUILD_ROOT%{_sbindir}
#suse specific
ln -sf /etc/init.d/ipsec ${RPM_BUILD_ROOT}%{_sbindir}/rcipsec
#echo "# see man ipsec.secrets" >  $RPM_BUILD_ROOT/etc/ipsec.secrets
install -d -m 755 $RPM_BUILD_ROOT/etc/sysconfig/network/{scripts,if-up.d,if-down.d}
install -m 755 packaging/suse/sysconfig.network.scripts.openswan $RPM_BUILD_ROOT/etc/sysconfig/network/scripts/freeswan
install -m 644 packaging/suse/sysconfig.network.scripts.openswan-functions $RPM_BUILD_ROOT/etc/sysconfig/network/scripts/freeswan-functions
ln -s ../scripts/freeswan $RPM_BUILD_ROOT/etc/sysconfig/network/if-up.d/freeswan
ln -s ../scripts/freeswan $RPM_BUILD_ROOT/etc/sysconfig/network/if-down.d/freeswan
# ip-up script (#39048)
#install -d -m 750 -g dialout $RPM_BUILD_ROOT/etc/ppp/ip-{up,down}.d
install -d -m 750 $RPM_BUILD_ROOT/etc/ppp/ip-{up,down}.d
install -m 755 packaging/suse/openswan.ip-up $RPM_BUILD_ROOT/etc/ppp/ip-up.d/freeswan
ln -s ../ip-up.d/freeswan $RPM_BUILD_ROOT/etc/ppp/ip-down.d/freeswan
rm -f $RPM_BUILD_ROOT/etc/rc?.d/[KS]*ipsec

%clean
%{?buildroot:%__rm -rf "$RPM_BUILD_ROOT"}

%preun
%{stop_on_removal ipsec}
# Some people expect to not loose their secrets even after multiple rpm -e.
if test -s etc/ipsec.secrets.rpmsave; then
  cp -p --backup=numbered etc/ipsec.secrets.rpmsave etc/ipsec.secrets.rpmsave.old
fi
exit 0

%postun
%{restart_on_update ipsec}
%{insserv_cleanup}

%post
%{fillup_and_insserv ipsec}

%files
%defattr(-,root,root)
%doc BUGS CHANGES COPYING CREDITS README LICENSE
%doc OBJ.linux.*/programs/examples/*.conf
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ipsec.conf
%attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d
%dir %attr(700,root,root) /etc/ipsec.d/policies
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ipsec.d/policies/*
%if 0%{?suse_version}<1320
%ghost %attr(0700,root,root) %dir %{_localstatedir}/run/pluto
%endif
%{_initrddir}/ipsec
%{_libdir}/ipsec
%{_sbindir}/rcipsec
%{_sbindir}/ipsec
%doc %{_mandir}/*/*
%config /etc/sysconfig/network/scripts/*
/etc/sysconfig/network/if-up.d/freeswan
/etc/sysconfig/network/if-down.d/freeswan
/etc/ppp/ip-up.d/freeswan
/etc/ppp/ip-down.d/freeswan
%dir %attr(700,root,root) /etc/ipsec.d/private

%changelog
openSUSE Build Service is sponsored by
Places