%define LIBMAJ 0 %define libname %mklibname ipsec %LIBMAJ %define libnamedev %{libname}-devel Name: ipsec-tools Version: 0.5 Release: 4.2.102mdk Summary: Tools for configuring and using IPSEC License: BSD Group: Networking/Other URL: http://ipsec-tools.sourceforge.net/ Source: http://prdownloads.sourceforge.net/ipsec-tools/ipsec-tools-%{version}.tar.bz2 Source3: racoon.conf.bz2 Source4: psk.txt.bz2 Source6: ipsec-setkey-initscript.bz2 Source7: racoon-initscript.bz2 Patch0: ipsec-tools-CAN-2005-0398.patch.bz2 Patch1: ipsec-tools-CVE-2005-3732.patch.bz2 BuildRequires: openssl-devel krb5-devel flex bison BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root Requires: %{libname} = %{version} Prereq: rpm-helper Provides: kvpnc-backend %description This is the IPsec-Tools package. You need this package in order to really use the IPsec functionality in the linux-2.6 and above kernels. This package builds: - libipsec, a PFKeyV2 library - setkey, a program to directly manipulate policies and SAs - racoon, an IKEv1 keying daemon %define old_libname %mklibname ipsec-tools 0 %package -n %{libname} Summary: The shared libraries used by ipsec-tools Group: System/Libraries Prereq: grep, sh-utils Provides: libipsec = %{version}-%{release} Provides: libipsec-tools = %{version}-%{release} Obsoletes: libipsec-tools Provides: %old_libname = %{version}-%{release} Obsoletes: %old_libname %description -n %{libname} These are the shared libraries for the IPsec-Tools package. %package -n %{libnamedev} Summary: Headers for programs for %libname Group: Development/C Requires: %{libname} = %{version} Provides: libipsec-tools-devel = %{version}-%{release} Provides: libipsec-devel = %{version}-%{release} Obsoletes: libipsec-tools-devel Provides: %{old_libname}-devel = %{version}-%{release} Obsoletes: %{old_libname}-devel %description -n %{libnamedev} These are development headers for libipsec %prep %setup -q %patch0 -p1 %patch1 -p1 -b .cve-2005-3732 %build %define _prefix %{nil} %define _includedir /usr/include %define _datadir /usr/share %configure --with-kernel-headers=/usr/include --enable-shared --disable-rpath --sysconfdir=%{_sysconfdir}/racoon echo >> src/racoon/prsa_par.y # parallel build is like "roulette russe" make %install rm -rf $RPM_BUILD_ROOT %makeinstall mkdir -p $RPM_BUILD_ROOT/etc/racoon/ bzcat %{SOURCE3} > $RPM_BUILD_ROOT/etc/racoon/racoon.conf chmod 600 $RPM_BUILD_ROOT/etc/racoon/racoon.conf bzcat %{SOURCE4} > $RPM_BUILD_ROOT/etc/racoon/psk.txt chmod 600 $RPM_BUILD_ROOT/etc/racoon/psk.txt mkdir -m 0700 -p $RPM_BUILD_ROOT/etc/racoon/certs mkdir -p $RPM_BUILD_ROOT/%{_initrddir} bzcat %{SOURCE6} > $RPM_BUILD_ROOT/%{_initrddir}/ipsec-setkey bzcat %{SOURCE7} > $RPM_BUILD_ROOT/%{_initrddir}/racoon %clean rm -rf $RPM_BUILD_ROOT %post %_post_service ipsec-setkey %_post_service racoon %preun %_preun_service ipsec-setkey %_preun_service racoon %post -n %{libname} -p /sbin/ldconfig %postun -n %{libname} -p /sbin/ldconfig %files %defattr(-,root,root) %doc ChangeLog NEWS README %doc src/racoon/samples/racoon.conf src/racoon/samples/psk.txt %doc src/racoon/doc/FAQ /sbin/* %{_mandir}/man*/* %dir %{_sysconfdir}/racoon %dir %{_sysconfdir}/racoon/certs %config(noreplace) /etc/racoon/psk.txt %config(noreplace) /etc/racoon/racoon.conf %attr (0755,root,root) %{_initrddir}/ipsec-setkey %attr (0755,root,root) %{_initrddir}/racoon %files -n %{libname} %defattr(-,root,root) %doc ChangeLog NEWS README /%{_lib}/*.so.* %files -n %{libnamedev} %defattr(-,root,root) /%{_lib}/libipsec.la /%{_lib}/libipsec.a /%{_lib}/libipsec.so %{_includedir}/* %changelog * Tue Jan 24 2006 Stew Benedict <sbenedict@mandriva.com> 0.5-4.2.102mdk - fix racoon (looking for config in /etc instead of /etc/racoon) * Mon Jan 23 2006 Stew Benedict <sbenedict@mandriva.com> 0.5-4.1.102mdk - security update for CVE-2005-3732 (P1) * Fri Mar 25 2005 Couriousous <couriousous@mandrake.org> 0.5-4mdk - Security fix (CAN-2005-0398) * Thu Mar 03 2005 Couriousous <couriousous@mandrake.org> 0.5-3mdk - Fix conflict with openswan ( #14133 ) * Wed Feb 23 2005 Christiaan Welvaart <cjw@daneel.dyndns.org> 0.5-2mdk - add BuildRequires: bison * Sat Feb 19 2005 Couriousous <couriousous@mandrake.org> 0.5-1mdk - 0.5 - Change library name libipsec-tools to libipsec * Sun Dec 26 2004 Couriousous <couriousous@mandrake.org> 0.4-2mdk - Add Provide kvpnc-backend * Mon Sep 22 2004 Couriousous <couriousous@sceen.net> 0.4-1mdk - 0.4 - Add startup scripts - Enable -devel package * Thu Jul 15 2004 Christiaan Welvaart <cjw@daneel.dyndns.org> 0.2.5-2mdk - add BuildRequires: flex * Thu Apr 08 2004 Florin <florin@mandrakesoft.com> 0.2.5-1mdk - 0.2.5 (security update) - /sbin now contains the binaries and not %{_sbindir} anymore * Wed Jan 21 2004 Florin <florin@mandrakesoft.com> 0.2.3-1mdk - first mandrake release