%define x509_patch_version 0.9.15
Summary: A Free IPSEC implemetation
Name: freeswan
Version: 1.99
Release: 3mdk
Source0: ftp://ftp.xs4all.nl:/pub/crypto/%{name}/%{name}-%{version}.tar.gz
# (fg) 20010314 FIXME - HACK - this is a modified version of the initscript for
# ipsec, but it's far from being fully converted!
Source1: freeswan.init
Source2: ftp://ftp.xs4all.nl:/pub/crypto/%{name}/%{SOURCE0}.sig
Source3: http://www.strongsec.com/freeswan/x509patch-%{x509_patch_version}-%{name}-%{version}.tar.gz
Source4: http://www.strongsec.com/freeswan/x509patch-%{x509_patch_version}-%{name}-%{version}.tar.gz.sig
Patch0: %name-%version-Makefile.patch.bz2
License: GPL
Group: System/Servers
BuildRoot: %{_tmppath}/%{name}-buildroot
BuildRequires: gmp-devel
Prefix: %{_prefix}
URL: https://www.freeswan.org/
Prereq: /sbin/chkconfig rpm-helper
#Patch: freeswan-1.8-Makefile.patch.bz2
#Patch1: freeswan-1.8-config.patch.bz2
%description
The basic idea of IPSEC is to provide security functions
(authentication and encryption) at the IP (Internet Protocol)
level. It will be required in IP version 6 (better known as IPng,
the next generation) and is optional for the current IP, version 4.
FreeS/WAN is a freely-distributable implementation of IPSEC protocol.
%prep
%setup -q
%patch0 -p1 -b .mak
tar xzf %{SOURCE3}
cp x509patch-%{x509_patch_version}-%name-%version/%name.diff .
cp x509patch-%{x509_patch_version}-%name-%version/README ./README.x509patch
cp x509patch-%{x509_patch_version}-%name-%version/CHANGES ./CHANGES.x509patch
install -m 0644 x509patch-%{x509_patch_version}-%name-%version/ipsec.secrets.template ./ipsec.secrets.template.x509patch
mv README README.main
# we use /etc/freeswan instead of /etc
grep -r /etc/ipsec.secrets * | awk '{ print $1 }' | sed -e 's|:.*$|\1|' | xargs perl -p -i -e 's|/etc/ipsec.secrets|/etc/freeswan/ipsec.secrets|';
grep -r /etc/ipsec.conf * | awk '{ print $1 }' | sed -e 's|:.*$|\1|' | xargs perl -p -i -e 's|/etc/ipsec.conf|/etc/freeswan/ipsec.conf|';
grep -r /etc/ipsec.d * | awk '{ print $1 }' | sed -e 's|:.*$|\1|' | xargs perl -p -i -e 's|/etc/ipsec.d|/etc/freeswan/ipsec.d|';
grep -r /etc/x509cert.der * | awk '{ print $1 }' | sed -e 's|:.*$|\1|' | xargs perl -p -i -e 's|/etc/x509cert.der|/etc/freeswan/x509cert.der|';
grep -r /etc/pgpcert.pgp * | awk '{ print $1 }' | sed -e 's|:.*$|\1|' | xargs perl -p -i -e 's|/etc/pgpcert.pgp|/etc/freeswan/pgpcert.pgp|';
patch -p1 < %name.diff
%build
%serverbuild
perl -p -i -e "s|INC_USRLOCAL=/usr/local|INC_USRLOCAL=/usr|" Makefile.inc
%make OPT_FLAGS="$RPM_OPT_FLAGS" CONFDIR=/etc/freeswan/ FINALCONFDIR=/etc/freeswan INC_USRLOCAL=/usr INC_MANDIR=share/man programs
%install
rm -rf $RPM_BUILD_ROOT
install -d $RPM_BUILD_ROOT{%{_sysconfdir}/%{name}/ipsec.d/{cacerts,crls,private}},/etc/rc.d/init.d,/var/run/pluto}
make install \
INC_USRLOCAL=/usr \
INC_MANDIR=share/man \
CONFDIR="%buildroot"/etc/freeswan \
DESTDIR="%buildroot"
# (fg) File is copied over here
cp -f %{SOURCE1} $RPM_BUILD_ROOT/%{_initrddir}/ipsec
%post
is=%{_sysconfdir}/freeswan/ipsec.secrets; if [ ! -f $is ]; then ipsec newhostkey --output $is && chmod 400 $is; else ipsec newhostkey --output $is.rpmnew && chmod 400 $is.rpmnew; fi
%_post_service ipsec
%preun
%_preun_service ipsec
%clean
rm -rf $RPM_BUILD_ROOT
%files
%defattr(-,root,root,755)
%doc README* COPYING CHANGES* CREDITS BUGS ipsec* doc/*
%attr(700,root,root) %dir %{_sysconfdir}/%name
%attr(700,root,root) %dir %{_sysconfdir}/%name/ipsec.d/
%attr(700,root,root) %dir %{_sysconfdir}/%name/ipsec.d/cacerts
%attr(700,root,root) %dir %{_sysconfdir}/%name/ipsec.d/crls
%attr(700,root,root) %dir %{_sysconfdir}/%name/ipsec.d/private
%config(noreplace) %{_sysconfdir}/%name/ipsec.conf
%config(noreplace) %{_sysconfdir}/%name/ipsec.secrets
%config(noreplace) %{_initrddir}/ipsec
%{_libdir}/*
%{_sbindir}/*
%_includedir/*
%{_mandir}/*/*
%changelog
* Thu Jan 09 2003 Florin <florin@mandrakesoft.com> 1.99-3mdk
- recompile against the latest glibc/gcc
* Fri Nov 15 2002 Florin <florin@mandrakesoft.com> 1.99-2mdk
- add some missing files
- add the Makefile patch
* Thu Nov 14 2002 Florin <florin@mandrakesoft.com> 1.99-1mdk
- 1.99
- x509patch-0.9.15 patch
- Requires on rpm-helper
* Tue Aug 27 2002 Florin <florin@mandrakesoft.com> 1.98b-1mdk
- 1.98
- x509patch-0.9.14 patch
* Mon Aug 26 2002 Florin <florin@mandrakesoft.com> 1.97-4mdk
- add the ipsec.d/* directories
* Fri Aug 23 2002 Florin <florin@mandrakesoft.com> 1.97-3mdk
- x509patch-0.9.13 patch
* Thu Aug 08 2002 Florin <florin@mandrakesoft.com> 1.97-2mdk
- better usage in the initscript
* Tue Apr 16 2002 Florin <florin@mandrakesoft.com> 1.97-1mdk
- 1.97
- update the sources path
- add the x509 patch (source3)
- add the doc section
- add the /etc/%name/ipsec.d directory
* Fri Apr 12 2002 Florin <florin@mandrakesoft.com> 1.96-1mdk
- 1.96
- create a new %{_sysconfig}/%name/ipsec.secrets.rpmnew if
- ipsec.secrets exists
- use the --output option in post instead of redirection
* Tue Mar 12 2002 Florin <florin@mandrakesoft.com> 1.95-2mdk
- fix the conf files problem
* Wed Feb 27 2002 Florin <florin@mandrakesoft.com> 1.95-1mdk
- 1.95
- leave the sources in gz format
- add the signature file (source2)
- new initscript
* Wed Aug 29 2001 Sylvain de Tilly <sdetilly@mandrakesoft.com> 1.91-3mdk
- change config file in /usr/lib/ipsec/showhostkey :
/etc/ipsec.secrets to /etc/freeswan/ipsec.secrets
- change "hostname --fqdn" by "hostname" in /usr/lib/ipsec/showhostkey
* Tue Jul 31 2001 Sylvain de Tilly <sdetilly@mandrakesoft.com> 1.91-2mdk
- Add ipsec mini-howto in html and sgml format.
* Wed Jul 18 2001 Sylvain de Tilly <sdetilly@mandrakesofr.com> 1.91-1mdk
- update 1.9 to 1.9.1
* Sun Apr 8 2001 Frederic Lepied <flepied@mandrakesoft.com> 1.9-2mdk
- use server macros
* Thu Apr 5 2001 Chmouel Boudjnah <chmouel@mandrakesoft.com> 1.9-1mdk
- 1.9.
* Wed Mar 14 2001 Francis Galiegue <fg@mandrakesoft.com> 1.8-2mdk
- Modified init.d script to "feel like" Mandrake - HACK - please improve it
- More macros
* Tue Jan 23 2001 Chmouel Boudjnah <chmouel@mandrakesoft.com> VERSION-1mdk
-
# end of file
