%define x509_patch_version 0.9.15 Summary: A Free IPSEC implemetation Name: freeswan Version: 1.99 Release: 3mdk Source0: ftp://ftp.xs4all.nl:/pub/crypto/%{name}/%{name}-%{version}.tar.gz # (fg) 20010314 FIXME - HACK - this is a modified version of the initscript for # ipsec, but it's far from being fully converted! Source1: freeswan.init Source2: ftp://ftp.xs4all.nl:/pub/crypto/%{name}/%{SOURCE0}.sig Source3: http://www.strongsec.com/freeswan/x509patch-%{x509_patch_version}-%{name}-%{version}.tar.gz Source4: http://www.strongsec.com/freeswan/x509patch-%{x509_patch_version}-%{name}-%{version}.tar.gz.sig Patch0: %name-%version-Makefile.patch.bz2 License: GPL Group: System/Servers BuildRoot: %{_tmppath}/%{name}-buildroot BuildRequires: gmp-devel Prefix: %{_prefix} URL: https://www.freeswan.org/ Prereq: /sbin/chkconfig rpm-helper #Patch: freeswan-1.8-Makefile.patch.bz2 #Patch1: freeswan-1.8-config.patch.bz2 %description The basic idea of IPSEC is to provide security functions (authentication and encryption) at the IP (Internet Protocol) level. It will be required in IP version 6 (better known as IPng, the next generation) and is optional for the current IP, version 4. FreeS/WAN is a freely-distributable implementation of IPSEC protocol. %prep %setup -q %patch0 -p1 -b .mak tar xzf %{SOURCE3} cp x509patch-%{x509_patch_version}-%name-%version/%name.diff . cp x509patch-%{x509_patch_version}-%name-%version/README ./README.x509patch cp x509patch-%{x509_patch_version}-%name-%version/CHANGES ./CHANGES.x509patch install -m 0644 x509patch-%{x509_patch_version}-%name-%version/ipsec.secrets.template ./ipsec.secrets.template.x509patch mv README README.main # we use /etc/freeswan instead of /etc grep -r /etc/ipsec.secrets * | awk '{ print $1 }' | sed -e 's|:.*$|\1|' | xargs perl -p -i -e 's|/etc/ipsec.secrets|/etc/freeswan/ipsec.secrets|'; grep -r /etc/ipsec.conf * | awk '{ print $1 }' | sed -e 's|:.*$|\1|' | xargs perl -p -i -e 's|/etc/ipsec.conf|/etc/freeswan/ipsec.conf|'; grep -r /etc/ipsec.d * | awk '{ print $1 }' | sed -e 's|:.*$|\1|' | xargs perl -p -i -e 's|/etc/ipsec.d|/etc/freeswan/ipsec.d|'; grep -r /etc/x509cert.der * | awk '{ print $1 }' | sed -e 's|:.*$|\1|' | xargs perl -p -i -e 's|/etc/x509cert.der|/etc/freeswan/x509cert.der|'; grep -r /etc/pgpcert.pgp * | awk '{ print $1 }' | sed -e 's|:.*$|\1|' | xargs perl -p -i -e 's|/etc/pgpcert.pgp|/etc/freeswan/pgpcert.pgp|'; patch -p1 < %name.diff %build %serverbuild perl -p -i -e "s|INC_USRLOCAL=/usr/local|INC_USRLOCAL=/usr|" Makefile.inc %make OPT_FLAGS="$RPM_OPT_FLAGS" CONFDIR=/etc/freeswan/ FINALCONFDIR=/etc/freeswan INC_USRLOCAL=/usr INC_MANDIR=share/man programs %install rm -rf $RPM_BUILD_ROOT install -d $RPM_BUILD_ROOT{%{_sysconfdir}/%{name}/ipsec.d/{cacerts,crls,private}},/etc/rc.d/init.d,/var/run/pluto} make install \ INC_USRLOCAL=/usr \ INC_MANDIR=share/man \ CONFDIR="%buildroot"/etc/freeswan \ DESTDIR="%buildroot" # (fg) File is copied over here cp -f %{SOURCE1} $RPM_BUILD_ROOT/%{_initrddir}/ipsec %post is=%{_sysconfdir}/freeswan/ipsec.secrets; if [ ! -f $is ]; then ipsec newhostkey --output $is && chmod 400 $is; else ipsec newhostkey --output $is.rpmnew && chmod 400 $is.rpmnew; fi %_post_service ipsec %preun %_preun_service ipsec %clean rm -rf $RPM_BUILD_ROOT %files %defattr(-,root,root,755) %doc README* COPYING CHANGES* CREDITS BUGS ipsec* doc/* %attr(700,root,root) %dir %{_sysconfdir}/%name %attr(700,root,root) %dir %{_sysconfdir}/%name/ipsec.d/ %attr(700,root,root) %dir %{_sysconfdir}/%name/ipsec.d/cacerts %attr(700,root,root) %dir %{_sysconfdir}/%name/ipsec.d/crls %attr(700,root,root) %dir %{_sysconfdir}/%name/ipsec.d/private %config(noreplace) %{_sysconfdir}/%name/ipsec.conf %config(noreplace) %{_sysconfdir}/%name/ipsec.secrets %config(noreplace) %{_initrddir}/ipsec %{_libdir}/* %{_sbindir}/* %_includedir/* %{_mandir}/*/* %changelog * Thu Jan 09 2003 Florin <florin@mandrakesoft.com> 1.99-3mdk - recompile against the latest glibc/gcc * Fri Nov 15 2002 Florin <florin@mandrakesoft.com> 1.99-2mdk - add some missing files - add the Makefile patch * Thu Nov 14 2002 Florin <florin@mandrakesoft.com> 1.99-1mdk - 1.99 - x509patch-0.9.15 patch - Requires on rpm-helper * Tue Aug 27 2002 Florin <florin@mandrakesoft.com> 1.98b-1mdk - 1.98 - x509patch-0.9.14 patch * Mon Aug 26 2002 Florin <florin@mandrakesoft.com> 1.97-4mdk - add the ipsec.d/* directories * Fri Aug 23 2002 Florin <florin@mandrakesoft.com> 1.97-3mdk - x509patch-0.9.13 patch * Thu Aug 08 2002 Florin <florin@mandrakesoft.com> 1.97-2mdk - better usage in the initscript * Tue Apr 16 2002 Florin <florin@mandrakesoft.com> 1.97-1mdk - 1.97 - update the sources path - add the x509 patch (source3) - add the doc section - add the /etc/%name/ipsec.d directory * Fri Apr 12 2002 Florin <florin@mandrakesoft.com> 1.96-1mdk - 1.96 - create a new %{_sysconfig}/%name/ipsec.secrets.rpmnew if - ipsec.secrets exists - use the --output option in post instead of redirection * Tue Mar 12 2002 Florin <florin@mandrakesoft.com> 1.95-2mdk - fix the conf files problem * Wed Feb 27 2002 Florin <florin@mandrakesoft.com> 1.95-1mdk - 1.95 - leave the sources in gz format - add the signature file (source2) - new initscript * Wed Aug 29 2001 Sylvain de Tilly <sdetilly@mandrakesoft.com> 1.91-3mdk - change config file in /usr/lib/ipsec/showhostkey : /etc/ipsec.secrets to /etc/freeswan/ipsec.secrets - change "hostname --fqdn" by "hostname" in /usr/lib/ipsec/showhostkey * Tue Jul 31 2001 Sylvain de Tilly <sdetilly@mandrakesoft.com> 1.91-2mdk - Add ipsec mini-howto in html and sgml format. * Wed Jul 18 2001 Sylvain de Tilly <sdetilly@mandrakesofr.com> 1.91-1mdk - update 1.9 to 1.9.1 * Sun Apr 8 2001 Frederic Lepied <flepied@mandrakesoft.com> 1.9-2mdk - use server macros * Thu Apr 5 2001 Chmouel Boudjnah <chmouel@mandrakesoft.com> 1.9-1mdk - 1.9. * Wed Mar 14 2001 Francis Galiegue <fg@mandrakesoft.com> 1.8-2mdk - Modified init.d script to "feel like" Mandrake - HACK - please improve it - More macros * Tue Jan 23 2001 Chmouel Boudjnah <chmouel@mandrakesoft.com> VERSION-1mdk - # end of file