Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.1:kernel-2.6.32
openswan
openswan.spec
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openswan.spec of Package openswan
# # spec file for package openswan (Version 2.6.16) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # norootforbuild Name: openswan Version: 2.6.16 Release: 1.<RELEASE49> %define irel 2.6.16 License: GPL v2 or later Group: Productivity/Networking/Security Summary: IPsec Implementation which Allows Building of VPNs Url: http://www.openswan.org/ Provides: pluto klips ipsec VPN freeswan Obsoletes: freeswan PreReq: gmp %insserv_prereq %fillup_prereq perl Requires: ipsec-tools iproute2 AutoReqProv: on Source: http://www.openswan.org/download/%{name}-%{irel}.tar.gz Source1: http://www.openswan.org/download/%{name}-%{irel}.tar.gz.asc Source10: openswan.README.SUSE Source30: openswan.ipsec_1_to_2.pl # Patch0: openswan_00_features.dif Patch1: openswan_01_build-paths.dif Patch2: openswan_02_build-flags.dif Patch3: openswan_03_build-groff.dif Patch4: openswan_04_build_fixes.dif Patch10: openswan_10_install-perms.dif Patch30: openswan_30_rcscript.dif Patch31: openswan_31_config.dif Patch50: openswan-2.6.16-dpd_null_state.patch Patch51: openswan-2.6.x-asn1.patch Patch52: openswan-2.6.x-asn1_length.patch # Prefix: /usr BuildRequires: bison flex gmp-devel libcurl-devel libpcap-devel BuildRequires: groff xmlto BuildRoot: %{_tmppath}/%{name}-%{version}-build %description OpenS/WAN is the successor of FreeS/WAN. OpenS/WAN is an IPsec implementation which allows building Virtual Private Networks (VPNs). A typical VPN setup consists of two trusted networks connected over an insecure network, typically the Internet. OpenS/WAN allows you to create an encrypted tunnel through the insecure area. Unlike CIPE, it is interoperable with other operating systems or even router IPsec implementations Authors: -------- John Gilmore <gnu@toad.com> Henry Spencer <henry@spsystems.net> Richard Guy Briggs <rgb@conscoop.ottawa.on.ca> Hugh Redelmeier <hugh@mimosa.com> Sandy Harris <sandy.harris@sympatico.ca> Hugh Daniels <hugh@toad.com> %package doc License: GPL v2 or later Summary: OpenSWAN documentation Group: Productivity/Networking/Security %description doc This package provides OpenSWAN HTML documentation and development (section 3) manual pages. Authors: -------- John Gilmore <gnu@toad.com> Henry Spencer <henry@spsystems.net> Richard Guy Briggs <rgb@conscoop.ottawa.on.ca> Hugh Redelmeier <hugh@mimosa.com> Sandy Harris <sandy.harris@sympatico.ca> Hugh Daniels <hugh@toad.com> %prep %setup -q -n %{name}-%{irel} %patch0 %patch1 %patch2 %patch3 %patch4 %patch10 %patch30 %patch31 %patch50 %patch51 -p1 %patch52 -p1 %build make programs prefix=%{prefix} LIBD=%{_lib} USERCOMPILE="$RPM_OPT_FLAGS -W" ls -1 OBJ.linux.*/programs/pluto/pluto %install install -d -m 755 %{buildroot}/usr/lib make install prefix=%{prefix} LIBD=%{_lib} DESTDIR=$RPM_BUILD_ROOT rm -f ${RPM_BUILD_ROOT}/etc/init.d/setup ln -sf /etc/init.d/ipsec ${RPM_BUILD_ROOT}%{prefix}/sbin/rcipsec touch $RPM_BUILD_ROOT/etc/ipsec.secrets # install -m 755 %{SOURCE30} ${RPM_BUILD_ROOT}%{_libdir}/ipsec/ipsec_1_to_2.pl install -m 644 %SOURCE10 %{buildroot}/%{_docdir}/%{name}/README.SUSE install -m 644 programs/_confread/README.conf.V2 %{buildroot}/%{_docdir}/%{name}/ install -m 644 BUGS CHANGES CREDITS README %{buildroot}%{_docdir}/%{name}/ install -m 644 COPYING LICENSE %{buildroot}%{_docdir}/%{name}/ install -m 644 docs/debugging-tcpdump.txt %{buildroot}%{_docdir}/%{name}/ install -m 644 docs/KNOWN_BUGS*.txt %{buildroot}%{_docdir}/%{name}/ install -m 644 docs/RELEASE-NOTES.txt %{buildroot}%{_docdir}/%{name}/ rm -f %{buildroot}%{_docdir}/%{name}/GOING-AWAY rm -f %{buildroot}%{_docdir}/%{name}/doxygen.cfg rm -f %{buildroot}%{_docdir}/%{name}/impl.notes mv -f %{buildroot}/etc/ipsec.d/examples %{buildroot}%{_docdir}/%{name}/ rm -f %{buildroot}/etc/rc?.d/[KS]*ipsec %if "%{_lib}" != "lib" # this is a 64 bit binary mv %{buildroot}/usr/lib/ipsec/_copyright %{buildroot}/usr/%{_lib}/ipsec/ ln -sf ../../%{_lib}/ipsec/_copyright %{buildroot}/usr/lib/ipsec/_copyright %endif rm -f %{buildroot}/usr/lib*/ipsec/_updown.*.old rm -f %{buildroot}/usr/lib*/ipsec/_startklips.old # base="%{buildroot}%{_mandir}" rm -f ${base}/man5/pf_key.5* rm -f ${base}/man8/ipsec_ipsec.8* rm -f ${base}/man5/ipsec_ipsec.conf.5* rm -f ${base}/man5/ipsec_ipsec.secrets.5* rm -f ${base}/man5/ipsec_showpolicy.8* ln -sf ipsec__updown.8 ${base}/man8/ipsec__updown.mast.8 ln -sf ipsec__updown.8 ${base}/man8/ipsec__updown.bsdkame.8 ln -sf ipsec__updown.netkey.8 ${base}/man8/ipsec__updown.klips.8 # base="%{buildroot}%{_docdir}/%{name}" ln -sf ipsec_version.3.html ${base}/ipsec_version_code.3.html ln -sf ipsec_version.3.html ${base}/ipsec_version_string.3.html ln -sf ipsec_initsubnet.3.html ${base}/ipsec_addrtosubnet.3.html ln -sf ipsec_initsubnet.3.html ${base}/ipsec_maskof.3.html ln -sf ipsec_initsubnet.3.html ${base}/ipsec_networkof.3.html ln -sf ipsec_initsubnet.3.html ${base}/ipsec_masktocount.3.html ln -sf ipsec_initaddr.3.html ${base}/ipsec_addrlenof.3.html ln -sf ipsec_initaddr.3.html ${base}/ipsec_addrbytesptr.3.html ln -sf ipsec_initaddr.3.html ${base}/ipsec_addrbytesof.3.html ln -sf ipsec_initaddr.3.html ${base}/ipsec_addrtypeof.3.html ln -sf ipsec_atoaddr.3.html ${base}/ipsec_addrtoa.3.html ln -sf ipsec_atoaddr.3.html ${base}/ipsec_atosubnet.3.html ln -sf ipsec_bitstomask.3.html ${base}/ipsec_goodmask.3.html ln -sf ipsec_bitstomask.3.html ${base}/ipsec_masktobits.3.html ln -sf ipsec__updown.8.html ${base}/ipsec__updown.mast.8.html ln -sf ipsec__updown.netkey.8.html ${base}/ipsec__updown.klips.8.html ln -sf ipsec_ttoul.3.html ${base}/ipsec_ultot.3.html ln -sf ipsec_ttoaddr.3.html ${base}/ipsec_ttosubnet.3.html ln -sf ipsec_ttoaddr.3.html ${base}/ipsec_tnatoaddr.3.html ln -sf ipsec_ttoaddr.3.html ${base}/ipsec_subnettot.3.html ln -sf ipsec_prng.3.html ${base}/ipsec_prng_bytes.3.html ln -sf ipsec_prng.3.html ${base}/ipsec_prng_init.3.html ln -sf ipsec_prng.3.html ${base}/ipsec_prng_final.3.html ln -sf ipsec_hostof.3.html ${base}/ipsec_broadcastof.3.html ln -sf ipsec_samesaid.3.html ${base}/ipsec_sameaddr.3.html ln -sf ipsec_samesaid.3.html ${base}/ipsec_sameaddrtype.3.html ln -sf ipsec_samesaid.3.html ${base}/ipsec_samesubnettype.3.html ln -sf ipsec_samesaid.3.html ${base}/ipsec_samesubnet.3.html ln -sf ipsec_samesaid.3.html ${base}/ipsec_subnetinsubnet.3.html ln -sf ipsec_addrcmp.3.html ${base}/ipsec_addrinsubnet.3.html ln -sf ipsec_isunspecaddr.3.html ${base}/ipsec_isanyaddr.3.html ln -sf ipsec_isunspecaddr.3.html ${base}/ipsec_loopbackaddr.3.html ln -sf ipsec_isunspecaddr.3.html ${base}/ipsec_isloopbackaddr.3.html ln -sf ipsec_subnetinsubnet.3.html ${base}/ipsec_subnetishost.3.html ln -sf ipsec_sockaddrof.3.html ${base}/ipsec_sockaddrlenof.3.html ln -sf ipsec_sockaddrof.3.html ${base}/ipsec_setportof.3.html # find "%{buildroot}%{_docdir}/%{name}" -type f -exec chmod a-x,go-w \{\} \; # remove moot livetest tool completely... CVE-2008-4190 find "%{buildroot}/" -name "*livetest*" -exec rm -vf \{\} \; %files %defattr(-,root,root) /usr/sbin/ipsec /usr/sbin/rcipsec /usr/lib/ipsec %if "%{_lib}" != "lib" /usr/%{_lib}/ipsec/ %endif %config /etc/init.d/ipsec %config(noreplace) /etc/ipsec.conf %ghost %attr(600,root,root) %config(noreplace) /etc/ipsec.secrets %dir /etc/ipsec.d/ %dir /etc/ipsec.d/cacerts %dir /etc/ipsec.d/certs %dir /etc/ipsec.d/crls /etc/ipsec.d/policies %dir %attr(700,root,root) /etc/ipsec.d/private %doc %{_mandir}/man8/ipsec* %doc %{_mandir}/man5/ipsec* %dir %doc %{_docdir}/%{name} %doc %{_docdir}/%{name}/BUGS %doc %{_docdir}/%{name}/CHANGES %doc %{_docdir}/%{name}/CREDITS %doc %{_docdir}/%{name}/COPYING %doc %{_docdir}/%{name}/LICENSE %doc %{_docdir}/%{name}/README* %doc %{_docdir}/%{name}/ipsec.conf-sample %files doc %defattr(-,root,root) %dir %doc %{_docdir}/%{name} %doc %{_docdir}/%{name}/examples %doc %{_docdir}/%{name}/KNOWN_BUGS.txt %doc %{_docdir}/%{name}/KNOWN_BUGS_NETKEY.txt %doc %{_docdir}/%{name}/RELEASE-NOTES.txt %doc %{_docdir}/%{name}/debugging-tcpdump.txt %doc %{_docdir}/%{name}/*.html %doc %{_mandir}/man3/ipsec* %clean #test -z "$RPM_BUILD_ROOT" -o "$RPM_BUILD_ROOT" = "/" || rm -rf $RPM_BUILD_ROOT %post %{fillup_and_insserv ipsec} if test ! -s etc/ipsec.secrets; then cat >etc/ipsec.secrets << EOF # This file holds shared secrets or RSA private keys for inter-Pluto # authentication. See ipsec_pluto(8) manpage, and HTML documentation. # # RSA private key for this host, authenticating it to any other host # which knows the public part. Suitable public keys, for ipsec.conf, DNS, # or configuration of other implementations, can be extracted conveniently # with "ipsec showhostkey". # # Generate pem certificates using "yast2 ca_mgm" module or plain RSA keys # using the "ipsec newhostkey --output /etc/ipsec.secrets" command. # EOF fi if ! grep -q "version[ ]*2\.0" /etc/ipsec.conf; then echo "Migrate config to v2.0 ..." mv --backup=numbered /etc/ipsec.conf /etc/ipsec.conf.v1 /usr/lib/ipsec/ipsec_1_to_2.pl </etc/ipsec.conf.v1 >/etc/ipsec.conf PEMS=/etc/ipsec.d/*.pem if test "$PEMS" != "/etc/ipsec.d/*.pem"; then cp -p --backup=numbered $PEMS /etc/ipsec/certs/ echo -e "The certificates\n$PEMS\nhave been copied to /etc/ipsec/certs/" \ >>/var/adm/notify/messages/openswan echo "You may want to remove the old copies as soon as you stopped" \ >>/var/adm/notify/messages/openswan echo -e "using OpenSwan-2.6.x\n" >>/var/adm/notify/messages/openswan fi fi %preun %{stop_on_removal ipsec} # Some people expect to not loose their secrets even after multiple rpm -e. if test -s etc/ipsec.secrets.rpmsave; then cp -p --backup=numbered etc/ipsec.secrets.rpmsave etc/ipsec.secrets.rpmsave.old fi exit 0 %postun %{restart_on_update ipsec} %{insserv_cleanup} %changelog
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor