diff options
author | Robin H. Johnson <robbat2@gentoo.org> | 2010-01-10 01:12:10 +0000 |
---|---|---|
committer | Robin H. Johnson <robbat2@gentoo.org> | 2010-01-10 01:12:10 +0000 |
commit | 08586d19dee6923d7e7af976b2c18f77947a045f (patch) | |
tree | 763348d1cbdf52c3dfbc828de37c745d4bfa0022 /net-firewall/ipsec-tools | |
parent | Automated update of use.local.desc (diff) | |
download | historical-08586d19dee6923d7e7af976b2c18f77947a045f.tar.gz historical-08586d19dee6923d7e7af976b2c18f77947a045f.tar.bz2 historical-08586d19dee6923d7e7af976b2c18f77947a045f.zip |
Bug #283320: linux-info changes require that linux_config_exists is called before linux_chkconfig*. Bug #284810: ensure HAVE_PFKEY_POLICY_PRIORITY and HAVE_POLICY_FWD are always available. Bug #264233: Avoid reference to missing swab.h from mixing header/kernel sources versions - by not mixing the versions at all anymore.
Package-Manager: portage-2.2_rc61/cvs/Linux x86_64
Diffstat (limited to 'net-firewall/ipsec-tools')
-rw-r--r-- | net-firewall/ipsec-tools/ChangeLog | 12 | ||||
-rw-r--r-- | net-firewall/ipsec-tools/Manifest | 3 | ||||
-rw-r--r-- | net-firewall/ipsec-tools/ipsec-tools-0.7.3-r1.ebuild | 199 |
3 files changed, 212 insertions, 2 deletions
diff --git a/net-firewall/ipsec-tools/ChangeLog b/net-firewall/ipsec-tools/ChangeLog index 75d02338cafe..80a97a586865 100644 --- a/net-firewall/ipsec-tools/ChangeLog +++ b/net-firewall/ipsec-tools/ChangeLog @@ -1,6 +1,16 @@ # ChangeLog for net-firewall/ipsec-tools # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ChangeLog,v 1.74 2010/01/09 23:20:49 vostorga Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ChangeLog,v 1.75 2010/01/10 01:12:10 robbat2 Exp $ + +*ipsec-tools-0.7.3-r1 (10 Jan 2010) + + 10 Jan 2010; Robin H. Johnson <robbat2@gentoo.org> + +ipsec-tools-0.7.3-r1.ebuild: + Bug #283320: linux-info changes require that linux_config_exists is called + before linux_chkconfig*. Bug #284810: ensure HAVE_PFKEY_POLICY_PRIORITY + and HAVE_POLICY_FWD are always available. Bug #264233: Avoid reference to + missing swab.h from mixing header/kernel sources versions - by not mixing + the versions at all anymore. 09 Jan 2010; VĂctor Ostorga <vostorga@gentoo.org> ipsec-tools-0.7.3.ebuild, +files/ipsec-tools-duplicate-header.patch: diff --git a/net-firewall/ipsec-tools/Manifest b/net-firewall/ipsec-tools/Manifest index daf6fea7534f..de6ba35b8a2e 100644 --- a/net-firewall/ipsec-tools/Manifest +++ b/net-firewall/ipsec-tools/Manifest @@ -4,6 +4,7 @@ AUX racoon.init.d 1314 RMD160 14fd9ea02fdb20d13a0e3284e1f1e468117247f2 SHA1 41cb DIST ipsec-tools-0.7.2.tar.bz2 792731 RMD160 77dfa746efe69f956bd3a3369412edc06e6f2a3d SHA1 c9727d6bc99e4e1d390d3959b2712e6e92f29f81 SHA256 08722ff6c62de3e042fef337454f03622a79053108d6dcc686c9c854f9f9e031 DIST ipsec-tools-0.7.3.tar.bz2 776096 RMD160 e0ff32f0daa845934ac868ad5f36d58b25919c30 SHA1 19dc160643547a0bfabf0fe0ad1a181d3c28f410 SHA256 e6131d010b71d984194eb28267e6c01b49784a17a077bbafae58063f10b33b67 EBUILD ipsec-tools-0.7.2.ebuild 8262 RMD160 3974d9b62f76402c043ca4fe5e7ebeb48b7f8499 SHA1 b51ef1d6688d960108d7481292dbcd071a3f85d7 SHA256 e61aff73dba5dde6794a6f8e8bdcf0a227bab77337954a4bcce05445c0a12f68 +EBUILD ipsec-tools-0.7.3-r1.ebuild 5693 RMD160 2c5100317bc1ad74a9a3af5546ad127c0c6b5710 SHA1 6a393097cc41d3a70d46202dc3f8ea02723e93ae SHA256 fb702e7e63f0313441f93b12bdd30d56d52954052f9ae34a912d9df85c701377 EBUILD ipsec-tools-0.7.3.ebuild 8372 RMD160 1d15eb5b89b15fa4babf0519c5c0dd3f21ceddc3 SHA1 85b457cde5abb0f753e092bdfc4ad437744f2010 SHA256 377070e1b895a246a6d024ddba55d4527d5a56a6bcce800d327f079aa625bbd9 -MISC ChangeLog 11881 RMD160 3394fddfa78398015fa3839a090400adbcb7c203 SHA1 283a1645e0de1748a9ef9693b86b4d693fdde1cc SHA256 f633d48d7b0079f3d6e8b6df65cb973bb4f51e1deeb6ccec9de00a8bbea2371b +MISC ChangeLog 12337 RMD160 e3694e250a378ed58806acd595e4454fafbfe1d7 SHA1 8406a7034b381940fb9fea15063a7357c9f5b285 SHA256 ec9198c5dfbf47f8ed00dbe9ca33cd6f2403a6d8849145e42bd0925a6728f6da MISC metadata.xml 524 RMD160 351bb5819013ef3b7ec49fe70d22f363490a5ba1 SHA1 681504ef57886ed098e7bd5b13363c31fc7ce750 SHA256 b6818c278dcc159f496cadff08d546d6971be255cb4353728a08e03f2fbc47ef diff --git a/net-firewall/ipsec-tools/ipsec-tools-0.7.3-r1.ebuild b/net-firewall/ipsec-tools/ipsec-tools-0.7.3-r1.ebuild new file mode 100644 index 000000000000..ad75f0e6e9aa --- /dev/null +++ b/net-firewall/ipsec-tools/ipsec-tools-0.7.3-r1.ebuild @@ -0,0 +1,199 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.7.3-r1.ebuild,v 1.1 2010/01/10 01:12:10 robbat2 Exp $ + +inherit eutils flag-o-matic autotools linux-info + +DESCRIPTION="A port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation" +HOMEPAGE="http://ipsec-tools.sourceforge.net/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~sparc ~x86" +IUSE="idea ipv6 pam rc5 readline selinux ldap kerberos nat hybrid iconv selinux" + +DEPEND_COMMON=" + selinux? ( sys-libs/libselinux ) + readline? ( sys-libs/readline ) + pam? ( sys-libs/pam ) + ldap? ( net-nds/openldap ) + kerberos? ( virtual/krb5 ) + >=dev-libs/openssl-0.9.8 + iconv? ( virtual/libiconv )" +# radius? ( net-dialup/gnuradius ) + +RDEPEND="${DEPEND_COMMON} + selinux? ( sec-policy/selinux-ipsec-tools )" + +DEPEND="${DEPEND_COMMON} + >=sys-kernel/linux-headers-2.6.30" + +pkg_setup() { + get_version + if kernel_is 2 6 ; then + if test "${KV_PATCH}" -ge 19 ; then + # Just for kernel >=2.6.19 + einfo "Checking for suitable kernel configuration (Networking | Networking support | Networking options)" + + if use nat; then + CONFIG_CHECK="${CONFIG_CHECK} ~NETFILTER_XT_MATCH_POLICY" + export WARNING_NETFILTER_XT_MATCH_POLICY="NAT support may fail weirdly unless you enable this option in your kernel" + fi + + for i in XFRM_USER NET_KEY; do + CONFIG_CHECK="${CONFIG_CHECK} ~${i}" + eval "export WARNING_${i}='No tunnels will be available at all'" + done + + for i in INET_IPCOMP INET_AH INET_ESP \ + INET_XFRM_MODE_TRANSPORT \ + INET_XFRM_MODE_TUNNEL \ + INET_XFRM_MODE_BEET ; do + CONFIG_CHECK="${CONFIG_CHECK} ~${i}" + eval "export WARNING_${i}='IPv4 tunnels will not be available'" + done + + for i in INET6_IPCOMP INET6_AH INET6_ESP \ + INET6_XFRM_MODE_TRANSPORT \ + INET6_XFRM_MODE_TUNNEL \ + INET6_XFRM_MODE_BEET ; do + CONFIG_CHECK="${CONFIG_CHECK} ~${i}" + eval "export WARNING_${i}='IPv6 tunnels will not be available'" + done + + CONFIG_CHECK="${CONFIG_CHECK} ~CRYPTO_NULL" + export WARNING_CRYPTO_NULL="Unencrypted tunnels will not be available" + export CONFIG_CHECK + + check_extra_config + else + eerror "You must have a kernel >=2.6.19 to run ipsec-tools." + eerror "Building now, assuming that you will run on a different kernel" + fi + fi +} + +src_unpack() { + unpack ${A} + cd "${S}" + # fix for bug #76741 + sed -i 's:#include <sys/sysctl.h>::' src/racoon/pfkey.c src/setkey/setkey.c + # fix for bug #124813 + sed -i 's:-Werror::g' "${S}"/configure.ac + # Fixing duplicate specification of vmbuf.h #300161 + epatch "${FILESDIR}"/${PN}-duplicate-header.patch + + AT_M4DIR="${S}" eautoreconf + epunt_cxx +} + +src_compile() { + # fix for bug #61025 + filter-flags -march=c3 + + myconf="--with-kernel-headers=/usr/include \ + --enable-dependency-tracking \ + --enable-dpd \ + --enable-frag \ + --enable-stats \ + --enable-fastquit \ + --enable-stats \ + --enable-adminport \ + $(use_enable ipv6) \ + $(use_enable rc5) \ + $(use_enable idea) \ + $(use_with readline) + $(use_enable kerberos gssapi) \ + $(use_with ldap libldap) \ + $(use_with pam libpam)" + +# we do not want broken-natt from the kernel +# myconf="${myconf} $(use_enable broken-natt)" + use nat && myconf="${myconf} --enable-natt --enable-natt-versions=yes" + + # we only need security-context when using selinux + myconf="${myconf} $(use_enable selinux security-context)" + + # enable mode-cfg and xauth support + if use pam; then + myconf="${myconf} --enable-hybrid" + else + myconf="${myconf} $(use_enable hybrid)" + fi + + # dev-libs/libiconv is hard masked + #use iconv && myconf="${myconf} $(use_with iconv libiconv)" + + # the default (/usr/include/openssl/) is OK for Gentoo, leave it + # myconf="${myconf} $(use_with ssl openssl )" + + # No way to get it compiling with freeradius or gnuradius + # We would need libradius which only exists on FreeBSD + + # See bug #77369 + #myconf="${myconf} --enable-samode-unspec" + + econf ${myconf} || die + emake -j1 || die +} + +src_install() { + emake DESTDIR="${D}" install || die + keepdir /var/lib/racoon + newconfd "${FILESDIR}"/racoon.conf.d racoon + newinitd "${FILESDIR}"/racoon.init.d racoon + + dodoc ChangeLog README NEWS + dodoc src/racoon/samples/* + dodoc src/racoon/doc/* + + docinto roadwarrior + dodoc src/racoon/samples/roadwarrior/* + + docinto roadwarrior/client + dodoc src/racoon/samples/roadwarrior/client/* + docinto roadwarrior/server + dodoc src/racoon/samples/roadwarrior/server/* + + docinto setkey + dodoc src/setkey/sample.cf + + dodir /etc/racoon + + # RFC are only available from CVS for the moment, see einfo below + #docinto "rfc" + #dodoc ${S}/src/racoon/rfc/* +} + +pkg_postinst() { + if use nat; then + elog + elog " You have enabled the nat traversal functionnality." + elog " Nat versions wich are enabled by default are 00,02,rfc" + elog " you can find those drafts in the CVS repository:" + elog "cvs -d anoncvs@anoncvs.netbsd.org:/cvsroot co ipsec-tools" + elog + elog "If you feel brave enough and you know what you are" + elog "doing, you can consider emerging this ebuild" + elog "with" + elog "EXTRA_ECONF=\"--enable-natt-versions=08,07,06\"" + elog + fi; + + if use ldap; then + elog + elog " You have enabled ldap support with {$PN}." + elog " The man page does NOT contain any information on it yet." + elog " Consider to use a more recent version or CVS" + elog + fi; + + elog + elog "Please have a look in /usr/share/doc/${P} and visit" + elog "http://www.netbsd.org/Documentation/network/ipsec/" + elog "to find a lot of information on how to configure this great tool." + elog +} + +# vim: set foldmethod=marker nowrap : |