1 |
blueness 12/02/28 22:55:18 |
2 |
|
3 |
Modified: ChangeLog |
4 |
Added: ipsec-tools-0.8.0-r1.ebuild |
5 |
Log: |
6 |
Address bugs #210826 and #403509 |
7 |
|
8 |
(Portage version: 2.1.10.44/cvs/Linux x86_64) |
9 |
|
10 |
Revision Changes Path |
11 |
1.82 net-firewall/ipsec-tools/ChangeLog |
12 |
|
13 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/ipsec-tools/ChangeLog?rev=1.82&view=markup |
14 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/ipsec-tools/ChangeLog?rev=1.82&content-type=text/plain |
15 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/ipsec-tools/ChangeLog?r1=1.81&r2=1.82 |
16 |
|
17 |
Index: ChangeLog |
18 |
=================================================================== |
19 |
RCS file: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ChangeLog,v |
20 |
retrieving revision 1.81 |
21 |
retrieving revision 1.82 |
22 |
diff -u -r1.81 -r1.82 |
23 |
--- ChangeLog 9 Feb 2012 20:47:18 -0000 1.81 |
24 |
+++ ChangeLog 28 Feb 2012 22:55:18 -0000 1.82 |
25 |
@@ -1,6 +1,13 @@ |
26 |
# ChangeLog for net-firewall/ipsec-tools |
27 |
# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 |
28 |
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ChangeLog,v 1.81 2012/02/09 20:47:18 blueness Exp $ |
29 |
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ChangeLog,v 1.82 2012/02/28 22:55:18 blueness Exp $ |
30 |
+ |
31 |
+*ipsec-tools-0.8.0-r1 (28 Feb 2012) |
32 |
+ |
33 |
+ 28 Feb 2012; Anthony G. Basile <blueness@g.o> |
34 |
+ +ipsec-tools-0.8.0-r1.ebuild, +files/ipsec-tools-def-psk.patch, |
35 |
+ +files/ipsec-tools-include-vendoridh.patch, +files/racoon.pam.d: |
36 |
+ Address bugs #210826 and #403509 |
37 |
|
38 |
*ipsec-tools-0.8.0 (09 Feb 2012) |
39 |
|
40 |
|
41 |
|
42 |
|
43 |
1.1 net-firewall/ipsec-tools/ipsec-tools-0.8.0-r1.ebuild |
44 |
|
45 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r1.ebuild?rev=1.1&view=markup |
46 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r1.ebuild?rev=1.1&content-type=text/plain |
47 |
|
48 |
Index: ipsec-tools-0.8.0-r1.ebuild |
49 |
=================================================================== |
50 |
# Copyright 1999-2012 Gentoo Foundation |
51 |
# Distributed under the terms of the GNU General Public License v2 |
52 |
# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r1.ebuild,v 1.1 2012/02/28 22:55:18 blueness Exp $ |
53 |
|
54 |
EAPI="4" |
55 |
|
56 |
inherit eutils flag-o-matic autotools linux-info pam |
57 |
|
58 |
DESCRIPTION="A port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation" |
59 |
HOMEPAGE="http://ipsec-tools.sourceforge.net/" |
60 |
SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2" |
61 |
|
62 |
LICENSE="BSD" |
63 |
SLOT="0" |
64 |
KEYWORDS="~amd64 ~x86" |
65 |
IUSE="rc5 idea kerberos stats ipv6 nat selinux readline pam hybrid ldap" |
66 |
|
67 |
RDEPEND=" |
68 |
kerberos? ( virtual/krb5 ) |
69 |
selinux? ( |
70 |
sys-libs/libselinux |
71 |
sec-policy/selinux-ipsec-tools |
72 |
) |
73 |
readline? ( sys-libs/readline ) |
74 |
pam? ( sys-libs/pam ) |
75 |
ldap? ( net-nds/openldap ) |
76 |
dev-libs/openssl |
77 |
virtual/libiconv" |
78 |
# iconv? ( virtual/libiconv ) |
79 |
# radius? ( net-dialup/gnuradius ) |
80 |
|
81 |
DEPEND="${RDEPEND} |
82 |
>=sys-kernel/linux-headers-2.6.30" |
83 |
|
84 |
pkg_setup() { |
85 |
get_version |
86 |
if kernel_is -ge 2 6 19 ; then |
87 |
einfo "Checking for suitable kernel configuration (Networking | Networking support | Networking options)" |
88 |
|
89 |
if use nat; then |
90 |
CONFIG_CHECK="${CONFIG_CHECK} ~NETFILTER_XT_MATCH_POLICY" |
91 |
export WARNING_NETFILTER_XT_MATCH_POLICY="NAT support may fail weirdly unless you enable this option in your kernel" |
92 |
fi |
93 |
|
94 |
for i in XFRM_USER NET_KEY; do |
95 |
CONFIG_CHECK="${CONFIG_CHECK} ~${i}" |
96 |
eval "export WARNING_${i}='No tunnels will be available at all'" |
97 |
done |
98 |
|
99 |
for i in INET_IPCOMP INET_AH INET_ESP \ |
100 |
INET_XFRM_MODE_TRANSPORT \ |
101 |
INET_XFRM_MODE_TUNNEL \ |
102 |
INET_XFRM_MODE_BEET ; do |
103 |
CONFIG_CHECK="${CONFIG_CHECK} ~${i}" |
104 |
eval "export WARNING_${i}='IPv4 tunnels will not be available'" |
105 |
done |
106 |
|
107 |
for i in INET6_IPCOMP INET6_AH INET6_ESP \ |
108 |
INET6_XFRM_MODE_TRANSPORT \ |
109 |
INET6_XFRM_MODE_TUNNEL \ |
110 |
INET6_XFRM_MODE_BEET ; do |
111 |
CONFIG_CHECK="${CONFIG_CHECK} ~${i}" |
112 |
eval "export WARNING_${i}='IPv6 tunnels will not be available'" |
113 |
done |
114 |
|
115 |
CONFIG_CHECK="${CONFIG_CHECK} ~CRYPTO_NULL" |
116 |
export WARNING_CRYPTO_NULL="Unencrypted tunnels will not be available" |
117 |
export CONFIG_CHECK |
118 |
|
119 |
check_extra_config |
120 |
else |
121 |
eerror "You must have a kernel >=2.6.19 to run ipsec-tools." |
122 |
eerror "Building now, assuming that you will run on a different kernel" |
123 |
fi |
124 |
} |
125 |
|
126 |
src_prepare() { |
127 |
# fix for bug #76741 |
128 |
sed -i 's:#include <sys/sysctl.h>::' src/racoon/pfkey.c src/setkey/setkey.c || die |
129 |
# fix for bug #124813 |
130 |
sed -i 's:-Werror::g' "${S}"/configure.ac || die |
131 |
# fix for building with gcc-4.6 |
132 |
sed -i 's: -R: -Wl,-R:' "${S}"/configure.ac || die |
133 |
|
134 |
epatch "${FILESDIR}/${PN}-def-psk.patch" |
135 |
epatch "${FILESDIR}/${PN}-include-vendoridh.patch" |
136 |
|
137 |
AT_M4DIR="${S}" eautoreconf |
138 |
epunt_cxx |
139 |
} |
140 |
|
141 |
src_configure() { |
142 |
# fix for bug #61025 |
143 |
filter-flags -march=c3 |
144 |
|
145 |
local myconf |
146 |
myconf="--with-kernel-headers=/usr/include \ |
147 |
--enable-adminport \ |
148 |
--enable-frag \ |
149 |
--enable-dpd \ |
150 |
--enable-dependency-tracking \ |
151 |
$(use_enable rc5) \ |
152 |
$(use_enable idea) \ |
153 |
$(use_enable kerberos gssapi) \ |
154 |
$(use_enable stats) \ |
155 |
$(use_enable ipv6) \ |
156 |
$(use_enable nat natt) \ |
157 |
$(use_enable selinux security-context) \ |
158 |
$(use_with readline) \ |
159 |
$(use_with pam libpam) \ |
160 |
$(use_with ldap libldap)" |
161 |
|
162 |
use nat && myconf="${myconf} --enable-natt-versions=yes" |
163 |
|
164 |
# enable mode-cfg and xauth support |
165 |
if use pam; then |
166 |
myconf="${myconf} --enable-hybrid" |
167 |
else |
168 |
myconf="${myconf} $(use_enable hybrid)" |
169 |
fi |
170 |
|
171 |
# dev-libs/libiconv is hard masked |
172 |
#use iconv && myconf="${myconf} $(use_with iconv libiconv)" |
173 |
|
174 |
# the default (/usr/include/openssl/) is OK for Gentoo, leave it |
175 |
# myconf="${myconf} $(use_with ssl openssl )" |
176 |
|
177 |
# No way to get it compiling with freeradius or gnuradius |
178 |
# We would need libradius which only exists on FreeBSD |
179 |
|
180 |
# See bug #77369 |
181 |
#myconf="${myconf} --enable-samode-unspec" |
182 |
|
183 |
econf ${myconf} |
184 |
} |
185 |
|
186 |
src_install() { |
187 |
emake DESTDIR="${D}" install |
188 |
keepdir /var/lib/racoon |
189 |
newconfd "${FILESDIR}"/racoon.conf.d racoon |
190 |
newinitd "${FILESDIR}"/racoon.init.d racoon |
191 |
newpamd "${FILESDIR}"/racoon.pam.d racoon |
192 |
|
193 |
dodoc ChangeLog README NEWS |
194 |
dodoc -r src/racoon/samples |
195 |
dodoc -r src/racoon/doc |
196 |
|
197 |
docinto setkey |
198 |
dodoc src/setkey/sample.cf |
199 |
|
200 |
dodir /etc/racoon |
201 |
} |
202 |
|
203 |
pkg_postinst() { |
204 |
if use nat; then |
205 |
elog |
206 |
elog "You have enabled the nat traversal functionnality." |
207 |
elog "Nat versions wich are enabled by default are 00,02,rfc" |
208 |
elog "you can find those drafts in the CVS repository:" |
209 |
elog "cvs -d anoncvs@××××××××××××××.org:/cvsroot co ipsec-tools" |
210 |
elog |
211 |
elog "If you feel brave enough and you know what you are" |
212 |
elog "doing, you can consider emerging this ebuild with" |
213 |
elog "EXTRA_ECONF=\"--enable-natt-versions=08,07,06\"" |
214 |
elog |
215 |
fi |
216 |
|
217 |
if use ldap; then |
218 |
elog |
219 |
elog "You have enabled ldap support with {$PN}." |
220 |
elog "The man page does NOT contain any information on it yet." |
221 |
elog "Consider using a more recent version or CVS." |
222 |
elog |
223 |
fi |
224 |
|
225 |
elog |
226 |
elog "Please have a look in /usr/share/doc/${P} and visit" |
227 |
elog "http://www.netbsd.org/Documentation/network/ipsec/" |
228 |
elog "to find more information on how to configure this tool." |
229 |
elog |
230 |
} |