Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Anthony G. Basile (blueness)" <blueness@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in net-firewall/ipsec-tools: ChangeLog ipsec-tools-0.8.0-r2.ebuild
Date: Tue, 06 Mar 2012 00:12:51
Message-Id: 20120306001241.BB3162004B@flycatcher.gentoo.org
1 blueness 12/03/06 00:12:41
2
3 Modified: ChangeLog
4 Added: ipsec-tools-0.8.0-r2.ebuild
5 Log:
6 Use system linux header files rather than those in /usr/src/linux
7
8 (Portage version: 2.1.10.44/cvs/Linux x86_64)
9
10 Revision Changes Path
11 1.85 net-firewall/ipsec-tools/ChangeLog
12
13 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/ipsec-tools/ChangeLog?rev=1.85&view=markup
14 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/ipsec-tools/ChangeLog?rev=1.85&content-type=text/plain
15 diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/ipsec-tools/ChangeLog?r1=1.84&r2=1.85
16
17 Index: ChangeLog
18 ===================================================================
19 RCS file: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ChangeLog,v
20 retrieving revision 1.84
21 retrieving revision 1.85
22 diff -u -r1.84 -r1.85
23 --- ChangeLog 4 Mar 2012 18:18:27 -0000 1.84
24 +++ ChangeLog 6 Mar 2012 00:12:41 -0000 1.85
25 @@ -1,6 +1,12 @@
26 # ChangeLog for net-firewall/ipsec-tools
27 # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
28 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ChangeLog,v 1.84 2012/03/04 18:18:27 blueness Exp $
29 +# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ChangeLog,v 1.85 2012/03/06 00:12:41 blueness Exp $
30 +
31 +*ipsec-tools-0.8.0-r2 (06 Mar 2012)
32 +
33 + 06 Mar 2012; Anthony G. Basile <blueness@g.o>
34 + +ipsec-tools-0.8.0-r2.ebuild, +files/ipsec-tools-system-kernel-headers.patch:
35 + Use system linux header files rather than those in /usr/src/linux.
36
37 04 Mar 2012; Anthony G. Basile <blueness@g.o>
38 ipsec-tools-0.8.0-r1.ebuild:
39
40
41
42 1.1 net-firewall/ipsec-tools/ipsec-tools-0.8.0-r2.ebuild
43
44 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r2.ebuild?rev=1.1&view=markup
45 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r2.ebuild?rev=1.1&content-type=text/plain
46
47 Index: ipsec-tools-0.8.0-r2.ebuild
48 ===================================================================
49 # Copyright 1999-2012 Gentoo Foundation
50 # Distributed under the terms of the GNU General Public License v2
51 # $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r2.ebuild,v 1.1 2012/03/06 00:12:41 blueness Exp $
52
53 EAPI="4"
54
55 inherit eutils flag-o-matic autotools linux-info pam
56
57 DESCRIPTION="A port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation"
58 HOMEPAGE="http://ipsec-tools.sourceforge.net/"
59 SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
60
61 LICENSE="BSD"
62 SLOT="0"
63 KEYWORDS="~amd64 ~x86"
64 IUSE="rc5 idea kerberos stats ipv6 nat selinux readline pam hybrid ldap"
65
66 RDEPEND="
67 kerberos? ( virtual/krb5 )
68 selinux? (
69 sys-libs/libselinux
70 sec-policy/selinux-ipsec-tools
71 )
72 readline? ( sys-libs/readline )
73 pam? ( sys-libs/pam )
74 ldap? ( net-nds/openldap )
75 dev-libs/openssl
76 virtual/libiconv"
77 # iconv? ( virtual/libiconv )
78 # radius? ( net-dialup/gnuradius )
79
80 DEPEND="${RDEPEND}
81 >=sys-kernel/linux-headers-2.6.30"
82
83 pkg_setup() {
84 linux-info_pkg_setup
85
86 get_version
87
88 if linux_config_exists && kernel_is -ge 2 6 19; then
89 ewarn
90 ewarn "\033[1;33m**************************************************\033[1;33m"
91 ewarn
92 ewarn "Checking kernel configuration in /usr/src/linux or"
93 ewarn "or /proc/config.gz for compatibility with ${PN}."
94 ewarn
95 ewarn "WARNING: If your *configured* and *running* kernel"
96 ewarn "differ either now or in the future, then these checks"
97 ewarn "may lead to misleading results."
98
99 # Check options for all flavors of IPSec
100 local msg=""
101 for i in XFRM_USER NET_KEY; do
102 if ! linux_chkconfig_present ${i}; then
103 msg="${msg} ${i}"
104 fi
105 done
106 if [[ ! -z "$msg" ]]; then
107 ewarn
108 ewarn "ALL IPSec may fail. CHECK:"
109 ewarn "${msg}"
110 fi
111
112 # Check unencrypted IPSec
113 if ! linux_chkconfig_present CRYPTO_NULL; then
114 ewarn
115 ewarn "Unencrypted IPSec may fail. CHECK:"
116 ewarn " CRYPTO_NULL"
117 fi
118
119 # Check IPv4 IPSec
120 msg=""
121 for i in \
122 INET_IPCOMP INET_AH INET_ESP \
123 INET_XFRM_MODE_TRANSPORT \
124 INET_XFRM_MODE_TUNNEL \
125 INET_XFRM_MODE_BEET
126 do
127 if ! linux_chkconfig_present ${i}; then
128 msg="${msg} ${i}"
129 fi
130 done
131 if [[ ! -z "$msg" ]]; then
132 ewarn
133 ewarn "IPv4 IPSec may fail. CHECK:"
134 ewarn "${msg}"
135 fi
136
137 # Check IPv6 IPSec
138 if use ipv6; then
139 msg=""
140 for i in INET6_IPCOMP INET6_AH INET6_ESP \
141 INET6_XFRM_MODE_TRANSPORT \
142 INET6_XFRM_MODE_TUNNEL \
143 INET6_XFRM_MODE_BEET
144 do
145 if ! linux_chkconfig_present ${i}; then
146 msg="${msg} ${i}"
147 fi
148 done
149 if [[ ! -z "$msg" ]]; then
150 ewarn
151 ewarn "IPv6 IPSec may fail. CHECK:"
152 ewarn "${msg}"
153 fi
154 fi
155
156 # Check IPSec behind NAT
157 if use nat; then
158 if ! linux_chkconfig_present NETFILTER_XT_MATCH_POLICY; then
159 ewarn
160 ewarn "IPSec behind NAT may fail. CHECK:"
161 ewarn " NETFILTER_XT_MATCH_POLICY"
162 fi
163 fi
164
165 ewarn
166 ewarn "\033[1;33m**************************************************\033[1;33m"
167 ewarn
168 else
169 eerror
170 eerror "\033[1;31m**************************************************\033[1;31m"
171 eerror "Make sure that your *running* kernel is/will be >=2.6.19."
172 eerror "Building ${PN} now, assuming that you know what you're doing."
173 eerror "\033[1;31m**************************************************\033[1;31m"
174 eerror
175 fi
176 }
177
178 src_prepare() {
179 # fix for bug #76741
180 sed -i 's:#include <sys/sysctl.h>::' src/racoon/pfkey.c src/setkey/setkey.c || die
181 # fix for bug #124813
182 sed -i 's:-Werror::g' "${S}"/configure.ac || die
183 # fix for building with gcc-4.6
184 sed -i 's: -R: -Wl,-R:' "${S}"/configure.ac || die
185
186 epatch "${FILESDIR}/${PN}-def-psk.patch"
187 epatch "${FILESDIR}/${PN}-include-vendoridh.patch"
188 epatch "${FILESDIR}/${PN}-system-kernel-headers.patch"
189
190 AT_M4DIR="${S}" eautoreconf
191 epunt_cxx
192 }
193
194 src_configure() {
195 # fix for bug #61025
196 filter-flags -march=c3
197
198 local myconf
199 myconf="--with-kernel-headers=/usr/include \
200 --enable-adminport \
201 --enable-frag \
202 --enable-dpd \
203 --enable-dependency-tracking \
204 $(use_enable rc5) \
205 $(use_enable idea) \
206 $(use_enable kerberos gssapi) \
207 $(use_enable stats) \
208 $(use_enable ipv6) \
209 $(use_enable nat natt) \
210 $(use_enable selinux security-context) \
211 $(use_with readline) \
212 $(use_with pam libpam) \
213 $(use_with ldap libldap)"
214
215 use nat && myconf="${myconf} --enable-natt-versions=yes"
216
217 # enable mode-cfg and xauth support
218 if use pam; then
219 myconf="${myconf} --enable-hybrid"
220 else
221 myconf="${myconf} $(use_enable hybrid)"
222 fi
223
224 # dev-libs/libiconv is hard masked
225 #use iconv && myconf="${myconf} $(use_with iconv libiconv)"
226
227 # the default (/usr/include/openssl/) is OK for Gentoo, leave it
228 # myconf="${myconf} $(use_with ssl openssl )"
229
230 # No way to get it compiling with freeradius or gnuradius
231 # We would need libradius which only exists on FreeBSD
232
233 # See bug #77369
234 #myconf="${myconf} --enable-samode-unspec"
235
236 econf ${myconf}
237 }
238
239 src_install() {
240 emake DESTDIR="${D}" install
241 keepdir /var/lib/racoon
242 newconfd "${FILESDIR}"/racoon.conf.d racoon
243 newinitd "${FILESDIR}"/racoon.init.d racoon
244 use pam && newpamd "${FILESDIR}"/racoon.pam.d racoon
245
246 dodoc ChangeLog README NEWS
247 dodoc -r src/racoon/samples
248 dodoc -r src/racoon/doc
249
250 docinto setkey
251 dodoc src/setkey/sample.cf
252
253 dodir /etc/racoon
254 }
255
256 pkg_postinst() {
257 if use nat; then
258 elog
259 elog "You have enabled the nat traversal functionnality."
260 elog "Nat versions wich are enabled by default are 00,02,rfc"
261 elog "you can find those drafts in the CVS repository:"
262 elog "cvs -d anoncvs@××××××××××××××.org:/cvsroot co ipsec-tools"
263 elog
264 elog "If you feel brave enough and you know what you are"
265 elog "doing, you can consider emerging this ebuild with"
266 elog "EXTRA_ECONF=\"--enable-natt-versions=08,07,06\""
267 elog
268 fi
269
270 if use ldap; then
271 elog
272 elog "You have enabled ldap support with {$PN}."
273 elog "The man page does NOT contain any information on it yet."
274 elog "Consider using a more recent version or CVS."
275 elog
276 fi
277
278 elog
279 elog "Please have a look in /usr/share/doc/${P} and visit"
280 elog "http://www.netbsd.org/Documentation/network/ipsec/"
281 elog "to find more information on how to configure this tool."
282 elog
283 }
Report Message
Find on MARC Find on Google Groups