[gentoo-commits] gentoo-x86 commit in net-firewall/ipsec-tools: ChangeLog ipsec-tools-0.7.3.ebuild - gentoo-commits

From:	"Patrick Lauer (patrick)" <patrick@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo-x86 commit in net-firewall/ipsec-tools: ChangeLog ipsec-tools-0.7.3.ebuild
Date:	Fri, 11 Sep 2009 17:18:48
Message-Id:	`E1Mm9ll-0002TE-Sj@stork.gentoo.org`

1

patrick     09/09/11 17:18:45

2

3

  Modified:             ChangeLog

4

  Added:                ipsec-tools-0.7.3.ebuild

5

  Log:

6

  Bump, fixes #282746

7

  (Portage version: 2.2_rc40/cvs/Linux x86_64)

8

9

Revision  Changes    Path

10

1.73                 net-firewall/ipsec-tools/ChangeLog

11

12

file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-firewall/ipsec-tools/ChangeLog?rev=1.73&view=markup

13

plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-firewall/ipsec-tools/ChangeLog?rev=1.73&content-type=text/plain

14

diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-firewall/ipsec-tools/ChangeLog?r1=1.72&r2=1.73

15

16

Index: ChangeLog

17

===================================================================

18

RCS file: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ChangeLog,v

19

retrieving revision 1.72

20

retrieving revision 1.73

21

diff -u -r1.72 -r1.73

22

--- ChangeLog	6 May 2009 19:12:00 -0000	1.72

23

+++ ChangeLog	11 Sep 2009 17:18:45 -0000	1.73

24

@@ -1,6 +1,11 @@

25

 # ChangeLog for net-firewall/ipsec-tools

26

 # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2

27

-# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ChangeLog,v 1.72 2009/05/06 19:12:00 a3li Exp $

28

+# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ChangeLog,v 1.73 2009/09/11 17:18:45 patrick Exp $

29

+

30

+*ipsec-tools-0.7.3 (11 Sep 2009)

31

+

32

+  11 Sep 2009; Patrick Lauer <patrick@g.o> +ipsec-tools-0.7.3.ebuild:

33

+  Bump, fixes #282746

34

35

   06 May 2009; Alex Legler <a3li@g.o> -ipsec-tools-0.6.7.ebuild,

36

   -ipsec-tools-0.7.1.ebuild:

1.1                  net-firewall/ipsec-tools/ipsec-tools-0.7.3.ebuild

41

42

file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.7.3.ebuild?rev=1.1&view=markup

43

plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.7.3.ebuild?rev=1.1&content-type=text/plain

44

45

Index: ipsec-tools-0.7.3.ebuild

46

===================================================================

47

# Copyright 1999-2009 Gentoo Foundation

48

# Distributed under the terms of the GNU General Public License v2

49

# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.7.3.ebuild,v 1.1 2009/09/11 17:18:45 patrick Exp $

50

51

inherit eutils flag-o-matic autotools linux-info

52

53

DESCRIPTION="A port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation"

54

HOMEPAGE="http://ipsec-tools.sourceforge.net/"

55

SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"

56

57

LICENSE="BSD"

58

SLOT="0"

59

KEYWORDS="~amd64 ~ppc ~sparc ~x86"

60

IUSE="idea ipv6 pam rc5 readline selinux ldap kerberos nat hybrid iconv selinux"

61

62

# FIXME: what is the correct syntax for ~sparc ???

63

DEPEND="!sparc? ( >=sys-kernel/linux-headers-2.6 )

64

	readline? ( sys-libs/readline )

65

	pam? ( sys-libs/pam )

66

	ldap? ( net-nds/openldap )

67

	kerberos? ( virtual/krb5 )

68

	>=dev-libs/openssl-0.9.8

69

	iconv? ( virtual/libiconv )

70

	selinux? ( sys-libs/libselinux )"

71

#	radius? ( net-dialup/gnuradius )

72

73

RDEPEND="${DEPEND}

74

	selinux? ( sec-policy/selinux-ipsec-tools )"

75

76

# {{{ kernel_check()

77

kernel_check() {

78

	get_version

79

	if kernel_is 2 6 ; then

80

		if test "${KV_PATCH}" -ge 19 ; then

81

		# Just for kernel >=2.6.19

82

			ebegin "Checking for suitable kernel configuration (Networking | Networking support | Networking options)"

83

84

			if use nat ; then

85

				if ! { linux_chkconfig_present NETFILTER_XT_MATCH_POLICY; } ; then

86

					ewarn "[NETFILTER_XT_MATCH_POLICY] IPsec policy match support is NOT enabled"

87

					eerror "${P} won't compile with use nat traversal (USE=nat) until you enable NETFILTER_XT_MATCH_POLICY in your kernel"

88

die

89

				else

90

					einfo "....[NETFILTER_XT_MATCH_POLICY] IPsec policy match support is enabled :-)"

91

fi

92

fi

93

			# {{{ general stuff

94

			if ! { linux_chkconfig_present XFRM_USER; }; then

95

				ewarn "[XFRM_USER] Transformation user configuration interface is NOT enabled."

96

			else

97

				einfo "....[XFRM_USER] Transformation user configuration interface is enabled :-)"

98

fi

99

100

			if ! { linux_chkconfig_present NET_KEY; }; then

101

				ewarn "[NET_KEY] PF_KEY sockets is NOT enabled."

102

			else

103

				einfo "....[NET_KEY] PF_KEY sockets is enabled :-)"

104

fi

105

			# }}}

106

			# {{{ IPv4 stuff

107

			if ! { linux_chkconfig_present INET_IPCOMP; }; then

108

				ewarn "[INET_IPCOMP] IP: IPComp transformation is NOT enabled"

109

			else

110

				einfo "....[INET_IPCOMP] IP: IPComp transformation is enabled :-)"

111

fi

112

113

			if ! { linux_chkconfig_present INET_AH; }; then

114

				ewarn "[INET_AH] AH Transformation is NOT enabled."

115

			else

116

				einfo "....[INET_AH] AH Transformation is enabled :-)"

117

fi

118

119

			if ! { linux_chkconfig_present INET_ESP; }; then

120

				ewarn "[INET_ESP] ESP Transformation is NOT enabled."

121

			else

122

				einfo "....[INET_ESP] ESP Transformation is enabled :-)"

123

fi

124

125

			if ! { linux_chkconfig_present INET_XFRM_MODE_TRANSPORT; }; then

126

				ewarn "[INET_XFRM_MODE_TRANSPORT] IP: IPsec transport mode is NOT enabled."

127

			else

128

				einfo "....[INET_XFRM_MODE_TRANSPORT] IP: IPsec transport mode is enabled :-)"

129

fi

130

131

			if ! { linux_chkconfig_present INET_XFRM_MODE_TUNNEL; }; then

132

				ewarn "[INET_XFRM_MODE_TUNNEL] IP: IPsec tunnel mode is NOT enabled."

133

			else

134

				einfo "....[INET_XFRM_MODE_TUNNEL] IP: IPsec tunnel mode is enabled :-)"

135

fi

136

137

			if ! { linux_chkconfig_present INET_XFRM_MODE_BEET; }; then

138

				ewarn "[INET_XFRM_MODE_BEET] IP: IPsec BEET mode is NOT enabled."

139

			else

140

				einfo "....[INET_XFRM_MODE_BEET] IP: IPsec BEET mode is enabled :-)"

141

fi

142

			# }}}

143

			# {{{ IPv6 stuff

144

			if use ipv6 ; then

145

				if ! { linux_chkconfig_present INET6_IPCOMP; }; then

146

					ewarn "[INET6_IPCOMP] IPv6: IPComp transformation is NOT enabled"

147

				else

148

					einfo "....[INET6_IPCOMP] IPv6: IPComp transformation is enabled :-)"

149

fi

150

151

				if ! { linux_chkconfig_present INET6_AH; }; then

152

					ewarn "[INET6_AH] IPv6: AH Transformation is NOT enabled."

153

				else

154

					einfo "....[INET6_AH] IPv6: AH Transformation is enabled :-)"

155

fi

156

157

				if ! { linux_chkconfig_present INET6_ESP; }; then

158

					ewarn "[INET6_ESP] IPv6: ESP Transformation is NOT enabled."

159

				else

160

					einfo "....[INET6_ESP] IPv6: ESP Transformation is enabled :-)"

161

fi

162

163

				if ! { linux_chkconfig_present INET6_XFRM_MODE_TRANSPORT; }; then

164

					ewarn "[INET6_XFRM_MODE_TRANSPORT] IPv6: IPsec transport mode is NOT enabled."

165

				else

166

					einfo "....[INET6_XFRM_MODE_TRANSPORT] IPv6: IPsec transport mode is enabled :-)"

167

fi

168

169

				if ! { linux_chkconfig_present INET6_XFRM_MODE_TUNNEL; }; then

170

					ewarn "[INET6_XFRM_MODE_TUNNEL] IPv6: IPsec tunnel mode is NOT enabled."

171

				else

172

					einfo "....[INET6_XFRM_MODE_TUNNEL] IPv6: IPsec tunnel mode is enabled :-)"

173

fi

174

175

				if ! { linux_chkconfig_present INET6_XFRM_MODE_BEET; }; then

176

					ewarn "[INET6_XFRM_MODE_BEET] IPv6: IPsec BEET mode is NOT enabled."

177

				else

178

					einfo "....[INET6_XFRM_MODE_BEET] IPv6: IPsec BEET mode is enabled :-)"

179

fi

180

				if ! { linux_chkconfig_present CRYPTO_NULL; }; then

181

					ewarn "[CRYPTO_NULL] Crypto: NULL algorithm is NOT enabled"

182

				else

183

					einfo "....[CRYPTO_NULL] Cyrpto: Crypto NULL algorithm enabled :-)"

184

fi

185

fi

186

			# }}}

187

188

			eend $?

189

fi

190

fi

191

}

192

# }}}

193

194

src_unpack() {

195

	unpack ${A}

196

	cd "${S}"

197

	# fix for bug #76741

198

	sed -i 's:#include <sys/sysctl.h>::' src/racoon/pfkey.c src/setkey/setkey.c

199

	# fix for bug #124813

200

	sed -i 's:-Werror::g' "${S}"/configure.ac

201

202

	AT_M4DIR="${S}" eautoreconf

203

	epunt_cxx

204

}

205

206

src_compile() {

207

	# fix for bug #61025

208

	filter-flags -march=c3

209

210

	kernel_check

211

212

	myconf="--with-kernel-headers=${KV_DIR}/include \

213

			--enable-dependency-tracking \

214

			--enable-dpd \

215

			--enable-frag \

216

			--enable-stats \

217

			--enable-fastquit \

218

			--enable-stats \

219

			--enable-adminport \

220

			$(use_enable ipv6) \

221

			$(use_enable rc5) \

222

			$(use_enable idea) \

223

			$(use_with readline)

224

			$(use_enable kerberos gssapi) \

225

			$(use_with ldap libldap) \

226

			$(use_with pam libpam)"

227

228

#	we do not want broken-natt from the kernel

229

#	myconf="${myconf} $(use_enable broken-natt)"

230

	use nat && myconf="${myconf} --enable-natt --enable-natt-versions=yes"

231

232

	# we only need security-context when using selinux

233

	myconf="${myconf} $(use_enable selinux security-context)"

234

235

	# enable mode-cfg and xauth support

236

	if use pam; then

237

		myconf="${myconf} --enable-hybrid"

238

	else

239

		myconf="${myconf} $(use_enable hybrid)"

240

fi

241

242

	# dev-libs/libiconv is hard masked

243

	#use iconv && myconf="${myconf} $(use_with iconv libiconv)"

244

245

	# the default (/usr/include/openssl/) is OK for Gentoo, leave it

246

	# myconf="${myconf} $(use_with ssl openssl )"

247

248

	# No way to get it compiling with freeradius or gnuradius

249

	# We would need libradius which only exists on FreeBSD

250

251

	# See bug #77369

252

	#myconf="${myconf} --enable-samode-unspec"

253

254

	econf ${myconf} || die

255

	emake -j1 || die

256

}

257

258

src_install() {

259

	emake DESTDIR="${D}" install || die

260

	keepdir /var/lib/racoon

261

	newconfd "${FILESDIR}"/racoon.conf.d racoon

262

	newinitd "${FILESDIR}"/racoon.init.d racoon

263

264

	dodoc ChangeLog README NEWS

265

	dodoc src/racoon/samples/*

266

	dodoc src/racoon/doc/*

267

268

	docinto roadwarrior

269

	dodoc src/racoon/samples/roadwarrior/*

270

271

	docinto roadwarrior/client

272

	dodoc src/racoon/samples/roadwarrior/client/*

273

	docinto roadwarrior/server

274

	dodoc src/racoon/samples/roadwarrior/server/*

275

276

	docinto setkey

277

	dodoc src/setkey/sample.cf

278

279

	dodir /etc/racoon

280

281

	# RFC are only available from CVS for the moment, see einfo below

282

	#docinto "rfc"

283

	#dodoc ${S}/src/racoon/rfc/*

284

}

285

286

pkg_postinst() {

287

	if use nat; then

288

		elog

289

		elog " You have enabled the nat traversal functionnality."

290

		elog " Nat versions wich are enabled by default are 00,02,rfc"

291

		elog " you can find those drafts in the CVS repository:"

292

		elog "cvs -d anoncvs@××××××××××××××.org:/cvsroot co ipsec-tools"

293

		elog

294

		elog "If you feel brave enough and you know what you are"

295

		elog "doing, you can consider emerging this ebuild"

296

		elog "with"

297

		elog "EXTRA_ECONF=\"--enable-natt-versions=08,07,06\""

298

		elog

299

fi;

300

301

	if use ldap; then

302

		elog

303

		elog " You have enabled ldap support with {$PN}."

304

		elog " The man page does NOT contain any information on it yet."

305

		elog " Consider to use a more recent version or CVS"

306

		elog

307

fi;

308

309

	elog

310

	elog "Please have a look in /usr/share/doc/${P} and visit"

311

	elog "http://www.netbsd.org/Documentation/network/ipsec/"

312

	elog "to find a lot of information on how to configure this great tool."

313

	elog

314

}

315

316

# vim: set foldmethod=marker nowrap :

1	patrick 09/09/11 17:18:45
2
3	Modified: ChangeLog
4	Added: ipsec-tools-0.7.3.ebuild
5	Log:
6	Bump, fixes #282746
7	(Portage version: 2.2_rc40/cvs/Linux x86_64)
8
9	Revision Changes Path
10	1.73 net-firewall/ipsec-tools/ChangeLog
11
12	file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-firewall/ipsec-tools/ChangeLog?rev=1.73&view=markup
13	plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-firewall/ipsec-tools/ChangeLog?rev=1.73&content-type=text/plain
14	diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-firewall/ipsec-tools/ChangeLog?r1=1.72&r2=1.73
15
16	Index: ChangeLog
17	===================================================================
18	RCS file: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ChangeLog,v
19	retrieving revision 1.72
20	retrieving revision 1.73
21	diff -u -r1.72 -r1.73
22	--- ChangeLog 6 May 2009 19:12:00 -0000 1.72
23	+++ ChangeLog 11 Sep 2009 17:18:45 -0000 1.73
24	@@ -1,6 +1,11 @@
25	# ChangeLog for net-firewall/ipsec-tools
26	# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
27	-# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ChangeLog,v 1.72 2009/05/06 19:12:00 a3li Exp $
28	+# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ChangeLog,v 1.73 2009/09/11 17:18:45 patrick Exp $
29	+
30	+*ipsec-tools-0.7.3 (11 Sep 2009)
31	+
32	+ 11 Sep 2009; Patrick Lauer <patrick@g.o> +ipsec-tools-0.7.3.ebuild:
33	+ Bump, fixes #282746
34
35	06 May 2009; Alex Legler <a3li@g.o> -ipsec-tools-0.6.7.ebuild,
36	-ipsec-tools-0.7.1.ebuild:
37
38
39
40	1.1 net-firewall/ipsec-tools/ipsec-tools-0.7.3.ebuild
41
42	file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.7.3.ebuild?rev=1.1&view=markup
43	plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.7.3.ebuild?rev=1.1&content-type=text/plain
44
45	Index: ipsec-tools-0.7.3.ebuild
46	===================================================================
47	# Copyright 1999-2009 Gentoo Foundation
48	# Distributed under the terms of the GNU General Public License v2
49	# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.7.3.ebuild,v 1.1 2009/09/11 17:18:45 patrick Exp $
50
51	inherit eutils flag-o-matic autotools linux-info
52
53	DESCRIPTION="A port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation"
54	HOMEPAGE="http://ipsec-tools.sourceforge.net/"
55	SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
56
57	LICENSE="BSD"
58	SLOT="0"
59	KEYWORDS="~amd64 ~ppc ~sparc ~x86"
60	IUSE="idea ipv6 pam rc5 readline selinux ldap kerberos nat hybrid iconv selinux"
61
62	# FIXME: what is the correct syntax for ~sparc ???
63	DEPEND="!sparc? ( >=sys-kernel/linux-headers-2.6 )
64	readline? ( sys-libs/readline )
65	pam? ( sys-libs/pam )
66	ldap? ( net-nds/openldap )
67	kerberos? ( virtual/krb5 )
68	>=dev-libs/openssl-0.9.8
69	iconv? ( virtual/libiconv )
70	selinux? ( sys-libs/libselinux )"
71	# radius? ( net-dialup/gnuradius )
72
73	RDEPEND="${DEPEND}
74	selinux? ( sec-policy/selinux-ipsec-tools )"
75
76	# {{{ kernel_check()
77	kernel_check() {
78	get_version
79	if kernel_is 2 6 ; then
80	if test "${KV_PATCH}" -ge 19 ; then
81	# Just for kernel >=2.6.19
82	ebegin "Checking for suitable kernel configuration (Networking \| Networking support \| Networking options)"
83
84	if use nat ; then
85	if ! { linux_chkconfig_present NETFILTER_XT_MATCH_POLICY; } ; then
86	ewarn "[NETFILTER_XT_MATCH_POLICY] IPsec policy match support is NOT enabled"
87	eerror "${P} won't compile with use nat traversal (USE=nat) until you enable NETFILTER_XT_MATCH_POLICY in your kernel"
88	die
89	else
90	einfo "....[NETFILTER_XT_MATCH_POLICY] IPsec policy match support is enabled :-)"
91	fi
92	fi
93	# {{{ general stuff
94	if ! { linux_chkconfig_present XFRM_USER; }; then
95	ewarn "[XFRM_USER] Transformation user configuration interface is NOT enabled."
96	else
97	einfo "....[XFRM_USER] Transformation user configuration interface is enabled :-)"
98	fi
99
100	if ! { linux_chkconfig_present NET_KEY; }; then
101	ewarn "[NET_KEY] PF_KEY sockets is NOT enabled."
102	else
103	einfo "....[NET_KEY] PF_KEY sockets is enabled :-)"
104	fi
105	# }}}
106	# {{{ IPv4 stuff
107	if ! { linux_chkconfig_present INET_IPCOMP; }; then
108	ewarn "[INET_IPCOMP] IP: IPComp transformation is NOT enabled"
109	else
110	einfo "....[INET_IPCOMP] IP: IPComp transformation is enabled :-)"
111	fi
112
113	if ! { linux_chkconfig_present INET_AH; }; then
114	ewarn "[INET_AH] AH Transformation is NOT enabled."
115	else
116	einfo "....[INET_AH] AH Transformation is enabled :-)"
117	fi
118
119	if ! { linux_chkconfig_present INET_ESP; }; then
120	ewarn "[INET_ESP] ESP Transformation is NOT enabled."
121	else
122	einfo "....[INET_ESP] ESP Transformation is enabled :-)"
123	fi
124
125	if ! { linux_chkconfig_present INET_XFRM_MODE_TRANSPORT; }; then
126	ewarn "[INET_XFRM_MODE_TRANSPORT] IP: IPsec transport mode is NOT enabled."
127	else
128	einfo "....[INET_XFRM_MODE_TRANSPORT] IP: IPsec transport mode is enabled :-)"
129	fi
130
131	if ! { linux_chkconfig_present INET_XFRM_MODE_TUNNEL; }; then
132	ewarn "[INET_XFRM_MODE_TUNNEL] IP: IPsec tunnel mode is NOT enabled."
133	else
134	einfo "....[INET_XFRM_MODE_TUNNEL] IP: IPsec tunnel mode is enabled :-)"
135	fi
136
137	if ! { linux_chkconfig_present INET_XFRM_MODE_BEET; }; then
138	ewarn "[INET_XFRM_MODE_BEET] IP: IPsec BEET mode is NOT enabled."
139	else
140	einfo "....[INET_XFRM_MODE_BEET] IP: IPsec BEET mode is enabled :-)"
141	fi
142	# }}}
143	# {{{ IPv6 stuff
144	if use ipv6 ; then
145	if ! { linux_chkconfig_present INET6_IPCOMP; }; then
146	ewarn "[INET6_IPCOMP] IPv6: IPComp transformation is NOT enabled"
147	else
148	einfo "....[INET6_IPCOMP] IPv6: IPComp transformation is enabled :-)"
149	fi
150
151	if ! { linux_chkconfig_present INET6_AH; }; then
152	ewarn "[INET6_AH] IPv6: AH Transformation is NOT enabled."
153	else
154	einfo "....[INET6_AH] IPv6: AH Transformation is enabled :-)"
155	fi
156
157	if ! { linux_chkconfig_present INET6_ESP; }; then
158	ewarn "[INET6_ESP] IPv6: ESP Transformation is NOT enabled."
159	else
160	einfo "....[INET6_ESP] IPv6: ESP Transformation is enabled :-)"
161	fi
162
163	if ! { linux_chkconfig_present INET6_XFRM_MODE_TRANSPORT; }; then
164	ewarn "[INET6_XFRM_MODE_TRANSPORT] IPv6: IPsec transport mode is NOT enabled."
165	else
166	einfo "....[INET6_XFRM_MODE_TRANSPORT] IPv6: IPsec transport mode is enabled :-)"
167	fi
168
169	if ! { linux_chkconfig_present INET6_XFRM_MODE_TUNNEL; }; then
170	ewarn "[INET6_XFRM_MODE_TUNNEL] IPv6: IPsec tunnel mode is NOT enabled."
171	else
172	einfo "....[INET6_XFRM_MODE_TUNNEL] IPv6: IPsec tunnel mode is enabled :-)"
173	fi
174
175	if ! { linux_chkconfig_present INET6_XFRM_MODE_BEET; }; then
176	ewarn "[INET6_XFRM_MODE_BEET] IPv6: IPsec BEET mode is NOT enabled."
177	else
178	einfo "....[INET6_XFRM_MODE_BEET] IPv6: IPsec BEET mode is enabled :-)"
179	fi
180	if ! { linux_chkconfig_present CRYPTO_NULL; }; then
181	ewarn "[CRYPTO_NULL] Crypto: NULL algorithm is NOT enabled"
182	else
183	einfo "....[CRYPTO_NULL] Cyrpto: Crypto NULL algorithm enabled :-)"
184	fi
185	fi
186	# }}}
187
188	eend $?
189	fi
190	fi
191	}
192	# }}}
193
194	src_unpack() {
195	unpack ${A}
196	cd "${S}"
197	# fix for bug #76741
198	sed -i 's:#include <sys/sysctl.h>::' src/racoon/pfkey.c src/setkey/setkey.c
199	# fix for bug #124813
200	sed -i 's:-Werror::g' "${S}"/configure.ac
201
202	AT_M4DIR="${S}" eautoreconf
203	epunt_cxx
204	}
205
206	src_compile() {
207	# fix for bug #61025
208	filter-flags -march=c3
209
210	kernel_check
211
212	myconf="--with-kernel-headers=${KV_DIR}/include \
213	--enable-dependency-tracking \
214	--enable-dpd \
215	--enable-frag \
216	--enable-stats \
217	--enable-fastquit \
218	--enable-stats \
219	--enable-adminport \
220	$(use_enable ipv6) \
221	$(use_enable rc5) \
222	$(use_enable idea) \
223	$(use_with readline)
224	$(use_enable kerberos gssapi) \
225	$(use_with ldap libldap) \
226	$(use_with pam libpam)"
227
228	# we do not want broken-natt from the kernel
229	# myconf="${myconf} $(use_enable broken-natt)"
230	use nat && myconf="${myconf} --enable-natt --enable-natt-versions=yes"
231
232	# we only need security-context when using selinux
233	myconf="${myconf} $(use_enable selinux security-context)"
234
235	# enable mode-cfg and xauth support
236	if use pam; then
237	myconf="${myconf} --enable-hybrid"
238	else
239	myconf="${myconf} $(use_enable hybrid)"
240	fi
241
242	# dev-libs/libiconv is hard masked
243	#use iconv && myconf="${myconf} $(use_with iconv libiconv)"
244
245	# the default (/usr/include/openssl/) is OK for Gentoo, leave it
246	# myconf="${myconf} $(use_with ssl openssl )"
247
248	# No way to get it compiling with freeradius or gnuradius
249	# We would need libradius which only exists on FreeBSD
250
251	# See bug #77369
252	#myconf="${myconf} --enable-samode-unspec"
253
254	econf ${myconf} \|\| die
255	emake -j1 \|\| die
256	}
257
258	src_install() {
259	emake DESTDIR="${D}" install \|\| die
260	keepdir /var/lib/racoon
261	newconfd "${FILESDIR}"/racoon.conf.d racoon
262	newinitd "${FILESDIR}"/racoon.init.d racoon
263
264	dodoc ChangeLog README NEWS
265	dodoc src/racoon/samples/*
266	dodoc src/racoon/doc/*
267
268	docinto roadwarrior
269	dodoc src/racoon/samples/roadwarrior/*
270
271	docinto roadwarrior/client
272	dodoc src/racoon/samples/roadwarrior/client/*
273	docinto roadwarrior/server
274	dodoc src/racoon/samples/roadwarrior/server/*
275
276	docinto setkey
277	dodoc src/setkey/sample.cf
278
279	dodir /etc/racoon
280
281	# RFC are only available from CVS for the moment, see einfo below
282	#docinto "rfc"
283	#dodoc ${S}/src/racoon/rfc/*
284	}
285
286	pkg_postinst() {
287	if use nat; then
288	elog
289	elog " You have enabled the nat traversal functionnality."
290	elog " Nat versions wich are enabled by default are 00,02,rfc"
291	elog " you can find those drafts in the CVS repository:"
292	elog "cvs -d anoncvs@××××××××××××××.org:/cvsroot co ipsec-tools"
293	elog
294	elog "If you feel brave enough and you know what you are"
295	elog "doing, you can consider emerging this ebuild"
296	elog "with"
297	elog "EXTRA_ECONF=\"--enable-natt-versions=08,07,06\""
298	elog
299	fi;
300
301	if use ldap; then
302	elog
303	elog " You have enabled ldap support with {$PN}."
304	elog " The man page does NOT contain any information on it yet."
305	elog " Consider to use a more recent version or CVS"
306	elog
307	fi;
308
309	elog
310	elog "Please have a look in /usr/share/doc/${P} and visit"
311	elog "http://www.netbsd.org/Documentation/network/ipsec/"
312	elog "to find a lot of information on how to configure this great tool."
313	elog
314	}
315
316	# vim: set foldmethod=marker nowrap :

Gentoo Archives: gentoo-commits