| 1 |
%define _enable_debug_packages %{nil} |
| 2 |
%define debug_package %{nil} |
| 3 |
|
| 4 |
Summary: An implementation of IPSEC & IKE for Linux |
| 5 |
Name: openswan |
| 6 |
Version: 2.6.28 |
| 7 |
%define subrel 2 |
| 8 |
Release: %mkrel 2 |
| 9 |
License: GPLv2+ |
| 10 |
Group: System/Servers |
| 11 |
URL: http://www.openswan.org/ |
| 12 |
Source0: http://www.openswan.org/download/openswan-%{version}.tar.gz |
| 13 |
Source1: http://www.openswan.org/download/openswan-%{version}.tar.gz.asc |
| 14 |
Patch0: openswan-2.6.28-manfix.patch |
| 15 |
Patch1: openswan-2.6.21-format_not_a_string_literal_and_no_format_arguments.diff |
| 16 |
# patch 2 from RedHat, also fixes CVE-2010-3752 and CVE-2010-3753 |
| 17 |
Patch2: openswan-2.6.28-CVE-2010-3302-CVE-2010-3308.patch |
| 18 |
Patch3: openswan-cve-2011-4073.patch |
| 19 |
# patches 4 and 5 from RedHat, fixes CVE-2013-2053 |
| 20 |
Patch4: openswan-libreswan-backport-949437-atodn.patch |
| 21 |
Patch5: openswan-libreswan-backport-949437-x509dn.patch |
| 22 |
Requires(post): rpm-helper |
| 23 |
Requires(preun): rpm-helper |
| 24 |
Provides: ipsec-userland |
| 25 |
Requires: lsof |
| 26 |
Requires: iproute2 |
| 27 |
Requires: ipsec-tools |
| 28 |
Conflicts: freeswan |
| 29 |
BuildRequires: bison |
| 30 |
BuildRequires: gmp-devel |
| 31 |
BuildRequires: pam-devel |
| 32 |
BuildRequires: dos2unix |
| 33 |
BuildRequires: flex |
| 34 |
BuildRequires: xmlto |
| 35 |
BuildRequires: docbook-dtd412-xml |
| 36 |
BuildRequires: docbook-style-xsl |
| 37 |
|
| 38 |
%description |
| 39 |
Openswan is a free implementation of IPSEC & IKE for Linux, a fork of the |
| 40 |
FreeS/WAN project. |
| 41 |
|
| 42 |
IPSEC is Internet Protocol Security and uses strong cryptography to |
| 43 |
provide both authentication and encryption services. These services |
| 44 |
allow you to build secure tunnels through untrusted networks. |
| 45 |
Everything passing through the untrusted net is encrypted by the ipsec |
| 46 |
gateway machine and decrypted by the gateway at the other end of the |
| 47 |
tunnel. The resulting tunnel is a virtual private network or VPN. |
| 48 |
|
| 49 |
This package contains the daemons and userland tools for setting up |
| 50 |
Openswan on a kernel with either the 2.6 native IPsec code, or |
| 51 |
FreeS/WAN's KLIPS. |
| 52 |
|
| 53 |
%package doc |
| 54 |
Summary: An implementation of IPSEC & IKE for Linux |
| 55 |
Group: System/Servers |
| 56 |
|
| 57 |
%description doc |
| 58 |
Openswan is a free implementation of IPSEC & IKE for Linux, a fork of the |
| 59 |
FreeS/WAN project. |
| 60 |
|
| 61 |
This is the documentation for Openswan. |
| 62 |
|
| 63 |
%prep |
| 64 |
|
| 65 |
%setup -q -n openswan-%{version} |
| 66 |
%patch0 -p0 -b .manfix |
| 67 |
%patch1 -p0 -b .format_not_a_string_literal_and_no_format_arguments |
| 68 |
%patch2 -p1 -b .xauth |
| 69 |
%patch3 -p1 -b .ike |
| 70 |
%patch4 -p1 -b .atodn |
| 71 |
%patch5 -p1 -b .x509dn |
| 72 |
|
| 73 |
find . -type f -name "*.html" -exec dos2unix -U {} \; |
| 74 |
|
| 75 |
%build |
| 76 |
|
| 77 |
%serverbuild |
| 78 |
|
| 79 |
find . -name "Makefile*" | xargs perl -pi -e "s|libexec|%{_lib}|g" |
| 80 |
export CLFAGS=$(echo %{optflags} -fno-strict-aliasing) |
| 81 |
# the %make macro doesn't seem to work |
| 82 |
make \ |
| 83 |
USERCOMPILE="-g $CLFAGS" \ |
| 84 |
INC_USRLOCAL=%{_prefix} \ |
| 85 |
MANTREE=%{_mandir} \ |
| 86 |
INC_RCDEFAULT=%{_initrddir} \ |
| 87 |
CONFDIR=%{_sysconfdir}/%name \ |
| 88 |
FINALCONFDIR=%{_sysconfdir}/%name \ |
| 89 |
FINALCONFFILE=%{_sysconfdir}/%name/ipsec.conf \ |
| 90 |
FINALLIBEXECDIR=%{_libdir}/ipsec \ |
| 91 |
FINALLIBDIR=%{_libdir}/ipsec \ |
| 92 |
programs |
| 93 |
|
| 94 |
%install |
| 95 |
rm -rf %{buildroot} |
| 96 |
|
| 97 |
%{make} \ |
| 98 |
DESTDIR=%{buildroot} \ |
| 99 |
INC_USRLOCAL=%{_prefix} \ |
| 100 |
MANTREE=%{buildroot}%{_mandir} \ |
| 101 |
INC_RCDEFAULT=%{_initrddir} \ |
| 102 |
INC_USRLOCAL=%{_prefix} \ |
| 103 |
INC_RCDEFAULT=%{_initrddir} \ |
| 104 |
FINALCONFDIR=%{_sysconfdir}/%name \ |
| 105 |
FINALLIBEXECDIR=%{_libdir}/ipsec \ |
| 106 |
FINALLIBDIR=%{_libdir}/ipsec \ |
| 107 |
install |
| 108 |
|
| 109 |
install -d -m700 %{buildroot}%{_localstatedir}/lib/run/pluto |
| 110 |
install -d %{buildroot}%{_sbindir} |
| 111 |
|
| 112 |
# Remove old documentation for the time being. |
| 113 |
rm -rf %{buildroot}%{_defaultdocdir}/freeswan |
| 114 |
|
| 115 |
# cleanup |
| 116 |
rm -rf %{buildroot}%{_sysconfdir}/rc.d/rc* |
| 117 |
rm -rf %{buildroot}%{_sysconfdir}/rc.d/init.d/setup |
| 118 |
rm -rf %{buildroot}%{_docdir}/%{name} |
| 119 |
|
| 120 |
%preun |
| 121 |
%_preun_service ipsec |
| 122 |
|
| 123 |
%post |
| 124 |
%_post_service ipsec |
| 125 |
|
| 126 |
%clean |
| 127 |
rm -rf %{buildroot} |
| 128 |
|
| 129 |
%files |
| 130 |
%doc BUGS CHANGES COPYING CREDITS README |
| 131 |
%attr(0755,root,root) %{_initrddir}/ipsec |
| 132 |
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/%{name}/ipsec.conf |
| 133 |
%attr(0700,root,root) %dir %{_sysconfdir}/%{name}/ipsec.d |
| 134 |
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/%{name}/ipsec.d/*/* |
| 135 |
%{_sbindir}/ipsec |
| 136 |
%dir %{_libdir}/ipsec |
| 137 |
%{_libdir}/ipsec/* |
| 138 |
%{_localstatedir}/lib/run/pluto |
| 139 |
%{_mandir}/*/* |
| 140 |
|
| 141 |
%files doc |
| 142 |
%doc doc/* |
Parent Directory
| 
Revision Log