Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 101029 Details for
Bug 152971
net-firewall/ipsec-tools-0.6.6 version bump
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
New ebuild for ipsec-tools 0.6.6
ipsec-tools-0.6.6.ebuild (text/plain), 19.94 KB, created by
Cyrius
on 2006-11-02 00:39:34 UTC
(
hide
)
Description:
New ebuild for ipsec-tools 0.6.6
Filename:
MIME Type:
Creator:
Cyrius
Created:
2006-11-02 00:39:34 UTC
Size:
19.94 KB
patch
obsolete
># Copyright 1999-2006 Gentoo Foundation ># Distributed under the terms of the GNU General Public License v2 ># $Header: $ > >inherit eutils flag-o-matic autotools linux-info > >DESCRIPTION="IPsec-Tools is a port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation." >HOMEPAGE="http://ipsec-tools.sourceforge.net/" >SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2" >LICENSE="BSD" >KEYWORDS="~amd64 ~ppc sparc ~x86" >SLOT="0" >IUSE="idea ipv6 pam rc5 readline selinux ldap stats frag dpd gssapi security-context fastquit natt hybrid adminport static shared pic broken-natt" > >AT_M4DIR="${S}" > >DEPEND="virtual/libc > !<sys-kernel/linux-headers-2.6 > readline? ( sys-libs/readline ) > pam? ( sys-libs/pam ) > ldap? ( net-nds/openldap ) > gssapi? ( app-crypt/mit-krb5 ) > gssapi? ( app-crypt/libgssapi ) > >=dev-libs/openssl-0.9.6 > iconv? ( virtual/libiconv )" > ># radius? ( net-dialup/gnuradius ) > >RDEPEND="${DEPEND} > selinux? ( sec-policy/selinux-ipsec-tools )" > >kernel_check() { > ># Just for kernel >=2.6.18 >get_version >if kernel_is 2 6 ; then >if test "${KV_PATCH}" -ge 18 ; then >ebegin "Kernel activated options checking" > > if ! { linux_chkconfig_present XFRM_USER; }; then > ewarn " > â Location: $ > â -> Networking $ > â -> Networking support (NET [=y]) $ > â -> Networking options > â -> XFRM_USER > ....Support for IPsec user configuration interface is not activated. Is it normal ? > " > else > einfo "....Support for IPsec user configuration interface is activated :-)" > fi; > > if ! { linux_chkconfig_present NET_KEY; }; then > ewarn " > â Location: $ > â -> Networking $ > â -> Networking support (NET [=y]) $ > â -> Networking options > â -> NET_KEY > ....PF_KEYv2 is not activated. Is it normal ? > " > else > einfo "....PF_KEYv2 socket family, compatible to KAME ones is activated :-)" > fi; > > if ! { linux_chkconfig_present INET_IPCOMP; }; then > ewarn " > â Location: $ > â -> Networking $ > â -> Networking support (NET [=y]) $ > â -> Networking options > â -> NET_KEY > ....IPsec Ipv4 Support for IP Payload Compression Protocol (IPComp) (RFC3173) is not activated. Is it normal ? > " > else > einfo "....IPsec Ipv4 Support for IP Payload Compression Protocol (IPComp) (RFC3173) is activated :-)" > fi; > > > if ! { linux_chkconfig_present INET_AH; } ; then > ewarn " > WARNING !!!!!!!!!!! > IPSec Ipv4 AH Transformation is not activated in your kernel : > â Location: $ > â -> Networking $ > â -> Networking support (NET [=y]) $ > â -> Networking options $ > â -> TCP/IP networking (INET [=y]) > â -> INET_AH > " > else > einfo "....IPSec Ipv4 AH Transformation is activated in your kernel :-)" > fi; > > > if ! { linux_chkconfig_present INET_ESP; } ; then > ewarn " > WARNING !!!!!!!!!!! > IPSec Ipv4 ESP Transformation is not activated in your kernel : > â Location: > â -> Networking > â -> Networking support (NET [=y]) > â -> Networking options > â -> TCP/IP networking (INET [=y]) > â -> INET_ESP > " > else > einfo "....IPSec Ipv4 ESP Transformation mode is activated in your kernel :-)" > fi; > > if ! { linux_chkconfig_present INET_XFRM_MODE_TRANSPORT; } ; then > ewarn " > WARNING !!!!!!!!!!! > IPSec Ipv4 Transport mode is not activated in your kernel : > â -> Networking > â -> Networking support (NET [=y]) $ > â -> Networking options $ > â -> TCP/IP networking > â -> INET_XFRM_MODE_TRANSPORT > " > else > einfo "....IPSec Ipv4 Transport mode is activated in your kernel :-)" > fi; > if ! { linux_chkconfig_present INET_XFRM_MODE_TRANSPORT; } ; then > ewarn " > WARNING !!!!!!!!!!! > IPSec Ipv4 Tunnel mode is not activated in your kernel : > â -> Networking > â -> Networking support (NET [=y]) > â -> Networking options > â -> TCP/IP networking > â -> INET_XFRM_MODE_TUNNEL > " > else > einfo "....IPSec IPv4 Tunnel mode is activated in your kernel :-)" > fi; > > if use natt && ! { linux_chkconfig_present NETFILTER_XT_MATCH_POLICY; } ; then > > eerror "${P} won't compile with use nat traversal until you manage it in your kernel or you deactivate natt use flag > Location: > â -> Networking > â -> Networking support (NET [=y]) > â -> Networking options > â -> Network packet filtering (replaces ipchains) (NETFILTER [=y]) > â -> Core Netfilter Configuration > â -> Netfilter Xtables support (required for ip_tables) (NETFILTER_XTABLES [=m]) > â -> NETFILTER_XT_MATCH_POLICY > " > die > else > einfo "....IPSec Ipv4 Policy is activated in your kernel :-)" > fi; > if use ipv6 ; then > if ! { linux_chkconfig_present INET6_AH ; } ; then > ewarn " > WARNING !!!!!!!!!!!!!! > IPv6 is used but AH is not used in your kernel !! check it ! > â Location: $ > â -> Networking $ > â -> Networking support (NET [=y]) $ > â -> Networking options $ > â -> TCP/IP networking (INET [=y]) $ > â -> The IPv6 protocol (IPV6 [=m]) > â -> INET6_AH > " > else > einfo "....IPsec Ipv6 AH transformation is activated in your kernel :-)" > fi; > if ! { linux_chkconfig_present INET6_ESP ; } ; then > ewarn " > WARNING !!!!!!!!!!!!!! > IPv6 is used but ESP is not used in your kernel !! check it ! > â Location: $ > â -> Networking $ > â -> Networking support (NET [=y]) $ > â -> Networking options $ > â -> TCP/IP networking (INET [=y]) $ > â -> The IPv6 protocol (IPV6 [=m]) > â -> INET6_ESP > " > else > einfo "....IPsec IPv6 ESP transformation is activated in your kernel :-)" > fi; > > if ! { linux_chkconfig_present INET6_IPCOMP ; } ; then > ewarn " > WARNING !!!!!!!!!!!!!! > IPv6 is used but ESP Support for IP Payload Compression Protocol (IPComp) (RFC3173) is not activated !! check it ! > â Location: $ > â -> Networking $ > â -> Networking support (NET [=y]) $ > â -> Networking options $ > â -> TCP/IP networking (INET [=y]) $ > â -> The IPv6 protocol (IPV6 [=m]) > â -> INET6_IPCOMP > " > else > einfo "....IPsec IPv6 Support for IP Payload Compression Protocol (IPComp) (RFC3173) is activated in your kernel :-)" > fi; > > if ! { linux_chkconfig_present INET6_XFRM_MODE_TRANSPORT ; } ; then > ewarn " > WARNING !!!!!!!!!!!!!! > IPv6 is used but IPsec transport mode is not activated !! check it ! > â Location: $ > â -> Networking $ > â -> Networking support (NET [=y]) $ > â -> Networking options $ > â -> TCP/IP networking (INET [=y]) $ > â -> The IPv6 protocol (IPV6 [=m]) > â -> INET6_XFRM_MODE_TRANSPORT > " > else > einfo "....IPsec IPv6 transport mode is activated in your kernel :-)" > fi; > > if ! { linux_chkconfig_present INET6_XFRM_MODE_TRANSPORT ; } ; then > ewarn " > WARNING !!!!!!!!!!!!!! > IPv6 is used but IPsec tunnel mode is not activated !! check it ! > â Location: $ > â -> Networking $ > â -> Networking support (NET [=y]) $ > â -> Networking options $ > â -> TCP/IP networking (INET [=y]) $ > â -> The IPv6 protocol (IPV6 [=m]) > â -> INET6_XFRM_MODE_TUNNEL > " > else > einfo "....IPsec IPv6 tunnel mode is activated in your kernel :-)" > fi; > > > else > einfo "....IPSec : Won't activate IPv6 in runtime cause you didn't put ipv6 in your use flags" > fi; > epause >eend $? >fi; >fi; >} > > > >src_unpack() { > unpack ${A} > cd ${S} > sed -i 's:#include <sys/sysctl.h>::' src/racoon/pfkey.c src/setkey/setkey.c > sed -i 's:-Werror::g' ${S}/configure.ac > eautoreconf > epunt_cxx >} > > > >src_compile() { > # Filter the c3 flag for now. Probably a GCC problem, but we'll > # avoid it here for now. See bug #61025 > filter-flags -march=c3 > > kernel_check > > myconf="${myconf} --with-kernel-headers=/lib/modules/${KV_FULL}/build/include" > > if use natt && linux_chkconfig_present NETFILTER_XT_MATCH_POLICY; then > myconf="${myconf} --enable-natt --enable-natt-versions=yes" > fi; > myconf="${myconf} $(use_enable broken-natt)" > myconf="${myconf} --enable-dependency-tracking $(use_enable ipv6)" > myconf="${myconf} $(use_with pic)" > myconf="${myconf} $(use_enable static)" > myconf="${myconf} $(use_enable adminport)" > myconf="${myconf} $(use_enable shared)" > # rc5 is patented and not used on gentoo (come from openssl) > myconf="${myconf} $(use_enable rc5)" > if use pam; then > myconf="${myconf} --enable-hybrid" > else > myconf="${myconf} $(use_enable hybrid)" > fi; > myconf="${myconf} $(use_enable dpd)" > myconf="${myconf} $(use_enable frag)" > myconf="${myconf} $(use_enable stats)" > myconf="${myconf} $(use_enable fastquit)" > # idea is patented and not used on Gentoo (come from openssl) > myconf="${myconf} $(use_enable idea)" > myconf="${myconf} $(use_enable gssapi)" > myconf="${myconf} $(use_enable security-context)" > > # Not ready yet to compile with. dev-libs/libiconv is hard masked > #use iconv && myconf="${myconf} $(use_with iconv libiconv)" > myconf="${myconf} $(use_with ldap libldap)" > myconf="${myconf} $(use_with pam libpam)" > > # This flag is done to indicate an other include repertory > # the default one is ok (/usr/include/openssl/) So we won't change it > # myconf="${myconf} $(use_with ssl openssl )" > > # No way to get it compiling with freeradius or gnuradius > # We need libradius wich only exist on FreeBSD > #use radius && myconf="${myconf} $(use_with radius libradius )" > use readline && myconf="${myconf} $(use_with readline )" > > > econf ${myconf} || die > # Removed due to some problems > # --enable-samode-unspec \ > emake -j1 || die > >} > >src_install() { > einstall || die > keepdir /var/lib/racoon > insinto /etc/conf.d && newins ${FILESDIR}/racoon.conf.d racoon > exeinto /etc/init.d && newexe ${FILESDIR}/racoon.init.d racoon > > dodoc ChangeLog README NEWS > # In this version, there is a lot of samples. > dodoc ${S}/src/racoon/samples/* > dodoc ${S}/src/racoon/doc/* > > dodir "/usr/share/doc/${P}/rfc" > dodir "/usr/share/doc/${P}/roadwarrior" > docinto "roadwarrior" > dodoc ${S}/src/racoon/samples/roadwarrior/* > dodir "/usr/share/doc/${P}/roadwarrior/client" > dodir "/usr/share/doc/${P}/roadwarrior/server" > dodir "/usr/share/doc/${P}/setkey" > docinto "roadwarrior/client" > dodoc ${S}/src/racoon/samples/roadwarrior/client/* > docinto "roadwarrior/server" > dodoc ${S}/src/racoon/samples/roadwarrior/server/* > docinto "setkey" > dodoc ${S}/src/setkey/sample.cf > # RFC are only available from CVS for the moment > #docinto "rfc" > #dodoc ${S}/src/racoon/rfc/* >} > >pkg_postinst() { > if use natt; then > ewarn "" > ewarn " You have enabled the nat traversal functionnality." > ewarn " Nat versions wich are enabled by default are :" > ewarn " - draft ietf ipsec nat traversal 00" > ewarn " - draft ietf ipsec nat traversal 02" > ewarn " - draft ietf ipsec nat traversal RFC" > ewarn " you will find thoses draft in the rfc repertory" > ewarn "from the CVS version" > ewarn "" > ewarn " Current RFC could be found on " > ewarn " http://www.ietf.org/iesg/1rfc_index.txt" > ewarn "" > ewarn " If you are experimented in some warning in your" > ewarn "log and you know what you're doing, you can consider" > ewarn "to copy this ebuild in your portage overlay and " > ewarn "to change the nat traversal options by putting :" > ewarn "--enable-natt-versions=08,07,06 " > ewarn "" > fi; > ewarn "" > ewarn " The ipsec_set_policy manuel is not right." > ewarn "It contains the sa mode unspecified intructions" > ewarn "Due to linux compatibilities, thoses options" > ewarn "are not active. Only the RFC options are available :" > ewarn " Means : require, none, unique" > ewarn " Consider to use NetBsd if you really need them" > ewarn "" > > if use ldap; then > ewarn "" > ewarn " You have enabled ldap with this version." > ewarn " The Manuel (man) doesn't contain any information on it" > ewarn " To have it, consider to use a more recent version " > ewarn " or the CVS version of Ipsec " > ewarn "" > fi; > > > einfo "" > einfo "---- Ipsec from the Kame project is installed on your system.-------" > einfo "" > einfo " Important : Have a look in /usr/share/doc/${P} and" > einfo "http://www.netbsd.org/Documentation/network/ipsec/" > einfo "you will find a lot informations to configure this great tool." > einfo "Like the use flag to put from the FAQ or how to configure" > einfo "roadwarrior access." > einfo " Enjoy it. " > einfo "" > einfo "---------------------------------------------------------------------" > >}
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=101029">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 152971
:
100573
|
100667
|
100673
|
100822
|
100858
|
100926
|
100934
| 101029 |
105913
|
106324
