Attachment #106324 for bug #152971

View | Details | Raw Unified | Return to bug 152971
Collapse All | Expand All





inherit eutils flag-o-matic autotools linux-info

DESCRIPTION="A port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation"
HOMEPAGE="http://ipsec-tools.sourceforge.net/"
SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
LICENSE="BSD"
KEYWORDS="~amd64 ~ppc ~sparc ~x86"
SLOT="0"
IUSE="idea ipv6 pam rc5 readline selinux ldap stats frag dpd gssapi security-context fastquit natt hybrid adminport static shared pic broken-natt"

AT_M4DIR="${S}"

# FIXME: what is the correct syntax for ~sparc ???
DEPEND="virtual/libc
	!sparc? ( >=sys-kernel/linux-headers-2.6 )
	readline? ( sys-libs/readline )
	pam? ( sys-libs/pam )
	ldap? ( net-nds/openldap )
	gssapi? ( app-crypt/mit-krb5
		app-crypt/libgssapi )
	>=dev-libs/openssl-0.9.8
	iconv? ( virtual/libiconv )"

#	radius? ( net-dialup/gnuradius )

RDEPEND="${DEPEND}
	selinux? ( sec-policy/selinux-ipsec-tools )"

# {{{ kernel_check() 
kernel_check() {
	get_version
	if kernel_is 2 6 ; then

					einfo "....[NETFILTER_XT_MATCH_POLICY] IPsec policy match support is enabled :-)"
				fi
			fi

			# {{{ general stuff
			if ! { linux_chkconfig_present XFRM_USER; }; then
				ewarn "[XFRM_USER] Transformation user configuration interface is NOT enabled."

		fi
	fi
}
# }}}



src_unpack() {
	unpack ${A}
	cd ${S}
	# fix for bug #76741
	sed -i 's:#include <sys/sysctl.h>::' src/racoon/pfkey.c src/setkey/setkey.c
	# fix for bug #124813
	sed -i 's:-Werror::g' ${S}/configure.ac

	export WANT_AUTOMAKE="1.10"
	export WANT_AUTOCONF="2.61"
	eautoreconf || die "autotools failed"



src_compile() {
	# fix for bug #61025
	# avoid it here for now. See bug #61025
	filter-flags -march=c3

	kernel_check

	myconf="${myconf} --with-kernel-headers=/lib/modules/${KV_FULL}/build/include"

	use natt && myconf="${myconf} --enable-natt --enable-natt-versions=yes"
		myconf="${myconf} --enable-natt --enable-natt-versions=yes"
	fi;
	myconf="${myconf} $(use_enable broken-natt)"
	myconf="${myconf} --enable-dependency-tracking $(use_enable ipv6)"
	myconf="${myconf} $(use_with pic)"
	myconf="${myconf} $(use_enable static)"
	myconf="${myconf} $(use_enable adminport)"
	myconf="${myconf} $(use_enable shared)"
	# rc5 is patented and not used on gentoo (come from openssl)
	myconf="${myconf} $(use_enable rc5)"
	if use pam; then
		myconf="${myconf} --enable-hybrid"

	myconf="${myconf} $(use_enable frag)"
	myconf="${myconf} $(use_enable stats)"
	myconf="${myconf} $(use_enable fastquit)"
	# idea is patented and not used on Gentoo (come from openssl)
	myconf="${myconf} $(use_enable idea)"
	myconf="${myconf} $(use_enable gssapi)"
	myconf="${myconf} $(use_enable security-context)"

	# dev-libs/libiconv is hard masked
	#use iconv && myconf="${myconf} $(use_with iconv libiconv)"
	myconf="${myconf} $(use_with ldap libldap)"
	myconf="${myconf} $(use_with pam libpam)"

	# the default (/usr/include/openssl/) is OK for Gentoo, leave it
	# the default one is ok (/usr/include/openssl/) So we won't change it
	# myconf="${myconf} $(use_with ssl openssl )"

	# No way to get it compiling with freeradius or gnuradius


	use readline && myconf="${myconf} $(use_with readline )"

	# See bug #77369
	#myconf="${myconf} --enable-samode-unspec"

	econf ${myconf} || die
	# As of ${PN}-0.6.6 parallel make is still broken
		# --enable-samode-unspec \
	emake -j1 || die

}

	exeinto /etc/init.d && newexe ${FILESDIR}/racoon.init.d racoon

	dodoc ChangeLog README NEWS
	# In this version, there are lots of samples. 
	dodoc ${S}/src/racoon/samples/*
	dodoc ${S}/src/racoon/doc/*


	dodoc ${S}/src/racoon/samples/roadwarrior/server/*
	docinto "setkey"
	dodoc ${S}/src/setkey/sample.cf
	# RFC are only available from CVS for the moment, see einfo below
	#docinto "rfc"
	#dodoc ${S}/src/racoon/rfc/*
}

pkg_postinst() {
	if use natt; then
	  einfo ""
	  einfo " You have enabled the nat traversal functionnality."
	  einfo " Nat versions wich are enabled by default are 00,02,rfc"
	  einfo " you can find those drafts in the CVS repository:"
	  einfo "cvs -d anoncvs@anoncvs.netbsd.org:/cvsroot co ipsec-tools"
	  einfo ""
	  einfo "If you feel brave enough and you know what you are"
	  einfo "doing, you can consider editing this ebuild to change"
	  einfo "the nat traversal options:"
	  einfo "--enable-natt-versions=08,07,06"
	  einfo ""
	fi;

	if use ldap; then



	einfo ""
	einfo "Please have a look in /usr/share/doc/${P} and visit"
	einfo ""
	einfo "  Important : Have a look in /usr/share/doc/${P} and"
	einfo "http://www.netbsd.org/Documentation/network/ipsec/"
	einfo "to find a lot of information on how to configure this great tool."
	einfo "                              Enjoy !"
	einfo ""
	einfo "---------------------------------------------------------------------"

}


Return to bug 152971

Lines 4-27 Link Here

(-)ipsec-tools-0.6.6.ebuild (-41 / +34 lines)
4		4
5	inherit eutils flag-o-matic autotools linux-info	5	inherit eutils flag-o-matic autotools linux-info
6		6
7	DESCRIPTION="IPsec-Tools is a port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation."	7	DESCRIPTION="A port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation"
8	HOMEPAGE="http://ipsec-tools.sourceforge.net/"	8	HOMEPAGE="http://ipsec-tools.sourceforge.net/"
9	SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"	9	SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
10	LICENSE="BSD"	10	LICENSE="BSD"
11	KEYWORDS="~amd64 ~ppc sparc ~x86"	11	KEYWORDS="~amd64 ~ppc ~sparc ~x86"
12	SLOT="0"	12	SLOT="0"
13	IUSE="idea ipv6 pam rc5 readline selinux ldap stats frag dpd gssapi security-context fastquit natt hybrid adminport static shared pic broken-natt"	13	IUSE="idea ipv6 pam rc5 readline selinux ldap stats frag dpd gssapi security-context fastquit natt hybrid adminport static shared pic broken-natt"
14		14
15	AT_M4DIR="${S}"	15	AT_M4DIR="${S}"
16		16
		17	# FIXME: what is the correct syntax for ~sparc ???
17	DEPEND="virtual/libc	18	DEPEND="virtual/libc
18	!<sys-kernel/linux-headers-2.6	19	!sparc? ( >=sys-kernel/linux-headers-2.6 )
19	readline? ( sys-libs/readline )	20	readline? ( sys-libs/readline )
20	pam? ( sys-libs/pam )	21	pam? ( sys-libs/pam )
21	ldap? ( net-nds/openldap )	22	ldap? ( net-nds/openldap )
22	gssapi? ( app-crypt/mit-krb5 )	23	gssapi? ( app-crypt/mit-krb5
23	gssapi? ( app-crypt/libgssapi )	24	app-crypt/libgssapi )
24	>=dev-libs/openssl-0.9.6	25	>=dev-libs/openssl-0.9.8
25	iconv? ( virtual/libiconv )"	26	iconv? ( virtual/libiconv )"
26		27
27	# radius? ( net-dialup/gnuradius )	28	# radius? ( net-dialup/gnuradius )
Lines 29-34 Link Here
29	RDEPEND="${DEPEND}	30	RDEPEND="${DEPEND}
30	selinux? ( sec-policy/selinux-ipsec-tools )"	31	selinux? ( sec-policy/selinux-ipsec-tools )"
31		32
		33	# {{{ kernel_check()
32	kernel_check() {	34	kernel_check() {
33	get_version	35	get_version
34	if kernel_is 2 6 ; then	36	if kernel_is 2 6 ; then
Lines 45-51 Link Here
45	einfo "....[NETFILTER_XT_MATCH_POLICY] IPsec policy match support is enabled :-)"	47	einfo "....[NETFILTER_XT_MATCH_POLICY] IPsec policy match support is enabled :-)"
46	fi	48	fi
47	fi	49	fi
48
49	# {{{ general stuff	50	# {{{ general stuff
50	if ! { linux_chkconfig_present XFRM_USER; }; then	51	if ! { linux_chkconfig_present XFRM_USER; }; then
51	ewarn "[XFRM_USER] Transformation user configuration interface is NOT enabled."	52	ewarn "[XFRM_USER] Transformation user configuration interface is NOT enabled."
Lines 140-154 Link Here
140	fi	141	fi
141	fi	142	fi
142	}	143	}
		144	# }}}
143		145
144
145
146	src_unpack() {	146	src_unpack() {
147	unpack ${A}	147	unpack ${A}
148	cd ${S}	148	cd ${S}
		149	# fix for bug #76741
149	sed -i 's:#include <sys/sysctl.h>::' src/racoon/pfkey.c src/setkey/setkey.c	150	sed -i 's:#include <sys/sysctl.h>::' src/racoon/pfkey.c src/setkey/setkey.c
		151	# fix for bug #124813
150	sed -i 's:-Werror::g' ${S}/configure.ac	152	sed -i 's:-Werror::g' ${S}/configure.ac
151		153
152	export WANT_AUTOMAKE="1.10"	154	export WANT_AUTOMAKE="1.10"
153	export WANT_AUTOCONF="2.61"	155	export WANT_AUTOCONF="2.61"
154	eautoreconf \|\| die "autotools failed"	156	eautoreconf \|\| die "autotools failed"
Lines 158-181 Link Here
158		160
159		161
160	src_compile() {	162	src_compile() {
161	# Filter the c3 flag for now. Probably a GCC problem, but we'll	163	# fix for bug #61025
162	# avoid it here for now. See bug #61025
163	filter-flags -march=c3	164	filter-flags -march=c3
164		165
165	kernel_check	166	kernel_check
166		167
167	myconf="${myconf} --with-kernel-headers=/lib/modules/${KV_FULL}/build/include"	168	myconf="${myconf} --with-kernel-headers=/lib/modules/${KV_FULL}/build/include"
168		169
169	if use natt && linux_chkconfig_present NETFILTER_XT_MATCH_POLICY; then	170	use natt && myconf="${myconf} --enable-natt --enable-natt-versions=yes"
170	myconf="${myconf} --enable-natt --enable-natt-versions=yes"
171	fi;
172	myconf="${myconf} $(use_enable broken-natt)"	171	myconf="${myconf} $(use_enable broken-natt)"
173	myconf="${myconf} --enable-dependency-tracking $(use_enable ipv6)"	172	myconf="${myconf} --enable-dependency-tracking $(use_enable ipv6)"
174	myconf="${myconf} $(use_with pic)"	173	myconf="${myconf} $(use_with pic)"
175	myconf="${myconf} $(use_enable static)"	174	myconf="${myconf} $(use_enable static)"
176	myconf="${myconf} $(use_enable adminport)"	175	myconf="${myconf} $(use_enable adminport)"
177	myconf="${myconf} $(use_enable shared)"	176	myconf="${myconf} $(use_enable shared)"
178	# rc5 is patented and not used on gentoo (come from openssl)
179	myconf="${myconf} $(use_enable rc5)"	177	myconf="${myconf} $(use_enable rc5)"
180	if use pam; then	178	if use pam; then
181	myconf="${myconf} --enable-hybrid"	179	myconf="${myconf} --enable-hybrid"
Lines 186-203 Link Here
186	myconf="${myconf} $(use_enable frag)"	184	myconf="${myconf} $(use_enable frag)"
187	myconf="${myconf} $(use_enable stats)"	185	myconf="${myconf} $(use_enable stats)"
188	myconf="${myconf} $(use_enable fastquit)"	186	myconf="${myconf} $(use_enable fastquit)"
189	# idea is patented and not used on Gentoo (come from openssl)
190	myconf="${myconf} $(use_enable idea)"	187	myconf="${myconf} $(use_enable idea)"
191	myconf="${myconf} $(use_enable gssapi)"	188	myconf="${myconf} $(use_enable gssapi)"
192	myconf="${myconf} $(use_enable security-context)"	189	myconf="${myconf} $(use_enable security-context)"
193		190
194	# Not ready yet to compile with. dev-libs/libiconv is hard masked	191	# dev-libs/libiconv is hard masked
195	#use iconv && myconf="${myconf} $(use_with iconv libiconv)"	192	#use iconv && myconf="${myconf} $(use_with iconv libiconv)"
196	myconf="${myconf} $(use_with ldap libldap)"	193	myconf="${myconf} $(use_with ldap libldap)"
197	myconf="${myconf} $(use_with pam libpam)"	194	myconf="${myconf} $(use_with pam libpam)"
198		195
199	# This flag is done to indicate an other include repertory	196	# the default (/usr/include/openssl/) is OK for Gentoo, leave it
200	# the default one is ok (/usr/include/openssl/) So we won't change it
201	# myconf="${myconf} $(use_with ssl openssl )"	197	# myconf="${myconf} $(use_with ssl openssl )"
202		198
203	# No way to get it compiling with freeradius or gnuradius	199	# No way to get it compiling with freeradius or gnuradius
Lines 206-215 Link Here
206		202
207	use readline && myconf="${myconf} $(use_with readline )"	203	use readline && myconf="${myconf} $(use_with readline )"
208		204
		205	# See bug #77369
		206	#myconf="${myconf} --enable-samode-unspec"
209		207
210	econf ${myconf} \|\| die	208	econf ${myconf} \|\| die
211	# Removed due to some problems	209	# As of ${PN}-0.6.6 parallel make is still broken
212	# --enable-samode-unspec \
213	emake -j1 \|\| die	210	emake -j1 \|\| die
214		211
215	}	212	}
Lines 221-227 Link Here
221	exeinto /etc/init.d && newexe ${FILESDIR}/racoon.init.d racoon	218	exeinto /etc/init.d && newexe ${FILESDIR}/racoon.init.d racoon
222		219
223	dodoc ChangeLog README NEWS	220	dodoc ChangeLog README NEWS
224	# In this version, there are a lot of samples.	221	# In this version, there are lots of samples.
225	dodoc ${S}/src/racoon/samples/*	222	dodoc ${S}/src/racoon/samples/*
226	dodoc ${S}/src/racoon/doc/*	223	dodoc ${S}/src/racoon/doc/*
227		224
Lines 238-261 Link Here
238	dodoc ${S}/src/racoon/samples/roadwarrior/server/*	235	dodoc ${S}/src/racoon/samples/roadwarrior/server/*
239	docinto "setkey"	236	docinto "setkey"
240	dodoc ${S}/src/setkey/sample.cf	237	dodoc ${S}/src/setkey/sample.cf
241	# RFC are only available from CVS for the moment	238	# RFC are only available from CVS for the moment, see einfo below
242	#docinto "rfc"	239	#docinto "rfc"
243	#dodoc ${S}/src/racoon/rfc/*	240	#dodoc ${S}/src/racoon/rfc/*
244	}	241	}
245		242
246	pkg_postinst() {	243	pkg_postinst() {
247	if use natt; then	244	if use natt; then
248	ewarn ""	245	einfo ""
249	ewarn " You have enabled the nat traversal functionnality."	246	einfo " You have enabled the nat traversal functionnality."
250	ewarn " Nat versions wich are enabled by default are 00,02,rfc"	247	einfo " Nat versions wich are enabled by default are 00,02,rfc"
251	ewarn " you can find those drafts in the CVS repository:"	248	einfo " you can find those drafts in the CVS repository:"
252	ewarn "cvs -d anoncvs@anoncvs.netbsd.org:/cvsroot co ipsec-tools"	249	einfo "cvs -d anoncvs@anoncvs.netbsd.org:/cvsroot co ipsec-tools"
253	ewarn ""	250	einfo ""
254	ewarn "If you feel brave enough and you know what you are"	251	einfo "If you feel brave enough and you know what you are"
255	ewarn "doing, you can consider editing this ebuild to change"	252	einfo "doing, you can consider editing this ebuild to change"
256	ewarn "the nat traversal options:"	253	einfo "the nat traversal options:"
257	ewarn "--enable-natt-versions=08,07,06"	254	einfo "--enable-natt-versions=08,07,06"
258	ewarn ""	255	einfo ""
259	fi;	256	fi;
260		257
261	if use ldap; then	258	if use ldap; then
Lines 268-281 Link Here
268		265
269		266
270	einfo ""	267	einfo ""
271	einfo "---- Ipsec from the Kame project is installed on your system.-------"	268	einfo "Please have a look in /usr/share/doc/${P} and visit"
272	einfo ""
273	einfo " Important : Have a look in /usr/share/doc/${P} and"
274	einfo "http://www.netbsd.org/Documentation/network/ipsec/"	269	einfo "http://www.netbsd.org/Documentation/network/ipsec/"
275	einfo "you will find a lot information to configure this great tool."	270	einfo "to find a lot of information on how to configure this great tool."
276	einfo " Enjoy !"
277	einfo ""	271	einfo ""
278	einfo "---------------------------------------------------------------------"
279		272
280	}	273	}
281		274