Lines 4-27
Link Here
|
4 |
|
4 |
|
5 |
inherit eutils flag-o-matic autotools linux-info |
5 |
inherit eutils flag-o-matic autotools linux-info |
6 |
|
6 |
|
7 |
DESCRIPTION="IPsec-Tools is a port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation." |
7 |
DESCRIPTION="A port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation" |
8 |
HOMEPAGE="http://ipsec-tools.sourceforge.net/" |
8 |
HOMEPAGE="http://ipsec-tools.sourceforge.net/" |
9 |
SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2" |
9 |
SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2" |
10 |
LICENSE="BSD" |
10 |
LICENSE="BSD" |
11 |
KEYWORDS="~amd64 ~ppc sparc ~x86" |
11 |
KEYWORDS="~amd64 ~ppc ~sparc ~x86" |
12 |
SLOT="0" |
12 |
SLOT="0" |
13 |
IUSE="idea ipv6 pam rc5 readline selinux ldap stats frag dpd gssapi security-context fastquit natt hybrid adminport static shared pic broken-natt" |
13 |
IUSE="idea ipv6 pam rc5 readline selinux ldap stats frag dpd gssapi security-context fastquit natt hybrid adminport static shared pic broken-natt" |
14 |
|
14 |
|
15 |
AT_M4DIR="${S}" |
15 |
AT_M4DIR="${S}" |
16 |
|
16 |
|
|
|
17 |
# FIXME: what is the correct syntax for ~sparc ??? |
17 |
DEPEND="virtual/libc |
18 |
DEPEND="virtual/libc |
18 |
!<sys-kernel/linux-headers-2.6 |
19 |
!sparc? ( >=sys-kernel/linux-headers-2.6 ) |
19 |
readline? ( sys-libs/readline ) |
20 |
readline? ( sys-libs/readline ) |
20 |
pam? ( sys-libs/pam ) |
21 |
pam? ( sys-libs/pam ) |
21 |
ldap? ( net-nds/openldap ) |
22 |
ldap? ( net-nds/openldap ) |
22 |
gssapi? ( app-crypt/mit-krb5 ) |
23 |
gssapi? ( app-crypt/mit-krb5 |
23 |
gssapi? ( app-crypt/libgssapi ) |
24 |
app-crypt/libgssapi ) |
24 |
>=dev-libs/openssl-0.9.6 |
25 |
>=dev-libs/openssl-0.9.8 |
25 |
iconv? ( virtual/libiconv )" |
26 |
iconv? ( virtual/libiconv )" |
26 |
|
27 |
|
27 |
# radius? ( net-dialup/gnuradius ) |
28 |
# radius? ( net-dialup/gnuradius ) |
Lines 29-34
Link Here
|
29 |
RDEPEND="${DEPEND} |
30 |
RDEPEND="${DEPEND} |
30 |
selinux? ( sec-policy/selinux-ipsec-tools )" |
31 |
selinux? ( sec-policy/selinux-ipsec-tools )" |
31 |
|
32 |
|
|
|
33 |
# {{{ kernel_check() |
32 |
kernel_check() { |
34 |
kernel_check() { |
33 |
get_version |
35 |
get_version |
34 |
if kernel_is 2 6 ; then |
36 |
if kernel_is 2 6 ; then |
Lines 45-51
Link Here
|
45 |
einfo "....[NETFILTER_XT_MATCH_POLICY] IPsec policy match support is enabled :-)" |
47 |
einfo "....[NETFILTER_XT_MATCH_POLICY] IPsec policy match support is enabled :-)" |
46 |
fi |
48 |
fi |
47 |
fi |
49 |
fi |
48 |
|
|
|
49 |
# {{{ general stuff |
50 |
# {{{ general stuff |
50 |
if ! { linux_chkconfig_present XFRM_USER; }; then |
51 |
if ! { linux_chkconfig_present XFRM_USER; }; then |
51 |
ewarn "[XFRM_USER] Transformation user configuration interface is NOT enabled." |
52 |
ewarn "[XFRM_USER] Transformation user configuration interface is NOT enabled." |
Lines 140-154
Link Here
|
140 |
fi |
141 |
fi |
141 |
fi |
142 |
fi |
142 |
} |
143 |
} |
|
|
144 |
# }}} |
143 |
|
145 |
|
144 |
|
|
|
145 |
|
146 |
src_unpack() { |
146 |
src_unpack() { |
147 |
unpack ${A} |
147 |
unpack ${A} |
148 |
cd ${S} |
148 |
cd ${S} |
|
|
149 |
# fix for bug #76741 |
149 |
sed -i 's:#include <sys/sysctl.h>::' src/racoon/pfkey.c src/setkey/setkey.c |
150 |
sed -i 's:#include <sys/sysctl.h>::' src/racoon/pfkey.c src/setkey/setkey.c |
|
|
151 |
# fix for bug #124813 |
150 |
sed -i 's:-Werror::g' ${S}/configure.ac |
152 |
sed -i 's:-Werror::g' ${S}/configure.ac |
151 |
|
153 |
|
152 |
export WANT_AUTOMAKE="1.10" |
154 |
export WANT_AUTOMAKE="1.10" |
153 |
export WANT_AUTOCONF="2.61" |
155 |
export WANT_AUTOCONF="2.61" |
154 |
eautoreconf || die "autotools failed" |
156 |
eautoreconf || die "autotools failed" |
Lines 158-181
Link Here
|
158 |
|
160 |
|
159 |
|
161 |
|
160 |
src_compile() { |
162 |
src_compile() { |
161 |
# Filter the c3 flag for now. Probably a GCC problem, but we'll |
163 |
# fix for bug #61025 |
162 |
# avoid it here for now. See bug #61025 |
|
|
163 |
filter-flags -march=c3 |
164 |
filter-flags -march=c3 |
164 |
|
165 |
|
165 |
kernel_check |
166 |
kernel_check |
166 |
|
167 |
|
167 |
myconf="${myconf} --with-kernel-headers=/lib/modules/${KV_FULL}/build/include" |
168 |
myconf="${myconf} --with-kernel-headers=/lib/modules/${KV_FULL}/build/include" |
168 |
|
169 |
|
169 |
if use natt && linux_chkconfig_present NETFILTER_XT_MATCH_POLICY; then |
170 |
use natt && myconf="${myconf} --enable-natt --enable-natt-versions=yes" |
170 |
myconf="${myconf} --enable-natt --enable-natt-versions=yes" |
|
|
171 |
fi; |
172 |
myconf="${myconf} $(use_enable broken-natt)" |
171 |
myconf="${myconf} $(use_enable broken-natt)" |
173 |
myconf="${myconf} --enable-dependency-tracking $(use_enable ipv6)" |
172 |
myconf="${myconf} --enable-dependency-tracking $(use_enable ipv6)" |
174 |
myconf="${myconf} $(use_with pic)" |
173 |
myconf="${myconf} $(use_with pic)" |
175 |
myconf="${myconf} $(use_enable static)" |
174 |
myconf="${myconf} $(use_enable static)" |
176 |
myconf="${myconf} $(use_enable adminport)" |
175 |
myconf="${myconf} $(use_enable adminport)" |
177 |
myconf="${myconf} $(use_enable shared)" |
176 |
myconf="${myconf} $(use_enable shared)" |
178 |
# rc5 is patented and not used on gentoo (come from openssl) |
|
|
179 |
myconf="${myconf} $(use_enable rc5)" |
177 |
myconf="${myconf} $(use_enable rc5)" |
180 |
if use pam; then |
178 |
if use pam; then |
181 |
myconf="${myconf} --enable-hybrid" |
179 |
myconf="${myconf} --enable-hybrid" |
Lines 186-203
Link Here
|
186 |
myconf="${myconf} $(use_enable frag)" |
184 |
myconf="${myconf} $(use_enable frag)" |
187 |
myconf="${myconf} $(use_enable stats)" |
185 |
myconf="${myconf} $(use_enable stats)" |
188 |
myconf="${myconf} $(use_enable fastquit)" |
186 |
myconf="${myconf} $(use_enable fastquit)" |
189 |
# idea is patented and not used on Gentoo (come from openssl) |
|
|
190 |
myconf="${myconf} $(use_enable idea)" |
187 |
myconf="${myconf} $(use_enable idea)" |
191 |
myconf="${myconf} $(use_enable gssapi)" |
188 |
myconf="${myconf} $(use_enable gssapi)" |
192 |
myconf="${myconf} $(use_enable security-context)" |
189 |
myconf="${myconf} $(use_enable security-context)" |
193 |
|
190 |
|
194 |
# Not ready yet to compile with. dev-libs/libiconv is hard masked |
191 |
# dev-libs/libiconv is hard masked |
195 |
#use iconv && myconf="${myconf} $(use_with iconv libiconv)" |
192 |
#use iconv && myconf="${myconf} $(use_with iconv libiconv)" |
196 |
myconf="${myconf} $(use_with ldap libldap)" |
193 |
myconf="${myconf} $(use_with ldap libldap)" |
197 |
myconf="${myconf} $(use_with pam libpam)" |
194 |
myconf="${myconf} $(use_with pam libpam)" |
198 |
|
195 |
|
199 |
# This flag is done to indicate an other include repertory |
196 |
# the default (/usr/include/openssl/) is OK for Gentoo, leave it |
200 |
# the default one is ok (/usr/include/openssl/) So we won't change it |
|
|
201 |
# myconf="${myconf} $(use_with ssl openssl )" |
197 |
# myconf="${myconf} $(use_with ssl openssl )" |
202 |
|
198 |
|
203 |
# No way to get it compiling with freeradius or gnuradius |
199 |
# No way to get it compiling with freeradius or gnuradius |
Lines 206-215
Link Here
|
206 |
|
202 |
|
207 |
use readline && myconf="${myconf} $(use_with readline )" |
203 |
use readline && myconf="${myconf} $(use_with readline )" |
208 |
|
204 |
|
|
|
205 |
# See bug #77369 |
206 |
#myconf="${myconf} --enable-samode-unspec" |
209 |
|
207 |
|
210 |
econf ${myconf} || die |
208 |
econf ${myconf} || die |
211 |
# Removed due to some problems |
209 |
# As of ${PN}-0.6.6 parallel make is still broken |
212 |
# --enable-samode-unspec \ |
|
|
213 |
emake -j1 || die |
210 |
emake -j1 || die |
214 |
|
211 |
|
215 |
} |
212 |
} |
Lines 221-227
Link Here
|
221 |
exeinto /etc/init.d && newexe ${FILESDIR}/racoon.init.d racoon |
218 |
exeinto /etc/init.d && newexe ${FILESDIR}/racoon.init.d racoon |
222 |
|
219 |
|
223 |
dodoc ChangeLog README NEWS |
220 |
dodoc ChangeLog README NEWS |
224 |
# In this version, there are a lot of samples. |
221 |
# In this version, there are lots of samples. |
225 |
dodoc ${S}/src/racoon/samples/* |
222 |
dodoc ${S}/src/racoon/samples/* |
226 |
dodoc ${S}/src/racoon/doc/* |
223 |
dodoc ${S}/src/racoon/doc/* |
227 |
|
224 |
|
Lines 238-261
Link Here
|
238 |
dodoc ${S}/src/racoon/samples/roadwarrior/server/* |
235 |
dodoc ${S}/src/racoon/samples/roadwarrior/server/* |
239 |
docinto "setkey" |
236 |
docinto "setkey" |
240 |
dodoc ${S}/src/setkey/sample.cf |
237 |
dodoc ${S}/src/setkey/sample.cf |
241 |
# RFC are only available from CVS for the moment |
238 |
# RFC are only available from CVS for the moment, see einfo below |
242 |
#docinto "rfc" |
239 |
#docinto "rfc" |
243 |
#dodoc ${S}/src/racoon/rfc/* |
240 |
#dodoc ${S}/src/racoon/rfc/* |
244 |
} |
241 |
} |
245 |
|
242 |
|
246 |
pkg_postinst() { |
243 |
pkg_postinst() { |
247 |
if use natt; then |
244 |
if use natt; then |
248 |
ewarn "" |
245 |
einfo "" |
249 |
ewarn " You have enabled the nat traversal functionnality." |
246 |
einfo " You have enabled the nat traversal functionnality." |
250 |
ewarn " Nat versions wich are enabled by default are 00,02,rfc" |
247 |
einfo " Nat versions wich are enabled by default are 00,02,rfc" |
251 |
ewarn " you can find those drafts in the CVS repository:" |
248 |
einfo " you can find those drafts in the CVS repository:" |
252 |
ewarn "cvs -d anoncvs@anoncvs.netbsd.org:/cvsroot co ipsec-tools" |
249 |
einfo "cvs -d anoncvs@anoncvs.netbsd.org:/cvsroot co ipsec-tools" |
253 |
ewarn "" |
250 |
einfo "" |
254 |
ewarn "If you feel brave enough and you know what you are" |
251 |
einfo "If you feel brave enough and you know what you are" |
255 |
ewarn "doing, you can consider editing this ebuild to change" |
252 |
einfo "doing, you can consider editing this ebuild to change" |
256 |
ewarn "the nat traversal options:" |
253 |
einfo "the nat traversal options:" |
257 |
ewarn "--enable-natt-versions=08,07,06" |
254 |
einfo "--enable-natt-versions=08,07,06" |
258 |
ewarn "" |
255 |
einfo "" |
259 |
fi; |
256 |
fi; |
260 |
|
257 |
|
261 |
if use ldap; then |
258 |
if use ldap; then |
Lines 268-281
Link Here
|
268 |
|
265 |
|
269 |
|
266 |
|
270 |
einfo "" |
267 |
einfo "" |
271 |
einfo "---- Ipsec from the Kame project is installed on your system.-------" |
268 |
einfo "Please have a look in /usr/share/doc/${P} and visit" |
272 |
einfo "" |
|
|
273 |
einfo " Important : Have a look in /usr/share/doc/${P} and" |
274 |
einfo "http://www.netbsd.org/Documentation/network/ipsec/" |
269 |
einfo "http://www.netbsd.org/Documentation/network/ipsec/" |
275 |
einfo "you will find a lot information to configure this great tool." |
270 |
einfo "to find a lot of information on how to configure this great tool." |
276 |
einfo " Enjoy !" |
|
|
277 |
einfo "" |
271 |
einfo "" |
278 |
einfo "---------------------------------------------------------------------" |
|
|
279 |
|
272 |
|
280 |
} |
273 |
} |
281 |
|
274 |
|