--- ipsec-tools-0.6.6.ebuild (revision 165) +++ ipsec-tools-0.6.6.ebuild (revision 166) @@ -4,24 +4,25 @@ inherit eutils flag-o-matic autotools linux-info -DESCRIPTION="IPsec-Tools is a port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation." +DESCRIPTION="A port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation" HOMEPAGE="http://ipsec-tools.sourceforge.net/" SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2" LICENSE="BSD" -KEYWORDS="~amd64 ~ppc sparc ~x86" +KEYWORDS="~amd64 ~ppc ~sparc ~x86" SLOT="0" IUSE="idea ipv6 pam rc5 readline selinux ldap stats frag dpd gssapi security-context fastquit natt hybrid adminport static shared pic broken-natt" AT_M4DIR="${S}" +# FIXME: what is the correct syntax for ~sparc ??? DEPEND="virtual/libc - !=sys-kernel/linux-headers-2.6 ) readline? ( sys-libs/readline ) pam? ( sys-libs/pam ) ldap? ( net-nds/openldap ) - gssapi? ( app-crypt/mit-krb5 ) - gssapi? ( app-crypt/libgssapi ) - >=dev-libs/openssl-0.9.6 + gssapi? ( app-crypt/mit-krb5 + app-crypt/libgssapi ) + >=dev-libs/openssl-0.9.8 iconv? ( virtual/libiconv )" # radius? ( net-dialup/gnuradius ) @@ -29,6 +30,7 @@ RDEPEND="${DEPEND} selinux? ( sec-policy/selinux-ipsec-tools )" +# {{{ kernel_check() kernel_check() { get_version if kernel_is 2 6 ; then @@ -45,7 +47,6 @@ einfo "....[NETFILTER_XT_MATCH_POLICY] IPsec policy match support is enabled :-)" fi fi - # {{{ general stuff if ! { linux_chkconfig_present XFRM_USER; }; then ewarn "[XFRM_USER] Transformation user configuration interface is NOT enabled." @@ -140,15 +141,16 @@ fi fi } +# }}} - - src_unpack() { unpack ${A} cd ${S} + # fix for bug #76741 sed -i 's:#include ::' src/racoon/pfkey.c src/setkey/setkey.c + # fix for bug #124813 sed -i 's:-Werror::g' ${S}/configure.ac - + export WANT_AUTOMAKE="1.10" export WANT_AUTOCONF="2.61" eautoreconf || die "autotools failed" @@ -158,24 +160,20 @@ src_compile() { - # Filter the c3 flag for now. Probably a GCC problem, but we'll - # avoid it here for now. See bug #61025 + # fix for bug #61025 filter-flags -march=c3 kernel_check myconf="${myconf} --with-kernel-headers=/lib/modules/${KV_FULL}/build/include" - if use natt && linux_chkconfig_present NETFILTER_XT_MATCH_POLICY; then - myconf="${myconf} --enable-natt --enable-natt-versions=yes" - fi; + use natt && myconf="${myconf} --enable-natt --enable-natt-versions=yes" myconf="${myconf} $(use_enable broken-natt)" myconf="${myconf} --enable-dependency-tracking $(use_enable ipv6)" myconf="${myconf} $(use_with pic)" myconf="${myconf} $(use_enable static)" myconf="${myconf} $(use_enable adminport)" myconf="${myconf} $(use_enable shared)" - # rc5 is patented and not used on gentoo (come from openssl) myconf="${myconf} $(use_enable rc5)" if use pam; then myconf="${myconf} --enable-hybrid" @@ -186,18 +184,16 @@ myconf="${myconf} $(use_enable frag)" myconf="${myconf} $(use_enable stats)" myconf="${myconf} $(use_enable fastquit)" - # idea is patented and not used on Gentoo (come from openssl) myconf="${myconf} $(use_enable idea)" myconf="${myconf} $(use_enable gssapi)" myconf="${myconf} $(use_enable security-context)" - # Not ready yet to compile with. dev-libs/libiconv is hard masked + # dev-libs/libiconv is hard masked #use iconv && myconf="${myconf} $(use_with iconv libiconv)" myconf="${myconf} $(use_with ldap libldap)" myconf="${myconf} $(use_with pam libpam)" - # This flag is done to indicate an other include repertory - # the default one is ok (/usr/include/openssl/) So we won't change it + # the default (/usr/include/openssl/) is OK for Gentoo, leave it # myconf="${myconf} $(use_with ssl openssl )" # No way to get it compiling with freeradius or gnuradius @@ -206,10 +202,11 @@ use readline && myconf="${myconf} $(use_with readline )" + # See bug #77369 + #myconf="${myconf} --enable-samode-unspec" econf ${myconf} || die - # Removed due to some problems - # --enable-samode-unspec \ + # As of ${PN}-0.6.6 parallel make is still broken emake -j1 || die } @@ -221,7 +218,7 @@ exeinto /etc/init.d && newexe ${FILESDIR}/racoon.init.d racoon dodoc ChangeLog README NEWS - # In this version, there are a lot of samples. + # In this version, there are lots of samples. dodoc ${S}/src/racoon/samples/* dodoc ${S}/src/racoon/doc/* @@ -238,24 +235,24 @@ dodoc ${S}/src/racoon/samples/roadwarrior/server/* docinto "setkey" dodoc ${S}/src/setkey/sample.cf - # RFC are only available from CVS for the moment + # RFC are only available from CVS for the moment, see einfo below #docinto "rfc" #dodoc ${S}/src/racoon/rfc/* } pkg_postinst() { if use natt; then - ewarn "" - ewarn " You have enabled the nat traversal functionnality." - ewarn " Nat versions wich are enabled by default are 00,02,rfc" - ewarn " you can find those drafts in the CVS repository:" - ewarn "cvs -d anoncvs@anoncvs.netbsd.org:/cvsroot co ipsec-tools" - ewarn "" - ewarn "If you feel brave enough and you know what you are" - ewarn "doing, you can consider editing this ebuild to change" - ewarn "the nat traversal options:" - ewarn "--enable-natt-versions=08,07,06" - ewarn "" + einfo "" + einfo " You have enabled the nat traversal functionnality." + einfo " Nat versions wich are enabled by default are 00,02,rfc" + einfo " you can find those drafts in the CVS repository:" + einfo "cvs -d anoncvs@anoncvs.netbsd.org:/cvsroot co ipsec-tools" + einfo "" + einfo "If you feel brave enough and you know what you are" + einfo "doing, you can consider editing this ebuild to change" + einfo "the nat traversal options:" + einfo "--enable-natt-versions=08,07,06" + einfo "" fi; if use ldap; then @@ -268,14 +265,10 @@ einfo "" - einfo "---- Ipsec from the Kame project is installed on your system.-------" - einfo "" - einfo " Important : Have a look in /usr/share/doc/${P} and" + einfo "Please have a look in /usr/share/doc/${P} and visit" einfo "http://www.netbsd.org/Documentation/network/ipsec/" - einfo "you will find a lot information to configure this great tool." - einfo " Enjoy !" + einfo "to find a lot of information on how to configure this great tool." einfo "" - einfo "---------------------------------------------------------------------" }