rpms-fedora-extras/strongswan
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add python3 and perl vici bindings

Browse Source 
Work in progress to enable vici bindings. It seems they are not under
active support, because changes required for python3 are not in upstream
code.
This commit is contained in:
Petr Menšík
2021-11-11 05:16:43 +01:00
parent 8d04445d34
commit a894518822
1 changed files with 102 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

107
strongswan.spec
View File

@@ -1,9 +1,12 @@
%global _hardened_build 1 %global _hardened_build 1
#%%define prerelease dr1 #%%define prerelease dr1
%bcond_without python3
%bcond_without perl
Name: strongswan Name: strongswan
Version: 5.9.4 Version: 5.9.4
Release: 2%{?dist} Release: 3%{?dist}
Summary: An OpenSource IPsec-based VPN and TNC solution Summary: An OpenSource IPsec-based VPN and TNC solution
License: GPLv2+ License: GPLv2+
URL: http://www.strongswan.org/ URL: http://www.strongswan.org/
@@ -34,6 +37,16 @@ BuildRequires: libcap-devel
BuildRequires: tpm2-tss-devel BuildRequires: tpm2-tss-devel
Recommends: tpm2-tools Recommends: tpm2-tools
%if %{with python3}
BuildRequires: python3-devel
BuildRequires: python3-setuptools
%endif
%if %{with perl}
BuildRequires: perl-devel perl-macros
BuildRequires: perl(ExtUtils::MakeMaker)
%endif
BuildRequires: NetworkManager-libnm-devel BuildRequires: NetworkManager-libnm-devel
Requires(post): systemd Requires(post): systemd
Requires(preun): systemd Requires(preun): systemd
@@ -80,9 +93,38 @@ modules can be used by any third party TNC Client/Server implementation
possessing a standard IF-IMC/IMV interface. In addition, it implements possessing a standard IF-IMC/IMV interface. In addition, it implements
PT-TLS to support TNC over TLS. PT-TLS to support TNC over TLS.
%if %{with python3}
%package -n python3-vici
Summary: Strongswan Versatile IKE Configuration Interface python bindings
BuildArch: noarch
%description -n python3-vici
VICI is an attempt to improve the situation for system integrators by providing
a stable IPC interface, allowing external tools to query, configure
and control the IKE daemon.
The Versatile IKE Configuration Interface (VICI) python bindings provides module
for Strongswan runtime configuration from python applications.
%endif
%if %{with perl}
%package -n perl-vici
Summary: Strongswan Versatile IKE Configuration Interface perl bindings
BuildArch: noarch
%description -n perl-vici
VICI is an attempt to improve the situation for system integrators by providing
a stable IPC interface, allowing external tools to query, configure
and control the IKE daemon.
The Versatile IKE Configuration Interface (VICI) perl bindings provides module
for Strongswan runtime configuration from perl applications.
%endif
# TODO: make also ruby-vici
%prep %prep
%setup -q -n %{name}-%{version}%{?prerelease} %autosetup -n %{name}-%{version}%{?prerelease} -p1
%patch0 -p1
%build %build
# only for snapshots # only for snapshots
@@ -171,20 +213,58 @@ PT-TLS to support TNC over TLS.
--enable-duplicheck \ --enable-duplicheck \
%ifarch x86_64 %{ix86} %ifarch x86_64 %{ix86}
--enable-aesni \ --enable-aesni \
%endif
%if %{with python3}
--enable-python-eggs \
%endif
%if %{with perl}
--enable-perl-cpan \
%endif %endif
--enable-kernel-libipsec \ --enable-kernel-libipsec \
--with-capabilities=libcap \ --with-capabilities=libcap \
CPPFLAGS="-DSTARTER_ALLOW_NON_ROOT" CPPFLAGS="-DSTARTER_ALLOW_NON_ROOT"
# TODO: --enable-python-eggs-install not python3 ready
# disable certain plugins in the daemon configuration by default # disable certain plugins in the daemon configuration by default
for p in bypass-lan; do for p in bypass-lan; do
echo -e "\ncharon.plugins.${p}.load := no" >> conf/plugins/${p}.opt echo -e "\ncharon.plugins.${p}.load := no" >> conf/plugins/${p}.opt
done done
make %{?_smp_mflags} %make_build
pushd src/libcharon/plugins/vici
%if %{with python3}
pushd python
sed -e "s,/var/run/charon.vici,%{_rundir}/strongswan/charon.vici," -i vici/session.py
%py3_build
popd
%endif
%if %{with perl}
pushd perl/Vici-Session/
perl Makefile.PL INSTALLDIRS=vendor
%make_build
popd
%endif
popd
%install %install
make install DESTDIR=%{buildroot} %make_install
pushd src/libcharon/plugins/vici
%if %{with python3}
pushd python
%py3_install
popd
%endif
%if %{with perl}
%make_install -C perl/Vici-Session
rm -f %{buildroot}{%{perl_archlib}/perllocal.pod,%{perl_vendorarch}/auto/Vici/Session/.packlist}
%endif
popd
# prefix man pages # prefix man pages
for i in %{buildroot}%{_mandir}/*/*; do for i in %{buildroot}%{_mandir}/*/*; do
if echo "$i" | grep -vq '/strongswan[^\/]*$'; then if echo "$i" | grep -vq '/strongswan[^\/]*$'; then
@@ -275,7 +355,24 @@ install -D -m 0644 %{SOURCE1} %{buildroot}/%{_tmpfilesdir}/strongswan-starter.co
%{_datadir}/dbus-1/system.d/nm-strongswan-service.conf %{_datadir}/dbus-1/system.d/nm-strongswan-service.conf
%{_libexecdir}/strongswan/charon-nm %{_libexecdir}/strongswan/charon-nm
%if %{with python3}
%files -n python3-vici
%license COPYING
%doc src/libcharon/plugins/vici/python/README.rst
%{python3_sitelib}/vici
%{python3_sitelib}/vici-%{version}-py*.egg-info
%endif
%if %{with perl}
%license COPYING
%files -n perl-vici
%{perl_vendorlib}/Vici
%endif
%changelog %changelog
* Thu Nov 11 2021 Petr Menšík <pemensik@redhat.com> - 5.9.4-3
- Resolves rhbz#1419441 Add python and perl vici bindings
* Tue Nov 09 2021 Paul Wouters <paul.wouters@aiven.io> - 5.9.4-2 * Tue Nov 09 2021 Paul Wouters <paul.wouters@aiven.io> - 5.9.4-2
- Resolves rhbz#2018547 'strongswan restart' breaks ipsec started with strongswan-starter - Resolves rhbz#2018547 'strongswan restart' breaks ipsec started with strongswan-starter
- Return to using tmpfiles, but extend to cover strongswan-starter service too - Return to using tmpfiles, but extend to cover strongswan-starter service too