From da32dd64e0e6c38e33a66b82c334005c53505baa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20=C5=A0imerda?= Date: Tue, 14 Feb 2012 14:19:42 +0100 Subject: [PATCH] Initial commit (#743354) --- .gitignore | 1 + sources | 1 + strongswan-programname.patch | 13 +++ strongswan.spec | 192 +++++++++++++++++++++++++++++++++++ 4 files changed, 207 insertions(+) create mode 100644 strongswan-programname.patch create mode 100644 strongswan.spec diff --git a/.gitignore b/.gitignore index e69de29..20e5e30 100644 --- a/.gitignore +++ b/.gitignore @@ -0,0 +1 @@ +/strongswan-4.6.1.tar.gz diff --git a/sources b/sources index e69de29..ba4269d 100644 --- a/sources +++ b/sources @@ -0,0 +1 @@ +87f278bb7d2bf114b96755448faa279a strongswan-4.6.1.tar.gz diff --git a/strongswan-programname.patch b/strongswan-programname.patch new file mode 100644 index 0000000..8d8bbe4 --- /dev/null +++ b/strongswan-programname.patch @@ -0,0 +1,13 @@ +Index: strongswan-4.6.0/init/systemd/strongswan.service.in +=================================================================== +--- strongswan-4.6.0.orig/init/systemd/strongswan.service.in ++++ strongswan-4.6.0/init/systemd/strongswan.service.in +@@ -3,7 +3,7 @@ Description=strongSwan IPsec + After=syslog.target + + [Service] +-ExecStart=@SBINDIR@/ipsec start --nofork ++ExecStart=@SBINDIR@/@PROGRAM@ start --nofork + StandardOutput=syslog + + [Install] diff --git a/strongswan.spec b/strongswan.spec new file mode 100644 index 0000000..9e1a6a6 --- /dev/null +++ b/strongswan.spec @@ -0,0 +1,192 @@ +Name: strongswan +Version: 4.6.1 +Release: 4%{?dist} +Summary: An OpenSource IPsec-based VPN Solution +Group: System Environment/Daemons +License: GPLv2+ +URL: http://www.strongswan.org/ +Source0: http://download.strongswan.org/%{name}-%{version}.tar.gz +Patch0: %{name}-programname.patch +BuildRequires: gmp-devel +BuildRequires: libcurl-devel +BuildRequires: openldap-devel +%if 0%{?fedora} +BuildRequires: systemd-units +Requires(post): systemd-units +Requires(preun): systemd-units +Requires(postun): systemd-units +%endif +%description +The strongSwan 4.6 branch supports both the IKEv1 and IKEv2 key exchange +protocols in conjunction with the native NETKEY IPsec stack of the Linux +kernel. + +%prep +%setup -q +%patch0 -p1 + +%build +%configure --disable-static \ + --sysconfdir=%{_sysconfdir}/%{name} \ + --with-ipsecdir=%{_libexecdir}/%{name} \ + --with-ipseclibdir=%{_libdir}/%{name} +make %{?_smp_mflags} + +%install +make install DESTDIR=%{buildroot} +# rename ipsec to strongswan +mv %{buildroot}%{_sbindir}/{ipsec,%{name}} +mv %{buildroot}%{_mandir}/man8/{ipsec,strongswan}.8 +# prefix man pages +for i in %{buildroot}%{_mandir}/*/*; do + if echo "$i" | grep -vq '/strongswan[^\/]*$'; then + mv "$i" "`echo "$i" | sed -re 's|/([^/]+)$|/strongswan_\1|'`" + fi +done +# delete unwanted library files +rm %{buildroot}%{_libdir}/%{name}/*.so +find %{buildroot} -type f -name '*.la' -delete +# fix config permissions +chmod 644 %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf +# protect configuration from ordinary user's eyes +chmod 700 %{buildroot}%{_sysconfdir}/%{name} + +%files +%doc README COPYING NEWS CREDITS TODO +%dir %{_sysconfdir}/%{name} +%config(noreplace) %{_sysconfdir}/%{name}/ipsec.conf +%config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf +%if 0%{?fedora} +%{_unitdir}/%{name}.service +%endif +%dir %{_libdir}/%{name} +%{_libdir}/%{name}/libcharon.so.0 +%{_libdir}/%{name}/libcharon.so.0.0.0 +%{_libdir}/%{name}/libhydra.so.0 +%{_libdir}/%{name}/libhydra.so.0.0.0 +%{_libdir}/%{name}/lib%{name}.so.0 +%{_libdir}/%{name}/lib%{name}.so.0.0.0 +%dir %{_libdir}/%{name}/plugins +%{_libdir}/%{name}/plugins/lib%{name}-aes.so +%{_libdir}/%{name}/plugins/lib%{name}-attr.so +%{_libdir}/%{name}/plugins/lib%{name}-constraints.so +%{_libdir}/%{name}/plugins/lib%{name}-des.so +%{_libdir}/%{name}/plugins/lib%{name}-dnskey.so +%{_libdir}/%{name}/plugins/lib%{name}-fips-prf.so +%{_libdir}/%{name}/plugins/lib%{name}-gmp.so +%{_libdir}/%{name}/plugins/lib%{name}-hmac.so +%{_libdir}/%{name}/plugins/lib%{name}-kernel-netlink.so +%{_libdir}/%{name}/plugins/lib%{name}-md5.so +%{_libdir}/%{name}/plugins/lib%{name}-pem.so +%{_libdir}/%{name}/plugins/lib%{name}-pgp.so +%{_libdir}/%{name}/plugins/lib%{name}-pkcs1.so +%{_libdir}/%{name}/plugins/lib%{name}-pubkey.so +%{_libdir}/%{name}/plugins/lib%{name}-random.so +%{_libdir}/%{name}/plugins/lib%{name}-resolve.so +%{_libdir}/%{name}/plugins/lib%{name}-revocation.so +%{_libdir}/%{name}/plugins/lib%{name}-sha1.so +%{_libdir}/%{name}/plugins/lib%{name}-sha2.so +%{_libdir}/%{name}/plugins/lib%{name}-socket-raw.so +%{_libdir}/%{name}/plugins/lib%{name}-stroke.so +%{_libdir}/%{name}/plugins/lib%{name}-updown.so +%{_libdir}/%{name}/plugins/lib%{name}-x509.so +%{_libdir}/%{name}/plugins/lib%{name}-xauth.so +%{_libdir}/%{name}/plugins/lib%{name}-xcbc.so +%dir %{_libexecdir}/%{name} +%{_libexecdir}/%{name}/_copyright +%{_libexecdir}/%{name}/_pluto_adns +%{_libexecdir}/%{name}/_updown +%{_libexecdir}/%{name}/_updown_espmark +%{_libexecdir}/%{name}/charon +%{_libexecdir}/%{name}/openac +%{_libexecdir}/%{name}/pki +%{_libexecdir}/%{name}/pluto +%{_libexecdir}/%{name}/scepclient +%{_libexecdir}/%{name}/starter +%{_libexecdir}/%{name}/stroke +%{_libexecdir}/%{name}/whack +%{_sbindir}/%{name} +%{_mandir}/man3/%{name}_anyaddr.3.gz +%{_mandir}/man3/%{name}_atoaddr.3.gz +%{_mandir}/man3/%{name}_atoasr.3.gz +%{_mandir}/man3/%{name}_atoul.3.gz +%{_mandir}/man3/%{name}_goodmask.3.gz +%{_mandir}/man3/%{name}_initaddr.3.gz +%{_mandir}/man3/%{name}_initsubnet.3.gz +%{_mandir}/man3/%{name}_portof.3.gz +%{_mandir}/man3/%{name}_rangetosubnet.3.gz +%{_mandir}/man3/%{name}_sameaddr.3.gz +%{_mandir}/man3/%{name}_subnetof.3.gz +%{_mandir}/man3/%{name}_ttoaddr.3.gz +%{_mandir}/man3/%{name}_ttodata.3.gz +%{_mandir}/man3/%{name}_ttosa.3.gz +%{_mandir}/man3/%{name}_ttoul.3.gz +%{_mandir}/man5/%{name}_ipsec.conf.5.gz +%{_mandir}/man5/%{name}_ipsec.secrets.5.gz +%{_mandir}/man5/%{name}.conf.5.gz +%{_mandir}/man8/%{name}__updown.8.gz +%{_mandir}/man8/%{name}__updown_espmark.8.gz +%{_mandir}/man8/%{name}.8.gz +%{_mandir}/man8/%{name}_openac.8.gz +%{_mandir}/man8/%{name}_pluto.8.gz +%{_mandir}/man8/%{name}_scepclient.8.gz + +%post +/sbin/ldconfig +%if 0%{?fedora} +if [ $1 -eq 1 ] ; then + # Initial installation + /bin/systemctl daemon-reload >/dev/null 2>&1 || : +fi +%endif + +%if 0%{?fedora} +%preun +if [ $1 -eq 0 ] ; then + # Package removal, not upgrade + /bin/systemctl --no-reload disable %{name}.service > /dev/null 2>&1 || : + /bin/systemctl stop %{name}.service > /dev/null 2>&1 || : +fi +%endif + +%postun +/sbin/ldconfig +%if 0%{?fedora} +/bin/systemctl daemon-reload >/dev/null 2>&1 || : +if [ $1 -ge 1 ] ; then + # Package upgrade, not uninstall + /bin/systemctl try-restart %{name}.service >/dev/null 2>&1 || : +fi +%endif + +#TODO manpages + +%changelog +* Sat Jan 21 2012 Pavel Šimerda - 4.6.1-4 +- Protect configuration directory from ordinary users +- Add still missing directory /etc/strongswan + +* Fri Jan 20 2012 Pavel Šimerda - 4.6.1-3 +- Change directory structure to avoid clashes with Openswan +- Prefixed all manpages with 'strongswan_' +- Every file now includes 'strongswan' somewhere in its path +- Removed conflict with Openswan +- Finally fix permissions on strongswan.conf + +* Fri Jan 20 2012 Pavel Šimerda - 4.6.1-2 +- Change license tag from GPL to GPLv2+ +- Change permissions on /etc/strongswan.conf to 644 +- Rename ipsec.8 manpage to strongswan.8 +- Fix empty scriptlets for non-fedora builds +- Add ldconfig scriptlet +- Add missing directories and files + +* Sun Jan 01 2012 Pavel Šimerda - 4.6.0-2 +- Experimental build for development