Initial commit (#743354)

.gitignore

@@ -0,0 +1 @@
+/strongswan-4.6.1.tar.gz

sources

@@ -0,0 +1 @@
+87f278bb7d2bf114b96755448faa279a  strongswan-4.6.1.tar.gz

strongswan-programname.patch

@@ -0,0 +1,13 @@
+Index: strongswan-4.6.0/init/systemd/strongswan.service.in
+===================================================================
+--- strongswan-4.6.0.orig/init/systemd/strongswan.service.in
++++ strongswan-4.6.0/init/systemd/strongswan.service.in
+@@ -3,7 +3,7 @@ Description=strongSwan IPsec
+ After=syslog.target
+ 
+ [Service]
+-ExecStart=@SBINDIR@/ipsec start --nofork
++ExecStart=@SBINDIR@/@PROGRAM@ start --nofork
+ StandardOutput=syslog
+ 
+ [Install]

strongswan.spec

@@ -0,0 +1,192 @@
+Name:           strongswan
+Version:        4.6.1
+Release:        4%{?dist}
+Summary:        An OpenSource IPsec-based VPN Solution
+Group:          System Environment/Daemons
+License:        GPLv2+
+URL:            http://www.strongswan.org/
+Source0:        http://download.strongswan.org/%{name}-%{version}.tar.gz
+Patch0:         %{name}-programname.patch
+BuildRequires:  gmp-devel
+BuildRequires:  libcurl-devel
+BuildRequires:  openldap-devel
+%if 0%{?fedora}
+BuildRequires:  systemd-units
+Requires(post): systemd-units
+Requires(preun): systemd-units
+Requires(postun): systemd-units
+%endif
+%description
+The strongSwan 4.6 branch supports both the IKEv1 and IKEv2 key exchange
+protocols in conjunction with the native NETKEY IPsec stack of the Linux
+kernel.
+
+%prep
+%setup -q
+%patch0 -p1
+
+%build
+%configure --disable-static \
+    --sysconfdir=%{_sysconfdir}/%{name} \
+    --with-ipsecdir=%{_libexecdir}/%{name} \
+    --with-ipseclibdir=%{_libdir}/%{name}
+make %{?_smp_mflags}
+
+%install
+make install DESTDIR=%{buildroot}
+# rename ipsec to strongswan
+mv %{buildroot}%{_sbindir}/{ipsec,%{name}}
+mv %{buildroot}%{_mandir}/man8/{ipsec,strongswan}.8
+# prefix man pages
+for i in %{buildroot}%{_mandir}/*/*; do
+    if echo "$i" | grep -vq '/strongswan[^\/]*$'; then
+        mv "$i" "`echo "$i" | sed -re 's|/([^/]+)$|/strongswan_\1|'`"
+    fi
+done
+# delete unwanted library files
+rm %{buildroot}%{_libdir}/%{name}/*.so
+find %{buildroot} -type f -name '*.la' -delete
+# fix config permissions
+chmod 644 %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf
+# protect configuration from ordinary user's eyes
+chmod 700 %{buildroot}%{_sysconfdir}/%{name}
+
+%files
+%doc README COPYING NEWS CREDITS TODO
+%dir %{_sysconfdir}/%{name}
+%config(noreplace) %{_sysconfdir}/%{name}/ipsec.conf
+%config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf
+%if 0%{?fedora}
+%{_unitdir}/%{name}.service
+%endif
+%dir %{_libdir}/%{name}
+%{_libdir}/%{name}/libcharon.so.0
+%{_libdir}/%{name}/libcharon.so.0.0.0
+%{_libdir}/%{name}/libhydra.so.0
+%{_libdir}/%{name}/libhydra.so.0.0.0
+%{_libdir}/%{name}/lib%{name}.so.0
+%{_libdir}/%{name}/lib%{name}.so.0.0.0
+%dir %{_libdir}/%{name}/plugins
+%{_libdir}/%{name}/plugins/lib%{name}-aes.so
+%{_libdir}/%{name}/plugins/lib%{name}-attr.so
+%{_libdir}/%{name}/plugins/lib%{name}-constraints.so
+%{_libdir}/%{name}/plugins/lib%{name}-des.so
+%{_libdir}/%{name}/plugins/lib%{name}-dnskey.so
+%{_libdir}/%{name}/plugins/lib%{name}-fips-prf.so
+%{_libdir}/%{name}/plugins/lib%{name}-gmp.so
+%{_libdir}/%{name}/plugins/lib%{name}-hmac.so
+%{_libdir}/%{name}/plugins/lib%{name}-kernel-netlink.so
+%{_libdir}/%{name}/plugins/lib%{name}-md5.so
+%{_libdir}/%{name}/plugins/lib%{name}-pem.so
+%{_libdir}/%{name}/plugins/lib%{name}-pgp.so
+%{_libdir}/%{name}/plugins/lib%{name}-pkcs1.so
+%{_libdir}/%{name}/plugins/lib%{name}-pubkey.so
+%{_libdir}/%{name}/plugins/lib%{name}-random.so
+%{_libdir}/%{name}/plugins/lib%{name}-resolve.so
+%{_libdir}/%{name}/plugins/lib%{name}-revocation.so
+%{_libdir}/%{name}/plugins/lib%{name}-sha1.so
+%{_libdir}/%{name}/plugins/lib%{name}-sha2.so
+%{_libdir}/%{name}/plugins/lib%{name}-socket-raw.so
+%{_libdir}/%{name}/plugins/lib%{name}-stroke.so
+%{_libdir}/%{name}/plugins/lib%{name}-updown.so
+%{_libdir}/%{name}/plugins/lib%{name}-x509.so
+%{_libdir}/%{name}/plugins/lib%{name}-xauth.so
+%{_libdir}/%{name}/plugins/lib%{name}-xcbc.so
+%dir %{_libexecdir}/%{name}
+%{_libexecdir}/%{name}/_copyright
+%{_libexecdir}/%{name}/_pluto_adns
+%{_libexecdir}/%{name}/_updown
+%{_libexecdir}/%{name}/_updown_espmark
+%{_libexecdir}/%{name}/charon
+%{_libexecdir}/%{name}/openac
+%{_libexecdir}/%{name}/pki
+%{_libexecdir}/%{name}/pluto
+%{_libexecdir}/%{name}/scepclient
+%{_libexecdir}/%{name}/starter
+%{_libexecdir}/%{name}/stroke
+%{_libexecdir}/%{name}/whack
+%{_sbindir}/%{name}
+%{_mandir}/man3/%{name}_anyaddr.3.gz
+%{_mandir}/man3/%{name}_atoaddr.3.gz
+%{_mandir}/man3/%{name}_atoasr.3.gz
+%{_mandir}/man3/%{name}_atoul.3.gz
+%{_mandir}/man3/%{name}_goodmask.3.gz
+%{_mandir}/man3/%{name}_initaddr.3.gz
+%{_mandir}/man3/%{name}_initsubnet.3.gz
+%{_mandir}/man3/%{name}_portof.3.gz
+%{_mandir}/man3/%{name}_rangetosubnet.3.gz
+%{_mandir}/man3/%{name}_sameaddr.3.gz
+%{_mandir}/man3/%{name}_subnetof.3.gz
+%{_mandir}/man3/%{name}_ttoaddr.3.gz
+%{_mandir}/man3/%{name}_ttodata.3.gz
+%{_mandir}/man3/%{name}_ttosa.3.gz
+%{_mandir}/man3/%{name}_ttoul.3.gz
+%{_mandir}/man5/%{name}_ipsec.conf.5.gz
+%{_mandir}/man5/%{name}_ipsec.secrets.5.gz
+%{_mandir}/man5/%{name}.conf.5.gz
+%{_mandir}/man8/%{name}__updown.8.gz
+%{_mandir}/man8/%{name}__updown_espmark.8.gz
+%{_mandir}/man8/%{name}.8.gz
+%{_mandir}/man8/%{name}_openac.8.gz
+%{_mandir}/man8/%{name}_pluto.8.gz
+%{_mandir}/man8/%{name}_scepclient.8.gz
+
+%post
+/sbin/ldconfig
+%if 0%{?fedora}
+if [ $1 -eq 1 ] ; then
+    # Initial installation
+    /bin/systemctl daemon-reload >/dev/null 2>&1 || :
+fi
+%endif
+
+%if 0%{?fedora}
+%preun
+if [ $1 -eq 0 ] ; then
+    # Package removal, not upgrade
+    /bin/systemctl --no-reload disable %{name}.service > /dev/null 2>&1 || :
+    /bin/systemctl stop %{name}.service > /dev/null 2>&1 || :
+fi
+%endif
+
+%postun
+/sbin/ldconfig
+%if 0%{?fedora}
+/bin/systemctl daemon-reload >/dev/null 2>&1 || :
+if [ $1 -ge 1 ] ; then
+    # Package upgrade, not uninstall
+    /bin/systemctl try-restart %{name}.service >/dev/null 2>&1 || :
+fi
+%endif
+
+#TODO manpages
+
+%changelog
+* Sat Jan 21 2012 Pavel Šimerda <pavlix@pavlix.net> - 4.6.1-4
+- Protect configuration directory from ordinary users
+- Add still missing directory /etc/strongswan
+
+* Fri Jan 20 2012 Pavel Šimerda <pavlix@pavlix.net> - 4.6.1-3
+- Change directory structure to avoid clashes with Openswan
+- Prefixed all manpages with 'strongswan_'
+- Every file now includes 'strongswan' somewhere in its path
+- Removed conflict with Openswan
+- Finally fix permissions on strongswan.conf
+
+* Fri Jan 20 2012 Pavel Šimerda <pavlix@pavlix.net> - 4.6.1-2
+- Change license tag from GPL to GPLv2+
+- Change permissions on /etc/strongswan.conf to 644
+- Rename ipsec.8 manpage to strongswan.8
+- Fix empty scriptlets for non-fedora builds
+- Add ldconfig scriptlet
+- Add missing directories and files
+
+* Sun Jan 01 2012 Pavel Šimerda <pavlix@pavlix.net - 4.6.1-1
+- Bump to version 4.6.1
+
+* Sun Jan 01 2012 Pavel Šimerda <pavlix@pavlix.net - 4.6.0-3
+- Add systemd scriptlets
+- Add conditions to also support EPEL6
+
+* Sat Dec 10 2011 Pavel Šimerda <pavlix@pavlix.net> - 4.6.0-2
+- Experimental build for development