[strongswan] Initial commit (#743354)
Pavel Šimerda
pavlix at fedoraproject.org
Tue Feb 14 13:19:46 UTC 2012
commit da32dd64e0e6c38e33a66b82c334005c53505baa
Author: Pavel Šimerda <pavlix at pavlix.net>
Date: Tue Feb 14 14:19:42 2012 +0100
Initial commit (#743354)
.gitignore | 1 +
sources | 1 +
strongswan-programname.patch | 13 +++
strongswan.spec | 192 ++++++++++++++++++++++++++++++++++++++++++
4 files changed, 207 insertions(+), 0 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index e69de29..20e5e30 100644
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
+/strongswan-4.6.1.tar.gz
diff --git a/sources b/sources
index e69de29..ba4269d 100644
--- a/sources
+++ b/sources
@@ -0,0 +1 @@
+87f278bb7d2bf114b96755448faa279a strongswan-4.6.1.tar.gz
diff --git a/strongswan-programname.patch b/strongswan-programname.patch
new file mode 100644
index 0000000..8d8bbe4
--- /dev/null
+++ b/strongswan-programname.patch
@@ -0,0 +1,13 @@
+Index: strongswan-4.6.0/init/systemd/strongswan.service.in
+===================================================================
+--- strongswan-4.6.0.orig/init/systemd/strongswan.service.in
++++ strongswan-4.6.0/init/systemd/strongswan.service.in
+@@ -3,7 +3,7 @@ Description=strongSwan IPsec
+ After=syslog.target
+
+ [Service]
+-ExecStart=@SBINDIR@/ipsec start --nofork
++ExecStart=@SBINDIR@/@PROGRAM@ start --nofork
+ StandardOutput=syslog
+
+ [Install]
diff --git a/strongswan.spec b/strongswan.spec
new file mode 100644
index 0000000..9e1a6a6
--- /dev/null
+++ b/strongswan.spec
@@ -0,0 +1,192 @@
+Name: strongswan
+Version: 4.6.1
+Release: 4%{?dist}
+Summary: An OpenSource IPsec-based VPN Solution
+Group: System Environment/Daemons
+License: GPLv2+
+URL: http://www.strongswan.org/
+Source0: http://download.strongswan.org/%{name}-%{version}.tar.gz
+Patch0: %{name}-programname.patch
+BuildRequires: gmp-devel
+BuildRequires: libcurl-devel
+BuildRequires: openldap-devel
+%if 0%{?fedora}
+BuildRequires: systemd-units
+Requires(post): systemd-units
+Requires(preun): systemd-units
+Requires(postun): systemd-units
+%endif
+%description
+The strongSwan 4.6 branch supports both the IKEv1 and IKEv2 key exchange
+protocols in conjunction with the native NETKEY IPsec stack of the Linux
+kernel.
+
+%prep
+%setup -q
+%patch0 -p1
+
+%build
+%configure --disable-static \
+ --sysconfdir=%{_sysconfdir}/%{name} \
+ --with-ipsecdir=%{_libexecdir}/%{name} \
+ --with-ipseclibdir=%{_libdir}/%{name}
+make %{?_smp_mflags}
+
+%install
+make install DESTDIR=%{buildroot}
+# rename ipsec to strongswan
+mv %{buildroot}%{_sbindir}/{ipsec,%{name}}
+mv %{buildroot}%{_mandir}/man8/{ipsec,strongswan}.8
+# prefix man pages
+for i in %{buildroot}%{_mandir}/*/*; do
+ if echo "$i" | grep -vq '/strongswan[^\/]*$'; then
+ mv "$i" "`echo "$i" | sed -re 's|/([^/]+)$|/strongswan_\1|'`"
+ fi
+done
+# delete unwanted library files
+rm %{buildroot}%{_libdir}/%{name}/*.so
+find %{buildroot} -type f -name '*.la' -delete
+# fix config permissions
+chmod 644 %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf
+# protect configuration from ordinary user's eyes
+chmod 700 %{buildroot}%{_sysconfdir}/%{name}
+
+%files
+%doc README COPYING NEWS CREDITS TODO
+%dir %{_sysconfdir}/%{name}
+%config(noreplace) %{_sysconfdir}/%{name}/ipsec.conf
+%config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf
+%if 0%{?fedora}
+%{_unitdir}/%{name}.service
+%endif
+%dir %{_libdir}/%{name}
+%{_libdir}/%{name}/libcharon.so.0
+%{_libdir}/%{name}/libcharon.so.0.0.0
+%{_libdir}/%{name}/libhydra.so.0
+%{_libdir}/%{name}/libhydra.so.0.0.0
+%{_libdir}/%{name}/lib%{name}.so.0
+%{_libdir}/%{name}/lib%{name}.so.0.0.0
+%dir %{_libdir}/%{name}/plugins
+%{_libdir}/%{name}/plugins/lib%{name}-aes.so
+%{_libdir}/%{name}/plugins/lib%{name}-attr.so
+%{_libdir}/%{name}/plugins/lib%{name}-constraints.so
+%{_libdir}/%{name}/plugins/lib%{name}-des.so
+%{_libdir}/%{name}/plugins/lib%{name}-dnskey.so
+%{_libdir}/%{name}/plugins/lib%{name}-fips-prf.so
+%{_libdir}/%{name}/plugins/lib%{name}-gmp.so
+%{_libdir}/%{name}/plugins/lib%{name}-hmac.so
+%{_libdir}/%{name}/plugins/lib%{name}-kernel-netlink.so
+%{_libdir}/%{name}/plugins/lib%{name}-md5.so
+%{_libdir}/%{name}/plugins/lib%{name}-pem.so
+%{_libdir}/%{name}/plugins/lib%{name}-pgp.so
+%{_libdir}/%{name}/plugins/lib%{name}-pkcs1.so
+%{_libdir}/%{name}/plugins/lib%{name}-pubkey.so
+%{_libdir}/%{name}/plugins/lib%{name}-random.so
+%{_libdir}/%{name}/plugins/lib%{name}-resolve.so
+%{_libdir}/%{name}/plugins/lib%{name}-revocation.so
+%{_libdir}/%{name}/plugins/lib%{name}-sha1.so
+%{_libdir}/%{name}/plugins/lib%{name}-sha2.so
+%{_libdir}/%{name}/plugins/lib%{name}-socket-raw.so
+%{_libdir}/%{name}/plugins/lib%{name}-stroke.so
+%{_libdir}/%{name}/plugins/lib%{name}-updown.so
+%{_libdir}/%{name}/plugins/lib%{name}-x509.so
+%{_libdir}/%{name}/plugins/lib%{name}-xauth.so
+%{_libdir}/%{name}/plugins/lib%{name}-xcbc.so
+%dir %{_libexecdir}/%{name}
+%{_libexecdir}/%{name}/_copyright
+%{_libexecdir}/%{name}/_pluto_adns
+%{_libexecdir}/%{name}/_updown
+%{_libexecdir}/%{name}/_updown_espmark
+%{_libexecdir}/%{name}/charon
+%{_libexecdir}/%{name}/openac
+%{_libexecdir}/%{name}/pki
+%{_libexecdir}/%{name}/pluto
+%{_libexecdir}/%{name}/scepclient
+%{_libexecdir}/%{name}/starter
+%{_libexecdir}/%{name}/stroke
+%{_libexecdir}/%{name}/whack
+%{_sbindir}/%{name}
+%{_mandir}/man3/%{name}_anyaddr.3.gz
+%{_mandir}/man3/%{name}_atoaddr.3.gz
+%{_mandir}/man3/%{name}_atoasr.3.gz
+%{_mandir}/man3/%{name}_atoul.3.gz
+%{_mandir}/man3/%{name}_goodmask.3.gz
+%{_mandir}/man3/%{name}_initaddr.3.gz
+%{_mandir}/man3/%{name}_initsubnet.3.gz
+%{_mandir}/man3/%{name}_portof.3.gz
+%{_mandir}/man3/%{name}_rangetosubnet.3.gz
+%{_mandir}/man3/%{name}_sameaddr.3.gz
+%{_mandir}/man3/%{name}_subnetof.3.gz
+%{_mandir}/man3/%{name}_ttoaddr.3.gz
+%{_mandir}/man3/%{name}_ttodata.3.gz
+%{_mandir}/man3/%{name}_ttosa.3.gz
+%{_mandir}/man3/%{name}_ttoul.3.gz
+%{_mandir}/man5/%{name}_ipsec.conf.5.gz
+%{_mandir}/man5/%{name}_ipsec.secrets.5.gz
+%{_mandir}/man5/%{name}.conf.5.gz
+%{_mandir}/man8/%{name}__updown.8.gz
+%{_mandir}/man8/%{name}__updown_espmark.8.gz
+%{_mandir}/man8/%{name}.8.gz
+%{_mandir}/man8/%{name}_openac.8.gz
+%{_mandir}/man8/%{name}_pluto.8.gz
+%{_mandir}/man8/%{name}_scepclient.8.gz
+
+%post
+/sbin/ldconfig
+%if 0%{?fedora}
+if [ $1 -eq 1 ] ; then
+ # Initial installation
+ /bin/systemctl daemon-reload >/dev/null 2>&1 || :
+fi
+%endif
+
+%if 0%{?fedora}
+%preun
+if [ $1 -eq 0 ] ; then
+ # Package removal, not upgrade
+ /bin/systemctl --no-reload disable %{name}.service > /dev/null 2>&1 || :
+ /bin/systemctl stop %{name}.service > /dev/null 2>&1 || :
+fi
+%endif
+
+%postun
+/sbin/ldconfig
+%if 0%{?fedora}
+/bin/systemctl daemon-reload >/dev/null 2>&1 || :
+if [ $1 -ge 1 ] ; then
+ # Package upgrade, not uninstall
+ /bin/systemctl try-restart %{name}.service >/dev/null 2>&1 || :
+fi
+%endif
+
+#TODO manpages
+
+%changelog
+* Sat Jan 21 2012 Pavel Šimerda <pavlix at pavlix.net> - 4.6.1-4
+- Protect configuration directory from ordinary users
+- Add still missing directory /etc/strongswan
+
+* Fri Jan 20 2012 Pavel Šimerda <pavlix at pavlix.net> - 4.6.1-3
+- Change directory structure to avoid clashes with Openswan
+- Prefixed all manpages with 'strongswan_'
+- Every file now includes 'strongswan' somewhere in its path
+- Removed conflict with Openswan
+- Finally fix permissions on strongswan.conf
+
+* Fri Jan 20 2012 Pavel Šimerda <pavlix at pavlix.net> - 4.6.1-2
+- Change license tag from GPL to GPLv2+
+- Change permissions on /etc/strongswan.conf to 644
+- Rename ipsec.8 manpage to strongswan.8
+- Fix empty scriptlets for non-fedora builds
+- Add ldconfig scriptlet
+- Add missing directories and files
+
+* Sun Jan 01 2012 Pavel Šimerda <pavlix at pavlix.net - 4.6.1-1
+- Bump to version 4.6.1
+
+* Sun Jan 01 2012 Pavel Šimerda <pavlix at pavlix.net - 4.6.0-3
+- Add systemd scriptlets
+- Add conditions to also support EPEL6
+
+* Sat Dec 10 2011 Pavel Šimerda <pavlix at pavlix.net> - 4.6.0-2
+- Experimental build for development
More information about the scm-commits
mailing list