Name: racoon2 Version: 20100526a Release: 17%{?dist} Summary: An implementation of key management system for IPsec Group: System Environment/Daemons License: BSD URL: http://www.racoon2.wide.ad.jp/ Source0: http://ftp.racoon2.wide.ad.jp/pub/%{name}/%{name}-%{version}.tgz Patch0: %{name}-autotools.patch Patch1: %{name}-init.patch Patch2: %{name}-functions-shebang.patch Patch3: %{name}-configfiles.patch BuildRequires: byacc BuildRequires: flex BuildRequires: openssl-devel Requires(post): pwgen %if 0%{?fedora} >= 15 || 0%{?rhel} >= 7 BuildRequires: systemd-units Requires(post): systemd-units Requires(preun): systemd-units Requires(postun): systemd-units %else Requires(post): chkconfig Requires(preun): chkconfig Requires(preun): initscripts %endif %description The Racoon2 project is a joint effort which provides an implementation of key management system for IPsec. The implementation is called Racoon2, a successor of Racoon, which was developed by the KAME project. It supports IKEv1, IKEv2, and KINK protocols. It works on FreeBSD, NetBSD, Linux, and Mac OS X. %prep %setup -q %patch0 -p1 %patch1 -p1 %patch2 -p1 %patch3 -p1 %build %configure --disable-kinkd --disable-pedant # --disable-kinkd: KINK must be disabled unless krb5 is compiled --with-crypto-impl=builtin # because kinkd uses krb5's internal crypto functions that are not compiled otherwise. # --disable-pedant: Racoon2 doesn't compile with pedantic compiler. make %{?_smp_mflags} sed -i 's/\t/ /' samples/*.conf # Disable spmd.pwd generation echo "#!/bin/sh" > pskgen/autogen.spmd.pwd %install rm -rf %{buildroot} make install DESTDIR=%{buildroot} # Rename binaries and manpages for name in spmd spmdctl iked pskgen; do mv %{buildroot}%{_sbindir}/{,%{name}-}$name mv %{buildroot}%{_mandir}/man8/{,%{name}-}$name.8 done # Delete initscripts first rm %{buildroot}%{_initddir}/* # Install systemd units or initscripts %if 0%{?fedora} >= 15 || 0%{?rhel} >= 7 install -m 755 -t %{buildroot}%{_sbindir} %{name} install -d %{buildroot}%{_unitdir} install -m 644 -t %{buildroot}%{_unitdir} %{name}.service %else install -m 755 %{name}.sysvinit %{buildroot}%{_initddir}/%{name} %endif %files %defattr(-,root,root,-) %dir %{_sysconfdir}/%{name} %config(noreplace) %{_sysconfdir}/%{name}/default.conf %config(noreplace) %{_sysconfdir}/%{name}/local-test.conf %config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf %config(noreplace) %{_sysconfdir}/%{name}/transport_ike.conf %config(noreplace) %{_sysconfdir}/%{name}/transport_kink.conf %config(noreplace) %{_sysconfdir}/%{name}/tunnel_ike.conf %config(noreplace) %{_sysconfdir}/%{name}/tunnel_ike_natt.conf %config(noreplace) %{_sysconfdir}/%{name}/tunnel_kink.conf %config(noreplace) %{_sysconfdir}/%{name}/vals.conf %dir %{_sysconfdir}/%{name}/hook %{_sysconfdir}/%{name}/hook/child-down %{_sysconfdir}/%{name}/hook/child-rekey %{_sysconfdir}/%{name}/hook/child-up %{_sysconfdir}/%{name}/hook/child-up.d/00childup_sample %config(noreplace) %{_sysconfdir}/%{name}/hook/functions %{_sysconfdir}/%{name}/hook/ikesa-down %{_sysconfdir}/%{name}/hook/ikesa-rekey %{_sysconfdir}/%{name}/hook/ikesa-up %{_sysconfdir}/%{name}/hook/ikesa-up.d/00ikesaup_sample %{_sysconfdir}/%{name}/hook/migration %{_sysconfdir}/%{name}/hook/ph1-down %{_sysconfdir}/%{name}/hook/ph1-up %{_sbindir}/%{name}-iked %{_sbindir}/%{name}-pskgen %{_sbindir}/%{name}-spmd %{_sbindir}/%{name}-spmdctl %dir %{_var}/run/%{name} %{_mandir}/man8/%{name}-iked.8.gz %{_mandir}/man8/%{name}-pskgen.8.gz %{_mandir}/man8/%{name}-spmd.8.gz %{_mandir}/man8/%{name}-spmdctl.8.gz %if 0%{?fedora} >= 15 || 0%{?rhel} >= 7 %{_sbindir}/%{name} %{_unitdir}/%{name}.service %else %{_initddir}/%{name} %endif %post if [ ! -e "%{_sysconfdir}/%{name}/spmd.pwd" ]; then pwgen > %{_sysconfdir}/%{name}/spmd.pwd chmod 600 %{_sysconfdir}/%{name}/spmd.pwd fi %if 0%{?fedora} >= 15 || 0%{?rhel} >= 7 if [ $1 -eq 1 ] ; then # Initial installation /bin/systemctl daemon-reload >/dev/null 2>&1 || : fi %else /sbin/chkconfig --add %{name} %endif %preun %if 0%{?fedora} >= 15 || 0%{?rhel} >= 7 if [ $1 -eq 0 ] ; then # Package removal, not upgrade /bin/systemctl --no-reload disable %{name}-spmd.service > /dev/null 2>&1 || : /bin/systemctl stop %{name}.service > /dev/null 2>&1 || : fi %else if [ $1 -eq 0 ] ; then /sbin/service %{name} stop >/dev/null 2>&1 /sbin/chkconfig --del %{name} fi %endif %postun %if 0%{?fedora} >= 15 || 0%{?rhel} >= 7 /bin/systemctl daemon-reload >/dev/null 2>&1 || : if [ $1 -ge 1 ] ; then # Package upgrade, not uninstall /bin/systemctl try-restart %{name}.service >/dev/null 2>&1 || : fi %else %endif %changelog * Mon Mar 05 2012 Pavel Å imerda <pavlix@pavlix.net> - 20100526a-17 - Prefix binaries with racoon2- * Tue Feb 14 2012 Pavel Å imerda <pavlix@pavlix.net> - 20100526a-16 - Fixed systemd dependencies - Switched to a single systemd unit or single initscript * Tue Feb 14 2012 Pavel Å imerda <pavlix@pavlix.net> - 20100526a-15 - Expand tabs in config files for better readability * Mon Feb 13 2012 Pavel Å imerda <pavlix@pavlix.net> - 20100526a-14 - rebuilt * Sat Jan 21 2012 Pavel Å imerda <pavlix@pavlix.net> - 20100526a-13 - Added rm at the beginning of install section - Changed conditionals to versioned ones * Sun Jan 15 2012 Pavel Å imerda <pavlix@pavlix.net> - 20100526a-12 - Removed sysvinit subpackage - Added conditionals to handle different init systems - Changed initrd macro to initd - Marked functions as config file * Fri Dec 30 2011 Pavel Å imerda <pavlix@pavlix.net> - 20100526a-11 - Removed -fno-strict-aliasing - Removed -D_GNU_SOURCE=1 - Added rationale for --disable-kinkd and --disable-pedant - Removed @prefix@ from configuration files (patch) * Thu Dec 29 2011 Pavel Å imerda <pavlix@pavlix.net> - 20100526a-10 - Added pwgen dependency - Moved various inline fixes from specfile to patches - Fixed racoon2 configuration path (/etc/racoon2) * Wed Dec 07 2011 Pavel Å imerda <pavlix@pavlix.net> - 20100526a-9 - Incorporated more rpmlint feedback - Directories are now specified by macros - Added systemd scriptlets - Added needed /var/run/racoon2 directory - Added directories to files section * Wed Nov 09 2011 pavlix - 20100526a-8 - Incorporated rpmlint feedback * Wed Nov 09 2011 pavlix - 20100526a-7 - Experimental build for packaging