/[gentoo-x86]/net-firewall/ipsec-tools/ipsec-tools-0.7.3-r1.ebuild
Gentoo

Contents of /net-firewall/ipsec-tools/ipsec-tools-0.7.3-r1.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.9 - (show annotations) (download)
Thu Sep 27 14:11:26 2012 UTC (22 months ago) by blueness
Branch: MAIN
CVS Tags: HEAD
Changes since 1.8: +1 -1 lines
FILE REMOVED
Remove older unstable version

(Portage version: 2.1.11.9/cvs/Linux x86_64)

1 # Copyright 1999-2012 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.7.3-r1.ebuild,v 1.8 2012/07/12 00:11:13 blueness Exp $
4
5 EAPI="4"
6
7 inherit eutils flag-o-matic autotools linux-info
8
9 DESCRIPTION="A port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation"
10 HOMEPAGE="http://ipsec-tools.sourceforge.net/"
11 SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
12
13 LICENSE="BSD GPL-2"
14 SLOT="0"
15 KEYWORDS="~amd64 ~ppc ~sparc ~x86"
16 IUSE="hybrid iconv idea ipv6 kerberos ldap nat pam rc5 readline selinux"
17
18 DEPEND_COMMON="
19 selinux? ( sys-libs/libselinux )
20 readline? ( sys-libs/readline )
21 pam? ( sys-libs/pam )
22 ldap? ( net-nds/openldap )
23 kerberos? ( virtual/krb5 )
24 >=dev-libs/openssl-0.9.8
25 iconv? ( virtual/libiconv )"
26 # radius? ( net-dialup/gnuradius )
27
28 RDEPEND="${DEPEND_COMMON}
29 selinux? ( sec-policy/selinux-ipsec )"
30
31 DEPEND="${DEPEND_COMMON}
32 >=sys-kernel/linux-headers-2.6.30"
33
34 pkg_setup() {
35 get_version
36 if kernel_is -ge 2 6 19 ; then
37 einfo "Checking for suitable kernel configuration (Networking | Networking support | Networking options)"
38
39 if use nat; then
40 CONFIG_CHECK="${CONFIG_CHECK} ~NETFILTER_XT_MATCH_POLICY"
41 export WARNING_NETFILTER_XT_MATCH_POLICY="NAT support may fail weirdly unless you enable this option in your kernel"
42 fi
43
44 for i in XFRM_USER NET_KEY; do
45 CONFIG_CHECK="${CONFIG_CHECK} ~${i}"
46 eval "export WARNING_${i}='No tunnels will be available at all (${i})'"
47 done
48
49 for i in INET_IPCOMP INET_AH INET_ESP \
50 INET_XFRM_MODE_TRANSPORT \
51 INET_XFRM_MODE_TUNNEL \
52 INET_XFRM_MODE_BEET ; do
53 CONFIG_CHECK="${CONFIG_CHECK} ~${i}"
54 eval "export WARNING_${i}='IPv4 tunnels will not be available (${i})'"
55 done
56
57 for i in INET6_IPCOMP INET6_AH INET6_ESP \
58 INET6_XFRM_MODE_TRANSPORT \
59 INET6_XFRM_MODE_TUNNEL \
60 INET6_XFRM_MODE_BEET ; do
61 CONFIG_CHECK="${CONFIG_CHECK} ~${i}"
62 eval "export WARNING_${i}='IPv6 tunnels will not be available (${i})'"
63 done
64
65 CONFIG_CHECK="${CONFIG_CHECK} ~CRYPTO_NULL"
66 export WARNING_CRYPTO_NULL="Unencrypted tunnels will not be available (CRYPTO_NULL)"
67 export CONFIG_CHECK
68
69 check_extra_config
70 else
71 eerror "You must have a kernel >=2.6.19 to run ipsec-tools."
72 eerror "Building now, assuming that you will run on a different kernel"
73 fi
74 }
75
76 src_prepare() {
77 # fix for bug #76741
78 sed -i 's:#include <sys/sysctl.h>::' src/racoon/pfkey.c src/setkey/setkey.c || die
79 # fix for bug #124813
80 sed -i 's:-Werror::g' "${S}"/configure.ac || die
81 # Fixing duplicate specification of vmbuf.h #300161
82 epatch "${FILESDIR}"/${PN}-duplicate-header.patch
83 # fix for building with gcc-4.6
84 sed -i 's: -R: -Wl,-R:' "${S}"/configure.ac || die
85
86 AT_M4DIR="${S}" eautoreconf
87 epunt_cxx
88 }
89
90 src_configure() {
91 # fix for bug #61025
92 filter-flags -march=c3
93
94 myconf="--with-kernel-headers=/usr/include \
95 --enable-dependency-tracking \
96 --enable-dpd \
97 --enable-frag \
98 --enable-stats \
99 --enable-fastquit \
100 --enable-stats \
101 --enable-adminport \
102 $(use_enable ipv6) \
103 $(use_enable rc5) \
104 $(use_enable idea) \
105 $(use_with readline)
106 $(use_enable kerberos gssapi) \
107 $(use_with ldap libldap) \
108 $(use_with pam libpam)"
109
110 # we do not want broken-natt from the kernel
111 # myconf="${myconf} $(use_enable broken-natt)"
112 use nat && myconf="${myconf} --enable-natt --enable-natt-versions=yes"
113
114 # we only need security-context when using selinux
115 myconf="${myconf} $(use_enable selinux security-context)"
116
117 # enable mode-cfg and xauth support
118 if use pam; then
119 myconf="${myconf} --enable-hybrid"
120 else
121 myconf="${myconf} $(use_enable hybrid)"
122 fi
123
124 # dev-libs/libiconv is hard masked
125 #use iconv && myconf="${myconf} $(use_with iconv libiconv)"
126
127 # the default (/usr/include/openssl/) is OK for Gentoo, leave it
128 # myconf="${myconf} $(use_with ssl openssl )"
129
130 # No way to get it compiling with freeradius or gnuradius
131 # We would need libradius which only exists on FreeBSD
132
133 # See bug #77369
134 #myconf="${myconf} --enable-samode-unspec"
135
136 econf ${myconf}
137 }
138
139 src_compile() {
140 emake -j1
141 }
142
143 src_install() {
144 emake DESTDIR="${D}" install
145 keepdir /var/lib/racoon
146 newconfd "${FILESDIR}"/racoon.conf.d racoon
147 newinitd "${FILESDIR}"/racoon.init.d racoon
148
149 dodoc ChangeLog README NEWS
150 dodoc -r src/racoon/samples
151 dodoc src/racoon/doc/*
152
153 docinto setkey
154 dodoc src/setkey/sample.cf
155
156 dodir /etc/racoon
157
158 # RFC are only available from CVS for the moment, see einfo below
159 #docinto "rfc"
160 #dodoc ${S}/src/racoon/rfc/*
161 }
162
163 pkg_postinst() {
164 if use nat; then
165 elog
166 elog " You have enabled the nat traversal functionnality."
167 elog " Nat versions wich are enabled by default are 00,02,rfc"
168 elog " you can find those drafts in the CVS repository:"
169 elog "cvs -d anoncvs@anoncvs.netbsd.org:/cvsroot co ipsec-tools"
170 elog
171 elog "If you feel brave enough and you know what you are"
172 elog "doing, you can consider emerging this ebuild"
173 elog "with"
174 elog "EXTRA_ECONF=\"--enable-natt-versions=08,07,06\""
175 elog
176 fi;
177
178 if use ldap; then
179 elog
180 elog " You have enabled ldap support with {$PN}."
181 elog " The man page does NOT contain any information on it yet."
182 elog " Consider to use a more recent version or CVS"
183 elog
184 fi;
185
186 elog
187 elog "Please have a look in /usr/share/doc/${P} and visit"
188 elog "http://www.netbsd.org/Documentation/network/ipsec/"
189 elog "to find a lot of information on how to configure this great tool."
190 elog
191 }
192
193 # vim: set foldmethod=marker nowrap :

  ViewVC Help
Powered by ViewVC 1.1.20