/[gentoo-x86]/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r3.ebuild
Gentoo

Contents of /net-firewall/ipsec-tools/ipsec-tools-0.8.0-r3.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.2 - (hide annotations) (download)
Fri Mar 9 23:03:37 2012 UTC (2 years, 7 months ago) by blueness
Branch: MAIN
Changes since 1.1: +2 -2 lines
Tested on ppc

(Portage version: 2.1.10.44/cvs/Linux x86_64)

1 blueness 1.1 # Copyright 1999-2012 Gentoo Foundation
2     # Distributed under the terms of the GNU General Public License v2
3 blueness 1.2 # $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r3.ebuild,v 1.1 2012/03/08 12:03:24 blueness Exp $
4 blueness 1.1
5     EAPI="4"
6    
7     inherit eutils flag-o-matic autotools linux-info pam
8    
9     DESCRIPTION="A port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation"
10     HOMEPAGE="http://ipsec-tools.sourceforge.net/"
11     SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
12    
13     LICENSE="BSD"
14     SLOT="0"
15 blueness 1.2 KEYWORDS="~amd64 ~ppc ~x86"
16 blueness 1.1 IUSE="hybrid idea ipv6 kerberos ldap nat pam rc5 readline selinux stats"
17    
18     RDEPEND="
19     dev-libs/openssl
20     kerberos? ( virtual/krb5 )
21     ldap? ( net-nds/openldap )
22     pam? ( sys-libs/pam )
23     readline? ( sys-libs/readline )
24     selinux? (
25     sys-libs/libselinux
26     sec-policy/selinux-ipsec-tools
27     )"
28    
29     DEPEND="${RDEPEND}
30     >=sys-kernel/linux-headers-2.6.30"
31    
32     pkg_setup() {
33     linux-info_pkg_setup
34    
35     get_version
36    
37     if linux_config_exists && kernel_is -ge 2 6 19; then
38     ewarn
39     ewarn "\033[1;33m**************************************************\033[00m"
40     ewarn
41     ewarn "Checking kernel configuration in /usr/src/linux or"
42     ewarn "or /proc/config.gz for compatibility with ${PN}."
43     ewarn "Here are the potential problems:"
44     ewarn
45    
46     local nothing="1"
47    
48     # Check options for all flavors of IPSec
49     local msg=""
50     for i in XFRM_USER NET_KEY; do
51     if ! linux_chkconfig_present ${i}; then
52     msg="${msg} ${i}"
53     fi
54     done
55     if [[ ! -z "$msg" ]]; then
56     nothing="0"
57     ewarn
58     ewarn "ALL IPSec may fail. CHECK:"
59     ewarn "${msg}"
60     fi
61    
62     # Check unencrypted IPSec
63     if ! linux_chkconfig_present CRYPTO_NULL; then
64     nothing="0"
65     ewarn
66     ewarn "Unencrypted IPSec may fail. CHECK:"
67     ewarn " CRYPTO_NULL"
68     fi
69    
70     # Check IPv4 IPSec
71     msg=""
72     for i in \
73     INET_IPCOMP INET_AH INET_ESP \
74     INET_XFRM_MODE_TRANSPORT \
75     INET_XFRM_MODE_TUNNEL \
76     INET_XFRM_MODE_BEET
77     do
78     if ! linux_chkconfig_present ${i}; then
79     msg="${msg} ${i}"
80     fi
81     done
82     if [[ ! -z "$msg" ]]; then
83     nothing="0"
84     ewarn
85     ewarn "IPv4 IPSec may fail. CHECK:"
86     ewarn "${msg}"
87     fi
88    
89     # Check IPv6 IPSec
90     if use ipv6; then
91     msg=""
92     for i in INET6_IPCOMP INET6_AH INET6_ESP \
93     INET6_XFRM_MODE_TRANSPORT \
94     INET6_XFRM_MODE_TUNNEL \
95     INET6_XFRM_MODE_BEET
96     do
97     if ! linux_chkconfig_present ${i}; then
98     msg="${msg} ${i}"
99     fi
100     done
101     if [[ ! -z "$msg" ]]; then
102     nothing="0"
103     ewarn
104     ewarn "IPv6 IPSec may fail. CHECK:"
105     ewarn "${msg}"
106     fi
107     fi
108    
109     # Check IPSec behind NAT
110     if use nat; then
111     if ! linux_chkconfig_present NETFILTER_XT_MATCH_POLICY; then
112     nothing="0"
113     ewarn
114     ewarn "IPSec behind NAT may fail. CHECK:"
115     ewarn " NETFILTER_XT_MATCH_POLICY"
116     fi
117     fi
118    
119     if [[ $nothing == "1" ]]; then
120     ewarn "NO PROBLEMS FOUND"
121     fi
122    
123     ewarn
124     ewarn "WARNING: If your *configured* and *running* kernel"
125     ewarn "differ either now or in the future, then these checks"
126     ewarn "may lead to misleading results."
127     ewarn
128     ewarn "\033[1;33m**************************************************\033[00m"
129     ewarn
130     else
131     eerror
132     eerror "\033[1;31m**************************************************\033[00m"
133     eerror "Make sure that your *running* kernel is/will be >=2.6.19."
134     eerror "Building ${PN} now, assuming that you know what you're doing."
135     eerror "\033[1;31m**************************************************\033[00m"
136     eerror
137     fi
138     }
139    
140     src_prepare() {
141     # fix for bug #124813
142     sed -i 's:-Werror::g' "${S}"/configure.ac || die
143     # fix for building with gcc-4.6
144     sed -i 's: -R: -Wl,-R:' "${S}"/configure.ac || die
145    
146     epatch "${FILESDIR}/${PN}-def-psk.patch"
147     epatch "${FILESDIR}/${PN}-include-vendoridh.patch"
148    
149     AT_M4DIR="${S}" eautoreconf
150     epunt_cxx
151     }
152    
153     src_configure() {
154     #--with-{iconv,libradius} lead to "Broken getaddrinfo()"
155     #--enable-samode-unspec is not supported in linux
156     local myconf
157     myconf="--with-kernel-headers=/usr/include \
158     --enable-adminport \
159     --enable-dependency-tracking \
160     --enable-dpd \
161     --enable-frag \
162     --without-libiconv \
163     --without-libradius \
164     --disable-samode-unspec \
165     $(use_enable idea) \
166     $(use_enable ipv6) \
167     $(use_enable kerberos gssapi) \
168     $(use_with ldap libldap) \
169     $(use_enable nat natt) \
170     $(use_with pam libpam) \
171     $(use_enable rc5) \
172     $(use_with readline) \
173     $(use_enable selinux security-context) \
174     $(use_enable stats)"
175    
176     use nat && myconf="${myconf} --enable-natt-versions=yes"
177    
178     # enable mode-cfg and xauth support
179     if use pam; then
180     myconf="${myconf} --enable-hybrid"
181     else
182     myconf="${myconf} $(use_enable hybrid)"
183     fi
184    
185     econf ${myconf}
186     }
187    
188     src_install() {
189     emake DESTDIR="${D}" install
190     keepdir /var/lib/racoon
191     newconfd "${FILESDIR}"/racoon.conf.d racoon
192     newinitd "${FILESDIR}"/racoon.init.d racoon
193     use pam && newpamd "${FILESDIR}"/racoon.pam.d racoon
194    
195     insinto /etc
196     doins "${FILESDIR}"/ipsec.conf
197     insinto /etc/racoon
198     doins "${FILESDIR}"/racoon.conf
199     doins "${FILESDIR}"/psk.txt
200     chmod 400 "${D}"/etc/racoon/psk.txt
201    
202     dodoc ChangeLog README NEWS
203     dodoc -r src/racoon/samples
204     dodoc -r src/racoon/doc
205     docinto samples
206     newdoc src/setkey/sample.cf ipsec.conf
207     }
208    
209     pkg_postinst() {
210     if use nat; then
211     elog
212     elog "You have enabled the nat traversal functionnality."
213     elog "Nat versions wich are enabled by default are 00,02,rfc"
214     elog "you can find those drafts in the CVS repository:"
215     elog "cvs -d anoncvs@anoncvs.netbsd.org:/cvsroot co ipsec-tools"
216     elog
217     elog "If you feel brave enough and you know what you are"
218     elog "doing, you can consider emerging this ebuild with"
219     elog "EXTRA_ECONF=\"--enable-natt-versions=08,07,06\""
220     elog
221     fi
222    
223     if use ldap; then
224     elog
225     elog "You have enabled ldap support with {$PN}."
226     elog "The man page does NOT contain any information on it yet."
227     elog "Consider using a more recent version or CVS."
228     elog
229     fi
230    
231     elog
232     elog "Please have a look in /usr/share/doc/${P} and visit"
233     elog "http://www.netbsd.org/Documentation/network/ipsec/"
234     elog "to find more information on how to configure this tool."
235     elog
236     }

  ViewVC Help
Powered by ViewVC 1.1.20