version bug as per bug #267135

Package-Manager: portage-2.2_rc31/cvs/Linux x86_64
author: Daniel Black <dragonheart@gentoo.org> 2009-04-23 13:37:02 +0000
committer: Daniel Black <dragonheart@gentoo.org> 2009-04-23 13:37:02 +0000
commit: 8333a52666896f81a4dd8bf347b36fa19ad1c8e8 (patch)
tree: eec73f6abe708369c12f1207da549fae98c9bd9d /net-firewall
parent: Bump to 1.0.9, fixes #266160 (diff)
download: historical-8333a52666896f81a4dd8bf347b36fa19ad1c8e8.tar.gz
historical-8333a52666896f81a4dd8bf347b36fa19ad1c8e8.tar.bz2
historical-8333a52666896f81a4dd8bf347b36fa19ad1c8e8.zip
3 files changed, 281 insertions, 3 deletions
diff --git a/net-firewall/ipsec-tools/ChangeLog b/net-firewall/ipsec-tools/ChangeLog
index 8ec42d8ef443..da0958220c98 100644
--- a/net-firewall/ipsec-tools/ChangeLog
+++ b/net-firewall/ipsec-tools/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for net-firewall/ipsec-tools
-# Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ChangeLog,v 1.67 2008/10/16 18:15:57 dertobi123 Exp $
+# Copyright 2000-2009 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ChangeLog,v 1.68 2009/04/23 13:37:02 dragonheart Exp $
+
+*ipsec-tools-0.7.2 (23 Apr 2009)
+
+  23 Apr 2009; Daniel Black <dragonheart@gentoo.org>
+  +ipsec-tools-0.7.2.ebuild:
+  version bug as per bug #267135
 
   16 Oct 2008; Tobias Scherbaum <dertobi123@gentoo.org>
   ipsec-tools-0.7.1.ebuild:
diff --git a/net-firewall/ipsec-tools/Manifest b/net-firewall/ipsec-tools/Manifest
index 8ce9cfd18930..22d06d3eaeb3 100644
--- a/net-firewall/ipsec-tools/Manifest
+++ b/net-firewall/ipsec-tools/Manifest
@@ -2,7 +2,9 @@ AUX racoon.conf.d 621 RMD160 773a21f70bd4786eb6758f052bb54cc40273c259 SHA1 1291d
 AUX racoon.init.d 1314 RMD160 14fd9ea02fdb20d13a0e3284e1f1e468117247f2 SHA1 41cb71c0354d632ad35565dbf98a26364b592d56 SHA256 7c9447197032b30a2cb76a62179a3b0ef3768870c340adf4743976e7d65eba75
 DIST ipsec-tools-0.6.7.tar.bz2 723032 RMD160 97c27922f5be941fd6c69e35e69bed921b9f13e7 SHA1 ed3a6566409c506d5a7cd82cf263a5b8df3fad55 SHA256 4239f836dc610a2443ded7ba35cb3b87de9d582c800e5d9eb5eed37defd61ef2
 DIST ipsec-tools-0.7.1.tar.bz2 784046 RMD160 98c5bb292006fb49eb78133059ee74d0dd3b8122 SHA1 7a2ef71ece73710bf9a5ef2f63aacfcea1c58efb SHA256 ca9895808d354cc3e1c114687bb66a5f8efac2c6c42fce39687b369624c62fc0
+DIST ipsec-tools-0.7.2.tar.bz2 792731 RMD160 77dfa746efe69f956bd3a3369412edc06e6f2a3d SHA1 c9727d6bc99e4e1d390d3959b2712e6e92f29f81 SHA256 08722ff6c62de3e042fef337454f03622a79053108d6dcc686c9c854f9f9e031
 EBUILD ipsec-tools-0.6.7.ebuild 8292 RMD160 858e01df1a89602ebd7bdec89248817b0793bd10 SHA1 17532d5fe99d32258872f0ec664dfa8a68d5479e SHA256 4412ca3d2c4ce34e4838f9be4b5bc7a0fe81bd49d84b2bbd7163638a3c3d6e89
 EBUILD ipsec-tools-0.7.1.ebuild 8266 RMD160 2d7f5df13e503a98e9c421c29b3226749aaca9eb SHA1 42289e77a04d82993314e4d317a2c2229abbc6b0 SHA256 df38c03d8e2305624dcde0d3fc59452916800a226637ef9f77f3705c0311e73e
-MISC ChangeLog 10826 RMD160 fd0f3b1388b471a90ff9a7f19c6c1359311e7cbb SHA1 92be954608729f1a889abf78631cb84a64054213 SHA256 8eceee487d8e1abb7d10ac02bee8d6a0285373b1cbf1022f7718e208b01316a0
+EBUILD ipsec-tools-0.7.2.ebuild 8271 RMD160 8f2b007f84d6ab2692259b86feeb495100b52e6b SHA1 ccfe6988ac0dde9836737300f9409e5b96ae6fc8 SHA256 d945cd23a48cd1700fcb2905f23182e17dd758f3e81a1befa75b842b118cfad6
+MISC ChangeLog 10977 RMD160 fd40750ccc876a5927f3c5f6493fc6f844045dd6 SHA1 be7154f1cb07113dba3ebf7e70e8fba89bb5b07b SHA256 e08848e81a00324cbe98cfe6294abef19c3d655857ac3931f0cd3f13f9400282
 MISC metadata.xml 524 RMD160 351bb5819013ef3b7ec49fe70d22f363490a5ba1 SHA1 681504ef57886ed098e7bd5b13363c31fc7ce750 SHA256 b6818c278dcc159f496cadff08d546d6971be255cb4353728a08e03f2fbc47ef
diff --git a/net-firewall/ipsec-tools/ipsec-tools-0.7.2.ebuild b/net-firewall/ipsec-tools/ipsec-tools-0.7.2.ebuild
new file mode 100644
index 000000000000..cadec6991e5e
--- /dev/null
+++ b/net-firewall/ipsec-tools/ipsec-tools-0.7.2.ebuild
@@ -0,0 +1,270 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.7.2.ebuild,v 1.1 2009/04/23 13:37:02 dragonheart Exp $
+
+inherit eutils flag-o-matic autotools linux-info
+
+DESCRIPTION="A port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation"
+HOMEPAGE="http://ipsec-tools.sourceforge.net/"
+SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~sparc ~x86"
+IUSE="idea ipv6 pam rc5 readline selinux ldap kerberos nat hybrid iconv selinux"
+
+# FIXME: what is the correct syntax for ~sparc ???
+DEPEND="!sparc? ( >=sys-kernel/linux-headers-2.6 )
+	readline? ( sys-libs/readline )
+	pam? ( sys-libs/pam )
+	ldap? ( net-nds/openldap )
+	kerberos? ( virtual/krb5 )
+	>=dev-libs/openssl-0.9.8
+	iconv? ( virtual/libiconv )
+	selinux? ( sys-libs/libselinux )"
+#	radius? ( net-dialup/gnuradius )
+
+RDEPEND="${DEPEND}
+	selinux? ( sec-policy/selinux-ipsec-tools )"
+
+# {{{ kernel_check()
+kernel_check() {
+	get_version
+	if kernel_is 2 6 ; then
+		if test "${KV_PATCH}" -ge 19 ; then
+		# Just for kernel >=2.6.19
+			ebegin "Checking for suitable kernel configuration (Networking | Networking support | Networking options)"
+
+			if use nat ; then
+				if ! { linux_chkconfig_present NETFILTER_XT_MATCH_POLICY; } ; then
+					ewarn "[NETFILTER_XT_MATCH_POLICY] IPsec policy match support is NOT enabled"
+					eerror "${P} won't compile with use nat traversal (USE=nat) until you enable NETFILTER_XT_MATCH_POLICY in your kernel"
+					die
+				else
+					einfo "....[NETFILTER_XT_MATCH_POLICY] IPsec policy match support is enabled :-)"
+				fi
+			fi
+			# {{{ general stuff
+			if ! { linux_chkconfig_present XFRM_USER; }; then
+				ewarn "[XFRM_USER] Transformation user configuration interface is NOT enabled."
+			else
+				einfo "....[XFRM_USER] Transformation user configuration interface is enabled :-)"
+			fi
+
+			if ! { linux_chkconfig_present NET_KEY; }; then
+				ewarn "[NET_KEY] PF_KEY sockets is NOT enabled."
+			else
+				einfo "....[NET_KEY] PF_KEY sockets is enabled :-)"
+			fi
+			# }}}
+			# {{{ IPv4 stuff
+			if ! { linux_chkconfig_present INET_IPCOMP; }; then
+				ewarn "[INET_IPCOMP] IP: IPComp transformation is NOT enabled"
+			else
+				einfo "....[INET_IPCOMP] IP: IPComp transformation is enabled :-)"
+			fi
+
+			if ! { linux_chkconfig_present INET_AH; }; then
+				ewarn "[INET_AH] AH Transformation is NOT enabled."
+			else
+				einfo "....[INET_AH] AH Transformation is enabled :-)"
+			fi
+
+			if ! { linux_chkconfig_present INET_ESP; }; then
+				ewarn "[INET_ESP] ESP Transformation is NOT enabled."
+			else
+				einfo "....[INET_ESP] ESP Transformation is enabled :-)"
+			fi
+
+			if ! { linux_chkconfig_present INET_XFRM_MODE_TRANSPORT; }; then
+				ewarn "[INET_XFRM_MODE_TRANSPORT] IP: IPsec transport mode is NOT enabled."
+			else
+				einfo "....[INET_XFRM_MODE_TRANSPORT] IP: IPsec transport mode is enabled :-)"
+			fi
+
+			if ! { linux_chkconfig_present INET_XFRM_MODE_TUNNEL; }; then
+				ewarn "[INET_XFRM_MODE_TUNNEL] IP: IPsec tunnel mode is NOT enabled."
+			else
+				einfo "....[INET_XFRM_MODE_TUNNEL] IP: IPsec tunnel mode is enabled :-)"
+			fi
+
+			if ! { linux_chkconfig_present INET_XFRM_MODE_BEET; }; then
+				ewarn "[INET_XFRM_MODE_BEET] IP: IPsec BEET mode is NOT enabled."
+			else
+				einfo "....[INET_XFRM_MODE_BEET] IP: IPsec BEET mode is enabled :-)"
+			fi
+			# }}}
+			# {{{ IPv6 stuff
+			if use ipv6 ; then
+				if ! { linux_chkconfig_present INET6_IPCOMP; }; then
+					ewarn "[INET6_IPCOMP] IPv6: IPComp transformation is NOT enabled"
+				else
+					einfo "....[INET6_IPCOMP] IPv6: IPComp transformation is enabled :-)"
+				fi
+
+				if ! { linux_chkconfig_present INET6_AH; }; then
+					ewarn "[INET6_AH] IPv6: AH Transformation is NOT enabled."
+				else
+					einfo "....[INET6_AH] IPv6: AH Transformation is enabled :-)"
+				fi
+
+				if ! { linux_chkconfig_present INET6_ESP; }; then
+					ewarn "[INET6_ESP] IPv6: ESP Transformation is NOT enabled."
+				else
+					einfo "....[INET6_ESP] IPv6: ESP Transformation is enabled :-)"
+				fi
+
+				if ! { linux_chkconfig_present INET6_XFRM_MODE_TRANSPORT; }; then
+					ewarn "[INET6_XFRM_MODE_TRANSPORT] IPv6: IPsec transport mode is NOT enabled."
+				else
+					einfo "....[INET6_XFRM_MODE_TRANSPORT] IPv6: IPsec transport mode is enabled :-)"
+				fi
+
+				if ! { linux_chkconfig_present INET6_XFRM_MODE_TUNNEL; }; then
+					ewarn "[INET6_XFRM_MODE_TUNNEL] IPv6: IPsec tunnel mode is NOT enabled."
+				else
+					einfo "....[INET6_XFRM_MODE_TUNNEL] IPv6: IPsec tunnel mode is enabled :-)"
+				fi
+
+				if ! { linux_chkconfig_present INET6_XFRM_MODE_BEET; }; then
+					ewarn "[INET6_XFRM_MODE_BEET] IPv6: IPsec BEET mode is NOT enabled."
+				else
+					einfo "....[INET6_XFRM_MODE_BEET] IPv6: IPsec BEET mode is enabled :-)"
+				fi
+				if ! { linux_chkconfig_present CRYPTO_NULL; }; then
+					ewarn "[CRYPTO_NULL] Crypto: NULL algorithm is NOT enabled"
+				else
+					einfo "....[CRYPTO_NULL] Cyrpto: Crypto NULL algorithm enabled :-)"
+				fi
+fi
+			# }}}
+
+			eend $?
+		fi
+	fi
+}
+# }}}
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+	# fix for bug #76741
+	sed -i 's:#include <sys/sysctl.h>::' src/racoon/pfkey.c src/setkey/setkey.c
+	# fix for bug #124813
+	sed -i 's:-Werror::g' "${S}"/configure.ac
+
+	AT_M4DIR="${S}" eautoreconf
+	epunt_cxx
+}
+
+src_compile() {
+	# fix for bug #61025
+	filter-flags -march=c3
+
+	kernel_check
+
+	myconf="--with-kernel-headers=${KV_DIR}/include \
+			--enable-dependency-tracking \
+			--enable-dpd \
+			--enable-frag \
+			--enable-stats \
+			--enable-fastquit \
+			--enable-stats \
+			--enable-adminport \
+			$(use_enable ipv6) \
+			$(use_enable rc5) \
+			$(use_enable idea) \
+			$(use_with readline)
+			$(use_enable kerberos gssapi) \
+			$(use_with ldap libldap) \
+			$(use_with pam libpam)"
+
+#	we do not want broken-natt from the kernel
+#	myconf="${myconf} $(use_enable broken-natt)"
+	use nat && myconf="${myconf} --enable-natt --enable-natt-versions=yes"
+
+	# we only need security-context when using selinux
+	myconf="${myconf} $(use_enable selinux security-context)"
+
+	# enable mode-cfg and xauth support
+	if use pam; then
+		myconf="${myconf} --enable-hybrid"
+	else
+		myconf="${myconf} $(use_enable hybrid)"
+	fi
+
+	# dev-libs/libiconv is hard masked
+	#use iconv && myconf="${myconf} $(use_with iconv libiconv)"
+
+	# the default (/usr/include/openssl/) is OK for Gentoo, leave it
+	# myconf="${myconf} $(use_with ssl openssl )"
+
+	# No way to get it compiling with freeradius or gnuradius
+	# We would need libradius which only exists on FreeBSD
+
+	# See bug #77369
+	#myconf="${myconf} --enable-samode-unspec"
+
+	econf ${myconf} || die
+	emake -j1 || die
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die
+	keepdir /var/lib/racoon
+	newconfd "${FILESDIR}"/racoon.conf.d racoon
+	newinitd "${FILESDIR}"/racoon.init.d racoon
+
+	dodoc ChangeLog README NEWS
+	dodoc src/racoon/samples/*
+	dodoc src/racoon/doc/*
+
+	docinto roadwarrior
+	dodoc src/racoon/samples/roadwarrior/*
+
+	docinto roadwarrior/client
+	dodoc src/racoon/samples/roadwarrior/client/*
+	docinto roadwarrior/server
+	dodoc src/racoon/samples/roadwarrior/server/*
+
+	docinto setkey
+	dodoc src/setkey/sample.cf
+
+	dodir /etc/racoon
+
+	# RFC are only available from CVS for the moment, see einfo below
+	#docinto "rfc"
+	#dodoc ${S}/src/racoon/rfc/*
+}
+
+pkg_postinst() {
+	if use nat; then
+		elog
+		elog " You have enabled the nat traversal functionnality."
+		elog " Nat versions wich are enabled by default are 00,02,rfc"
+		elog " you can find those drafts in the CVS repository:"
+		elog "cvs -d anoncvs@anoncvs.netbsd.org:/cvsroot co ipsec-tools"
+		elog
+		elog "If you feel brave enough and you know what you are"
+		elog "doing, you can consider emerging this ebuild"
+		elog "with"
+		elog "EXTRA_ECONF=\"--enable-natt-versions=08,07,06\""
+		elog
+	fi;
+
+	if use ldap; then
+		elog
+		elog " You have enabled ldap support with {$PN}."
+		elog " The man page does NOT contain any information on it yet."
+		elog " Consider to use a more recent version or CVS"
+		elog
+	fi;
+
+	elog
+	elog "Please have a look in /usr/share/doc/${P} and visit"
+	elog "http://www.netbsd.org/Documentation/network/ipsec/"
+	elog "to find a lot of information on how to configure this great tool."
+	elog
+}
+
+# vim: set foldmethod=marker nowrap :
author	Daniel Black <dragonheart@gentoo.org>	2009-04-23 13:37:02 +0000
committer	Daniel Black <dragonheart@gentoo.org>	2009-04-23 13:37:02 +0000
commit	8333a52666896f81a4dd8bf347b36fa19ad1c8e8 (patch)
tree	eec73f6abe708369c12f1207da549fae98c9bd9d /net-firewall
parent	Bump to 1.0.9, fixes #266160 (diff)
download	historical-8333a52666896f81a4dd8bf347b36fa19ad1c8e8.tar.gz historical-8333a52666896f81a4dd8bf347b36fa19ad1c8e8.tar.bz2 historical-8333a52666896f81a4dd8bf347b36fa19ad1c8e8.zip