Name: ipsec-tools
Version: 0.6.7
Release: 1%{?_dist_release}
Summary: Tools for configuring and using IPsec
Summary(ja): IPsecツール
License: BSD
Group: System Environment/Base
URL: http://ipsec-tools.sourceforge.net/
Source: http://prdownload.sourceforge.net/ipsec-tools/ipsec-tools-%{version}.tar.bz2
#Source1: ipsec.h
#Source2: pfkeyv2.h
Source3: racoon.conf
Source4: psk.txt
#Source5: xfrm.h
#Source6: udp.h
Source7: racoon.init
Source8: ipsec.conf

Patch: ipsec-tools-0.5-libs.patch
Patch2: isakmp.c.diff
Patch5: ipsec-tools-0.5-64bit.patch
Patch7: ipsec-tools-0.6.5-mls.patch
Patch9: racoon-lspp-ipsec.patch

#BuildRequires: openssl-devel, krb5-devel, bison, flex, automake, libtool
BuildRequires: openssl-devel, bison, flex, automake, libtool, glibc-kernheaders
#BuildRequires: libselinux-devel >= 1.30.28-2
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
#Requires: initscripts >= 7.31.11.EL-1
Requires: initscripts

Vendor: Project Vine
Distribution: Vine Linux
	
%description
This is the IPsec-Tools package.  You need this package in order to
really use the IPsec functionality in the linux-2.5+ kernels.  This
package builds:
 
	- setkey, a program to directly manipulate policies and SAs
	- racoon, an IKEv1 keying daemon

%description -l ja
これは IPsecツールのパッケージです。Linux Kernel 2.5 以上の IPsec
機能を使うにはこのパッケージが必要です。パッケージには以下の物が
含まれています。

	- setkey, SA と SP を操作/設定する為のプログラム
	- racoon, IKEv1 自動鍵交換デーモン

%prep
%setup -q
%patch -p1
%patch2 -p1
%patch5 -p1 -b .64bit
#%patch7 -p1 -b .mls
#%patch9 -p1 -b .sctx

#mkdir -p kernel-headers/linux
#cp %{SOURCE1} %{SOURCE2} %{SOURCE5} %{SOURCE6} kernel-headers/linux
#./bootstrap

%build
sed -i 's|-Werror||g' configure
CFLAGS="$RPM_OPT_FLAGS" %configure \
 --sysconfdir=%{_sysconfdir}/racoon \
 --with-kernel-headers=/usr/include \
 --without-readline \
 --enable-adminport \
 --enable-hybrid \
 --enable-frag \
 --enable-dpd \
 --enable-natt
# --enable-gssapi \
# --enable-security-context
make

%install
rm -rf $RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT/sbin
mkdir -p $RPM_BUILD_ROOT%{_sbindir}
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/racoon
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d
make install DESTDIR=$RPM_BUILD_ROOT
# no devel stuff for now
rm -rf $RPM_BUILD_ROOT%{_libdir}/libipsec.{a,la} \
      $RPM_BUILD_ROOT%{_libdir}/libracoon.{a,la} \
      $RPM_BUILD_ROOT%{_includedir} \
      $RPM_BUILD_ROOT%{_mandir}/man3

install -m 600 %{SOURCE3} \
  $RPM_BUILD_ROOT%{_sysconfdir}/racoon/racoon.conf
install -m 600 %{SOURCE4} \
  $RPM_BUILD_ROOT%{_sysconfdir}/racoon/psk.txt
install -m 755 %{SOURCE7} \
  $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/racoon
install -m 600 %{SOURCE8} \
  $RPM_BUILD_ROOT%{_sysconfdir}/ipsec.conf

mv $RPM_BUILD_ROOT%{_sbindir}/setkey $RPM_BUILD_ROOT/sbin

mkdir -m 0700 -p $RPM_BUILD_ROOT%{_sysconfdir}/racoon/certs

%clean
rm -rf $RPM_BUILD_ROOT

%files
%defattr(-,root,root)
%doc src/racoon/samples/racoon.conf src/racoon/samples/psk.txt
%doc src/racoon/doc/FAQ
%doc ChangeLog NEWS README
/sbin/*
%{_sbindir}/*
%{_mandir}/man*/*
%dir /etc/racoon
%dir /etc/racoon/certs
%dir /var/racoon
%config(noreplace) %{_sysconfdir}/racoon/psk.txt
%config(noreplace) %{_sysconfdir}/racoon/racoon.conf
%config %{_sysconfdir}/rc.d/init.d/racoon
%config(noreplace) %{_sysconfdir}/ipsec.conf

%changelog
* Sun Sep 28 2008 Shu KONNO <owa@bg.wakwak.com> 0.6.7-1vl5
- applied new versioning policy, spec in utf-8

* Sun Jun 10 2007 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 0.6.7-0vl1
- new upstream release (including security fix CVE-2007-1841)
- rebuilt with new toolchain

* Wed Feb 28 2007 Kunio Murasawa <murasawa@fa2.so-net.ne.jp> 0.6.6-1vl1
- initial build for Vine Linux

* Wed Jan 17 2007 Harald Hoyer <harald@redhat.com> - 0.6.6-1
- version 0.6.6

* Sun Oct 01 2006 Jesse Keating <jkeating@redhat.com> - 0.6.5-6
- rebuilt for unwind info generation, broken in gcc-4.1.1-21

* Mon Sep 25 2006 Harald Hoyer <harald@redhat.com> - 0.6.5-5
- added patch for selinux integration (bug #207159)

* Fri Aug  4 2006 Harald Hoyer <harald@redhat.com> - 0.6.5-4
- backport of important 0.6.6 fixes:
  - sets NAT-T ports to 0 if no NAT encapsulation
  - fixed memory leak

* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 0.6.5-3.1
- rebuild

* Wed Jun 21 2006 Harald Hoyer <harald@redhat.com> - 0.6.5-3
- more build requirements

* Tue Apr 18 2006 Dan Walsh <dwalsh@redhat.com> - 0.6.5-2
- Fix patch to build MLS Stuff correctly

* Tue Apr 18 2006 Dan Walsh <dwalsh@redhat.com> - 0.6.5-1
- Update to latest upstream version
- Add MLS Patch to allow use of labeled networks
- Patch provided by Joy Latten <latten@austin.ibm.com>

* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 0.6.4-1.1
- bump again for double-long bug on ppc(64)

* Tue Feb 07 2006 Harald Hoyer <harald@redhat.com> 0.6.4-1
- version 0.6.4

* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 0.6.3-1.2
- rebuilt for new gcc4.1 snapshot and glibc changes

* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
- rebuilt

* Mon Dec 05 2005 Harald Hoyer <harald@redhat.com> 0.6.3-1
- version 0.6.3, which contains fixes for various DoS problems

* Wed Nov  9 2005 Tomas Mraz <tmraz@redhat.com> 0.6.1-2
- rebuilt against new openssl

* Wed Oct 12 2005 Harald Hoyer <harald@redhat.com> 0.6.1-1
- version 0.6.1

* Mon Mar 28 2005 Bill Nottingham <notting@redhat.com> 0.5-4
- fix 64-bit issue in setph1attr() (<aviro@redhat.com>)

* Mon Mar 14 2005 Bill Nottingham <notting@redhat.com> 0.5-3
- add patch for DoS (CAN-2005-0398, #145532)

* Sat Mar  5 2005 Uwe Beck <ubeck@c3pdm.com> 0.5-2
- now racoon use /etc/racoon/racoon.conf as default
- add the /var/racoon directory for racoon.sock

* Wed Feb 23 2005 Bill Nottingham <notting@redhat.com> 0.5-1
- update to 0.5

* Thu Nov  4 2004 Bill Nottingham <notting@redhat.com> 0.3.3-2
- don't use new 0.3.3 handling of stdin in setkey; it breaks the
  format (#138105)

* Mon Sep 27 2004 Bill Nottingham <notting@redhat.com> 0.3.3-1
- update to 0.3.3 (#122211)

* Sun Aug 08 2004 Alan Cox <alan@redhat.com> 0.2.5-6
- fix buildreqs (Steve Grubb)

* Mon Jun 28 2004 Nalin Dahyabhai <nalin@redhat.com> 0.2.5-5
- rebuild

* Fri Jun 25 2004 Nalin Dahyabhai <nalin@redhat.com> 0.2.5-4
- backport certificate validation fixes from 0.3.3 (#126568)

* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt

* Wed Apr 14 2004 Bill Nottingham <notting@redhat.com> - 0.2.5-2
- add patch for potential remote DoS (CAN-2004-0403)

* Tue Apr  6 2004 Bill Nottingham <notting@redhat.com>
- update to 0.2.5

* Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt

* Mon Feb 23 2004 Bill Nottingham <notting@redhat.com>
- update to 0.2.4, fix racoon install location (#116374, <kajtzu@fi.basen.net>)

* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt

* Mon Dec  8 2003 Bill Nottingham <notting@redhat.com> 0.2.2-8
- rebuild

* Fri Aug 29 2003 Bill Nottingham <notting@redhat.com> 0.2.2-7
- add fix for #103238

* Tue Aug  5 2003 Bill Nottingham <notting@redhat.com> 0.2.2-6
- update kernel interface bits, rebuild against them

* Tue Jul 29 2003 Bill Nottingham <notting@redhat.com> 0.2.2-5
- rebuild

* Wed Jul  2 2003 Bill Notitngham <notting@redhat.com> 0.2.2-4
- ship a much more pared-down racoon.conf and psk.txt

* Thu Jun  5 2003 Bill Notitngham <notting@redhat.com> 0.2.2-3
- update pfkey header for current kernels

* Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com>
- rebuilt

* Fri May  2 2003 Bill Nottingham <notting@redhat.com> 0.2.2-1
- update to 0.2.2

* Fri Mar  7 2003 Bill Nottingham <notting@redhat.com>
- initial build