summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlex Legler <a3li@gentoo.org>2009-05-06 19:12:00 +0000
committerAlex Legler <a3li@gentoo.org>2009-05-06 19:12:00 +0000
commitd6f7efadc5c7d5e57b341ec32a0d50e0842622ee (patch)
tree0388231fb9db211de37034c5123d5bb3530328ac /net-firewall/ipsec-tools
parentStable for HPPA (bug #268196). (diff)
downloadhistorical-d6f7efadc5c7d5e57b341ec32a0d50e0842622ee.tar.gz
historical-d6f7efadc5c7d5e57b341ec32a0d50e0842622ee.tar.bz2
historical-d6f7efadc5c7d5e57b341ec32a0d50e0842622ee.zip
Removing vulnerable versions wrt bug 267135.
Package-Manager: portage-2.2_rc32/cvs/Linux x86_64
Diffstat (limited to 'net-firewall/ipsec-tools')
-rw-r--r--net-firewall/ipsec-tools/ChangeLog8
-rw-r--r--net-firewall/ipsec-tools/Manifest16
-rw-r--r--net-firewall/ipsec-tools/ipsec-tools-0.6.7.ebuild262
-rw-r--r--net-firewall/ipsec-tools/ipsec-tools-0.7.1.ebuild270
4 files changed, 17 insertions, 539 deletions
diff --git a/net-firewall/ipsec-tools/ChangeLog b/net-firewall/ipsec-tools/ChangeLog
index 6efd9a955005..54a7c5a9fadc 100644
--- a/net-firewall/ipsec-tools/ChangeLog
+++ b/net-firewall/ipsec-tools/ChangeLog
@@ -1,6 +1,10 @@
# ChangeLog for net-firewall/ipsec-tools
-# Copyright 2000-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ChangeLog,v 1.71 2009/04/26 14:09:04 ranger Exp $
+# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ChangeLog,v 1.72 2009/05/06 19:12:00 a3li Exp $
+
+ 06 May 2009; Alex Legler <a3li@gentoo.org> -ipsec-tools-0.6.7.ebuild,
+ -ipsec-tools-0.7.1.ebuild:
+ Non-Maintainer-Commit: Removing vulnerable versions wrt bug #267135.
26 Apr 2009; Brent Baude <ranger@gentoo.org> ipsec-tools-0.7.2.ebuild:
Marking ipsec-tools-0.7.2 ppc for bug 267135
diff --git a/net-firewall/ipsec-tools/Manifest b/net-firewall/ipsec-tools/Manifest
index 7f7e7119e340..e6d613959113 100644
--- a/net-firewall/ipsec-tools/Manifest
+++ b/net-firewall/ipsec-tools/Manifest
@@ -1,10 +1,16 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
AUX racoon.conf.d 621 RMD160 773a21f70bd4786eb6758f052bb54cc40273c259 SHA1 1291dbe1639cbb72a161e3af727c9c65c6ae0132 SHA256 bc7cf9c0fe8bd5f99c9353aa3c19e3314b3da21a7a2138fc6e901375be21b109
AUX racoon.init.d 1314 RMD160 14fd9ea02fdb20d13a0e3284e1f1e468117247f2 SHA1 41cb71c0354d632ad35565dbf98a26364b592d56 SHA256 7c9447197032b30a2cb76a62179a3b0ef3768870c340adf4743976e7d65eba75
-DIST ipsec-tools-0.6.7.tar.bz2 723032 RMD160 97c27922f5be941fd6c69e35e69bed921b9f13e7 SHA1 ed3a6566409c506d5a7cd82cf263a5b8df3fad55 SHA256 4239f836dc610a2443ded7ba35cb3b87de9d582c800e5d9eb5eed37defd61ef2
-DIST ipsec-tools-0.7.1.tar.bz2 784046 RMD160 98c5bb292006fb49eb78133059ee74d0dd3b8122 SHA1 7a2ef71ece73710bf9a5ef2f63aacfcea1c58efb SHA256 ca9895808d354cc3e1c114687bb66a5f8efac2c6c42fce39687b369624c62fc0
DIST ipsec-tools-0.7.2.tar.bz2 792731 RMD160 77dfa746efe69f956bd3a3369412edc06e6f2a3d SHA1 c9727d6bc99e4e1d390d3959b2712e6e92f29f81 SHA256 08722ff6c62de3e042fef337454f03622a79053108d6dcc686c9c854f9f9e031
-EBUILD ipsec-tools-0.6.7.ebuild 8292 RMD160 858e01df1a89602ebd7bdec89248817b0793bd10 SHA1 17532d5fe99d32258872f0ec664dfa8a68d5479e SHA256 4412ca3d2c4ce34e4838f9be4b5bc7a0fe81bd49d84b2bbd7163638a3c3d6e89
-EBUILD ipsec-tools-0.7.1.ebuild 8266 RMD160 2d7f5df13e503a98e9c421c29b3226749aaca9eb SHA1 42289e77a04d82993314e4d317a2c2229abbc6b0 SHA256 df38c03d8e2305624dcde0d3fc59452916800a226637ef9f77f3705c0311e73e
EBUILD ipsec-tools-0.7.2.ebuild 8262 RMD160 3974d9b62f76402c043ca4fe5e7ebeb48b7f8499 SHA1 b51ef1d6688d960108d7481292dbcd071a3f85d7 SHA256 e61aff73dba5dde6794a6f8e8bdcf0a227bab77337954a4bcce05445c0a12f68
-MISC ChangeLog 11307 RMD160 fa9669d0b14d2d4478add7fe1428dcb461f61e83 SHA1 86f83c936b8662babc270b1c681fa1fbb3546721 SHA256 1338567dc9b3328d769c288ebbd63930b67beafe2361bcd27256b3db24c64ad9
+MISC ChangeLog 11478 RMD160 0ffb71d279667cddc536565ab2ef9fd8ccf3019b SHA1 7dae9e0003cea24657414487fac86695255b7ce9 SHA256 c0059254dd9facec47f74caef79e6171a64c4105c8d53d2d69f8039c43500a45
MISC metadata.xml 524 RMD160 351bb5819013ef3b7ec49fe70d22f363490a5ba1 SHA1 681504ef57886ed098e7bd5b13363c31fc7ce750 SHA256 b6818c278dcc159f496cadff08d546d6971be255cb4353728a08e03f2fbc47ef
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.11 (GNU/Linux)
+
+iEYEARECAAYFAkoB4RMACgkQk3qunHEll7O+9gCgmxzwMzKbuVhjKQzONOCTIlf8
+X98An2CE08edNk5wBVI4uEs+SAh9ZZUj
+=5z1m
+-----END PGP SIGNATURE-----
diff --git a/net-firewall/ipsec-tools/ipsec-tools-0.6.7.ebuild b/net-firewall/ipsec-tools/ipsec-tools-0.6.7.ebuild
deleted file mode 100644
index 205aca849c7f..000000000000
--- a/net-firewall/ipsec-tools/ipsec-tools-0.6.7.ebuild
+++ /dev/null
@@ -1,262 +0,0 @@
-# Copyright 1999-2008 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.6.7.ebuild,v 1.13 2008/06/06 23:53:31 swegener Exp $
-
-inherit eutils flag-o-matic autotools linux-info
-
-DESCRIPTION="A port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation"
-HOMEPAGE="http://ipsec-tools.sourceforge.net/"
-SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
-
-LICENSE="BSD"
-SLOT="0"
-KEYWORDS="amd64 ppc sparc x86"
-IUSE="idea ipv6 pam rc5 readline selinux ldap kerberos nat hybrid iconv"
-
-# FIXME: what is the correct syntax for ~sparc ???
-DEPEND="!sparc? ( >=sys-kernel/linux-headers-2.6 )
- readline? ( sys-libs/readline )
- pam? ( sys-libs/pam )
- ldap? ( net-nds/openldap )
- kerberos? ( virtual/krb5 )
- >=dev-libs/openssl-0.9.8
- iconv? ( virtual/libiconv )"
-# radius? ( net-dialup/gnuradius )
-
-RDEPEND="${DEPEND}
- selinux? ( sec-policy/selinux-ipsec-tools )"
-
-# {{{ kernel_check()
-kernel_check() {
- get_version
- if kernel_is 2 6 ; then
- if test "${KV_PATCH}" -ge 19 ; then
- # Just for kernel >=2.6.19
- ebegin "Checking for suitable kernel configuration (Networking | Networking support | Networking options)"
-
- if use nat ; then
- if ! { linux_chkconfig_present NETFILTER_XT_MATCH_POLICY; } ; then
- ewarn "[NETFILTER_XT_MATCH_POLICY] IPsec policy match support is NOT enabled"
- eerror "${P} won't compile with use nat traversal (USE=nat) until you enable NETFILTER_XT_MATCH_POLICY in your kernel"
- die
- else
- einfo "....[NETFILTER_XT_MATCH_POLICY] IPsec policy match support is enabled :-)"
- fi
- fi
- # {{{ general stuff
- if ! { linux_chkconfig_present XFRM_USER; }; then
- ewarn "[XFRM_USER] Transformation user configuration interface is NOT enabled."
- else
- einfo "....[XFRM_USER] Transformation user configuration interface is enabled :-)"
- fi
-
- if ! { linux_chkconfig_present NET_KEY; }; then
- ewarn "[NET_KEY] PF_KEY sockets is NOT enabled."
- else
- einfo "....[NET_KEY] PF_KEY sockets is enabled :-)"
- fi
- # }}}
- # {{{ IPv4 stuff
- if ! { linux_chkconfig_present INET_IPCOMP; }; then
- ewarn "[INET_IPCOMP] IP: IPComp transformation is NOT enabled"
- else
- einfo "....[INET_IPCOMP] IP: IPComp transformation is enabled :-)"
- fi
-
- if ! { linux_chkconfig_present INET_AH; }; then
- ewarn "[INET_AH] AH Transformation is NOT enabled."
- else
- einfo "....[INET_AH] AH Transformation is enabled :-)"
- fi
-
- if ! { linux_chkconfig_present INET_ESP; }; then
- ewarn "[INET_ESP] ESP Transformation is NOT enabled."
- else
- einfo "....[INET_ESP] ESP Transformation is enabled :-)"
- fi
-
- if ! { linux_chkconfig_present INET_XFRM_MODE_TRANSPORT; }; then
- ewarn "[INET_XFRM_MODE_TRANSPORT] IP: IPsec transport mode is NOT enabled."
- else
- einfo "....[INET_XFRM_MODE_TRANSPORT] IP: IPsec transport mode is enabled :-)"
- fi
-
- if ! { linux_chkconfig_present INET_XFRM_MODE_TUNNEL; }; then
- ewarn "[INET_XFRM_MODE_TUNNEL] IP: IPsec tunnel mode is NOT enabled."
- else
- einfo "....[INET_XFRM_MODE_TUNNEL] IP: IPsec tunnel mode is enabled :-)"
- fi
-
- if ! { linux_chkconfig_present INET_XFRM_MODE_BEET; }; then
- ewarn "[INET_XFRM_MODE_BEET] IP: IPsec BEET mode is NOT enabled."
- else
- einfo "....[INET_XFRM_MODE_BEET] IP: IPsec BEET mode is enabled :-)"
- fi
- # }}}
- # {{{ IPv6 stuff
- if use ipv6 ; then
- if ! { linux_chkconfig_present INET6_IPCOMP; }; then
- ewarn "[INET6_IPCOMP] IPv6: IPComp transformation is NOT enabled"
- else
- einfo "....[INET6_IPCOMP] IPv6: IPComp transformation is enabled :-)"
- fi
-
- if ! { linux_chkconfig_present INET6_AH; }; then
- ewarn "[INET6_AH] IPv6: AH Transformation is NOT enabled."
- else
- einfo "....[INET6_AH] IPv6: AH Transformation is enabled :-)"
- fi
-
- if ! { linux_chkconfig_present INET6_ESP; }; then
- ewarn "[INET6_ESP] IPv6: ESP Transformation is NOT enabled."
- else
- einfo "....[INET6_ESP] IPv6: ESP Transformation is enabled :-)"
- fi
-
- if ! { linux_chkconfig_present INET6_XFRM_MODE_TRANSPORT; }; then
- ewarn "[INET6_XFRM_MODE_TRANSPORT] IPv6: IPsec transport mode is NOT enabled."
- else
- einfo "....[INET6_XFRM_MODE_TRANSPORT] IPv6: IPsec transport mode is enabled :-)"
- fi
-
- if ! { linux_chkconfig_present INET6_XFRM_MODE_TUNNEL; }; then
- ewarn "[INET6_XFRM_MODE_TUNNEL] IPv6: IPsec tunnel mode is NOT enabled."
- else
- einfo "....[INET6_XFRM_MODE_TUNNEL] IPv6: IPsec tunnel mode is enabled :-)"
- fi
-
- if ! { linux_chkconfig_present INET6_XFRM_MODE_BEET; }; then
- ewarn "[INET6_XFRM_MODE_BEET] IPv6: IPsec BEET mode is NOT enabled."
- else
- einfo "....[INET6_XFRM_MODE_BEET] IPv6: IPsec BEET mode is enabled :-)"
- fi
- fi
- # }}}
-
- eend $?
- fi
- fi
-}
-# }}}
-
-src_unpack() {
- unpack ${A}
- cd "${S}"
- # fix for bug #76741
- sed -i 's:#include <sys/sysctl.h>::' src/racoon/pfkey.c src/setkey/setkey.c
- # fix for bug #124813
- sed -i 's:-Werror::g' "${S}"/configure.ac
-
- AT_M4DIR="${S}" eautoreconf
- epunt_cxx
-}
-
-src_compile() {
- # fix for bug #61025
- filter-flags -march=c3
-
- kernel_check
-
- myconf="${myconf} --with-kernel-headers=${KV_DIR}/include"
-
- use nat && myconf="${myconf} --enable-natt --enable-natt-versions=yes"
-# myconf="${myconf} $(use_enable broken-natt)"
- myconf="${myconf} --enable-dependency-tracking $(use_enable ipv6)"
-# myconf="${myconf} $(use_enable adminport)"
- myconf="${myconf} $(use_enable rc5)"
- if use pam; then
- myconf="${myconf} --enable-hybrid"
- else
- myconf="${myconf} $(use_enable hybrid)"
- fi;
-# myconf="${myconf} $(use_enable dpd)"
-# myconf="${myconf} $(use_enable frag)"
-# myconf="${myconf} $(use_enable stats)"
-# myconf="${myconf} $(use_enable fastquit)"
-# myconf="${myconf} $(use_enable security-context)"
- myconf="${myconf} --enable-dpd --enable-frag --enable-stats --enable-fastquit"
- myconf="${myconf} --enable-adminport --enable-security-context"
- myconf="${myconf} $(use_enable idea)"
- myconf="${myconf} $(use_enable kerberos gssapi)"
-
- # dev-libs/libiconv is hard masked
- #use iconv && myconf="${myconf} $(use_with iconv libiconv)"
- myconf="${myconf} $(use_with ldap libldap)"
- myconf="${myconf} $(use_with pam libpam)"
-
- # the default (/usr/include/openssl/) is OK for Gentoo, leave it
- # myconf="${myconf} $(use_with ssl openssl )"
-
- # No way to get it compiling with freeradius or gnuradius
- # We need libradius wich only exist on FreeBSD
- #use radius && myconf="${myconf} $(use_with radius libradius )"
-
- use readline && myconf="${myconf} $(use_with readline )"
-
- # See bug #77369
- #myconf="${myconf} --enable-samode-unspec"
-
- econf ${myconf} || die
- emake -j1 || die
-
-}
-
-src_install() {
- emake DESTDIR="${D}" install || die
- keepdir /var/lib/racoon
- newconfd "${FILESDIR}"/racoon.conf.d racoon
- newinitd "${FILESDIR}"/racoon.init.d racoon
-
- dodoc ChangeLog README NEWS
- dodoc src/racoon/samples/*
- dodoc src/racoon/doc/*
-
- docinto roadwarrior
- dodoc src/racoon/samples/roadwarrior/*
-
- docinto roadwarrior/client
- dodoc src/racoon/samples/roadwarrior/client/*
- docinto roadwarrior/server
- dodoc src/racoon/samples/roadwarrior/server/*
-
- docinto setkey
- dodoc src/setkey/sample.cf
-
- dodir /etc/racoon
-
- # RFC are only available from CVS for the moment, see einfo below
- #docinto "rfc"
- #dodoc ${S}/src/racoon/rfc/*
-}
-
-pkg_postinst() {
- if use nat; then
- elog
- elog " You have enabled the nat traversal functionnality."
- elog " Nat versions wich are enabled by default are 00,02,rfc"
- elog " you can find those drafts in the CVS repository:"
- elog "cvs -d anoncvs@anoncvs.netbsd.org:/cvsroot co ipsec-tools"
- elog
- elog "If you feel brave enough and you know what you are"
- elog "doing, you can consider emerging this ebuild"
- elog "with"
- elog "EXTRA_ECONF=\"--enable-natt-versions=08,07,06\""
- elog
- fi;
-
- if use ldap; then
- elog
- elog " You have enabled ldap support with {$PN}."
- elog " The man page does NOT contain any information on it yet."
- elog " Consider to use a more recent version or CVS"
- elog
- fi;
-
- elog
- elog "Please have a look in /usr/share/doc/${P} and visit"
- elog "http://www.netbsd.org/Documentation/network/ipsec/"
- elog "to find a lot of information on how to configure this great tool."
- elog
-}
-
-# vim: set foldmethod=marker nowrap :
diff --git a/net-firewall/ipsec-tools/ipsec-tools-0.7.1.ebuild b/net-firewall/ipsec-tools/ipsec-tools-0.7.1.ebuild
deleted file mode 100644
index 945b8af6e902..000000000000
--- a/net-firewall/ipsec-tools/ipsec-tools-0.7.1.ebuild
+++ /dev/null
@@ -1,270 +0,0 @@
-# Copyright 1999-2008 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.7.1.ebuild,v 1.5 2008/10/16 18:15:57 dertobi123 Exp $
-
-inherit eutils flag-o-matic autotools linux-info
-
-DESCRIPTION="A port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation"
-HOMEPAGE="http://ipsec-tools.sourceforge.net/"
-SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
-
-LICENSE="BSD"
-SLOT="0"
-KEYWORDS="amd64 ppc sparc x86"
-IUSE="idea ipv6 pam rc5 readline selinux ldap kerberos nat hybrid iconv selinux"
-
-# FIXME: what is the correct syntax for ~sparc ???
-DEPEND="!sparc? ( >=sys-kernel/linux-headers-2.6 )
- readline? ( sys-libs/readline )
- pam? ( sys-libs/pam )
- ldap? ( net-nds/openldap )
- kerberos? ( virtual/krb5 )
- >=dev-libs/openssl-0.9.8
- iconv? ( virtual/libiconv )
- selinux? ( sys-libs/libselinux )"
-# radius? ( net-dialup/gnuradius )
-
-RDEPEND="${DEPEND}
- selinux? ( sec-policy/selinux-ipsec-tools )"
-
-# {{{ kernel_check()
-kernel_check() {
- get_version
- if kernel_is 2 6 ; then
- if test "${KV_PATCH}" -ge 19 ; then
- # Just for kernel >=2.6.19
- ebegin "Checking for suitable kernel configuration (Networking | Networking support | Networking options)"
-
- if use nat ; then
- if ! { linux_chkconfig_present NETFILTER_XT_MATCH_POLICY; } ; then
- ewarn "[NETFILTER_XT_MATCH_POLICY] IPsec policy match support is NOT enabled"
- eerror "${P} won't compile with use nat traversal (USE=nat) until you enable NETFILTER_XT_MATCH_POLICY in your kernel"
- die
- else
- einfo "....[NETFILTER_XT_MATCH_POLICY] IPsec policy match support is enabled :-)"
- fi
- fi
- # {{{ general stuff
- if ! { linux_chkconfig_present XFRM_USER; }; then
- ewarn "[XFRM_USER] Transformation user configuration interface is NOT enabled."
- else
- einfo "....[XFRM_USER] Transformation user configuration interface is enabled :-)"
- fi
-
- if ! { linux_chkconfig_present NET_KEY; }; then
- ewarn "[NET_KEY] PF_KEY sockets is NOT enabled."
- else
- einfo "....[NET_KEY] PF_KEY sockets is enabled :-)"
- fi
- # }}}
- # {{{ IPv4 stuff
- if ! { linux_chkconfig_present INET_IPCOMP; }; then
- ewarn "[INET_IPCOMP] IP: IPComp transformation is NOT enabled"
- else
- einfo "....[INET_IPCOMP] IP: IPComp transformation is enabled :-)"
- fi
-
- if ! { linux_chkconfig_present INET_AH; }; then
- ewarn "[INET_AH] AH Transformation is NOT enabled."
- else
- einfo "....[INET_AH] AH Transformation is enabled :-)"
- fi
-
- if ! { linux_chkconfig_present INET_ESP; }; then
- ewarn "[INET_ESP] ESP Transformation is NOT enabled."
- else
- einfo "....[INET_ESP] ESP Transformation is enabled :-)"
- fi
-
- if ! { linux_chkconfig_present INET_XFRM_MODE_TRANSPORT; }; then
- ewarn "[INET_XFRM_MODE_TRANSPORT] IP: IPsec transport mode is NOT enabled."
- else
- einfo "....[INET_XFRM_MODE_TRANSPORT] IP: IPsec transport mode is enabled :-)"
- fi
-
- if ! { linux_chkconfig_present INET_XFRM_MODE_TUNNEL; }; then
- ewarn "[INET_XFRM_MODE_TUNNEL] IP: IPsec tunnel mode is NOT enabled."
- else
- einfo "....[INET_XFRM_MODE_TUNNEL] IP: IPsec tunnel mode is enabled :-)"
- fi
-
- if ! { linux_chkconfig_present INET_XFRM_MODE_BEET; }; then
- ewarn "[INET_XFRM_MODE_BEET] IP: IPsec BEET mode is NOT enabled."
- else
- einfo "....[INET_XFRM_MODE_BEET] IP: IPsec BEET mode is enabled :-)"
- fi
- # }}}
- # {{{ IPv6 stuff
- if use ipv6 ; then
- if ! { linux_chkconfig_present INET6_IPCOMP; }; then
- ewarn "[INET6_IPCOMP] IPv6: IPComp transformation is NOT enabled"
- else
- einfo "....[INET6_IPCOMP] IPv6: IPComp transformation is enabled :-)"
- fi
-
- if ! { linux_chkconfig_present INET6_AH; }; then
- ewarn "[INET6_AH] IPv6: AH Transformation is NOT enabled."
- else
- einfo "....[INET6_AH] IPv6: AH Transformation is enabled :-)"
- fi
-
- if ! { linux_chkconfig_present INET6_ESP; }; then
- ewarn "[INET6_ESP] IPv6: ESP Transformation is NOT enabled."
- else
- einfo "....[INET6_ESP] IPv6: ESP Transformation is enabled :-)"
- fi
-
- if ! { linux_chkconfig_present INET6_XFRM_MODE_TRANSPORT; }; then
- ewarn "[INET6_XFRM_MODE_TRANSPORT] IPv6: IPsec transport mode is NOT enabled."
- else
- einfo "....[INET6_XFRM_MODE_TRANSPORT] IPv6: IPsec transport mode is enabled :-)"
- fi
-
- if ! { linux_chkconfig_present INET6_XFRM_MODE_TUNNEL; }; then
- ewarn "[INET6_XFRM_MODE_TUNNEL] IPv6: IPsec tunnel mode is NOT enabled."
- else
- einfo "....[INET6_XFRM_MODE_TUNNEL] IPv6: IPsec tunnel mode is enabled :-)"
- fi
-
- if ! { linux_chkconfig_present INET6_XFRM_MODE_BEET; }; then
- ewarn "[INET6_XFRM_MODE_BEET] IPv6: IPsec BEET mode is NOT enabled."
- else
- einfo "....[INET6_XFRM_MODE_BEET] IPv6: IPsec BEET mode is enabled :-)"
- fi
- if ! { linux_chkconfig_present CRYPTO_NULL; }; then
- ewarn "[CRYPTO_NULL] Crypto: NULL algorithm is NOT enabled"
- else
- einfo "....[CRYPTO_NULL] Cyrpto: Crypto NULL algorithm enabled :-)"
- fi
-fi
- # }}}
-
- eend $?
- fi
- fi
-}
-# }}}
-
-src_unpack() {
- unpack ${A}
- cd "${S}"
- # fix for bug #76741
- sed -i 's:#include <sys/sysctl.h>::' src/racoon/pfkey.c src/setkey/setkey.c
- # fix for bug #124813
- sed -i 's:-Werror::g' "${S}"/configure.ac
-
- AT_M4DIR="${S}" eautoreconf
- epunt_cxx
-}
-
-src_compile() {
- # fix for bug #61025
- filter-flags -march=c3
-
- kernel_check
-
- myconf="--with-kernel-headers=${KV_DIR}/include \
- --enable-dependency-tracking \
- --enable-dpd \
- --enable-frag \
- --enable-stats \
- --enable-fastquit \
- --enable-stats \
- --enable-adminport \
- $(use_enable ipv6) \
- $(use_enable rc5) \
- $(use_enable idea) \
- $(use_with readline)
- $(use_enable kerberos gssapi) \
- $(use_with ldap libldap) \
- $(use_with pam libpam)"
-
-# we do not want broken-natt from the kernel
-# myconf="${myconf} $(use_enable broken-natt)"
- use nat && myconf="${myconf} --enable-natt --enable-natt-versions=yes"
-
- # we only need security-context when using selinux
- myconf="${myconf} $(use_enable selinux security-context)"
-
- # enable mode-cfg and xauth support
- if use pam; then
- myconf="${myconf} --enable-hybrid"
- else
- myconf="${myconf} $(use_enable hybrid)"
- fi
-
- # dev-libs/libiconv is hard masked
- #use iconv && myconf="${myconf} $(use_with iconv libiconv)"
-
- # the default (/usr/include/openssl/) is OK for Gentoo, leave it
- # myconf="${myconf} $(use_with ssl openssl )"
-
- # No way to get it compiling with freeradius or gnuradius
- # We would need libradius which only exists on FreeBSD
-
- # See bug #77369
- #myconf="${myconf} --enable-samode-unspec"
-
- econf ${myconf} || die
- emake -j1 || die
-}
-
-src_install() {
- emake DESTDIR="${D}" install || die
- keepdir /var/lib/racoon
- newconfd "${FILESDIR}"/racoon.conf.d racoon
- newinitd "${FILESDIR}"/racoon.init.d racoon
-
- dodoc ChangeLog README NEWS
- dodoc src/racoon/samples/*
- dodoc src/racoon/doc/*
-
- docinto roadwarrior
- dodoc src/racoon/samples/roadwarrior/*
-
- docinto roadwarrior/client
- dodoc src/racoon/samples/roadwarrior/client/*
- docinto roadwarrior/server
- dodoc src/racoon/samples/roadwarrior/server/*
-
- docinto setkey
- dodoc src/setkey/sample.cf
-
- dodir /etc/racoon
-
- # RFC are only available from CVS for the moment, see einfo below
- #docinto "rfc"
- #dodoc ${S}/src/racoon/rfc/*
-}
-
-pkg_postinst() {
- if use nat; then
- elog
- elog " You have enabled the nat traversal functionnality."
- elog " Nat versions wich are enabled by default are 00,02,rfc"
- elog " you can find those drafts in the CVS repository:"
- elog "cvs -d anoncvs@anoncvs.netbsd.org:/cvsroot co ipsec-tools"
- elog
- elog "If you feel brave enough and you know what you are"
- elog "doing, you can consider emerging this ebuild"
- elog "with"
- elog "EXTRA_ECONF=\"--enable-natt-versions=08,07,06\""
- elog
- fi;
-
- if use ldap; then
- elog
- elog " You have enabled ldap support with {$PN}."
- elog " The man page does NOT contain any information on it yet."
- elog " Consider to use a more recent version or CVS"
- elog
- fi;
-
- elog
- elog "Please have a look in /usr/share/doc/${P} and visit"
- elog "http://www.netbsd.org/Documentation/network/ipsec/"
- elog "to find a lot of information on how to configure this great tool."
- elog
-}
-
-# vim: set foldmethod=marker nowrap :