Djam/strongswan
1
0
Fork 0
mirror of https://abf.rosa.ru/djam/strongswan.git synced 2025-02-23 14:02:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Use configure2_5x macro

Browse source 
Spec cleanup
This commit is contained in:
Andrey Bondrov 2016-12-02 19:06:04 +10:00
parent f10dde7701
commit 0b141c5d2f
1 changed files with 137 additions and 136 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

273
strongswan.spec
View file

@ -1,25 +1,24 @@
#%%define Werror_cflags %nil #%%define Werror_cflags %nil
%define _disable_ld_no_undefined 1 %define _disable_ld_no_undefined 1
%bcond_without nm
%bcond_without nm
Summary: IPSEC implementation Summary: IPSEC implementation
Name: strongswan Name: strongswan
Version: 5.5.0 Version: 5.5.0
Release: 1 Release: 2
License: GPLv2+ License: GPLv2+
URL: https://www.strongswan.org/
Source0: http://download.strongswan.org/%{name}-%{version}.tar.bz2
Group: System/Servers Group: System/Servers
Url: https://www.strongswan.org/
BuildRequires: gmp-devel Source0: http://download.strongswan.org/%{name}-%{version}.tar.bz2
BuildRequires: curl-devel BuildRequires: gettext-devel
BuildRequires: openldap-devel BuildRequires: gmp-devel
BuildRequires: openssl-devel BuildRequires: openldap-devel
BuildRequires: sqlite-devel BuildRequires: trousers-devel
BuildRequires: gettext-devel BuildRequires: pkgconfig(libcurl)
BuildRequires: trousers-devel
BuildRequires: pkgconfig(libxml-2.0) BuildRequires: pkgconfig(libxml-2.0)
BuildRequires: pkgconfig(openssl)
BuildRequires: pkgconfig(sqlite3)
BuildRequires: pkgconfig(systemd) BuildRequires: pkgconfig(systemd)
%if %{with nm} %if %{with nm}
BuildRequires: pkgconfig(NetworkManager) BuildRequires: pkgconfig(NetworkManager)
@ -40,120 +39,6 @@ tunnel is a virtual private network or VPN.
This package contains the daemons and userland tools for setting up This package contains the daemons and userland tools for setting up
FreeS/WAN on a freeswan enabled kernel. FreeS/WAN on a freeswan enabled kernel.
%if %{with nm}
%package charon-nm
Summary: NetworkManager plugin for Strongswan
Group: System/Servers
%description charon-nm
NetworkManager plugin integrates a subset of Strongswan capabilities
to NetworkManager.
%endif
%package tnc-imcvs
Summary: Trusted network connect (TNC)'s IMC/IMV functionality
Group: System/Servers
Requires: %{name} = %{version}
%description tnc-imcvs
This package provides Trusted Network Connect's (TNC) IMC and IMV
functionality. Specifically it includes PTS based IMC/IMV for TPM based
remote attestation and scanner and test IMCs and IMVs. The Strongswan's
IMC/IMV dynamic libraries can be used by any third party TNC Client/Server
implementation possessing a standard IF-IMC/IMV interface.
%prep
%setup -q
# %apply_patches
%build
libtoolize --install --copy --force --automake
aclocal -I m4
autoconf
autoheader
automake --add-missing --copy
%serverbuild
%configure \
--disable-static \
--with-ipsec-script=%{name} \
--sysconfdir=%{_sysconfdir}/%{name} \
--with-ipsecdir=%{_libexecdir}/%{name} \
--with-ipseclibdir=%{_libdir}/%{name} \
--with-fips-mode=2 \
--with-tss=trousers \
--enable-openssl \
--enable-md4 \
--enable-xauth-eap \
--enable-eap-md5 \
--enable-eap-gtc \
--enable-eap-tls \
--enable-eap-ttls \
--enable-eap-peap \
--enable-eap-mschapv2 \
--enable-farp \
--enable-dhcp \
--enable-sqlite \
--enable-tnc-ifmap \
--enable-tnc-pdp \
--enable-imc-test \
--enable-imv-test \
--enable-imc-scanner \
--enable-imv-scanner \
--enable-imc-attestation \
--enable-imv-attestation \
--enable-imv-os \
--enable-imc-os \
--enable-eap-tnc \
--enable-tnccs-20 \
--enable-tnccs-11 \
--enable-tnccs-dynamic \
--enable-tnc-imc \
--enable-tnc-imv \
--enable-eap-radius \
--enable-curl \
--enable-eap-identity \
%if %{with nm}
--enable-nm \
%endif
%make
sed -i 's/\t/ /' src/starter/ipsec.conf
%install
%makeinstall_std
# prefix man pages
for i in %{buildroot}%{_mandir}/*/*; do
if echo "$i" | grep -vq '/%{name}[^\/]*$'; then
mv "$i" "`echo "$i" | sed -re 's|/([^/]+)$|/%{name}_\1|'`"
fi
done
# delete unwanted library files
rm %{buildroot}%{_libdir}/%{name}/*.so
find %{buildroot} -type f -name '*.la' -delete
# fix config permissions
chmod 644 %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf
# protect configuration from ordinary user's eyes
chmod 700 %{buildroot}%{_sysconfdir}/%{name}
# Create ipsec.d directory tree.
install -d -m 700 %{buildroot}%{_sysconfdir}/%{name}/ipsec.d
for i in aacerts acerts certs cacerts crls ocspcerts private reqs; do
install -d -m 700 %{buildroot}%{_sysconfdir}/%{name}/ipsec.d/${i}
done
%post
%_post_service %{name}
%preun
%_preun_service %{name}
#%postun
#%_postun_userdel strongswan
%files %files
%doc README COPYING NEWS TODO %doc README COPYING NEWS TODO
%dir %{_sysconfdir}/%{name} %dir %{_sysconfdir}/%{name}
@ -161,12 +46,12 @@ done
%config(noreplace) %{_sysconfdir}/%{name}/ipsec.conf %config(noreplace) %{_sysconfdir}/%{name}/ipsec.conf
%config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf %config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf
%{_unitdir}/%{name}.service %{_unitdir}/%{name}.service
/etc/%{name}/%{name}.d %{_sysconfdir}/%{name}/%{name}.d
/etc/%{name}/swanctl %{_sysconfdir}/%{name}/swanctl
/usr/share/%{name}/templates/config/plugins/*.conf %{_datadir}/%{name}/templates/config/plugins/*.conf
/usr/share/%{name}/templates/config/%{name}.conf %{_datadir}/%{name}/templates/config/%{name}.conf
/usr/share/%{name}/templates/config/%{name}.d/*.conf %{_datadir}/%{name}/templates/config/%{name}.d/*.conf
/usr/share/%{name}/templates/database/imv/*.sql %{_datadir}/%{name}/templates/database/imv/*.sql
%{_libdir}/%{name}/libcharon.so.0 %{_libdir}/%{name}/libcharon.so.0
%{_libdir}/%{name}/libcharon.so.0.0.0 %{_libdir}/%{name}/libcharon.so.0.0.0
%{_libdir}/%{name}/libtls.so.0 %{_libdir}/%{name}/libtls.so.0
@ -247,6 +132,45 @@ done
%{_mandir}/man8/%{name}_scepclient.8.* %{_mandir}/man8/%{name}_scepclient.8.*
%{_mandir}/man8/%{name}_swanctl.8.* %{_mandir}/man8/%{name}_swanctl.8.*
%post
%_post_service %{name}
%preun
%_preun_service %{name}
#%postun
#%_postun_userdel strongswan
#----------------------------------------------------------------------------
%if %{with nm}
%package charon-nm
Summary: NetworkManager plugin for Strongswan
Group: System/Servers
%description charon-nm
NetworkManager plugin integrates a subset of Strongswan capabilities
to NetworkManager.
%files charon-nm
%doc COPYING
%{_libexecdir}/%{name}/charon-nm
%endif
#----------------------------------------------------------------------------
%package tnc-imcvs
Summary: Trusted network connect (TNC)'s IMC/IMV functionality
Group: System/Servers
Requires: %{name} = %{version}
%description tnc-imcvs
This package provides Trusted Network Connect's (TNC) IMC and IMV
functionality. Specifically it includes PTS based IMC/IMV for TPM based
remote attestation and scanner and test IMCs and IMVs. The Strongswan's
IMC/IMV dynamic libraries can be used by any third party TNC Client/Server
implementation possessing a standard IF-IMC/IMV interface.
%files tnc-imcvs %files tnc-imcvs
%{_libdir}/%{name}/libimcv.so.0 %{_libdir}/%{name}/libimcv.so.0
%{_libdir}/%{name}/libimcv.so.0.0.0 %{_libdir}/%{name}/libimcv.so.0.0.0
@ -280,8 +204,85 @@ done
%{_libexecdir}/%{name}/attest %{_libexecdir}/%{name}/attest
%{_libexecdir}/%{name}/pacman %{_libexecdir}/%{name}/pacman
#----------------------------------------------------------------------------
%prep
%setup -q
#apply_patches
%build
libtoolize --install --copy --force --automake
aclocal -I m4
autoconf
autoheader
automake --add-missing --copy
%serverbuild
%configure2_5x \
--disable-static \
--with-ipsec-script=%{name} \
--sysconfdir=%{_sysconfdir}/%{name} \
--with-ipsecdir=%{_libexecdir}/%{name} \
--with-ipseclibdir=%{_libdir}/%{name} \
--with-fips-mode=2 \
--with-tss=trousers \
--enable-openssl \
--enable-md4 \
--enable-xauth-eap \
--enable-eap-md5 \
--enable-eap-gtc \
--enable-eap-tls \
--enable-eap-ttls \
--enable-eap-peap \
--enable-eap-mschapv2 \
--enable-farp \
--enable-dhcp \
--enable-sqlite \
--enable-tnc-ifmap \
--enable-tnc-pdp \
--enable-imc-test \
--enable-imv-test \
--enable-imc-scanner \
--enable-imv-scanner \
--enable-imc-attestation \
--enable-imv-attestation \
--enable-imv-os \
--enable-imc-os \
--enable-eap-tnc \
--enable-tnccs-20 \
--enable-tnccs-11 \
--enable-tnccs-dynamic \
--enable-tnc-imc \
--enable-tnc-imv \
--enable-eap-radius \
--enable-curl \
--enable-eap-identity \
%if %{with nm} %if %{with nm}
%files charon-nm --enable-nm \
%doc COPYING
%{_libexecdir}/%{name}/charon-nm
%endif %endif
%make
sed -i 's/\t/ /' src/starter/ipsec.conf
%install
%makeinstall_std
# prefix man pages
for i in %{buildroot}%{_mandir}/*/*; do
if echo "$i" | grep -vq '/%{name}[^\/]*$'; then
mv "$i" "`echo "$i" | sed -re 's|/([^/]+)$|/%{name}_\1|'`"
fi
done
# delete unwanted library files
rm %{buildroot}%{_libdir}/%{name}/*.so
find %{buildroot} -type f -name '*.la' -delete
# fix config permissions
chmod 644 %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf
# protect configuration from ordinary user's eyes
chmod 700 %{buildroot}%{_sysconfdir}/%{name}
# Create ipsec.d directory tree.
install -d -m 700 %{buildroot}%{_sysconfdir}/%{name}/ipsec.d
for i in aacerts acerts certs cacerts crls ocspcerts private reqs; do
install -d -m 700 %{buildroot}%{_sysconfdir}/%{name}/ipsec.d/${i}
done