commit ea0e07916823196b7bfd56ff0dcb43cbdb5be97f
Author: Rosa <rosa@rosa-build.rosalab.ru>
Date:   Wed Feb 1 19:44:52 2012 +0400

    Automatic import for version 4.5.2

diff --git a/.abf.yml b/.abf.yml
new file mode 100644
index 0000000..165b221
--- /dev/null
+++ b/.abf.yml
@@ -0,0 +1,2 @@
+sources:
+  "strongswan-4.5.2.tar.bz2": 11e8378681c9b6510a530015bddf55c1156f27ee
diff --git a/strongswan-4.5.2-format_not_a_string_literal_and_no_format_arguments.diff b/strongswan-4.5.2-format_not_a_string_literal_and_no_format_arguments.diff
new file mode 100644
index 0000000..c5750e3
--- /dev/null
+++ b/strongswan-4.5.2-format_not_a_string_literal_and_no_format_arguments.diff
@@ -0,0 +1,11 @@
+--- src/libcharon/plugins/stroke/stroke_ca.c.str	2011-05-25 14:49:41.000000000 +0200
++++ src/libcharon/plugins/stroke/stroke_ca.c	2011-05-25 14:49:57.000000000 +0200
+@@ -319,7 +319,7 @@
+ 	{
+ 		if (first)
+ 		{
+-			fprintf(out, label);
++			fprintf(out, "%s", label);
+ 			first = FALSE;
+ 		}
+ 		else
diff --git a/strongswan-4.5.2-link.patch b/strongswan-4.5.2-link.patch
new file mode 100644
index 0000000..99478c3
--- /dev/null
+++ b/strongswan-4.5.2-link.patch
@@ -0,0 +1,44 @@
+--- src/libhydra/Makefile.am.link	2011-05-25 14:34:21.000000000 +0200
++++ src/libhydra/Makefile.am	2011-05-25 14:35:11.000000000 +0200
+@@ -11,7 +11,7 @@
+ kernel/kernel_net.h \
+ kernel/kernel_listener.h
+ 
+-libhydra_la_LIBADD =
++libhydra_la_LIBADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
+ 
+ INCLUDES = -I$(top_srcdir)/src/libstrongswan
+ AM_CFLAGS = \
+--- src/libhydra/Makefile.in.link	2011-05-25 14:34:28.000000000 +0200
++++ src/libhydra/Makefile.in	2011-05-25 14:35:59.000000000 +0200
+@@ -339,7 +339,7 @@
+ 
+ libhydra_la_LIBADD = $(am__append_2) $(am__append_4) $(am__append_6) \
+ 	$(am__append_8) $(am__append_10) $(am__append_12) \
+-	$(am__append_14)
++	$(am__append_14) $(top_builddir)/src/libstrongswan/libstrongswan.la
+ INCLUDES = -I$(top_srcdir)/src/libstrongswan
+ AM_CFLAGS = \
+ -DIPSEC_DIR=\"${ipsecdir}\" \
+--- src/libcharon/Makefile.am.link	2011-05-25 14:46:59.000000000 +0200
++++ src/libcharon/Makefile.am	2011-05-25 14:48:10.000000000 +0200
+@@ -110,7 +110,7 @@
+ 	-DIPSEC_PIDDIR=\"${piddir}\" \
+ 	-DPLUGINS=\""${libcharon_plugins}\""
+ 
+-libcharon_la_LIBADD = -lm $(PTHREADLIB) $(DLLIB) $(SOCKLIB)
++libcharon_la_LIBADD = -lm $(PTHREADLIB) $(DLLIB) $(SOCKLIB) $(top_builddir)/src/libhydra/libhydra.la $(top_builddir)/src/libstrongswan/libstrongswan.la
+ 
+ EXTRA_DIST = Android.mk
+ 
+--- src/libcharon/Makefile.in.link	2011-05-25 14:47:07.000000000 +0200
++++ src/libcharon/Makefile.in	2011-05-25 14:48:27.000000000 +0200
+@@ -737,7 +737,7 @@
+ 	$(am__append_72) $(am__append_74) $(am__append_76) \
+ 	$(am__append_78) $(am__append_80) $(am__append_82) \
+ 	$(am__append_84) $(am__append_86) $(am__append_88) \
+-	$(am__append_90) $(am__append_92) $(am__append_94)
++	$(am__append_90) $(am__append_92) $(am__append_94) $(top_builddir)/src/libhydra/libhydra.la $(top_builddir)/src/libstrongswan/libstrongswan.la
+ EXTRA_DIST = Android.mk
+ @MONOLITHIC_FALSE@SUBDIRS = . $(am__append_3) $(am__append_5) \
+ @MONOLITHIC_FALSE@	$(am__append_7) $(am__append_9) \
diff --git a/strongswan.init b/strongswan.init
new file mode 100644
index 0000000..e0a8dcc
--- /dev/null
+++ b/strongswan.init
@@ -0,0 +1,132 @@
+#!/bin/sh
+# IPsec startup and shutdown script
+# Copyright (C) 1998, 1999, 2001  Henry Spencer.
+#
+# This program is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 2 of the License, or (at your
+# option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+# or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# for more details.
+#
+# RCSID $Id: setup,v 1.110 2001/06/20 15:55:13 henry Exp $
+#
+# ipsec         init.d script for starting and stopping
+#               the IPsec security subsystem (KLIPS and Pluto).
+#
+# This script becomes /etc/rc.d/init.d/ipsec (or possibly /etc/init.d/ipsec)
+# and is also accessible as "ipsec setup" (the preferred route for human
+# invocation).
+#
+# The startup and shutdown times are a difficult compromise (in particular,
+# it is almost impossible to reconcile them with the insanely early/late
+# times of NFS filesystem startup/shutdown).  Startup is after startup of
+# syslog and pcmcia support; shutdown is just before shutdown of syslog.
+#
+# chkconfig: 2345 47 68
+# description: IPsec provides encrypted and authenticated communications; \
+# KLIPS is the kernel half of it, Pluto is the user-level management daemon.
+
+me='ipsec setup'		# for messages
+
+if [ -f /etc/rc.d/init.d/functions ]
+then
+    . /etc/rc.d/init.d/functions
+    LOGGERMINUSS=""
+else
+    failure() {
+	echo $* >&2
+    }
+    LOGGERMINUSS="-s"
+fi
+
+if test " $IPSEC_DIR" = " "	# if we were not called by the ipsec command
+then
+	# we must establish a suitable PATH ourselves
+	PATH=/usr/local/sbin:/sbin:/usr/sbin:/usr/local/bin:/bin:/usr/bin
+	export PATH
+fi
+
+# Check that the ipsec command is available.
+found=
+for dir in `echo $PATH | tr ':' ' '`
+do
+	if test -f $dir/ipsec -a -x $dir/ipsec
+	then
+		found=yes
+		break			# NOTE BREAK OUT
+	fi
+done
+if ! test "$found"
+then
+	echo "cannot find ipsec command -- \`$1' aborted" |
+	exit 1
+fi
+
+# misc setup
+umask 022
+
+
+
+# do it
+case "$1" in
+  start|stop|_autostop|_autostart)
+        case $1 in
+	  start|_autostart) echo -n "Starting IPsec";;
+	  stop|_autostop) echo -n "Stopping IPsec";;
+        esac
+	if test " `id -u`" != " 0"
+	then
+		echo "permission denied (must be superuser)" |
+			logger $LOGGERMINUSS -p $IPSECsyslog -t ipsec_setup 2>&1
+			failure "ipsec startup"
+		exit 1
+	fi
+	tmp=/var/run/ipsec_setup.st
+	(
+		ipsec _realsetup $1
+		echo "$?" >$tmp
+	) 2>&1 | logger $LOGGERMINUSS -p $IPSECsyslog -t ipsec_setup 2>&1
+	st=`cat $tmp`
+	rm -f $tmp
+	if [ $st -ne 0 ]
+	then
+	    failure "ipsec startup"
+	fi
+	exit $st
+	;;
+
+  restart|--restart)
+	$0 stop
+	$0 start
+	;;
+
+  _autorestart)			# for internal use only
+	$0 _autostop
+	$0 _autostart
+	;;
+
+  status)
+	ipsec _realsetup $1
+	exit
+	;;
+
+  version)
+	echo "$me $IPSEC_VERSION"
+	exit 0
+	;;
+
+  help)
+	echo "Usage: $me {start|stop|restart|status}"
+	exit 0
+	;;
+
+  *)
+	echo "Usage: $me {start|stop|restart|status}" >&2
+	exit 2
+esac
+
+exit 0
diff --git a/strongswan.spec b/strongswan.spec
new file mode 100644
index 0000000..6f9c8e8
--- /dev/null
+++ b/strongswan.spec
@@ -0,0 +1,242 @@
+#%%define Werror_cflags %nil
+
+Summary:	StrongSWAN IPSEC implementation
+Name:		strongswan
+Version:	4.5.2
+Release:	%mkrel 1
+License:	GPL
+URL:		http://www.strongswan.org/
+Source0:	http://download.strongswan.org/%{name}-%{version}.tar.bz2
+Source1:	strongswan.init
+Patch0:		strongswan-4.5.2-format_not_a_string_literal_and_no_format_arguments.diff
+Patch1:		strongswan-4.5.2-link.patch
+Group:		System/Servers
+BuildRequires:	libgmp-devel
+BuildRequires:	libldap-devel
+BuildRequires:	libcurl-devel
+BuildRequires:	opensc-devel
+BuildRequires:  libxml2-devel
+BuildRequires:  libfcgi-devel
+Requires:	%{_lib}opensc3
+Requires(post): rpm-helper
+Requires(preun): rpm-helper
+BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-buildroot
+
+%description
+FreeS/WAN is a free implementation of IPSEC & IKE for Linux.  IPSEC is
+the Internet Protocol Security and uses strong cryptography to provide
+both authentication and encryption services.  These services allow you
+to build secure tunnels through untrusted networks.  Everything passing
+through the untrusted net is encrypted by the ipsec gateway machine and
+decrypted by the gateway at the other end of the tunnel.  The resulting
+tunnel is a virtual private network or VPN.
+
+This package contains the daemons and userland tools for setting up
+FreeS/WAN on a freeswan enabled kernel.
+
+%prep
+%setup -q -n %{name}-%{version}
+%patch0 -p0 -b .str
+%patch1 -p0 -b .link
+
+%build
+%serverbuild
+
+%configure2_5x \
+    --enable-smartcard \
+    --enable-cisco-quirks \
+    --enable-ldap \
+    --with-default-pkcs11=%{_libdir}/opensc-pkcs11.so
+
+%make
+
+%install
+rm -rf %{buildroot}
+
+install -d %{buildroot}%{_sysconfdir}/ipsec.d/{cacerts,crls,private,certs,acerts,aacerts,ocspcerts}
+install -d %{buildroot}%{_initrddir}
+install -d %{buildroot}/var/run/pluto
+
+
+make install DESTDIR=%{buildroot}
+
+# (fg) File is copied over here
+install -m0755 %{SOURCE1} %{buildroot}%{_initrddir}/ipsec
+
+#mv %{buildroot}%{_sysconfdir}/ipsec.conf %{buildroot}%{_sysconfdir}/%{source_name}/
+
+rm -f %{buildroot}%{_libdir}/lib*.{so,a,la}
+find  %{buildroot}%{_libdir}/ipsec -name "*.a" -o -name "*.la" | xargs -r rm -f
+
+#%pre
+#%_pre_useradd strongswan
+
+%post
+%_post_service ipsec
+
+
+%preun
+%_preun_service ipsec
+
+#%postun
+#%_postun_userdel strongswan
+
+#
+%clean
+rm -rf %{buildroot}
+
+%files
+%defattr(-,root,root,755)
+%doc TODO NEWS README COPYING CREDITS
+%attr(700,root,root) %dir %{_sysconfdir}/ipsec.d/
+%attr(700,root,root) %dir %{_sysconfdir}/ipsec.d/acerts
+%attr(700,root,root) %dir %{_sysconfdir}/ipsec.d/aacerts
+%attr(700,root,root) %dir %{_sysconfdir}/ipsec.d/ocspcerts
+%attr(700,root,root) %dir %{_sysconfdir}/ipsec.d/certs
+%attr(700,root,root) %dir %{_sysconfdir}/ipsec.d/cacerts
+%attr(700,root,root) %dir %{_sysconfdir}/ipsec.d/crls
+%attr(700,root,root) %dir %{_sysconfdir}/ipsec.d/private
+%config(noreplace) %{_sysconfdir}/ipsec.conf
+%{_initrddir}/ipsec
+%config(noreplace) %{_sysconfdir}/strongswan.conf
+/lib/systemd/system/strongswan.service
+%{_libdir}/ipsec
+%{_mandir}/man*/*
+%{_libdir}/lib*.so.*
+%{_sbindir}/ipsec
+
+
+%changelog
+* Wed May 25 2011 Funda Wang <fwang@mandriva.org> 4.5.2-1mdv2011.0
++ Revision: 678997
+- fix build
+- new version 4.5.2
+
+* Thu Dec 23 2010 Funda Wang <fwang@mandriva.org> 4.3.6-3mdv2011.0
++ Revision: 624023
+- update requires
+
+* Wed Dec 08 2010 Oden Eriksson <oeriksson@mandriva.com> 4.3.6-2mdv2011.0
++ Revision: 615010
+- the mass rebuild of 2010.1 packages
+
+* Fri Feb 12 2010 Frederik Himpe <fhimpe@mandriva.org> 4.3.6-1mdv2010.1
++ Revision: 505052
+- update to new version 4.3.6
+
+* Wed Feb 10 2010 Funda Wang <fwang@mandriva.org> 4.3.5-3mdv2010.1
++ Revision: 503626
+- rebuild for new gmp
+
+* Thu Feb 04 2010 Funda Wang <fwang@mandriva.org> 4.3.5-2mdv2010.1
++ Revision: 500815
+- fix opensc2 requires
+
+* Mon Nov 09 2009 Frederik Himpe <fhimpe@mandriva.org> 4.3.5-1mdv2010.1
++ Revision: 463623
+- update to new version 4.3.5
+
+* Wed Aug 19 2009 Frederik Himpe <fhimpe@mandriva.org> 4.3.4-1mdv2010.0
++ Revision: 417955
+- update to new version 4.3.4
+
+* Wed Jul 22 2009 Frederik Himpe <fhimpe@mandriva.org> 4.3.3-1mdv2010.0
++ Revision: 398490
+- update to new version 4.3.3
+
+* Mon Jun 22 2009 Frederik Himpe <fhimpe@mandriva.org> 4.3.2-1mdv2010.0
++ Revision: 388054
+- update to new version 4.3.2
+
+* Wed May 27 2009 Frederik Himpe <fhimpe@mandriva.org> 4.3.1-1mdv2010.0
++ Revision: 380247
+- update to new version 4.3.1
+
+* Tue Mar 31 2009 Oden Eriksson <oeriksson@mandriva.com> 4.2.14-1mdv2009.1
++ Revision: 362884
+- 4.2.14 (fixes CVE-2009-0790)
+- added P0 to fix build with -Werror=format-security
+
+* Mon Feb 23 2009 Frederik Himpe <fhimpe@mandriva.org> 4.2.12-1mdv2009.1
++ Revision: 344304
+- Update to new version 4.2.12
+
+* Fri Jan 23 2009 Jérôme Soyer <saispo@mandriva.org> 4.2.11-1mdv2009.1
++ Revision: 332879
+- New upstream release
+
+* Mon Jan 12 2009 Jérôme Soyer <saispo@mandriva.org> 4.2.10-1mdv2009.1
++ Revision: 328668
+- New upstream release
+- New upstream release
+
+* Wed Dec 03 2008 Jérôme Soyer <saispo@mandriva.org> 4.2.9-1mdv2009.1
++ Revision: 309644
+- New release 4.2.9
+
+* Fri Sep 19 2008 Frederik Himpe <fhimpe@mandriva.org> 4.2.7-1mdv2009.0
++ Revision: 286024
+- Update to new version 4.2.7 (fixes denial of service vulnerablity)
+
+* Thu Aug 28 2008 Frederik Himpe <fhimpe@mandriva.org> 4.2.6-1mdv2009.0
++ Revision: 276940
+- update to new version 4.2.6
+
+* Sat Aug 02 2008 Thierry Vignaud <tv@mandriva.org> 4.2.5-4mdv2009.0
++ Revision: 261210
+- rebuild
+
+* Tue Jul 29 2008 Thierry Vignaud <tv@mandriva.org> 4.2.5-3mdv2009.0
++ Revision: 253581
+- rebuild
+
+* Mon Jul 28 2008 Funda Wang <fwang@mandriva.org> 4.2.5-1mdv2009.0
++ Revision: 250813
+- New version 4.2.5
+
+  + Jérôme Soyer <saispo@mandriva.org>
+    - Fix lib building
+    - Add files
+    - Clean Init
+      Fix building
+      Fix Running
+    - Clean specs
+    - Add some doc
+    - Fix specs
+    - Clean specs
+    - Try to build a new release
+    - Try to build a new release
+
+  + Olivier Blin <oblin@mandriva.com>
+    - initscript is not a config file
+    - fix ipsec.conf path
+
+* Fri Jan 04 2008 Thierry Vignaud <tv@mandriva.org> 2.8.3-2mdv2008.1
++ Revision: 145485
+- adapt to new docdir layout
+- fix prereq on rpm-helper
+- kill re-definition of %%buildroot on Pixel's request
+
+
+* Fri Mar 16 2007 Olivier Blin <oblin@mandriva.com> 2.8.3-2mdv2007.1
++ Revision: 145276
+- fix build on x86_64
+- 2.8.3 (and fix installation, #26453)
+
+  + Jérôme Soyer <saispo@mandriva.org>
+    - Import strongswan
+
+* Sat Sep 10 2005 Andreas Hasenack <andreas@mandriva.com> 2.0.2-4mdk
+- added gcc4 patch from ehabkost@mandriva.com and from openswan cvs
+- rebuilt with openldap-2.3.x
+
+* Mon Feb 07 2005 Buchan Milne <bgmilne@linux-mandrake.com> 2.0.2-3mdk
+- rebuild for ldap2.2_7
+
+* Thu Oct 14 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 2.0.2-2mdk
+- rebuilt against new libcurl
+- misc spec file fixes
+
+* Thu Jun 10 2004 Florin <florin@mandrakesoft.com> 2.0.2-1mdk
+- first Mandrake release
+