Пакет ipsec-tools: Specfile
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 | Summary: IPsec-Tools package use the IPsec functionality in the linux-2.5+ kernels. Name: ipsec-tools Version: 0.8.2 Release: alt2 URL: http://ipsec-tools.sourceforge.net/ License: BSD Group: Security/Networking Requires: libipsec = %version-%release Source0: http://sourceforge.net/projects/ipsec-tools/files/ipsec-tools/%{version}/ipsec-tools-%{version}.tar Source1: %name-racoon.init Source2: %name-racoon.sysconfig Source3: p1_up_down Source4: racoon.conf Source5: racoon.pam Source6: racoon.service # patches from ipsec-tools-0.8.0-2.fc16.src.rpm # Ignore acquires that are sent by kernel for SAs that are already being # negotiated (#234491) Patch3: ipsec-tools-0.8.0-acquires.patch # Support for labeled IPSec on loopback Patch4: ipsec-tools-0.8.0-loopback.patch # Create racoon as PIE Patch11: ipsec-tools-0.7.1-pie.patch # Fix leak in certification handling Patch14: ipsec-tools-0.7.2-moreleaks.patch # Do not install development files Patch16: ipsec-tools-0.8.0-nodevel.patch # Use krb5 gssapi mechanism Patch18: ipsec-tools-0.7.3-gssapi-mech.patch # Silence strict aliasing warnings Patch20: ipsec-tools-0.8.0-aliasing.patch # CVE-2015-4047 Patch21: ipsec-tools-0.8.2-CVE-2015-4047.patch # Calling_station-Id attribute for xauth RADIUS requests Patch22: ipsec-tools-0.8.2-952413.patch Patch100: ipsec-tools-0.7.2-alt-werror.patch Patch101: ipsec-tools-0.8.0-alt-makefile.patch Patch102: ipsec-tools-0.7.2-alt-config.patch Patch103: ipsec-tools-0.7.2-alt-unres.patch Patch104: ipsec-tools-0.7.2-alt-gcc44-warns.patch Patch105: ipsec-tools-0.8.0-alt-wildcard-psk.patch # Debian patches Patch201: ipsec-tools-0.8.2-make-peer_certfile-dnssec-validate-dnssec.patch Patch203: ipsec-tools-0.8.2-configure-pass-Wl-with-R.patch Patch204: ipsec-tools-0.8.2-include-stdint.patch Patch205: ipsec-tools-0.8.2-asn1_utf8.patch Patch206: ipsec-tools-0.8.2-ipv6literalaltname.patch Patch207: ipsec-tools-0.8.2-checkpoint-xauth.patch Patch209: ipsec-tools-0.8.2-implicit-int.patch Patch210: ipsec-tools-0.8.2-glibc-bsd-source-obsolete.patch Patch211: ipsec-tools-0.8.2-CVE-2016-10396.patch Patch212: ipsec-tools-0.8.2-gcc7-support.patch Patch213: ipsec-tools-0.8.2-shared-libfl.patch Patch214: ipsec-tools-0.8.2-openssl1.1.patch Patch215: ipsec-tools-0.8.2-fix-uninitialized-vars.patch Patch216: ipsec-tools-0.8.2-sprintf-sizes.patch #optimized out: libcom_err-devel BuildRequires: flex libaudit-devel libpam-devel libselinux-devel libssl-devel libldap-devel libkrb5-devel %description This is the IPsec-Tools package. You need this package in order to really use the IPsec functionality in the linux-2.5+ kernels. This package builds: - setkey, a program to directly manipulate policies and SAs - racoon, an IKEv1 keying daemon %package -n libipsec Summary: IPSec-Tools shared libraries Group: System/Libraries %description -n libipsec IPSec-Tools shared libraries package. %package -n libipsec-devel Summary: IPSec-Tools development files Group: Development/C Requires: %name = %version-%release Provides: %name-devel = %version Obsoletes: %name-devel %description -n libipsec-devel IPSec-Tools development files package. %prep %setup -q %patch3 -p1 -b .acquires %patch4 -p1 -b .loopback %patch11 -p1 -b .pie %patch14 -p1 -b .moreleaks #%patch16 -p1 -b .nodevel %patch18 -p1 -b .gssapi-mech %patch20 -p1 -b .aliasing %patch21 -p1 -b .cve_2015_4047 %patch22 -p1 -b .station_id #%patch100 -p1 -b .werror %patch101 -p1 -b .altmake %patch102 -p1 -b .syscfg %patch103 -p1 -b .unres %patch104 -p1 -b .gcc4warn %patch105 -p1 -b .wildcard %patch201 -p1 %patch203 -p1 %patch204 -p1 %patch205 -p1 %patch206 -p1 %patch207 -p1 %patch209 -p1 %patch210 -p1 %patch211 -p1 %patch212 -p1 %patch213 -p1 %patch214 -p1 %patch215 -p1 %patch216 -p1 sed -i 's|-Werror||g' configure* %build ./bootstrap %configure \ --disable-static \ --with-kernel-headers=/usr/include \ --enable-shared \ --sysconfdir=/etc/racoon \ --enable-hybrid \ --enable-frag \ --enable-stats \ --enable-dpd \ --enable-natt=kernel \ --enable-natt \ --enable-security-context \ --enable-audit \ --enable-gssapi \ --with-libpam \ --with-libldap \ --without-readline \ --enable-adminport=yes %make %install %make install DESTDIR=%buildroot mkdir -p %buildroot/%_sysconfdir/racoon/certs mkdir -p %buildroot/%_sysconfdir/racoon/scripts mkdir -p %buildroot/%_initdir mkdir -p %buildroot/%_unitdir mkdir -p %buildroot/%_sysconfdir/sysconfig mkdir -p %buildroot/%_sysconfdir/pam.d install -p -m0600 src/racoon/samples/psk.txt %buildroot%_sysconfdir/racoon/ install -p -m0644 %SOURCE4 %buildroot%_sysconfdir/racoon/ install -p -m0700 %SOURCE3 %buildroot%_sysconfdir/racoon/scripts/ install -m 0755 %SOURCE1 %buildroot%_initdir/racoon install -m 0644 %SOURCE2 %buildroot%_sysconfdir/sysconfig/racoon install -p -m0644 %SOURCE5 %buildroot%_sysconfdir/pam.d/racoon install -p -m0644 %SOURCE6 %buildroot%_unitdir/racoon.service %preun %preun_service racoon %post %post_service racoon %files %_initdir/racoon %_unitdir/racoon.service %config(noreplace) %_sysconfdir/racoon/racoon.conf %config(noreplace) %_sysconfdir/racoon/psk.txt %config(noreplace) %_sysconfdir/sysconfig/racoon %config(noreplace) %_sysconfdir/pam.d/racoon %_sysconfdir/racoon/scripts/p1_up_down %dir %_sysconfdir/racoon/certs %dir %_sysconfdir/racoon/scripts %dir %_sysconfdir/racoon/ %_sbindir/plainrsa-gen %_sbindir/racoon %_sbindir/racoonctl %_sbindir/setkey %_man3dir/* %_man5dir/* %_man8dir/* %doc ChangeLog NEWS README src/racoon/doc/* src/racoon/samples/roadwarrior src/racoon/samples/*sample* %dir %_localstatedir/racoon %files -n libipsec %_libdir/libipsec.so.* %_libdir/libracoon.so.* %files -n libipsec-devel %_libdir/libipsec.so %_libdir/libracoon.so %_includedir/libipsec/* %dir %_includedir/libipsec %_includedir/racoon/* %dir %_includedir/racoon %changelog * Wed Aug 29 2018 Alexey Shabalin <shaba@altlinux.org> 0.8.2-alt2 - build with openssl-1.1 - add patches from Debian - fixed CVE-2016-10396 * Sun Feb 21 2016 Alexey Shabalin <shaba@altlinux.ru> 0.8.2-alt1 - 0.8.2 - fixed CVE-2015-4047 * Thu May 23 2013 Alexey Shabalin <shaba@altlinux.ru> 0.8.1-alt1 - 0.8.1 - add systemd unit file - build with ldap support * Wed Feb 20 2013 Denis Baranov <baraka@altlinux.ru> 0.8.0-alt2 - add compile option enable-adminport=yes * Thu Dec 29 2011 Alexey Shabalin <shaba@altlinux.ru> 0.8.0-alt1 - 0.8.0 - enable ipv6 - build with pam support - add support wildcard in psk.txt (patch105) * Tue Dec 07 2010 Igor Vlasenko <viy@altlinux.ru> 0.7.2-alt1.1.1 - rebuild with new openssl and/or boost by request of git.alt administrator * Sun May 24 2009 Dmitry Lebkov <dlebkov@altlinux.ru> 0.7.2-alt1.1 - fix package build * Sun May 24 2009 Dmitry Lebkov <dlebkov@altlinux.ru> 0.7.2-alt1 - 0.7.2 (closes: #19917) - move shared libraries to 'libipsec' package - add libipsec-devel package * Sun Dec 14 2008 Dmitry Lebkov <dlebkov@altlinux.ru> 0.7.1-alt1 - 0.7.1 with patches from ipsec-tools-0.7.1-6.fc11 * Wed Aug 27 2008 Dmitry Lebkov <dlebkov@altlinux.ru> 0.6.7-alt2 - CVE-2008-3651 and CVE-2008-3652 patches from RedHat package ipsec-tools-0.6.5-9.3: + for DoS through various memory leaks (rh#456660, rh#458846) - other patches from RH * Sat Aug 09 2008 ALT QA Team Robot <qa-robot@altlinux.org> 0.6.7-alt1.1 - Automated rebuild due to libcrypto.so.6 -> libcrypto.so.7 soname change. * Sun May 13 2007 Dmitry Lebkov <dlebkov@altlinux.ru> 0.6.7-alt1 - 0.6.7 - CVE-2007-1841 - ALT bug #11604 fixed - add init-script for racoon daemon * Wed Dec 20 2006 Dmitry Lebkov <dlebkov@altlinux.ru> 0.6.6-alt1 - fix build requires * Fri Oct 27 2006 Dmitry Lebkov <dlebkov@altlinux.ru> 0.6.6-alt0 - 0.6.6 * Wed Mar 2 2005 Maxim Tyurin <mrkooll@altlinux.ru> 0.5-alt1 - New version (fixed CAN-2004-0155) and fixed potencial buffer ovefflow. * Thu Jun 10 2004 Maxim Tyurin <mrkooll@altlinux.ru> 0.2.3-alt1 - Initial build. |