Pavel Šimerda d69d3d
%global _hardened_build 1
Pavel Šimerda d69d3d
Pavel Šimerda 987700
Name:           racoon2
Pavel Šimerda 987700
Version:        20100526a
d30916
Release:        38%{?dist}
Pavel Šimerda 987700
Summary:        An implementation of key management system for IPsec
Pavel Šimerda 987700
License:        BSD
Pavel Šimerda 987700
URL:            http://www.racoon2.wide.ad.jp/
Pavel Šimerda 987700
Source0:        http://ftp.racoon2.wide.ad.jp/pub/%{name}/%{name}-%{version}.tgz
Pavel Šimerda 987700
Patch0:         %{name}-autotools.patch
Pavel Šimerda dcdc22
Patch1:         %{name}-init.patch
Pavel Šimerda 987700
Patch2:         %{name}-functions-shebang.patch
Pavel Šimerda 987700
Patch3:         %{name}-configfiles.patch
Pavel Šimerda 636224
Patch4:         %{name}-getopt.patch
87ff59
# 1/4 Adapt to OpenSSL 1.1.1, bug #1606070, taken from a fork at
87ff59
# <https: github.com="" zoulasc="" racoon2="">
87ff59
Patch5:         %{name}-20100526a-Make-unmodified-argument-const.patch
87ff59
# 2/4 Adapt to OpenSSL 1.1.1, bug #1606070, taken from a fork at
87ff59
# <https: github.com="" zoulasc="" racoon2="">
87ff59
Patch6:         %{name}-20100526a-Adjust-for-openssl-1.1.patch
87ff59
# 3/4 Adapt to OpenSSL 1.1.1, bug #1606070, taken from a fork at
87ff59
# <https: github.com="" zoulasc="" racoon2="">
87ff59
Patch7:         %{name}-20100526a-Adjust-for-OpenSSL-v1.1.patch
87ff59
# 4/4 Adapt to OpenSSL 1.1.1, bug #1606070, taken from a fork at
87ff59
# <https: github.com="" zoulasc="" racoon2="">
87ff59
Patch8:         %{name}-20100526a-Fix-for-OpenSSL-1.1.patch
Pavel Šimerda 987700
BuildRequires:  byacc
d30916
BuildRequires:  coreutils
Pavel Šimerda 987700
BuildRequires:  flex
d30916
BuildRequires:  gcc
d30916
BuildRequires:  make
Pavel Šimerda 987700
BuildRequires:  openssl-devel
ea80f2
BuildRequires:  perl-generators
d30916
BuildRequires:  sed
Pavel Šimerda 0a164b
Requires(post): pwgen
Pavel Šimerda 0a164b
%if 0%{?fedora} >= 15 || 0%{?rhel} >= 7
Pavel Šimerda 987700
BuildRequires:  systemd-units
Pavel Šimerda 987700
Requires(post): systemd-units
Pavel Šimerda 987700
Requires(preun): systemd-units
Pavel Šimerda 987700
Requires(postun): systemd-units
Pavel Šimerda 0a164b
%else
Pavel Šimerda 0a164b
Requires(post): chkconfig
Pavel Šimerda 0a164b
Requires(preun): chkconfig
Pavel Šimerda 0a164b
Requires(preun): initscripts
Pavel Šimerda 0a164b
%endif
Pavel Šimerda 987700
%description
Pavel Šimerda 987700
The Racoon2 project is a joint effort which provides an implementation of key
Pavel Šimerda 987700
management system for IPsec. The implementation is called Racoon2, a successor
Pavel Šimerda 987700
of Racoon, which was developed by the KAME project. It supports IKEv1, IKEv2,
Pavel Šimerda 987700
and KINK protocols. It works on FreeBSD, NetBSD, Linux, and Mac OS X.
Pavel Šimerda 987700
Pavel Šimerda 987700
%prep
Pavel Šimerda 987700
%setup -q
Pavel Šimerda 987700
%patch0 -p1
Pavel Šimerda 987700
%patch1 -p1
Pavel Šimerda 987700
%patch2 -p1
Pavel Šimerda 987700
%patch3 -p1
Pavel Šimerda 636224
%patch4 -p1
87ff59
%patch5 -p1
87ff59
%patch6 -p1
87ff59
%patch7 -p1
87ff59
%patch8 -p1
Pavel Šimerda 987700
Pavel Šimerda 656ff2
sed -i '/yyget_leng/d' lib/cftoken.l
Pavel Šimerda 656ff2
Pavel Šimerda 987700
%build
Pavel Šimerda 987700
# --disable-kinkd: KINK must be disabled unless krb5 is compiled --with-crypto-impl=builtin
Pavel Šimerda 987700
# because kinkd uses krb5's internal crypto functions that are not compiled otherwise.
Pavel Šimerda 290f21
# --disable-pedant: Racoon2 doesn't compile with pedantic compiler.
Pavel Šimerda d98152
%configure --disable-kinkd --disable-pedant 
Pavel Šimerda d98152
# racoon2 tends to misconfigure the spmd subtree
Pavel Šimerda d98152
( cd spmd && %configure )
Pavel Šimerda 987700
make %{?_smp_mflags}
Pavel Šimerda ccb110
sed -i 's/\t/    /' samples/*.conf
Pavel Šimerda 290f21
# Disable spmd.pwd generation
Pavel Šimerda 290f21
echo "#!/bin/sh" > pskgen/autogen.spmd.pwd
Pavel Šimerda 987700
Pavel Šimerda 987700
%install
Pavel Šimerda 987700
rm -rf %{buildroot}
Pavel Šimerda 987700
make install DESTDIR=%{buildroot}
Pavel Šimerda 290f21
# Rename binaries and manpages
Pavel Šimerda 290f21
for name in spmd spmdctl iked pskgen; do
Pavel Šimerda 290f21
    mv %{buildroot}%{_sbindir}/{,%{name}-}$name
Pavel Šimerda 290f21
    mv %{buildroot}%{_mandir}/man8/{,%{name}-}$name.8
Pavel Šimerda 290f21
done
Pavel Šimerda dcdc22
# Delete initscripts first
Pavel Šimerda dcdc22
rm %{buildroot}%{_initddir}/*
Pavel Šimerda dcdc22
# Install systemd units or initscripts
Pavel Šimerda 987700
%if 0%{?fedora} >= 15 || 0%{?rhel} >= 7
Pavel Šimerda 290f21
install -m 755 -t %{buildroot}%{_sbindir} %{name}
Pavel Šimerda 290f21
install -d %{buildroot}%{_unitdir}
Pavel Šimerda 290f21
install -m 644 -t %{buildroot}%{_unitdir} %{name}.service
Pavel Šimerda dcdc22
%else
Pavel Šimerda 290f21
install -m 755 %{name}.sysvinit %{buildroot}%{_initddir}/%{name}
Pavel Šimerda 987700
%endif
Pavel Šimerda 987700
Pavel Šimerda 987700
%files
Pavel Šimerda 987700
%dir %{_sysconfdir}/%{name}
Pavel Šimerda 2efe7d
%dir %{_sysconfdir}/%{name}/psk
Pavel Šimerda 2efe7d
%dir %{_sysconfdir}/%{name}/cert
Pavel Šimerda 987700
%config(noreplace) %{_sysconfdir}/%{name}/default.conf
Pavel Šimerda 987700
%config(noreplace) %{_sysconfdir}/%{name}/local-test.conf
Pavel Šimerda 987700
%config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf
Pavel Šimerda 987700
%config(noreplace) %{_sysconfdir}/%{name}/transport_ike.conf
Pavel Šimerda 987700
%config(noreplace) %{_sysconfdir}/%{name}/transport_kink.conf
Pavel Šimerda 987700
%config(noreplace) %{_sysconfdir}/%{name}/tunnel_ike.conf
Pavel Šimerda 987700
%config(noreplace) %{_sysconfdir}/%{name}/tunnel_ike_natt.conf
Pavel Šimerda 987700
%config(noreplace) %{_sysconfdir}/%{name}/tunnel_kink.conf
Pavel Šimerda 987700
%config(noreplace) %{_sysconfdir}/%{name}/vals.conf
Pavel Šimerda 987700
%dir %{_sysconfdir}/%{name}/hook
Pavel Šimerda 987700
%{_sysconfdir}/%{name}/hook/child-down
Pavel Šimerda 987700
%{_sysconfdir}/%{name}/hook/child-rekey
Pavel Šimerda 987700
%{_sysconfdir}/%{name}/hook/child-up
Pavel Šimerda 987700
%{_sysconfdir}/%{name}/hook/child-up.d/00childup_sample
Pavel Šimerda 987700
%config(noreplace) %{_sysconfdir}/%{name}/hook/functions
Pavel Šimerda 987700
%{_sysconfdir}/%{name}/hook/ikesa-down
Pavel Šimerda 987700
%{_sysconfdir}/%{name}/hook/ikesa-rekey
Pavel Šimerda 987700
%{_sysconfdir}/%{name}/hook/ikesa-up
Pavel Šimerda 987700
%{_sysconfdir}/%{name}/hook/ikesa-up.d/00ikesaup_sample
Pavel Šimerda 987700
%{_sysconfdir}/%{name}/hook/migration
Pavel Šimerda 987700
%{_sysconfdir}/%{name}/hook/ph1-down
Pavel Šimerda 987700
%{_sysconfdir}/%{name}/hook/ph1-up
Pavel Šimerda 290f21
%{_sbindir}/%{name}-iked
Pavel Šimerda 290f21
%{_sbindir}/%{name}-pskgen
Pavel Šimerda 290f21
%{_sbindir}/%{name}-spmd
Pavel Šimerda 290f21
%{_sbindir}/%{name}-spmdctl
Pavel Šimerda 987700
%dir %{_var}/run/%{name}
Pavel Šimerda 290f21
%{_mandir}/man8/%{name}-iked.8.gz
Pavel Šimerda 290f21
%{_mandir}/man8/%{name}-pskgen.8.gz
Pavel Šimerda 290f21
%{_mandir}/man8/%{name}-spmd.8.gz
Pavel Šimerda 290f21
%{_mandir}/man8/%{name}-spmdctl.8.gz
Pavel Šimerda 987700
%if 0%{?fedora} >= 15 || 0%{?rhel} >= 7
Pavel Šimerda dcdc22
%{_sbindir}/%{name}
Pavel Šimerda dcdc22
%{_unitdir}/%{name}.service
Pavel Šimerda 987700
%else
Pavel Šimerda dcdc22
%{_initddir}/%{name}
Pavel Šimerda 987700
%endif
Pavel Šimerda 987700
Pavel Šimerda 987700
%post
Pavel Šimerda 987700
if [ ! -e "%{_sysconfdir}/%{name}/spmd.pwd" ]; then
Pavel Šimerda 987700
    pwgen > %{_sysconfdir}/%{name}/spmd.pwd
Pavel Šimerda 987700
    chmod 600 %{_sysconfdir}/%{name}/spmd.pwd
Pavel Šimerda 987700
fi
Pavel Šimerda 0a164b
%if 0%{?fedora} >= 15 || 0%{?rhel} >= 7
Pavel Šimerda 54a95d
%systemd_post %{name}.service
Pavel Šimerda 0a164b
%else
Pavel Šimerda dcdc22
/sbin/chkconfig --add %{name}
Pavel Šimerda 0a164b
%endif
Pavel Šimerda 987700
Pavel Šimerda 987700
%preun
Pavel Šimerda 0a164b
%if 0%{?fedora} >= 15 || 0%{?rhel} >= 7
Pavel Šimerda 54a95d
%systemd_preun %{name}.service
Pavel Šimerda 0a164b
%else
Pavel Šimerda 0a164b
if [ $1 -eq 0 ] ; then
Pavel Šimerda dcdc22
    /sbin/service %{name} stop >/dev/null 2>&1
Pavel Šimerda dcdc22
    /sbin/chkconfig --del %{name}
Pavel Šimerda 0a164b
fi
Pavel Šimerda 0a164b
%endif
Pavel Šimerda 987700
Pavel Šimerda 987700
%postun
Pavel Šimerda 0a164b
%if 0%{?fedora} >= 15 || 0%{?rhel} >= 7
Pavel Šimerda 54a95d
%systemd_postun_with_restart apache-httpd.service 
Pavel Šimerda 0a164b
%else
Pavel Šimerda 0a164b
%endif
Pavel Šimerda 987700
Pavel Šimerda 987700
%changelog
d30916
* Fri Jun 21 2019 Petr Pisar <ppisar@redhat.com> - 20100526a-38
d30916
- Add missing build dependencies (bug #1606070)
87ff59
- Adapt to OpenSSL 1.1.1 (bug #1606070)
d30916
b49e9b
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 20100526a-37
b49e9b
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
b49e9b
05703c
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 20100526a-36
05703c
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
05703c
6857e4
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 20100526a-35
6857e4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
6857e4
62233d
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 20100526a-34
62233d
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
62233d
1b0281
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 20100526a-33
1b0281
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
1b0281
2c9e94
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 20100526a-32
2c9e94
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
2c9e94
29f88c
* Thu Jun 18 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20100526a-31
29f88c
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
29f88c
4d9d35
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20100526a-30
4d9d35
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
4d9d35
cf0214
* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20100526a-29
cf0214
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
cf0214
Pavel Šimerda 636224
* Thu Mar 13 2014 Pavel Šimerda <psimerda@redhat.com> - 20100526a-28
Pavel Šimerda 636224
- #995743 - avoid recently added dependency
Pavel Šimerda 636224
Pavel Šimerda 2efe7d
* Wed Feb 19 2014 Pavel Šimerda <psimerda@redhat.com> - 20100526a-27
Pavel Šimerda 2efe7d
- #995745 - /etc/racoon2/psk and /etc/racoon2/cert references in vals.conf are not created
Pavel Šimerda 2efe7d
- #995743 - racoon2-genpsk missing dependancies
Pavel Šimerda 2efe7d
Pavel Šimerda d69d3d
* Mon Feb 17 2014 Pavel Šimerda <psimerda@redhat.com> - 20100526a-26
Pavel Šimerda d69d3d
- #955458 - hardened build
Pavel Šimerda d98152
- fix build failure by reconfiguring spmd subdirectory
Pavel Šimerda d69d3d
Pavel Šimerda 656ff2
* Mon Feb 17 2014 Pavel Šimerda <psimerda@redhat.com> - 20100526a-25
Pavel Šimerda 656ff2
- #914426 - fix build failure affecting Fedora >= 18
Pavel Šimerda 656ff2
Pavel Šimerda 54a95d
* Tue Jan 07 2014 Pavel Šimerda <psimerda@redhat.com> - 20100526a-24
Pavel Šimerda 54a95d
- #850290 - use systemd-rpm macros
Pavel Šimerda 54a95d
Pavel Šimerda f9ea76
* Thu Sep 12 2013 Pavel Šimerda <psimerda@redhat.com> - 20100526a-23
Pavel Šimerda f9ea76
- prefix init script daemon names with /racoon2-/ (#1006613, patch by Grant Hammond)
Pavel Šimerda f9ea76
28d818
* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20100526a-22
28d818
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
28d818
ec1206
* Wed Jul 17 2013 Petr Pisar <ppisar@redhat.com> - 20100526a-21
ec1206
- Perl 5.18 rebuild
ec1206
ac8b33
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20100526a-20
ac8b33
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
ac8b33
Pavel Šimerda e50991
* Thu Jan 17 2013 Pavel Šimerda <psimerda@redhat.com> - 20100526a-19
Pavel Šimerda e50991
- Fix racoon2 script to call prefixed binaries
Pavel Šimerda e50991
9b1e74
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20100526a-18
9b1e74
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
9b1e74
Pavel Šimerda 290f21
* Mon Mar 05 2012 Pavel Šimerda <pavlix@pavlix.net> - 20100526a-17
Pavel Šimerda 290f21
- Prefix binaries with racoon2-
Pavel Šimerda 290f21
Pavel Šimerda bb063d
* Tue Feb 14 2012 Pavel Šimerda <pavlix@pavlix.net> - 20100526a-16
Pavel Šimerda bb063d
- Fixed systemd dependencies
Pavel Šimerda dcdc22
- Switched to a single systemd unit or single initscript
Pavel Šimerda bb063d
Pavel Šimerda ccb110
* Tue Feb 14 2012 Pavel Šimerda <pavlix@pavlix.net> - 20100526a-15
Pavel Šimerda ccb110
- Expand tabs in config files for better readability
Pavel Šimerda ccb110
Pavel Šimerda 0a164b
* Mon Feb 13 2012 Pavel Šimerda <pavlix@pavlix.net> - 20100526a-14
Pavel Šimerda 0a164b
- rebuilt
Pavel Šimerda 0a164b
Pavel Šimerda 987700
* Sat Jan 21 2012 Pavel Šimerda <pavlix@pavlix.net> - 20100526a-13
Pavel Šimerda 987700
- Added rm at the beginning of install section
Pavel Šimerda 987700
- Changed conditionals to versioned ones
Pavel Šimerda 987700
Pavel Šimerda 987700
* Sun Jan 15 2012 Pavel Šimerda <pavlix@pavlix.net> - 20100526a-12
Pavel Šimerda 987700
- Removed sysvinit subpackage
Pavel Šimerda 987700
- Added conditionals to handle different init systems
Pavel Šimerda 987700
- Changed initrd macro to initd
Pavel Šimerda 987700
- Marked functions as config file
Pavel Šimerda 987700
Pavel Šimerda 987700
* Fri Dec 30 2011 Pavel Šimerda <pavlix@pavlix.net> - 20100526a-11
Pavel Šimerda 987700
- Removed -fno-strict-aliasing
Pavel Šimerda 987700
- Removed -D_GNU_SOURCE=1
Pavel Šimerda 987700
- Added rationale for --disable-kinkd and --disable-pedant
Pavel Šimerda 987700
- Removed @prefix@ from configuration files (patch)
Pavel Šimerda 987700
Pavel Šimerda 987700
* Thu Dec 29 2011 Pavel Šimerda <pavlix@pavlix.net> - 20100526a-10
Pavel Šimerda 987700
- Added pwgen dependency
Pavel Šimerda 987700
- Moved various inline fixes from specfile to patches
Pavel Šimerda 987700
- Fixed racoon2 configuration path (/etc/racoon2)
Pavel Šimerda 987700
Pavel Šimerda 987700
* Wed Dec 07 2011 Pavel Šimerda <pavlix@pavlix.net> - 20100526a-9
Pavel Šimerda 987700
- Incorporated more rpmlint feedback
Pavel Šimerda 987700
- Directories are now specified by macros
Pavel Šimerda 987700
- Added systemd scriptlets
Pavel Šimerda 987700
- Added needed /var/run/racoon2 directory
Pavel Šimerda 987700
- Added directories to files section
Pavel Šimerda 987700
Pavel Šimerda 987700
* Wed Nov 09 2011 pavlix - 20100526a-8
Pavel Šimerda 987700
- Incorporated rpmlint feedback
Pavel Šimerda 987700
Pavel Šimerda 987700
* Wed Nov 09 2011 pavlix - 20100526a-7
Pavel Šimerda 987700
- Experimental build for packaging