summaryrefslogtreecommitdiff
path: root/community/ipsec-tools
diff options
context:
space:
mode:
Diffstat (limited to 'community/ipsec-tools')
-rw-r--r--community/ipsec-tools/PKGBUILD43
-rw-r--r--community/ipsec-tools/ipsec-tools-linux-3.7-compat.patch50
-rw-r--r--community/ipsec-tools/ipsec.service12
-rw-r--r--community/ipsec-tools/racoon.service10
4 files changed, 115 insertions, 0 deletions
diff --git a/community/ipsec-tools/PKGBUILD b/community/ipsec-tools/PKGBUILD
new file mode 100644
index 000000000..08a4c6115
--- /dev/null
+++ b/community/ipsec-tools/PKGBUILD
@@ -0,0 +1,43 @@
+# $Id: PKGBUILD 100178 2013-11-01 20:59:24Z spupykin $
+# Maintainer: Sergej Pupykin <pupykin.s+arch@gmail.com>
+# Contributor: Allan Henriksen <allan.henriksen@gmail.com>
+
+pkgname=ipsec-tools
+pkgver=0.8.1
+pkgrel=5
+pkgdesc="KAME IPSec tools ported to Linux"
+arch=('i686' 'x86_64')
+url="http://ipsec-tools.sourceforge.net/"
+depends=('readline' 'openssl' 'krb5')
+makedepends=('linux-headers')
+license=('GPL')
+options=('!makeflags')
+source=(http://downloads.sourceforge.net/sourceforge/ipsec-tools/$pkgname-$pkgver.tar.bz2
+ racoon.service
+ ipsec.service
+ ipsec-tools-linux-3.7-compat.patch)
+md5sums=('d38b39f291ba2962387c3232e7335dd8'
+ '3a64a9e3b498c6da90450ffb0b758aea'
+ '387a0b0c4f10e42b2bb62282885cdc9c'
+ 'ae1dd20c83dcfce3dedb46ee73e83613')
+
+build() {
+ cd $srcdir/$pkgname-$pkgver
+
+ patch -p1 <$srcdir/ipsec-tools-linux-3.7-compat.patch
+ sed -i 's#-Werror##' configure.ac
+
+ ./bootstrap
+ ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --sbindir=/usr/bin \
+ --enable-security-context=no --enable-hybrid --enable-dpd --enable-natt \
+ --enable-adminport --enable-gssapi \
+ --with-kernel-headers=/lib/modules/`pacman -Q linux-headers | cut -f2 -d\ `-ARCH/build/include
+ make
+}
+
+package() {
+ cd $srcdir/$pkgname-$pkgver
+ make DESTDIR=$pkgdir install
+ install -Dm0644 $srcdir/racoon.service $pkgdir/usr/lib/systemd/system/racoon.service
+ install -Dm0644 $srcdir/ipsec.service $pkgdir/usr/lib/systemd/system/ipsec.service
+}
diff --git a/community/ipsec-tools/ipsec-tools-linux-3.7-compat.patch b/community/ipsec-tools/ipsec-tools-linux-3.7-compat.patch
new file mode 100644
index 000000000..46b11ee51
--- /dev/null
+++ b/community/ipsec-tools/ipsec-tools-linux-3.7-compat.patch
@@ -0,0 +1,50 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -74,9 +74,10 @@ case "$host_os" in
+ [ KERNEL_INCLUDE="/lib/modules/`uname -r`/build/include" ])
+
+ AC_CHECK_HEADER($KERNEL_INCLUDE/linux/pfkeyv2.h, ,
+- [ AC_CHECK_HEADER(/usr/src/linux/include/linux/pfkeyv2.h,
+- KERNEL_INCLUDE=/usr/src/linux/include ,
+- [ AC_MSG_ERROR([Unable to find linux-2.6 kernel headers. Aborting.]) ] ) ] )
++ [ AC_CHECK_HEADER($KERNEL_INCLUDE/uapi/linux/pfkeyv2.h, ,
++ [ AC_CHECK_HEADER(/usr/src/linux/include/linux/pfkeyv2.h,
++ KERNEL_INCLUDE=/usr/src/linux/include ,
++ [ AC_MSG_ERROR([Unable to find linux-2.6 kernel headers. Aborting.]) ] ) ] ) ] )
+ AC_SUBST(KERNEL_INCLUDE)
+ # We need the configure script to run with correct kernel headers.
+ # However we don't want to point to kernel source tree in compile time,
+@@ -643,7 +644,14 @@ AC_EGREP_CPP(yes,
+ #ifdef SADB_X_EXT_NAT_T_TYPE
+ yes
+ #endif
+-], [kernel_natt="yes"])
++], [kernel_natt="yes"], [
++ AC_EGREP_CPP(yes,
++ [#include <uapi/linux/pfkeyv2.h>
++ #ifdef SADB_X_EXT_NAT_T_TYPE
++ yes
++ #endif
++ ], [kernel_natt="yes"])
++])
+ ;;
+ freebsd*|netbsd*)
+ # NetBSD case
+--- a/src/include-glibc/Makefile.am
++++ b/src/include-glibc/Makefile.am
+@@ -1,14 +1,7 @@
+-
+-.includes: ${top_builddir}/config.status
+- ln -snf $(KERNEL_INCLUDE)/linux
+- touch .includes
+-
+-all: .includes
+-
+ EXTRA_DIST = \
+ glibc-bugs.h \
+ net/pfkeyv2.h \
+ netinet/ipsec.h \
+ sys/queue.h
+
+-DISTCLEANFILES = .includes linux
++DISTCLEANFILES = linux
diff --git a/community/ipsec-tools/ipsec.service b/community/ipsec-tools/ipsec.service
new file mode 100644
index 000000000..483a5b58d
--- /dev/null
+++ b/community/ipsec-tools/ipsec.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=Load IPSec Security Policy Database
+After=syslog.target network.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=true
+ExecStart=/usr/bin/setkey -f /etc/ipsec.conf
+ExecStop=/usr/bin/setkey -F -P ; /usr/bin/setkey -F
+
+[Install]
+WantedBy=multi-user.target
diff --git a/community/ipsec-tools/racoon.service b/community/ipsec-tools/racoon.service
new file mode 100644
index 000000000..95324bd5d
--- /dev/null
+++ b/community/ipsec-tools/racoon.service
@@ -0,0 +1,10 @@
+[Unit]
+Description=Racoon IKEv1 key management daemon for IPSEC
+After=syslog.target network.target
+
+[Service]
+Type=forking
+ExecStart=/usr/bin/racoon
+
+[Install]
+WantedBy=multi-user.target