diff options
Diffstat (limited to 'community/ipsec-tools')
-rw-r--r-- | community/ipsec-tools/PKGBUILD | 43 | ||||
-rw-r--r-- | community/ipsec-tools/ipsec-tools-linux-3.7-compat.patch | 50 | ||||
-rw-r--r-- | community/ipsec-tools/ipsec.service | 12 | ||||
-rw-r--r-- | community/ipsec-tools/racoon.service | 10 |
4 files changed, 115 insertions, 0 deletions
diff --git a/community/ipsec-tools/PKGBUILD b/community/ipsec-tools/PKGBUILD new file mode 100644 index 000000000..08a4c6115 --- /dev/null +++ b/community/ipsec-tools/PKGBUILD @@ -0,0 +1,43 @@ +# $Id: PKGBUILD 100178 2013-11-01 20:59:24Z spupykin $ +# Maintainer: Sergej Pupykin <pupykin.s+arch@gmail.com> +# Contributor: Allan Henriksen <allan.henriksen@gmail.com> + +pkgname=ipsec-tools +pkgver=0.8.1 +pkgrel=5 +pkgdesc="KAME IPSec tools ported to Linux" +arch=('i686' 'x86_64') +url="http://ipsec-tools.sourceforge.net/" +depends=('readline' 'openssl' 'krb5') +makedepends=('linux-headers') +license=('GPL') +options=('!makeflags') +source=(http://downloads.sourceforge.net/sourceforge/ipsec-tools/$pkgname-$pkgver.tar.bz2 + racoon.service + ipsec.service + ipsec-tools-linux-3.7-compat.patch) +md5sums=('d38b39f291ba2962387c3232e7335dd8' + '3a64a9e3b498c6da90450ffb0b758aea' + '387a0b0c4f10e42b2bb62282885cdc9c' + 'ae1dd20c83dcfce3dedb46ee73e83613') + +build() { + cd $srcdir/$pkgname-$pkgver + + patch -p1 <$srcdir/ipsec-tools-linux-3.7-compat.patch + sed -i 's#-Werror##' configure.ac + + ./bootstrap + ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --sbindir=/usr/bin \ + --enable-security-context=no --enable-hybrid --enable-dpd --enable-natt \ + --enable-adminport --enable-gssapi \ + --with-kernel-headers=/lib/modules/`pacman -Q linux-headers | cut -f2 -d\ `-ARCH/build/include + make +} + +package() { + cd $srcdir/$pkgname-$pkgver + make DESTDIR=$pkgdir install + install -Dm0644 $srcdir/racoon.service $pkgdir/usr/lib/systemd/system/racoon.service + install -Dm0644 $srcdir/ipsec.service $pkgdir/usr/lib/systemd/system/ipsec.service +} diff --git a/community/ipsec-tools/ipsec-tools-linux-3.7-compat.patch b/community/ipsec-tools/ipsec-tools-linux-3.7-compat.patch new file mode 100644 index 000000000..46b11ee51 --- /dev/null +++ b/community/ipsec-tools/ipsec-tools-linux-3.7-compat.patch @@ -0,0 +1,50 @@ +--- a/configure.ac ++++ b/configure.ac +@@ -74,9 +74,10 @@ case "$host_os" in + [ KERNEL_INCLUDE="/lib/modules/`uname -r`/build/include" ]) + + AC_CHECK_HEADER($KERNEL_INCLUDE/linux/pfkeyv2.h, , +- [ AC_CHECK_HEADER(/usr/src/linux/include/linux/pfkeyv2.h, +- KERNEL_INCLUDE=/usr/src/linux/include , +- [ AC_MSG_ERROR([Unable to find linux-2.6 kernel headers. Aborting.]) ] ) ] ) ++ [ AC_CHECK_HEADER($KERNEL_INCLUDE/uapi/linux/pfkeyv2.h, , ++ [ AC_CHECK_HEADER(/usr/src/linux/include/linux/pfkeyv2.h, ++ KERNEL_INCLUDE=/usr/src/linux/include , ++ [ AC_MSG_ERROR([Unable to find linux-2.6 kernel headers. Aborting.]) ] ) ] ) ] ) + AC_SUBST(KERNEL_INCLUDE) + # We need the configure script to run with correct kernel headers. + # However we don't want to point to kernel source tree in compile time, +@@ -643,7 +644,14 @@ AC_EGREP_CPP(yes, + #ifdef SADB_X_EXT_NAT_T_TYPE + yes + #endif +-], [kernel_natt="yes"]) ++], [kernel_natt="yes"], [ ++ AC_EGREP_CPP(yes, ++ [#include <uapi/linux/pfkeyv2.h> ++ #ifdef SADB_X_EXT_NAT_T_TYPE ++ yes ++ #endif ++ ], [kernel_natt="yes"]) ++]) + ;; + freebsd*|netbsd*) + # NetBSD case +--- a/src/include-glibc/Makefile.am ++++ b/src/include-glibc/Makefile.am +@@ -1,14 +1,7 @@ +- +-.includes: ${top_builddir}/config.status +- ln -snf $(KERNEL_INCLUDE)/linux +- touch .includes +- +-all: .includes +- + EXTRA_DIST = \ + glibc-bugs.h \ + net/pfkeyv2.h \ + netinet/ipsec.h \ + sys/queue.h + +-DISTCLEANFILES = .includes linux ++DISTCLEANFILES = linux diff --git a/community/ipsec-tools/ipsec.service b/community/ipsec-tools/ipsec.service new file mode 100644 index 000000000..483a5b58d --- /dev/null +++ b/community/ipsec-tools/ipsec.service @@ -0,0 +1,12 @@ +[Unit] +Description=Load IPSec Security Policy Database +After=syslog.target network.target + +[Service] +Type=oneshot +RemainAfterExit=true +ExecStart=/usr/bin/setkey -f /etc/ipsec.conf +ExecStop=/usr/bin/setkey -F -P ; /usr/bin/setkey -F + +[Install] +WantedBy=multi-user.target diff --git a/community/ipsec-tools/racoon.service b/community/ipsec-tools/racoon.service new file mode 100644 index 000000000..95324bd5d --- /dev/null +++ b/community/ipsec-tools/racoon.service @@ -0,0 +1,10 @@ +[Unit] +Description=Racoon IKEv1 key management daemon for IPSEC +After=syslog.target network.target + +[Service] +Type=forking +ExecStart=/usr/bin/racoon + +[Install] +WantedBy=multi-user.target |