summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAnthony G. Basile <blueness@gentoo.org>2013-06-15 19:30:19 +0000
committerAnthony G. Basile <blueness@gentoo.org>2013-06-15 19:30:19 +0000
commit8473bdaa68005346e69abb699cd04411551ac2ab (patch)
tree8eb06ac1b71c56f5f723da9b8ce812c28d2855e9 /net-firewall
parentDropped more keywords on 3.7.10. (diff)
downloadgentoo-2-8473bdaa68005346e69abb699cd04411551ac2ab.tar.gz
gentoo-2-8473bdaa68005346e69abb699cd04411551ac2ab.tar.bz2
gentoo-2-8473bdaa68005346e69abb699cd04411551ac2ab.zip
Remove older versions
(Portage version: 2.1.12.2/cvs/Linux x86_64, signed Manifest commit with key 0xF52D4BBA)
Diffstat (limited to 'net-firewall')
-rw-r--r--net-firewall/ipsec-tools/ChangeLog7
-rw-r--r--net-firewall/ipsec-tools/files/ipsec.conf26
-rw-r--r--net-firewall/ipsec-tools/files/racoon.conf.d18
-rw-r--r--net-firewall/ipsec-tools/files/racoon.init.d58
-rw-r--r--net-firewall/ipsec-tools/files/racoon.init.d-r156
-rw-r--r--net-firewall/ipsec-tools/ipsec-tools-0.8.0-r3.ebuild236
-rw-r--r--net-firewall/ipsec-tools/ipsec-tools-0.8.0-r4.ebuild237
7 files changed, 6 insertions, 632 deletions
diff --git a/net-firewall/ipsec-tools/ChangeLog b/net-firewall/ipsec-tools/ChangeLog
index 072ae21315ec..be34914f4d37 100644
--- a/net-firewall/ipsec-tools/ChangeLog
+++ b/net-firewall/ipsec-tools/ChangeLog
@@ -1,6 +1,11 @@
# ChangeLog for net-firewall/ipsec-tools
# Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ChangeLog,v 1.112 2013/03/23 19:15:21 floppym Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ChangeLog,v 1.113 2013/06/15 19:30:19 blueness Exp $
+
+ 15 Jun 2013; Anthony G. Basile <blueness@gentoo.org> -files/ipsec.conf,
+ -files/racoon.conf.d, -files/racoon.init.d, -files/racoon.init.d-r1,
+ -ipsec-tools-0.8.0-r3.ebuild, -ipsec-tools-0.8.0-r4.ebuild:
+ Remove older versions
23 Mar 2013; Mike Gilbert <floppym@gentoo.org> ipsec-tools-0.8.0-r5.ebuild,
ipsec-tools-0.8.1.ebuild:
diff --git a/net-firewall/ipsec-tools/files/ipsec.conf b/net-firewall/ipsec-tools/files/ipsec.conf
deleted file mode 100644
index bfff04af069a..000000000000
--- a/net-firewall/ipsec-tools/files/ipsec.conf
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/usr/sbin/setkey -f
-#
-# THIS IS A SAMPLE FILE!
-#
-# This is a sample file to test Gentoo's ipsec-tools out of the box.
-# Do not use it in production. See: http://www.ipsec-howto.org/
-#
-flush;
-spdflush;
-
-#
-# Uncomment the following if you want to do manual keying, ie, you want to run IPsec without racoon.
-# Do not switch 192.168.3.21 <-> 192.168.3.25 on the peer
-#
-#add 192.168.3.25 192.168.3.21 ah 0x200 -A hmac-md5 0xc0291ff014dccdd03874d9e8e4cdf3e6;
-#add 192.168.3.21 192.168.3.25 ah 0x300 -A hmac-md5 0x96358c90783bbfa3d7b196ceabe0536b;
-#add 192.168.3.25 192.168.3.21 esp 0x201 -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831;
-#add 192.168.3.21 192.168.3.25 esp 0x301 -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df;
-
-#
-# Make sure to switch 192.168.3.21 <-> 192.168.3.25 on the peer
-#
-#spdadd 192.168.3.21 192.168.3.25 any -P out ipsec esp/transport//require ah/transport//require;
-#spdadd 192.168.3.25 192.168.3.21 any -P in ipsec esp/transport//require ah/transport//require;
-spdadd 192.168.3.25 192.168.3.21 any -P out ipsec esp/transport//require ah/transport//require;
-spdadd 192.168.3.21 192.168.3.25 any -P in ipsec esp/transport//require ah/transport//require;
diff --git a/net-firewall/ipsec-tools/files/racoon.conf.d b/net-firewall/ipsec-tools/files/racoon.conf.d
deleted file mode 100644
index b201e4089f3f..000000000000
--- a/net-firewall/ipsec-tools/files/racoon.conf.d
+++ /dev/null
@@ -1,18 +0,0 @@
-# Copyright 1999-2012 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/files/racoon.conf.d,v 1.4 2012/03/09 02:55:47 blueness Exp $
-
-# Config file for /etc/init.d/racoon
-
-# See the man page or run `racoon --help` for valid command-line options
-# RACOON_OPTS="-d"
-
-RACOON_CONF="/etc/racoon/racoon.conf"
-RACOON_PSK_FILE="/etc/racoon/psk.txt"
-SETKEY_CONF="/etc/ipsec.conf"
-
-# Comment or remove the following if you don't want the policy tables
-# to be flushed when racoon is stopped.
-
-RACOON_RESET_TABLES="true"
-
diff --git a/net-firewall/ipsec-tools/files/racoon.init.d b/net-firewall/ipsec-tools/files/racoon.init.d
deleted file mode 100644
index 16fdec7e3a37..000000000000
--- a/net-firewall/ipsec-tools/files/racoon.init.d
+++ /dev/null
@@ -1,58 +0,0 @@
-#!/sbin/runscript
-# Copyright 1999-2004 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-depend() {
- before netmount
- use net
-}
-
-checkconfig() {
- if [ ! -e ${SETKEY_CONF} ] ; then
- eerror "You need to configure setkey before starting racoon."
- return 1
- fi
- if [ ! -e ${RACOON_CONF} ] ; then
- eerror "You need a configuration file to start racoon."
- return 1
- fi
- if [ ! -z ${RACOON_PSK_FILE} ] ; then
- if [ ! -f ${RACOON_PSK_FILE} ] ; then
- eerror "PSK file not found as specified."
- eerror "Set RACOON_PSK_FILE in /etc/conf.d/racoon."
- return 1
- fi
- case "`ls -Lldn ${RACOON_PSK_FILE}`" in
- -r--------*)
- ;;
- *)
- eerror "Your defined PSK file should be mode 400 for security!"
- return 1
- ;;
- esac
- fi
-}
-
-start() {
- checkconfig || return 1
- einfo "Loading ipsec policies from ${SETKEY_CONF}."
- /usr/sbin/setkey -f ${SETKEY_CONF}
- if [ $? -eq 1 ] ; then
- eerror "Error while loading ipsec policies"
- fi
- ebegin "Starting racoon"
- start-stop-daemon -S -x /usr/sbin/racoon -- -f ${RACOON_CONF} ${RACOON_OPTS}
- eend $?
-}
-
-stop() {
- ebegin "Stopping racoon"
- start-stop-daemon -K -p /var/run/racoon.pid
- eend $?
- if [ -n "${RACOON_RESET_TABLES}" ]; then
- ebegin "Flushing policy entries"
- /usr/sbin/setkey -F
- /usr/sbin/setkey -FP
- eend $?
- fi
-}
diff --git a/net-firewall/ipsec-tools/files/racoon.init.d-r1 b/net-firewall/ipsec-tools/files/racoon.init.d-r1
deleted file mode 100644
index 04b57522dbe7..000000000000
--- a/net-firewall/ipsec-tools/files/racoon.init.d-r1
+++ /dev/null
@@ -1,56 +0,0 @@
-#!/sbin/runscript
-# Copyright 1999-2012 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-depend() {
- before netmount
- use net
-}
-
-checkconfig() {
- if [ ! -e ${SETKEY_CONF} ] ; then
- eerror "You need to configure setkey before starting racoon."
- return 1
- fi
- if [ ! -e ${RACOON_CONF} ] ; then
- eerror "You need a configuration file to start racoon."
- return 1
- fi
- if [ ! -z ${RACOON_PSK_FILE} ] ; then
- if [ ! -f ${RACOON_PSK_FILE} ] ; then
- eerror "PSK file not found as specified."
- eerror "Set RACOON_PSK_FILE in /etc/conf.d/racoon."
- return 1
- fi
- case "`ls -Lldn ${RACOON_PSK_FILE}`" in
- -r--------*)
- ;;
- *)
- eerror "Your defined PSK file should be mode 400 for security!"
- return 1
- ;;
- esac
- fi
-}
-
-command=/usr/sbin/racoon
-command_args="-f ${RACOON_CONF} ${RACOON_OPTS}"
-pidfile=/var/run/racoon.pid
-
-start_pre() {
- checkconfig || return 1
- einfo "Loading ipsec policies from ${SETKEY_CONF}."
- /usr/sbin/setkey -f ${SETKEY_CONF}
- if [ $? -eq 1 ] ; then
- eerror "Error while loading ipsec policies"
- fi
-}
-
-stop_post() {
- if [ -n "${RACOON_RESET_TABLES}" ]; then
- ebegin "Flushing policy entries"
- /usr/sbin/setkey -F
- /usr/sbin/setkey -FP
- eend $?
- fi
-}
diff --git a/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r3.ebuild b/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r3.ebuild
deleted file mode 100644
index 4e6a8fed31fa..000000000000
--- a/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r3.ebuild
+++ /dev/null
@@ -1,236 +0,0 @@
-# Copyright 1999-2012 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r3.ebuild,v 1.11 2012/09/16 17:57:53 blueness Exp $
-
-EAPI="4"
-
-inherit eutils flag-o-matic autotools linux-info pam
-
-DESCRIPTION="A port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation"
-HOMEPAGE="http://ipsec-tools.sourceforge.net/"
-SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
-
-LICENSE="BSD GPL-2"
-SLOT="0"
-KEYWORDS="amd64 arm ~mips ppc ppc64 x86"
-IUSE="hybrid idea ipv6 kerberos ldap nat pam rc5 readline selinux stats"
-
-RDEPEND="
- dev-libs/openssl
- kerberos? ( virtual/krb5 )
- ldap? ( net-nds/openldap )
- pam? ( sys-libs/pam )
- readline? ( sys-libs/readline )
- selinux? (
- sys-libs/libselinux
- sec-policy/selinux-ipsec
- )"
-
-DEPEND="${RDEPEND}
- >=sys-kernel/linux-headers-2.6.30"
-
-pkg_setup() {
- linux-info_pkg_setup
-
- get_version
-
- if linux_config_exists && kernel_is -ge 2 6 19; then
- ewarn
- ewarn "\033[1;33m**************************************************\033[00m"
- ewarn
- ewarn "Checking kernel configuration in /usr/src/linux or"
- ewarn "or /proc/config.gz for compatibility with ${PN}."
- ewarn "Here are the potential problems:"
- ewarn
-
- local nothing="1"
-
- # Check options for all flavors of IPSec
- local msg=""
- for i in XFRM_USER NET_KEY; do
- if ! linux_chkconfig_present ${i}; then
- msg="${msg} ${i}"
- fi
- done
- if [[ ! -z "$msg" ]]; then
- nothing="0"
- ewarn
- ewarn "ALL IPSec may fail. CHECK:"
- ewarn "${msg}"
- fi
-
- # Check unencrypted IPSec
- if ! linux_chkconfig_present CRYPTO_NULL; then
- nothing="0"
- ewarn
- ewarn "Unencrypted IPSec may fail. CHECK:"
- ewarn " CRYPTO_NULL"
- fi
-
- # Check IPv4 IPSec
- msg=""
- for i in \
- INET_IPCOMP INET_AH INET_ESP \
- INET_XFRM_MODE_TRANSPORT \
- INET_XFRM_MODE_TUNNEL \
- INET_XFRM_MODE_BEET
- do
- if ! linux_chkconfig_present ${i}; then
- msg="${msg} ${i}"
- fi
- done
- if [[ ! -z "$msg" ]]; then
- nothing="0"
- ewarn
- ewarn "IPv4 IPSec may fail. CHECK:"
- ewarn "${msg}"
- fi
-
- # Check IPv6 IPSec
- if use ipv6; then
- msg=""
- for i in INET6_IPCOMP INET6_AH INET6_ESP \
- INET6_XFRM_MODE_TRANSPORT \
- INET6_XFRM_MODE_TUNNEL \
- INET6_XFRM_MODE_BEET
- do
- if ! linux_chkconfig_present ${i}; then
- msg="${msg} ${i}"
- fi
- done
- if [[ ! -z "$msg" ]]; then
- nothing="0"
- ewarn
- ewarn "IPv6 IPSec may fail. CHECK:"
- ewarn "${msg}"
- fi
- fi
-
- # Check IPSec behind NAT
- if use nat; then
- if ! linux_chkconfig_present NETFILTER_XT_MATCH_POLICY; then
- nothing="0"
- ewarn
- ewarn "IPSec behind NAT may fail. CHECK:"
- ewarn " NETFILTER_XT_MATCH_POLICY"
- fi
- fi
-
- if [[ $nothing == "1" ]]; then
- ewarn "NO PROBLEMS FOUND"
- fi
-
- ewarn
- ewarn "WARNING: If your *configured* and *running* kernel"
- ewarn "differ either now or in the future, then these checks"
- ewarn "may lead to misleading results."
- ewarn
- ewarn "\033[1;33m**************************************************\033[00m"
- ewarn
- else
- eerror
- eerror "\033[1;31m**************************************************\033[00m"
- eerror "Make sure that your *running* kernel is/will be >=2.6.19."
- eerror "Building ${PN} now, assuming that you know what you're doing."
- eerror "\033[1;31m**************************************************\033[00m"
- eerror
- fi
-}
-
-src_prepare() {
- # fix for bug #124813
- sed -i 's:-Werror::g' "${S}"/configure.ac || die
- # fix for building with gcc-4.6
- sed -i 's: -R: -Wl,-R:' "${S}"/configure.ac || die
-
- epatch "${FILESDIR}/${PN}-def-psk.patch"
- epatch "${FILESDIR}/${PN}-include-vendoridh.patch"
-
- AT_M4DIR="${S}" eautoreconf
- epunt_cxx
-}
-
-src_configure() {
- #--with-{iconv,libradius} lead to "Broken getaddrinfo()"
- #--enable-samode-unspec is not supported in linux
- local myconf
- myconf="--with-kernel-headers=/usr/include \
- --enable-adminport \
- --enable-dependency-tracking \
- --enable-dpd \
- --enable-frag \
- --without-libiconv \
- --without-libradius \
- --disable-samode-unspec \
- $(use_enable idea) \
- $(use_enable ipv6) \
- $(use_enable kerberos gssapi) \
- $(use_with ldap libldap) \
- $(use_enable nat natt) \
- $(use_with pam libpam) \
- $(use_enable rc5) \
- $(use_with readline) \
- $(use_enable selinux security-context) \
- $(use_enable stats)"
-
- use nat && myconf="${myconf} --enable-natt-versions=yes"
-
- # enable mode-cfg and xauth support
- if use pam; then
- myconf="${myconf} --enable-hybrid"
- else
- myconf="${myconf} $(use_enable hybrid)"
- fi
-
- econf ${myconf}
-}
-
-src_install() {
- emake DESTDIR="${D}" install
- keepdir /var/lib/racoon
- newconfd "${FILESDIR}"/racoon.conf.d racoon
- newinitd "${FILESDIR}"/racoon.init.d racoon
- use pam && newpamd "${FILESDIR}"/racoon.pam.d racoon
-
- insinto /etc
- doins "${FILESDIR}"/ipsec.conf
- insinto /etc/racoon
- doins "${FILESDIR}"/racoon.conf
- doins "${FILESDIR}"/psk.txt
- chmod 400 "${D}"/etc/racoon/psk.txt
-
- dodoc ChangeLog README NEWS
- dodoc -r src/racoon/samples
- dodoc -r src/racoon/doc
- docinto samples
- newdoc src/setkey/sample.cf ipsec.conf
-}
-
-pkg_postinst() {
- if use nat; then
- elog
- elog "You have enabled the nat traversal functionnality."
- elog "Nat versions wich are enabled by default are 00,02,rfc"
- elog "you can find those drafts in the CVS repository:"
- elog "cvs -d anoncvs@anoncvs.netbsd.org:/cvsroot co ipsec-tools"
- elog
- elog "If you feel brave enough and you know what you are"
- elog "doing, you can consider emerging this ebuild with"
- elog "EXTRA_ECONF=\"--enable-natt-versions=08,07,06\""
- elog
- fi
-
- if use ldap; then
- elog
- elog "You have enabled ldap support with {$PN}."
- elog "The man page does NOT contain any information on it yet."
- elog "Consider using a more recent version or CVS."
- elog
- fi
-
- elog
- elog "Please have a look in /usr/share/doc/${P} and visit"
- elog "http://www.netbsd.org/Documentation/network/ipsec/"
- elog "to find more information on how to configure this tool."
- elog
-}
diff --git a/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r4.ebuild b/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r4.ebuild
deleted file mode 100644
index 2633e35c8e41..000000000000
--- a/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r4.ebuild
+++ /dev/null
@@ -1,237 +0,0 @@
-# Copyright 1999-2012 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r4.ebuild,v 1.2 2012/09/25 01:12:33 vapier Exp $
-
-EAPI="4"
-
-inherit eutils flag-o-matic autotools linux-info pam
-
-DESCRIPTION="A port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation"
-HOMEPAGE="http://ipsec-tools.sourceforge.net/"
-SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
-
-LICENSE="BSD GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~x86"
-IUSE="hybrid idea ipv6 kerberos ldap nat pam rc5 readline selinux stats"
-
-RDEPEND="
- dev-libs/openssl
- kerberos? ( virtual/krb5 )
- ldap? ( net-nds/openldap )
- pam? ( sys-libs/pam )
- readline? ( sys-libs/readline )
- selinux? (
- sys-libs/libselinux
- sec-policy/selinux-ipsec
- )"
-
-DEPEND="${RDEPEND}
- >=sys-kernel/linux-headers-2.6.30"
-
-pkg_setup() {
- linux-info_pkg_setup
-
- get_version
-
- if linux_config_exists && kernel_is -ge 2 6 19; then
- ewarn
- ewarn "\033[1;33m**************************************************\033[00m"
- ewarn
- ewarn "Checking kernel configuration in /usr/src/linux or"
- ewarn "or /proc/config.gz for compatibility with ${PN}."
- ewarn "Here are the potential problems:"
- ewarn
-
- local nothing="1"
-
- # Check options for all flavors of IPSec
- local msg=""
- for i in XFRM_USER NET_KEY; do
- if ! linux_chkconfig_present ${i}; then
- msg="${msg} ${i}"
- fi
- done
- if [[ ! -z "$msg" ]]; then
- nothing="0"
- ewarn
- ewarn "ALL IPSec may fail. CHECK:"
- ewarn "${msg}"
- fi
-
- # Check unencrypted IPSec
- if ! linux_chkconfig_present CRYPTO_NULL; then
- nothing="0"
- ewarn
- ewarn "Unencrypted IPSec may fail. CHECK:"
- ewarn " CRYPTO_NULL"
- fi
-
- # Check IPv4 IPSec
- msg=""
- for i in \
- INET_IPCOMP INET_AH INET_ESP \
- INET_XFRM_MODE_TRANSPORT \
- INET_XFRM_MODE_TUNNEL \
- INET_XFRM_MODE_BEET
- do
- if ! linux_chkconfig_present ${i}; then
- msg="${msg} ${i}"
- fi
- done
- if [[ ! -z "$msg" ]]; then
- nothing="0"
- ewarn
- ewarn "IPv4 IPSec may fail. CHECK:"
- ewarn "${msg}"
- fi
-
- # Check IPv6 IPSec
- if use ipv6; then
- msg=""
- for i in INET6_IPCOMP INET6_AH INET6_ESP \
- INET6_XFRM_MODE_TRANSPORT \
- INET6_XFRM_MODE_TUNNEL \
- INET6_XFRM_MODE_BEET
- do
- if ! linux_chkconfig_present ${i}; then
- msg="${msg} ${i}"
- fi
- done
- if [[ ! -z "$msg" ]]; then
- nothing="0"
- ewarn
- ewarn "IPv6 IPSec may fail. CHECK:"
- ewarn "${msg}"
- fi
- fi
-
- # Check IPSec behind NAT
- if use nat; then
- if ! linux_chkconfig_present NETFILTER_XT_MATCH_POLICY; then
- nothing="0"
- ewarn
- ewarn "IPSec behind NAT may fail. CHECK:"
- ewarn " NETFILTER_XT_MATCH_POLICY"
- fi
- fi
-
- if [[ $nothing == "1" ]]; then
- ewarn "NO PROBLEMS FOUND"
- fi
-
- ewarn
- ewarn "WARNING: If your *configured* and *running* kernel"
- ewarn "differ either now or in the future, then these checks"
- ewarn "may lead to misleading results."
- ewarn
- ewarn "\033[1;33m**************************************************\033[00m"
- ewarn
- else
- eerror
- eerror "\033[1;31m**************************************************\033[00m"
- eerror "Make sure that your *running* kernel is/will be >=2.6.19."
- eerror "Building ${PN} now, assuming that you know what you're doing."
- eerror "\033[1;31m**************************************************\033[00m"
- eerror
- fi
-}
-
-src_prepare() {
- # fix for bug #124813
- sed -i 's:-Werror::g' "${S}"/configure.ac || die
- # fix for building with gcc-4.6
- sed -i 's: -R: -Wl,-R:' "${S}"/configure.ac || die
-
- epatch "${FILESDIR}/${PN}-def-psk.patch"
- epatch "${FILESDIR}/${PN}-include-vendoridh.patch"
- epatch "${FILESDIR}"/${P}-sysctl.patch #425770
-
- AT_M4DIR="${S}" eautoreconf
- epunt_cxx
-}
-
-src_configure() {
- #--with-{iconv,libradius} lead to "Broken getaddrinfo()"
- #--enable-samode-unspec is not supported in linux
- local myconf
- myconf="--with-kernel-headers=/usr/include \
- --enable-adminport \
- --enable-dependency-tracking \
- --enable-dpd \
- --enable-frag \
- --without-libiconv \
- --without-libradius \
- --disable-samode-unspec \
- $(use_enable idea) \
- $(use_enable ipv6) \
- $(use_enable kerberos gssapi) \
- $(use_with ldap libldap) \
- $(use_enable nat natt) \
- $(use_with pam libpam) \
- $(use_enable rc5) \
- $(use_with readline) \
- $(use_enable selinux security-context) \
- $(use_enable stats)"
-
- use nat && myconf="${myconf} --enable-natt-versions=yes"
-
- # enable mode-cfg and xauth support
- if use pam; then
- myconf="${myconf} --enable-hybrid"
- else
- myconf="${myconf} $(use_enable hybrid)"
- fi
-
- econf ${myconf}
-}
-
-src_install() {
- emake DESTDIR="${D}" install
- keepdir /var/lib/racoon
- newconfd "${FILESDIR}"/racoon.conf.d racoon
- newinitd "${FILESDIR}"/racoon.init.d-r1 racoon
- use pam && newpamd "${FILESDIR}"/racoon.pam.d racoon
-
- insinto /etc
- doins "${FILESDIR}"/ipsec.conf
- insinto /etc/racoon
- doins "${FILESDIR}"/racoon.conf
- doins "${FILESDIR}"/psk.txt
- chmod 400 "${D}"/etc/racoon/psk.txt
-
- dodoc ChangeLog README NEWS
- dodoc -r src/racoon/samples
- dodoc -r src/racoon/doc
- docinto samples
- newdoc src/setkey/sample.cf ipsec.conf
-}
-
-pkg_postinst() {
- if use nat; then
- elog
- elog "You have enabled the nat traversal functionnality."
- elog "Nat versions wich are enabled by default are 00,02,rfc"
- elog "you can find those drafts in the CVS repository:"
- elog "cvs -d anoncvs@anoncvs.netbsd.org:/cvsroot co ipsec-tools"
- elog
- elog "If you feel brave enough and you know what you are"
- elog "doing, you can consider emerging this ebuild with"
- elog "EXTRA_ECONF=\"--enable-natt-versions=08,07,06\""
- elog
- fi
-
- if use ldap; then
- elog
- elog "You have enabled ldap support with {$PN}."
- elog "The man page does NOT contain any information on it yet."
- elog "Consider using a more recent version or CVS."
- elog
- fi
-
- elog
- elog "Please have a look in /usr/share/doc/${P} and visit"
- elog "http://www.netbsd.org/Documentation/network/ipsec/"
- elog "to find more information on how to configure this tool."
- elog
-}