sercurity version bump as per bug #173219. Init script enhancement as per bug #151375...
authorDaniel Black <dragonheart@gentoo.org>
Sat, 21 Apr 2007 12:24:23 +0000 (12:24 +0000)
committerDaniel Black <dragonheart@gentoo.org>
Sat, 21 Apr 2007 12:24:23 +0000 (12:24 +0000)
Package-Manager: portage-2.1.2.2

17 files changed:
net-firewall/ipsec-tools/ChangeLog
net-firewall/ipsec-tools/Manifest
net-firewall/ipsec-tools/files/digest-ipsec-tools-0.4-r2 [deleted file]
net-firewall/ipsec-tools/files/digest-ipsec-tools-0.6.2-r1 [deleted file]
net-firewall/ipsec-tools/files/digest-ipsec-tools-0.6.3 [deleted file]
net-firewall/ipsec-tools/files/digest-ipsec-tools-0.6.7 [new file with mode: 0644]
net-firewall/ipsec-tools/files/ipsec-tools-0.4-dos-fix.diff [deleted file]
net-firewall/ipsec-tools/files/ipsec-tools-0.4-gcc34.diff [deleted file]
net-firewall/ipsec-tools/files/ipsec-tools-0.5-ipv6.diff [deleted file]
net-firewall/ipsec-tools/files/ipsec-tools-0.5-isakmp-underrun.diff [deleted file]
net-firewall/ipsec-tools/files/ipsec-tools-0.6.2-dos-fix.diff [deleted file]
net-firewall/ipsec-tools/files/ipsec.conf.sample [deleted file]
net-firewall/ipsec-tools/files/racoon.init.d
net-firewall/ipsec-tools/ipsec-tools-0.4-r2.ebuild [deleted file]
net-firewall/ipsec-tools/ipsec-tools-0.6.2-r1.ebuild [deleted file]
net-firewall/ipsec-tools/ipsec-tools-0.6.3.ebuild [deleted file]
net-firewall/ipsec-tools/ipsec-tools-0.6.7.ebuild [new file with mode: 0644]

index b97d09fd58fc777ef23bd15c3ef6c8a810079128..7db5420f8de65baa217c837f98ac9b69dd8d2a70 100644 (file)
@@ -1,6 +1,21 @@
 # ChangeLog for net-firewall/ipsec-tools
 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ChangeLog,v 1.49 2007/03/12 21:03:37 armin76 Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ChangeLog,v 1.50 2007/04/21 12:24:23 dragonheart Exp $
+
+*ipsec-tools-0.6.7 (21 Apr 2007)
+
+  21 Apr 2007; Daniel Black <dragonheart@gentoo.org>
+  -files/ipsec-tools-0.4-dos-fix.diff, -files/ipsec-tools-0.4-gcc34.diff,
+  -files/ipsec-tools-0.5-ipv6.diff,
+  -files/ipsec-tools-0.5-isakmp-underrun.diff,
+  -files/ipsec-tools-0.6.2-dos-fix.diff, -files/ipsec.conf.sample,
+  files/racoon.init.d, -ipsec-tools-0.4-r2.ebuild,
+  -ipsec-tools-0.6.2-r1.ebuild, -ipsec-tools-0.6.3.ebuild,
+  +ipsec-tools-0.6.7.ebuild:
+  security version bump as per bug #173219. Init script enhancement as per bug
+  #151375 thanks Hopeless. Big thanks to Kalin KOZHUHAROV bug #152971 comment
+  23 and Cyrius for the major enhancements to this ebuild. Cleaned out old 
+  ebuilds too
 
   12 Mar 2007; Raúl Porcel <armin76@gentoo.org> ipsec-tools-0.6.5.ebuild:
   x86 stable
index 08627b8495e052ee2c6e7ccf420afb79d6293db7..1376a428cd488e95f9e79cfdc1e8a18ba78c365a 100644 (file)
@@ -1,72 +1,32 @@
-AUX ipsec-tools-0.4-dos-fix.diff 928 RMD160 c6acd2a1d372b2ae8c823da84178d79052f98853 SHA1 803e7c403c8736939f4331087c6eace0e6c41d13 SHA256 9baf25fecaecaee509bafb0981e0c5262440fed6c6a0200c972d8b7894001456
-MD5 4aec5a5d3271ba50190518f901f83f7f files/ipsec-tools-0.4-dos-fix.diff 928
-RMD160 c6acd2a1d372b2ae8c823da84178d79052f98853 files/ipsec-tools-0.4-dos-fix.diff 928
-SHA256 9baf25fecaecaee509bafb0981e0c5262440fed6c6a0200c972d8b7894001456 files/ipsec-tools-0.4-dos-fix.diff 928
-AUX ipsec-tools-0.4-gcc34.diff 1008 RMD160 897d3d3976c3d4b585fa0d685be8c827a479b8b3 SHA1 3cd3bc02b18ad7d09e6cd319b76724ddd0a9024b SHA256 0032eb62bc934c3e90c89082188c46cafe0cacdfb0d366d4eb8feb84cac121d0
-MD5 0e62b8655b5b72cb0b312b710b28e471 files/ipsec-tools-0.4-gcc34.diff 1008
-RMD160 897d3d3976c3d4b585fa0d685be8c827a479b8b3 files/ipsec-tools-0.4-gcc34.diff 1008
-SHA256 0032eb62bc934c3e90c89082188c46cafe0cacdfb0d366d4eb8feb84cac121d0 files/ipsec-tools-0.4-gcc34.diff 1008
-AUX ipsec-tools-0.5-ipv6.diff 307 RMD160 7df89324a3c4ad64cb3f673f1803391c6563df8f SHA1 063e6082fc3fe4da22f00bc7970a06a7aa6f354d SHA256 32e59c75d518afffcdfceb3a4f03c801fa587baa7576f2652a06694a3b76cd7d
-MD5 bb97988702b7573a0ffdaa46d1494e77 files/ipsec-tools-0.5-ipv6.diff 307
-RMD160 7df89324a3c4ad64cb3f673f1803391c6563df8f files/ipsec-tools-0.5-ipv6.diff 307
-SHA256 32e59c75d518afffcdfceb3a4f03c801fa587baa7576f2652a06694a3b76cd7d files/ipsec-tools-0.5-ipv6.diff 307
-AUX ipsec-tools-0.5-isakmp-underrun.diff 714 RMD160 03f0cdfa50ae4f4457c6d932d202c82853d824d3 SHA1 357030cef1b3d3c78d110994ddd41d3582c53ea7 SHA256 94d6815fcb4f8509e643c6d51e9630cfa8e6fc54effee4593b92436ffecd6969
-MD5 b847486c75c3d9d4a1bef744e05ae006 files/ipsec-tools-0.5-isakmp-underrun.diff 714
-RMD160 03f0cdfa50ae4f4457c6d932d202c82853d824d3 files/ipsec-tools-0.5-isakmp-underrun.diff 714
-SHA256 94d6815fcb4f8509e643c6d51e9630cfa8e6fc54effee4593b92436ffecd6969 files/ipsec-tools-0.5-isakmp-underrun.diff 714
-AUX ipsec-tools-0.6.2-dos-fix.diff 936 RMD160 41d6499bd099b8b7d77246a263d0ae19acbf3b92 SHA1 21b2d81b6bed115d2bec0d4e43bf15d3a9486537 SHA256 ee6b2fe4b1bd3e071d8f25c3a9ff9f3d62663acb9fb863590d8bced3c83dedd2
-MD5 2f42994decfddca5c1bbeff79b507219 files/ipsec-tools-0.6.2-dos-fix.diff 936
-RMD160 41d6499bd099b8b7d77246a263d0ae19acbf3b92 files/ipsec-tools-0.6.2-dos-fix.diff 936
-SHA256 ee6b2fe4b1bd3e071d8f25c3a9ff9f3d62663acb9fb863590d8bced3c83dedd2 files/ipsec-tools-0.6.2-dos-fix.diff 936
-AUX ipsec.conf.sample 260 RMD160 79d94e9d6d15108f7e2cfa1f7310282cd3c2799e SHA1 88ab278597b3362e2600ffe208a612f87c6f7e3b SHA256 ae83f3d0f1a1a64bba4bb44c418e679fa666dffcb45c2ce3919b1535fb9a4c02
-MD5 84cffb83a2579976f872a29d42767714 files/ipsec.conf.sample 260
-RMD160 79d94e9d6d15108f7e2cfa1f7310282cd3c2799e files/ipsec.conf.sample 260
-SHA256 ae83f3d0f1a1a64bba4bb44c418e679fa666dffcb45c2ce3919b1535fb9a4c02 files/ipsec.conf.sample 260
 AUX racoon.conf.d 621 RMD160 773a21f70bd4786eb6758f052bb54cc40273c259 SHA1 1291dbe1639cbb72a161e3af727c9c65c6ae0132 SHA256 bc7cf9c0fe8bd5f99c9353aa3c19e3314b3da21a7a2138fc6e901375be21b109
 MD5 788e3de82c1c6532dab0dc0c19c1bf40 files/racoon.conf.d 621
 RMD160 773a21f70bd4786eb6758f052bb54cc40273c259 files/racoon.conf.d 621
 SHA256 bc7cf9c0fe8bd5f99c9353aa3c19e3314b3da21a7a2138fc6e901375be21b109 files/racoon.conf.d 621
-AUX racoon.init.d 1274 RMD160 3d0884885953623e522ab9e8e72c902b0b01d515 SHA1 f9233b6a754eeeade15a962a6198c9a6f9995b98 SHA256 8dfb4fd0b40bfe0ebda3ec94cbd294b89719c329e3e73b787ea1bb7962f5353d
-MD5 fa8e82259951e612a6d684983daefc3d files/racoon.init.d 1274
-RMD160 3d0884885953623e522ab9e8e72c902b0b01d515 files/racoon.init.d 1274
-SHA256 8dfb4fd0b40bfe0ebda3ec94cbd294b89719c329e3e73b787ea1bb7962f5353d files/racoon.init.d 1274
-DIST ipsec-tools-0.4.tar.gz 915420 RMD160 3bdb7f6013ec98db29d0c1bd307f7a49335f4edd SHA1 5ac14c565c23802ea2208edc98cfb12c59472929 SHA256 bc25b398f8a0e0b3456c968961ccf972f66c02422c4d3e549e14d331f977e155
-DIST ipsec-tools-0.6.2.tar.bz2 663760 RMD160 427c394e3af1cc9a23ee2dd6a5753481ee528908 SHA1 1df85392ffcb5ed0c566f349eec83bda85b7ca35 SHA256 d59f8441000cb6a4e6108eeecca1f1233e43575eb5bd16c2cff7a2e0fae5602c
-DIST ipsec-tools-0.6.3.tar.bz2 664796 RMD160 b9569a7af2069d3b7fe9d7153dac96ffab59c64c SHA1 8fb220cb99375f9c6bd2c5491eeb28376c92da8a SHA256 b5755278226d7ca7fecddc50ecd78ec98b0551d11977c8739466709fea3584da
+AUX racoon.init.d 1314 RMD160 14fd9ea02fdb20d13a0e3284e1f1e468117247f2 SHA1 41cb71c0354d632ad35565dbf98a26364b592d56 SHA256 7c9447197032b30a2cb76a62179a3b0ef3768870c340adf4743976e7d65eba75
+MD5 16d66458442750e6401fa459e93172b7 files/racoon.init.d 1314
+RMD160 14fd9ea02fdb20d13a0e3284e1f1e468117247f2 files/racoon.init.d 1314
+SHA256 7c9447197032b30a2cb76a62179a3b0ef3768870c340adf4743976e7d65eba75 files/racoon.init.d 1314
 DIST ipsec-tools-0.6.5.tar.bz2 665244 RMD160 ae26866d1b703eaf3c2d9dca50113e94163d57ac SHA1 3663d9c0f77c7c8607d1ce5cfddadd955d07a612 SHA256 12dee73accd5be0c2389133b397507f0725fa503b81e65a5eb52e871f4c21369
-EBUILD ipsec-tools-0.4-r2.ebuild 1781 RMD160 c9c48bcc3d361a050e971ab61ee698b991afbd7f SHA1 c65e6abcb4ba00da4210dbe9d06c08e0cae5b407 SHA256 3fc26f305e01cdff76fc2f383c06563f0d29a4a5705d563dbfe3661e1d32c8d0
-MD5 c204d804b16dfb1da5e5159e02bd8a0e ipsec-tools-0.4-r2.ebuild 1781
-RMD160 c9c48bcc3d361a050e971ab61ee698b991afbd7f ipsec-tools-0.4-r2.ebuild 1781
-SHA256 3fc26f305e01cdff76fc2f383c06563f0d29a4a5705d563dbfe3661e1d32c8d0 ipsec-tools-0.4-r2.ebuild 1781
-EBUILD ipsec-tools-0.6.2-r1.ebuild 1657 RMD160 a2134da4a59ab4cefd68bcd3341c3aa44c2fd405 SHA1 2bbb0261493e7f1cbde16511f5999d75c7b30766 SHA256 9c3b3d14c09bad192ee0135d5f24502e9dac4ac2d8f5ed16717561374422173e
-MD5 cf8c3022a900ac010667641693cacb26 ipsec-tools-0.6.2-r1.ebuild 1657
-RMD160 a2134da4a59ab4cefd68bcd3341c3aa44c2fd405 ipsec-tools-0.6.2-r1.ebuild 1657
-SHA256 9c3b3d14c09bad192ee0135d5f24502e9dac4ac2d8f5ed16717561374422173e ipsec-tools-0.6.2-r1.ebuild 1657
-EBUILD ipsec-tools-0.6.3.ebuild 1614 RMD160 174025f57a63e5548abc59da27b4fe003e84d1fb SHA1 84f2047ab6093efcc64950f07ecf5352eea9dacc SHA256 e927c630e9c52412aaed5f8b7c86c7f449c46adfa7b5240598b2463459a11647
-MD5 7d4987679233ab9ace8cfa489fcb4ec0 ipsec-tools-0.6.3.ebuild 1614
-RMD160 174025f57a63e5548abc59da27b4fe003e84d1fb ipsec-tools-0.6.3.ebuild 1614
-SHA256 e927c630e9c52412aaed5f8b7c86c7f449c46adfa7b5240598b2463459a11647 ipsec-tools-0.6.3.ebuild 1614
+DIST ipsec-tools-0.6.7.tar.bz2 723032 RMD160 97c27922f5be941fd6c69e35e69bed921b9f13e7 SHA1 ed3a6566409c506d5a7cd82cf263a5b8df3fad55 SHA256 4239f836dc610a2443ded7ba35cb3b87de9d582c800e5d9eb5eed37defd61ef2
 EBUILD ipsec-tools-0.6.5.ebuild 1702 RMD160 bafc61b156b205481f99a07d7052901f6ff51a66 SHA1 db08cbafb3cb0f9f21e2162f26548b1100880389 SHA256 34ee6e846cd18e26f777c6bb40baecd71ebe85575819431118ab3cfe4f110bb6
 MD5 aaac769a811fedb7109ba98bafcf9486 ipsec-tools-0.6.5.ebuild 1702
 RMD160 bafc61b156b205481f99a07d7052901f6ff51a66 ipsec-tools-0.6.5.ebuild 1702
 SHA256 34ee6e846cd18e26f777c6bb40baecd71ebe85575819431118ab3cfe4f110bb6 ipsec-tools-0.6.5.ebuild 1702
-MISC ChangeLog 7945 RMD160 c4ae1bc9fc3cee31faab762f737eb8df8bc6b8bc SHA1 97c0708c87b4e45d232504facc04a9697c5051a4 SHA256 1c41cc18064edbd8ed0cddbd976b9bfd8637e2ee6be3a8dbd9ada778e5f36b4d
-MD5 f63a9f6679f0c1e0383ee066b505f3d4 ChangeLog 7945
-RMD160 c4ae1bc9fc3cee31faab762f737eb8df8bc6b8bc ChangeLog 7945
-SHA256 1c41cc18064edbd8ed0cddbd976b9bfd8637e2ee6be3a8dbd9ada778e5f36b4d ChangeLog 7945
+EBUILD ipsec-tools-0.6.7.ebuild 8464 RMD160 a47a9822b78653f8aa7e2ed959a500f2b76c9433 SHA1 d2db93dcac8d8971ff29ea35de1f3530aef0162d SHA256 ad69861ae6a68ad3a04d0de8fc15c971d01411cf68a8d4e5d362bed54cd0fa9e
+MD5 5c27e8eb99869b6db3e52886bfdeca8d ipsec-tools-0.6.7.ebuild 8464
+RMD160 a47a9822b78653f8aa7e2ed959a500f2b76c9433 ipsec-tools-0.6.7.ebuild 8464
+SHA256 ad69861ae6a68ad3a04d0de8fc15c971d01411cf68a8d4e5d362bed54cd0fa9e ipsec-tools-0.6.7.ebuild 8464
+MISC ChangeLog 8647 RMD160 f9cba2a29ab7d59d8dd25450130a44d6ab3019d9 SHA1 17e06627aefb28882a095469c706306d0227f002 SHA256 9bd455a17ac3a7e1e9827a78387c0187416c099d1fc3f8c13ab01791faf38bee
+MD5 997a23ff96a90df7a6794e58e6cf67aa ChangeLog 8647
+RMD160 f9cba2a29ab7d59d8dd25450130a44d6ab3019d9 ChangeLog 8647
+SHA256 9bd455a17ac3a7e1e9827a78387c0187416c099d1fc3f8c13ab01791faf38bee ChangeLog 8647
 MISC metadata.xml 222 RMD160 9f3213af34601070e08450ad10ffc39afb151da6 SHA1 4e079c4e1cd70a11ca71dbbd4553b3ba945b99bd SHA256 c0852563f052e3350d22d4787a91197d757444b5943088ce19bd18c4b000d547
 MD5 32ef126c26f7354eee96eb430068db74 metadata.xml 222
 RMD160 9f3213af34601070e08450ad10ffc39afb151da6 metadata.xml 222
 SHA256 c0852563f052e3350d22d4787a91197d757444b5943088ce19bd18c4b000d547 metadata.xml 222
-MD5 297ddcad939b8472e82f2ef74a18d844 files/digest-ipsec-tools-0.4-r2 247
-RMD160 e28f3ea674d4b1eee07e4055bdc0181979008f99 files/digest-ipsec-tools-0.4-r2 247
-SHA256 c62a55ccaf75e5293daee30b2a85b3ef0b5633e10518ff9b526b43890c4a333a files/digest-ipsec-tools-0.4-r2 247
-MD5 ddce85ccc363b091765e68f64dc28e56 files/digest-ipsec-tools-0.6.2-r1 256
-RMD160 d94f6ec6474d941f7cf76b282113fbb1c082298e files/digest-ipsec-tools-0.6.2-r1 256
-SHA256 c4fa57ab6fa22e0a21a2d392e136de4cb0603fdf7c5b0b03e67f3ee56ae7ab34 files/digest-ipsec-tools-0.6.2-r1 256
-MD5 e5ab9d224b030180d4e1a122e1d55e60 files/digest-ipsec-tools-0.6.3 256
-RMD160 41273919463e83d117d266a261772b271d687829 files/digest-ipsec-tools-0.6.3 256
-SHA256 47ed424972d379865d352df4308a5d28b5f7d3cc51600ac6f09e39ba6fb66f56 files/digest-ipsec-tools-0.6.3 256
 MD5 47cba38582330b791a3f906bab91e346 files/digest-ipsec-tools-0.6.5 256
 RMD160 60f973f491a120eb5e32f26204e7dea49913c1ab files/digest-ipsec-tools-0.6.5 256
 SHA256 485b1d7cac77af7b282efca0ce0dceafb8b27a515c7ffab5ca9100b8e98d55bb files/digest-ipsec-tools-0.6.5 256
+MD5 3acebe8393ba7f4cafda04cd44390a74 files/digest-ipsec-tools-0.6.7 256
+RMD160 e55acd722f97a6e3085246e5825d318232edda34 files/digest-ipsec-tools-0.6.7 256
+SHA256 4fec3e9a4e9520c0aa30a6e600e13d44b37d9db46d2d57aa273776f35e233cbe files/digest-ipsec-tools-0.6.7 256
diff --git a/net-firewall/ipsec-tools/files/digest-ipsec-tools-0.4-r2 b/net-firewall/ipsec-tools/files/digest-ipsec-tools-0.4-r2
deleted file mode 100644 (file)
index 7a3e4dc..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-MD5 dceea3b72328a580cf156d74cbee6f80 ipsec-tools-0.4.tar.gz 915420
-RMD160 3bdb7f6013ec98db29d0c1bd307f7a49335f4edd ipsec-tools-0.4.tar.gz 915420
-SHA256 bc25b398f8a0e0b3456c968961ccf972f66c02422c4d3e549e14d331f977e155 ipsec-tools-0.4.tar.gz 915420
diff --git a/net-firewall/ipsec-tools/files/digest-ipsec-tools-0.6.2-r1 b/net-firewall/ipsec-tools/files/digest-ipsec-tools-0.6.2-r1
deleted file mode 100644 (file)
index 812190d..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-MD5 3d94d4a13daff63c1bd57a4f1f6462d0 ipsec-tools-0.6.2.tar.bz2 663760
-RMD160 427c394e3af1cc9a23ee2dd6a5753481ee528908 ipsec-tools-0.6.2.tar.bz2 663760
-SHA256 d59f8441000cb6a4e6108eeecca1f1233e43575eb5bd16c2cff7a2e0fae5602c ipsec-tools-0.6.2.tar.bz2 663760
diff --git a/net-firewall/ipsec-tools/files/digest-ipsec-tools-0.6.3 b/net-firewall/ipsec-tools/files/digest-ipsec-tools-0.6.3
deleted file mode 100644 (file)
index 4fc0eb6..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-MD5 8070f90402919d8d313c32c2ee465b2f ipsec-tools-0.6.3.tar.bz2 664796
-RMD160 b9569a7af2069d3b7fe9d7153dac96ffab59c64c ipsec-tools-0.6.3.tar.bz2 664796
-SHA256 b5755278226d7ca7fecddc50ecd78ec98b0551d11977c8739466709fea3584da ipsec-tools-0.6.3.tar.bz2 664796
diff --git a/net-firewall/ipsec-tools/files/digest-ipsec-tools-0.6.7 b/net-firewall/ipsec-tools/files/digest-ipsec-tools-0.6.7
new file mode 100644 (file)
index 0000000..37b4293
--- /dev/null
@@ -0,0 +1,3 @@
+MD5 4fb764f282dc21cf9a656c58e13dacbb ipsec-tools-0.6.7.tar.bz2 723032
+RMD160 97c27922f5be941fd6c69e35e69bed921b9f13e7 ipsec-tools-0.6.7.tar.bz2 723032
+SHA256 4239f836dc610a2443ded7ba35cb3b87de9d582c800e5d9eb5eed37defd61ef2 ipsec-tools-0.6.7.tar.bz2 723032
diff --git a/net-firewall/ipsec-tools/files/ipsec-tools-0.4-dos-fix.diff b/net-firewall/ipsec-tools/files/ipsec-tools-0.4-dos-fix.diff
deleted file mode 100644 (file)
index a7b44c2..0000000
+++ /dev/null
@@ -1,29 +0,0 @@
-diff -aur ipsec-tools-0.4-orig/src/racoon/isakmp_agg.c ipsec-tools-0.4/src/racoon/isakmp_agg.c
---- ipsec-tools-0.4-orig/src/racoon/isakmp_agg.c       2004-03-23 04:50:27.000000000 -0800
-+++ ipsec-tools-0.4/src/racoon/isakmp_agg.c    2005-12-03 11:25:10.000000000 -0800
-@@ -400,7 +400,11 @@
-       }
-       /* payload existency check */
--      /* XXX to be checked each authentication method. */
-+      if (iph1->dhpub_p == NULL || iph1->nonce_p == NULL) {
-+              plog(LLV_ERROR, LOCATION, iph1->remote,
-+                      "few isakmp message received.\n");
-+              goto end;
-+      }
-       /* verify identifier */
-       if (ipsecdoi_checkid1(iph1) != 0) {
-@@ -755,7 +759,11 @@
-       }
-       /* payload existency check */
--      /* XXX to be checked each authentication method. */
-+      if (iph1->dhpub_p == NULL || iph1->nonce_p == NULL) {
-+              plog(LLV_ERROR, LOCATION, iph1->remote,
-+                      "few isakmp message received.\n");
-+              goto end;
-+      }
-       /* verify identifier */
-       if (ipsecdoi_checkid1(iph1) != 0) {
diff --git a/net-firewall/ipsec-tools/files/ipsec-tools-0.4-gcc34.diff b/net-firewall/ipsec-tools/files/ipsec-tools-0.4-gcc34.diff
deleted file mode 100644 (file)
index 7f6caec..0000000
+++ /dev/null
@@ -1,31 +0,0 @@
-diff -aur ipsec-tools-0.4-orig/src/racoon/sockmisc.c ipsec-tools-0.4/src/racoon/sockmisc.c
---- ipsec-tools-0.4-orig/src/racoon/sockmisc.c 2004-11-16 11:15:42.000000000 -0500
-+++ ipsec-tools-0.4/src/racoon/sockmisc.c      2004-12-16 14:42:25.543888328 -0500
-@@ -834,7 +834,7 @@
-       if (saddr == NULL)
-               return NULL;
--      GETNAMEINFO(saddr, addr, NULL);
-+      GETNAMEINFO_NULL(saddr, addr);
-       snprintf(buf, sizeof(buf), "%s", addr);
-       return buf;
-diff -aur ipsec-tools-0.4-orig/src/racoon/var.h ipsec-tools-0.4/src/racoon/var.h
---- ipsec-tools-0.4-orig/src/racoon/var.h      2004-06-11 12:00:17.000000000 -0400
-+++ ipsec-tools-0.4/src/racoon/var.h   2004-12-16 14:42:14.983493752 -0500
-@@ -82,6 +82,15 @@
-       } \
- } while (0);
-+#define GETNAMEINFO_NULL(x, y) \
-+do { \
-+      if (getnameinfo((x), sysdep_sa_len(x), (y), sizeof(y), NULL, 0, \
-+                      NIFLAGS) != 0) { \
-+              if (y) \
-+                      strncpy((y), "(invalid)", sizeof(y)); \
-+      } \
-+} while (0);
-+
- #include <sys/queue.h>
- #ifndef LIST_FOREACH
- #define LIST_FOREACH(elm, head, field) \
diff --git a/net-firewall/ipsec-tools/files/ipsec-tools-0.5-ipv6.diff b/net-firewall/ipsec-tools/files/ipsec-tools-0.5-ipv6.diff
deleted file mode 100644 (file)
index e2939f0..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
---- configure.ac.orig   2005-04-10 21:56:50.000000000 +0900
-+++ configure.ac        2005-04-10 21:56:37.000000000 +0900
-@@ -326,6 +326,7 @@
- ))
- if test "$ipv6" = "yes"; then
-+      AC_DEFINE([INET6], [], [Support IPv6])
-       AC_MSG_CHECKING(for advanced API support)
-       AC_TRY_COMPILE([#ifndef INET6
- #define INET6
diff --git a/net-firewall/ipsec-tools/files/ipsec-tools-0.5-isakmp-underrun.diff b/net-firewall/ipsec-tools/files/ipsec-tools-0.5-isakmp-underrun.diff
deleted file mode 100644 (file)
index 87453d9..0000000
+++ /dev/null
@@ -1,22 +0,0 @@
-? configure.lineno
-? src/racoon/kmpstat.lo
-? src/racoon/libracoon.la
-? src/racoon/misc.lo
-? src/racoon/sockmisc.lo
-? src/racoon/vmbuf.lo
-Index: src/racoon/isakmp.c
-===================================================================
-RCS file: /cvsroot/ipsec-tools/ipsec-tools/src/racoon/isakmp.c,v
-retrieving revision 1.36
-diff -u -r1.36 isakmp.c
---- src/racoon/isakmp.c        7 Mar 2005 00:30:37 -0000       1.36
-+++ src/racoon/isakmp.c        7 Mar 2005 16:31:24 -0000
-@@ -1352,7 +1352,7 @@
-               p->type = np;
-               p->len = ntohs(gen->len);
--              if (p->len == 0 || p->len > tlen) {
-+              if (p->len < sizeof(struct isakmp_gen) || p->len > tlen) {
-                       plog(LLV_DEBUG, LOCATION, NULL,
-                               "invalid length of payload\n");
-                       vfree(result);
diff --git a/net-firewall/ipsec-tools/files/ipsec-tools-0.6.2-dos-fix.diff b/net-firewall/ipsec-tools/files/ipsec-tools-0.6.2-dos-fix.diff
deleted file mode 100644 (file)
index 385d5a1..0000000
+++ /dev/null
@@ -1,29 +0,0 @@
-diff -aur ipsec-tools-0.6.2-orig/src/racoon/isakmp_agg.c ipsec-tools-0.6.2/src/racoon/isakmp_agg.c
---- ipsec-tools-0.6.2-orig/src/racoon/isakmp_agg.c     2005-09-26 09:12:20.000000000 -0700
-+++ ipsec-tools-0.6.2/src/racoon/isakmp_agg.c  2005-12-02 01:04:23.000000000 -0800
-@@ -488,7 +488,11 @@
-       }
-       /* payload existency check */
--      /* XXX to be checked each authentication method. */
-+      if (iph1->dhpub_p == NULL || iph1->nonce_p == NULL) {
-+              plog(LLV_ERROR, LOCATION, iph1->remote,
-+                      "few isakmp message received.\n");
-+              goto end;
-+      }
-       /* verify identifier */
-       if (ipsecdoi_checkid1(iph1) != 0) {
-@@ -888,7 +892,11 @@
-       }
-       /* payload existency check */
--      /* XXX to be checked each authentication method. */
-+      if (iph1->dhpub_p == NULL || iph1->nonce_p == NULL) {
-+              plog(LLV_ERROR, LOCATION, iph1->remote,
-+                      "few isakmp message received.\n");
-+              goto end;
-+      }
-       /* verify identifier */
-       if (ipsecdoi_checkid1(iph1) != 0) {
diff --git a/net-firewall/ipsec-tools/files/ipsec.conf.sample b/net-firewall/ipsec-tools/files/ipsec.conf.sample
deleted file mode 100644 (file)
index 078d5ba..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/usr/sbin/setkey -f
-
-flush;
-spdflush;
-
-spdadd xxx.xxx.xxx.xxx/32 0.0.0.0/0 any
-    -P out ipsec esp/tunnel/xxx.xxx.xxx.xxx-yyy.yyy.yyy.yyy/require;
-
-spdadd 0.0.0.0/0 xxx.xxx.xxx.xxx/32 any 
-    -P in ipsec esp/tunnel/yyy.yyy.yyy.yyy-xxx.xxx.xxx.xxx/require;
index a0b47237a76833a97c58ad462831db0c43cebde2..16fdec7e3a372981864233341757e82989554784 100644 (file)
@@ -41,13 +41,13 @@ start() {
                eerror "Error while loading ipsec policies"
        fi
        ebegin "Starting racoon"
-       /usr/sbin/racoon -f ${RACOON_CONF} ${RACOON_OPTS}
+       start-stop-daemon -S -x /usr/sbin/racoon -- -f ${RACOON_CONF} ${RACOON_OPTS}
        eend $?
 }
 
 stop() {
        ebegin "Stopping racoon"
-       kill `cat /var/run/racoon.pid`
+       start-stop-daemon -K -p /var/run/racoon.pid
        eend $?
        if [ -n "${RACOON_RESET_TABLES}" ]; then
                ebegin "Flushing policy entries"
diff --git a/net-firewall/ipsec-tools/ipsec-tools-0.4-r2.ebuild b/net-firewall/ipsec-tools/ipsec-tools-0.4-r2.ebuild
deleted file mode 100644 (file)
index a91f1e8..0000000
+++ /dev/null
@@ -1,53 +0,0 @@
-# Copyright 1999-2005 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.4-r2.ebuild,v 1.2 2005/12/04 20:20:56 weeve Exp $
-
-inherit eutils
-
-DESCRIPTION="IPsec-Tools is a port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation."
-HOMEPAGE="http://ipsec-tools.sourceforge.net/"
-SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
-LICENSE="BSD"
-KEYWORDS="~amd64 sparc ~x86"
-SLOT="0"
-IUSE="selinux"
-DEPEND="virtual/libc
-       >=dev-libs/openssl-0.9.6"
-RDEPEND="${DEPEND}
-       selinux? ( sec-policy/selinux-ipsec-tools )"
-
-pkg_setup() {
-       my_KV=`echo ${KV} | cut -f-2 -d "."`
-       if [ ${my_KV} != "2.6" ] ; then
-               echo; eerror "You need a 2.6.x kernel to use the ipsec tools!"; die "You need a 2.6 kernel to use ipsec-tools!"
-       fi
-}
-
-src_unpack() {
-       unpack ${A}
-       cd ${S}
-       epatch ${FILESDIR}/${P}-gcc34.diff
-       epatch ${FILESDIR}/${PN}-0.5-isakmp-underrun.diff
-       epatch ${FILESDIR}/${P}-dos-fix.diff
-}
-
-src_compile() {
-       unset CC
-       ./configure --prefix=/usr --sysconfdir=/etc --with-kernel-headers=/usr/src/linux/include || die
-       sed -e 's:AM_CFLAGS = :AM_CFLAGS = -include /usr/src/linux/include/linux/compiler.h :' -i src/setkey/Makefile || die
-       sed -e 's:CPPFLAGS=:CPPFLAGS = -include /usr/src/linux/include/linux/compiler.h :' -i src/racoon/Makefile || die
-       sed -e 's:va_copy:__va_copy:g' -i src/racoon/plog.c || die # GCC 2 Fix
-       emake || die
-}
-
-src_install() {
-       einstall || die
-       rm ${D}/usr/bin
-       dosbin src/racoon/racoon
-       insinto /etc && doins ${FILESDIR}/ipsec.conf.sample
-       insinto /etc/conf.d && newins ${FILESDIR}/racoon.conf.d racoon
-       exeinto /etc/init.d && newexe ${FILESDIR}/racoon.init.d racoon
-
-       dodoc ChangeLog README NEWS
-       dodoc ${S}/src/racoon/samples/racoon.conf.sample*
-}
diff --git a/net-firewall/ipsec-tools/ipsec-tools-0.6.2-r1.ebuild b/net-firewall/ipsec-tools/ipsec-tools-0.6.2-r1.ebuild
deleted file mode 100644 (file)
index 20d58e9..0000000
+++ /dev/null
@@ -1,62 +0,0 @@
-# Copyright 1999-2005 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.6.2-r1.ebuild,v 1.3 2005/12/04 22:15:24 latexer Exp $
-
-inherit eutils flag-o-matic
-
-DESCRIPTION="IPsec-Tools is a port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation."
-HOMEPAGE="http://ipsec-tools.sourceforge.net/"
-SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
-LICENSE="BSD"
-KEYWORDS="amd64 ~ppc x86"
-SLOT="0"
-IUSE="idea ipv6 pam rc5 readline selinux"
-
-DEPEND="virtual/libc
-       >=sys-kernel/linux-headers-2.6
-       readline? ( sys-libs/readline )
-       pam? ( sys-libs/pam )
-       >=dev-libs/openssl-0.9.6"
-
-RDEPEND="${DEPEND}
-       selinux? ( sec-policy/selinux-ipsec-tools )"
-
-src_unpack() {
-       unpack ${A}
-       cd ${S}
-       sed -i 's:#include <sys/sysctl.h>::' src/racoon/pfkey.c src/setkey/setkey.c
-       epatch ${FILESDIR}/${P}-dos-fix.diff
-       epunt_cxx
-}
-
-src_compile() {
-       # Filter the c3 flag for now. Probably a GCC problem, but we'll
-       # avoid it here for now. See bug #61025
-       filter-flags -march=c3
-
-       econf   \
-               --enable-hybrid \
-               --enable-dpd \
-               --enable-natt \
-               --enable-adminport \
-               --enable-frag \
-               $(use_enable idea) \
-               $(use_enable rc5) \
-               $(use_enable ipv6) \
-               $(use_with readline) \
-               $(use_with pam libpam) \
-               || die
-               # Removed due to some problems
-               # --enable-samode-unspec \
-       emake -j1 || die
-}
-
-src_install() {
-       einstall || die
-       keepdir /var/lib/racoon
-       insinto /etc/conf.d && newins ${FILESDIR}/racoon.conf.d racoon
-       exeinto /etc/init.d && newexe ${FILESDIR}/racoon.init.d racoon
-
-       dodoc ChangeLog README NEWS
-       dodoc ${S}/src/racoon/samples/racoon.conf.sample*
-}
diff --git a/net-firewall/ipsec-tools/ipsec-tools-0.6.3.ebuild b/net-firewall/ipsec-tools/ipsec-tools-0.6.3.ebuild
deleted file mode 100644 (file)
index 70109cc..0000000
+++ /dev/null
@@ -1,61 +0,0 @@
-# Copyright 1999-2006 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.6.3.ebuild,v 1.4 2006/10/25 14:30:58 blubb Exp $
-
-inherit eutils flag-o-matic
-
-DESCRIPTION="IPsec-Tools is a port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation."
-HOMEPAGE="http://ipsec-tools.sourceforge.net/"
-SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
-LICENSE="BSD"
-KEYWORDS="amd64 ~ppc x86"
-SLOT="0"
-IUSE="idea ipv6 pam rc5 readline selinux"
-
-DEPEND="virtual/libc
-       !<sys-kernel/linux-headers-2.6
-       readline? ( sys-libs/readline )
-       pam? ( sys-libs/pam )
-       >=dev-libs/openssl-0.9.6"
-
-RDEPEND="${DEPEND}
-       selinux? ( sec-policy/selinux-ipsec-tools )"
-
-src_unpack() {
-       unpack ${A}
-       cd ${S}
-       sed -i 's:#include <sys/sysctl.h>::' src/racoon/pfkey.c src/setkey/setkey.c
-       epunt_cxx
-}
-
-src_compile() {
-       # Filter the c3 flag for now. Probably a GCC problem, but we'll
-       # avoid it here for now. See bug #61025
-       filter-flags -march=c3
-
-       econf   \
-               --enable-hybrid \
-               --enable-dpd \
-               --enable-natt \
-               --enable-adminport \
-               --enable-frag \
-               $(use_enable idea) \
-               $(use_enable rc5) \
-               $(use_enable ipv6) \
-               $(use_with readline) \
-               $(use_with pam libpam) \
-               || die
-               # Removed due to some problems
-               # --enable-samode-unspec \
-       emake -j1 || die
-}
-
-src_install() {
-       einstall || die
-       keepdir /var/lib/racoon
-       insinto /etc/conf.d && newins ${FILESDIR}/racoon.conf.d racoon
-       exeinto /etc/init.d && newexe ${FILESDIR}/racoon.init.d racoon
-
-       dodoc ChangeLog README NEWS
-       dodoc ${S}/src/racoon/samples/racoon.conf.sample*
-}
diff --git a/net-firewall/ipsec-tools/ipsec-tools-0.6.7.ebuild b/net-firewall/ipsec-tools/ipsec-tools-0.6.7.ebuild
new file mode 100644 (file)
index 0000000..c4ca3fd
--- /dev/null
@@ -0,0 +1,267 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.6.7.ebuild,v 1.1 2007/04/21 12:24:23 dragonheart Exp $
+
+inherit eutils flag-o-matic autotools linux-info
+
+DESCRIPTION="A port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation"
+HOMEPAGE="http://ipsec-tools.sourceforge.net/"
+SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
+LICENSE="BSD"
+KEYWORDS="~amd64 ~ppc ~sparc ~x86"
+SLOT="0"
+IUSE="idea ipv6 pam rc5 readline selinux ldap kerberos nat hybrid"
+
+
+# FIXME: what is the correct syntax for ~sparc ???
+DEPEND="virtual/libc
+       !sparc? ( >=sys-kernel/linux-headers-2.6 )
+       readline? ( sys-libs/readline )
+       pam? ( sys-libs/pam )
+       ldap? ( net-nds/openldap )
+       kerberos? ( app-crypt/mit-krb5 )
+       >=dev-libs/openssl-0.9.8
+       iconv? ( virtual/libiconv )"
+
+#      radius? ( net-dialup/gnuradius )
+
+RDEPEND="${DEPEND}
+       selinux? ( sec-policy/selinux-ipsec-tools )"
+
+# {{{ kernel_check() 
+kernel_check() {
+       get_version
+       if kernel_is 2 6 ; then
+               if test "${KV_PATCH}" -ge 19 ; then
+               # Just for kernel >=2.6.19
+                       ebegin "Checking for suitable kernel configuration (Networking | Networking support | Networking options)"
+
+                       if use nat ; then
+                               if ! { linux_chkconfig_present NETFILTER_XT_MATCH_POLICY; } ; then
+                                       ewarn "[NETFILTER_XT_MATCH_POLICY] IPsec policy match support is NOT enabled"
+                                       eerror "${P} won't compile with use nat traversal (USE=nat) until you enable NETFILTER_XT_MATCH_POLICY in your kernel"
+                                       die
+                               else
+                                       einfo "....[NETFILTER_XT_MATCH_POLICY] IPsec policy match support is enabled :-)"
+                               fi
+                       fi
+                       # {{{ general stuff
+                       if ! { linux_chkconfig_present XFRM_USER; }; then
+                               ewarn "[XFRM_USER] Transformation user configuration interface is NOT enabled."
+                       else
+                               einfo "....[XFRM_USER] Transformation user configuration interface is enabled :-)"
+                       fi
+
+                       if ! { linux_chkconfig_present NET_KEY; }; then
+                               ewarn "[NET_KEY] PF_KEY sockets is NOT enabled."
+                       else
+                               einfo "....[NET_KEY] PF_KEY sockets is enabled :-)"
+                       fi
+                       # }}}
+                       # {{{ IPv4 stuff
+                       if ! { linux_chkconfig_present INET_IPCOMP; }; then
+                               ewarn "[INET_IPCOMP] IP: IPComp transformation is NOT enabled"
+                       else
+                               einfo "....[INET_IPCOMP] IP: IPComp transformation is enabled :-)"
+                       fi
+
+                       if ! { linux_chkconfig_present INET_AH; }; then
+                               ewarn "[INET_AH] AH Transformation is NOT enabled."
+                       else
+                               einfo "....[INET_AH] AH Transformation is enabled :-)"
+                       fi
+
+                       if ! { linux_chkconfig_present INET_ESP; }; then
+                               ewarn "[INET_ESP] ESP Transformation is NOT enabled."
+                       else
+                               einfo "....[INET_ESP] ESP Transformation is enabled :-)"
+                       fi
+
+                       if ! { linux_chkconfig_present INET_XFRM_MODE_TRANSPORT; }; then
+                               ewarn "[INET_XFRM_MODE_TRANSPORT] IP: IPsec transport mode is NOT enabled."
+                       else
+                               einfo "....[INET_XFRM_MODE_TRANSPORT] IP: IPsec transport mode is enabled :-)"
+                       fi
+
+                       if ! { linux_chkconfig_present INET_XFRM_MODE_TUNNEL; }; then
+                               ewarn "[INET_XFRM_MODE_TUNNEL] IP: IPsec tunnel mode is NOT enabled."
+                       else
+                               einfo "....[INET_XFRM_MODE_TUNNEL] IP: IPsec tunnel mode is enabled :-)"
+                       fi
+
+                       if ! { linux_chkconfig_present INET_XFRM_MODE_BEET; }; then
+                               ewarn "[INET_XFRM_MODE_BEET] IP: IPsec BEET mode is NOT enabled."
+                       else
+                               einfo "....[INET_XFRM_MODE_BEET] IP: IPsec BEET mode is enabled :-)"
+                       fi
+                       # }}}
+                       # {{{ IPv6 stuff
+                       if use ipv6 ; then
+                               if ! { linux_chkconfig_present INET6_IPCOMP; }; then
+                                       ewarn "[INET6_IPCOMP] IPv6: IPComp transformation is NOT enabled"
+                               else
+                                       einfo "....[INET6_IPCOMP] IPv6: IPComp transformation is enabled :-)"
+                               fi
+
+                               if ! { linux_chkconfig_present INET6_AH; }; then
+                                       ewarn "[INET6_AH] IPv6: AH Transformation is NOT enabled."
+                               else
+                                       einfo "....[INET6_AH] IPv6: AH Transformation is enabled :-)"
+                               fi
+
+                               if ! { linux_chkconfig_present INET6_ESP; }; then
+                                       ewarn "[INET6_ESP] IPv6: ESP Transformation is NOT enabled."
+                               else
+                                       einfo "....[INET6_ESP] IPv6: ESP Transformation is enabled :-)"
+                               fi
+
+                               if ! { linux_chkconfig_present INET6_XFRM_MODE_TRANSPORT; }; then
+                                       ewarn "[INET6_XFRM_MODE_TRANSPORT] IPv6: IPsec transport mode is NOT enabled."
+                               else
+                                       einfo "....[INET6_XFRM_MODE_TRANSPORT] IPv6: IPsec transport mode is enabled :-)"
+                               fi
+
+                               if ! { linux_chkconfig_present INET6_XFRM_MODE_TUNNEL; }; then
+                                       ewarn "[INET6_XFRM_MODE_TUNNEL] IPv6: IPsec tunnel mode is NOT enabled."
+                               else
+                                       einfo "....[INET6_XFRM_MODE_TUNNEL] IPv6: IPsec tunnel mode is enabled :-)"
+                               fi
+
+                               if ! { linux_chkconfig_present INET6_XFRM_MODE_BEET; }; then
+                                       ewarn "[INET6_XFRM_MODE_BEET] IPv6: IPsec BEET mode is NOT enabled."
+                               else
+                                       einfo "....[INET6_XFRM_MODE_BEET] IPv6: IPsec BEET mode is enabled :-)"
+                               fi
+                       fi
+                       # }}}
+
+                       eend $?
+               fi
+       fi
+}
+# }}}
+
+src_unpack() {
+       unpack ${A}
+       cd ${S}
+       # fix for bug #76741
+       sed -i 's:#include <sys/sysctl.h>::' src/racoon/pfkey.c src/setkey/setkey.c
+       # fix for bug #124813
+       sed -i 's:-Werror::g' ${S}/configure.ac
+
+       AT_M4DIR="${S}" eautoreconf
+       epunt_cxx
+}
+
+
+
+src_compile() {
+       # fix for bug #61025
+       filter-flags -march=c3
+
+       kernel_check
+
+       myconf="${myconf} --with-kernel-headers=/lib/modules/${KV_FULL}/build/include"
+
+       use nat && myconf="${myconf} --enable-natt --enable-natt-versions=yes"
+#      myconf="${myconf} $(use_enable broken-natt)"
+       myconf="${myconf} --enable-dependency-tracking $(use_enable ipv6)"
+#      myconf="${myconf} $(use_enable adminport)"
+       myconf="${myconf} $(use_enable rc5)"
+       if use pam; then
+               myconf="${myconf} --enable-hybrid"
+       else
+               myconf="${myconf} $(use_enable hybrid)"
+       fi;
+#      myconf="${myconf} $(use_enable dpd)"
+#      myconf="${myconf} $(use_enable frag)"
+#      myconf="${myconf} $(use_enable stats)"
+#      myconf="${myconf} $(use_enable fastquit)"
+#      myconf="${myconf} $(use_enable security-context)"
+       myconf="${myconf} --enable-dpd --enable-frag --enable-stats --enable-fastquit"
+       myconf="${myconf} --enable-adminport --enable-security-context"
+       myconf="${myconf} $(use_enable idea)"
+       myconf="${myconf} $(use_enable kerberos gssapi)"
+
+       # dev-libs/libiconv is hard masked
+       #use iconv && myconf="${myconf} $(use_with iconv libiconv)"
+       myconf="${myconf} $(use_with ldap libldap)"
+       myconf="${myconf} $(use_with pam libpam)"
+
+       # the default (/usr/include/openssl/) is OK for Gentoo, leave it
+       # myconf="${myconf} $(use_with ssl openssl )"
+
+       # No way to get it compiling with freeradius or gnuradius
+       # We need libradius wich only exist on FreeBSD
+       #use radius && myconf="${myconf} $(use_with radius libradius )"
+
+       use readline && myconf="${myconf} $(use_with readline )"
+
+       # See bug #77369
+       #myconf="${myconf} --enable-samode-unspec"
+
+       econf ${myconf} || die
+       # As of ${PN}-0.6.6 parallel make is still broken. I hope its fixed now.
+       emake  || die
+
+}
+
+src_install() {
+       emake DESTDIR="${D}" install || die
+       keepdir /var/lib/racoon
+       insinto /etc/conf.d && newins "${FILESDIR}"/racoon.conf.d racoon
+       exeinto /etc/init.d && newexe "${FILESDIR}"/racoon.init.d racoon
+
+       dodoc ChangeLog README NEWS
+       dodoc src/racoon/samples/*
+       dodoc src/racoon/doc/*
+
+       docinto roadwarrior
+       dodoc src/racoon/samples/roadwarrior/*
+
+       docinto roadwarrior/client
+       dodoc src/racoon/samples/roadwarrior/client/*
+       docinto roadwarrior/server
+       dodoc src/racoon/samples/roadwarrior/server/*
+
+       docinto setkey
+       dodoc src/setkey/sample.cf
+
+       # RFC are only available from CVS for the moment, see einfo below
+       #docinto "rfc"
+       #dodoc ${S}/src/racoon/rfc/*
+}
+
+pkg_postinst() {
+       if use nat; then
+         elog ""
+         elog " You have enabled the nat traversal functionnality."
+         elog " Nat versions wich are enabled by default are 00,02,rfc"
+         elog " you can find those drafts in the CVS repository:"
+         elog "cvs -d anoncvs@anoncvs.netbsd.org:/cvsroot co ipsec-tools"
+         elog ""
+         elog "If you feel brave enough and you know what you are"
+         elog "doing, you can consider emerging this ebuild"
+         elog "with"
+         elog "EXTRA_ECONF=\"--enable-natt-versions=08,07,06\""
+         elog ""
+       fi;
+
+       if use ldap; then
+         elog ""
+         elog " You have enabled ldap support with {$PN}."
+         elog " The man page does NOT contain any information on it yet."
+         elog " Consider to use a more recent version or CVS"
+         elog ""
+       fi;
+
+
+       elog ""
+       elog "Please have a look in /usr/share/doc/${P} and visit"
+       elog "http://www.netbsd.org/Documentation/network/ipsec/"
+       elog "to find a lot of information on how to configure this great tool."
+       elog ""
+
+}
+
+# vim: set foldmethod=marker nowrap :