smeserver-libreswan/contribs10/smeserver-libreswan.spec

%define name smeserver-libreswan
%define version 0.5
%define release 37
Summary: Plugin to enable IPSEC connections
Name: %{name}
Version: %{version}
Release: %{release}%{?dist}
License: GNU GPL version 2
URL: http://libreswan.org/
Group: SMEserver/addon
Source: %{name}-%{version}.tar.gz
Patch1: smeserver-libreswan-fix-masq-templates.patch
Patch2: smeserver-libreswan-move-logfile.patch
Patch3: smeserver-libreswan-add-debug-key.patch
Patch4: smeserver-libreswan-fix-rsa-id.patch
Patch5: smeserver-libreswan-fix-createlinks.patch
Patch6: smeserver-libreswan-ikev2-logrotate.patch
Patch7: smeserver-libreswan-add-certificates.patch
Patch8: smeserver-libreswan-modify-identifiers.patch
Patch9: smeserver-libreswan-modify-identifiers1.patch
Patch10: smeserver-libreswan-forceencaps-l2tpd.patch
Patch11: smeserver-libreswan-variable-network-interfaces.patch
Patch12: smeserver-libreswan-remove-obsoletes.patch
Patch13: smeserver-libreswan-add-reauth.patch
Patch14: smeserver-libreswan-check-l2tpd-status.patch
Patch15: smeserver-libreswan-include-l2tpd-rightsubnet.patch
Patch16: smeserver-libreswan-fix-xl2tpd-status-check.patch
Patch17: smeserver-libreswan-createlinks.patch
Patch18: smeserver-libreswan-modify-leftrightsubnet.patch
Patch19: smeserver-libreswan-0.5-Update-for-systemd.patch
Patch20: smeserver-libreswan-update-createlinks-update-reauth.patch
Patch21: smeserver-libreswan-fix-init-link.patch


BuildRoot: /var/tmp/%{name}-%{version}
BuildArchitectures: noarch
BuildRequires: e-smith-devtools
Requires:  e-smith-release >= 9.2
Requires:  libreswan >= 3.29
AutoReqProv: no

%description
Libreswan is a free software implementation of the most widely supported and standardised VPN protocol based on ("IPsec") and the Internet Key Exchange ("IKE")

%changelog
* Tue Feb 11 2025 John Crisp <jcrisp@safreqandsoundit.co.uk> 0.5-37.sme
- Fix broken url

* Wed May 24 2023 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-36.sme
- Change ipsec.conf log setting
- Create /var/log/pluto/pluto.log 
- Add reauth 'yes' as an added option
- Update createlinks

* Mon Mar 01 2021 Brian Read <brianr@bjsystems.co.uk> 0.5-35.sme
- Initial Import in SME10 tree  [SME: 11405]
- Update for systemd

* Mon Feb 17 2020 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-34.sme
- auto insert leftsourceip and subnet from internal interface
- Force right to have a value

* Fri Feb 14 2020 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-33.sme
- update keyingtries
- update virtual-private

* Thu Jan 30 2020 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-32.sme
- Fix xl2tpd status check

* Thu Oct 17 2019 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-31.sme
- Allow rightsubnet for xl2tpd in virtual_private
- Add check for empty virtual_private hosts

* Sun Oct 13 2019 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-30.sme
- Fix issue when there is no xl2tpd key

* Sat Aug 31 2019 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-29.sme
- Bump required Libreswan to 3.29
- add reauth option

* Thu Jun 21 2018 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-28.sme
- Bump required Libreswan to 3.23
- Change forceencaps to encapsulation
- Remove obsolete nat_traversal
- Modify ipsec.conf for no rightsubnet in xl2tpd

* Tue Sep 19 2017 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-27.sme
- Allow variable network interface names - Stefano Zamboni

* Thu Jun 15 2017 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-26.sme
- add keep-alive option in main ipsec.conf
- add forceencaps option overall default and per connection
- small code tidy
- Add support for L2TPD

* Thu Jan 26 2017 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-25.sme
 - Fix the ipsec.conf as well
 - remove automatic \@ in IDs - Fixes [SME: 9729]
 
* Thu Jan 26 2017 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-24.sme
 - remove automatic \@ in IDs - Fixes [SME: 9729]
 - fix swapped left/right IDs in password file

* Wed Jan 25 2017 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-23.sme
- Add the ability to use PEM/PKCS#12 certificates - fixes [SME: 9942]
- lots of code tidying

* Wed Dec 21 2016 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-22.sme
- update logrotate completely now I realise it is symlinked
- remove UPDPort and add UPDPorts due to ipsec v2

* Wed Dec 21 2016 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-21.sme
- add more variations for ike v1/2
- remove logrotate template
- add /etc/e-smith/events/logrotate/logfiles2timestamp/var/log/pluto.log
- Fix some log noise when first installed and still disabled

* Sat Apr 23 2016 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-20.sme
- Fix typo in createlinks for sysctl.conf

* Mon Apr 04 2016 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-19.sme
- Fix ID in ipsec.secrets if ID is set

* Thu Mar 24 2016 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-18.sme
- Add debug db key to /etc/ipsec.conf
- Remove setting public/private keys as they won't affect unless templates are re-expanded
- Set xfrm_larval_drop drop correctly

* Tue Mar 22 2016 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-17.sme
- Move pluto.log to /var/log/pluto
- bump libreswan requires version to 3.16
- regenerate masq template on ipsec-update
- change wiki location page
- add sysctl.conf template
- modify masq templates for ipsec status enabled/disabled
- only load ipsec.conf rather than *.conf to avoid loading v6neighbor-hole.conf

* Thu Mar 10 2016 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-16.sme
- Fix masq templates for missing db entries on install

* Wed Mar 09 2016 JP Pialasse <tests@pialasse.com> 0.5-15.sme
- first import in SME buildsys

* Wed Feb 17 2016 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-13
- Fix small typo in readme

* Fri Dec 04 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-12
- Add keyingtries
- Finally fix add issues using asynchronous

* Wed Dec 02 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-11
- Determine host IPtype - static or dynamic IP
- auto --up changed to exec
- Add checks for Left/Right ID in secrets file

* Tue Dec 01 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-10
- Allow dynamic addresses
- Add iptype
- disallow " in PSK passwords
- Revised logging messages

* Mon Nov 30 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-9
- Amended templates to allow for rsasig. Early cert settings removed

* Wed Nov 25 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-8
- Revised masq templates - disable on ipsec disable
- Template ipsec.secrets so Terry won't break it again
- Set requires e-smith >=9 and libreswan >=3.14

* Wed Nov 18 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-7
- add 90adjustESP

* Tue Nov 17 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-6
- more update to masq firewalls - change -p 50 to -p ESP

* Tue Nov 17 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-5
- update masq firewall rules
- document clean up

* Wed May 27 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-4
- set dpd actions off if ipsec is 'add'
- add salifetime key and rename ikelifetime and keylife
- change defaults for salifetime and ikelifetime
- add in rsasig support

* Wed Apr 22 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-3
- change default ike from aes-sha to aes-sha1

* Tue Mar 24 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-2
- More minor fixes - should work OK with xl2tpd

* Thu Mar 19 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-1
- Remove templates2expand and added to createlinks
- modified ipsec.secret template
- various other fixes

* Fri Mar 13 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.4-5
- Big changes again - now have PreviousState to detect changes
- Createlinks to S10 to run after expand-templates

* Thu Mar 5 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.4-4
- Changed lots. Removed sysctl.conf template
- Changed firewall template

* Tue Mar 3 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.4-3
- Load of code tidying and prep from xl2tpd

* Fri Feb 27 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.4-2
- Update action script and allow for system not in gateway mode
- add ike and phase2alg db settings

* Tue Feb 24 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.4-1
- New ipsec-action script
- Numerous template changes

* Fri Jan 16 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.3-1
- remove debugging lines
- remove expand templates from spec file
- add status check for ipsec.conf
- add comment to masq template
- updated db defaults
- ipsec.conf not expanded on install
- missed auto=start

* Fri Jan 16 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.2-1
- remove rc.local modifications
- add /etc/sysctl.conf patches

* Thu Jan 15 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.1-1
- initial release

%prep
%setup
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
%patch17 -p1
%patch18 -p1
%patch19 -p1
%patch20 -p1
%patch21 -p1

%build
perl createlinks

%install
rm -rf $RPM_BUILD_ROOT
(cd root ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT)
rm -f %{name}-%{version}-filelist
/sbin/e-smith/genfilelist $RPM_BUILD_ROOT > %{name}-%{version}-filelist
echo "%doc COPYING" >> %{name}-%{version}-filelist


%clean
cd ..
rm -rf %{name}-%{version}

%files -f %{name}-%{version}-filelist
%defattr(-,root,root)

%pre
%preun
%post

/sbin/e-smith/expand-template /etc/rc.d/init.d/masq
#/sbin/e-smith/expand-template /etc/inittab
#/sbin/init q

if [[ ! -d /var/log/pluto ]] 
then
    mkdir /var/log/pluto
fi

echo "see https://wiki.contribs.org/Libreswan"

%postun
/sbin/e-smith/expand-template /etc/rc.d/init.d/masq
#/sbin/e-smith/expand-template /etc/inittab
#/sbin/init q
1	brianr	1.1	%define name smeserver-libreswan
2			%define version 0.5
3	jcrisp	1.4	%define release 37
4	brianr	1.1	Summary: Plugin to enable IPSEC connections
5			Name: %{name}
6			Version: %{version}
7			Release: %{release}%{?dist}
8			License: GNU GPL version 2
9			URL: http://libreswan.org/
10			Group: SMEserver/addon
11			Source: %{name}-%{version}.tar.gz
12			Patch1: smeserver-libreswan-fix-masq-templates.patch
13			Patch2: smeserver-libreswan-move-logfile.patch
14			Patch3: smeserver-libreswan-add-debug-key.patch
15			Patch4: smeserver-libreswan-fix-rsa-id.patch
16			Patch5: smeserver-libreswan-fix-createlinks.patch
17			Patch6: smeserver-libreswan-ikev2-logrotate.patch
18			Patch7: smeserver-libreswan-add-certificates.patch
19			Patch8: smeserver-libreswan-modify-identifiers.patch
20			Patch9: smeserver-libreswan-modify-identifiers1.patch
21			Patch10: smeserver-libreswan-forceencaps-l2tpd.patch
22			Patch11: smeserver-libreswan-variable-network-interfaces.patch
23			Patch12: smeserver-libreswan-remove-obsoletes.patch
24			Patch13: smeserver-libreswan-add-reauth.patch
25			Patch14: smeserver-libreswan-check-l2tpd-status.patch
26			Patch15: smeserver-libreswan-include-l2tpd-rightsubnet.patch
27			Patch16: smeserver-libreswan-fix-xl2tpd-status-check.patch
28			Patch17: smeserver-libreswan-createlinks.patch
29			Patch18: smeserver-libreswan-modify-leftrightsubnet.patch
30	brianr	1.2	Patch19: smeserver-libreswan-0.5-Update-for-systemd.patch
31	jcrisp	1.3	Patch20: smeserver-libreswan-update-createlinks-update-reauth.patch
32	jcrisp	1.4	Patch21: smeserver-libreswan-fix-init-link.patch
33
34	brianr	1.1
35			BuildRoot: /var/tmp/%{name}-%{version}
36			BuildArchitectures: noarch
37			BuildRequires: e-smith-devtools
38			Requires: e-smith-release >= 9.2
39			Requires: libreswan >= 3.29
40			AutoReqProv: no
41
42			%description
43			Libreswan is a free software implementation of the most widely supported and standardised VPN protocol based on ("IPsec") and the Internet Key Exchange ("IKE")
44
45			%changelog
46	jcrisp	1.4	* Tue Feb 11 2025 John Crisp <jcrisp@safreqandsoundit.co.uk> 0.5-37.sme
47			- Fix broken url
48
49	jcrisp	1.3	* Wed May 24 2023 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-36.sme
50			- Change ipsec.conf log setting
51			- Create /var/log/pluto/pluto.log
52			- Add reauth 'yes' as an added option
53			- Update createlinks
54
55	brianr	1.2	* Mon Mar 01 2021 Brian Read <brianr@bjsystems.co.uk> 0.5-35.sme
56			- Initial Import in SME10 tree [SME: 11405]
57			- Update for systemd
58
59	brianr	1.1	* Mon Feb 17 2020 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-34.sme
60			- auto insert leftsourceip and subnet from internal interface
61			- Force right to have a value
62
63	jcrisp	1.3	* Fri Feb 14 2020 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-33.sme
64	brianr	1.1	- update keyingtries
65			- update virtual-private
66
67			* Thu Jan 30 2020 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-32.sme
68			- Fix xl2tpd status check
69
70			* Thu Oct 17 2019 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-31.sme
71			- Allow rightsubnet for xl2tpd in virtual_private
72			- Add check for empty virtual_private hosts
73
74			* Sun Oct 13 2019 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-30.sme
75			- Fix issue when there is no xl2tpd key
76
77			* Sat Aug 31 2019 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-29.sme
78			- Bump required Libreswan to 3.29
79			- add reauth option
80
81			* Thu Jun 21 2018 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-28.sme
82			- Bump required Libreswan to 3.23
83			- Change forceencaps to encapsulation
84			- Remove obsolete nat_traversal
85			- Modify ipsec.conf for no rightsubnet in xl2tpd
86
87			* Tue Sep 19 2017 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-27.sme
88			- Allow variable network interface names - Stefano Zamboni
89
90			* Thu Jun 15 2017 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-26.sme
91			- add keep-alive option in main ipsec.conf
92			- add forceencaps option overall default and per connection
93			- small code tidy
94			- Add support for L2TPD
95
96			* Thu Jan 26 2017 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-25.sme
97			- Fix the ipsec.conf as well
98			- remove automatic \@ in IDs - Fixes [SME: 9729]
99
100			* Thu Jan 26 2017 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-24.sme
101			- remove automatic \@ in IDs - Fixes [SME: 9729]
102			- fix swapped left/right IDs in password file
103
104			* Wed Jan 25 2017 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-23.sme
105			- Add the ability to use PEM/PKCS#12 certificates - fixes [SME: 9942]
106			- lots of code tidying
107
108			* Wed Dec 21 2016 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-22.sme
109			- update logrotate completely now I realise it is symlinked
110			- remove UPDPort and add UPDPorts due to ipsec v2
111
112			* Wed Dec 21 2016 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-21.sme
113			- add more variations for ike v1/2
114			- remove logrotate template
115			- add /etc/e-smith/events/logrotate/logfiles2timestamp/var/log/pluto.log
116			- Fix some log noise when first installed and still disabled
117
118			* Sat Apr 23 2016 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-20.sme
119			- Fix typo in createlinks for sysctl.conf
120
121			* Mon Apr 04 2016 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-19.sme
122			- Fix ID in ipsec.secrets if ID is set
123
124			* Thu Mar 24 2016 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-18.sme
125			- Add debug db key to /etc/ipsec.conf
126			- Remove setting public/private keys as they won't affect unless templates are re-expanded
127			- Set xfrm_larval_drop drop correctly
128
129			* Tue Mar 22 2016 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-17.sme
130			- Move pluto.log to /var/log/pluto
131			- bump libreswan requires version to 3.16
132			- regenerate masq template on ipsec-update
133			- change wiki location page
134			- add sysctl.conf template
135			- modify masq templates for ipsec status enabled/disabled
136			- only load ipsec.conf rather than *.conf to avoid loading v6neighbor-hole.conf
137
138			* Thu Mar 10 2016 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-16.sme
139			- Fix masq templates for missing db entries on install
140
141			* Wed Mar 09 2016 JP Pialasse <tests@pialasse.com> 0.5-15.sme
142			- first import in SME buildsys
143
144			* Wed Feb 17 2016 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-13
145			- Fix small typo in readme
146
147			* Fri Dec 04 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-12
148			- Add keyingtries
149			- Finally fix add issues using asynchronous
150
151			* Wed Dec 02 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-11
152			- Determine host IPtype - static or dynamic IP
153			- auto --up changed to exec
154			- Add checks for Left/Right ID in secrets file
155
156			* Tue Dec 01 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-10
157			- Allow dynamic addresses
158			- Add iptype
159			- disallow " in PSK passwords
160			- Revised logging messages
161
162			* Mon Nov 30 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-9
163			- Amended templates to allow for rsasig. Early cert settings removed
164
165			* Wed Nov 25 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-8
166			- Revised masq templates - disable on ipsec disable
167			- Template ipsec.secrets so Terry won't break it again
168			- Set requires e-smith >=9 and libreswan >=3.14
169
170			* Wed Nov 18 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-7
171			- add 90adjustESP
172
173			* Tue Nov 17 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-6
174			- more update to masq firewalls - change -p 50 to -p ESP
175
176			* Tue Nov 17 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-5
177			- update masq firewall rules
178			- document clean up
179
180			* Wed May 27 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-4
181			- set dpd actions off if ipsec is 'add'
182			- add salifetime key and rename ikelifetime and keylife
183			- change defaults for salifetime and ikelifetime
184			- add in rsasig support
185
186			* Wed Apr 22 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-3
187			- change default ike from aes-sha to aes-sha1
188
189			* Tue Mar 24 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-2
190			- More minor fixes - should work OK with xl2tpd
191
192			* Thu Mar 19 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-1
193			- Remove templates2expand and added to createlinks
194			- modified ipsec.secret template
195			- various other fixes
196
197			* Fri Mar 13 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.4-5
198			- Big changes again - now have PreviousState to detect changes
199			- Createlinks to S10 to run after expand-templates
200
201			* Thu Mar 5 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.4-4
202			- Changed lots. Removed sysctl.conf template
203			- Changed firewall template
204
205			* Tue Mar 3 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.4-3
206			- Load of code tidying and prep from xl2tpd
207
208			* Fri Feb 27 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.4-2
209			- Update action script and allow for system not in gateway mode
210			- add ike and phase2alg db settings
211
212			* Tue Feb 24 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.4-1
213			- New ipsec-action script
214			- Numerous template changes
215
216			* Fri Jan 16 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.3-1
217			- remove debugging lines
218			- remove expand templates from spec file
219			- add status check for ipsec.conf
220			- add comment to masq template
221			- updated db defaults
222			- ipsec.conf not expanded on install
223			- missed auto=start
224
225			* Fri Jan 16 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.2-1
226			- remove rc.local modifications
227			- add /etc/sysctl.conf patches
228
229			* Thu Jan 15 2015 John Crisp <jcrisp@safeandsoundit.co.uk> 0.1-1
230			- initial release
231
232			%prep
233			%setup
234			%patch1 -p1
235			%patch2 -p1
236			%patch3 -p1
237			%patch4 -p1
238			%patch5 -p1
239			%patch6 -p1
240			%patch7 -p1
241			%patch8 -p1
242			%patch9 -p1
243			%patch10 -p1
244			%patch11 -p1
245			%patch12 -p1
246			%patch13 -p1
247			%patch14 -p1
248			%patch15 -p1
249			%patch16 -p1
250			%patch17 -p1
251			%patch18 -p1
252	brianr	1.2	%patch19 -p1
253	jcrisp	1.3	%patch20 -p1
254	jcrisp	1.4	%patch21 -p1
255	brianr	1.1
256			%build
257			perl createlinks
258
259			%install
260			rm -rf $RPM_BUILD_ROOT
261			(cd root ; find . -depth -print \| cpio -dump $RPM_BUILD_ROOT)
262			rm -f %{name}-%{version}-filelist
263			/sbin/e-smith/genfilelist $RPM_BUILD_ROOT > %{name}-%{version}-filelist
264			echo "%doc COPYING" >> %{name}-%{version}-filelist
265
266
267			%clean
268			cd ..
269			rm -rf %{name}-%{version}
270
271			%files -f %{name}-%{version}-filelist
272			%defattr(-,root,root)
273
274			%pre
275			%preun
276			%post
277
278			/sbin/e-smith/expand-template /etc/rc.d/init.d/masq
279	jcrisp	1.3	#/sbin/e-smith/expand-template /etc/inittab
280			#/sbin/init q
281	brianr	1.1
282	jcrisp	1.3	if [[ ! -d /var/log/pluto ]]
283			then
284			mkdir /var/log/pluto
285			fi
286	brianr	1.1
287			echo "see https://wiki.contribs.org/Libreswan"
288
289			%postun
290			/sbin/e-smith/expand-template /etc/rc.d/init.d/masq
291	jcrisp	1.3	#/sbin/e-smith/expand-template /etc/inittab
292			#/sbin/init q