diff options
| author | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2006-05-22 05:12:18 +0000 |
|---|---|---|
| committer | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2006-05-22 05:12:18 +0000 |
| commit | aa0f5b38aec14428b4b80e06f90ff781f8bca5f1 (patch) | |
| tree | 95f3d0c8cb0d59d88900dbbd72110d7ab6e15b2a /packaging | |
| parent | 7c383bc22113b23718be89fe18eeb251942d7356 (diff) | |
| download | vyos-strongswan-aa0f5b38aec14428b4b80e06f90ff781f8bca5f1.tar.gz vyos-strongswan-aa0f5b38aec14428b4b80e06f90ff781f8bca5f1.zip | |
Import initial strongswan 2.7.0 version into SVN.
Diffstat (limited to 'packaging')
48 files changed, 3041 insertions, 0 deletions
diff --git a/packaging/ipkg/conffiles b/packaging/ipkg/conffiles new file mode 100644 index 000000000..ff0851c29 --- /dev/null +++ b/packaging/ipkg/conffiles @@ -0,0 +1 @@ +/etc/ipsec.conf diff --git a/packaging/ipkg/control-freeswan-module.dist b/packaging/ipkg/control-freeswan-module.dist new file mode 100644 index 000000000..aec4091f1 --- /dev/null +++ b/packaging/ipkg/control-freeswan-module.dist @@ -0,0 +1,8 @@ +Package: freeswan-module +Priority: optional +Section: Communications +Version: VERSION +Architecture: ARCH +Maintainer: FreeS/WAN <users@lists.freeswan.org> +Depends: freeswan +Description: FreeS/WAN ipsec.o binary module diff --git a/packaging/ipkg/control-freeswan.dist b/packaging/ipkg/control-freeswan.dist new file mode 100644 index 000000000..376647e6f --- /dev/null +++ b/packaging/ipkg/control-freeswan.dist @@ -0,0 +1,8 @@ +Package: freeswan +Priority: optional +Section: Communications +Version: VERSION +Architecture: ARCH +Maintainer: FreeS/WAN <users@lists.freeswan.org> +Depends: gawk libgmp +Description: FreeS/WAN daemons and userland tools diff --git a/packaging/ipkg/debian-binary b/packaging/ipkg/debian-binary new file mode 100644 index 000000000..cd5ac039d --- /dev/null +++ b/packaging/ipkg/debian-binary @@ -0,0 +1 @@ +2.0 diff --git a/packaging/ipkg/generate-ipkg b/packaging/ipkg/generate-ipkg new file mode 100755 index 000000000..5a288f34e --- /dev/null +++ b/packaging/ipkg/generate-ipkg @@ -0,0 +1,43 @@ +#!/bin/sh + +# This script expects the following variables to be in the environment: +# DESTDIR +# FREESWANSRCDIR +# ARCH +# IPSECVERSION + +#set -e + +cd $DESTDIR +rm -f *.tar.gz + +mkdir -p $FREESWANSRCDIR/packaging/ipkg/ipkg +cp $FREESWANSRCDIR/packaging/ipkg/debian-binary . +cp $FREESWANSRCDIR/packaging/ipkg/conffiles . + +cat $FREESWANSRCDIR/packaging/ipkg/control-freeswan.dist | sed s/VERSION/$IPSECVERSION/ |sed s/ARCH/$ARCH/ > $FREESWANSRCDIR/packaging/ipkg/control-freeswan + +cp $FREESWANSRCDIR/packaging/ipkg/control-freeswan control + +tar -czf ./control.tar.gz ./conffiles ./control --owner=root --group=root + +tar -czf ./data.tar.gz ./* --owner=root --group=root --exclude=control.tar.gz --exclude=conffiles --exclude=control --exclude=debian-binary + +tar -czf $FREESWANSRCDIR/packaging/ipkg/ipkg/freeswan-utils-$IPSECVERSION.arm.ipk ./debian-binary ./control.tar.gz ./data.tar.gz --owner=root --group=root +mkdir -p $FREESWANSRCDIR/packaging/ipkg/kernel-module +cd $FREESWANSRCDIR/packaging/ipkg/kernel-module + +rm -f *.tar.gz +cp $FREESWANSRCDIR/packaging/ipkg/debian-binary . + +cat $FREESWANSRCDIR/packaging/ipkg/control-freeswan-module.dist | sed s/VERSION/$IPSECVERSION/ |sed s/ARCH/$ARCH/ > $FREESWANSRCDIR/packaging/ipkg/control-freeswan-module + +cp $FREESWANSRCDIR/packaging/ipkg/control-freeswan-module control + +tar czf ./control.tar.gz ./control --owner=root --group=root + +tar czf ./data.tar.gz * --owner=root --group=root --exclude=control.tar.gz --exclude=control --exclude=debian-binary + +tar czf $FREESWANSRCDIR/packaging/ipkg/ipkg/freeswan-module-$IPSECVERSION.arm.ipk ./debian-binary ./control.tar.gz ./data.tar.gz --owner=root --group=root +rm -rf $FREESWANSRCDIR/packaging/ipkg/ipkg/binaries/* +rm -rf $FREESWANSRCDIR/packaging/ipkg/ipkg/kernel-module/* diff --git a/packaging/linus/config-all.h b/packaging/linus/config-all.h new file mode 100644 index 000000000..b34203372 --- /dev/null +++ b/packaging/linus/config-all.h @@ -0,0 +1,62 @@ +#ifndef _CONFIG_ALL_H_ +/* + * Copyright (C) 2002 Michael Richardson <mcr@freeswan.org> + * + * This kernel module is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>. + * + * This kernel module is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + * + * RCSID $Id: config-all.h,v 1.1 2004/03/15 20:35:27 as Exp $ + */ +#define _CONFIG_ALL_H_ /* seen it, no need to see it again */ + +#define CONFIG_IPSEC 1 + +#ifndef CONFIG_IPSEC_AH +#define CONFIG_IPSEC_AH 1 +#endif + +#ifndef CONFIG_IPSEC_DEBUG +#define CONFIG_IPSEC_DEBUG 1 +#endif + +#ifndef CONFIG_IPSEC_ESP +#define CONFIG_IPSEC_ESP 1 +#endif + +#ifndef CONFIG_IPSEC_IPCOMP +#define CONFIG_IPSEC_IPCOMP 1 +#endif + +#ifndef CONFIG_IPSEC_IPIP +#define CONFIG_IPSEC_IPIP 1 +#endif + +#ifndef CONFIG_IPSEC_AUTH_HMAC_MD5 +#define CONFIG_IPSEC_AUTH_HMAC_MD5 1 +#endif + +#ifndef CONFIG_IPSEC_AUTH_HMAC_SHA1 +#define CONFIG_IPSEC_AUTH_HMAC_SHA1 1 +#endif + +#ifndef CONFIG_IPSEC_DYNDEV +#define CONFIG_IPSEC_DYNDEV 1 +#endif + +#ifndef CONFIG_IPSEC_ENC_3DES +#define CONFIG_IPSEC_ENC_3DES 1 +#endif + +#ifndef CONFIG_IPSEC_REGRESS +#define CONFIG_IPSEC_REGRESS 0 +#endif + + +#endif /* _CONFIG_ALL_H */ diff --git a/packaging/makefiles/module.make b/packaging/makefiles/module.make new file mode 100644 index 000000000..af6047362 --- /dev/null +++ b/packaging/makefiles/module.make @@ -0,0 +1,5 @@ +include ${FREESWANSRCDIR}/Makefile.inc + +KLIPS_TOP=${FREESWANSRCDIR}/linux +VPATH+=${KLIPSSRC} +include ${KLIPSSRC}/Makefile diff --git a/packaging/redhat/.cvsignore b/packaging/redhat/.cvsignore new file mode 100644 index 000000000..630b0ff36 --- /dev/null +++ b/packaging/redhat/.cvsignore @@ -0,0 +1,12 @@ +BUILD.athlon +BUILD.athlon-smp +BUILD.i386 +BUILD.i386-smp +BUILD.i586 +BUILD.i586-smp +BUILD.i586-up +BUILD.i686 +BUILD.i686-smp +rpms +rpm.spec +tmp.rpmbuild diff --git a/packaging/redhat/Makefile b/packaging/redhat/Makefile new file mode 100644 index 000000000..45f775734 --- /dev/null +++ b/packaging/redhat/Makefile @@ -0,0 +1,100 @@ +# FreeS/WAN RedHat RPM makefile +# Copyright (C) 2002 Michael Richardson <mcr@freeswan.org> +# +# This program is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 2 of the License, or (at your +# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +# for more details. +# +# RCSID $Id: Makefile,v 1.1 2004/03/15 20:35:27 as Exp $ + +FREESWANSRCDIR=$(shell cd ../.. && pwd) +include ${FREESWANSRCDIR}/Makefile.inc +include ${FREESWANSRCDIR}/Makefile.ver + + +# temporary directory to be used when building RPMs, and where to put the +# resulting RPM tree +RPMKERNDIR := $(shell echo `pwd`/tmp.rpmkernel) +RPMTMPDIR=$(shell echo `pwd`/tmp.rpmbuild) +RPMDEST := $(shell echo `pwd`/rpms) + +# definitions from main Makefile that may be relevant + +KERNELKLIPS=$(KERNELSRC)/net/ipsec +KERNELCRYPTODES=$(KERNELSRC)/crypto/ciphers/des +KERNELLIBFREESWAN=$(KERNELSRC)/lib/libfreeswan +KERNELLIBZLIB=$(KERNELSRC)/lib/zlib +KERNELINCLUDE=$(KERNELSRC)/include + +MAKEUTILS=${FREESWANSRCDIR}/packaging/utils +ERRCHECK=${MAKEUTILS}/errcheck +KVUTIL=${MAKEUTILS}/kernelversion +KVSHORTUTIL=${MAKEUTILS}/kernelversion-short + + +clean: + rm -rf $(shell echo `pwd`/BUILD.*) + rm -rf ${RPMTMPDIR} + rm -rf ${RPMDEST} + rm -f $(shell echo `pwd`/rpm.spec) + +rpm: rpm_userland rpm_modules rpm.spec final_rpm + +# RPM-build userland install in temporary directory +rpm_userland: clean + mkdir -p $(RPMTMPDIR) + (cd ${FREESWANSRCDIR} && $(MAKE) programs install DESTDIR=$(RPMTMPDIR) && cd `pwd`) + for extras in README CHANGES ; do \ + cp -f $(FREESWANSRCDIR)/$$extras $(RPMTMPDIR)$(FINALEXAMPLECONFDIR)/ ; \ + done + +rpm_modules: + @if [ ! -d ${RH_KERNELSRC}/configs ]; then echo "Please fix RH_KERNELSRC in Makefile.inc (${RH_KERNELSRC})"; exit 1; fi + @KV=`${KVUTIL} $(RH_KERNELSRC)/Makefile | sed -e 's/custom//'` ; \ + MD=${RPMTMPDIR}/lib/modules/$$KV/kernel/net/ipsec; mkdir -p $$MD; \ + echo Installing into $$MD for $$KV; \ + rm -rf BUILD.*; \ + cat kernel-list.txt | while read kerneltype arch subarch; \ + do \ + mkdir -p BUILD.$$kerneltype; \ + if [ -z "$$subarch" ]; then subarch=$$arch; fi; \ + BUILDDIR=`pwd`/BUILD.$$kerneltype; \ + HERE=`pwd` ;\ + echo Building $$KV-$$kerneltype in $$BUILDDIR; \ + ${MAKE} -C ${FREESWANSRCDIR} MODBUILDDIR=$$BUILDDIR KERNELSRC=${RH_KERNELSRC} ARCH=$$arch SUBARCH=$$subarch MODULE_DEF_INCLUDE=$$HERE/config-$$kerneltype.h module;\ + cp $$BUILDDIR/ipsec.o $$MD/ipsec.o-$$kerneltype; \ + goo="`nm -ao $$BUILDDIR/ipsec.o | ${FREESWANSRCDIR}/programs/calcgoo/calcgoo`"; \ + (cd $$MD && ln -f ipsec.o-$$kerneltype $$goo); \ + done + +# build spec file for building RPMs +rpm.spec: rpm.in $(RH_KERNELSRC)/Makefile + KVORIG=`${KVUTIL} $(RH_KERNELSRC)/Makefile | sed -e 's/custom//'` ; \ + KV=`echo $$KVORIG | sed -e 's/-/_/g' ` ; \ + IPSECVERSIONFIXED=`echo ${IPSECVERSION} | sed -e 's/-/_/g'`; \ + echo KVORIG: $$KVORIG KV: $$KV IV: $$IPSECVERSIONFIXED; \ + sed -e "/@KERNELVERSION@/s;;$$KV;" \ + -e "/@KERNELVERSIONORIG@/s;;$$KVORIG;" \ + -e "/@IPSECVERSION@/s;;$$IPSECVERSIONFIXED;" \ + -e '/@PUBDIR@/s;;$(PUBDIR);' \ + -e '/@FINALBINDIR@/s;;$(FINALBINDIR);' \ + -e '/@FINALLIBDIR@/s;;$(FINALLIBDIR);' \ + -e '/@FINALCONFDDIR@/s;;$(FINALCONFDDIR);' \ + -e '/@FINALCONFDIR@/s;;$(FINALCONFDIR);' \ + -e '/@FINALEXAMPLECONFDIR@/s;;$(FINALEXAMPLECONFDIR);' \ + -e '/@MANTREE@/s;;$(MANTREE);' rpm.in > rpm.spec + +# build RPMs +final_rpm: rpm.spec + mkdir -p $(RPMDEST) + cd $(RPMDEST) ; mkdir -p SRPMS BUILD RPMS SPECS SOURCES + cd $(RPMDEST)/RPMS ; mkdir -p $(ARCH) noarch + $(RPMBUILD) -bb --define "buildroot $(RPMTMPDIR)" \ + --define "_topdir $(RPMDEST)" rpm.spec + # that has, incidentally, gotten rid of $(RPMTMPDIR) diff --git a/packaging/redhat/config-athlon-smp.h b/packaging/redhat/config-athlon-smp.h new file mode 100644 index 000000000..2aa764477 --- /dev/null +++ b/packaging/redhat/config-athlon-smp.h @@ -0,0 +1,79 @@ +#ifndef _CONFIG_RH_I586_H_ +/* + * Copyright (C) 2002 Michael Richardson <mcr@freeswan.org> + * + * This kernel module is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>. + * + * This kernel module is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + * + * RCSID $Id: config-athlon-smp.h,v 1.1 2004/03/15 20:35:27 as Exp $ + */ +#define _CONFIG_RH_ATHLON_SMP_H_ /* seen it, no need to see it again */ + +#define CONFIG_IPSEC 1 + +#ifndef CONFIG_IPSEC_AH +#define CONFIG_IPSEC_AH 1 +#endif + +#ifndef CONFIG_IPSEC_DEBUG +#define CONFIG_IPSEC_DEBUG 1 +#endif + +#ifndef CONFIG_IPSEC_ESP +#define CONFIG_IPSEC_ESP 1 +#endif + +#ifndef CONFIG_IPSEC_IPCOMP +#define CONFIG_IPSEC_IPCOMP 1 +#endif + +#ifndef CONFIG_IPSEC_IPIP +#define CONFIG_IPSEC_IPIP 1 +#endif + +#ifndef CONFIG_IPSEC_AUTH_HMAC_MD5 +#define CONFIG_IPSEC_AUTH_HMAC_MD5 1 +#endif + +#ifndef CONFIG_IPSEC_AUTH_HMAC_SHA1 +#define CONFIG_IPSEC_AUTH_HMAC_SHA1 1 +#endif + +#ifndef CONFIG_IPSEC_DYNDEV +#define CONFIG_IPSEC_DYNDEV 1 +#endif + +#ifndef CONFIG_IPSEC_ENC_3DES +#define CONFIG_IPSEC_ENC_3DES 1 +#endif + +#ifndef CONFIG_IPSEC_REGRESS +#define CONFIG_IPSEC_REGRESS 0 +#endif + +/* keep rhconfig.h from doing anything */ +#define __rh_config_h__ + +/* pick which arch we are supposed to be */ +#define __module__smp +#undef __module__up +#define __module__athlon +#define __module__athlon_smp + +#if defined(__module__smp) || defined(__module__BOOTsmp) || defined(__module__enterprise) || defined(__module__bigmem) +#define _ver_str(x) smp_ ## x +#else +#define _ver_str(x) x +#endif + +#define RED_HAT_LINUX_KERNEL 1 + +#endif /* _CONFIG_RH_ATHLON_SMP_H_ */ + diff --git a/packaging/redhat/config-athlon.h b/packaging/redhat/config-athlon.h new file mode 100644 index 000000000..f9d51fc01 --- /dev/null +++ b/packaging/redhat/config-athlon.h @@ -0,0 +1,79 @@ +#ifndef _CONFIG_RH_I586_H_ +/* + * Copyright (C) 2002 Michael Richardson <mcr@freeswan.org> + * + * This kernel module is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>. + * + * This kernel module is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + * + * RCSID $Id: config-athlon.h,v 1.1 2004/03/15 20:35:27 as Exp $ + */ +#define _CONFIG_RH_ATHLON_H_ /* seen it, no need to see it again */ + +#define CONFIG_IPSEC 1 + +#ifndef CONFIG_IPSEC_AH +#define CONFIG_IPSEC_AH 1 +#endif + +#ifndef CONFIG_IPSEC_DEBUG +#define CONFIG_IPSEC_DEBUG 1 +#endif + +#ifndef CONFIG_IPSEC_ESP +#define CONFIG_IPSEC_ESP 1 +#endif + +#ifndef CONFIG_IPSEC_IPCOMP +#define CONFIG_IPSEC_IPCOMP 1 +#endif + +#ifndef CONFIG_IPSEC_IPIP +#define CONFIG_IPSEC_IPIP 1 +#endif + +#ifndef CONFIG_IPSEC_AUTH_HMAC_MD5 +#define CONFIG_IPSEC_AUTH_HMAC_MD5 1 +#endif + +#ifndef CONFIG_IPSEC_AUTH_HMAC_SHA1 +#define CONFIG_IPSEC_AUTH_HMAC_SHA1 1 +#endif + +#ifndef CONFIG_IPSEC_DYNDEV +#define CONFIG_IPSEC_DYNDEV 1 +#endif + +#ifndef CONFIG_IPSEC_ENC_3DES +#define CONFIG_IPSEC_ENC_3DES 1 +#endif + +#ifndef CONFIG_IPSEC_REGRESS +#define CONFIG_IPSEC_REGRESS 0 +#endif + +/* keep rhconfig.h from doing anything */ +#define __rh_config_h__ + +/* pick which arch we are supposed to be */ +#undef __module__smp +#define __module__up +#define __module__athlon +#define __module__athlon_up + +#if defined(__module__smp) || defined(__module__BOOTsmp) || defined(__module__enterprise) || defined(__module__bigmem) +#define _ver_str(x) smp_ ## x +#else +#define _ver_str(x) x +#endif + +#define RED_HAT_LINUX_KERNEL 1 + +#endif /* _CONFIG_RH_ATHLON_H_ */ + diff --git a/packaging/redhat/config-i386-smp.h b/packaging/redhat/config-i386-smp.h new file mode 100644 index 000000000..2971ef9e0 --- /dev/null +++ b/packaging/redhat/config-i386-smp.h @@ -0,0 +1,79 @@ +#ifndef _CONFIG_RH_I586_H_ +/* + * Copyright (C) 2002 Michael Richardson <mcr@freeswan.org> + * + * This kernel module is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>. + * + * This kernel module is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + * + * RCSID $Id: config-i386-smp.h,v 1.1 2004/03/15 20:35:27 as Exp $ + */ +#define _CONFIG_RH_I386_SMP_H_ /* seen it, no need to see it again */ + +#define CONFIG_IPSEC 1 + +#ifndef CONFIG_IPSEC_AH +#define CONFIG_IPSEC_AH 1 +#endif + +#ifndef CONFIG_IPSEC_DEBUG +#define CONFIG_IPSEC_DEBUG 1 +#endif + +#ifndef CONFIG_IPSEC_ESP +#define CONFIG_IPSEC_ESP 1 +#endif + +#ifndef CONFIG_IPSEC_IPCOMP +#define CONFIG_IPSEC_IPCOMP 1 +#endif + +#ifndef CONFIG_IPSEC_IPIP +#define CONFIG_IPSEC_IPIP 1 +#endif + +#ifndef CONFIG_IPSEC_AUTH_HMAC_MD5 +#define CONFIG_IPSEC_AUTH_HMAC_MD5 1 +#endif + +#ifndef CONFIG_IPSEC_AUTH_HMAC_SHA1 +#define CONFIG_IPSEC_AUTH_HMAC_SHA1 1 +#endif + +#ifndef CONFIG_IPSEC_DYNDEV +#define CONFIG_IPSEC_DYNDEV 1 +#endif + +#ifndef CONFIG_IPSEC_ENC_3DES +#define CONFIG_IPSEC_ENC_3DES 1 +#endif + +#ifndef CONFIG_IPSEC_REGRESS +#define CONFIG_IPSEC_REGRESS 0 +#endif + +/* keep rhconfig.h from doing anything */ +#define __rh_config_h__ + +/* pick which arch we are supposed to be */ +#undef __module__up +#define __module__smp +#define __module__i386 +#define __module__i386_smp + +#if defined(__module__smp) || defined(__module__BOOTsmp) || defined(__module__enterprise) || defined(__module__bigmem) +#define _ver_str(x) smp_ ## x +#else +#define _ver_str(x) x +#endif + +#define RED_HAT_LINUX_KERNEL 1 + +#endif /* _CONFIG_RH_I386_SMP_H_ */ + diff --git a/packaging/redhat/config-i386.h b/packaging/redhat/config-i386.h new file mode 100644 index 000000000..dd6cde171 --- /dev/null +++ b/packaging/redhat/config-i386.h @@ -0,0 +1,79 @@ +#ifndef _CONFIG_RH_I586_H_ +/* + * Copyright (C) 2002 Michael Richardson <mcr@freeswan.org> + * + * This kernel module is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>. + * + * This kernel module is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + * + * RCSID $Id: config-i386.h,v 1.1 2004/03/15 20:35:27 as Exp $ + */ +#define _CONFIG_RH_I386_H_ /* seen it, no need to see it again */ + +#define CONFIG_IPSEC 1 + +#ifndef CONFIG_IPSEC_AH +#define CONFIG_IPSEC_AH 1 +#endif + +#ifndef CONFIG_IPSEC_DEBUG +#define CONFIG_IPSEC_DEBUG 1 +#endif + +#ifndef CONFIG_IPSEC_ESP +#define CONFIG_IPSEC_ESP 1 +#endif + +#ifndef CONFIG_IPSEC_IPCOMP +#define CONFIG_IPSEC_IPCOMP 1 +#endif + +#ifndef CONFIG_IPSEC_IPIP +#define CONFIG_IPSEC_IPIP 1 +#endif + +#ifndef CONFIG_IPSEC_AUTH_HMAC_MD5 +#define CONFIG_IPSEC_AUTH_HMAC_MD5 1 +#endif + +#ifndef CONFIG_IPSEC_AUTH_HMAC_SHA1 +#define CONFIG_IPSEC_AUTH_HMAC_SHA1 1 +#endif + +#ifndef CONFIG_IPSEC_DYNDEV +#define CONFIG_IPSEC_DYNDEV 1 +#endif + +#ifndef CONFIG_IPSEC_ENC_3DES +#define CONFIG_IPSEC_ENC_3DES 1 +#endif + +#ifndef CONFIG_IPSEC_REGRESS +#define CONFIG_IPSEC_REGRESS 0 +#endif + +/* keep rhconfig.h from doing anything */ +#define __rh_config_h__ + +/* pick which arch we are supposed to be */ +#undef __module__smp +#define __module__up +#define __module__i386 +#define __module__i386_up + +#if defined(__module__smp) || defined(__module__BOOTsmp) || defined(__module__enterprise) || defined(__module__bigmem) +#define _ver_str(x) smp_ ## x +#else +#define _ver_str(x) x +#endif + +#define RED_HAT_LINUX_KERNEL 1 + +#endif /* _CONFIG_RH_I386_H_ */ + diff --git a/packaging/redhat/config-i586-smp.h b/packaging/redhat/config-i586-smp.h new file mode 100644 index 000000000..c56c55219 --- /dev/null +++ b/packaging/redhat/config-i586-smp.h @@ -0,0 +1,79 @@ +#ifndef _CONFIG_RH_I586_H_ +/* + * Copyright (C) 2002 Michael Richardson <mcr@freeswan.org> + * + * This kernel module is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>. + * + * This kernel module is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + * + * RCSID $Id: config-i586-smp.h,v 1.1 2004/03/15 20:35:27 as Exp $ + */ +#define _CONFIG_RH_I586_SMP_H_ /* seen it, no need to see it again */ + +#define CONFIG_IPSEC 1 + +#ifndef CONFIG_IPSEC_AH +#define CONFIG_IPSEC_AH 1 +#endif + +#ifndef CONFIG_IPSEC_DEBUG +#define CONFIG_IPSEC_DEBUG 1 +#endif + +#ifndef CONFIG_IPSEC_ESP +#define CONFIG_IPSEC_ESP 1 +#endif + +#ifndef CONFIG_IPSEC_IPCOMP +#define CONFIG_IPSEC_IPCOMP 1 +#endif + +#ifndef CONFIG_IPSEC_IPIP +#define CONFIG_IPSEC_IPIP 1 +#endif + +#ifndef CONFIG_IPSEC_AUTH_HMAC_MD5 +#define CONFIG_IPSEC_AUTH_HMAC_MD5 1 +#endif + +#ifndef CONFIG_IPSEC_AUTH_HMAC_SHA1 +#define CONFIG_IPSEC_AUTH_HMAC_SHA1 1 +#endif + +#ifndef CONFIG_IPSEC_DYNDEV +#define CONFIG_IPSEC_DYNDEV 1 +#endif + +#ifndef CONFIG_IPSEC_ENC_3DES +#define CONFIG_IPSEC_ENC_3DES 1 +#endif + +#ifndef CONFIG_IPSEC_REGRESS +#define CONFIG_IPSEC_REGRESS 0 +#endif + +/* keep rhconfig.h from doing anything */ +#define __rh_config_h__ + +/* pick which arch we are supposed to be */ +#undef __module__up +#define __module__smp +#define __module__i586 +#define __module__i586_smp + +#if defined(__module__smp) || defined(__module__BOOTsmp) || defined(__module__enterprise) || defined(__module__bigmem) +#define _ver_str(x) smp_ ## x +#else +#define _ver_str(x) x +#endif + +#define RED_HAT_LINUX_KERNEL 1 + +#endif /* _CONFIG_RH_I586_H_ */ + diff --git a/packaging/redhat/config-i586-up.h b/packaging/redhat/config-i586-up.h new file mode 100644 index 000000000..54b64caf3 --- /dev/null +++ b/packaging/redhat/config-i586-up.h @@ -0,0 +1,79 @@ +#ifndef _CONFIG_RH_I586_H_ +/* + * Copyright (C) 2002 Michael Richardson <mcr@freeswan.org> + * + * This kernel module is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>. + * + * This kernel module is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + * + * RCSID $Id: config-i586-up.h,v 1.1 2004/03/15 20:35:27 as Exp $ + */ +#define _CONFIG_RH_I586_H_ /* seen it, no need to see it again */ + +#define CONFIG_IPSEC 1 + +#ifndef CONFIG_IPSEC_AH +#define CONFIG_IPSEC_AH 1 +#endif + +#ifndef CONFIG_IPSEC_DEBUG +#define CONFIG_IPSEC_DEBUG 1 +#endif + +#ifndef CONFIG_IPSEC_ESP +#define CONFIG_IPSEC_ESP 1 +#endif + +#ifndef CONFIG_IPSEC_IPCOMP +#define CONFIG_IPSEC_IPCOMP 1 +#endif + +#ifndef CONFIG_IPSEC_IPIP +#define CONFIG_IPSEC_IPIP 1 +#endif + +#ifndef CONFIG_IPSEC_AUTH_HMAC_MD5 +#define CONFIG_IPSEC_AUTH_HMAC_MD5 1 +#endif + +#ifndef CONFIG_IPSEC_AUTH_HMAC_SHA1 +#define CONFIG_IPSEC_AUTH_HMAC_SHA1 1 +#endif + +#ifndef CONFIG_IPSEC_DYNDEV +#define CONFIG_IPSEC_DYNDEV 1 +#endif + +#ifndef CONFIG_IPSEC_ENC_3DES +#define CONFIG_IPSEC_ENC_3DES 1 +#endif + +#ifndef CONFIG_IPSEC_REGRESS +#define CONFIG_IPSEC_REGRESS 0 +#endif + +/* keep rhconfig.h from doing anything */ +#define __rh_config_h__ + +/* pick which arch we are supposed to be */ +#undef __module__smp +#define __module__up +#define __module__i586 +#define __module__i586_up + +#if defined(__module__smp) || defined(__module__BOOTsmp) || defined(__module__enterprise) || defined(__module__bigmem) +#define _ver_str(x) smp_ ## x +#else +#define _ver_str(x) x +#endif + +#define RED_HAT_LINUX_KERNEL 1 + +#endif /* _CONFIG_RH_I586_H_ */ + diff --git a/packaging/redhat/config-i586.h b/packaging/redhat/config-i586.h new file mode 100644 index 000000000..6877c9f92 --- /dev/null +++ b/packaging/redhat/config-i586.h @@ -0,0 +1,79 @@ +#ifndef _CONFIG_RH_I586_H_ +/* + * Copyright (C) 2002 Michael Richardson <mcr@freeswan.org> + * + * This kernel module is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>. + * + * This kernel module is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + * + * RCSID $Id: config-i586.h,v 1.1 2004/03/15 20:35:27 as Exp $ + */ +#define _CONFIG_RH_I586_H_ /* seen it, no need to see it again */ + +#define CONFIG_IPSEC 1 + +#ifndef CONFIG_IPSEC_AH +#define CONFIG_IPSEC_AH 1 +#endif + +#ifndef CONFIG_IPSEC_DEBUG +#define CONFIG_IPSEC_DEBUG 1 +#endif + +#ifndef CONFIG_IPSEC_ESP +#define CONFIG_IPSEC_ESP 1 +#endif + +#ifndef CONFIG_IPSEC_IPCOMP +#define CONFIG_IPSEC_IPCOMP 1 +#endif + +#ifndef CONFIG_IPSEC_IPIP +#define CONFIG_IPSEC_IPIP 1 +#endif + +#ifndef CONFIG_IPSEC_AUTH_HMAC_MD5 +#define CONFIG_IPSEC_AUTH_HMAC_MD5 1 +#endif + +#ifndef CONFIG_IPSEC_AUTH_HMAC_SHA1 +#define CONFIG_IPSEC_AUTH_HMAC_SHA1 1 +#endif + +#ifndef CONFIG_IPSEC_DYNDEV +#define CONFIG_IPSEC_DYNDEV 1 +#endif + +#ifndef CONFIG_IPSEC_ENC_3DES +#define CONFIG_IPSEC_ENC_3DES 1 +#endif + +#ifndef CONFIG_IPSEC_REGRESS +#define CONFIG_IPSEC_REGRESS 0 +#endif + +/* keep rhconfig.h from doing anything */ +#define __rh_config_h__ + +/* pick which arch we are supposed to be */ +#undef __module__smp +#define __module__up +#define __module__i586 +#define __module__i586_up + +#if defined(__module__smp) || defined(__module__BOOTsmp) || defined(__module__enterprise) || defined(__module__bigmem) +#define _ver_str(x) smp_ ## x +#else +#define _ver_str(x) x +#endif + +#define RED_HAT_LINUX_KERNEL 1 + +#endif /* _CONFIG_RH_I586_H_ */ + diff --git a/packaging/redhat/config-i686-bigmem.h b/packaging/redhat/config-i686-bigmem.h new file mode 100644 index 000000000..4d870cbaf --- /dev/null +++ b/packaging/redhat/config-i686-bigmem.h @@ -0,0 +1,78 @@ +#ifndef _CONFIG_RH_I586_H_ +/* + * Copyright (C) 2002 Michael Richardson <mcr@freeswan.org> + * + * This kernel module is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>. + * + * This kernel module is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + * + * RCSID $Id: config-i686-bigmem.h,v 1.1 2004/03/15 20:35:27 as Exp $ + */ +#define _CONFIG_RH_I686_BIGMEM_H_ /* seen it, no need to see it again */ + +#define CONFIG_IPSEC 1 + +#ifndef CONFIG_IPSEC_AH +#define CONFIG_IPSEC_AH 1 +#endif + +#ifndef CONFIG_IPSEC_DEBUG +#define CONFIG_IPSEC_DEBUG 1 +#endif + +#ifndef CONFIG_IPSEC_ESP +#define CONFIG_IPSEC_ESP 1 +#endif + +#ifndef CONFIG_IPSEC_IPCOMP +#define CONFIG_IPSEC_IPCOMP 1 +#endif + +#ifndef CONFIG_IPSEC_IPIP +#define CONFIG_IPSEC_IPIP 1 +#endif + +#ifndef CONFIG_IPSEC_AUTH_HMAC_MD5 +#define CONFIG_IPSEC_AUTH_HMAC_MD5 1 +#endif + +#ifndef CONFIG_IPSEC_AUTH_HMAC_SHA1 +#define CONFIG_IPSEC_AUTH_HMAC_SHA1 1 +#endif + +#ifndef CONFIG_IPSEC_DYNDEV +#define CONFIG_IPSEC_DYNDEV 1 +#endif + +#ifndef CONFIG_IPSEC_ENC_3DES +#define CONFIG_IPSEC_ENC_3DES 1 +#endif + +#ifndef CONFIG_IPSEC_REGRESS +#define CONFIG_IPSEC_REGRESS 0 +#endif + +/* keep rhconfig.h from doing anything */ +#define __rh_config_h__ + +/* pick which arch we are supposed to be */ +#undef __module__up +#define __module__bigmem +#define __module__i686_bigmem + +#if defined(__module__smp) || defined(__module__BOOTsmp) || defined(__module__enterprise) || defined(__module__bigmem) +#define _ver_str(x) smp_ ## x +#else +#define _ver_str(x) x +#endif + +#define RED_HAT_LINUX_KERNEL 1 + +#endif /* _CONFIG_RH_I686_BIGMEM_H_ */ + diff --git a/packaging/redhat/config-i686-smp.h b/packaging/redhat/config-i686-smp.h new file mode 100644 index 000000000..9abd7a7d1 --- /dev/null +++ b/packaging/redhat/config-i686-smp.h @@ -0,0 +1,79 @@ +#ifndef _CONFIG_RH_I586_H_ +/* + * Copyright (C) 2002 Michael Richardson <mcr@freeswan.org> + * + * This kernel module is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>. + * + * This kernel module is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + * + * RCSID $Id: config-i686-smp.h,v 1.1 2004/03/15 20:35:27 as Exp $ + */ +#define _CONFIG_RH_I686_SMP_H_ /* seen it, no need to see it again */ + +#define CONFIG_IPSEC 1 + +#ifndef CONFIG_IPSEC_AH +#define CONFIG_IPSEC_AH 1 +#endif + +#ifndef CONFIG_IPSEC_DEBUG +#define CONFIG_IPSEC_DEBUG 1 +#endif + +#ifndef CONFIG_IPSEC_ESP +#define CONFIG_IPSEC_ESP 1 +#endif + +#ifndef CONFIG_IPSEC_IPCOMP +#define CONFIG_IPSEC_IPCOMP 1 +#endif + +#ifndef CONFIG_IPSEC_IPIP +#define CONFIG_IPSEC_IPIP 1 +#endif + +#ifndef CONFIG_IPSEC_AUTH_HMAC_MD5 +#define CONFIG_IPSEC_AUTH_HMAC_MD5 1 +#endif + +#ifndef CONFIG_IPSEC_AUTH_HMAC_SHA1 +#define CONFIG_IPSEC_AUTH_HMAC_SHA1 1 +#endif + +#ifndef CONFIG_IPSEC_DYNDEV +#define CONFIG_IPSEC_DYNDEV 1 +#endif + +#ifndef CONFIG_IPSEC_ENC_3DES +#define CONFIG_IPSEC_ENC_3DES 1 +#endif + +#ifndef CONFIG_IPSEC_REGRESS +#define CONFIG_IPSEC_REGRESS 0 +#endif + +/* keep rhconfig.h from doing anything */ +#define __rh_config_h__ + +/* pick which arch we are supposed to be */ +#undef __module__up +#define __module__smp +#define __module__i686 +#define __module__i686_smp + +#if defined(__module__smp) || defined(__module__BOOTsmp) || defined(__module__enterprise) || defined(__module__bigmem) +#define _ver_str(x) smp_ ## x +#else +#define _ver_str(x) x +#endif + +#define RED_HAT_LINUX_KERNEL 1 + +#endif /* _CONFIG_RH_I686_SMP_H_ */ + diff --git a/packaging/redhat/config-i686.h b/packaging/redhat/config-i686.h new file mode 100644 index 000000000..4e4d7b292 --- /dev/null +++ b/packaging/redhat/config-i686.h @@ -0,0 +1,79 @@ +#ifndef _CONFIG_RH_I586_H_ +/* + * Copyright (C) 2002 Michael Richardson <mcr@freeswan.org> + * + * This kernel module is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>. + * + * This kernel module is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + * + * RCSID $Id: config-i686.h,v 1.1 2004/03/15 20:35:27 as Exp $ + */ +#define _CONFIG_RH_I686_H_ /* seen it, no need to see it again */ + +#define CONFIG_IPSEC 1 + +#ifndef CONFIG_IPSEC_AH +#define CONFIG_IPSEC_AH 1 +#endif + +#ifndef CONFIG_IPSEC_DEBUG +#define CONFIG_IPSEC_DEBUG 1 +#endif + +#ifndef CONFIG_IPSEC_ESP +#define CONFIG_IPSEC_ESP 1 +#endif + +#ifndef CONFIG_IPSEC_IPCOMP +#define CONFIG_IPSEC_IPCOMP 1 +#endif + +#ifndef CONFIG_IPSEC_IPIP +#define CONFIG_IPSEC_IPIP 1 +#endif + +#ifndef CONFIG_IPSEC_AUTH_HMAC_MD5 +#define CONFIG_IPSEC_AUTH_HMAC_MD5 1 +#endif + +#ifndef CONFIG_IPSEC_AUTH_HMAC_SHA1 +#define CONFIG_IPSEC_AUTH_HMAC_SHA1 1 +#endif + +#ifndef CONFIG_IPSEC_DYNDEV +#define CONFIG_IPSEC_DYNDEV 1 +#endif + +#ifndef CONFIG_IPSEC_ENC_3DES +#define CONFIG_IPSEC_ENC_3DES 1 +#endif + +#ifndef CONFIG_IPSEC_REGRESS +#define CONFIG_IPSEC_REGRESS 0 +#endif + +/* keep rhconfig.h from doing anything */ +#define __rh_config_h__ + +/* pick which arch we are supposed to be */ +#undef __module__smp +#define __module__up +#define __module__i686 +#define __module__i686_up + +#if defined(__module__smp) || defined(__module__BOOTsmp) || defined(__module__enterprise) || defined(__module__bigmem) +#define _ver_str(x) smp_ ## x +#else +#define _ver_str(x) x +#endif + +#define RED_HAT_LINUX_KERNEL 1 + +#endif /* _CONFIG_RH_I686_H_ */ + diff --git a/packaging/redhat/freeswan.spec b/packaging/redhat/freeswan.spec new file mode 100644 index 000000000..83b59fc8c --- /dev/null +++ b/packaging/redhat/freeswan.spec @@ -0,0 +1,176 @@ +Summary: FreeS/WAN IPSEC implementation +Name: freeswan +Version: 2.04 +%define defkv %(rpm -q --qf='%{Version}-%{Release}\\n' kernel-source|tail -1) +# The default kernel version to build for is the latest of +# the installed kernel-source RPMs. +# This can be overridden by "--define 'kversion x.x.x-y.y.y'" +%{!?kversion: %{expand: %%define kversion %defkv}} +%define krelver %(echo %{kversion} | tr -s '-' '_') +# FreeS/WAN -pre/-rc nomenclature has to co-exist with hyphen paranoia +%define srcpkgver %(echo %{version} | tr -s '_' '-') +%define our_release 1fs +%define debug_package %{nil} +Release: %{our_release} +License: GPL +Url: http://www.freeswan.org/ +Source: freeswan-%{srcpkgver}.tar.gz +Group: System Environment/Daemons +BuildRoot: /var/tmp/%{name}-%{PACKAGE_VERSION}-root +%define __spec_install_post /usr/lib/rpm/brp-compress || : +BuildRequires: kernel-source = %{kversion} + +%package userland +Summary: FreeS/WAN IPSEC usermod tools +Group: System Environment/Daemons +Provides: ipsec-userland +Obsoletes: freeswan +Requires: ipsec-kernel +Release: %{our_release} + +%package doc +Summary: FreeS/WAN IPSEC full documentation +Group: System Environment/Daemons +Release: %{our_release} + +%package module +Summary: FreeS/Wan kernel module +Group: System Environment/Kernel +Release: %{krelver}_%{our_release} +Provides: ipsec-kernel +Requires: kernel = %{kversion} +# do not make the dependancy circular for now. +#Requires: ipsec-userland + +%description userland +FreeS/WAN is a free implementation of IPSEC & IKE for Linux. IPSEC is +the Internet Protocol Security and uses strong cryptography to provide +both authentication and encryption services. These services allow you +to build secure tunnels through untrusted networks. Everything passing +through the untrusted net is encrypted by the ipsec gateway machine and +decrypted by the gateway at the other end of the tunnel. The resulting +tunnel is a virtual private network or VPN. + +This package contains the daemons and userland tools for setting up +FreeS/WAN on a freeswan enabled kernel. + +%description module +This package contains only the ipsec module for the RedHat series of kernels. + +%description doc +This package contains extensive documentation of the FreeeS/WAN IPSEC +system. + +%description +A dummy package that installs userland and kernel pieces. + +%prep +%setup -q -n freeswan-%{srcpkgver} + +%build +%{__make} \ + USERCOMPILE="-g %{optflags}" \ + INC_USRLOCAL=%{_prefix} \ + MANTREE=%{_mandir} \ + INC_RCDEFAULT=%{_initrddir} \ + programs +FS=$(pwd) +mkdir -p BUILD.%{_target_cpu} +mkdir -p BUILD.%{_target_cpu}-smp + +cd packaging/redhat +for smp in -smp "" +do +%{__make} -C $FS MODBUILDDIR=$FS/BUILD.%{_target_cpu}$smp \ + FREESWANSRCDIR=$FS \ + KERNELSRC=/usr/src/linux-%{kversion} \ + ARCH=%{_arch} \ + SUBARCH=%{_arch} \ + MODULE_DEF_INCLUDE=$FS/packaging/redhat/config-%{_target_cpu}$smp.h \ + module +done + +%install +%{__make} \ + DESTDIR=%{buildroot} \ + INC_USRLOCAL=%{_prefix} \ + MANTREE=%{buildroot}%{_mandir} \ + INC_RCDEFAULT=%{_initrddir} \ + install +install -d -m700 %{buildroot}%{_localstatedir}/run/pluto +install -d %{buildroot}%{_sbindir} + +mkdir -p %{buildroot}/lib/modules/%{kversion}/kernel/net/ipsec +cp BUILD.%{_target_cpu}/ipsec.o \ + %{buildroot}/lib/modules/%{kversion}/kernel/net/ipsec + +mkdir -p %{buildroot}/lib/modules/%{kversion}smp/kernel/net/ipsec +cp BUILD.%{_target_cpu}-smp/ipsec.o \ + %{buildroot}/lib/modules/%{kversion}smp/kernel/net/ipsec + +%clean +rm -rf ${RPM_BUILD_ROOT} + +%files doc +%defattr(-,root,root) +%doc doc +%doc %{_defaultdocdir}/freeswan/ipsec.conf-sample + +%files userland +%defattr(-,root,root) +%doc BUGS CHANGES COPYING +%doc CREDITS INSTALL README +%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ipsec.conf +%attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d +%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ipsec.d/policies/* +%config(noreplace) %{_initrddir}/ipsec +%{_libdir}/ipsec +%{_sbindir}/ipsec +%{_libexecdir}/ipsec +%doc %{_mandir}/*/* +%{_localstatedir}/run/pluto + +%files module +%defattr (-,root,root) +/lib/modules/%{kversion}/kernel/net/ipsec +/lib/modules/%{kversion}smp/kernel/net/ipsec + +%pre userland +%preun userland +if [ $1 = 0 ]; then + /sbin/service ipsec stop || : + /sbin/chkconfig --del ipsec +fi + +%postun userland +if [ $1 -ge 1 ] ; then + /sbin/service ipsec stop 2>&1 > /dev/null && /sbin/service ipsec start 2>&1 > /dev/null || : +fi + +%postun module +%post module + +%post userland +chkconfig --add ipsec + +%changelog +* Fri Aug 22 2003 Sam Sgro <sam@freeswan.org> +- Juggling release/source package names to allow for + -pre/-rc releases to build. + +* Thu Aug 14 2003 Sam Sgro <sam@freeswan.org> +- Reverting back to pre-x.509 version, cosmetic changes. + +* Tue May 20 2003 Charlie Brady <charlieb@e-smith.com> 2.0.0-x509_1.3.2_2es +- Add "Obsoletes: freeswan" to userland RPM. + +* Fri May 16 2003 Charlie Brady <charlieb@e-smith.com> 2.0.0-x509_1.3.2_1es +- Add version 1.3.2 of the x509 patch. +- Add missing /usr/libexec/ipsec dir and files. +- Minor tidy up of spec file. + +* Thu May 15 2003 Charlie Brady <charlieb@e-smith.com> 2.0.0-1es +- Based on work by Paul Lahaie of Steamballoon, Michael + Richardson of freeS/WAN team and Tuomo Soini <tis@foobar.fi>. +- Build freeswan RPMs from a single source RPM, for RedHat, but + should work on any RPM based system. diff --git a/packaging/redhat/kernel-list.txt b/packaging/redhat/kernel-list.txt new file mode 100644 index 000000000..e24d827e1 --- /dev/null +++ b/packaging/redhat/kernel-list.txt @@ -0,0 +1,9 @@ +athlon-smp i386 i386 +athlon i386 i386 +i386-smp i386 i386 +i386 i386 i386 +i586-smp i386 i386 +i586 i386 i386 +i686-smp i386 i386 +i686-bigmem i386 i386 +i686 i386 i386 diff --git a/packaging/redhat/rpm.in b/packaging/redhat/rpm.in new file mode 100644 index 000000000..4ede8ebc5 --- /dev/null +++ b/packaging/redhat/rpm.in @@ -0,0 +1,149 @@ +# fairly minimal RPM spec file, does only packaging +# Based on work by Paul Lahaie of Steamballoon. +# This file is touched up by sed (in the Makefile) before it is actually used. +Summary: Kernel with FreeS/WAN +Name: freeswan +Version: @IPSECVERSION@_@KERNELVERSION@ +Release: 0 +Copyright: GPL +Source: freeswan-%{version}.tar.gz +Group: System Environment/Daemons +BuildRoot: /var/tmp/%{name}-%{PACKAGE_VERSION}-root +%define __spec_install_post /usr/lib/rpm/brp-compress || : +%define KernelVer @KERNELVERSIONORIG@ +Requires: ipsec-userland ipsec-kernel + +%package userland +Summary: Kernel with FreeS/WAN +Group: System Environment/Daemons +Provides: ipsec-userland +Requires: ipsec-kernel + +%package module +Summary: FreeS/Wan kernel module +Group: System Environment/Kernel +Provides: ipsec-kernel +# do not make the dependancy circular for now. +#Requires: ipsec-userland + +%description userland +This package contains the daemons and userland tools for setting up +FreeS/WAN on a freeswan enabled kernel. + +%description module +This package contains only the ipsec module for the RedHat series of kernels. + +%description +A dummy package that installs userland and kernel pieces. + +%prep + +%build + +%install + +%clean +rm -rf ${RPM_BUILD_ROOT} + +%files userland +%defattr(-,root,root) +@PUBDIR@/ipsec +@FINALBINDIR@/* +@FINALLIBDIR@/* +/etc/rc.d/init.d/ipsec + +%attr(0644,root,root) %config @FINALCONFDIR@/ipsec.conf +%attr(0644,root,root) %config @FINALCONFDDIR@/policies/clear +%attr(0644,root,root) %config @FINALCONFDDIR@/policies/private +%attr(0644,root,root) %config @FINALCONFDDIR@/policies/block +%attr(0644,root,root) %config @FINALCONFDDIR@/policies/private-or-clear +%attr(0644,root,root) %config @FINALCONFDDIR@/policies/clear-or-private + +%doc @MANTREE@/man3/* +%doc @MANTREE@/man5/* +%doc @MANTREE@/man8/* +%doc @FINALEXAMPLECONFDIR@/* + +%files module +%defattr (-,root,root) +/lib/modules/%{KernelVer}/kernel/net/ipsec + +%pre userland +if [ -f /etc/ipsec.conf ] +then + cp -f --backup=t /etc/ipsec.conf /etc/ipsec.conf.prerpm > /dev/null 2> /dev/null +fi + +%preun userland +sh /etc/rc.d/init.d/ipsec stop || exit 0 + +%postun module +# This is a kludge to handle the fact that ipsec.o is not deleted +# on plain jane RPM uninstall. +for i in /lib/modules/*@KERNELVERSIONORIG@* + do + mv -f --backup=t "$i"/kernel/net/ipsec/ipsec.o "$i"/kernel/net/ipsec/ipsec.o.rpmbak > /dev/null 2> /dev/null + done || exit 0 + +%post module +# Same RPM uninstall kludge. +for i in /lib/modules/*@KERNELVERSIONORIG@* + do + mv -f --backup=t "$i"/kernel/net/ipsec/ipsec.o "$i"/kernel/net/ipsec/ipsec.o.rpmbak > /dev/null 2> /dev/null + done +echo "do not forget to install the userland utilities" +exit 0 + +%post userland +chkconfig --add ipsec +echo "invoke \"service ipsec start\" or reboot to begin" + +%changelog +# +# $Log: rpm.in,v $ +# Revision 1.1 2004/03/15 20:35:27 as +# added files from freeswan-2.04-x509-1.5.3 +# +# Revision 1.6 2003/01/30 23:31:34 sam +# +# dhr contributed changes. still may need modification, but I'm committing +# before I leave. +# +# Revision 1.5 2003/01/14 22:03:44 sam +# include policy files in RPM. +# +# Revision 1.4 2003/01/04 07:38:11 build +# *** empty log message *** +# +# Revision 1.3 2002/12/12 05:45:41 sam +# new template file from 1.99 pulled up in part +# +# Revision 1.2.2.1 2002/12/07 23:47:22 sam +# merging in a few 1.99 rpm.in changes. +# +# Revision 1.2 2002/10/30 06:54:15 sam +# Updates to take into account lib vs libexec - so we don't miss files. +# +# Revision 1.1 2002/10/06 08:35:54 sam +# RPM template +# +# Revision 1.9 2002/06/16 21:53:49 mcr +# added missing clauses to userland section. +# +# Revision 1.8 2002/06/16 20:18:41 mcr +# 2.00 series RPM will have a "freeswan-userland" rather than +# a "freeswan-X" RPM. Among other things, it makes regexp easier +# to locate the different pieces. +# +# Revision 1.7 2002/06/11 23:10:53 mcr +# added dependancies from userland->kernel. +# cross-dependancies considered but cause too much user pain. +# +# Revision 1.6 2002/06/09 15:46:41 mcr +# move installed modules for make rpm to kernel versioned directory. +# +# Revision 1.5 2002/04/11 02:50:30 mcr +# added %post to make ipsec start, and %post to shut it down. +# added %changelog as well. +# +# diff --git a/packaging/utils/backup b/packaging/utils/backup new file mode 100755 index 000000000..0c860c280 --- /dev/null +++ b/packaging/utils/backup @@ -0,0 +1,80 @@ +#! /bin/sh +# make backup of FreeSwan repository +# -l local build only, do not transmit + +#scphost=freeswan@xs1.xs4all.nl +scphost=henry@adams.freeswan.org +scpdir=backup +pfile=~freeswan/etc/relpass +ppfile=~freeswan/etc/bpp + +PATH=/bin:/usr/bin +export PATH +umask 077 + +tmpdir=~freeswan/tmp +tarname=freeswan.tar + +. ~freeswan/setup + +cd $tmpdir +rm -f $tarname $tarname.gz +touch $tarname + +cd ~freeswan +tar -cf $tmpdir/$tarname `ls -a | + egrep -v '^(\.|\.\.|archive|\.nobak|\.ssh|\.ssh2|tmp)$'` + +cd $tmpdir +gzip -9 $tarname +ls -l $tarname.gz + +if test " $1" = " -l" +then + exit 0 +fi + +echo updating >notice + +date +expect -nN -c " + set scphost $scphost + set scpdir $scpdir + set pfile $pfile + set ppfile $ppfile + set tarname $tarname + "' + # canned procedure for scp copying + proc scp {from to} { + global p scphost scpdir + spawn scp2 -p -q $from $scphost:$scpdir/$to + set timeout -1 + expect { + "word:" { + set fname $pfile + # fall out + } + {":} { + set fname $ppfile + # fall out + } + eof { + puts "eofed!" + return + }} + sleep 3 + set f [open $fname r] + set p [read $f] + close $f + send "$p\r" + expect "\n" + expect eof + wait + } + + scp notice $tarname.gz + scp $tarname.gz $tarname.gz + # done' +date + +rm -f $tarname.gz diff --git a/packaging/utils/branch b/packaging/utils/branch new file mode 100755 index 000000000..2c13d4b6a --- /dev/null +++ b/packaging/utils/branch @@ -0,0 +1,70 @@ +#! /bin/sh +# branch release + +PATH=/bin:/usr/bin ; export PATH +umask 022 + +. $HOME/freeswan-regress-env.sh + +case "$1" in +*.*) ;; +*) echo "Usage: $0 release [file...]" >&2 ; exit 2 ;; +esac + +rel="$1" +shift +tr="`echo $rel | tr '.' '_'`" +pre=PRE$tr +base=BASE$pre + +echo "generating key for branch" +SNAPPGP=$SNAPSHOTSIGDIR/$base +# Note: PGPPATH is limited to 50 characters. +PGPPATH=$SNAPPGP export PGPPATH +mkdir -p $PGPPATH +touch $PGPPATH/pgpdoc1.txt +touch $PGPPATH/pgpdoc2.txt + +if [ ! -f $PGPPATH/secring.pgp ] +then + echo "Please set userid to '<build+snap$tr@freeswan.org>'$PGPPATH" + pgp -kg + + echo -n "Please insert release key floppy for signature" + read ans + mount /mnt/build + PGPPATH=/mnt/build/freeswan export PGPPATH + + echo "Now signing key - please answer yes." + pgp $SNAPPGP/pubring.pgp + + echo Please put key in $SNAPPGP/signedkey.asc + pgp -kxa build+snap$tr@freeswan.org + + umount /mnt/build + +fi + +if [ ! -f snapshotsigs.pgp ] +then + PGPPATH=$SNAPPGP export PGPPATH + echo "Now importing key" + pgp $SNAPPGP/signedkey.asc + + cp $SNAPPGP/signedkey.asc snapshotsigs.pgp + cvs add snapshotsigs.pgp + cvs commit -m"Signing key for $rel" snapshotsigs.pgp +fi + +echo -n "PGP finished, now budding, press enter" +read ans + +echo "budding..." +rm -f Makefile.ver +cvs tag $opt -c $base $* +echo +echo "branching..." +cvs tag $opt -b -r $base $pre $* + + + diff --git a/packaging/utils/canrel b/packaging/utils/canrel new file mode 100755 index 000000000..567ce96a8 --- /dev/null +++ b/packaging/utils/canrel @@ -0,0 +1,55 @@ +#! /bin/sh +# canrel [-F] release +# -F means override previous run +# current versions in the repository are used +# must be run in a release-branch CVS working directory with current top/* + +PATH=/bin:/usr/bin ; export PATH +umask 022 + +. ~build/freeswan-regress-env.sh + +opt= +case "$1" in +-F) opt=-F ; shift ;; +esac + +case "$#:$1" in +1:*.*) ;; +*) echo "Usage: $0 release" >&2 ; exit 2 ;; +esac + +rel="$1" +pretag="PRE`echo $rel | tr '.' '_'`" +rtag="R`echo $rel | tr '.' '_'`" + +sed '1s/xxx/'"$rel"'/' README >README.$$ +if cmp -s README README.$$ +then + : already current, for some reason + rm -f README.$$ +else + mv README.$$ README + cvs -Q commit -m "update for release $rel" README +fi +sed '/=.*/s//='"$rel"'/' Makefile.ver >mversion.$$ +if cmp -s Makefile.ver mversion.$$ +then + : already current, for some reason + rm -f mversion.$$ +else + mv mversion.$$ Makefile.ver + cvs -Q commit -m "update for release $rel" Makefile.ver +fi +sed '1s/xxx/'"$rel"'/' CHANGES >CHANGES.$$ +if cmp -s CHANGES CHANGES.$$ +then + : already current, for some reason + rm -f CHANGES.$$ +else + mv CHANGES.$$ CHANGES + cvs -Q commit -m "update for release $rel" CHANGES +fi +cd .. + +cvs rtag $opt -r $pretag $rtag all diff --git a/packaging/utils/disttools.pl b/packaging/utils/disttools.pl new file mode 100644 index 000000000..4ea8db61d --- /dev/null +++ b/packaging/utils/disttools.pl @@ -0,0 +1,357 @@ +#!/usr/bin/perl + +# +# $Id: disttools.pl,v 1.1 2004/03/15 20:35:27 as Exp $ +# +# $Log: disttools.pl,v $ +# Revision 1.1 2004/03/15 20:35:27 as +# added files from freeswan-2.04-x509-1.5.3 +# +# Revision 1.13 2003/06/17 22:30:06 build +# adjusted userid to pick +# use key that is offline. +# +# Revision 1.12 2002/09/30 16:02:17 mcr +# added handling for date stamp. +# +# Revision 1.11 2002/08/30 01:30:25 mcr +# changed code to write maintain local copy of FTP site, +# and rsync things up when needed. +# +# Revision 1.10 2002/07/29 05:13:33 mcr +# append .gz to patch files before they are signed. +# +# Revision 1.9 2002/07/29 04:02:21 mcr +# removed errant ) from tar copy line. +# +# Revision 1.8 2002/07/29 03:57:59 mcr +# produce kernel patches as part of the snapshots, candidates +# and releases. +# +# Revision 1.7 2002/06/07 18:23:49 mcr +# adjusted sendfiles to use tar to copy rather than scp. +# mkcand now prints usage if you don't give it enough arguments. +# It also now updates the "CANDIDATE" symlink. +# mksnap properly quotes the wildcards in the -name for find. +# +# Revision 1.6 2002/06/03 03:10:58 mcr +# "upload" now takes argument to indicate name to +# install/upload for the symlink. +# +# Revision 1.5 2002/06/03 02:19:40 mcr +# fixed bug in datelettername() - y/sed was not applied to $let, +# but to $_. +# +# Revision 1.4 2002/06/03 02:14:16 mcr +# die statements are now numbered for easier backtracking. +# candidate checks are now done if $candidate arg=1: edit README +# and CHANGES file for mkcand. +# +# Revision 1.3 2002/05/30 23:24:22 mcr +# working "mksnap" and disttools.pl. +# +# Revision 1.2 2002/05/30 22:20:56 mcr +# initial debugging done. +# +# Revision 1.1 2002/05/30 21:24:00 mcr +# perl-ified mksnap. +# +# + +@supportedkernels=("2.0", "2.2", "2.4"); + +sub nicesystem { + if($debug) { + print STDERR "System: ",join(' ',@_)."\n"; + } + system(@_); + if($? == 0) { + return 1; + } else { + return 0; + } +} + +sub kpatchname { + local($pkgname, $ver)=@_; + local($name); + + $name = $pkgname.".k".$ver.".patch"; + return $name; +} + + +sub datelettername { + @MoY = ('jan','feb','mar','apr','may','jun', + 'jul','aug','sep','oct','nov','dec'); + + $letters="abcdefghjklmnpqrstuvwxyz"; + + ($sec, $min, $hour, $mday, $mon, $year) = gmtime(time); + + $let=substr($letters, $hour-1, 1); + if($min >= 30) { + $let =~ y/a-z/A-Z/; + } + + if($year < 1900) { + $year += 1900; + } + + $ver=sprintf("%04d%s%02d%s", $year, $MoY[$mon], $mday, $let); + $ver; +} + +sub snapname { + local($prefix)=@_; + $snapname=$prefix.&datelettername; + $snapname; +} + +sub suckvars { + $envvar=$ENV{'HOME'}."/freeswan-regress-env.sh"; + + if(-f $envvar) { + + open(SHVARS, $envvar) || die "001: Can not open $envvar: $!\n"; + while(<SHVARS>) { + chop; + next if (/^\#/); + + if(/(\S+)\=(\S+)/) { + $var=$1; + $value=$2; + + $ENV{$var}=$value; + } + } + close(SHVARS); + } +} + +sub defvar { + local($var,$value)=@_; + + if(!defined($ENV{$var})) { + $ENV{$var}=$value; + } +} + +sub defvars { + &defvar('BTMP', '/btmp'); + if($ENV{'DEBUGFREESWANDIST'}) { + $debug=$ENV{'DEBUGFREESWANDIST'}; + } +} + +sub setuppgp { + local($lastrel)=@_; + + $lastrel =~ y/\./\_/; + + $ENV{'PGPPATH'}=$ENV{'SNAPSHOTSIGDIR'}."/BASEPRE$lastrel"; + $ENV{'PGPNAME'}="build+snap".$lastrel."\@freeswan.org"; +} + +sub dopgpsig { + local($pkgname)=@_; + + local($tarfile); + $tarfile=$pkgname.".tar"; + + $userid=$ENV{'PGPNAME'}; + &nicesystem("pgp -sba $tarfile.gz -u $userid -o $tarfile.gz.sig") || die "002: PGP failed: $?\n"; + &nicesystem("chmod a+r $tarfile.gz.sig"); + + foreach $ver (@supportedkernels) { + $file=&kpatchname($pkgname,$ver).".gz"; + &nicesystem("pgp -sba $file -u $userid -o $file.sig") || die "002: PGP failed: $?\n"; + &nicesystem("chmod a+r $file.sig"); + } +} + + +# this function now does two things: +# 1) makes the tar file of old +# 2) makes the kernel patch file of new. +# + +sub makedisttarfile { + local($tmpdir, $pkgname, $vername, $dirname, $date, $relopt, $candidate)=@_; + local($file); + + &nicesystem("mkdir -p $tmpdir") || die "003: Can not mkdir $tmpdir\n"; + chdir($tmpdir) || die "004: makedisttarfile: Can not chdir to $tmpdir\n"; + + # nuke anything that was there before + &nicesystem("rm -rf $dirname"); + + if(defined($date) && $date ne '') { + $minusD="-D \"${date}\""; + } + + print "cvs -Q export $minusD ${relopt} -d ${dirname} freeswan\n"; + + &nicesystem("cvs -Q export $minusD ${relopt} -d ${dirname} freeswan") || die "005: CVS failed!\n"; + + chdir($dirname) || die "006: Can not chdir to $dirname\n"; + + open(VERSIONFILE, ">Makefile.ver") || die "007: failed to open Makefile.ver\n"; + print VERSIONFILE "IPSECVERSION=".$vername."\n"; + close(VERSIONFILE); + + if($candidate) { + open(README, "README") || die "008: Can not edit README: $!\n"; + $nreadme="README.$$"; + open(NREADME, ">$nreadme") || die "009: Can not write README: $!\n"; + $lines=1; + while(<README>) { + if($lines == 1) { + s/xxx/$vername/; + } +# if(/^---$/) { +# print STDERR "README not ready, run prepcand first\n"; +# die; +# } + $lines++; + print NREADME; + } + close(NREADME); + close(README); + unlink("README") || die "010: Can not remove README: $!\n"; + rename("$nreadme", "README") || die "011: Can not rename $nreadme to README: $!\n"; + + # now edit CHANGES file + open(CHANGES, "CHANGES") || die "012: Can not edit README: $!\n"; + $nchanges="CHANGES.$$"; + open(NCHANGES,">$nchanges") || die "013: Can not write README: $!\n"; + $lines=1; + while(<CHANGES>) { + if($lines == 1) { + if(/since last release/) { + die "CHANGES not ready, run prepcand first"; + } + s/xxx/$vername/; + } + $lines++; + print NCHANGES; + } + close(NCHANGES); + close(CHANGES); + unlink("CHANGES") || die "014: Can not remove CHANGES: $!\n"; + rename("$nchanges", "CHANGES") || die "015: Can not rename $nreadme to README: $!\n"; + } + + &nicesystem("make -f dtrmakefile -s snapready") || die "016: failed to make snapshot ready for distribution: $?\n"; + + chdir("..") || die "017: failed to go to parent dir: $!\n"; + + unlink("$pkgname.tar"); + unlink("$pkgname.tar.gz"); + unlink("$pkgname.tar.gz.md5"); + + &nicesystem("tar -cf $pkgname.tar $dirname") || die "018: Failed to tar file: $?\n"; + + # make the kernelpatch for each of 2.0, 2.2, and 2.4. + foreach $ver (@supportedkernels) { + $file=&kpatchname($pkgname,$ver); + &nicesystem("make -C $dirname kernelpatch$ver >$file"); + &nicesystem("gzip -9 $file"); + } + + &nicesystem("rm -rf $dirname") || warn "failed to cleanup $dirname\n"; + + &nicesystem("gzip -9 $pkgname.tar") || die "019: gzip died: $?\n"; + + &nicesystem("ls -l $pkgname.tar.gz"); + + &nicesystem("md5sum $pkgname.tar.gz >$pkgname.tar.gz.md5"); + &nicesystem("chmod a+r $pkgname.tar.gz"); +} + +sub sendfiles { + local(@thefiles)=@_; + + local($file, $localroot); + +if($ENV{'DEV_DIR'}) { $localroot=$ENV{'DEV_DIR'}; } else { $localroot=$ENV{'LOCAL_ARCHIVE'}; } + + foreach $file (@thefiles) { + $dir=$file; + if(!($dir =~ s,(.*)/([^/]*),\1,)) { + $dir="."; + } else { + $file=$2; + } + + &nicesystem("tar -C $dir -c -f - $file | tar -C ${localroot} -x -f -"); + } +} + + +sub remotecmd { + local($cmd)=@_; + + $distuser=$ENV{'DISTUSER'}; + $disthost=$ENV{'DISTHOST'}; + $distdir =$ENV{'DISTDIR'}; + $ssh =$ENV{'ssh'}; + + &nicesystem("$ssh -l $distuser $disthost '$cmd'"); +} + + +sub upload { + local($pkgname, $symlinkname)=@_; + + local($localroot); + +if($ENV{'DEV_DIR'}) { $localroot=$ENV{'DEV_DIR'}; } else { $localroot=$ENV{'LOCAL_ARCHIVE'}; } + + &sendfiles("$pkgname.tar.gz", + "$pkgname.tar.gz.sig", + "$pkgname.tar.gz.md5"); + + foreach $ver (@supportedkernels) { + $file=&kpatchname($pkgname,$ver).".gz"; + &sendfiles($file, "$file.sig"); + } + + if(defined($symlinkname)) { + &sendfiles($symlinkname.".tar.gz.md5"); + &nicesystem("cd $localroot && ln -f -s $pkgname.tar.gz $symlinkname.tar.gz && ln -f -s $pkgname.tar.gz.sig $symlinkname.tar.gz.sig"); + + foreach $ver (@supportedkernels) { + $file=&kpatchname($pkgname,$ver); + $newname=&kpatchname($symlinkname,$ver); + &nicesystem("cd $localroot && ln -f -s $file.gz $newname.gz && ln -f -s $file.gz.sig $newname.gz.sig"); + } + + } +} + +sub upsync { + + local($localroot, $distuser, $disthost, $distdir, $spoolhost, $spooluser); + local($masterhost, $masteruser, $masterdir); + + $localroot=$ENV{'LOCAL_ARCHIVE'}; + $distuser=$ENV{'DISTUSER'}; + $disthost=$ENV{'DISTHOST'}; + $distdir =$ENV{'DISTDIR'}; + $ssh =$ENV{'ssh'}; + $masterhost = $ENV{'MASTERHOST'}; + $masteruser = $ENV{'MASTERUSER'}; + $masterdir = $ENV{'MASTERDIR'}; + + # sync stuff to distribution site. + &nicesystem("rsync -e $ssh -r --delete -a -v -c $localroot/ $masteruser\@$masterhost:$masterdir/"); + + # sync stuff to xs4all site. + &nicesystem(print "rsync -e $ssh -r --delete -a -v -c $localroot/ $distuser\@$disthost:$distdir/"); + &nicesystem("rsync -e $ssh -r --delete -a -v -c $localroot/ $distuser\@$disthost:$distdir/"); + +} + +1; + diff --git a/packaging/utils/errcheck b/packaging/utils/errcheck new file mode 100755 index 000000000..1a1ab5037 --- /dev/null +++ b/packaging/utils/errcheck @@ -0,0 +1,40 @@ +#! /bin/sh +# internal utility for testing kernel make output for errors +# Copyright (C) 1998, 1999 Henry Spencer. +# +# This program is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 2 of the License, or (at your +# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +# for more details. +# +# RCSID $Id: errcheck,v 1.1 2004/03/15 20:35:27 as Exp $ + +# the errors.[och] stuff is for math emulation +# the HiSax nonsense is due to a Red Hat 5.2 botch +# RH7.2 "make dep" builds stuff in drivers/macintosh (!!) using <asm/init.h> +# Red Hat's 2.2.19 whines about function read_rx_long_length_errors in e100.c +# 2.4.18: 53c700.h:40:2: #error "Config.in must define either CONFIG_53C700_IO_MAPPED or CONFIG_53C700_MEM_MAPPED to use this scsi core." +oops="`sed -e 's/-Werror/-Weror/g' \ + -e '/errors*\.[och]/s/errors*\./eror./g' \ + -e '/scsi_error/s//scsi_eror/' \ + -e '/KBUILD_BASENAME=errors/s/errors/eror/g' \ + -e '/#error .HiSax: No cards configured/s/error/eror/' \ + -e '/#error .<asm.init.h> should never be used/s/error/eror/' \ + -e '/53c700.h:[0-9:]* #error "Config.in must define either CONFIG_53C700_IO_MAPPED or CONFIG_53C700_MEM_MAPPED to use this scsi core."/s/error/eror/' \ + -e '/^e100.c: In function/s/length_errors/length_erors/' $* | + egrep -i 'error|\*\*\*' | egrep -v ': warning:'`" +if test " $oops" != " " +then + echo + echo "***ERRORS DETECTED in $* (examine file for details):" + echo "$oops" + echo + exit 1 +else + exit 0 +fi diff --git a/packaging/utils/kernel.patch.gen.sh b/packaging/utils/kernel.patch.gen.sh new file mode 100644 index 000000000..0bc726dd1 --- /dev/null +++ b/packaging/utils/kernel.patch.gen.sh @@ -0,0 +1,52 @@ +#!/bin/bash +# +# RCSID $Id: kernel.patch.gen.sh,v 1.1 2004/03/15 20:35:27 as Exp $ + +patchdir=`pwd` +kernelsrc=/usr/src/linux +[ "$1~" = "~" ] || kernelsrc=$1 +cd $kernelsrc +# clean out destination file for all patch +#echo "">$patchdir/all + +# find files to patch and loop +for i in `find . -name '*.preipsec'` +do + +# strip off '.preipsec' suffix +j=${i%.preipsec} + +# strip off './' prefix +k=${j#\.\/} + +# single unified diff +#diff -u $i $j >>$patchdir/all + +# convert '/' in filename to '.' to avoid subdirectories +sed -e 's/\//\./g' << EOI > /tmp/t +$k +EOI +l=`cat /tmp/t` +rm -f /tmp/t + +# *with* path from source root +#echo do diff -u $i $j '>' $patchdir/$l +echo found $i +echo "RCSID \$Id: kernel.patch.gen.sh,v 1.1 2004/03/15 20:35:27 as Exp $" >$patchdir/$l +diff -u $i $j >>$patchdir/$l + +done + +# +# $Log: kernel.patch.gen.sh,v $ +# Revision 1.1 2004/03/15 20:35:27 as +# added files from freeswan-2.04-x509-1.5.3 +# +# Revision 1.6 2002/04/25 17:04:16 mcr +# resurrected kernel.patch.gen.sh +# +# Revision 1.4 1999/04/06 04:54:30 rgb +# Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes +# patch shell fixes. +# +# diff --git a/packaging/utils/kerneldiff b/packaging/utils/kerneldiff new file mode 100755 index 000000000..5cd4f73e2 --- /dev/null +++ b/packaging/utils/kerneldiff @@ -0,0 +1,35 @@ +#!/bin/sh + +# wander through a FreeSWAN linux directory, comparing each file to +# a corresponding file in the argument $KERNELSRC directory, creating +# a diff that can be used to update the FreeSWAN source tree. +# +# This script is useful if you have used "make kernelpatch" to patch +# a kernel, and then had to edit the source code in the kernel tree. +# +# $Id: kerneldiff,v 1.1 2004/03/15 20:35:27 as Exp $ +# + +KERNELSRC=$1 +shift + +(cd linux && find . -type f -print) | grep -v CVS | egrep -v './Makefile' | while read file +do + base=`basename $file` + case $base in + .cvsignore) ;; + .*.o.flags) ;; + *.o) ;; + *~) ;; + *.$patchname.patch) ;; + *.patch) ;; + *.orig) ;; + *.rej) ;; + version.c);; + *) diff -u linux/$file $KERNELSRC/$file ;; + esac +done + +exit 0 + + diff --git a/packaging/utils/kernelpatch b/packaging/utils/kernelpatch new file mode 100755 index 000000000..d2b8e86f1 --- /dev/null +++ b/packaging/utils/kernelpatch @@ -0,0 +1,55 @@ +#!/bin/sh + +# wander through a FreeSWAN linux directory, creating a patch file (to stdout) +# that will apply the code to a kernel source directory. +# +# $Id: kernelpatch,v 1.1 2004/03/15 20:35:27 as Exp $ +# + +KERN=$1 +shift + +case $KERN in + 2.0) patchname=fs2_0;; + 2.2) patchname=fs2_2;; + 2.4) patchname=fs2_4;; + 2.5) patchname=fs2_5;; + *) echo "Invalid kernel patch target: $KERN"; exit 1;; +esac + +# make sure that sort gets the right locale. +LANG=C export LANG +LC_ALL=C export LC_ALL + + +find linux -type f -print | grep -v CVS | egrep -v 'linux/Makefile' | sort | while read file +do + base=`basename $file` + case $base in + TAGS) ;; + tags) ;; + .cvsignore) ;; + .*.o.flags) ;; + .\#*);; + *.o) ;; + *~) ;; + tagsfile.mak) ;; + *.$patchname.patch) cat $file;; + *.patch) ;; + *) diff -u /dev/null $file;; + esac +done + +# +# finally, we have to produce a diff for linux/net/linux/Makefile.ver, +# a file which is generated at runtime, so there is nothing in CVS. +# +echo '--- /dev/null Fri May 10 13:59:54 2002' +echo '+++ linux/net/ipsec/Makefile.ver Sun Jul 28 22:10:40 2002' +echo '@@ -0,0 +1 @@' +echo -n '+' +grep IPSECVERSION Makefile.ver + +exit 0 + + diff --git a/packaging/utils/kernelversion b/packaging/utils/kernelversion new file mode 100755 index 000000000..a021398af --- /dev/null +++ b/packaging/utils/kernelversion @@ -0,0 +1,10 @@ +#! /bin/sh +# determine kernel version code, mostly for use in RPM building + +awk 'BEGIN { FS = " *= *" } + NF != 2 { next } + $1 == "VERSION" { maj = $2 } + $1 == "PATCHLEVEL" { mid = $2 } + $1 == "SUBLEVEL" { min = $2 } + $1 == "EXTRAVERSION" { ext = $2 } + END { print maj "." mid "." min ext }' $* diff --git a/packaging/utils/kernelversion-short b/packaging/utils/kernelversion-short new file mode 100755 index 000000000..677f7b4da --- /dev/null +++ b/packaging/utils/kernelversion-short @@ -0,0 +1,8 @@ +#! /bin/sh +# determine kernel version code, mostly for use in RPM building + +awk 'BEGIN { FS = " *= *" } + NF != 2 { next } + $1 == "VERSION" { maj = $2 } + $1 == "PATCHLEVEL" { mid = $2 } + END { print maj "." mid }' $* diff --git a/packaging/utils/manlink b/packaging/utils/manlink new file mode 100755 index 000000000..84e6031b2 --- /dev/null +++ b/packaging/utils/manlink @@ -0,0 +1,74 @@ +#! /bin/sh +# +# $Id: manlink,v 1.1 2004/03/15 20:35:27 as Exp $ +# +# make list of alternate names for manpages + +PATH=/bin:/usr/bin ; export PATH +usage="$0 manpage ..." + +for m +do + bm=`basename $m` + if test ! -f $m + then + echo "$0: cannot find \`$m'" >&2 + exit 1 + fi + suf=$(expr $bm : '.*\([.][^.][^.]*\)$') + + # a .\"+ line rules + them=$(awk '/^\.\\"\+[ ]/ { for (i = 2; i <= NF; i++) print $i }' $m) + + # otherwise, try to intuit the list of names from the NAME section + if test " $them" = " " + then + them=$( awk '/^\.SH[ \t]+NAME/,/^\.SH[ \t]+[^N]/' $m | + egrep -v '^\.' | tr ' ,' ' ' | + sed -n '/ *\\*- *.*/s///p' | tr -s ' ' '\012' | + egrep -v '^ipsec$' ) + fi + + # do it + for f in $them + do + case $f in + ipsec*) ff="$f" ;; # ipsec.8, ipsec.conf.5, etc. + *) ff="ipsec_$f" ;; + esac + case $ff in + *.[1-8]) ;; + *) ff="$ff$suf" ;; + esac + #echo "Q: $bm FF: $ff" >&2 + if [ " $ff" != " $bm" ] && [ " $ff" != " ipsec_$bm" ] + then + echo $bm $ff + fi + done +done + +# +# $Log: manlink,v $ +# Revision 1.1 2004/03/15 20:35:27 as +# added files from freeswan-2.04-x509-1.5.3 +# +# Revision 1.8 2002/09/17 20:17:16 sam +# +# The "make doc" fix broke "make install" silently; some man page symlinks +# were being linked incorrectly. This resulted in files which passed the make +# install test but linked to nothing. +# +# Revision 1.7 2002/08/07 06:23:35 sam +# +# freeswan/packaging/utils/manlink +# +# Revision 1.6 2002/05/06 21:20:24 mcr +# manlink -n idea is a fail. It depended upon being able to +# read the man page at the installed location, which isn't going +# to work consistently. manlink now just generates a list of links +# that should be made, leaving the Makefile script to decide what +# to do with them. Further, it now processes the files found in the +# repository, rather than the ones installed. +# +# diff --git a/packaging/utils/maysnap b/packaging/utils/maysnap new file mode 100755 index 000000000..9685c1d20 --- /dev/null +++ b/packaging/utils/maysnap @@ -0,0 +1,41 @@ +#! /bin/sh +# consider making snapshot of FreeSwan code + +who=mcr +USER=build export USER + +. ~build/freeswan-regress-env.sh + +umask 022 + +cd ~build/WANTSNAP + +if test ! -f dosnap +then + exit 0 +fi + +set -x + +if test -f doingsnap +then + echo "snapshot already in progress" | mail -s "snapshot averted" $who + exit 0 +fi + +echo $$ >doingsnap +sort -u dosnap >/tmp/snap$$ +echo === >>/tmp/snap$$ +if ~build/bin/mksnap -S >>/tmp/snap$$ 2>&1 +then + #if ~build/bin/mksnap -r 1.97 -p pre1.98 >>/tmp/snap$$ 2>&1 + #then + rm -f dosnap + #fi +fi + +mail -s "snapshot report $reqd" $who </tmp/snap$$ +rm -f /tmp/snap$$ doingsnap + +find /btmp/build/snapshots -type f -ctime +5 -print | xargs -r rm + diff --git a/packaging/utils/maytest b/packaging/utils/maytest new file mode 100755 index 000000000..6bc08da11 --- /dev/null +++ b/packaging/utils/maytest @@ -0,0 +1,42 @@ +#! /bin/sh +# consider making snapshot of FreeSwan code + +who=mcr +USER=build export USER + +. ~build/freeswan-regress-env.sh + +umask 022 + +cd ~build/WANTSNAP + +if test ! -f dotest +then + exit 0 +fi + +if test -f doingtest +then + exit 0 +fi + +trap "rm -f ~build/WANTSNAP/doingtest ~build/WANTSNAP/dotest; exit 0" 0 1 2 15 + +set -x + +echo $$ >doingtest +sort -u doingtest >/tmp/nightly$$ +echo === >>/tmp/test$$ +if ~build/bin/nightly.sh >>/tmp/snap$$ 2>&1 +then + rm -f doingtest + rm -f dotest +fi + +mail -s "nightly test report $reqd" $who </tmp/nightly$$ +rm -f /tmp/nightly$$ dotest + +# kill any wayward linux processes +killuml linux + + diff --git a/packaging/utils/mkcand b/packaging/utils/mkcand new file mode 100755 index 000000000..91e69f62b --- /dev/null +++ b/packaging/utils/mkcand @@ -0,0 +1,126 @@ +#!/usr/bin/perl +# mkcand m.nn +# package candidate, leaving it in tmp directory + +require($ENV{'HOME'}."/bin/disttools.pl"); + +&defvars; +&suckvars; + +umask(022); + +$localdir=$ENV{'HOME'}."/archive"; +$ENV{'DEV_DIR'}=$localdir."/development"; +$tmpdir=$ENV{'BTMP'}."/".$ENV{'USER'}."/snapshots"; + +$transmit=1; +$snapprefix=""; +$tarinfix=""; +$date="now"; +$lastrel=$ENV{'LASTREL'}; + +sub usage { + print STDERR "mkcand:\n"; + print STDERR "\t-l do not transmit\n"; + print STDERR "\t-p name set candidate name\n"; + print STDERR "\t-r rel set release branch\n"; +} + +while(@ARGV) { + $_=shift; + + if(/^-l/) { + $transmit=0; + + } elsif(/^-S/) { + $symlink=1; + + } elsif(/^-p/) { + $rel=shift; + $snapprefix="pre$rel-"; + + } elsif(/^-r/) { + $arg=shift; + ($lastrel=$arg) =~ y/\./\_/; + $relopt="-r PRE${lastrel}" + +# } elsif(/^-d/) { +# $arg=shift; +# $transmit=0; +# $date=$arg; + + } else { + &usage; + exit; + } +} + + + +if(!defined($relopt) || + !defined($rel)) { + &usage; + exit; +} + +if($rel < 2.00) { + undef(@supportedkernels); +} + + +$candname=&snapname($snapprefix); +$dirname="freeswan-cand".$candname; +# $pkgname="candidate-".$candname; +$pkgname=$dirname; +$tarname=$pkgname.".tar"; +$vername="cand-".$candname; + +&nicesystem("mkdir -p $tmpdir"); +print "BUILDING candidate $candname in $dirname\n"; +if($transmit) { + print "WILL TRANSMIT TO $ENV{'DISTHOST'}\n" +} else { + print "WILL NOT TRANSMIT\n"; +} + +&setuppgp($lastrel); + +&makedisttarfile($tmpdir, $pkgname, $vername, $dirname, $date, $relopt, 1); + +unlink("CANDIDATE.tar.gz"); +&nicesystem("ln $tarname.gz CANDIDATE.tar.gz") || die "failed to symlink to CANDIDATE.tar.gz: $?\n"; +&nicesystem("md5sum CANDIDATE.tar.gz >CANDIDATE.tar.gz.md5") || die "failed to md5sum of CANDIDATE.tar.gz: $?\n"; + +&dopgpsig($pkgname); + +&nicesystem("pgp -kxa $ENV{'PGPNAME'} $pkgname.tar.gz.pgpkey && chmod +r $pkgname.tar.gz.pgpkey.asc"); + +if($transmit) { + system("date"); + + local($snapprefix); + + &upload($pkgname); + + if($symlink) { + &sendfiles("CANDIDATE.tar.gz.md5"); + + &remotecmd("cd ".$ENV{'DISTDIR'}." && ln -f -s $pkgname.tar.gz CANDIDATE.tar.gz && ln -f -s $tarname.gz.sig CANDIDATE.tar.gz.sig"); + + foreach $ver (@supportedkernels) { + &remotecmd("cd ".$ENV{'DISTDIR'}." && ln -f -s $pkgname$ver.patch.gz CAND.KERN$ver.gz && ln -f -s $tarname.gz.sig CAND.KERN$ver.gz.sig"); + } + } + + print "Cleaning up old candidates\n"; + + local($file, $localroot); + + $localroot=$ENV{'DEV_DIR'}; + &nicesystem("cd $localroot && find . -mtime +3 | grep 'freeswan-cand$snapprefix' | xargs rm"); + + &upsync; + + system("date"); +} + diff --git a/packaging/utils/mkrel b/packaging/utils/mkrel new file mode 100755 index 000000000..3182d9d06 --- /dev/null +++ b/packaging/utils/mkrel @@ -0,0 +1,95 @@ +#!/usr/bin/perl +# mkcand m.nn +# package candidate, leaving it in tmp directory + +require($ENV{'HOME'}."/bin/disttools.pl"); + +&defvars; +&suckvars; + +umask(022); + +$localdir=$ENV{'HOME'}."/archive"; + +$tmpdir=$ENV{'BTMP'}."/".$ENV{'USER'}."/snapshots"; + +$transmit=1; +$snapprefix=""; +$tarinfix=""; +$date=""; +$lastrel=$ENV{'LASTREL'}; + +sub usage { + print STDERR "mkrel:\n"; + print STDERR "\t-l do not transmit\n"; + print STDERR "\t-p name set release name\n"; + print STDERR "\t-r rel set release branch\n"; +} + +while(@ARGV) { + $_=shift; + + if(/^-l/) { + $transmit=0; + + } elsif(/^-S/) { + $symlink=1; + + } elsif(/^-p/) { + $rel=shift; + $snapprefix="pre$rel-"; + + } elsif(/^-r/) { + $arg=shift; + ($lastrel=$arg) =~ y/\./\_/; + $relopt="-r PRE${lastrel}" + + } else { + &usage; + exit; + } +} + +if(!defined($relopt) || + !defined($rel)) { + &usage; + exit; +} + +$dirname="freeswan-".$rel; +$pkgname="freeswan-".$rel; +$tarname=$pkgname.".tar"; +$vername=$rel; + +&nicesystem("mkdir -p $tmpdir"); +print "BUILDING release $rel in $dirname\n"; +if($transmit) { + print "WILL TRANSMIT TO $ENV{'DISTHOST'}\n" +} else { + print "WILL NOT TRANSMIT\n"; +} + +$ENV{'PGPPATH'}="/mnt/build/freeswan"; +$ENV{'PGPNAME'}="build\@freeswan.org"; + +&makedisttarfile($tmpdir, $pkgname, $vername, $dirname, $date, $relopt, 1); + +print "Please insert release key floppy for signature"; +$ans=<STDIN>; +system("mount /mnt/build"); +&dopgpsig($pkgname); +system("umount /mnt/build"); + +if($transmit) { + print "Now transmitting to XS4all\n"; + print "Starting on: "; + system("date"); + + &upload($pkgname); + + &upsync; + + print "Finished on: "; + system("date"); +} + diff --git a/packaging/utils/mksnap b/packaging/utils/mksnap new file mode 100755 index 000000000..4f336fc7a --- /dev/null +++ b/packaging/utils/mksnap @@ -0,0 +1,114 @@ +#!/usr/bin/perl +# make snapshot of FreeSwan code +# -l local build only, do not transmit +# -p nn pre-nn version (where nn is a release like 1.00) +# -d ddd build as of date ddd (implies -l) + +require($ENV{'HOME'}."/bin/disttools.pl"); + +&defvars; +&suckvars; + +umask(022); + +$localdir=$ENV{'HOME'}."/archive"; +$ENV{'DEV_DIR'}=$localdir."/development"; + +if(!defined($ENV{'USER'})) { + $ENV{'USER'}="build"; +} + +$tmpdir=$ENV{'BTMP'}."/".$ENV{'USER'}."/snapshots"; + +$transmit=1; +$symlink=0; +$snapprefix=""; +$tarinfix=""; +$relopt=""; +$date="now"; +$lastrel=$ENV{'LASTREL'}; +$lastrel =~ y/\./\_/; + +while(@ARGV) { + $_=shift; + + if(/^-l/) { + $transmit=0; + + } elsif(/^-D/) { + $debug++; + + } elsif(/^-S/) { + $symlink=1; + + } elsif(/^-p/) { + $arg=shift; + $snapprefix="$arg-"; + + } elsif(/^-r/) { + $arg=shift; + ($lastrel=$arg) =~ y/\./\_/; + $relopt="-r PRE${lastrel}" + +# } elsif(/^-d/) { +# $arg=shift; +# $transmit=0; +# $date=$arg; + + } else { + print STDERR "mksnap:\n"; + print STDERR "\t-l do not transmit\n"; + print STDERR "\t-p stuff set snapshot prefix\n"; + print STDERR "\t-r rel set release branch\n"; + print STDERR "\t-d date set snapshot date\n"; + exit; + } +} + +$snapname=&snapname($snapprefix); + +#if($date ne "now") { +# $snapname="`echo $date | tr -d ' :'`" ;; +#} + +$dirname="freeswan-snap".$snapname; +$pkgname="snapshot-".$snapname; +$tarname=$pkgname.".tar"; + +&nicesystem("mkdir -p $tmpdir"); +print "BUILDING snapshot $dirname\n"; +if($transmit) { + print "WILL TRANSMIT TO $ENV{'DISTHOST'}\n" +} else { + print "WILL NOT TRANSMIT\n"; +} + +&setuppgp($lastrel); + +&makedisttarfile($tmpdir, $pkgname, "$lastrel_$snapname", $dirname, $date, $relopt, 0); + +unlink("snapshot.tar.gz"); +&nicesystem("ln -s $tarname.gz snapshot.tar.gz") || die "failed to symlink to snapshot.tar.gz: $?\n"; +&nicesystem("md5sum snapshot.tar.gz >snapshot.tar.gz.md5") || die "failed to md5sum of snapshot.tar.gz: $?\n"; + +&dopgpsig($pkgname); + +if($transmit) { + system("date"); + + &upload($pkgname, "snapshot"); + + print "Cleaning up old snapshots\n"; + + local($file, $localroot); + + $localroot=$ENV{'DEV_DIR'}; + + &nicesystem("cd $localroot && find . -name \"snapshot-*\" -print | grep -v $pkgname | xargs -r rm --"); + + &upsync; + + system("date"); +} + + diff --git a/packaging/utils/mvcand b/packaging/utils/mvcand new file mode 100755 index 000000000..6e29bc490 --- /dev/null +++ b/packaging/utils/mvcand @@ -0,0 +1,62 @@ +#! /bin/sh +# mvcand +# move packaged candidate to distribution site (password supplied manually) + +PATH=/bin:/usr/bin +export PATH +umask 022 + +. $HOME/freeswan-regress-env.sh + +localplace=~build/archive +site=freeswan@xs4.xs4all.nl +place=FTP +linkname=CANDIDATE.tar +ssh=/usr/bin/ssh +scp=/usr/bin/scp + +localonly= +remove=yes +for dummy +do + case "$1" in + -l) localonly=yes ;; + -k) remove= ;; + --) shift ; break ;; + -*) echo "$0: unknown option \'$1'" >&2 ; exit 2 ;; + *) break ;; + esac + shift +done + +case "$#" in +0) ;; +*) echo "Usage: $0" >&2 ; exit ;; +esac + +cd ~build/tmp +tarname=`ls | sed -n '/^freeswan-.*\.gz$/s/\.gz$//p' | tail -1` +echo "moving $tarname.gz" + +( + cd $localplace + rm -f freeswan-cand* $linkname.* + ln -s $tarname.gz $linkname.gz +) +cp -p $tarname.gz $tarname.gz.md5 $tarname.gz.sig CANDIDATE.tar.gz.md5 $localplace + +if test "$localonly" +then + exit 0 # leaving the original around +fi + +$ssh $site "cd $place ; rm -f freeswan-cand* $linkname.* ; + ln -s $tarname.gz $linkname.gz ; + ln -s $tarname.gz.sig $linkname.gz.sig" + +$scp -p $tarname.gz.md5 $tarname.gz.sig $tarname.gz CANDIDATE.tar.gz.md5 $site:$place + +if test "$remove" +then + rm -f $tarname.* +fi diff --git a/packaging/utils/mvrel b/packaging/utils/mvrel new file mode 100755 index 000000000..66b1180a8 --- /dev/null +++ b/packaging/utils/mvrel @@ -0,0 +1,65 @@ +#! /bin/sh +# mvrel major minor +# move packaged release to distribution site (password supplied manually) + +PATH=/bin:/usr/bin +export PATH +umask 022 + +. $HOME/freeswan-regress-env.sh + +localplace=~build/archive +site=freeswan@xs4.xs4all.nl +place=FTP +linkname=LATEST.tar +ssh=/usr/bin/ssh +scp=/usr/bin/scp + +localonly= +remove=yes +for dummy +do + case "$1" in + -l) localonly=yes ;; + -c) site=adams.freeswan.org ; place=/home/team ; scp=scp2 ; ssh=ssh2 ;; + -k) remove= ;; + --) shift ; break ;; + -*) echo "$0: unknown option \'$1'" >&2 ; exit 2 ;; + *) break ;; + esac + shift +done + +case "$#:$1" in +1:*.*) ;; +*) echo "Usage: $0 [-l] [-c] release" >&2 ; exit ;; +esac + +tarname=freeswan-$1.tar + +cd ~build/tmp +if test ! -r $tarname.gz +then + echo "$0: no $tarname.gz!" >&2 + exit 1 +fi + +rm -f $localplace/$tarname.* +cp -p $tarname.gz $tarname.gz.sig $localplace + +if test "$localonly" +then + exit 0 # leaving the original around +fi + +$ssh $site "cd $place ; rm -f $tarname.gz.sig $tarname.gz LATEST.* ; + rm -f CANDIDATE.* freeswan-cand* ; + mv freeswan-[0-9]* old ; + ln -s $tarname.gz LATEST.tar.gz ; + ln -s $tarname.gz.sig LATEST.tar.gz.sig" +$scp -p $tarname.gz.sig $tarname.gz $site:$place + +if test "$remove" +then + rm -f $tarname.* +fi diff --git a/packaging/utils/patcher b/packaging/utils/patcher new file mode 100755 index 000000000..ba31bdd26 --- /dev/null +++ b/packaging/utils/patcher @@ -0,0 +1,188 @@ +#! /bin/sh +# smart patch applier +# Copyright (C) 1999, 2001 Henry Spencer. +# +# This program is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 2 of the License, or (at your +# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +# for more details. +# +# patcher [-v] [-c] targetdir target [ key patchfile ] ... +# In targetdir, patch target from patchfile unless it already contains +# key and it appears to have been patched with the same patch. (If the +# patch has changed, undo the old one and then put the new one in.) Save +# original as target.preipsec, and patched copy as target.wipsec, with +# patch md5sum stored as target.ipsecmd5. If the patch doesn't work, +# put the original back and save the patch attempt as target.mangled. +# If there are no key+patchfile pairs, undo any old patch and leave it +# at that. +# -v means verbose +# -c means do "patching" by appending rather than by using patch(1) +# +# RCSID $Id: patcher,v 1.1 2004/03/15 20:35:27 as Exp $ + +PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin +export PATH +umask 022 + +verbose= +modifier=patch +for dummy +do + case "$1" in + -v) verbose=yes ;; + -c) modifier=cat ;; + --) shift ; break ;; + -*) echo "$0: unknown option \`$1'" >&2 ; exit 2 ;; + *) break ;; + esac + shift +done +if test $# -lt 2 +then + echo "Usage: $0 [-v] [-c] targetdir target [ key patchfile ] ..." >&2 + exit 2 +fi + +need() { + if test ! -f $1 + then + echo "$0: cannot find file \`$1'" >&2 + exit 1 + fi +} + +note() { + if test "$verbose" + then + echo "* $1" + fi +} + +dir="$1" +target="$2" +shift ; shift +it=$dir/$target +need $it + + + +patches= +if test ! -s $it.ipsecmd5 +then + # no records of patching... + while test $# -ge 2 + do + key="$1" + patchfile="$2" + shift ; shift + need $patchfile + + if egrep -q "$key" $it + then + # patched but no record of how + note "$it no longer needs patch $patchfile" + else + patches="$patches $patchfile" + fi + done +elif test ! -f $it.preipsec -o ! -f $it.wipsec +then + echo "$0: $it.preipsec or .wipsec is missing!" >&2 + exit 1 +else + # determine whether patches have changed + tmp=/tmp/patcher.$$ + >$tmp + while test $# -ge 2 + do + key="$1" + patchfile="$2" + shift ; shift + need $patchfile + md5sum $patchfile | awk '{print $1}' >>$tmp + + if egrep -q "$key" $it.preipsec + then + note "$it no longer needs patch $patchfile" + else + patches="$patches $patchfile" + fi + done + if cmp -s $tmp $it.ipsecmd5 + then + note "$it already fully patched" + rm -f $tmp + exit 0 + fi + rm -f $tmp + + # must undo old patch(es) + note "$it old patches must be undone, undoing them..." + if ! cmp -s $it $it.wipsec + then + note "$it has changed, cannot undo old patches!" + echo "$0: cannot unpatch $it, it has changed since patching" >&2 + exit 1 + fi + rm $it + mv $it.preipsec $it + rm $it.wipsec $it.ipsecmd5 +fi + +# if no necessary patches, we're done +if test " $patches" = " " +then + note "$it no longer needs patching" + exit 0 +fi + +# try to figure out patch options +if test " $modifier" = " patch" +then + if patch --help >/dev/null 2>/dev/null + then + # looks like a modern version + popts='-p1 -b' + else + # looks like an old one + popts='-p1' + fi +fi + +# do it +>$it.ipsecmd5 +for patchfile in $patches +do + note "applying $patchfile to $it..." + + # make local copy - this defeats hard and soft links + mv $it $it.preipsec || exit 0 + rm -f $it + cp -p $it.preipsec $it + + case "$modifier" in + patch) ( cd $dir ; patch $popts ) <$patchfile ;; + cat) cat $patchfile >>$it ;; + esac + status=$? + if test $status -ne 0 + then + note "$it patch failed, restoring original" + echo "$0: patch on $it failed!" >&2 + echo "$0: restoring original $it," >&2 + echo "$0: leaving patch attempt in $it.mangled" >&2 + mv $it $it.mangled + mv $it.preipsec $it + rm -f $it.ipsecmd5 + exit 1 + fi + rm -f $it.orig # some patch versions leave debris + md5sum $patchfile | awk '{print $1}' >>$it.ipsecmd5 +done +cp -p $it $it.wipsec diff --git a/packaging/utils/prepcand b/packaging/utils/prepcand new file mode 100755 index 000000000..31c382501 --- /dev/null +++ b/packaging/utils/prepcand @@ -0,0 +1,33 @@ +#! /bin/sh +# prepcand m.nn +# prepare candidate for building, must be done in top working dir + +PATH=/bin:/usr/bin +export PATH +umask 022 + +case "$#:$1" in +1:*.*) ;; +*) echo "Usage: $0 release" >&2 ; exit ;; +esac + +rel="$1" +tag="PRE`echo $rel | tr '.' '_'`" + +# update from snapshot form to candidate/release form, if necessary +if egrep -q -e '^---$' README +then + sed '1,/^---$/d' README | sed '1s/This is release xxx of Linux FreeS\/WAN/This is release '$rel' of Linux FreeS\/WAN/' > README.$$ + mv README.$$ README + cvs -Q commit -m "update for candidates of release $rel" README +fi + +if sed -n 1p CHANGES | egrep -q 'since last release' +then + sed '1s/since last release/in '$rel'/' CHANGES >CHANGES.$$ + mv CHANGES.$$ CHANGES + cvs -Q commit -m "update for candidates of release $rel" CHANGES +fi + +echo "IPSECVERSION=$rel" >Makefile.ver +cvs -Q commit -m "update for candidate of release $rel" Makefile diff --git a/packaging/utils/recan b/packaging/utils/recan new file mode 100755 index 000000000..eaaf9436a --- /dev/null +++ b/packaging/utils/recan @@ -0,0 +1,17 @@ +#! /bin/sh +# recan release +# run in a working directory to recan contents of same where necessary + +PATH=/bin:/usr/bin ; export PATH +umask 022 + +. ~freeswan/setup + +case $# in +0) echo "Usage: $0 release [file] ..." >&2 ; exit 2 ;; +esac + +tag="R`echo $1 | tr '.' '_'`" +shift + +cvs tag -F -D now $tag $* diff --git a/packaging/utils/setup b/packaging/utils/setup new file mode 100755 index 000000000..5d250bb37 --- /dev/null +++ b/packaging/utils/setup @@ -0,0 +1,9 @@ +# shell file setting up environment for freeswan CVS access +# This is here, rather than in .profiles, because Henry has local access +# and doesn't want to duplicate this stuff. + +PATH=$PATH:/sandel/bin export PATH +CVSROOT=/freeswan/MASTER +CVSUMASK=002 + +export CVSROOT CVSUMASK diff --git a/packaging/utils/sshenv b/packaging/utils/sshenv new file mode 100755 index 000000000..8075b9d09 --- /dev/null +++ b/packaging/utils/sshenv @@ -0,0 +1,4 @@ +# ssh environment file for freeswan CVS access +# user .ssh directories have links to this, so this info is in one place +CVSROOT=/home/freeswan/cvs +CVSUMASK=002 diff --git a/packaging/utils/tattle b/packaging/utils/tattle new file mode 100755 index 000000000..37d015b0f --- /dev/null +++ b/packaging/utils/tattle @@ -0,0 +1,33 @@ +#! /bin/sh +# tattle [-f] subject address ... +# report a freeswan CVS change made by someone other than "owner" of files + +PATH=/bin:/usr/bin ; export PATH + +noself=yes # don't mail to person making change +case "$1" in +-f) noself= ; shift ;; +esac + +msg="freeswan commit: $1" +shift + +them= +if test "$noself" +then + iam="`id -un`" + for who + do + if test " $who" != " $iam" + then + them="$them $who" + fi + done +else + them="$*" +fi + +if test " $them" != " " +then + mail -s "$msg" $them +fi diff --git a/packaging/utils/wantsnap b/packaging/utils/wantsnap new file mode 100755 index 000000000..74b4287da --- /dev/null +++ b/packaging/utils/wantsnap @@ -0,0 +1,3 @@ +#! /bin/sh +umask 002 +id -un >>~build/WANTSNAP/dosnap diff --git a/packaging/utils/wanttest b/packaging/utils/wanttest new file mode 100755 index 000000000..9cbdde8d0 --- /dev/null +++ b/packaging/utils/wanttest @@ -0,0 +1,10 @@ +#! /bin/sh + +if [ -f ~build/WANTSNAP/doingtest ] +then + echo Test already in progress. + exit 1 +fi + +umask 002 +id -un >>~build/WANTSNAP/dotest |