- Guarded fipscheck and hmac package in the spec file for >13.1.

OBS-URL: https://build.opensuse.org/package/show/network:vpn/strongswan?expand=0&rev=79

strongswan.changes

@@ -2,6 +2,7 @@
 Fri Nov 21 12:03:59 UTC 2014 - mt@suse.de
 
 - Disabled explicit gpg validation; osc source_validator does it.
+- Guarded fipscheck and hmac package in the spec file for >13.1.
 
 -------------------------------------------------------------------
 Thu Nov 20 07:43:43 UTC 2014 - mt@suse.de

strongswan.spec

@@ -31,6 +31,11 @@ Release:        0
 %else
 %bcond_with     tests
 %endif
+%if 0%{suse_version} > 1310
+%bcond_without  fipscheck
+%else
+%bcond_with     fipscheck
+%endif
 %ifarch %{ix86} ppc64le
 %bcond_without  integrity
 %else
@@ -67,12 +72,16 @@ Source2:        %{name}.init.in
 Source3:        %{name}-%{version}-rpmlintrc
 Source4:        README.SUSE
 Source5:        %{name}.keyring
+%if %{with fipscheck}
 Source6:        fipscheck.sh.in
 Source7:        fips-enforce.conf
+%endif
 Patch1:         %{name}_modprobe_syslog.patch
 Patch2:         %{name}_ipsec_service.patch
+%if %{with fipscheck}
 Patch3:         %{name}_fipscheck.patch
 Patch4:         %{name}_fipsfilter.patch
+%endif
 Patch5:         0001-restore-registration-algorithm-order.bug897512.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  bison
@@ -111,7 +120,9 @@ BuildRequires:  iptables
 %endif
 BuildRequires:  autoconf
 BuildRequires:  automake
+%if %{with fipscheck}
 BuildRequires:  fipscheck
+%endif
 BuildRequires:  libtool
 
 %description
@@ -178,6 +189,8 @@ StrongSwan is an OpenSource IPsec-based VPN Solution for Linux
 
 This package provides the strongswan library and plugins.
 
+%if %{with fipscheck}
+
 %package hmac
 Summary:        HMAC files for FIPS-140-2 integrity
 Group:          Productivity/Networking/Security
@@ -189,6 +202,8 @@ Requires:       strongswan-libs0 = %{version}
 The package is supposed to provide HMAC hash files for FIPS-140-2
 integrity and enforce FIPS-140-2 compliant operation.
 
+%endif
+
 %package ipsec
 Summary:        OpenSource IPsec-based VPN Solution
 Group:          Productivity/Networking/Security
@@ -277,12 +292,14 @@ and the load testing plugin for IKEv2 daemon.
 sed -e 's|@libexecdir@|%_libexecdir|g'    \
      < $RPM_SOURCE_DIR/strongswan.init.in \
      > strongswan.init
+%if %{with fipscheck}
 sed -e 's|@IPSEC_DIR@|%{_libexecdir}/ipsec|g' \
     -e 's|@IPSEC_LIBDIR@|%{_libdir}/ipsec|g'  \
     -e 's|@IPSEC_SBINDIR@|%{_sbindir}|g'      \
     -e 's|@IPSEC_BINDIR@|%{_bindir}|g'        \
      < $RPM_SOURCE_DIR/fipscheck.sh.in        \
      > _fipscheck
+%endif
 
 %build
 CFLAGS="$RPM_OPT_FLAGS -W -Wall -Wno-pointer-sign -Wno-strict-aliasing -Wno-unused-parameter"
@@ -296,6 +313,9 @@ autoreconf --force --install
 	--with-plugindir=%{strongswan_plugins} \
 	--with-resolv-conf=%{_rundir}/%{name}/resolv.conf \
 	--with-piddir=%{_rundir}/%{name} \
+%if %{with systemd}
+	--with-systemdsystemunitdir=%{_unitdir} \
+%endif
 	--enable-pkcs11 \
 	--enable-openssl \
 	--enable-agent \
@@ -452,6 +472,7 @@ install -c -m644 ${RPM_SOURCE_DIR}/README.SUSE \
 %{__install} -d -m 0755 %{buildroot}%{_tmpfilesdir}
 echo 'd %{_rundir}/%{name} 0770 root root' > %{buildroot}%{_tmpfilesdir}/%{name}.conf
 %endif
+%if %{with fipscheck}
 #
 # note: keep the following, _fipscheck's and file lists in sync
 #
@@ -478,6 +499,7 @@ install -c -m644 ${RPM_SOURCE_DIR}/fips-enforce.conf \
 		/usr/bin/fipshmac "$f"
 	done
 }}
+%endif
 
 %post libs0
 /sbin/ldconfig
@@ -525,6 +547,8 @@ fi
 %dir %{strongswan_docdir}
 %{strongswan_docdir}/README.SUSE
 
+%if %{with fipscheck}
+
 %files hmac
 %defattr(-,root,root)
 %dir %{strongswan_configs}
@@ -540,6 +564,8 @@ fi
 %{_libexecdir}/ipsec/.*.hmac
 %{_sbindir}/.ipsec.hmac
 
+%endif
+
 %files ipsec
 %defattr(-,root,root)
 %config(noreplace) %attr(600,root,root) %{_sysconfdir}/ipsec.conf