# Contributor: Jesse Young <jlyo@jlyo.org>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=strongswan
pkgver=5.5.0
_pkgver=${pkgver//_rc/rc}
pkgrel=0
pkgdesc="IPsec-based VPN solution focused on security and ease of use, supporting IKEv1/IKEv2 and MOBIKE"
url="http://www.strongswan.org/"
arch="all"
pkgusers="ipsec"
pkggroups="ipsec"
license="GPL2 RSA-MD5 RSA-PKCS11 DES"
depends="iproute2"
depends_dev=""
makedepends="$depends_dev linux-headers python sqlite-dev openssl-dev curl-dev
gmp-dev libcap-dev"
install="$pkgname.pre-install"
subpackages="$pkgname-doc $pkgname-dbg"
source="http://download.strongswan.org/$pkgname-$_pkgver.tar.bz2
0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch
1001-charon-add-optional-source-and-remote-overrides-for-.patch
1002-vici-send-certificates-for-ike-sa-events.patch
1003-vici-add-support-for-individual-sa-state-changes.patch
2001-support-gre-key-in-ikev1.patch
2002-vici-add-deprecated-async-parameter.patch
strongswan.initd
charon.initd"
_builddir="$srcdir/$pkgname-$_pkgver"
prepare() {
local i
cd "$srcdir/$pkgname-$_pkgver"
for i in $source; do
case $i in
*.patch) msg $i; patch -Np1 -i "$srcdir"/$i || _err="$_err $i" ;;
esac
done
if [ -n "$_err" ]; then
error "The following patches failed:"
for i in $_err; do
echo " $i"
done
return 1
fi
# the headers they ship conflicts with the real thing.
#rm -r src/include/linux
}
build() {
cd "$_builddir"
# notes about configuration:
# - try to keep options in ./configure --help order
# - apk depends on openssl, so we use that
# - openssl provides ciphers, randomness, etc
# -> disable all redundant in-tree copies
./configure --prefix=/usr \
--sysconfdir=/etc \
--libexecdir=/usr/lib \
--with-ipsecdir=/usr/lib/strongswan \
--with-capabilities=libcap \
--with-user=ipsec \
--with-group=ipsec \
--enable-curl \
--disable-ldap \
--disable-aes \
--disable-des \
--disable-rc2 \
--disable-md5 \
--disable-sha1 \
--disable-sha2 \
--enable-gmp \
--disable-hmac \
--disable-mysql \
--enable-sqlite \
--enable-eap-sim \
--enable-eap-sim-file \
--enable-eap-aka \
--enable-eap-aka-3gpp2 \
--enable-eap-simaka-pseudonym \
--enable-eap-simaka-reauth \
--enable-eap-identity \
--enable-eap-md5 \
--enable-eap-tls \
--disable-eap-gtc \
--enable-eap-mschapv2 \
--enable-eap-radius \
--enable-xauth-eap \
--enable-farp \
--enable-vici \
--enable-attr-sql \
--enable-dhcp \
--enable-openssl \
--enable-unity \
--enable-ha \
--enable-cmd \
--enable-swanctl \
--enable-shared \
--disable-static \
|| return 1
make || return 1
}
package() {
cd "$_builddir"
make DESTDIR="$pkgdir" install || return 1
install -m755 -D "$srcdir/$pkgname.initd" "$pkgdir/etc/init.d/$pkgname" || return 1
install -m755 -D "$srcdir/charon.initd" "$pkgdir/etc/init.d/charon" || return 1
}
md5sums="a96fa7eb6c62b40143dadb064b6bd586 strongswan-5.5.0.tar.bz2
0a82059a9bd45d7a189864843560afe9 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch
6e596d747a158bf6760aa85490f368b1 1001-charon-add-optional-source-and-remote-overrides-for-.patch
1d174dd2c9fcfdc9e2260a249395ab8d 1002-vici-send-certificates-for-ike-sa-events.patch
167c525d4945d4e9a36fe75aabbbb895 1003-vici-add-support-for-individual-sa-state-changes.patch
97bb0e061ba1576bab0e053afc2a4a72 2001-support-gre-key-in-ikev1.patch
31f4bda273d364095e9e6167da417e08 2002-vici-add-deprecated-async-parameter.patch
72a956819c451931d3d31a528a0d1b9c strongswan.initd
a7993f28e4eacc61f51722044645587e charon.initd"
sha256sums="58463998ac6725eac3687e8a20c1f69803c3772657076d06c43386a24b4c8454 strongswan-5.5.0.tar.bz2
89934062b4d400019752bb8140a60dacd832e4be7e86e7f573397bc56f87109e 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch
b8a7a12582329244bb28b41d52e8f52cdcde84722c9c00d72ed1c799ad575011 1001-charon-add-optional-source-and-remote-overrides-for-.patch
e2de070bdb5fd9e19d02d18829ad9684e3a9fa64f0bc45015249c7f1f738f7be 1002-vici-send-certificates-for-ike-sa-events.patch
c92a8641093e343f1f652213fb4469622a82f9f3c759e065b2b553ef3cf8cfec 1003-vici-add-support-for-individual-sa-state-changes.patch
f038cadddde9f0ea2f36df03f81445b2f6a6d6b09cf4a21bfcdb61c62706a66b 2001-support-gre-key-in-ikev1.patch
fec398ec01dbc3f10693ec128b0f39b90284c89ae65cad6230fd277e6f67e023 2002-vici-add-deprecated-async-parameter.patch
fdb781fa59700ca83b9fd2f2ff0b9c45467448ebd82da96286b3e2aa477ef7f4 strongswan.initd
7bcc57e4a778f87645c6b9d76ba2c04e1c11c326bc9a4968561788711c7fe58a charon.initd"
sha512sums="dbbd26fa21f940e8b959387f174084c811bb6af6950295be724bd8507713918ffda931a65a5db00f2a4611ee4edf893e55ca56cfd5d4efb394eeeb8968c889d4 strongswan-5.5.0.tar.bz2
768a144be4c84395bc28b91e509c8319521d68a9eae0a5d5ff96830bf8cf3154bce046d2128d1aba092bb5d3d2dceb35296c13778294f88a14c2267865766db1 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch
66fcaaf19ed17472b52ed178ffdd7454dce80849d4ebaafb8ab3f2d4119bfbc975f7854709c45cec7dfc6f6060834c840da683f45ac1de71688a1ff731564c24 1001-charon-add-optional-source-and-remote-overrides-for-.patch
f1aa4eed2258527dcc787ef41af7fdb9d6eb83e18d1ac2d8eebace47d0f41d5b719f80508691f271e67f2fac2f041b57a02cfea4a289eb38b3619c3ae2e18b9a 1002-vici-send-certificates-for-ike-sa-events.patch
9c94dd2063265581aff60960f795e7e5a7f8992dfb875d2bceff8028ae1c45afd6ec48a0729a0da14e86245b5017c85cdd33b1baa5b7faff4edc1783b5ffedcc 1003-vici-add-support-for-individual-sa-state-changes.patch
1544a409ad08f46a5dffbe3b4e8cf0e973c58140bf225f7c4e9b29be7fe6178f63d73730d1b2f7a755ed0d5dc09ee9fa0a08ac35761b01c5914d9bde1044ce7a 2001-support-gre-key-in-ikev1.patch
769536476e941882c3a244b3c47eb4cc8ab1ec026862acfa1e00469114b532f8965890b21ff2e9e129778ead9b273ce47923b9bc0e788be3c0292023f5a32ee5 2002-vici-add-deprecated-async-parameter.patch
8b61e3ffbb39b837733e602ec329e626dc519bf7308d3d4192b497d18f38176789d23ef5afec51f8463ee1ddaf4d74546b965c03184132e217cbc27017e886c9 strongswan.initd
1c44c801f66305c0331f76e580c0d60f1b7d5cd3cc371be55826b06c3899f542664628a912a7fb48626e34d864f72ca5dcd34b2f0d507c4f19c510d0047054c1 charon.initd"