# Contributor: Jesse Young # Maintainer: Natanael Copa pkgname=strongswan pkgver=5.4.0 _pkgver=${pkgver//_rc/rc} pkgrel=1 pkgdesc="IPsec-based VPN solution focused on security and ease of use, supporting IKEv1/IKEv2 and MOBIKE" url="http://www.strongswan.org/" arch="all" pkgusers="ipsec" pkggroups="ipsec" license="GPL2 RSA-MD5 RSA-PKCS11 DES" depends="iproute2" depends_dev="" makedepends="$depends_dev linux-headers python sqlite-dev openssl-dev curl-dev gmp-dev libcap-dev" install="$pkgname.pre-install" subpackages="$pkgname-doc $pkgname-dbg" source="http://download.strongswan.org/$pkgname-$_pkgver.tar.bz2 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch 1001-charon-add-optional-source-and-remote-overrides-for-.patch 1002-vici-send-certificates-for-ike-sa-events.patch 1003-vici-add-support-for-individual-sa-state-changes.patch 2001-support-gre-key-in-ikev1.patch 2002-vici-support-asynchronous-initiation.patch strongswan.initd charon.initd" _builddir="$srcdir/$pkgname-$_pkgver" prepare() { local i cd "$srcdir/$pkgname-$_pkgver" for i in $source; do case $i in *.patch) msg $i; patch -Np1 -i "$srcdir"/$i || _err="$_err $i" ;; esac done if [ -n "$_err" ]; then error "The following patches failed:" for i in $_err; do echo " $i" done return 1 fi # the headers they ship conflicts with the real thing. #rm -r src/include/linux } build() { cd "$_builddir" # notes about configuration: # - try to keep options in ./configure --help order # - apk depends on openssl, so we use that # - openssl provides ciphers, randomness, etc # -> disable all redundant in-tree copies ./configure --prefix=/usr \ --sysconfdir=/etc \ --libexecdir=/usr/lib \ --with-ipsecdir=/usr/lib/strongswan \ --with-capabilities=libcap \ --with-user=ipsec \ --with-group=ipsec \ --enable-curl \ --disable-ldap \ --disable-aes \ --disable-des \ --disable-rc2 \ --disable-md5 \ --disable-sha1 \ --disable-sha2 \ --enable-gmp \ --disable-hmac \ --disable-mysql \ --enable-sqlite \ --enable-eap-sim \ --enable-eap-sim-file \ --enable-eap-aka \ --enable-eap-aka-3gpp2 \ --enable-eap-simaka-pseudonym \ --enable-eap-simaka-reauth \ --enable-eap-identity \ --enable-eap-md5 \ --enable-eap-tls \ --disable-eap-gtc \ --enable-eap-mschapv2 \ --enable-eap-radius \ --enable-xauth-eap \ --enable-farp \ --enable-vici \ --enable-attr-sql \ --enable-dhcp \ --enable-openssl \ --enable-unity \ --enable-ha \ --enable-cmd \ --enable-swanctl \ --enable-shared \ --disable-static \ || return 1 make || return 1 } package() { cd "$_builddir" make DESTDIR="$pkgdir" install || return 1 install -m755 -D "$srcdir/$pkgname.initd" "$pkgdir/etc/init.d/$pkgname" || return 1 install -m755 -D "$srcdir/charon.initd" "$pkgdir/etc/init.d/charon" || return 1 } md5sums="9d7c77b0da9b69f859624897e5e9ebbf strongswan-5.4.0.tar.bz2 9285f6edb3efcd6bf61ed6da982bdbc8 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch 6df5e2362a275b552747928e83842c5c 1001-charon-add-optional-source-and-remote-overrides-for-.patch d4c5facf86f02ecd50288e16633d80c8 1002-vici-send-certificates-for-ike-sa-events.patch 3fc0bb2d80ffc4cca0db5fe2e29dec35 1003-vici-add-support-for-individual-sa-state-changes.patch 6ace16d48653028ec1982e6940fd2b1d 2001-support-gre-key-in-ikev1.patch 6cc10c571ee50199e741f7d5ce9bcc85 2002-vici-support-asynchronous-initiation.patch 72a956819c451931d3d31a528a0d1b9c strongswan.initd a7993f28e4eacc61f51722044645587e charon.initd" sha256sums="f8288faaea6a9cd8a7d413c0b76b7922be5da3dfcd01fd05cb30d2c55d3bbe89 strongswan-5.4.0.tar.bz2 1ce5125db88c815e9daece12a9bffade46e104fb4faeb2a3f4fa9935a3a6fd1d 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch 3e250759b05738884a933f31bd9eacc32ad6a5b913298f533b4d4ebe3fa636ca 1001-charon-add-optional-source-and-remote-overrides-for-.patch 4dcb0e4a5456773a8d1ab474403812172bc82408a47fe2fbf1bc7199a2bf5682 1002-vici-send-certificates-for-ike-sa-events.patch 8ea09e018c860121a3bc67ae74f98276af1184928507bcb99c87db7e588366ed 1003-vici-add-support-for-individual-sa-state-changes.patch db5a6474de0727ea6c10550358f1dda7a849a9729f93d26db351e35df14a3962 2001-support-gre-key-in-ikev1.patch ed40940d6208f5bbe5104d55d53cdfbcad1ca6ac190c81279dcd78dbbb460c21 2002-vici-support-asynchronous-initiation.patch fdb781fa59700ca83b9fd2f2ff0b9c45467448ebd82da96286b3e2aa477ef7f4 strongswan.initd 7bcc57e4a778f87645c6b9d76ba2c04e1c11c326bc9a4968561788711c7fe58a charon.initd" sha512sums="633d17ac0a55d333b358a538a47c53077bcc462e2a64af6643b2fe4f777184bd81fc7e4c384e8da81326834f571bf4c0a6caff1ec773043f471a82ea06d97459 strongswan-5.4.0.tar.bz2 4e3f86d4cc67aa5e498b1c02f0590ba0bb8033a6fb0b0ad56d19168d46e5db3853652510c7473e44f2df7054c92e8d28c8d95db112a1c1f62b4969e2679a16f9 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch 78f2f1a5bc490d788ce13a82aea821507f4e7b1dc74bdbc154f27a1629ccee59025604552651054b176a30fa1568486d58ab78fff6086d9ed56fef257736633f 1001-charon-add-optional-source-and-remote-overrides-for-.patch 4d9a999b9684c100d850d290e95aaadc330b144c049d585cbbfa09b1f58e2a09c95ed96d959d90264efdf9fd66085625c28e75393af12e139b5c7d39b3a9fb84 1002-vici-send-certificates-for-ike-sa-events.patch abea53573a95ae6599b6f60851ca11d4d3dd30367fd995a1d07284f5f02b491b10d7fafb32389bf38d177835fed6796aba99541e187731333bec191de467f669 1003-vici-add-support-for-individual-sa-state-changes.patch 2d1ff7f48f652e489ddb0c54f8f15fb4fedb188de35a7028335dde5e623077ef7adc2fad4484330acc26db3f5fa0479cd0bebeeb75ecc5e61bf361d837c259f5 2001-support-gre-key-in-ikev1.patch f5e244b44e1682ddc2175c35a39c4b33b8ec4983a7b7da5df2b5a103841b0826c919817b685f1959e783e19434558d75e15b353b43ad7b020d122721cd96a4f2 2002-vici-support-asynchronous-initiation.patch 8b61e3ffbb39b837733e602ec329e626dc519bf7308d3d4192b497d18f38176789d23ef5afec51f8463ee1ddaf4d74546b965c03184132e217cbc27017e886c9 strongswan.initd 1c44c801f66305c0331f76e580c0d60f1b7d5cd3cc371be55826b06c3899f542664628a912a7fb48626e34d864f72ca5dcd34b2f0d507c4f19c510d0047054c1 charon.initd"