blob: 82066ab1e570c0891d8ee0d9455edb94338059c6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
|
# Contributor: Jesse Young <jlyo@jlyo.org>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=strongswan
pkgver=5.3.2
_pkgver=${pkgver//_rc/rc}
pkgrel=5
pkgdesc="IPsec-based VPN solution focused on security and ease of use, supporting IKEv1/IKEv2 and MOBIKE"
url="http://www.strongswan.org/"
arch="all"
pkgusers="ipsec"
pkggroups="ipsec"
license="GPL-2 RSA-MD5 RSA-PKCS11 DES"
depends="iproute2 openssl"
depends_dev="sqlite-dev openssl-dev curl-dev gmp-dev libcap-dev"
makedepends="$depends_dev linux-headers"
install="$pkgname.pre-install"
subpackages="$pkgname-doc $pkgname-dbg"
source="http://download.strongswan.org/$pkgname-$_pkgver.tar.bz2
0001-kernel-netlink-Actually-verify-if-the-netlink-messag.patch
0002-kernel-netlink-Use-the-PAGE_SIZE-as-default-for-the-.patch
0003-controller-Optionally-adhere-to-init-limits-also-whe.patch
0004-vici-Add-get_bool-convenience-getter-for-VICI-messag.patch
0005-vici-Optionally-check-limits-when-initiating-connect.patch
1001-charon-add-optional-source-and-remote-overrides-for-.patch
1002-vici-send-certificates-for-ike-sa-events.patch
1003-vici-add-support-rekeying-events-and-individual-sa-s.patch
1004-vici-support-asynchronous-initiation.patch
1005-ikev1-message-priorities.patch
2001-support-gre-key-in-ikev1.patch
strongswan.initd
charon.initd"
_builddir="$srcdir/$pkgname-$_pkgver"
prepare() {
local i
cd "$srcdir/$pkgname-$_pkgver"
for i in $source; do
case $i in
*.patch) msg $i; patch -Np1 -i "$srcdir"/$i || return 1;;
esac
done
# the headers they ship conflicts with the real thing.
rm -r src/include/linux
}
build() {
cd "$_builddir"
# notes about configuration:
# - try to keep options in ./configure --help order
# - apk depends on openssl, so we use that
# - openssl provides ciphers, randomness, etc
# -> disable all redundant in-tree copies
./configure --prefix=/usr \
--sysconfdir=/etc \
--libexecdir=/usr/lib \
--with-ipsecdir=/usr/lib/strongswan \
--with-capabilities=libcap \
--with-user=ipsec \
--with-group=ipsec \
--enable-curl \
--disable-ldap \
--disable-aes \
--disable-des \
--disable-rc2 \
--disable-md5 \
--disable-sha1 \
--disable-sha2 \
--enable-gmp \
--disable-hmac \
--disable-mysql \
--enable-sqlite \
--enable-eap-sim \
--enable-eap-sim-file \
--enable-eap-aka \
--enable-eap-aka-3gpp2 \
--enable-eap-simaka-pseudonym \
--enable-eap-simaka-reauth \
--enable-eap-identity \
--enable-eap-md5 \
--enable-eap-tls \
--disable-eap-gtc \
--enable-eap-mschapv2 \
--enable-eap-radius \
--enable-xauth-eap \
--enable-farp \
--enable-vici \
--enable-attr-sql \
--enable-dhcp \
--enable-openssl \
--enable-unity \
--enable-ha \
--enable-cmd \
--enable-swanctl \
--enable-shared \
--disable-static \
|| return 1
make || return 1
}
package() {
cd "$_builddir"
make DESTDIR="$pkgdir" install || return 1
install -m755 -D "$srcdir/$pkgname.initd" "$pkgdir/etc/init.d/$pkgname" || return 1
install -m755 -D "$srcdir/charon.initd" "$pkgdir/etc/init.d/charon" || return 1
rm "$pkgdir"/usr/lib/ipsec/plugins/*.la || return 1
rm "$pkgdir"/usr/lib/ipsec/*.la || return 1
}
md5sums="fab014be1477ef4ebf9a765e10f8802c strongswan-5.3.2.tar.bz2
eb8d38dbf918e5f3adfd55f8ace7aeb1 0001-kernel-netlink-Actually-verify-if-the-netlink-messag.patch
53982788f8ab0962193f695da30a8a94 0002-kernel-netlink-Use-the-PAGE_SIZE-as-default-for-the-.patch
c46a4f2b21a83988512f6108e154620b 0003-controller-Optionally-adhere-to-init-limits-also-whe.patch
8b5ea458119df0c1ecee181c0f7f7c57 0004-vici-Add-get_bool-convenience-getter-for-VICI-messag.patch
0f8316631df321caad6c9b6b5c0b6e5c 0005-vici-Optionally-check-limits-when-initiating-connect.patch
b7244e10364e6348665048b9eec43cc6 1001-charon-add-optional-source-and-remote-overrides-for-.patch
4970959a1722b4139e7a22a2d93e866d 1002-vici-send-certificates-for-ike-sa-events.patch
89f7d85291d6a82230e5337cfa071a67 1003-vici-add-support-rekeying-events-and-individual-sa-s.patch
aac217481a1a8ae68719771039c27354 1004-vici-support-asynchronous-initiation.patch
3accc4500255622cb14844e7111e2932 1005-ikev1-message-priorities.patch
b9f874287c35cce075b761087c28ab50 2001-support-gre-key-in-ikev1.patch
85ebc1b6c6b9c0c6640d8136e97da8e1 strongswan.initd
7962a720ebef6892d80a3cbdab72c204 charon.initd"
sha256sums="a4a9bc8c4e42bdc4366a87a05a02bf9f425169a7ab0c6f4482d347e44acbf225 strongswan-5.3.2.tar.bz2
bce611d5f3d773589c6a751aec7fbaab39c8926134cab6fe2d5586639244bdc0 0001-kernel-netlink-Actually-verify-if-the-netlink-messag.patch
4e1f76a76278c7621ca860156c25dfda90a7d9010b6426a9fd7c74c190166043 0002-kernel-netlink-Use-the-PAGE_SIZE-as-default-for-the-.patch
fb7478cad812e40134f5796c5faea4f939a71c4676efe9d17573041b696a61c7 0003-controller-Optionally-adhere-to-init-limits-also-whe.patch
31f8e5c1f451ed14045072cd13f2085c39f064403f264d12fb2f75aa5e996f5a 0004-vici-Add-get_bool-convenience-getter-for-VICI-messag.patch
a5601aa4ce0be4ac74f482817fd64c60e4986781271a2ed354806bbcbcd2223b 0005-vici-Optionally-check-limits-when-initiating-connect.patch
a3d471cbcc9481264352ca029b70ad8f85fab15495a4aef3cbb209fc19765436 1001-charon-add-optional-source-and-remote-overrides-for-.patch
baa8ee13f207f5e89b34b759c355e48ed79138fabcd9af841692afb15cf8b61f 1002-vici-send-certificates-for-ike-sa-events.patch
e0de13d4fc6d66e33973696d62b4a45cd63b5fa6c477891e7651102c2bc3a4d7 1003-vici-add-support-rekeying-events-and-individual-sa-s.patch
295476ace69d36f1059c48afb99ec5180086710146a6e10c28c7eed96759a976 1004-vici-support-asynchronous-initiation.patch
0e814067bf47e9b4a0127b5197ea321e1398b1bc8e0635d576898fc977233d67 1005-ikev1-message-priorities.patch
ec58de15c3856a2fd9ea003b7e78a7434dad54f9a4c54d499b09a6eef3761d18 2001-support-gre-key-in-ikev1.patch
ad43d1ed2585d84e12ad1e67fbdfe93983c424c5c64b230d5027c0aae496c65f strongswan.initd
97b018796f0f15106b70694449cff36e8fc586292aab09ef83a05c0c13142e73 charon.initd"
sha512sums="60b17645c00769d497f4cea2229b41a217c29fe1109b58be256a0d4a6ccf4765348b9eb89466539c2528756344c2fa969f25ea1cd8856d56c5d55aa78e632e68 strongswan-5.3.2.tar.bz2
5ec6fd6160a55d7313f8dd3315a353d426f98ea57d167e73e97bff25ca175d2848f7ea0956cb2ec9cbca24f2be1dc0c1b1d123ee947f64baa6dfc712d04e77e1 0001-kernel-netlink-Actually-verify-if-the-netlink-messag.patch
ee5dc2d2c719895e69d9a0324b48d43b4b86122eb8848143db7a4a629e79d594deeb4a000a429c85a31552358e9e1e2a7de8a1917c6ebb075a77281f074e0740 0002-kernel-netlink-Use-the-PAGE_SIZE-as-default-for-the-.patch
7da65c2f5459811e4c6a1643d42eca0dedd206335a0127277a6f11cf15a75a2a546848219065517d065016639ffa2e2b40f275cca7083adc3ee545f3e051e050 0003-controller-Optionally-adhere-to-init-limits-also-whe.patch
4192aa916c5018046a21bb2d94e82ae35a81f4f462107f81b2f1b0a95372f212411852768d34ec3937c141570789b8ac1a1734552b0a07cac96a085fe28bc848 0004-vici-Add-get_bool-convenience-getter-for-VICI-messag.patch
4a36a0c9c456537e6b71975e6947a15a0fdcda875454ded4d23f9d1073c9258b901d7a4116786f63a590f30725cc41c23eca414e0757f240cc4f4eb8e56cb285 0005-vici-Optionally-check-limits-when-initiating-connect.patch
4cfe0b15a28b600b51be2ae270d303a65854756e30d60d8d897e0106f77ba7e05ec1625cc7cfafce54443bcb8c72ded09aa759f2540589afea491c81a05e65f0 1001-charon-add-optional-source-and-remote-overrides-for-.patch
142e3207aa3646a82ed1831635ef16003b86625f763927d56e074aeb5d6d04f108a21f713f877afc48119ee3df784af727e5bee8dddf0671dc2a6058f9708af4 1002-vici-send-certificates-for-ike-sa-events.patch
1781b8de169d0d41f8cb4d63c0b85b1e9eae2d52935d3753a876e8fee542ab58933be11c36f2a230233144c94c12c1d7641dbb58c89481e27d889e7f17fad87e 1003-vici-add-support-rekeying-events-and-individual-sa-s.patch
aaf0701a4564fdce9d4422e8c33ea704142e371392cb7fa552cf0c71cb00d0dbd5901c21e45fadc23798cfdb95066da9d24b2f2b9b037761e670ee30f4b93b35 1004-vici-support-asynchronous-initiation.patch
bd4c9575d2aebbae48d49ef5e3fcfa0c0366c8d100a0190706b5fff7332ab34ca5f862ba8a3fe9cdcf9996371b554ab0f6561e16d57d6e425497ab015e46299a 1005-ikev1-message-priorities.patch
723aad9269ae7da54b1d551b290c80951c3b779737353fa845c00d190c9ef6c6bc406d8ed22254a27844985b7ffaa12b99acce91ec0b192caf639c81b06bf771 2001-support-gre-key-in-ikev1.patch
b56008c07b804dacb3441d3802880058986ab7b314297fe485649a771861885b9232f9fd53b94faa3388a5e9330e2b38a86af5c04f3ff119199720043967ec64 strongswan.initd
6f3abaaa8da0925f06cdd184fdf534518e40c49533dba427dbf31dbe88172e5626bdc9aadf798d791f82fbded08801c1f565d514e2c289e1f28448d0c2e72b79 charon.initd"
|
