aboutsummaryrefslogtreecommitdiffstats
path: root/main/strongswan/APKBUILD
blob: f6affdf4c17530de2595402d7273b52b5b9e31be (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
# Contributor: Jesse Young <jlyo@jlyo.org>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=strongswan
pkgver=5.3.3
_pkgver=${pkgver//_rc/rc}
pkgrel=0
pkgdesc="IPsec-based VPN solution focused on security and ease of use, supporting IKEv1/IKEv2 and MOBIKE"
url="http://www.strongswan.org/"
arch="all"
pkgusers="ipsec"
pkggroups="ipsec"
license="GPL2 RSA-MD5 RSA-PKCS11 DES"
depends="iproute2 openssl"
depends_dev="sqlite-dev openssl-dev curl-dev gmp-dev libcap-dev"
makedepends="$depends_dev linux-headers python"
install="$pkgname.pre-install"
subpackages="$pkgname-doc $pkgname-dbg"
source="http://download.strongswan.org/$pkgname-$_pkgver.tar.bz2
	0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch
	1001-charon-add-optional-source-and-remote-overrides-for-.patch
	1002-vici-send-certificates-for-ike-sa-events.patch
	1003-vici-add-support-for-individual-sa-state-changes.patch
	1004-vici-support-asynchronous-initiation.patch
	2001-support-gre-key-in-ikev1.patch

	strongswan.initd
	charon.initd"

_builddir="$srcdir/$pkgname-$_pkgver"
prepare() {
	local i
	cd "$srcdir/$pkgname-$_pkgver"
	for i in $source; do
		case $i in
		*.patch) msg $i; patch -Np1 -i "$srcdir"/$i || _err="$_err $i" ;;
		esac
	done

	if [ -n "$_err" ]; then
		error "The following patches failed:"
		for i in $_err; do
			echo "  $i"
		done
		return 1
	fi

	# the headers they ship conflicts with the real thing.
	rm -r src/include/linux
}

build() {
	cd "$_builddir"

	# notes about configuration:
	# - try to keep options in ./configure --help order
	# - apk depends on openssl, so we use that
	# - openssl provides ciphers, randomness, etc
	#   -> disable all redundant in-tree copies

	./configure --prefix=/usr \
		--sysconfdir=/etc \
		--libexecdir=/usr/lib \
		--with-ipsecdir=/usr/lib/strongswan \
		--with-capabilities=libcap \
		--with-user=ipsec \
		--with-group=ipsec \
		--enable-curl \
		--disable-ldap \
		--disable-aes \
		--disable-des \
		--disable-rc2 \
		--disable-md5 \
		--disable-sha1 \
		--disable-sha2 \
		--enable-gmp \
		--disable-hmac \
		--disable-mysql \
		--enable-sqlite \
		--enable-eap-sim \
		--enable-eap-sim-file \
		--enable-eap-aka \
		--enable-eap-aka-3gpp2 \
		--enable-eap-simaka-pseudonym \
		--enable-eap-simaka-reauth \
		--enable-eap-identity \
		--enable-eap-md5 \
		--enable-eap-tls \
		--disable-eap-gtc \
		--enable-eap-mschapv2 \
		--enable-eap-radius \
		--enable-xauth-eap \
		--enable-farp \
		--enable-vici \
		--enable-attr-sql \
		--enable-dhcp \
		--enable-openssl \
		--enable-unity \
		--enable-ha \
		--enable-cmd \
		--enable-swanctl \
		--enable-shared \
		--disable-static \
		|| return 1
	make || return 1
}

package() {
	cd "$_builddir"
	make DESTDIR="$pkgdir" install || return 1
	install -m755 -D "$srcdir/$pkgname.initd" "$pkgdir/etc/init.d/$pkgname" || return 1
	install -m755 -D "$srcdir/charon.initd" "$pkgdir/etc/init.d/charon" || return 1
}

md5sums="5a25f3d1c31a77ef44d14a2e7b3eaad0  strongswan-5.3.3.tar.bz2
c46165934687326a26ec9153a34e2227  0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch
d75b757fa44738dbdc5bcc8c60c9780d  1001-charon-add-optional-source-and-remote-overrides-for-.patch
4dfadf6fcb74c95c7360e33a416fb0d8  1002-vici-send-certificates-for-ike-sa-events.patch
ada5c5fda3aa5cd5b797feff3cba4b5d  1003-vici-add-support-for-individual-sa-state-changes.patch
366d0ee2ed135d9364e6449b56ac596a  1004-vici-support-asynchronous-initiation.patch
ccb77ee342e1b3108a49262549bbbf36  2001-support-gre-key-in-ikev1.patch
85ebc1b6c6b9c0c6640d8136e97da8e1  strongswan.initd
7962a720ebef6892d80a3cbdab72c204  charon.initd"
sha256sums="39d2e8f572a57a77dda8dd8bdaf2ee47ad3cefeb86bbb840d594aa75f00f33e2  strongswan-5.3.3.tar.bz2
6ee2826d8f2acf4010886b9990c4fe1f1be99e869144f3dd3705e38184300ca1  0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch
47152a8d54c8ae75ea6e1d7c3c7695fb2e6eb48d24e80b13c25589a6570e3977  1001-charon-add-optional-source-and-remote-overrides-for-.patch
e70a78f8efa29d3a428d6393cd7c59a36acfdf676b51897d14b495c236a1996c  1002-vici-send-certificates-for-ike-sa-events.patch
f814519a0476477620f06d8bde0fd16f9094ee79807c0cbe4eb6d45034b5ff7d  1003-vici-add-support-for-individual-sa-state-changes.patch
f4415bd1a68311fca2a4159b74aa7c2577c6500db7f323bfc684a9dfba7c6450  1004-vici-support-asynchronous-initiation.patch
bbdbc73ba6cafaaab1ea303eec6d026ebb50ecd12b7c32be0b4dfeaf8ae24245  2001-support-gre-key-in-ikev1.patch
ad43d1ed2585d84e12ad1e67fbdfe93983c424c5c64b230d5027c0aae496c65f  strongswan.initd
97b018796f0f15106b70694449cff36e8fc586292aab09ef83a05c0c13142e73  charon.initd"
sha512sums="469b32635bb4c60af1fa5ee535bea5abcd91081c7d482baa861e3951e4aab00783620698b5eade82d9a77aea4ab60d2a00fbf7e9e8760feeffb67c517756169f  strongswan-5.3.3.tar.bz2
6b01e9810566e4f928fa72f01b5fa6cdbddaf1045433cb5b73b5a3d1cd73260ff195709e4d46384c2aa6540e4e62ad9021d9cad19b2061bc0153581e74cf2d0e  0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch
0daa63c1da1d84a02b6f675b2ba246c30de537a2494e43bceb13eb201ca9c90644493cf5b85d522b4ccdb57928978fb65b4d44a43ecd2648376c8fdc1cd8bc2d  1001-charon-add-optional-source-and-remote-overrides-for-.patch
3cf83b588e4bc1ae20956f940f5f92357cbcc0bdcf7bf1b5984b64e09ae16b4871e836a1503fee8f6f55a4dbd0a47f39c75b3d4ed5fd52b71dd41bea15964d28  1002-vici-send-certificates-for-ike-sa-events.patch
00dbbd8ea9a434de13f1bb74b7cd2d64a97fbefa7ff943ba138282d02d3860e1363ca4fded0d24c215dc5678f13af16242b61ed192d3b7935e2d747f9aafdf61  1003-vici-add-support-for-individual-sa-state-changes.patch
fbfb4a2740d98d633a6ba946eb1a6b3ecc1dd924989bb94f23b34e5525471b11f735c82f0e8ce56441f836866d6e86c2c34f9bfe83689cd34f814dab6641c107  1004-vici-support-asynchronous-initiation.patch
0e554a6117f51a564a1b269c9ed2f2858d22ef61df483e2eb09997a3075444deb10df9d0cc8b9ddbe2bb2f740640860c21b1492a9ec28657844fa9c41b822bfc  2001-support-gre-key-in-ikev1.patch
b56008c07b804dacb3441d3802880058986ab7b314297fe485649a771861885b9232f9fd53b94faa3388a5e9330e2b38a86af5c04f3ff119199720043967ec64  strongswan.initd
6f3abaaa8da0925f06cdd184fdf534518e40c49533dba427dbf31dbe88172e5626bdc9aadf798d791f82fbded08801c1f565d514e2c289e1f28448d0c2e72b79  charon.initd"