# Contributor: Jesse Young # Maintainer: Natanael Copa pkgname=strongswan pkgver=5.3.5 _pkgver=${pkgver//_rc/rc} pkgrel=2 pkgdesc="IPsec-based VPN solution focused on security and ease of use, supporting IKEv1/IKEv2 and MOBIKE" url="http://www.strongswan.org/" arch="all" pkgusers="ipsec" pkggroups="ipsec" license="GPL2 RSA-MD5 RSA-PKCS11 DES" depends="iproute2" depends_dev="" makedepends="$depends_dev linux-headers python sqlite-dev openssl-dev curl-dev gmp-dev libcap-dev" install="$pkgname.pre-install" subpackages="$pkgname-doc $pkgname-dbg" source="http://download.strongswan.org/$pkgname-$_pkgver.tar.bz2 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch 1001-charon-add-optional-source-and-remote-overrides-for-.patch 1002-vici-send-certificates-for-ike-sa-events.patch 1003-vici-add-support-for-individual-sa-state-changes.patch 1004-vici-support-asynchronous-initiation.patch 2001-support-gre-key-in-ikev1.patch strongswan.initd charon.initd" _builddir="$srcdir/$pkgname-$_pkgver" prepare() { local i cd "$srcdir/$pkgname-$_pkgver" for i in $source; do case $i in *.patch) msg $i; patch -Np1 -i "$srcdir"/$i || _err="$_err $i" ;; esac done if [ -n "$_err" ]; then error "The following patches failed:" for i in $_err; do echo " $i" done return 1 fi # the headers they ship conflicts with the real thing. #rm -r src/include/linux } build() { cd "$_builddir" # notes about configuration: # - try to keep options in ./configure --help order # - apk depends on openssl, so we use that # - openssl provides ciphers, randomness, etc # -> disable all redundant in-tree copies ./configure --prefix=/usr \ --sysconfdir=/etc \ --libexecdir=/usr/lib \ --with-ipsecdir=/usr/lib/strongswan \ --with-capabilities=libcap \ --with-user=ipsec \ --with-group=ipsec \ --enable-curl \ --disable-ldap \ --disable-aes \ --disable-des \ --disable-rc2 \ --disable-md5 \ --disable-sha1 \ --disable-sha2 \ --enable-gmp \ --disable-hmac \ --disable-mysql \ --enable-sqlite \ --enable-eap-sim \ --enable-eap-sim-file \ --enable-eap-aka \ --enable-eap-aka-3gpp2 \ --enable-eap-simaka-pseudonym \ --enable-eap-simaka-reauth \ --enable-eap-identity \ --enable-eap-md5 \ --enable-eap-tls \ --disable-eap-gtc \ --enable-eap-mschapv2 \ --enable-eap-radius \ --enable-xauth-eap \ --enable-farp \ --enable-vici \ --enable-attr-sql \ --enable-dhcp \ --enable-openssl \ --enable-unity \ --enable-ha \ --enable-cmd \ --enable-swanctl \ --enable-shared \ --disable-static \ || return 1 make || return 1 } package() { cd "$_builddir" make DESTDIR="$pkgdir" install || return 1 install -m755 -D "$srcdir/$pkgname.initd" "$pkgdir/etc/init.d/$pkgname" || return 1 install -m755 -D "$srcdir/charon.initd" "$pkgdir/etc/init.d/charon" || return 1 } md5sums="a2f9ea185f27e7f8413d4cd2ee61efe4 strongswan-5.3.5.tar.bz2 5f476baa26448b8eb463b3ccc7416c59 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch 63d8d76d3af822819adc7db7e94d8248 1001-charon-add-optional-source-and-remote-overrides-for-.patch 82b8d2b282888abd7fe12fa3325ea946 1002-vici-send-certificates-for-ike-sa-events.patch 2fb36e79e83640044d0010fd23db27bf 1003-vici-add-support-for-individual-sa-state-changes.patch 12089aa81c7bdd472d1be27371e0effe 1004-vici-support-asynchronous-initiation.patch ccb77ee342e1b3108a49262549bbbf36 2001-support-gre-key-in-ikev1.patch 72a956819c451931d3d31a528a0d1b9c strongswan.initd a7993f28e4eacc61f51722044645587e charon.initd" sha256sums="2c84b663da652b1ff180a1a73c24a3d7b9fc4b9b8ba6bd07f94a1e33092e6350 strongswan-5.3.5.tar.bz2 7a7f9fa4ec183f62e3e01564aa6b303a7a883b959391cd7b63336afb6357b6ef 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch 3570f7e209b8efc91f4b7d1f9b2747c47d391357ac871b82966f781b71e6f59c 1001-charon-add-optional-source-and-remote-overrides-for-.patch 3201072d73e875189b2d982c9144be824ecc6448f614d51de4c22b3810789099 1002-vici-send-certificates-for-ike-sa-events.patch 55418460a0fde9429b1f2f0138a3723f9b0a51502fd5eb71329fb6d945a585d7 1003-vici-add-support-for-individual-sa-state-changes.patch 15954f7b3b357806f32bc1cfc1afd6a0832e97bffc2bfc3aee4b522016f3aa51 1004-vici-support-asynchronous-initiation.patch bbdbc73ba6cafaaab1ea303eec6d026ebb50ecd12b7c32be0b4dfeaf8ae24245 2001-support-gre-key-in-ikev1.patch fdb781fa59700ca83b9fd2f2ff0b9c45467448ebd82da96286b3e2aa477ef7f4 strongswan.initd 7bcc57e4a778f87645c6b9d76ba2c04e1c11c326bc9a4968561788711c7fe58a charon.initd" sha512sums="4e6dd124d9a73ad5baf08998a284aba5c02c9dc79e4377e2cbd14c285d1df8e29c0548d347a0fdfa19341b1ae27b560ae9d8d25260898630351230b11c6eb2bb strongswan-5.3.5.tar.bz2 591cc0ebc746dee4ded51aa131d705d6edd6f0d840661732162c80781ae99bb629ad844d8601637d81f71dbde46d2017b3067fc7eee4ab87071f4cb6b0470a76 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch dd6d8bad4de89d77d92c93c890935880eaa55dc056eac92100fe034c1c045e0771995db58f9787a9f29cc42c4887ed5cf850035d559a471aea12c7d69fe174d7 1001-charon-add-optional-source-and-remote-overrides-for-.patch 00c4e5303c16cd2921af6dd319ae3955e9fd91a59b45f18283d6329623c0a2dca76ba2fc2aed92c14cab226de6c240b1675f2b3a62b5087d46a8fb1f1e9bfa92 1002-vici-send-certificates-for-ike-sa-events.patch 4c538557b21621ebcdac6d57a3e9997e1c3780c926eea28f0d3b762826dddc9f1e748cee6fe136f6b568f4c49740e2262110fe4038030463d1b9ee1b6f658154 1003-vici-add-support-for-individual-sa-state-changes.patch 82ac04c4f093e19f031538de3da7632d7126f87fcbffb41461022a707f89c24f9388b1ba71138572f7a437065f6347cfabd86474884c86ffff50267facfc580d 1004-vici-support-asynchronous-initiation.patch 0e554a6117f51a564a1b269c9ed2f2858d22ef61df483e2eb09997a3075444deb10df9d0cc8b9ddbe2bb2f740640860c21b1492a9ec28657844fa9c41b822bfc 2001-support-gre-key-in-ikev1.patch 8b61e3ffbb39b837733e602ec329e626dc519bf7308d3d4192b497d18f38176789d23ef5afec51f8463ee1ddaf4d74546b965c03184132e217cbc27017e886c9 strongswan.initd 1c44c801f66305c0331f76e580c0d60f1b7d5cd3cc371be55826b06c3899f542664628a912a7fb48626e34d864f72ca5dcd34b2f0d507c4f19c510d0047054c1 charon.initd"