# Contributor: Jesse Young # Maintainer: Natanael Copa pkgname=strongswan pkgver=5.3.3 _pkgver=${pkgver//_rc/rc} pkgrel=0 pkgdesc="IPsec-based VPN solution focused on security and ease of use, supporting IKEv1/IKEv2 and MOBIKE" url="http://www.strongswan.org/" arch="all" pkgusers="ipsec" pkggroups="ipsec" license="GPL2 RSA-MD5 RSA-PKCS11 DES" depends="iproute2 openssl" depends_dev="" makedepends="$depends_dev linux-headers python sqlite-dev openssl-dev curl-dev gmp-dev libcap-dev" install="$pkgname.pre-install" subpackages="$pkgname-doc $pkgname-dbg" source="http://download.strongswan.org/$pkgname-$_pkgver.tar.bz2 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch 1001-charon-add-optional-source-and-remote-overrides-for-.patch 1002-vici-send-certificates-for-ike-sa-events.patch 1003-vici-add-support-for-individual-sa-state-changes.patch 1004-vici-support-asynchronous-initiation.patch 2001-support-gre-key-in-ikev1.patch strongswan.initd charon.initd" _builddir="$srcdir/$pkgname-$_pkgver" prepare() { local i cd "$srcdir/$pkgname-$_pkgver" for i in $source; do case $i in *.patch) msg $i; patch -Np1 -i "$srcdir"/$i || _err="$_err $i" ;; esac done if [ -n "$_err" ]; then error "The following patches failed:" for i in $_err; do echo " $i" done return 1 fi # the headers they ship conflicts with the real thing. #rm -r src/include/linux } build() { cd "$_builddir" # notes about configuration: # - try to keep options in ./configure --help order # - apk depends on openssl, so we use that # - openssl provides ciphers, randomness, etc # -> disable all redundant in-tree copies ./configure --prefix=/usr \ --sysconfdir=/etc \ --libexecdir=/usr/lib \ --with-ipsecdir=/usr/lib/strongswan \ --with-capabilities=libcap \ --with-user=ipsec \ --with-group=ipsec \ --enable-curl \ --disable-ldap \ --disable-aes \ --disable-des \ --disable-rc2 \ --disable-md5 \ --disable-sha1 \ --disable-sha2 \ --enable-gmp \ --disable-hmac \ --disable-mysql \ --enable-sqlite \ --enable-eap-sim \ --enable-eap-sim-file \ --enable-eap-aka \ --enable-eap-aka-3gpp2 \ --enable-eap-simaka-pseudonym \ --enable-eap-simaka-reauth \ --enable-eap-identity \ --enable-eap-md5 \ --enable-eap-tls \ --disable-eap-gtc \ --enable-eap-mschapv2 \ --enable-eap-radius \ --enable-xauth-eap \ --enable-farp \ --enable-vici \ --enable-attr-sql \ --enable-dhcp \ --enable-openssl \ --enable-unity \ --enable-ha \ --enable-cmd \ --enable-swanctl \ --enable-shared \ --disable-static \ || return 1 make || return 1 } package() { cd "$_builddir" make DESTDIR="$pkgdir" install || return 1 install -m755 -D "$srcdir/$pkgname.initd" "$pkgdir/etc/init.d/$pkgname" || return 1 install -m755 -D "$srcdir/charon.initd" "$pkgdir/etc/init.d/charon" || return 1 } md5sums="5a25f3d1c31a77ef44d14a2e7b3eaad0 strongswan-5.3.3.tar.bz2 c46165934687326a26ec9153a34e2227 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch d75b757fa44738dbdc5bcc8c60c9780d 1001-charon-add-optional-source-and-remote-overrides-for-.patch 4dfadf6fcb74c95c7360e33a416fb0d8 1002-vici-send-certificates-for-ike-sa-events.patch ada5c5fda3aa5cd5b797feff3cba4b5d 1003-vici-add-support-for-individual-sa-state-changes.patch 366d0ee2ed135d9364e6449b56ac596a 1004-vici-support-asynchronous-initiation.patch ccb77ee342e1b3108a49262549bbbf36 2001-support-gre-key-in-ikev1.patch 85ebc1b6c6b9c0c6640d8136e97da8e1 strongswan.initd 7962a720ebef6892d80a3cbdab72c204 charon.initd" sha256sums="39d2e8f572a57a77dda8dd8bdaf2ee47ad3cefeb86bbb840d594aa75f00f33e2 strongswan-5.3.3.tar.bz2 6ee2826d8f2acf4010886b9990c4fe1f1be99e869144f3dd3705e38184300ca1 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch 47152a8d54c8ae75ea6e1d7c3c7695fb2e6eb48d24e80b13c25589a6570e3977 1001-charon-add-optional-source-and-remote-overrides-for-.patch e70a78f8efa29d3a428d6393cd7c59a36acfdf676b51897d14b495c236a1996c 1002-vici-send-certificates-for-ike-sa-events.patch f814519a0476477620f06d8bde0fd16f9094ee79807c0cbe4eb6d45034b5ff7d 1003-vici-add-support-for-individual-sa-state-changes.patch f4415bd1a68311fca2a4159b74aa7c2577c6500db7f323bfc684a9dfba7c6450 1004-vici-support-asynchronous-initiation.patch bbdbc73ba6cafaaab1ea303eec6d026ebb50ecd12b7c32be0b4dfeaf8ae24245 2001-support-gre-key-in-ikev1.patch ad43d1ed2585d84e12ad1e67fbdfe93983c424c5c64b230d5027c0aae496c65f strongswan.initd 97b018796f0f15106b70694449cff36e8fc586292aab09ef83a05c0c13142e73 charon.initd" sha512sums="469b32635bb4c60af1fa5ee535bea5abcd91081c7d482baa861e3951e4aab00783620698b5eade82d9a77aea4ab60d2a00fbf7e9e8760feeffb67c517756169f strongswan-5.3.3.tar.bz2 6b01e9810566e4f928fa72f01b5fa6cdbddaf1045433cb5b73b5a3d1cd73260ff195709e4d46384c2aa6540e4e62ad9021d9cad19b2061bc0153581e74cf2d0e 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch 0daa63c1da1d84a02b6f675b2ba246c30de537a2494e43bceb13eb201ca9c90644493cf5b85d522b4ccdb57928978fb65b4d44a43ecd2648376c8fdc1cd8bc2d 1001-charon-add-optional-source-and-remote-overrides-for-.patch 3cf83b588e4bc1ae20956f940f5f92357cbcc0bdcf7bf1b5984b64e09ae16b4871e836a1503fee8f6f55a4dbd0a47f39c75b3d4ed5fd52b71dd41bea15964d28 1002-vici-send-certificates-for-ike-sa-events.patch 00dbbd8ea9a434de13f1bb74b7cd2d64a97fbefa7ff943ba138282d02d3860e1363ca4fded0d24c215dc5678f13af16242b61ed192d3b7935e2d747f9aafdf61 1003-vici-add-support-for-individual-sa-state-changes.patch fbfb4a2740d98d633a6ba946eb1a6b3ecc1dd924989bb94f23b34e5525471b11f735c82f0e8ce56441f836866d6e86c2c34f9bfe83689cd34f814dab6641c107 1004-vici-support-asynchronous-initiation.patch 0e554a6117f51a564a1b269c9ed2f2858d22ef61df483e2eb09997a3075444deb10df9d0cc8b9ddbe2bb2f740640860c21b1492a9ec28657844fa9c41b822bfc 2001-support-gre-key-in-ikev1.patch b56008c07b804dacb3441d3802880058986ab7b314297fe485649a771861885b9232f9fd53b94faa3388a5e9330e2b38a86af5c04f3ff119199720043967ec64 strongswan.initd 6f3abaaa8da0925f06cdd184fdf534518e40c49533dba427dbf31dbe88172e5626bdc9aadf798d791f82fbded08801c1f565d514e2c289e1f28448d0c2e72b79 charon.initd"