blob: 62a0b2e0d62273287c85e696d8b8a4cd264a2df3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
# strongSwan OS X App #
## Introduction ##
The strongSwan OS X App consists of two components:
* A frontend to configure and control connections
* A privileged helper daemon, controlled using XPC, called charon-xpc
The privileged helper daemon gets installed automatically using SMJobBless
functionality on its first use, and gets started automatically by Launchd when
needed.
charon-xpc is a special build linking statically against strongSwan components.
## Building strongSwan ##
strongSwan on OS X requires the libvstr library. The simplest way to install
it is using MacPorts. It gets statically linked to charon-xpc, hence it is not
needed to run the built App.
Before building the Xcode project, the strongSwan base tree must be built using
a monolithic and static build. This can be achieved on OS X by using:
LDFLAGS="-all_load" \
CFLAGS="-I/usr/include -DOPENSSL_NO_CMS -O2 -Wall -Wno-format -Wno-pointer-sign" \
./configure --prefix=/opt/local --disable-defaults --enable-openssl \
--enable-kernel-pfkey --enable-kernel-pfroute --enable-eap-mschapv2 \
--enable-eap-identity --enable-monolithic --enable-nonce --enable-random \
--enable-pkcs1 --enable-pem --enable-socket-default --enable-xauth-generic \
--enable-keychain --enable-ikev1 --enable-ikev2 --enable-charon \
--disable-shared --enable-static
followed by calling make (no need to make install).
Building charon-xpc using the Xcode project yields a single binary without
any non OS X dependencies.
Both charon-xpc and the App must be code-signed to allow the installation of
the privileged helper. git-grep for "Joe Developer" to change the signing
identity.
|
