diff options
Diffstat (limited to 'main/strongswan/APKBUILD')
-rw-r--r-- | main/strongswan/APKBUILD | 69 |
1 files changed, 49 insertions, 20 deletions
diff --git a/main/strongswan/APKBUILD b/main/strongswan/APKBUILD index a867dee1594..668a9f8113e 100644 --- a/main/strongswan/APKBUILD +++ b/main/strongswan/APKBUILD @@ -2,8 +2,7 @@ # Contributor: Nicolas Lorin <androw95220@gmail.com> # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=strongswan -pkgver=5.9.5 -_pkgver=${pkgver//_rc/rc} +pkgver=5.9.13 pkgrel=1 pkgdesc="IPsec-based VPN solution focused on security and ease of use, supporting IKEv1/IKEv2 and MOBIKE" url="https://www.strongswan.org/" @@ -11,17 +10,26 @@ arch="all" pkgusers="ipsec" pkggroups="ipsec" license="GPL-2.0-or-later WITH OpenSSL-Exception" -options="!check" # failing tests depends="iproute2" -makedepends="linux-headers python3 sqlite-dev openssl1.1-compat-dev curl-dev - gmp-dev libcap-dev gettext-dev automake autoconf libtool" +makedepends=" + curl-dev + gettext-dev + gmp-dev + libcap-dev + linux-headers + openssl-dev>3 + py3-setuptools + python3 + sqlite-dev + " install="$pkgname.pre-install" -subpackages="$pkgname-doc $pkgname-dbg $pkgname-logfile $pkgname-openrc" -source="https://download.strongswan.org/strongswan-$_pkgver.tar.bz2 +subpackages="$pkgname-doc $pkgname-dbg $pkgname-logfile $pkgname-openrc py3-vici-pyc py3-vici::noarch" +source="https://download.strongswan.org/strongswan-$pkgver.tar.bz2 + 0001-charon-add-optional-source-and-remote-overrides-for-.patch + 0002-vici-send-certificates-for-ike-sa-events.patch + 0003-vici-add-support-for-individual-sa-state-changes.patch - 1001-charon-add-optional-source-and-remote-overrides-for-.patch - 1002-vici-send-certificates-for-ike-sa-events.patch - 1003-vici-add-support-for-individual-sa-state-changes.patch + disable_test_time_printf_hook.patch strongswan.initd charon.initd @@ -29,7 +37,18 @@ source="https://download.strongswan.org/strongswan-$_pkgver.tar.bz2 charon-logfile.conf " +# 32bit archs seem to get stuck in rsa test suite at "generate" or "load" +case "$CARCH" in + arm*|x86) options="!check";; +esac + # secfixes: +# 5.9.12-r0: +# - CVE-2023-41913 +# 5.9.10-r0: +# - CVE-2023-26463 +# 5.9.8-r0: +# - CVE-2022-40617 # 5.9.1-r4: # - CVE-2021-45079 # 5.9.1-r3: @@ -47,11 +66,6 @@ source="https://download.strongswan.org/strongswan-$_pkgver.tar.bz2 # - CVE-2017-9022 # - CVE-2017-9023 -prepare() { - default_prepare - autoreconf -fiv -} - build() { # notes about configuration: # - try to keep options in ./configure --help order @@ -103,12 +117,17 @@ build() { --enable-unity \ --enable-ha \ --enable-cmd \ + --enable-python-eggs \ --enable-swanctl \ --enable-shared \ --disable-static \ --enable-bypass-lan \ $_aesni make + + cd src/libcharon/plugins/vici/python + make + python3 setup.py build } check() { @@ -122,6 +141,9 @@ package() { # for CRL caching chown ipsec:ipsec "$pkgdir"/etc/ipsec.d/crls "$pkgdir"/etc/swanctl/x509crl + + cd src/libcharon/plugins/vici/python/ + python setup.py install --root="$pkgdir" --skip-build } logfile() { @@ -134,13 +156,20 @@ logfile() { install -m 2750 -o ipsec -g wheel -d "$subpkgdir/var/log/ipsec" } +vici() { + pkgdesc="Native Python interface for strongSwan's VICI protocol" + + amove usr/lib/python* +} + sha512sums=" -3b11c4edb1ffccf0ea5b8b843acfe2eb18dcd3857fc2818b8481c4febe7959261e1b2804c3af29068319df469fa0b784682d3ba4d49a3eb580841ff3c34e33a1 strongswan-5.9.5.tar.bz2 -ff397ed458e0057f9b70afcba071873e12a58a2f17a128ff25b1ba79c83878668a41b01080f5d1f05eb2f761b83b55d21365f8a621f4de289368af0ae989a18c 1001-charon-add-optional-source-and-remote-overrides-for-.patch -ff0196306f156d7f54de9f846227a7f04bb05e6df86dca2f09c01515df8a6bea6aedf826f1d95685b948477a228cec84fb3d8b8ceef6335074ad1d05ebb327ca 1002-vici-send-certificates-for-ike-sa-events.patch -22cd56626936acd11fe98fe7956261bb10f9a7ea67b16d32b229d78c4008b1941d19b7fb6c24e87c167cfc9890aefdc5b61d539e2dc6a69bd2ac77e5278c9e89 1003-vici-add-support-for-individual-sa-state-changes.patch +a929c1fb2a5e7d3064f6cd0be76703198406dad981f4b345311a004c18aa3c12adcb49eb33705fe4c3c31daf556cef5906d8753f5d9fbff5a27b732f93d8f19f strongswan-5.9.13.tar.bz2 +50ddcaa115237a31aa021c7be46ae9ec84f5f7c1f340af254026ebf47a0e53147373bf691c71d51cae3a871cb3d9635542c209d47457f608780f67f376258a13 0001-charon-add-optional-source-and-remote-overrides-for-.patch +378060da77cd3ecec98f033953cf26170b765b12500b96067517e31f9cc904bff9bb2637b520906f6a9ccd2db39d085c38c3fcabedef8c441353f14920f7e33a 0002-vici-send-certificates-for-ike-sa-events.patch +da04054d30adee03b9f21cbb7649cc30c7dfcef50a9aaea038ac8f35e5e9cb199a62c9e666ed6b7c4520dfca39d00eaee85a1ebe7de2def3b003e92e0b2bb4cc 0003-vici-add-support-for-individual-sa-state-changes.patch +23e175fdd7445e06e5d7275903380a6a5e4c76d833b2680c8c9fcd704d5908990ded0bb408bba718cd67a41cb32c7ad308a6c93aeb7eae82f8bc5803f8e1bbc4 disable_test_time_printf_hook.patch 8b61e3ffbb39b837733e602ec329e626dc519bf7308d3d4192b497d18f38176789d23ef5afec51f8463ee1ddaf4d74546b965c03184132e217cbc27017e886c9 strongswan.initd 4ac8dc83f08998fe672d5446dc6071f95a6a437b9df7c19d5f1a41707fb44451ec37aa237d0b86b0a9edf36a9ce7c29ba8959a38b04536c994dd4300daf737e5 charon.initd -0417de0c0aa779602b216f29b1ad58cc842f0b0fbb8f5238d39199125dac30eaae89d869b337f8f504f8427f074ee7a363f55e3b3875516fe1ed5f0ed7f34c6f charon.logrotate +3eb0cd762a186d611a6322c1470581298c953b3e729fc85a13801611940eb896e8f6935e10eaa36884bd5c36600ba778d4af4c0ed1e9063436bd748268fd733b charon.logrotate 5896a9c5ecbef1a6c36b7bd31c83e18603f49105aedd4af80c42b0036c75950eac6e92abccfca09c9cb5bb3f3c4010f0daba068208e7dff05e7b1849d5a6e363 charon-logfile.conf " |