aboutsummaryrefslogtreecommitdiffstats
path: root/main/strongswan/APKBUILD
diff options
context:
space:
mode:
Diffstat (limited to 'main/strongswan/APKBUILD')
-rw-r--r--main/strongswan/APKBUILD79
1 files changed, 54 insertions, 25 deletions
diff --git a/main/strongswan/APKBUILD b/main/strongswan/APKBUILD
index aad46c5832b..668a9f8113e 100644
--- a/main/strongswan/APKBUILD
+++ b/main/strongswan/APKBUILD
@@ -1,28 +1,35 @@
# Contributor: Jesse Young <jlyo@jlyo.org>
+# Contributor: Nicolas Lorin <androw95220@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=strongswan
-pkgver=5.9.1
-_pkgver=${pkgver//_rc/rc}
-pkgrel=3
+pkgver=5.9.13
+pkgrel=1
pkgdesc="IPsec-based VPN solution focused on security and ease of use, supporting IKEv1/IKEv2 and MOBIKE"
url="https://www.strongswan.org/"
arch="all"
pkgusers="ipsec"
pkggroups="ipsec"
license="GPL-2.0-or-later WITH OpenSSL-Exception"
-options="!check" # failing tests
depends="iproute2"
-makedepends="linux-headers python3 sqlite-dev openssl1.1-compat-dev curl-dev
- gmp-dev libcap-dev gettext-dev automake autoconf libtool"
+makedepends="
+ curl-dev
+ gettext-dev
+ gmp-dev
+ libcap-dev
+ linux-headers
+ openssl-dev>3
+ py3-setuptools
+ python3
+ sqlite-dev
+ "
install="$pkgname.pre-install"
-subpackages="$pkgname-doc $pkgname-dbg $pkgname-logfile $pkgname-openrc"
-source="https://download.strongswan.org/strongswan-$_pkgver.tar.bz2
- https://download.strongswan.org/security/CVE-2021-41990/strongswan-5.6.1-5.9.3_gmp-rsa-ssa-salt-len.patch
- https://download.strongswan.org/security/CVE-2021-41991/strongswan-4.4.1-5.9.3_cert-cache-random.patch
+subpackages="$pkgname-doc $pkgname-dbg $pkgname-logfile $pkgname-openrc py3-vici-pyc py3-vici::noarch"
+source="https://download.strongswan.org/strongswan-$pkgver.tar.bz2
+ 0001-charon-add-optional-source-and-remote-overrides-for-.patch
+ 0002-vici-send-certificates-for-ike-sa-events.patch
+ 0003-vici-add-support-for-individual-sa-state-changes.patch
- 1001-charon-add-optional-source-and-remote-overrides-for-.patch
- 1002-vici-send-certificates-for-ike-sa-events.patch
- 1003-vici-add-support-for-individual-sa-state-changes.patch
+ disable_test_time_printf_hook.patch
strongswan.initd
charon.initd
@@ -30,7 +37,20 @@ source="https://download.strongswan.org/strongswan-$_pkgver.tar.bz2
charon-logfile.conf
"
+# 32bit archs seem to get stuck in rsa test suite at "generate" or "load"
+case "$CARCH" in
+ arm*|x86) options="!check";;
+esac
+
# secfixes:
+# 5.9.12-r0:
+# - CVE-2023-41913
+# 5.9.10-r0:
+# - CVE-2023-26463
+# 5.9.8-r0:
+# - CVE-2022-40617
+# 5.9.1-r4:
+# - CVE-2021-45079
# 5.9.1-r3:
# - CVE-2021-41990
# - CVE-2021-41991
@@ -46,11 +66,6 @@ source="https://download.strongswan.org/strongswan-$_pkgver.tar.bz2
# - CVE-2017-9022
# - CVE-2017-9023
-prepare() {
- default_prepare
- autoreconf -fiv
-}
-
build() {
# notes about configuration:
# - try to keep options in ./configure --help order
@@ -102,11 +117,17 @@ build() {
--enable-unity \
--enable-ha \
--enable-cmd \
+ --enable-python-eggs \
--enable-swanctl \
--enable-shared \
--disable-static \
+ --enable-bypass-lan \
$_aesni
make
+
+ cd src/libcharon/plugins/vici/python
+ make
+ python3 setup.py build
}
check() {
@@ -120,6 +141,9 @@ package() {
# for CRL caching
chown ipsec:ipsec "$pkgdir"/etc/ipsec.d/crls "$pkgdir"/etc/swanctl/x509crl
+
+ cd src/libcharon/plugins/vici/python/
+ python setup.py install --root="$pkgdir" --skip-build
}
logfile() {
@@ -132,15 +156,20 @@ logfile() {
install -m 2750 -o ipsec -g wheel -d "$subpkgdir/var/log/ipsec"
}
+vici() {
+ pkgdesc="Native Python interface for strongSwan's VICI protocol"
+
+ amove usr/lib/python*
+}
+
sha512sums="
-222625e77bd86959da6dd7346cfa9f92569fc396a494bb95ddf2c8e0680b7e8041541e8a14320517a0c735d713ae0fdc0d0c4694215e812817814b0b4efc3497 strongswan-5.9.1.tar.bz2
-42bb9dc02e04735183cb2966e23f26bdb2b14b56b10dc3df770cfbea066a690130ce84dc3a17b1369c2d45852bcd8a2902f19368099a1e71c858293decdb48ee strongswan-5.6.1-5.9.3_gmp-rsa-ssa-salt-len.patch
-39f607625bc6aa128b71e65e9806c60051015378d0250961bafbe787aa652141e1b3126d235b9cede08e4fe816b3220dbae54e40492b0aeb48f034220f1ee446 strongswan-4.4.1-5.9.3_cert-cache-random.patch
-8cd2f7e10dca25c8739b18f26f0aba427d00c5689ee126da5fc2699ce75ed567f0d25b4e50b716eab58097c06a51418e489e7f853d02bb53ba32aca72a6ae7c8 1001-charon-add-optional-source-and-remote-overrides-for-.patch
-f92609a1f6810786baeae1688688cbdd2a3116200cdba8d23e13da08992f5280bcbe04712cc89402f1e39aff6f4ebc8da05a2529b1e61e25a5229deb74c4dc3f 1002-vici-send-certificates-for-ike-sa-events.patch
-da39b5654c6f39d175c5491dabd5ed5c1b552857af7cbe7eeb8d0ecb34dad265bb8cd7725930eb75ceb99d51813f8e59631e687b09c1ff5c6437388f5f4d9647 1003-vici-add-support-for-individual-sa-state-changes.patch
+a929c1fb2a5e7d3064f6cd0be76703198406dad981f4b345311a004c18aa3c12adcb49eb33705fe4c3c31daf556cef5906d8753f5d9fbff5a27b732f93d8f19f strongswan-5.9.13.tar.bz2
+50ddcaa115237a31aa021c7be46ae9ec84f5f7c1f340af254026ebf47a0e53147373bf691c71d51cae3a871cb3d9635542c209d47457f608780f67f376258a13 0001-charon-add-optional-source-and-remote-overrides-for-.patch
+378060da77cd3ecec98f033953cf26170b765b12500b96067517e31f9cc904bff9bb2637b520906f6a9ccd2db39d085c38c3fcabedef8c441353f14920f7e33a 0002-vici-send-certificates-for-ike-sa-events.patch
+da04054d30adee03b9f21cbb7649cc30c7dfcef50a9aaea038ac8f35e5e9cb199a62c9e666ed6b7c4520dfca39d00eaee85a1ebe7de2def3b003e92e0b2bb4cc 0003-vici-add-support-for-individual-sa-state-changes.patch
+23e175fdd7445e06e5d7275903380a6a5e4c76d833b2680c8c9fcd704d5908990ded0bb408bba718cd67a41cb32c7ad308a6c93aeb7eae82f8bc5803f8e1bbc4 disable_test_time_printf_hook.patch
8b61e3ffbb39b837733e602ec329e626dc519bf7308d3d4192b497d18f38176789d23ef5afec51f8463ee1ddaf4d74546b965c03184132e217cbc27017e886c9 strongswan.initd
4ac8dc83f08998fe672d5446dc6071f95a6a437b9df7c19d5f1a41707fb44451ec37aa237d0b86b0a9edf36a9ce7c29ba8959a38b04536c994dd4300daf737e5 charon.initd
-0417de0c0aa779602b216f29b1ad58cc842f0b0fbb8f5238d39199125dac30eaae89d869b337f8f504f8427f074ee7a363f55e3b3875516fe1ed5f0ed7f34c6f charon.logrotate
+3eb0cd762a186d611a6322c1470581298c953b3e729fc85a13801611940eb896e8f6935e10eaa36884bd5c36600ba778d4af4c0ed1e9063436bd748268fd733b charon.logrotate
5896a9c5ecbef1a6c36b7bd31c83e18603f49105aedd4af80c42b0036c75950eac6e92abccfca09c9cb5bb3f3c4010f0daba068208e7dff05e7b1849d5a6e363 charon-logfile.conf
"
generated by cgit v1.2.3 (git 2.41.0) at 2024-04-20 00:59:26 +0000