aboutsummaryrefslogtreecommitdiffstats
path: root/main/strongswan/APKBUILD
blob: c2fb9e4b966427d49bf97038cfb0c52853db795b (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
# Contributor: Jesse Young <jlyo@jlyo.org>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=strongswan
pkgver=5.5.0
_pkgver=${pkgver//_rc/rc}
pkgrel=1
pkgdesc="IPsec-based VPN solution focused on security and ease of use, supporting IKEv1/IKEv2 and MOBIKE"
url="http://www.strongswan.org/"
arch="all"
pkgusers="ipsec"
pkggroups="ipsec"
license="GPL2 RSA-MD5 RSA-PKCS11 DES"
depends="iproute2"
depends_dev=""
makedepends="$depends_dev linux-headers python	sqlite-dev libressl-dev curl-dev
	gmp-dev libcap-dev"
install="$pkgname.pre-install"
subpackages="$pkgname-doc $pkgname-dbg"
source="http://download.strongswan.org/$pkgname-$_pkgver.tar.bz2
	0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch
	1001-charon-add-optional-source-and-remote-overrides-for-.patch
	1002-vici-send-certificates-for-ike-sa-events.patch
	1003-vici-add-support-for-individual-sa-state-changes.patch
	2001-support-gre-key-in-ikev1.patch
	2002-vici-add-deprecated-async-parameter.patch
	libressl.patch

	strongswan.initd
	charon.initd"

_builddir="$srcdir/$pkgname-$_pkgver"
prepare() {
	local i
	cd "$srcdir/$pkgname-$_pkgver"
	for i in $source; do
		case $i in
		*.patch) msg $i; patch -Np1 -i "$srcdir"/$i || _err="$_err $i" ;;
		esac
	done

	if [ -n "$_err" ]; then
		error "The following patches failed:"
		for i in $_err; do
			echo "  $i"
		done
		return 1
	fi

	# the headers they ship conflicts with the real thing.
	#rm -r src/include/linux
}

build() {
	cd "$_builddir"

	# notes about configuration:
	# - try to keep options in ./configure --help order
	# - apk depends on openssl, so we use that
	# - openssl provides ciphers, randomness, etc
	#   -> disable all redundant in-tree copies

	./configure --prefix=/usr \
		--sysconfdir=/etc \
		--libexecdir=/usr/lib \
		--with-ipsecdir=/usr/lib/strongswan \
		--with-capabilities=libcap \
		--with-user=ipsec \
		--with-group=ipsec \
		--enable-curl \
		--disable-ldap \
		--disable-aes \
		--disable-des \
		--disable-rc2 \
		--disable-md5 \
		--disable-sha1 \
		--disable-sha2 \
		--enable-gmp \
		--disable-hmac \
		--disable-mysql \
		--enable-sqlite \
		--enable-eap-sim \
		--enable-eap-sim-file \
		--enable-eap-aka \
		--enable-eap-aka-3gpp2 \
		--enable-eap-simaka-pseudonym \
		--enable-eap-simaka-reauth \
		--enable-eap-identity \
		--enable-eap-md5 \
		--enable-eap-tls \
		--disable-eap-gtc \
		--enable-eap-mschapv2 \
		--enable-eap-radius \
		--enable-xauth-eap \
		--enable-farp \
		--enable-vici \
		--enable-attr-sql \
		--enable-dhcp \
		--enable-openssl \
		--enable-unity \
		--enable-ha \
		--enable-cmd \
		--enable-swanctl \
		--enable-shared \
		--disable-static \
		|| return 1
	make || return 1
}

package() {
	cd "$_builddir"
	make DESTDIR="$pkgdir" install || return 1
	install -m755 -D "$srcdir/$pkgname.initd" "$pkgdir/etc/init.d/$pkgname" || return 1
	install -m755 -D "$srcdir/charon.initd" "$pkgdir/etc/init.d/charon" || return 1
}

md5sums="a96fa7eb6c62b40143dadb064b6bd586  strongswan-5.5.0.tar.bz2
0a82059a9bd45d7a189864843560afe9  0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch
6e596d747a158bf6760aa85490f368b1  1001-charon-add-optional-source-and-remote-overrides-for-.patch
1d174dd2c9fcfdc9e2260a249395ab8d  1002-vici-send-certificates-for-ike-sa-events.patch
167c525d4945d4e9a36fe75aabbbb895  1003-vici-add-support-for-individual-sa-state-changes.patch
97bb0e061ba1576bab0e053afc2a4a72  2001-support-gre-key-in-ikev1.patch
31f4bda273d364095e9e6167da417e08  2002-vici-add-deprecated-async-parameter.patch
3e64f8272f98199234b5ea98748090a7  libressl.patch
72a956819c451931d3d31a528a0d1b9c  strongswan.initd
a7993f28e4eacc61f51722044645587e  charon.initd"
sha256sums="58463998ac6725eac3687e8a20c1f69803c3772657076d06c43386a24b4c8454  strongswan-5.5.0.tar.bz2
89934062b4d400019752bb8140a60dacd832e4be7e86e7f573397bc56f87109e  0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch
b8a7a12582329244bb28b41d52e8f52cdcde84722c9c00d72ed1c799ad575011  1001-charon-add-optional-source-and-remote-overrides-for-.patch
e2de070bdb5fd9e19d02d18829ad9684e3a9fa64f0bc45015249c7f1f738f7be  1002-vici-send-certificates-for-ike-sa-events.patch
c92a8641093e343f1f652213fb4469622a82f9f3c759e065b2b553ef3cf8cfec  1003-vici-add-support-for-individual-sa-state-changes.patch
f038cadddde9f0ea2f36df03f81445b2f6a6d6b09cf4a21bfcdb61c62706a66b  2001-support-gre-key-in-ikev1.patch
fec398ec01dbc3f10693ec128b0f39b90284c89ae65cad6230fd277e6f67e023  2002-vici-add-deprecated-async-parameter.patch
0ed364080e84f58915548c2ea9812fe7c354bdcf3c640fabe24e47ae58fa61ba  libressl.patch
fdb781fa59700ca83b9fd2f2ff0b9c45467448ebd82da96286b3e2aa477ef7f4  strongswan.initd
7bcc57e4a778f87645c6b9d76ba2c04e1c11c326bc9a4968561788711c7fe58a  charon.initd"
sha512sums="dbbd26fa21f940e8b959387f174084c811bb6af6950295be724bd8507713918ffda931a65a5db00f2a4611ee4edf893e55ca56cfd5d4efb394eeeb8968c889d4  strongswan-5.5.0.tar.bz2
768a144be4c84395bc28b91e509c8319521d68a9eae0a5d5ff96830bf8cf3154bce046d2128d1aba092bb5d3d2dceb35296c13778294f88a14c2267865766db1  0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch
66fcaaf19ed17472b52ed178ffdd7454dce80849d4ebaafb8ab3f2d4119bfbc975f7854709c45cec7dfc6f6060834c840da683f45ac1de71688a1ff731564c24  1001-charon-add-optional-source-and-remote-overrides-for-.patch
f1aa4eed2258527dcc787ef41af7fdb9d6eb83e18d1ac2d8eebace47d0f41d5b719f80508691f271e67f2fac2f041b57a02cfea4a289eb38b3619c3ae2e18b9a  1002-vici-send-certificates-for-ike-sa-events.patch
9c94dd2063265581aff60960f795e7e5a7f8992dfb875d2bceff8028ae1c45afd6ec48a0729a0da14e86245b5017c85cdd33b1baa5b7faff4edc1783b5ffedcc  1003-vici-add-support-for-individual-sa-state-changes.patch
1544a409ad08f46a5dffbe3b4e8cf0e973c58140bf225f7c4e9b29be7fe6178f63d73730d1b2f7a755ed0d5dc09ee9fa0a08ac35761b01c5914d9bde1044ce7a  2001-support-gre-key-in-ikev1.patch
769536476e941882c3a244b3c47eb4cc8ab1ec026862acfa1e00469114b532f8965890b21ff2e9e129778ead9b273ce47923b9bc0e788be3c0292023f5a32ee5  2002-vici-add-deprecated-async-parameter.patch
d51b39ab2bc6f8771da3f1ade959db35576ad94c8a55dc082b211405e02109b060e687dff5c696b4e8b4232800b5a39752bb2982003eb9a4c066dc9d529106a8  libressl.patch
8b61e3ffbb39b837733e602ec329e626dc519bf7308d3d4192b497d18f38176789d23ef5afec51f8463ee1ddaf4d74546b965c03184132e217cbc27017e886c9  strongswan.initd
1c44c801f66305c0331f76e580c0d60f1b7d5cd3cc371be55826b06c3899f542664628a912a7fb48626e34d864f72ca5dcd34b2f0d507c4f19c510d0047054c1  charon.initd"