APKBUILD 6.47 KB
Newer Older
1
# Contributor: Jesse Young <jlyo@jlyo.org>
2
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
Jesse Young's avatar
Jesse Young committed
3
pkgname=strongswan
4
pkgver=5.3.2
5
_pkgver=${pkgver//_rc/rc}
6
pkgrel=3
Jesse Young's avatar
Jesse Young committed
7 8 9
pkgdesc="IPsec-based VPN solution focused on security and ease of use, supporting IKEv1/IKEv2 and MOBIKE"
url="http://www.strongswan.org/"
arch="all"
Timo Teräs's avatar
Timo Teräs committed
10 11
pkgusers="ipsec"
pkggroups="ipsec"
Jesse Young's avatar
Jesse Young committed
12 13
license="GPL-2 RSA-MD5 RSA-PKCS11 DES"
depends="iproute2 openssl"
Timo Teräs's avatar
Timo Teräs committed
14
depends_dev="sqlite-dev openssl-dev curl-dev gmp-dev libcap-dev"
15
makedepends="$depends_dev linux-headers"
Timo Teräs's avatar
Timo Teräs committed
16
install="$pkgname.pre-install"
17
subpackages="$pkgname-doc $pkgname-dbg"
18
source="http://download.strongswan.org/$pkgname-$_pkgver.tar.bz2
19 20 21 22 23 24 25
	0001-kernel-netlink-Actually-verify-if-the-netlink-messag.patch
	0002-kernel-netlink-Use-the-PAGE_SIZE-as-default-for-the-.patch
	1001-charon-add-optional-source-and-remote-overrides-for-.patch
	1002-vici-send-certificates-for-ike-sa-events.patch
	1003-vici-add-support-rekeying-events-and-individual-sa-s.patch
	1004-vici-support-asynchronous-initiation.patch
	2001-support-gre-key-in-ikev1.patch
26

Timo Teräs's avatar
Timo Teräs committed
27 28
	strongswan.initd
	charon.initd"
Jesse Young's avatar
Jesse Young committed
29

30
_builddir="$srcdir/$pkgname-$_pkgver"
Jesse Young's avatar
Jesse Young committed
31 32
prepare() {
	local i
33
	cd "$srcdir/$pkgname-$_pkgver"
Jesse Young's avatar
Jesse Young committed
34 35 36 37 38
	for i in $source; do
		case $i in
		*.patch) msg $i; patch -Np1 -i "$srcdir"/$i || return 1;;
		esac
	done
39 40
	# the headers they ship conflicts with the real thing.
	rm -r src/include/linux
Jesse Young's avatar
Jesse Young committed
41 42 43
}

build() {
44
	cd "$_builddir"
45 46 47 48

	# notes about configuration:
	# - try to keep options in ./configure --help order
	# - apk depends on openssl, so we use that
49
	# - openssl provides ciphers, randomness, etc
50 51
	#   -> disable all redundant in-tree copies

52
	./configure --prefix=/usr \
53 54 55
		--sysconfdir=/etc \
		--libexecdir=/usr/lib \
		--with-ipsecdir=/usr/lib/strongswan \
Timo Teräs's avatar
Timo Teräs committed
56 57 58
		--with-capabilities=libcap \
		--with-user=ipsec \
		--with-group=ipsec \
59
		--enable-curl \
60 61 62 63 64 65 66 67 68 69 70
		--disable-ldap \
		--disable-aes \
		--disable-des \
		--disable-rc2 \
		--disable-md5 \
		--disable-sha1 \
		--disable-sha2 \
		--enable-gmp \
		--disable-hmac \
		--disable-mysql \
		--enable-sqlite \
71 72
		--enable-eap-sim \
		--enable-eap-sim-file \
73 74
		--enable-eap-aka \
		--enable-eap-aka-3gpp2 \
75 76 77 78
		--enable-eap-simaka-pseudonym \
		--enable-eap-simaka-reauth \
		--enable-eap-identity \
		--enable-eap-md5 \
79
		--enable-eap-tls \
80 81 82
		--disable-eap-gtc \
		--enable-eap-mschapv2 \
		--enable-eap-radius \
83 84
		--enable-xauth-eap \
		--enable-farp \
85
		--enable-vici \
86 87 88 89
		--enable-attr-sql \
		--enable-dhcp \
		--enable-openssl \
		--enable-unity \
90
		--enable-ha \
91
		--enable-cmd \
92
		--enable-swanctl \
93
		--enable-shared \
94
		--disable-static \
95
		|| return 1
Jesse Young's avatar
Jesse Young committed
96 97 98 99
	make || return 1
}

package() {
100
	cd "$_builddir"
Jesse Young's avatar
Jesse Young committed
101
	make DESTDIR="$pkgdir" install || return 1
102 103
	install -m755 -D "$srcdir/$pkgname.initd" "$pkgdir/etc/init.d/$pkgname" || return 1
	install -m755 -D "$srcdir/charon.initd" "$pkgdir/etc/init.d/charon" || return 1
104 105
	rm "$pkgdir"/usr/lib/ipsec/plugins/*.la || return 1
	rm "$pkgdir"/usr/lib/ipsec/*.la || return 1
Jesse Young's avatar
Jesse Young committed
106 107
}

108
md5sums="fab014be1477ef4ebf9a765e10f8802c  strongswan-5.3.2.tar.bz2
109 110 111 112 113 114 115
eb8d38dbf918e5f3adfd55f8ace7aeb1  0001-kernel-netlink-Actually-verify-if-the-netlink-messag.patch
53982788f8ab0962193f695da30a8a94  0002-kernel-netlink-Use-the-PAGE_SIZE-as-default-for-the-.patch
e553c5e9a895a2d95b1cbc33407d64a0  1001-charon-add-optional-source-and-remote-overrides-for-.patch
8bea05feac6f4e90c4973b2459864437  1002-vici-send-certificates-for-ike-sa-events.patch
125c4e648f73b0dbdaa741ac13ed6d87  1003-vici-add-support-rekeying-events-and-individual-sa-s.patch
f65811bd1ae6e7f98cf9d76928a0aa03  1004-vici-support-asynchronous-initiation.patch
b9f874287c35cce075b761087c28ab50  2001-support-gre-key-in-ikev1.patch
Timo Teräs's avatar
Timo Teräs committed
116 117
85ebc1b6c6b9c0c6640d8136e97da8e1  strongswan.initd
7962a720ebef6892d80a3cbdab72c204  charon.initd"
118
sha256sums="a4a9bc8c4e42bdc4366a87a05a02bf9f425169a7ab0c6f4482d347e44acbf225  strongswan-5.3.2.tar.bz2
119 120 121 122 123 124 125
bce611d5f3d773589c6a751aec7fbaab39c8926134cab6fe2d5586639244bdc0  0001-kernel-netlink-Actually-verify-if-the-netlink-messag.patch
4e1f76a76278c7621ca860156c25dfda90a7d9010b6426a9fd7c74c190166043  0002-kernel-netlink-Use-the-PAGE_SIZE-as-default-for-the-.patch
a472df28677d4f43a063926a65b52b317dfca0b74f8c6a2e3bf852b94fbf5f0f  1001-charon-add-optional-source-and-remote-overrides-for-.patch
c1cfe3d1e3345238e125a46a492f8dc0800aa3dc75aea060d54cdbab35fd60cb  1002-vici-send-certificates-for-ike-sa-events.patch
4e08d4fe01717de0601411b4756141394ced2d3107adc47f2c2beac2f92a967e  1003-vici-add-support-rekeying-events-and-individual-sa-s.patch
42171ee35e7679fe3d4efb80fdb121b0a7ea8df5cf3395bbcccb97d56327027c  1004-vici-support-asynchronous-initiation.patch
ec58de15c3856a2fd9ea003b7e78a7434dad54f9a4c54d499b09a6eef3761d18  2001-support-gre-key-in-ikev1.patch
Timo Teräs's avatar
Timo Teräs committed
126 127
ad43d1ed2585d84e12ad1e67fbdfe93983c424c5c64b230d5027c0aae496c65f  strongswan.initd
97b018796f0f15106b70694449cff36e8fc586292aab09ef83a05c0c13142e73  charon.initd"
128
sha512sums="60b17645c00769d497f4cea2229b41a217c29fe1109b58be256a0d4a6ccf4765348b9eb89466539c2528756344c2fa969f25ea1cd8856d56c5d55aa78e632e68  strongswan-5.3.2.tar.bz2
129 130 131 132 133 134 135
5ec6fd6160a55d7313f8dd3315a353d426f98ea57d167e73e97bff25ca175d2848f7ea0956cb2ec9cbca24f2be1dc0c1b1d123ee947f64baa6dfc712d04e77e1  0001-kernel-netlink-Actually-verify-if-the-netlink-messag.patch
ee5dc2d2c719895e69d9a0324b48d43b4b86122eb8848143db7a4a629e79d594deeb4a000a429c85a31552358e9e1e2a7de8a1917c6ebb075a77281f074e0740  0002-kernel-netlink-Use-the-PAGE_SIZE-as-default-for-the-.patch
682c768e82c6b8e48680ab73db49eb3a462b90ee317c943a42a82812d171a19da27ff4139bff0fc9af7b228cdcef44a75b86979f4b1b3af0bbc9698e4329fb4a  1001-charon-add-optional-source-and-remote-overrides-for-.patch
ca6eec72f75f243234baa1b361ab6dba82a810d1efb01dbcfd16cd7ce104c3f18fb932c1f6f280a566bfcbe16bc67d7d55e024f72c9eef82a62fe78505293c5c  1002-vici-send-certificates-for-ike-sa-events.patch
2e28af9043cab41f16c57f41ccb65b6591ec32d50a811bd393c4dcf7f0ffe81fac67679c41b716dfc74fca9ebedd178fe0b572b1c2cda3ccc685a0ad0d02f65a  1003-vici-add-support-rekeying-events-and-individual-sa-s.patch
39e4a9839b2f6f42f662620b20697c684b90949622f8cc21c393ca55ab40e669befd1d2055e0f0c799cf37733a37bbf4df2b9cebc984a45bb66ecba6fa0ef116  1004-vici-support-asynchronous-initiation.patch
723aad9269ae7da54b1d551b290c80951c3b779737353fa845c00d190c9ef6c6bc406d8ed22254a27844985b7ffaa12b99acce91ec0b192caf639c81b06bf771  2001-support-gre-key-in-ikev1.patch
Timo Teräs's avatar
Timo Teräs committed
136 137
b56008c07b804dacb3441d3802880058986ab7b314297fe485649a771861885b9232f9fd53b94faa3388a5e9330e2b38a86af5c04f3ff119199720043967ec64  strongswan.initd
6f3abaaa8da0925f06cdd184fdf534518e40c49533dba427dbf31dbe88172e5626bdc9aadf798d791f82fbded08801c1f565d514e2c289e1f28448d0c2e72b79  charon.initd"