mirror of
https://github.com/archlinuxarm/PKGBUILDs.git
synced 2025-01-17 23:34:07 +00:00
99 lines
4.8 KiB
Bash
99 lines
4.8 KiB
Bash
# Maintainer : Christian Rebischke <Chris.Rebischke@archlinux.org>
|
|
# Contributor: dkorzhevin <dkorzhevin at gmail dot com>
|
|
# Contributor: Thermi <noel [at] familie-kuntze dot de>
|
|
# Contributor: nikicat <develniks at gmail dot com>
|
|
# Contributor: danilo <gezuru at gmail dot com>
|
|
# Contributor: Jason Begley <jayray at digitalgoat dot com>
|
|
# Contributor: Ray Kohler <ataraxia937 at gmail dot com>
|
|
# Contributor: Daniel Riedemann <daniel.riedemann [at] googlemail [dot] com>
|
|
# Contributor: 458italia <svenskaparadox [at] gmail dot com>
|
|
# Contributor: Thermi <noel [at] familie-kuntze dot com>
|
|
|
|
# ALARM: Kevin Mihelich <kevin@archlinuxarm.org>
|
|
# - remove --enable-aesni from configure
|
|
|
|
pkgname=strongswan
|
|
pkgver=5.5.3
|
|
pkgrel=4
|
|
pkgdesc="open source IPsec implementation"
|
|
url='http://www.strongswan.org'
|
|
license=("GPL2")
|
|
arch=('i686' 'x86_64')
|
|
depends=('curl' 'gmp' 'iproute2' 'openssl' 'sqlite' 'libcap' 'libsystemd' 'pam')
|
|
makedepends=('curl' 'gmp' 'iproute2' 'openssl' 'sqlite' 'libcap' 'libsystemd' 'systemd' 'pam' 'libnm-glib')
|
|
optdepends=('libnm-glib: for networkmanager support')
|
|
backup=(
|
|
etc/ipsec.conf
|
|
etc/ipsec.secrets
|
|
etc/swanctl/swanctl.conf
|
|
etc/strongswan.conf
|
|
etc/strongswan.d/{charon-logging.conf,charon.conf,pki.conf,pool.conf,scepclient.conf,starter.conf,swanctl.conf}
|
|
etc/strongswan.d/charon/{aesni.conf,attr-sql.conf,attr.conf,bliss.conf,chapoly.conf,cmac.conf,connmark.conf,\
|
|
constraints.conf,curl.conf,des.conf,dhcp.conf,dnskey.conf,eap-aka-3gpp2.conf,eap-aka.conf,\
|
|
eap-gtc.conf,eap-identity.conf,eap-md5.conf,eap-mschapv2.conf,eap-radius.conf,eap-sim-file.conf,\
|
|
eap-sim.conf,eap-simaka-pseudonym.conf,eap-simaka-reauth.conf,eap-tls.conf,ext-auth.conf,farp.conf,\
|
|
fips-prf.conf,forecast.conf,gmp.conf,ha.conf,hmac.conf,kernel-netlink.conf,md5.conf,mgf1.conf,nonce.conf,newhope.conf,ntru.conf,openssl.conf,\
|
|
pem.conf,pgp.conf,pkcs1.conf,pkcs12.conf,pkcs7.conf,pkcs8.conf,pubkey.conf,random.conf,rc2.conf,resolve.conf,\
|
|
revocation.conf,sha1.conf,sha2.conf,sha3.conf,socket-default.conf,sql.conf,sqlite.conf,sshkey.conf,stroke.conf,updown.conf,\
|
|
vici.conf,x509.conf,xauth-eap.conf,xauth-generic.conf,xcbc.conf,unity.conf,curve25519.conf}
|
|
)
|
|
|
|
source=("https://download.strongswan.org/strongswan-${pkgver}.tar.bz2"
|
|
"https://download.strongswan.org/strongswan-${pkgver}.tar.bz2.sig"
|
|
'configure_ac.patch'
|
|
'https://download.strongswan.org/security/CVE-2017-11185/strongswan-4.4.0-5.5.3_gmp_mpz_export.patch'
|
|
'https://download.strongswan.org/security/CVE-2017-11185/strongswan-4.4.0-5.5.3_gmp_mpz_export.patch.sig'
|
|
)
|
|
|
|
validpgpkeys=("948F158A4E76A27BF3D07532DF42C170B34DBA77")
|
|
|
|
sha512sums=('0b0b25d2102c98cda54300dc8c3c3a49a55e64f7c695dda65a24f2194f19bce0b7aab9e4f7486c243b552f9d1a94867d6a8782ee504aad1c9973809706d599ac'
|
|
'SKIP'
|
|
'0e2c818f2f620410dda949d9016a4c1a686bf2946acb3b42a729b2376c077f4dad6762fe8d2f736c213c4895c1fbd60c0d654a1c36f72d06f58ba7cff635bc74'
|
|
'276bcbd0cd3c550ddd4b3f5dfbcb490bb1e50ec8ed97789944409e3c05232903b99332c653cec9c9cf46eab445fd67113d1babef32156b1a5c77a68d2b83260b'
|
|
'SKIP')
|
|
|
|
# We don't build libipsec because it would get loaded before kernel-netlink and netkey, which
|
|
# would case processing to be handled in user space. Also, the plugin is experimental. If you need it,
|
|
# add --enable-libipsec and --enable-kernel-libipsec
|
|
prepare() {
|
|
cd "${srcdir}/${pkgname}-${pkgver}"
|
|
patch -p1 -l < "${srcdir}/configure_ac.patch"
|
|
patch -p1 -l < "${srcdir}/strongswan-4.4.0-5.5.3_gmp_mpz_export.patch"
|
|
autoreconf
|
|
}
|
|
|
|
build() {
|
|
cd "${srcdir}/${pkgname}-${pkgver}"
|
|
|
|
./configure --prefix=/usr \
|
|
--sbindir=/usr/bin \
|
|
--sysconfdir=/etc \
|
|
--libexecdir=/usr/lib \
|
|
--with-ipsecdir=/usr/lib/strongswan \
|
|
--with-nm-ca-dir=/etc/ssl/certs \
|
|
--enable-integrity-test \
|
|
--enable-sqlite \
|
|
--enable-openssl --enable-curl \
|
|
--enable-sql --enable-attr-sql \
|
|
--enable-farp --enable-dhcp \
|
|
--enable-eap-sim --enable-eap-sim-file --enable-eap-simaka-pseudonym \
|
|
--enable-eap-simaka-reauth --enable-eap-identity --enable-eap-md5 \
|
|
--enable-eap-gtc --enable-eap-aka --enable-eap-aka-3gpp2 \
|
|
--enable-eap-mschapv2 --enable-eap-radius --enable-xauth-eap \
|
|
--enable-ha --enable-vici --enable-swanctl --enable-systemd --enable-ext-auth \
|
|
--disable-mysql --disable-ldap --enable-cmd --enable-forecast --enable-connmark \
|
|
--enable-eap-ttls --enable-radattr --enable-xauth-pam --enable-xauth-noauth \
|
|
--enable-eap-dynamic --enable-eap-peap --enable-eap-tls --enable-chapoly --enable-unity \
|
|
--with-capabilities=libcap --enable-newhope --enable-ntru --enable-mgf1 --enable-sha3 \
|
|
--enable-bliss --enable-dnscert \
|
|
--enable-nm --enable-agent
|
|
# --enable-ruby-gems --enable-python-eggs
|
|
make
|
|
}
|
|
|
|
package() {
|
|
cd "${srcdir}/${pkgname}-${pkgver}"
|
|
make DESTDIR="${pkgdir}" install
|
|
}
|
|
|