diff options
| -rw-r--r-- | network/strongswan/README | 53 | ||||
| -rw-r--r-- | network/strongswan/doinst.sh | 75 | ||||
| -rw-r--r-- | network/strongswan/strongswan.SlackBuild | 60 | ||||
| -rw-r--r-- | network/strongswan/strongswan.info | 6 |
4 files changed, 123 insertions, 71 deletions
diff --git a/network/strongswan/README b/network/strongswan/README index 08b230d393..051e5974a9 100644 --- a/network/strongswan/README +++ b/network/strongswan/README @@ -1,4 +1,53 @@ StrongSwan is an OpenSource IPsec implementation for Linux. -This build enables the OpenSSL extension which is included in the -default Slackware install so it will cause no issues. +This SlackBuild enables configure options which are known to compile +without issue on a stock Slackware 14.2 system. These options provide +additional functionality and increase this packages ability to +inter operate with various vendor implementations. Unwanted and/or +unnecessary plugins can be disabled a run-time via the 'load' flag in +/etc/strongswan.d/charon/*.conf files. + +The following configure options are enabled by default: + + --enable-shared + --enable-silent-rules + --enable-openssl + --enable-unity + --enable-curl + --enable-sql + --enable-sqlite + --enable-cmd + --enable-af-alg + --enable-gcrypt + --enable-aesni + --enable-sha3 + --enable-files + --enable-lookip + --enable-eap-mschapv2 + --enable-eap-tls + --enable-eap-ttls + --enable-eap-radius + --enable-ext-auth + --enable-xauth-eap + +To disable the above options set the environment variable CONFIG_OPTS +to the empty string when calling this SlackBuild. + +Example: +env CONFIG_OPTS=" " sh ./strongswan.SlackBuild + +To override the defaults options set CONFIG_OPTS to your desired set +of configure options. + +Example: +env CONFIG_OPTS="--enable-openssl --enable-unity" sh ./strongswan.SlackBuild + +To add to the default options without overwriting them set the +EXTRA_CONFIG_OPTS environment variable. + +Example: +env EXTRA_CONFIG_OPTS="--enable-socket-dynamic --enable-dhcp" sh ./strongswan.SlackBuild + +The list of available options and their descriptions are available here: + +https://wiki.strongswan.org/projects/strongswan/wiki/Autoconf diff --git a/network/strongswan/doinst.sh b/network/strongswan/doinst.sh index 4b38254410..a88995c5ed 100644 --- a/network/strongswan/doinst.sh +++ b/network/strongswan/doinst.sh @@ -1,59 +1,22 @@ + config() { - NEW="$1" - OLD="$(dirname $NEW)/$(basename $NEW .new)" - # If there's no config file by that name, mv it over: - if [ ! -r $OLD ]; then - mv $NEW $OLD - elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy - rm $NEW - fi - # Otherwise, we leave the .new copy for the admin to consider... + NEW="$1" + OLD="${1%.new}" + if [ ! -r $OLD ]; + then + # If there's no config file by that name, mv it over: + mv $NEW $OLD + elif [ "$(md5sum <$OLD)" = "$(md5sum <$NEW)" ]; + then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... } -config etc/ipsec.conf.new -config etc/ipsec.secrets.new -config etc/strongswan.conf.new -config etc/swanctl/swanctl.conf.new -config etc/strongswan.d/starter.conf.new -config etc/strongswan.d/swanctl.conf.new -config etc/strongswan.d/charon-logging.conf.new -config etc/strongswan.d/pki.conf.new -config etc/strongswan.d/scepclient.conf.new -config etc/strongswan.d/charon/attr.conf.new -config etc/strongswan.d/charon/sshkey.conf.new -config etc/strongswan.d/charon/pem.conf.new -config etc/strongswan.d/charon/mgf1.conf.new -config etc/strongswan.d/charon/pkcs8.conf.new -config etc/strongswan.d/charon/kernel-netlink.conf.new -config etc/strongswan.d/charon/nonce.conf.new -config etc/strongswan.d/charon/curve25519.conf.new -config etc/strongswan.d/charon/pkcs12.conf.new -config etc/strongswan.d/charon/x509.conf.new -config etc/strongswan.d/charon/dnskey.conf.new -config etc/strongswan.d/charon/stroke.conf.new -config etc/strongswan.d/charon/random.conf.new -config etc/strongswan.d/charon/hmac.conf.new -config etc/strongswan.d/charon/vici.conf.new -config etc/strongswan.d/charon/md5.conf.new -config etc/strongswan.d/charon/pubkey.conf.new -config etc/strongswan.d/charon/counters.conf.new -config etc/strongswan.d/charon/sha2.conf.new -config etc/strongswan.d/charon/rc2.conf.new -config etc/strongswan.d/charon/pkcs1.conf.new -config etc/strongswan.d/charon/aes.conf.new -config etc/strongswan.d/charon/xauth-generic.conf.new -config etc/strongswan.d/charon/revocation.conf.new -config etc/strongswan.d/charon/cmac.conf.new -config etc/strongswan.d/charon/sha1.conf.new -config etc/strongswan.d/charon/updown.conf.new -config etc/strongswan.d/charon/pkcs7.conf.new -config etc/strongswan.d/charon/fips-prf.conf.new -config etc/strongswan.d/charon/gmp.conf.new -config etc/strongswan.d/charon/pgp.conf.new -config etc/strongswan.d/charon/xcbc.conf.new -config etc/strongswan.d/charon/openssl.conf.new -config etc/strongswan.d/charon/des.conf.new -config etc/strongswan.d/charon/constraints.conf.new -config etc/strongswan.d/charon/resolve.conf.new -config etc/strongswan.d/charon/socket-default.conf.new -config etc/strongswan.d/charon.conf.new +# doinst.sh reads the list of files from ./install/conffiles at install time. +# ./install/conffiles was generated by strongswan.SlackBuild +for cf in $(cat install/conffiles) +do + config $cf.new +done diff --git a/network/strongswan/strongswan.SlackBuild b/network/strongswan/strongswan.SlackBuild index 2b9fae21ae..648f426e0f 100644 --- a/network/strongswan/strongswan.SlackBuild +++ b/network/strongswan/strongswan.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2018, Wayne Cuddy, wcuddyATgmailDOTcom +# Copyright 2018-2019, Wayne Cuddy, wcuddyATgmailDOTcom # Copyright 2009-2013, Jonathan Larsen (agentc0re), SLC, UT # Copyright 2013-2015, Markus Hutmacher, mailing@markhu.de # All rights reserved. @@ -22,11 +22,40 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +# 2019-03-02: +# - upgraded upstream version to 5.7.2 +# - added DEFAULT_CONFIG_OPTS and EXTRA_CONFIG_OPTS +# + PRGNAM=strongswan -VERSION=${VERSION:-5.6.2} +VERSION=${VERSION:-5.7.2} BUILD=${BUILD:-1} TAG=${TAG:-_SBo} +DEFAULT_CONFIG_OPTS="\ + --enable-shared \ + --enable-silent-rules \ + --enable-openssl \ + --enable-unity \ + --enable-curl \ + --enable-sql \ + --enable-sqlite \ + --enable-cmd \ + --enable-af-alg \ + --enable-gcrypt \ + --enable-aesni \ + --enable-sha3 \ + --enable-files \ + --enable-lookip \ + --enable-eap-mschapv2 \ + --enable-eap-tls \ + --enable-eap-ttls \ + --enable-eap-radius \ + --enable-ext-auth \ + --enable-xauth-eap \ +" + if [ -z "$ARCH" ]; then case "$( uname -m )" in i?86) ARCH=i586 ;; @@ -78,10 +107,9 @@ CXXFLAGS="$SLKCFLAGS" \ --localstatedir=/var \ --mandir=/usr/man \ --docdir=/usr/doc/$PRGNAM-$VERSION \ - --enable-shared \ - --disable-static \ - --enable-openssl \ - --build=$ARCH-slackware-linux + --build=$ARCH-slackware-linux \ + ${CONFIG_OPTS:-$DEFAULT_CONFIG_OPTS} \ + $EXTRA_CONFIG_OPTS make make install DESTDIR=$PKG @@ -92,18 +120,30 @@ find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | gr find $PKG/usr/man -type f -exec gzip -9 {} \; for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done -# Don't clobber existing config files -mv $PKG/etc/ipsec.secrets $PKG/etc/ipsec.secrets.new -for i in $(find $PKG/etc -type f -name '*.conf') ; do mv $i $i.new ; done - mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION cd $TMP/$PRGNAM-$VERSION cp -a COPYING ChangeLog INSTALL NEWS README TODO $PKG/usr/doc/$PRGNAM-$VERSION cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild + mkdir -p $PKG/install cat $CWD/slack-desc > $PKG/install/slack-desc cat $CWD/doinst.sh > $PKG/install/doinst.sh cd $PKG + +# Don't clobber existing config files. The options passed to the +# configure script determine which plugins are built. The plugin list +# determines which configuration files are installed. It's not possible +# to know this ahead of time since the user can modify the plugins to +# this SlackBuild. This loop tracks configuration files produced during +# the build. The doinst.sh script will use this information during +# package installation to ensure modified configuration files are not +# overwritten. +for i in $(find etc -type f) +do + mv $i $i.new + echo $i +done 1>>$PKG/install/conffiles + /sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz} diff --git a/network/strongswan/strongswan.info b/network/strongswan/strongswan.info index f3b983a049..04418f989a 100644 --- a/network/strongswan/strongswan.info +++ b/network/strongswan/strongswan.info @@ -1,8 +1,8 @@ PRGNAM="strongswan" -VERSION="5.6.2" +VERSION="5.7.2" HOMEPAGE="https://www.strongswan.org" -DOWNLOAD="https://download.strongswan.org/strongswan-5.6.2.tar.bz2" -MD5SUM="46aa3aa18fbc4bd528f9a0345ce79913" +DOWNLOAD="https://download.strongswan.org/strongswan-5.7.2.tar.bz2" +MD5SUM="618de96dc2a506f82a162a5abf9263d4" DOWNLOAD_x86_64="" MD5SUM_x86_64="" REQUIRES="" |