129 lines
2.9 KiB
Plaintext
129 lines
2.9 KiB
Plaintext
###############################################################################
|
|
# IPFire.org - An Open Source Firewall Solution #
|
|
# Copyright (C) - IPFire Development Team <info@ipfire.org> #
|
|
###############################################################################
|
|
|
|
name = strongswan
|
|
version = 5.8.0
|
|
release = 1
|
|
|
|
groups = Networking/VPN
|
|
url = http://www.strongswan.org/
|
|
license = GPL
|
|
summary = IPsec (IKEv1 + IKEv2) implementation for Linux.
|
|
|
|
description
|
|
StrongSwan is a complete IPsec and IKEv1 implementation for
|
|
Linux 2.4 and 2.6 kernels. It also fully supports the new IKEv2
|
|
protocol with Linux 2.6 kernels. It interoperates in both IKEv1
|
|
and IKEv2 mode with most other IPsec-based VPN products.
|
|
end
|
|
|
|
source_dl = http://download.strongswan.org/
|
|
sources = %{thisapp}.tar.bz2
|
|
|
|
build
|
|
requires
|
|
autoconf
|
|
automake
|
|
bison
|
|
flex
|
|
gmp-devel
|
|
gperf
|
|
ldns-devel
|
|
libcap-devel
|
|
libcurl-devel
|
|
libgcrypt-devel
|
|
libtool
|
|
openldap-devel
|
|
openssl-devel
|
|
perl
|
|
sqlite-devel
|
|
systemd-devel >= 221-2
|
|
unbound-devel >= 1.7
|
|
end
|
|
|
|
configure_options += \
|
|
--disable-static \
|
|
--with-ipseclibdir=%{libdir}/ipsec \
|
|
--enable-curl \
|
|
--enable-ldap \
|
|
--enable-openssl \
|
|
--enable-sqlite \
|
|
--enable-gcrypt \
|
|
--enable-ccm \
|
|
--enable-ctr \
|
|
--enable-gcm \
|
|
--enable-chapoly \
|
|
--enable-unity \
|
|
--enable-xauth-eap \
|
|
--enable-xauth-noauth \
|
|
--enable-eap-radius \
|
|
--enable-eap-tls \
|
|
--enable-eap-ttls \
|
|
--enable-eap-peap \
|
|
--enable-eap-mschapv2 \
|
|
--enable-eap-identity \
|
|
--disable-blowfish \
|
|
--disable-rc2 \
|
|
--with-capabilities=libcap \
|
|
--enable-unbound \
|
|
--enable-systemd \
|
|
--disable-charon \
|
|
--disable-stroke \
|
|
--disable-scepclient
|
|
|
|
if "%{DISTRO_ARCH}" == "i686"
|
|
configure_options += --enable-padlock
|
|
end
|
|
|
|
# The testsuite does not run through in the build system
|
|
# on ARM systems.
|
|
#test
|
|
# make check
|
|
#end
|
|
|
|
install_cmds
|
|
# Install network settings
|
|
install -v -m 644 %{DIR_SOURCE}/network.conf \
|
|
%{BUILDROOT}%{sysconfdir}/strongswan.d/
|
|
|
|
# Create directory for connections
|
|
mkdir -pv %{BUILDROOT}%{sysconfdir}/swanctl/connections
|
|
echo "include connections/*.conf" > \
|
|
%{BUILDROOT}%{sysconfdir}/swanctl/swanctl.conf
|
|
|
|
# Drop unneeded files.
|
|
rm -rvf %{BUILDROOT}%{libdir}/ipsec/lib*.so
|
|
|
|
# Move libraries to libdir.
|
|
mv %{BUILDROOT}%{libdir}/ipsec/lib*.so.* %{BUILDROOT}%{libdir}
|
|
end
|
|
end
|
|
|
|
packages
|
|
package %{name}
|
|
script postin
|
|
systemctl daemon-reload >/dev/null 2>&1 || :
|
|
end
|
|
|
|
script postup
|
|
systemctl daemon-reload >/dev/null 2>&1 || :
|
|
systemctl reload-or-try-restart strongswan.service >/dev/null 2>&1 || :
|
|
end
|
|
|
|
script preun
|
|
systemctl disable --no-reload strongswan.service >/dev/null 2>&1 || :
|
|
systemctl stop strongswan.service >/dev/null 2>&1 || :
|
|
end
|
|
|
|
script postun
|
|
systemctl daemon-reload >/dev/null 2>&1 || :
|
|
end
|
|
end
|
|
|
|
package %{name}-debuginfo
|
|
template DEBUGINFO
|
|
end
|
|
end
|