blob: 0c71b415d8b8cdcccb268b247d9e58342dd3ea94 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
|
# Maintainer: Chris Severance aur.severach aATt spamgourmet dott com
# Contributor: Gomasy <nyan@gomasy.jp>
# Contributor: Alexandre BIQUE <bique.alexandre@gmail.com>
# Contributor: Patrick Burroughs (Celti) <celti@celti.name>
set -u
pkgname='libreswan'
#pkgname+='-git'
pkgver='4.3'
pkgrel='1'
pkgdesc='IPsec implementation with IKEv1 and IKEv2 keying protocols'
arch=('i686' 'x86_64')
url='https://libreswan.org/'
license=('GPL' 'MPL')
depends=('systemd' 'unbound' 'nss' 'libcap-ng' 'curl')
depends+=('python3')
optdepends=(
'networkmanager-libreswan: NetworkManager support'
'networkmanager-l2tp: L2TP support for NetworkManager using libreswan for IPSec'
)
makedepends=('docbook-xsl' 'xmlto' 'flex' 'bison')
conflicts=('freeswan' 'openswan' 'strongswan' 'ipsec-tools')
backup=('etc/ipsec.conf' 'etc/ipsec.secrets' 'etc/pam.d/pluto')
install="${pkgname}.install"
_srcdir="${pkgname}-${pkgver}"
source=(
"https://download.libreswan.org/${pkgname}-${pkgver%%.r*}.tar.gz"
'tmpfiles.conf'
)
md5sums=('bb912cffe20163c4ee17ed2f17b3efab'
'77399a739ee99f8bc54837684d7c39d5')
sha256sums=('7ec4c06290b9643a7422b1f2f77c366b79f039117168d6b80cde0b11d76b8970'
'78265c690d58228c3bcc1a8793456172c39d493d268e9d9b1816288d0a47f573')
if [ "${pkgname%-git}" != "${pkgname}" ]; then
_srcdir="${pkgname}"
source[0]="${_srcdir}::git://github.com/libreswan/libreswan.git"
#source[0]+="#branch=release-${pkgver%%.r*}"
makedepends+=('git')
md5sums[0]='SKIP'
sha256sums[0]='SKIP'
provides=("${pkgname%-*}=${pkgver%%.r*}")
conflicts=("${pkgname%-*}")
pkgver() {
set -u
cd "${_srcdir}"
git describe --long | sed -e 's/\([^-]*-g\)/r\1/' -e 's/-/./g' -e 's:^v::g'
set +u
}
elif [ "${pkgver%%.r*}" != "${pkgver}" ]; then
pkgver() {
printf '%s' "${pkgver%.r*}"
}
fi
_bargs=(
USE_XAUTH=true
USE_LIBCAP_NG=true
USE_LEAK_DETECTIVE=false
USE_LABELED_IPSEC=false
USE_DNSSEC=false
INC_USRLOCAL='/usr' # required by 3.32 for /usr/share/doc
PREFIX='/usr'
#INC_MANDIR='/usr/share/man'
FINALMANDIR='/usr/share/man'
FINALSBINDIR='/usr/bin'
FINALLIBEXECDIR='/usr/lib/ipsec'
)
prepare() {
set -u
bash -n "${startdir}/${install}"
set +u
}
build() {
set -u
cd "${_srcdir}"
local _nproc="$(nproc)"
if [ "${_nproc}" -gt 8 ]; then
_nproc=8
fi
if [ -z "${MAKEFLAGS:=}" ] || [ "${MAKEFLAGS//-j/}" = "${MAKEFLAGS}" ]; then
MAKEFLAGS+=" -j${_nproc}"
fi
# Disable new warning introduced with GCC 6 (-Wunused-const-variable=)
local _cf=(
#-Wno-error=sign-compare
#-Wno-error=unused-const-variable
#-Wno-error=implicit-fallthrough
#-Wno-error=maybe-uninitialized
#-Wno-error=pointer-compare
#-Wno-error=format-truncation
-DNSS_PKCS11_2_0_COMPAT=1 # nss 3.52 https://github.com/libreswan/libreswan/issues/342
)
CFLAGS="${CFLAGS} ${_cf[*]}" \
nice make -s "${_bargs[@]}" programs
set +u
}
package() {
set -u
cd "${_srcdir}"
make -j1 DESTDIR="${pkgdir}/" "${_bargs[@]}" install
#sed -e '1s|python\b|python2|' -i "${pkgdir}/usr/lib/ipsec"/{verify,show}
install -Dpm644 "${srcdir}/tmpfiles.conf" "${pkgdir}/usr/lib/tmpfiles.d/libreswan.conf"
rm -rf "${pkgdir}/var"
install -Dpm644 <(cat << EOF
# Automatically generated by ${pkgname}-${pkgver} PKGBUILD from Arch Linux AUR
# https://aur.archlinux.org/
# Disable redirects for ipsec tunnels
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.default.send_redirects = 0
EOF
) "${pkgdir}/usr/lib/sysctl.d/${pkgname}-icmp-redirects.conf"
sed -e 's: = 0: = 1:g' "${pkgdir}/usr/lib/sysctl.d/${pkgname}-icmp-redirects.conf" > "${pkgdir}/usr/lib/sysctl.d/${pkgname}-icmp-redirects.conf.revert"
if [ "$(vercmp "${pkgver}" '4.0')" -ge 0 ]; then
install -dm700 "${pkgdir}/var/lib/ipsec/nss"
fi
set +u
}
set +u
# vim:set ts=2 sw=2 et:
|