diff options
Diffstat (limited to 'network/strongswan')
-rw-r--r-- | network/strongswan/README | 15 | ||||
-rw-r--r-- | network/strongswan/doinst.sh | 29 | ||||
-rw-r--r-- | network/strongswan/strongswan.SlackBuild | 54 | ||||
-rw-r--r-- | network/strongswan/strongswan.info | 6 |
4 files changed, 71 insertions, 33 deletions
diff --git a/network/strongswan/README b/network/strongswan/README index 1a0e9c8a6a..c94b742200 100644 --- a/network/strongswan/README +++ b/network/strongswan/README @@ -4,7 +4,7 @@ This SlackBuild enables configure options which are known to compile without issue on a stock Slackware 14.2 system. These options provide additional functionality and increase this packages ability to inter operate with various vendor implementations. Unwanted and/or -unnecessary plugins can be disabled a run-time via the 'load' flag in +unnecessary plugins can be disabled at run-time via the 'load' flag in /etc/strongswan.d/charon/*.conf files. The following configure options are enabled by default: @@ -23,6 +23,8 @@ The following configure options are enabled by default: --enable-sha3 --enable-files --enable-lookip + --enable-eap-gtc + --enable-eap-md5 --enable-eap-identity --enable-eap-mschapv2 --enable-eap-tls @@ -47,6 +49,7 @@ The following configure options are enabled by default: --enable-counters --enable-farp --enable-lookip + --enable-nm To disable the above options set the environment variable CONFIG_OPTS @@ -59,13 +62,19 @@ To override the defaults options set CONFIG_OPTS to your desired set of configure options. Example: -env CONFIG_OPTS="--enable-openssl --enable-unity" sh ./strongswan.SlackBuild +env CONFIG_OPTS="--enable-openssl --enable-unity" \ + sh ./strongswan.SlackBuild To add to the default options without overwriting them set the EXTRA_CONFIG_OPTS environment variable. Example: -env EXTRA_CONFIG_OPTS="--enable-socket-dynamic --enable-dhcp" sh ./strongswan.SlackBuild +env EXTRA_CONFIG_OPTS="--enable-socket-dynamic --enable-dhcp"\ + sh ./strongswan.SlackBuild + +Certain use cases may cause issues when bypass-lan is loaded. The +SlackBuild script disables loading of the bypass-lan module. This can +be changed in bypass-lan.conf after installation if required. The list of available options and their descriptions are available here: diff --git a/network/strongswan/doinst.sh b/network/strongswan/doinst.sh index a88995c5ed..19a6ff6ac8 100644 --- a/network/strongswan/doinst.sh +++ b/network/strongswan/doinst.sh @@ -1,22 +1,13 @@ - config() { - NEW="$1" - OLD="${1%.new}" - if [ ! -r $OLD ]; - then - # If there's no config file by that name, mv it over: - mv $NEW $OLD - elif [ "$(md5sum <$OLD)" = "$(md5sum <$NEW)" ]; - then - # toss the redundant copy - rm $NEW - fi - # Otherwise, we leave the .new copy for the admin to consider... + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... } -# doinst.sh reads the list of files from ./install/conffiles at install time. -# ./install/conffiles was generated by strongswan.SlackBuild -for cf in $(cat install/conffiles) -do - config $cf.new -done diff --git a/network/strongswan/strongswan.SlackBuild b/network/strongswan/strongswan.SlackBuild index a36d0c351c..be9f4e9a42 100644 --- a/network/strongswan/strongswan.SlackBuild +++ b/network/strongswan/strongswan.SlackBuild @@ -1,6 +1,6 @@ -#!/bin/sh +#!/bin/bash -# Copyright 2018-2019, Wayne Cuddy, wcuddyATgmailDOTcom +# Copyright 2018-2022, Wayne Cuddy, wcuddyATgmailDOTcom # Copyright 2009-2013, Jonathan Larsen (agentc0re), SLC, UT # Copyright 2013-2015, Markus Hutmacher, mailing@markhu.de # All rights reserved. @@ -23,6 +23,26 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # +# 2023-11-17 +# - upgraded upstream to verion 5.9.11 +# +# 2022-12-25 +# - added configure options in preparation for NetworkManager-Strongswan +# --enable-eap-gtc +# --enable-eap-md5 +# --enable-nm +# +# 2022-10-09 +# - upgraded upstream version to 5.9.8 +# - removed INSTALL file per sbopkglint +# +# 2022-04-16 +# - upgraded upstream version to 5.9.5 +# +# 2020-12-21 +# - continue building bypass-lan but disable it by default so that the +# admin can still enable it if necessary +# # 2019-09-17 # - upgraded upstream version to 5.8.1 # - added additional "enable" options to DEFAULT_CONFIG_OPTS @@ -32,10 +52,13 @@ # - added DEFAULT_CONFIG_OPTS and EXTRA_CONFIG_OPTS # +cd $(dirname $0) ; CWD=$(pwd) + PRGNAM=strongswan -VERSION=${VERSION:-5.8.1} +VERSION=${VERSION:-5.9.11} BUILD=${BUILD:-1} TAG=${TAG:-_SBo} +PKGTYPE=${PKGTYPE:-tgz} DEFAULT_CONFIG_OPTS="\ --enable-shared \ @@ -52,6 +75,8 @@ DEFAULT_CONFIG_OPTS="\ --enable-sha3 \ --enable-files \ --enable-lookip \ + --enable-eap-gtc \ + --enable-eap-md5 \ --enable-eap-identity \ --enable-eap-mschapv2 \ --enable-eap-tls \ @@ -76,6 +101,7 @@ DEFAULT_CONFIG_OPTS="\ --enable-counters \ --enable-farp \ --enable-lookip \ + --enable-nm \ " if [ -z "$ARCH" ]; then @@ -86,7 +112,14 @@ if [ -z "$ARCH" ]; then esac fi -CWD=$(pwd) +# If the variable PRINT_PACKAGE_NAME is set, then this script will report what +# the name of the created package would be, and then exit. This information +# could be useful to other scripts. +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE" + exit 0 +fi + TMP=${TMP:-/tmp/SBo} PKG=$TMP/package-$PRGNAM OUTPUT=${OUTPUT:-/tmp} @@ -144,7 +177,7 @@ for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; r mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION cd $TMP/$PRGNAM-$VERSION -cp -a COPYING ChangeLog INSTALL NEWS README TODO $PKG/usr/doc/$PRGNAM-$VERSION +cp -a COPYING ChangeLog NEWS README TODO $PKG/usr/doc/$PRGNAM-$VERSION cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild @@ -165,7 +198,12 @@ cd $PKG for i in $(find etc -type f) do mv $i $i.new - echo $i -done 1>>$PKG/install/conffiles + echo "config $i.new" >> $PKG/install/doinst.sh +done + +# bypass-lan may cause problems for most users but it still used in many +# situations. Disable it by default allowing the user to enable it if +# necessary. +sed -i -e 's/load = yes/load = no/' $PKG/etc/strongswan.d/charon/bypass-lan.conf.new -/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz} +/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE diff --git a/network/strongswan/strongswan.info b/network/strongswan/strongswan.info index 2150bf7408..3a9a3ff6d4 100644 --- a/network/strongswan/strongswan.info +++ b/network/strongswan/strongswan.info @@ -1,8 +1,8 @@ PRGNAM="strongswan" -VERSION="5.8.1" +VERSION="5.9.11" HOMEPAGE="https://www.strongswan.org" -DOWNLOAD="https://download.strongswan.org/strongswan-5.8.1.tar.bz2" -MD5SUM="5a6b9980cd1ac4fad3c24b55ed960ac9" +DOWNLOAD="https://download.strongswan.org/strongswan-5.9.11.tar.bz2" +MD5SUM="673e194cd256af77b46928179f2c81ad" DOWNLOAD_x86_64="" MD5SUM_x86_64="" REQUIRES="" |