void-packages/srcpkgs/strongswan/template
Domagoj Stolfa e2e356a65f strongswan: update to 5.9.2, fix tests, fix eap-mschapv2.
The test failure in void was due to tzdata being a runtime dependency
of one test indirectly, so we simply add it in makedepends.

All tests now run *locally*, however there are still some failures in CI
that need to be addressed in the future. For now, add
`make_check=ci-skip` to the template.

For eap-mschapv2 to be loaded at runtime, we need to have
--enable-openssl as a configuration flag. While strongswan will build
and install eap-mschapv2 without it, it will never actually load it as a
plugin and it simply won't work.
2021-05-14 15:50:19 -03:00

41 lines
1.7 KiB
Bash

# Template file for 'strongswan'
pkgname=strongswan
version=5.9.2
revision=1
build_style=gnu-configure
# tpm support waits on libtss2
configure_args="--disable-static --enable-blowfish --enable-curl --enable-md4
--enable-openssl --enable-eap-radius --enable-eap-mschapv2 --enable-eap-md5
--enable-eap-identity --enable-eap-dynamic --enable-led --enable-ha --enable-dhcp
--enable-mediation --enable-soup --disable-des --enable-chapoly --enable-nm"
hostmakedepends="pkg-config flex bison python"
makedepends="gmp-devel libsoup-devel libldns-devel unbound-devel libcurl-devel
NetworkManager-devel openssl-devel"
depends="iproute2 sqlite"
checkdepends="tzdata"
conf_files="/etc/*.conf /etc/strongswan.d/*.conf /etc/strongswan.d/charon/*.conf /etc/ipsec.secrets"
short_desc="IPsec-based VPN solution, supporting IKEv1/IKEv2 and MOBIKE"
maintainer="Toyam Cox <Vaelatern@voidlinux.org>"
license="GPL-2.0-or-later"
homepage="https://www.strongswan.org/"
changelog="https://wiki.strongswan.org/projects/strongswan/wiki/Changelog"
distfiles="https://download.strongswan.org/${pkgname}-${version}.tar.bz2"
checksum=61c72f741edb2c1295a7b7ccce0317a104b3f9d39efd04c52cd05b01b55ab063
make_dirs="/etc/ipsec.d/ 0755 root root
/etc/ipsec.d/aacerts 0755 root root
/etc/ipsec.d/acerts 0755 root root
/etc/ipsec.d/cacerts 0755 root root
/etc/ipsec.d/oscpcerts 0755 root root
/etc/ipsec.d/certs 0755 root root
/etc/ipsec.d/crls 0755 root root
/etc/ipsec.d/reqs 0755 root root
/etc/ipsec.d/private 0750 root root"
# CI checks are currently disabled due to a number of tests failing either as a
# result of GitHub Actions having a networking setup that is incompatible with
# them, or some other issue that is difficult to reproduce locally.
make_check=ci-skip
post_install() {
vsv strongswan
}