X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=lfs%2Fstrongswan;h=99261ce934a545f6eac4bd368287493cd70acd24;hb=d03916e55851a243594ebf6f0c20c8f6d9092277;hp=5256b0ac6cae303421e835362ae1fcc040e78a99;hpb=e6461027b010b3a3fc80f89dc6266ba2001ada2e;p=ipfire-2.x.git

diff --git a/lfs/strongswan b/lfs/strongswan
index 5256b0ac6c..99261ce934 100644
--- a/lfs/strongswan
+++ b/lfs/strongswan
@@ -1,7 +1,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2013  IPFire Team  <info@ipfire.org>                     #
+# Copyright (C) 2007-2018  IPFire Team  <info@ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 5.2.0
+VER        = 5.7.2
 
 THISAPP    = strongswan-$(VER)
 DL_FILE    = $(THISAPP).tar.bz2
@@ -32,14 +32,6 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/strongswan-$(VER)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 
-ifeq "$(MACHINE)" "i586"
-	CONFIGURE_OPTIONS = \
-		--enable-padlock
-else
-	CONFIGURE_OPTIONS = \
-		--disable-padlock
-endif
-
 ###############################################################################
 # Top-level Rules
 ###############################################################################
@@ -48,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = 5cee4ee1a6ccb74400758b3ace54d46e
+$(DL_FILE)_MD5 = 618de96dc2a506f82a162a5abf9263d4
 
 install : $(TARGET)
 
@@ -78,9 +70,9 @@ $(subst %,%_MD5,$(objects)) :
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	@$(PREBUILD)
 	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
-	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.0.2_ipfire.patch
+	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-disable-ipv6.patch
+	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-ipfire.patch
 
-	cd $(DIR_APP) && [ -x "configure" ] || ./autogen.sh
 	cd $(DIR_APP) && ./configure \
 		--prefix="/usr" \
 		--sysconfdir="/etc" \
@@ -89,6 +81,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 		--enable-farp \
 		--enable-openssl \
 		--enable-gcrypt \
+		--enable-ccm \
+		--enable-ctr \
+		--enable-gcm \
 		--enable-xauth-eap \
 		--enable-xauth-noauth \
 		--enable-eap-radius \
@@ -97,6 +92,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 		--enable-eap-peap \
 		--enable-eap-mschapv2 \
 		--enable-eap-identity \
+		--enable-chapoly \
+		--disable-padlock \
+		--disable-rc2 \
 		$(CONFIGURE_OPTIONS)
 
 	cd $(DIR_APP) && make $(MAKETUNING)
@@ -105,8 +103,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	# Remove all library files we don't want or need.
 	rm -vf /usr/lib/ipsec/plugins/*.{,l}a
 
-	-rm -rfv /etc/rc*.d/*ipsec
-	cd $(DIR_SRC) && cp src/initscripts/init.d/ipsec /etc/rc.d/init.d/ipsec
 	rm -f /etc/ipsec.conf /etc/ipsec.secrets
 	ln -sf $(CONFIG_ROOT)/vpn/ipsec.conf /etc/ipsec.conf
 	ln -sf $(CONFIG_ROOT)/vpn/ipsec.secrets /etc/ipsec.secrets
@@ -116,5 +112,8 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	ln -sf $(CONFIG_ROOT)/certs /etc/ipsec.d/certs
 	ln -sf $(CONFIG_ROOT)/crls  /etc/ipsec.d/crls
 
+	install -v -m 644 $(DIR_SRC)/config/strongswan/charon.conf \
+		/etc/strongswan.d/charon.conf
+
 	@rm -rf $(DIR_APP)
 	@$(POSTBUILD)