#!/bin/sh # ###################################################### ## Build script for Core 15.x # ## # ## See .info for details # ###################################################### ###################################################### # Configure extension creation parameters # ###################################################### # Variables EXTNAM=strongswan VERSION="5.9.14" SRCNAM=$EXTNAM-$VERSION.tar.bz2 WRKDIR=$EXTNAM-$VERSION BASEDIR=/tmp/$EXTNAM SRCDIR=/tmp/$EXTNAM/source TMPDIR=/tmp/$EXTNAM/$EXTNAM DESTDIR=/tmp/$EXTNAM/build TODAY=`date +%Y/%m/%d` DESCRIPTION="strongswan the OpenSource IPsec-based VPN Solution" DOCDESCRIPTION="Documentation part of strongswan the OpenSource IPsec-based VPN Solution" DEVDESCRIPTION="Development files part of the strongswan the OpenSource IPsec-based VPN Solution" AUTHORS="Andreas Steffen" HOMEPAGE="https://www.strongswan.org/" LICENSE="GPLv2" ME="rhermsen" TAGS="strongswan vpn ipsec" DOCTAGS="man pages strongswan vpn ipsec" DEVTAGS="development strongswan vpn ipsec" ###################################################### # Prepare extension creation # ###################################################### tce-load -wi ca-certificates.tcz echo "ca_directory = /usr/local/etc/ssl/certs" > ~/.wgetrc # Compile tools: tce-load -wi compiletc.tcz tce-load -wi squashfs-tools.tcz #tce-load -wi autoconf.tcz #tce-load -wi automake.tcz #tce-load -wi libtool.tcz #tce-load -wi libltdl.tcz #tce-load -wi pkg-config.tcz #tce-load -wi intltool.tcz #tce-load -wi libtool-dev.tcz # Configure dependancy tce-load -wi gmp-dev.tcz # Optional tce-load -wi python3.9.tcz # Other tce-load -wi ipv6-netfilter-KERNEL.tcz # Remove dirs and files left from previous creation rm -r -f $SRCDIR 2>/dev/null rm -r -f $WRKDIR 2>/dev/null rm -r -f $DESTDIR 2>/dev/null sudo rm -r -f $TMPDIR 2>/dev/null sudo rm -r -f $TMPDIR-doc 2>/dev/null sudo rm -r -f $TMPDIR-dev 2>/dev/null ###################################################### # Compile extension # ###################################################### # Export variables needed for compilation ARCH=`uname -m` if [ $ARCH == "i686" ] then export CFLAGS="-march=i486 -mtune=i686 -Os -pipe" # export CXXFLAGS="-Os -pipe -fno-exceptions -fno-rtti -march=i486 -mtune=i686" export CXXFLAGS="-march=i486 -mtune=i686 -Os -pipe" elif [ $ARCH == "x86_64" ] then export CFLAGS="-mtune=generic -Os -pipe" export CXXFLAGS="-mtune=generic -Os -pipe" else exit 1 fi export LDFLAGS="-Wl,-O1" export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig # Download source in SRCDIR mkdir -p $SRCDIR cd $SRCDIR wget http://download.strongswan.org/$SRCNAM # Unpack source in current directory tar -xjf $SRCNAM cd $WRKDIR # Configure it ./configure --prefix=/usr/local \ --sysconfdir=/usr/local/etc/$EXTNAM \ --localstatedir=/var/$EXTNAM # --with-user=tc \ # --with-group=staff # Compile make mkdir -p $DESTDIR make DESTDIR=$DESTDIR install # Install in base temp dir mkdir -p $TMPDIR/usr/local/bin mkdir -p $TMPDIR/usr/local/etc/$EXTNAM/strongswan.d/charon/ mkdir -p $TMPDIR/usr/local/lib/ipsec/plugins/ mkdir -p $TMPDIR/usr/local/libexec/ipsec/ mkdir -p $TMPDIR/usr/local/sbin mkdir -p $TMPDIR/usr/local/share/doc/${EXTNAM}/ mv $DESTDIR/usr/local/bin/* $TMPDIR/usr/local/bin cd $DESTDIR/usr/local/etc/$EXTNAM/ for file in *.conf do mv $DESTDIR/usr/local/etc/$EXTNAM/$file $TMPDIR/usr/local/etc/$EXTNAM/$file.sample done mv $DESTDIR/usr/local/etc/$EXTNAM/ipsec.secrets $TMPDIR/usr/local/etc/$EXTNAM/ipsec.secrets.sample mv $DESTDIR/usr/local/etc/$EXTNAM/ipsec.d $TMPDIR/usr/local/etc/$EXTNAM/ cd $DESTDIR/usr/local/etc/$EXTNAM/strongswan.d/ for file in *.conf do mv $DESTDIR/usr/local/etc/$EXTNAM/strongswan.d/$file $TMPDIR/usr/local/etc/$EXTNAM/strongswan.d/$file.sample done cd $DESTDIR/usr/local/etc/$EXTNAM/strongswan.d/charon/ for file in *.conf do mv $DESTDIR/usr/local/etc/$EXTNAM/strongswan.d/charon/$file $TMPDIR/usr/local/etc/$EXTNAM/strongswan.d/charon/$file.sample done mv $DESTDIR/usr/local/etc/$EXTNAM/swanctl/ $TMPDIR/usr/local/etc/$EXTNAM/ mv $TMPDIR/usr/local/etc/$EXTNAM/swanctl/swanctl.conf $TMPDIR/usr/local/etc/$EXTNAM/swanctl/swanctl.conf.sample mv $DESTDIR/usr/local/lib/ipsec/*.so* $TMPDIR/usr/local/lib/ipsec/ mv $DESTDIR/usr/local/lib/ipsec/plugins/*.so* $TMPDIR/usr/local/lib/ipsec/plugins/ mv $DESTDIR/usr/local/libexec/ipsec/* $TMPDIR/usr/local/libexec/ipsec/ mv $DESTDIR/usr/local/sbin/* $TMPDIR/usr/local/sbin cp /tmp/${EXTNAM}/source/${EXTNAM}-${VERSION}/LICENSE $TMPDIR/usr/local/share/doc/${EXTNAM}/ ################################################### # Create info file # ################################################### if [ $ARCH == "i686" ] then cat < /tmp/$EXTNAM/${EXTNAM}.tcz.info Title: ${EXTNAM}.tcz Description: ${DESCRIPTION} Version: ${VERSION} Author: ${AUTHORS} Original-site: ${HOMEPAGE} Copying-policy: ${LICENSE} Size: ${size} Extension_by: ${ME} Tags: ${TAGS} Comments: StrongSwan is an OpenSource IPsec implementation. strongSwan originally was designed for Linux, but has since been ported to Android, FreeBSD, Mac OS X, Windows and other platforms. The focus of strongSwan is on: 'simplicity of configuration strong encryption and authentication methods powerful IPsec policies supporting large and complex VPN networks modular design with great expandability You can ignore the 'modprobe: module not found in modules.dep' messages. TCL hase these options build into the kernel. The IPv6 kernel modules are not automatically installed. If IPv6 is desired, install ipv6-netfilter-x.x.x-tinycore.tcz via the Apps GUI, or cli (tce-load -wi ipv6-netfilter-KERNEL). StrongSwan is compiled with Python-3.9 installed, but not specified as dependency. If desired install via Apps GUI or cli. (tce-load -wi python3.9.tcz) Configuration templates are located in ${EXTNAM}-doc.tcz. (/usr/local/share/strongswan/templates/config/) Change-log: 2018/06/27 First Version, 5.6.3 2022/02/24 Updated version, 5.9.5 ${TODAY} Updated version, $VERSION Current: ${TODAY} Updated version, $VERSION EOF elif [ $ARCH == "x86_64" ] then cat < /tmp/$EXTNAM/${EXTNAM}.tcz.info Title: ${EXTNAM}.tcz Description: ${DESCRIPTION} Version: ${VERSION} Author: ${AUTHORS} Original-site: ${HOMEPAGE} Copying-policy: ${LICENSE} Size: ${size} Extension_by: ${ME} Tags: ${TAGS} Comments: StrongSwan is an OpenSource IPsec implementation. strongSwan originally was designed for Linux, but has since been ported to Android, FreeBSD, Mac OS X, Windows and other platforms. The focus of strongSwan is on: 'simplicity of configuration strong encryption and authentication methods powerful IPsec policies supporting large and complex VPN networks modular design with great expandability You can ignore the 'modprobe: module not found in modules.dep' messages. TCL hase these options build into the kernel. The IPv6 kernel modules are not automatically installed. If IPv6 is desired, install ipv6-netfilter-x.x.x-tinycore.tcz via the Apps GUI, or cli (tce-load -wi ipv6-netfilter-KERNEL). StrongSwan is compiled with Python-3.9 installed, but not specified as dependency. If desired install via Apps GUI or cli. (tce-load -wi python3.9.tcz) Configuration templates are located in ${EXTNAM}-doc.tcz. (/usr/local/share/strongswan/templates/config/) Change-log: ${TODAY} First Version, $VERSION Current: ${TODAY} First Version, $VERSION EOF fi ################################################### # Create .dep file # ################################################### cat < /tmp/${EXTNAM}/${EXTNAM}.tcz.dep iptables.tcz gmp.tcz EOF ################################################### # Create install script file # ################################################### mkdir -p $TMPDIR/usr/local/tce.installed cat < $TMPDIR/usr/local/tce.installed/${EXTNAM} #!/bin/sh for dir in /usr/local/etc/strongswan /usr/local/etc/strongswan/strongswan.d /usr/local/etc/strongswan/strongswan.d/charon /usr/local/etc/strongswan/swanctl do cd \$dir for file in *.sample do if [ -r \${file%.sample} ]; then echo "Verify if \$dir/\${file%.sample} requires changes." | tee /dev/null echo "See \$dir/\$file for the example." | tee /dev/null else sudo -u tc cp \$file \${file%.sample} for match in ipsec.conf ipsec.secrets strongswan.conf do if [ \${file%.sample} = \${match} ]; then echo \${dir:1}/\${file%.sample} >> /opt/.filetool.lst fi done fi done done EOF # Delete compilation work directory cd .. #rm -r -f $WRKDIR # Adjust directory access rigths find $TMPDIR/ -type d | xargs chmod -v 755; # Strip executables find $TMPDIR | xargs file | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded # Move files to doc extension mkdir -p $TMPDIR-doc/usr/local/share/man/man1 mkdir -p $TMPDIR-doc/usr/local/share/man/man5 mkdir -p $TMPDIR-doc/usr/local/share/man/man8 mkdir -p $TMPDIR-doc/usr/local/share/strongswan/templates/config/ mv $DESTDIR/usr/local/share/man/man1/* $TMPDIR-doc/usr/local/share/man/man1 mv $DESTDIR/usr/local/share/man/man5/* $TMPDIR-doc/usr/local/share/man/man5 mv $DESTDIR/usr/local/share/man/man8/* $TMPDIR-doc/usr/local/share/man/man8 mv $DESTDIR/usr/local/share/$EXTNAM/templates/config/ $TMPDIR-doc/usr/local/share/$EXTNAM/templates/ ################################################### # Create info file # ################################################### if [ $ARCH == "i686" ] then cat < /tmp/${EXTNAM}/${EXTNAM}-doc.tcz.info Title: ${EXTNAM}-doc.tcz Description: ${DOCDESCRIPTION} Version: ${VERSION} Author: ${AUTHORS} Original-site: ${HOMEPAGE} Copying-policy: ${LICENSE} Size: ${size} Extension_by: ${ME} Tags: ${DOCTAGS} Comments: StrongSwan is an OpenSource IPsec implementation. strongSwan originally was designed for Linux, but has since been ported to Android, FreeBSD, Mac OS X, Windows and other platforms. The focus of strongSwan is on: 'simplicity of configuration strong encryption and authentication methods powerful IPsec policies supporting large and complex VPN networks modular design with great expandability Configuration templates are located in ${EXTNAM}-doc.tcz. (/usr/local/share/strongswan/templates/config/) Change-log: 2018/06/27 First Version, 5.6.3 2022/02/24 Updated version, 5.9.5 ${TODAY} Updated version, $VERSION Current: ${TODAY} Updated version, $VERSION EOF elif [ $ARCH == "x86_64" ] then cat < /tmp/${EXTNAM}/${EXTNAM}-doc.tcz.info Title: ${EXTNAM}-doc.tcz Description: ${DOCDESCRIPTION} Version: ${VERSION} Author: ${AUTHORS} Original-site: ${HOMEPAGE} Copying-policy: ${LICENSE} Size: ${size} Extension_by: ${ME} Tags: ${DOCTAGS} Comments: StrongSwan is an OpenSource IPsec implementation. strongSwan originally was designed for Linux, but has since been ported to Android, FreeBSD, Mac OS X, Windows and other platforms. The focus of strongSwan is on: 'simplicity of configuration strong encryption and authentication methods powerful IPsec policies supporting large and complex VPN networks modular design with great expandability Configuration templates are located in ${EXTNAM}-doc.tcz. (/usr/local/share/strongswan/templates/config/) Change-log: ${TODAY} First Version, $VERSION Current: ${TODAY} First Version, $VERSION EOF fi ################################################### # Create info file # ################################################### if [ $ARCH == "i686" ] then cat < /tmp/$EXTNAM/${EXTNAM}-dev.tcz.info Title: ${EXTNAM}-dev.tcz Description: ${DEVDESCRIPTION} Version: ${VERSION} Author: ${AUTHORS} Original-site: ${HOMEPAGE} Copying-policy: ${LICENSE} Size: ${size} Extension_by: ${ME} Tags: ${DEVTAGS} Comments: StrongSwan is an OpenSource IPsec implementation. strongSwan originally was designed for Linux, but has since been ported to Android, FreeBSD, Mac OS X, Windows and other platforms. The focus of strongSwan is on: 'simplicity of configuration strong encryption and authentication methods powerful IPsec policies supporting large and complex VPN networks modular design with great expandability Change-log: 2018/06/27 First Version, 5.6.3 2022/02/24 Updated version, 5.9.5 ${TODAY} Updated version, $VERSION Current: ${TODAY} Updated version, $VERSION EOF elif [ $ARCH == "x86_64" ] then cat < /tmp/$EXTNAM/${EXTNAM}-dev.tcz.info Title: ${EXTNAM}-dev.tcz Description: ${DEVDESCRIPTION} Version: ${VERSION} Author: ${AUTHORS} Original-site: ${HOMEPAGE} Copying-policy: ${LICENSE} Size: ${size} Extension_by: ${ME} Tags: ${DEVTAGS} Comments: StrongSwan is an OpenSource IPsec implementation. strongSwan originally was designed for Linux, but has since been ported to Android, FreeBSD, Mac OS X, Windows and other platforms. The focus of strongSwan is on: 'simplicity of configuration strong encryption and authentication methods powerful IPsec policies supporting large and complex VPN networks modular design with great expandability Change-log: ${TODAY} First Version, $VERSION Current: ${TODAY} First Version, $VERSION EOF fi mkdir -p $TMPDIR-dev/usr/local/lib/ipsec/plugins mv $DESTDIR/usr/local/lib/ipsec/*.la $TMPDIR-dev/usr/local/lib/ipsec/ mv $DESTDIR/usr/local/lib/ipsec/plugins/*.la $TMPDIR-dev/usr/local/lib/ipsec/plugins/ ################################################### # Create .dep file # ################################################### cat < /tmp/$EXTNAM/${EXTNAM}-dev.tcz.dep ipv6-netfilter-KERNEL.tcz iptables.tcz ${EXTNAM}.tcz EOF ################################################### # Create base extension in temp dir # ################################################### cd $TMPDIR find $TMPDIR -perm 777 -exec chmod 755 {} \; find $TMPDIR -perm 555 -exec chmod 755 {} \; find $TMPDIR -perm 444 -exec chmod 644 {} \; find $TMPDIR -perm 666 -exec chmod 644 {} \; find $TMPDIR -perm 664 -exec chmod 644 {} \; sudo chown -R root:root $TMPDIR # --no-fix required for submitqc sudo chown -R tc:staff $TMPDIR/usr/local/etc/$EXTNAM sudo chown -R root:staff $TMPDIR/usr/local/tce.installed sudo chmod -R 775 $TMPDIR/usr/local/tce.installed cd .. mksquashfs $TMPDIR $EXTNAM.tcz cd $TMPDIR sudo sh -c "find usr -not -type d > $EXTNAM.tcz.list" sudo mv ../$EXTNAM.tcz* . #sudo mv /tmp/${EXTNAM}/${EXTNAM}.tcz.info . # Create md5 file sudo sh -c "md5sum $EXTNAM.tcz > $EXTNAM.tcz.md5.txt" # Cleanup temp directory sudo rm -r -f usr ################################################### # Create doc extension in temp dir # ################################################### cd $TMPDIR-doc find $TMPDIR-doc -perm 777 -exec chmod 755 {} \; find $TMPDIR-doc -perm 555 -exec chmod 755 {} \; find $TMPDIR-doc -perm 444 -exec chmod 644 {} \; find $TMPDIR-doc -perm 666 -exec chmod 644 {} \; find $TMPDIR-doc -perm 664 -exec chmod 644 {} \; sudo chown -R root:root $TMPDIR-doc cd .. mksquashfs $TMPDIR-doc $EXTNAM-doc.tcz cd $TMPDIR-doc sudo sh -c "find usr -not -type d > $EXTNAM-doc.tcz.list" sudo mv ../$EXTNAM-doc.tcz* . #sudo mv /tmp/${EXTNAM}/${EXTNAM}-doc.tcz.info . # Create md5 file sudo sh -c "md5sum $EXTNAM-doc.tcz > $EXTNAM-doc.tcz.md5.txt" # Cleanup temp directory sudo rm -r -f usr ################################################### # Create dev extension in temp dir # ################################################### cd $TMPDIR-dev find $TMPDIR-dev -perm 777 -exec chmod 755 {} \; find $TMPDIR-dev -perm 555 -exec chmod 755 {} \; find $TMPDIR-dev -perm 444 -exec chmod 644 {} \; find $TMPDIR-dev -perm 666 -exec chmod 644 {} \; find $TMPDIR-dev -perm 664 -exec chmod 644 {} \; sudo chown -R root:root $TMPDIR-dev cd .. mksquashfs $TMPDIR-dev $EXTNAM-dev.tcz cd $TMPDIR-dev sudo sh -c "find usr -not -type d > $EXTNAM-dev.tcz.list" sudo mv ../$EXTNAM-dev.tcz* . #sudo mv /tmp/${EXTNAM}/${EXTNAM}-dev.tcz.info . # Create md5 file sudo sh -c "md5sum $EXTNAM-dev.tcz > $EXTNAM-dev.tcz.md5.txt" # Cleanup temp directory sudo rm -r -f usr