strongswan-5.5.1-5: rebuild

1 files changed, 20 insertions, 7 deletions

diff --git a/pcr/strongswan/PKGBUILD b/pcr/strongswan/PKGBUILD
index a9483eef1..efd322184 100644
--- a/pcr/strongswan/PKGBUILD
+++ b/pcr/strongswan/PKGBUILD
@@ -1,3 +1,5 @@
+# PLEASE READ THE COMMENTS ON THE AUR AND READ THE WIKI ARTICLE ABOUT BUILDING PACKAGES
+# BEFORE SENDING MAIL!
 ## Contributor (Arch): nikicat <develniks at gmail dot com>
 # Contributor (Arch): danilo <gezuru at gmail dot com>
 # Contributor (Arch): Jason Begley <jayray at digitalgoat dot com>
@@ -11,7 +13,7 @@
 
 pkgname=strongswan
 pkgver=5.5.1
-pkgrel=1
+pkgrel=5
 pkgdesc="open source IPsec implementation"
 url='http://www.strongswan.org'
 license=("GPL")
@@ -27,24 +29,32 @@ backup=(
     etc/swanctl/swanctl.conf
     etc/strongswan.conf
     etc/strongswan.d/{charon-logging.conf,charon.conf,pki.conf,pool.conf,scepclient.conf,starter.conf,swanctl.conf}
-    etc/strongswan.d/charon/{aesni.conf,attr-sql.conf,attr.conf,cmac.conf,connmark.conf,\
+    etc/strongswan.d/charon/{aesni.conf,attr-sql.conf,attr.conf,bliss.conf,chapoly.conf,cmac.conf,connmark.conf,\
 constraints.conf,curl.conf,des.conf,dhcp.conf,dnskey.conf,eap-aka-3gpp2.conf,eap-aka.conf,\
 eap-gtc.conf,eap-identity.conf,eap-md5.conf,eap-mschapv2.conf,eap-radius.conf,eap-sim-file.conf,\
 eap-sim.conf,eap-simaka-pseudonym.conf,eap-simaka-reauth.conf,eap-tls.conf,ext-auth.conf,farp.conf,\
-fips-prf.conf,forecast.conf,gmp.conf,ha.conf,hmac.conf,kernel-netlink.conf,md5.conf,nonce.conf,openssl.conf,\
+fips-prf.conf,forecast.conf,gmp.conf,ha.conf,hmac.conf,kernel-netlink.conf,md5.conf,mgf1.conf,nonce.conf,newhope.conf,ntru.conf,openssl.conf,\
 pem.conf,pgp.conf,pkcs1.conf,pkcs12.conf,pkcs7.conf,pkcs8.conf,pubkey.conf,random.conf,rc2.conf,resolve.conf,\
-revocation.conf,sha1.conf,sha2.conf,socket-default.conf,sql.conf,sqlite.conf,sshkey.conf,stroke.conf,updown.conf,\
-vici.conf,x509.conf,xauth-eap.conf,xauth-generic.conf,xcbc.conf,chapoly.conf,unity.conf}
+revocation.conf,sha1.conf,sha2.conf,sha3.conf,socket-default.conf,sql.conf,sqlite.conf,sshkey.conf,stroke.conf,updown.conf,\
+vici.conf,x509.conf,xauth-eap.conf,xauth-generic.conf,xcbc.conf,unity.conf}
 )
 
 source=("https://download.strongswan.org/strongswan-${pkgver}.tar.bz2"
+    "https://download.strongswan.org/strongswan-${pkgver}.tar.bz2.sig"
     "configure_ac.patch"
+    "2222-charon-systemd-sighup.patch"
+    "2238-eap-dynamic-auth.patch"
     )
 
+validpgpkeys=("948F158A4E76A27BF3D07532DF42C170B34DBA77")
+
 # md5 is broken. We use sha256 now. Alternatively, we could check the signature of the file, but that
 # doesn't yield any more security and just increases the work users initially have to invest.
 sha256sums=('720b301991f77bdedd8d551a956f52e2d11686a0ec18e832094f86cf2b842ab7'
-            '003750d77fa501075f1fdb6f55926dc544407c5dd26e2fd8d5eb4917ddf0b3f7')
+            'SKIP'
+            '003750d77fa501075f1fdb6f55926dc544407c5dd26e2fd8d5eb4917ddf0b3f7'
+            'SKIP'
+            'SKIP')
             
 # We don't build libipsec because it would get loaded before kernel-netlink and netkey, which
 # would case processing to be handled in user space. Also, the plugin is experimental. If you need it,
@@ -53,6 +63,8 @@ prepare()
 {
     cd "${srcdir}/${pkgname}-${pkgver}"
     patch -p1 -l < "${srcdir}/configure_ac.patch"
+    patch -p1 -l < "${srcdir}/2222-charon-systemd-sighup.patch"
+    patch -p1 -l < "${srcdir}/2238-eap-dynamic-auth.patch"
     autoreconf
 }
 
@@ -76,7 +88,8 @@ build() {
         --disable-mysql --disable-ldap --enable-cmd --enable-forecast --enable-connmark \
         --enable-aesni --enable-eap-ttls --enable-radattr --enable-xauth-pam --enable-xauth-noauth \
         --enable-eap-dynamic --enable-eap-peap --enable-eap-tls --enable-chapoly --enable-unity \
-        --with-capabilities=libcap
+        --with-capabilities=libcap --enable-newhope --enable-ntru --enable-mgf1 --enable-sha3 \
+        --enable-bliss
 # if you want networkmanager support, add --enable-nm
 #       --enable-ruby-gems --enable-python-eggs
   make