require 'formula' class Strongswan < Formula homepage 'http://www.strongswan.org' url 'http://download.strongswan.org/strongswan-5.2.1.tar.bz2' sha1 '3035fc0c38e0698b0d85a94dbc25944abd2a8722' bottle do sha1 "ebcf0937245258aede64c79278f96f2bd9b50756" => :yosemite sha1 "1e35a8281bfb5c3341fb9bb004a79f141f88eedb" => :mavericks sha1 "38635c861ee0e8e8ac5638734e58b9415256d378" => :mountain_lion end option 'with-curl', 'Build with libcurl based fetcher' option 'with-suite-b', 'Build with Suite B support (does not use the IPsec implementation provided by the kernel)' depends_on 'openssl' if build.with? "suite-b" or MacOS.version <= :leopard depends_on 'curl' => :optional def install args = %W[ --disable-dependency-tracking --prefix=#{prefix} --sbindir=#{bin} --sysconfdir=#{etc} --disable-defaults --enable-charon --enable-cmd --enable-constraints --enable-eap-identity --enable-eap-md5 --enable-eap-gtc --enable-eap-mschapv2 --enable-ikev1 --enable-ikev2 --enable-kernel-pfroute --enable-nonce --enable-openssl --enable-osx-attr --enable-pem --enable-pgp --enable-pkcs1 --enable-pkcs8 --enable-pki --enable-pubkey --enable-revocation --enable-scepclient --enable-socket-default --enable-sshkey --enable-stroke --enable-swanctl --enable-updown --enable-unity --enable-xauth-generic ] args << "--enable-curl" if build.with? 'curl' args << "--enable-kernel-pfkey" if build.without? 'suite-b' args << "--enable-kernel-libipsec" if build.with? 'suite-b' system "./configure", *args system "make", "install" end def caveats msg = <<-EOS.undent strongSwan's configuration files are placed in: #{etc} You will have to run both 'ipsec' and 'charon-cmd' with 'sudo'. EOS if build.with? 'suite-b' msg += <<-EOS.undent If you previously ran strongSwan without Suite B support it might be required to execute 'sudo sysctl -w net.inet.ipsec.esp_port=0' in order to receive packets. EOS end return msg end end