Project

General

Profile

Building the strongSwan VPN Client for Android

This describes how to build the strongSwan VPN Client for Android.

Architecture Overview

The App consists of a Java part, the native strongSwan libraries (libstrongswan, libcharon etc.) and a library to glue these two parts together. The Java part and the libraries communicate by means of the Java Native Interface (JNI). Since the App has no access to the IPsec stack provided by the Linux kernel, a userland IPsec implementation is provided by the libipsec library.

Building the App

The code for the App can be found in the source:src/frontends/android directory of our repository. To build it the Android SDK and NDK are required. The steps needed to set up a build environment for Android Apps can be found in the documentation provided by Google, so these won't be replicated here.

Building with Android Studio/Gradle

This is the default since around 5.3.4. See below for the classic build instructions.

Requirements

The strongswan Sources

Since 1bd213db79 (version 1.6.0 of the app) the default is to use the strongSwan sources of the current Git tree.

They have to be prepared properly first, otherwise the build will fail. In the root of the strongSwan sources run the following to create the required files. Building from the Git repository like this has some external dependencies, see source:HACKING for details.

 ./autogen.sh && ./configure && make dist
This creates several pre-built source files, the tarball that is also created can be deleted afterwards.

It is also possible to use the sources from a different directory (e.g. an extracted tarball) by setting strongswan_DIR in src/frontends/android/app/src/main/jni/Android.mk.

The openssl Directory

The BoringSSL or OpenSSL sources are expected in the src/frontends/android/app/src/main/jni/openssl directory.
To build the sources within the Android NDK they have to be specially prepared. The easiest way to get these sources
is to check them out directly from our Git server (similar for OpenSSL, but the code in our repository is currently too old
and Google will reject apps built with it in the Play store):

 git clone git://git.strongswan.org/android-ndk-boringssl.git -b ndk-static openssl

Building the App

The directory src/frontends/android can directly be opened as existing project in Android Studio. The initial build will fail if the NDK directory is not known. In that case set it via File - Project Structure... or manually in local.properties (ndk.dir=/path/to/ndk). Afterwards the build should complete successfully.

Building with Eclipse and the ADT plugin

Below are the legacy build instructions when using Eclipse with the ADT plugin (was changed to Gradle around 5.3.4, see above).

Requirements

Several subdirectories of the src/frontends/android/jni directory have to be prepared properly in oder to build the native parts successfully.

The strongswan Directory

This can be a symlink to the root of the Git repository, i.e. use something like this to create it:

 ln -s ../../../../ jni/strongswan

The sources in the repository have to prepared properly, otherwise the build will fail. In the root of the strongSwan sources run the following to create the required files. Building from the Git repository like this has some external dependencies, see source:HACKING for details.

 ./autogen.sh && ./configure && make dist
This creates several pre-built source files, the tarball that is also created can be deleted afterwards.

The openssl Directory

This directory contains the sources for a version of OpenSSL specially prepared for the build within the Android NDK.
The easiest way to get these sources is to check it out directly from our Git server:

 git clone git://git.strongswan.org/android-ndk-openssl.git -b ndk-static jni/openssl

When compiling sources before April 2014 (8064764) the ndk branch is required as libcrypto was not yet linked statically.

The vstr Directory

The Vstr string library is not needed anymore since 20c99eda.

To build the Vstr string library the attached build script (vstr_arch.build) and patch (vstr.patch) are required. An Android Makefile is already in place in the jni/vstr directory.

Note: Before 29d93e24 the build script vstr.build has to be used instead to build the library for the ARM architecture only.

Download the two helper files to an appropriate working directory (outside of the strongSwan sources) and then download and extract the tarball for the Vstr library.

 wget http://download.strongswan.org/vstr-1.0.15.tar.bz2
 tar xjf vstr-1.0.15.tar.bz2

Adjust the variables in the build script (NDK_ROOT and INSTALLDIR). Both should be specified as absolute paths.
Then build and install the library using

 cd vstr-1.0.15
 patch -p1 < ../vstr.patch
 . ../vstr_arch.build

Building the Native Parts

When everything is ready in the jni directory the native libraries can be built with the following
command (either from the src/frontends/android or jni directory):

 /path/to/ndk/root/ndk-build

Building the App

To build the App a new project has to be created in Eclipse (New -> Project -> Android Project from Existing Code). If a symlink is used for the jni/strongswan directory it takes a while for the ADT plugin to load the available projects after src/frontends/android has been selected. That's because it will recursively traverse into the strongswan directory, so either remove the symlink before creating the project or wait and just deselect every found project but the first one.

The App will then be built automatically (or can be built via Project -> Build Project). If anything is changed in the native parts, ndk-build can be used to rebuild them. It is recommended that Project -> Clean... is used in Eclipse afterwards to force it to load the new libraries and rebuild the App.

vstr.patch View - Patch for the Vstr string library (1.4 KB) Tobias Brunner, 06.09.2012 12:25

vstr.build - Build script for the Vstr string library (2.22 KB) Tobias Brunner, 09.10.2012 11:53

vstr_arch.build - Build script (for multiple architectures) for the Vstr string library (3.12 KB) Tobias Brunner, 13.07.2013 09:39