Building the strongSwan VPN Client for Android

This describes how to build the strongSwan VPN Client for Android.

Architecture Overview

The App consists of a Java part, the native strongSwan libraries (libstrongswan, libcharon, etc.) and the libandroidbridge library to glue these two parts together. The Java part and the libraries communicate by means of the Java Native Interface (JNI). Since the App has no access to the IPsec stack provided by the Linux kernel, a userland IPsec implementation is provided by the libipsec library.

Building with Android Studio/Gradle

The code for the App can be found in the src/frontends/android directory of the strongSwan repository. To build it the Android SDK and NDK are required. The steps needed to set up a build environment for Android Apps can be found in the documentation provided by Google, so these won’t be replicated here.

Building with Android Studio/Gradle is the default since around version 5.3.4. Instructions to build via Eclipse/ADT are not provided anymore.

Requirements

The strongSwan Sources

Since commit 1bd213db79 of the strongSwan repository and version 1.6.0 of the app, the default is to use the strongSwan sources of the current Git tree.

They have to be prepared properly first, otherwise the build will fail. In the root of the strongSwan sources run the following to create the required files. Building from the Git repository like this has some external dependencies, see HACKING for details.

./autogen.sh && ./configure && make dist

This creates several pre-built source files, the tarball that is also created can be deleted afterwards.

It is also possible to use the sources from a different directory (e.g. an extracted tarball) by setting strongswan_DIR in Android.mk.

The openssl Directory

The BoringSSL or OpenSSL sources are expected in the src/frontends/android/app/src/main/jni/openssl directory. To build the sources within the Android NDK they have to be specially prepared. The easiest way to get these sources is to check them out directly from our Git server (similar for OpenSSL, but the code in our repository is currently too old and Google will reject apps built with it in the Play store):

git clone https://github.com/strongswan/boringssl.git -b ndk-static openssl

Building the App

The src/frontends/android directory can directly be opened as an existing project in Android Studio. The initial build will fail if the NDK directory is not known. In that case set it via File → Project Structure…​ or manually in local.properties (ndk.dir=/path/to/ndk). Afterwards the build should complete successfully.

Building via ./gradlew build is also possible.