Building the strongSwan VPN Client for Android
The App consists of a Java part, the native strongSwan libraries (
libcharon, etc.) and the
libandroidbridge library to glue these two parts
together. The Java part and the libraries communicate by means of the Java Native
Interface (JNI). Since the App has no access to the IPsec stack provided by the
Linux kernel, a userland IPsec implementation is provided by the
The code for the App can be found in the
src/frontends/android directory of the strongSwan
repository. To build it the Android SDK and NDK are required. The steps
needed to set up a build environment for Android Apps can be found in the
documentation provided by Google, so these won’t be replicated here.
Building with Android Studio/Gradle is the default since around version 5.3.4. Instructions to build via Eclipse/ADT are not provided anymore.
They have to be prepared properly first, otherwise the build will fail. In the root
of the strongSwan sources run the following to create the required files. Building
from the Git repository like this has some external dependencies, see
HACKING for details.
./autogen.sh && ./configure && make dist
This creates several pre-built source files, the tarball that is also created can be deleted afterwards.
It is also possible to use the sources from a different directory (e.g. an extracted
tarball) by setting
The BoringSSL or OpenSSL sources are expected in the
To build the sources within the Android NDK they have to be specially prepared.
The easiest way to get these sources is to check them out directly from our Git
server (similar for OpenSSL, but the code in our repository is currently too old
and Google will reject apps built with it in the Play store):
git clone https://github.com/strongswan/boringssl.git -b ndk-static openssl
src/frontends/android directory can directly be opened
as an existing project in Android Studio. The initial build will fail if the NDK
directory is not known. In that case set it via
File → Project Structure… or
ndk.dir=/path/to/ndk). Afterwards the build
should complete successfully.
./gradlew build is also possible.