projects / feed / packages.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge pull request #19372 from cotequeiroz/libgd
[feed/packages.git] / net / strongswan / Makefile
1 #
2 # Copyright (C) 2012-2018 OpenWrt.org
3 #
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
6 #
7
8 include $(TOPDIR)/rules.mk
9
10 PKG_NAME:=strongswan
11 PKG_VERSION:=5.9.7
12 PKG_RELEASE:=$(AUTORELEASE).1
13
14 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
15 PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/
16 PKG_HASH:=9e64a2ba62efeac81abff1d962522404ebc6ed6c0d352a23ab7c0b2c639e3fcf
17 PKG_LICENSE:=GPL-2.0-or-later
18 PKG_MAINTAINER:=Philip Prindeville <philipp@redfish-solutions.com>, Noel Kuntze <noel.kuntze@thermi.consulting>
19 PKG_CPE_ID:=cpe:/a:strongswan:strongswan
20
21 PKG_MOD_AVAILABLE:= \
22 addrblock \
23 aes \
24 af-alg \
25 agent \
26 attr \
27 attr-sql \
28 bliss \
29 blowfish \
30 ccm \
31 chapoly \
32 cmac \
33 constraints \
34 connmark \
35 coupling \
36 ctr \
37 curl \
38 curve25519 \
39 des \
40 dhcp \
41 dnskey \
42 duplicheck \
43 eap-identity \
44 eap-md5 \
45 eap-mschapv2 \
46 eap-radius \
47 eap-tls \
48 farp \
49 fips-prf \
50 forecast \
51 gcm \
52 gcrypt \
53 gmp \
54 gmpdh \
55 ha \
56 hmac \
57 kernel-libipsec \
58 kernel-netlink \
59 ldap \
60 led \
61 load-tester \
62 nonce \
63 md4 \
64 md5 \
65 mgf1 \
66 mysql \
67 newhope \
68 ntru \
69 openssl \
70 pem \
71 pgp \
72 pkcs1 \
73 pkcs7 \
74 pkcs8 \
75 pkcs11 \
76 pkcs12 \
77 pubkey \
78 random \
79 rc2 \
80 resolve \
81 revocation \
82 sha1 \
83 sha2 \
84 sha3 \
85 smp \
86 socket-default \
87 socket-dynamic \
88 sql \
89 sqlite \
90 sshkey \
91 stroke \
92 test-vectors \
93 unity \
94 uci \
95 updown \
96 vici \
97 whitelist \
98 wolfssl \
99 x509 \
100 xauth-eap \
101 xauth-generic \
102 xcbc
103
104 PKG_CONFIG_DEPENDS:= \
105 CONFIG_STRONGSWAN_ROUTING_TABLE \
106 CONFIG_STRONGSWAN_ROUTING_TABLE_PRIO \
107 $(patsubst %,CONFIG_PACKAGE_strongswan-mod-%,$(PKG_MOD_AVAILABLE)) \
108
109 PKG_FIXUP:=autoreconf
110 PKG_INSTALL:=1
111 PKG_BUILD_PARALLEL:=1
112
113 include $(INCLUDE_DIR)/package.mk
114 # strongswan-mod-mysql needs iconv
115 include $(INCLUDE_DIR)/nls.mk
116
117 define Package/strongswan/Default
118 SUBMENU:=VPN
119 SECTION:=net
120 CATEGORY:=Network
121 TITLE:=StrongSwan
122 URL:=http://www.strongswan.org/
123 endef
124
125 define Package/strongswan/description/Default
126 StrongSwan is an OpenSource IPsec implementation for the Linux operating system.
127 endef
128
129 define Package/strongswan
130 $(call Package/strongswan/Default)
131 MENU:=1
132 DEPENDS:= +libpthread +ip \
133 +kmod-crypto-authenc \
134 +kmod-ipsec +kmod-ipsec4 +IPV6:kmod-ipsec6
135 endef
136
137 define Package/strongswan/config
138 source "$(SOURCE)/Config.in"
139 endef
140
141 define Package/strongswan/description
142 $(call Package/strongswan/description/Default)
143 This package contains shared libraries and scripts.
144 endef
145
146 define Package/strongswan-full
147 $(call Package/strongswan/Default)
148 TITLE+= (full)
149 DEPENDS:= strongswan \
150 +strongswan-charon \
151 +strongswan-charon-cmd \
152 +strongswan-ipsec \
153 +strongswan-libnttfft \
154 +strongswan-mod-addrblock \
155 +strongswan-mod-aes \
156 +strongswan-mod-af-alg \
157 +strongswan-mod-agent \
158 +strongswan-mod-attr \
159 +strongswan-mod-attr-sql \
160 +strongswan-mod-bliss \
161 +strongswan-mod-blowfish \
162 +strongswan-mod-ccm \
163 +strongswan-mod-chapoly \
164 +strongswan-mod-cmac \
165 +strongswan-mod-constraints \
166 +strongswan-mod-connmark \
167 +strongswan-mod-coupling \
168 +strongswan-mod-ctr \
169 +strongswan-mod-curl \
170 +strongswan-mod-curve25519 \
171 +strongswan-mod-des \
172 +strongswan-mod-dhcp \
173 +strongswan-mod-dnskey \
174 +strongswan-mod-drbg \
175 +strongswan-mod-duplicheck \
176 +strongswan-mod-eap-identity \
177 +strongswan-mod-eap-md5 \
178 +strongswan-mod-eap-mschapv2 \
179 +strongswan-mod-eap-radius \
180 +strongswan-mod-eap-tls \
181 +strongswan-mod-farp \
182 +strongswan-mod-fips-prf \
183 +strongswan-mod-forecast \
184 +strongswan-mod-gcm \
185 +strongswan-mod-gcrypt \
186 +strongswan-mod-gmp \
187 +strongswan-mod-ha \
188 +strongswan-mod-hmac \
189 +strongswan-mod-kdf \
190 +strongswan-mod-kernel-netlink \
191 +strongswan-mod-ldap \
192 +strongswan-mod-led \
193 +strongswan-mod-load-tester \
194 +strongswan-mod-nonce \
195 +strongswan-mod-md4 \
196 +strongswan-mod-md5 \
197 +strongswan-mod-mgf1 \
198 +strongswan-mod-mysql \
199 +strongswan-mod-newhope \
200 +strongswan-mod-ntru \
201 +strongswan-mod-openssl \
202 +strongswan-mod-pem \
203 +strongswan-mod-pgp \
204 +strongswan-mod-pkcs1 \
205 +strongswan-mod-pkcs7 \
206 +strongswan-mod-pkcs8 \
207 +strongswan-mod-pkcs11 \
208 +strongswan-mod-pkcs12 \
209 +strongswan-mod-pubkey \
210 +strongswan-mod-random \
211 +strongswan-mod-rc2 \
212 +strongswan-mod-resolve \
213 +strongswan-mod-revocation \
214 +strongswan-mod-sha1 \
215 +strongswan-mod-sha2 \
216 +strongswan-mod-sha3 \
217 +strongswan-mod-smp \
218 +strongswan-mod-socket-default \
219 +strongswan-mod-sql \
220 +strongswan-mod-sqlite \
221 +strongswan-mod-sshkey \
222 +strongswan-mod-stroke \
223 +strongswan-mod-test-vectors \
224 +strongswan-mod-uci \
225 +strongswan-mod-unity \
226 +strongswan-mod-updown \
227 +strongswan-mod-vici \
228 +strongswan-mod-whitelist \
229 +strongswan-mod-wolfssl \
230 +strongswan-mod-x509 \
231 +strongswan-mod-xauth-eap \
232 +strongswan-mod-xauth-generic \
233 +strongswan-mod-xcbc \
234 +strongswan-pki \
235 +strongswan-scepclient \
236 +strongswan-swanctl \
237 @DEVEL
238 endef
239
240 define Package/strongswan-full/description
241 $(call Package/strongswan/description/Default)
242 This meta-package contains dependencies for all of the strongswan plugins
243 except kernel-libipsec,
244 socket-dynamic and which are omitted in favor of the kernel-netlink and
245 socket-default plugins.
246 endef
247
248
249 define Package/strongswan-default
250 $(call Package/strongswan/Default)
251 TITLE+= (default)
252 DEPENDS:= strongswan \
253 +strongswan-charon \
254 +strongswan-mod-aes \
255 +strongswan-mod-attr \
256 +strongswan-mod-connmark \
257 +strongswan-mod-constraints \
258 +strongswan-mod-des \
259 +strongswan-mod-dnskey \
260 +strongswan-mod-fips-prf \
261 +strongswan-mod-gmp \
262 +strongswan-mod-hmac \
263 @(PACKAGE_strongswan-mod-kdf||PACKAGE_strongswan-mod-openssl||PACKAGE_strongswan-mod-wolfssl) \
264 +strongswan-mod-kernel-netlink \
265 +strongswan-mod-md5 \
266 +strongswan-mod-mgf1 \
267 +strongswan-mod-nonce \
268 +strongswan-mod-pem \
269 +strongswan-mod-pgp \
270 +strongswan-mod-pkcs1 \
271 +strongswan-mod-pubkey \
272 +strongswan-mod-random \
273 +strongswan-mod-rc2 \
274 +strongswan-mod-resolve \
275 +strongswan-mod-revocation \
276 +strongswan-mod-sha1 \
277 +strongswan-mod-sha2 \
278 +strongswan-mod-socket-default \
279 +strongswan-mod-sshkey \
280 +strongswan-mod-updown \
281 +strongswan-mod-x509 \
282 +strongswan-mod-xauth-generic \
283 +strongswan-mod-xcbc \
284 +strongswan-swanctl
285 endef
286
287 define Package/strongswan-default/description
288 $(call Package/strongswan/description/Default)
289 This meta-package contains only dependencies to match upstream defaults.
290 endef
291
292
293 define Package/strongswan-isakmp
294 $(call Package/strongswan/Default)
295 TITLE+= (isakmp)
296 DEPENDS:= strongswan \
297 +strongswan-charon \
298 +strongswan-ipsec \
299 +strongswan-mod-aes \
300 +strongswan-mod-des \
301 +strongswan-mod-gmpdh \
302 +strongswan-mod-hmac \
303 @(PACKAGE_strongswan-mod-kdf||PACKAGE_strongswan-mod-openssl||PACKAGE_strongswan-mod-wolfssl) \
304 +strongswan-mod-kernel-netlink \
305 +strongswan-mod-md5 \
306 +strongswan-mod-mgf1 \
307 +strongswan-mod-nonce \
308 +strongswan-mod-pubkey \
309 +strongswan-mod-random \
310 +strongswan-mod-sha1 \
311 +strongswan-mod-socket-default \
312 +strongswan-mod-stroke \
313 +strongswan-mod-uci \
314 +strongswan-mod-updown
315 endef
316
317 define Package/strongswan-isakmp/description
318 $(call Package/strongswan/description/Default)
319 This meta-package contains only dependencies to establish ISAKMP /
320 IKE PSK connections, dropping other capabilities in favor of small size
321 Can fit most routers even with 4Mb flash (after removing IPv6 support).
322 endef
323
324
325 define Package/strongswan-minimal
326 $(call Package/strongswan/Default)
327 TITLE+= (minimal)
328 DEPENDS:= strongswan \
329 +strongswan-charon \
330 +strongswan-mod-aes \
331 +strongswan-mod-gmp \
332 +strongswan-mod-hmac \
333 @(PACKAGE_strongswan-mod-kdf||PACKAGE_strongswan-mod-openssl||PACKAGE_strongswan-mod-wolfssl) \
334 +strongswan-mod-kernel-netlink \
335 +strongswan-mod-mgf1 \
336 +strongswan-mod-nonce \
337 +strongswan-mod-pubkey \
338 +strongswan-mod-random \
339 +strongswan-mod-sha1 \
340 +strongswan-mod-socket-default \
341 +strongswan-mod-stroke \
342 +strongswan-mod-updown \
343 +strongswan-mod-x509 \
344 +strongswan-mod-xcbc
345 endef
346
347 define Package/strongswan-minimal/description
348 $(call Package/strongswan/description/Default)
349 This meta-package contains only dependencies for a minimal IKEv2 setup.
350 endef
351
352 define Package/strongswan-charon
353 $(call Package/strongswan/Default)
354 TITLE+= IKEv1/IKEv2 keying daemon
355 DEPENDS:= strongswan
356 endef
357
358 define Package/strongswan-charon/description
359 $(call Package/strongswan/description/Default)
360 This package contains charon, an IKEv2 keying daemon.
361 endef
362
363 define Package/strongswan-charon-cmd
364 $(call Package/strongswan/Default)
365 TITLE+= charon-cmd utility
366 DEPENDS:= strongswan +strongswan-charon
367 endef
368
369 define Package/strongswan-charon-cmd/description
370 $(call Package/strongswan/description/Default)
371 This package contains the charon-cmd utility.
372 endef
373
374 define Package/strongswan-ipsec
375 $(call Package/strongswan/Default)
376 TITLE+= utilities
377 DEPENDS:= strongswan
378 endef
379
380 define Package/strongswan-ipsec/description
381 $(call Package/strongswan/description/Default)
382 This package contains the ipsec utility.
383 endef
384
385 define Package/strongswan-libnttfft
386 $(call Package/strongswan/Default)
387 TITLE+= nttfft library
388 DEPENDS:= strongswan
389 endef
390
391 define Package/strongswan-libnttfft/description
392 $(call Package/strongswan/description/Default)
393 This package contains the Number Theoretic Transforms library.
394 endef
395
396 define Package/strongswan-pki
397 $(call Package/strongswan/Default)
398 TITLE+= PKI tool
399 DEPENDS:= strongswan
400 endef
401
402 define Package/strongswan-pki/description
403 $(call Package/strongswan/description/Default)
404 This package contains the pki tool.
405 endef
406
407 define Package/strongswan-scepclient
408 $(call Package/strongswan/Default)
409 TITLE+= SCEP client
410 DEPENDS:= strongswan
411 endef
412
413 define Package/strongswan-scepclient/description
414 $(call Package/strongswan/description/Default)
415 This package contains the SCEP client.
416 endef
417
418 define Package/strongswan-swanctl
419 $(call Package/strongswan/Default)
420 TITLE+= swanctl utility
421 DEPENDS:= strongswan +strongswan-mod-vici
422 endef
423
424 define Package/strongswan-swanctl/description
425 $(call Package/strongswan/description/Default)
426 This package contains the swanctl utility.
427 endef
428
429 define Package/strongswan-gencerts
430 $(call Package/strongswan/Default)
431 TITLE+= X.509 certificate generation utility
432 DEPENDS:= strongswan +strongswan-pki bash
433 endef
434
435 define Package/strongswan-gencerts/description
436 $(call Package/strongswan/description/Default)
437 This package contains the X.509 certificate generation utility.
438 endef
439
440 define Package/strongswan-libtls
441 $(call Package/strongswan/Default)
442 TITLE+= libtls
443 DEPENDS:= strongswan
444 endef
445
446 define Package/strongswan-libtls/description
447 $(call Package/strongswan/description/Default)
448 This package contains libtls for strongSwan plugins eap-tls, eap-ttls,
449 eap-peap, tnc-tnccs
450 endef
451
452 define BuildPlugin
453 define Package/strongswan-mod-$(1)
454 $$(call Package/strongswan/Default)
455 TITLE:= StrongSwan $(2) plugin
456 DEPENDS:= strongswan $(3)
457 endef
458
459 define Package/strongswan-mod-$(1)/install
460 $(INSTALL_DIR) $$(1)/etc/strongswan.d/charon
461 if [ -f $(PKG_INSTALL_DIR)/etc/strongswan.d/charon/$(1).conf ]; then \
462 $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon/$(1).conf $$(1)/etc/strongswan.d/charon/; fi
463 $(INSTALL_DIR) $$(1)/usr/lib/ipsec/plugins
464 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-$(1).so \
465 $$(1)/usr/lib/ipsec/plugins/
466 $(call Plugin/$(1)/install,$$(1))
467 endef
468
469 $$(eval $$(call BuildPackage,strongswan-mod-$(1)))
470 endef
471
472 CONFIGURE_ARGS+= \
473 --disable-scripts \
474 --disable-static \
475 --disable-fast \
476 --enable-mgf1 \
477 --enable-mediation \
478 --with-systemdsystemunitdir=no \
479 $(if $(CONFIG_PACKAGE_strongswan-charon-cmd),--enable-cmd,--disable-cmd) \
480 $(if $(CONFIG_PACKAGE_strongswan-pki),--enable-pki,--disable-pki) \
481 $(if $(CONFIG_PACKAGE_strongswan-scepclient),--enable-scepclient,--disable-scepclient) \
482 --with-random-device=/dev/random \
483 --with-urandom-device=/dev/urandom \
484 --with-routing-table="$(call qstrip,$(CONFIG_STRONGSWAN_ROUTING_TABLE))" \
485 --with-routing-table-prio="$(call qstrip,$(CONFIG_STRONGSWAN_ROUTING_TABLE_PRIO))" \
486 $(foreach m,$(PKG_MOD_AVAILABLE), \
487 $(if $(CONFIG_PACKAGE_strongswan-mod-$(m)),--enable-$(m),--disable-$(m)) \
488 ) \
489 ac_cv_search___atomic_load=no
490
491 define Package/strongswan/conffiles
492 /etc/strongswan.conf
493 /etc/strongswan.d/
494 endef
495
496 define Package/strongswan/install
497 $(INSTALL_DIR) $(1)/etc
498 $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/strongswan.conf $(1)/etc/
499 echo -e "\ninclude /var/ipsec/strongswan.conf" >> $(1)/etc/strongswan.conf
500 $(INSTALL_DIR) $(1)/usr/lib/ipsec
501 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libstrongswan.so.* $(1)/usr/lib/ipsec/
502 endef
503
504 define Package/strongswan-default/install
505 true
506 endef
507
508 define Package/strongswan-full/install
509 true
510 endef
511
512 define Package/strongswan-isakmp/install
513 true
514 endef
515
516 define Package/strongswan-minimal/install
517 true
518 endef
519
520 define Package/strongswan-charon/install
521 $(INSTALL_DIR) $(1)/etc/strongswan.d
522 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon.conf $(1)/etc/strongswan.d
523 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon-logging.conf $(1)/etc/strongswan.d
524 $(INSTALL_DIR) $(1)/usr/lib/ipsec
525 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/charon $(1)/usr/lib/ipsec/
526 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libcharon.so.* $(1)/usr/lib/ipsec/
527 endef
528
529 define Package/strongswan-charon-cmd/install
530 $(INSTALL_DIR) $(1)/usr/sbin
531 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/charon-cmd $(1)/usr/sbin/
532 endef
533
534 define Package/strongswan-ipsec/conffiles
535 /etc/ipsec.d/
536 /etc/ipsec.conf
537 /etc/ipsec.secrets
538 /etc/ipsec.user
539 endef
540
541 define Package/strongswan-ipsec/install
542 $(INSTALL_DIR) $(1)/etc/ $(1)/usr/sbin
543 $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/ipsec.conf $(1)/etc/
544 echo -e "\ninclude /var/ipsec/ipsec.conf" >> $(1)/etc/ipsec.conf
545 $(INSTALL_CONF) ./files/ipsec.secrets $(1)/etc/
546 echo -e "\ninclude /var/ipsec/ipsec.secrets" >> $(1)/etc/ipsec.secrets
547 $(INSTALL_CONF) ./files/ipsec.user $(1)/etc/
548 $(INSTALL_DIR) $(1)/etc/init.d
549 $(INSTALL_BIN) ./files/ipsec.init $(1)/etc/init.d/ipsec
550 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ipsec $(1)/usr/sbin/
551 endef
552
553 define Package/strongswan-ipsec/postinst
554 #!/bin/sh
555
556 [ -z "$${IPKG_INSTROOT}" ] || exit 0
557
558 opkg list-changed-conffiles | grep -qx /etc/ipsec.conf || {
559 rm -f /etc/ipsec.conf-opkg
560 }
561 endef
562
563 define Package/strongswan-libnttfft/install
564 $(INSTALL_DIR) $(1)/usr/lib/ipsec
565 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libnttfft.so.* $(1)/usr/lib/ipsec/
566 endef
567
568 define Package/strongswan-pki/install
569 $(INSTALL_DIR) $(1)/etc/strongswan.d
570 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/pki.conf $(1)/etc/strongswan.d/
571 $(INSTALL_DIR) $(1)/usr/bin
572 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/pki $(1)/usr/bin/
573 endef
574
575 define Package/strongswan-scepclient/install
576 $(INSTALL_DIR) $(1)/etc/strongswan.d
577 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/scepclient.conf $(1)/etc/strongswan.d/
578 $(INSTALL_DIR) $(1)/usr/lib/ipsec
579 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/scepclient $(1)/usr/lib/ipsec/
580 endef
581
582 define Package/strongswan-swanctl/conffiles
583 /etc/config/ipsec
584 /etc/swanctl/
585 endef
586
587 define Package/strongswan-swanctl/install
588 $(INSTALL_DIR) $(1)/etc/init.d
589 $(INSTALL_DIR) $(1)/etc/swanctl/{bliss,conf.d,ecdsa,pkcs{12,8},private,pubkey,rsa}
590 $(INSTALL_DIR) $(1)/etc/swanctl/x509{,aa,ac,ca,crl,ocsp}
591 $(CP) $(PKG_INSTALL_DIR)/etc/swanctl/swanctl.conf $(1)/etc/swanctl/
592 echo "include /var/swanctl/swanctl.conf" >> $(1)/etc/swanctl/swanctl.conf
593 $(INSTALL_DIR) $(1)/usr/sbin
594 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/swanctl $(1)/usr/sbin/
595 $(INSTALL_BIN) ./files/swanctl.init $(1)/etc/init.d/swanctl
596 endef
597
598 define Package/strongswan-gencerts/install
599 $(INSTALL_DIR) $(1)/usr/bin
600 $(INSTALL_BIN) ./files/gencerts.sh $(1)/usr/bin/gencerts
601 endef
602
603 define Package/strongswan-libtls/install
604 $(INSTALL_DIR) $(1)/usr/lib/ipsec
605 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libtls.so.* $(1)/usr/lib/ipsec/
606 endef
607
608 define Plugin/duplicheck/install
609 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
610 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/duplicheck $(1)/usr/lib/ipsec/
611 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-duplicheck.so $(1)/usr/lib/ipsec/plugins/
612 endef
613
614 define Plugin/eap-radius/install
615 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
616 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libradius.so.* $(1)/usr/lib/ipsec/
617 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-eap-radius.so $(1)/usr/lib/ipsec/plugins/
618 endef
619
620 define Plugin/attr-sql/install
621 $(INSTALL_DIR) $(1)/usr/lib/ipsec
622 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/pool $(1)/usr/lib/ipsec/
623 endef
624
625 define Plugin/stroke/install
626 $(INSTALL_DIR) $(1)/etc/ipsec.d/{aacerts,acerts,cacerts,certs,crls,ocspcerts,private,reqs}
627
628 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
629 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{starter,stroke} $(1)/usr/lib/ipsec/
630 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-stroke.so $(1)/usr/lib/ipsec/plugins/
631 endef
632
633 define Plugin/updown/install
634 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
635 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/_updown $(1)/usr/lib/ipsec/
636 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-updown.so $(1)/usr/lib/ipsec/plugins/
637 $(INSTALL_DIR) $(1)/etc/hotplug.d/ipsec
638 $(CP) ./files/etc/hotplug.d/ipsec/01-user \
639 $(1)/etc/hotplug.d/ipsec/01-user
640 endef
641
642 define Plugin/vici/install
643 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
644 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libvici.so.* $(1)/usr/lib/ipsec/
645 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-vici.so $(1)/usr/lib/ipsec/plugins/
646 endef
647
648 define Plugin/whitelist/install
649 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
650 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/whitelist $(1)/usr/lib/ipsec/
651 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-whitelist.so $(1)/usr/lib/ipsec/plugins/
652 endef
653
654 define Plugin/kernel-libipsec/install
655 $(INSTALL_DIR) $(1)/usr/lib/ipsec
656 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libipsec.so.* $(1)/usr/lib/ipsec/
657 endef
658
659 $(eval $(call BuildPackage,strongswan))
660 $(eval $(call BuildPackage,strongswan-default))
661 $(eval $(call BuildPackage,strongswan-full))
662 $(eval $(call BuildPackage,strongswan-minimal))
663 $(eval $(call BuildPackage,strongswan-isakmp))
664 $(eval $(call BuildPackage,strongswan-charon))
665 $(eval $(call BuildPackage,strongswan-charon-cmd))
666 $(eval $(call BuildPackage,strongswan-ipsec))
667 $(eval $(call BuildPackage,strongswan-libnttfft))
668 $(eval $(call BuildPackage,strongswan-pki))
669 $(eval $(call BuildPackage,strongswan-scepclient))
670 $(eval $(call BuildPackage,strongswan-swanctl))
671 $(eval $(call BuildPackage,strongswan-gencerts))
672 $(eval $(call BuildPackage,strongswan-libtls))
673 $(eval $(call BuildPlugin,addrblock,RFC 3779 address block constraint support,))
674 $(eval $(call BuildPlugin,aes,AES crypto,))
675 $(eval $(call BuildPlugin,af-alg,AF_ALG crypto interface to Linux Crypto API,+kmod-crypto-user))
676 $(eval $(call BuildPlugin,agent,SSH agent signing,))
677 $(eval $(call BuildPlugin,attr,file based config,))
678 $(eval $(call BuildPlugin,attr-sql,SQL based config,+strongswan-charon))
679 $(eval $(call BuildPlugin,bliss,BLISS crypto,+strongswan-libnttfft +strongswan-mod-mgf1 +strongswan-mod-hmac))
680 $(eval $(call BuildPlugin,blowfish,Blowfish crypto,))
681 $(eval $(call BuildPlugin,ccm,CCM AEAD wrapper crypto,))
682 $(eval $(call BuildPlugin,chapoly,ChaCha20-Poly1305 AEAD crypto,+kmod-crypto-chacha20poly1305))
683 $(eval $(call BuildPlugin,cmac,CMAC crypto,))
684 $(eval $(call BuildPlugin,connmark,netfilter connection marking,+libip4tc))
685 $(eval $(call BuildPlugin,constraints,advanced X509 constraint checking,))
686 $(eval $(call BuildPlugin,coupling,IKEv2 plugin to couple peer certificates permanently to authentication,))
687 $(eval $(call BuildPlugin,ctr,Counter Mode wrapper crypto,))
688 $(eval $(call BuildPlugin,curl,cURL fetcher plugin,+PACKAGE_strongswan-mod-curl:libcurl))
689 $(eval $(call BuildPlugin,curve25519,Curve25519 Diffie-Hellman,))
690 $(eval $(call BuildPlugin,des,DES crypto,))
691 $(eval $(call BuildPlugin,dhcp,DHCP based attribute provider,))
692 $(eval $(call BuildPlugin,dnskey,DNS RR key decoding,))
693 $(eval $(call BuildPlugin,drbg,Deterministic random bit generator,,))
694 $(eval $(call BuildPlugin,duplicheck,advanced duplicate checking,))
695 $(eval $(call BuildPlugin,eap-identity,EAP identity helper,))
696 $(eval $(call BuildPlugin,eap-md5,EAP MD5 (CHAP) EAP auth,))
697 $(eval $(call BuildPlugin,eap-mschapv2,EAP MS-CHAPv2 EAP auth,+strongswan-mod-md4 +strongswan-mod-des))
698 $(eval $(call BuildPlugin,eap-radius,EAP RADIUS auth,))
699 $(eval $(call BuildPlugin,eap-tls,EAP TLS auth,+strongswan-libtls))
700 $(eval $(call BuildPlugin,farp,fake arp respsonses,))
701 $(eval $(call BuildPlugin,fips-prf,FIPS PRF crypto,+strongswan-mod-sha1))
702 $(eval $(call BuildPlugin,forecast,forward multi/broadcast traffic,+libip4tc +kmod-ipt-conntrack-extra))
703 $(eval $(call BuildPlugin,gcm,GCM AEAD wrapper crypto,))
704 $(eval $(call BuildPlugin,gcrypt,libgcrypt,+PACKAGE_strongswan-mod-gcrypt:libgcrypt))
705 $(eval $(call BuildPlugin,gmp,libgmp,+PACKAGE_strongswan-mod-gmp:libgmp))
706 $(eval $(call BuildPlugin,gmpdh,DH-Groups; no libgmp dep,))
707 $(eval $(call BuildPlugin,ha,high availability cluster,))
708 $(eval $(call BuildPlugin,hmac,HMAC crypto,))
709 $(eval $(call BuildPlugin,kdf,KDF/PRF+,))
710 $(eval $(call BuildPlugin,kernel-libipsec,libipsec kernel interface,))
711 $(eval $(call BuildPlugin,kernel-netlink,netlink kernel interface,))
712 $(eval $(call BuildPlugin,ldap,LDAP,+PACKAGE_strongswan-mod-ldap:libopenldap))
713 $(eval $(call BuildPlugin,led,LED blink on IKE activity,))
714 $(eval $(call BuildPlugin,load-tester,load testing,))
715 $(eval $(call BuildPlugin,nonce,nonce genereation,))
716 $(eval $(call BuildPlugin,md4,MD4 crypto,))
717 $(eval $(call BuildPlugin,md5,MD5 crypto,))
718 $(eval $(call BuildPlugin,mgf1,MGF1 crypto,))
719 $(eval $(call BuildPlugin,mysql,MySQL database interface,+strongswan-mod-sql +PACKAGE_strongswan-mod-mysql:libmysqlclient-r))
720 $(eval $(call BuildPlugin,newhope,New Hope crypto,+strongswan-libnttfft +strongswan-mod-chapoly +strongswan-mod-sha3))
721 $(eval $(call BuildPlugin,ntru,NTRU crypto,+strongswan-mod-mgf1))
722 $(eval $(call BuildPlugin,openssl,OpenSSL crypto,+PACKAGE_strongswan-mod-openssl:libopenssl))
723 $(eval $(call BuildPlugin,pem,PEM decoding,))
724 $(eval $(call BuildPlugin,pgp,PGP key decoding,))
725 $(eval $(call BuildPlugin,pkcs1,PKCS1 key decoding,))
726 $(eval $(call BuildPlugin,pkcs7,PKCS7 key decoding,))
727 $(eval $(call BuildPlugin,pkcs8,PKCS8 key decoding,))
728 $(eval $(call BuildPlugin,pkcs11,PKCS11 key decoding,))
729 $(eval $(call BuildPlugin,pkcs12,PKCS12 key decoding,))
730 $(eval $(call BuildPlugin,pubkey,raw public key,))
731 $(eval $(call BuildPlugin,random,RNG,))
732 $(eval $(call BuildPlugin,rc2,RC2 crypto,))
733 $(eval $(call BuildPlugin,resolve,DNS resolver,))
734 $(eval $(call BuildPlugin,revocation,X509 CRL/OCSP revocation,))
735 $(eval $(call BuildPlugin,sha1,SHA1 crypto,))
736 $(eval $(call BuildPlugin,sha2,SHA2 crypto,))
737 $(eval $(call BuildPlugin,sha3,SHA3 and SHAKE crypto,))
738 $(eval $(call BuildPlugin,smp,SMP configuration and control interface,+PACKAGE_strongswan-mod-smp:libxml2))
739 $(eval $(call BuildPlugin,socket-default,default socket implementation for charon,))
740 $(eval $(call BuildPlugin,socket-dynamic,dynamic socket implementation for charon,))
741 $(eval $(call BuildPlugin,sql,SQL database interface,))
742 $(eval $(call BuildPlugin,sqlite,SQLite database interface,+strongswan-mod-sql +PACKAGE_strongswan-mod-sqlite:libsqlite3))
743 $(eval $(call BuildPlugin,sshkey,SSH key decoding,))
744 $(eval $(call BuildPlugin,stroke,Stroke,+strongswan-charon +strongswan-ipsec))
745 $(eval $(call BuildPlugin,test-vectors,crypto test vectors,))
746 $(eval $(call BuildPlugin,uci,UCI config interface,+PACKAGE_strongswan-mod-uci:libuci))
747 $(eval $(call BuildPlugin,unity,Cisco Unity extension,))
748 $(eval $(call BuildPlugin,updown,updown firewall,+iptables +IPV6:ip6tables +iptables-mod-ipsec +kmod-ipt-ipsec))
749 $(eval $(call BuildPlugin,vici,Versatile IKE Configuration Interface,))
750 $(eval $(call BuildPlugin,whitelist,peer identity whitelisting,))
751 $(eval $(call BuildPlugin,wolfssl,WolfSSL crypto,+PACKAGE_strongswan-mod-wolfssl:libwolfssl))
752 $(eval $(call BuildPlugin,x509,x509 certificate,))
753 $(eval $(call BuildPlugin,xauth-eap,EAP XAuth backend,))
754 $(eval $(call BuildPlugin,xauth-generic,generic XAuth backend,))
755 $(eval $(call BuildPlugin,xcbc,xcbc crypto,))
Mirror of packages feed