projects / feed / packages.git / blob
? search:


f2a5dfdd443bffa6d6e57197e4653af3e08e3921
[feed/packages.git] / net / strongswan / Makefile
1 #
2 # Copyright (C) 2012-2018 OpenWrt.org
3 #
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
6 #
7
8 include $(TOPDIR)/rules.mk
9
10 PKG_NAME:=strongswan
11 PKG_VERSION:=5.9.2
12 PKG_RELEASE:=1
13
14 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
15 PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/
16 PKG_HASH:=61c72f741edb2c1295a7b7ccce0317a104b3f9d39efd04c52cd05b01b55ab063
17 PKG_LICENSE:=GPL-2.0-or-later
18 PKG_MAINTAINER:=Philip Prindeville <philipp@redfish-solutions.com>, Noel Kuntze <noel.kuntze@thermi.consulting>
19 PKG_CPE_ID:=cpe:/a:strongswan:strongswan
20
21 PKG_MOD_AVAILABLE:= \
22 addrblock \
23 aes \
24 af-alg \
25 agent \
26 attr \
27 attr-sql \
28 bliss \
29 blowfish \
30 ccm \
31 chapoly \
32 cmac \
33 constraints \
34 connmark \
35 coupling \
36 ctr \
37 curl \
38 curve25519 \
39 des \
40 dhcp \
41 dnskey \
42 duplicheck \
43 eap-identity \
44 eap-md5 \
45 eap-mschapv2 \
46 eap-radius \
47 eap-tls \
48 farp \
49 fips-prf \
50 forecast \
51 gcm \
52 gcrypt \
53 gmp \
54 gmpdh \
55 ha \
56 hmac \
57 kernel-libipsec \
58 kernel-netlink \
59 ldap \
60 led \
61 load-tester \
62 nonce \
63 md4 \
64 md5 \
65 mgf1 \
66 mysql \
67 newhope \
68 ntru \
69 openssl \
70 pem \
71 pgp \
72 pkcs1 \
73 pkcs7 \
74 pkcs8 \
75 pkcs11 \
76 pkcs12 \
77 pubkey \
78 random \
79 rc2 \
80 resolve \
81 revocation \
82 sha1 \
83 sha2 \
84 sha3 \
85 smp \
86 socket-default \
87 socket-dynamic \
88 sql \
89 sqlite \
90 sshkey \
91 stroke \
92 test-vectors \
93 unity \
94 uci \
95 updown \
96 vici \
97 whitelist \
98 x509 \
99 xauth-eap \
100 xauth-generic \
101 xcbc
102
103 PKG_CONFIG_DEPENDS:= \
104 CONFIG_STRONGSWAN_ROUTING_TABLE \
105 CONFIG_STRONGSWAN_ROUTING_TABLE_PRIO \
106 $(patsubst %,CONFIG_PACKAGE_strongswan-mod-%,$(PKG_MOD_AVAILABLE)) \
107
108 PKG_FIXUP:=autoreconf
109 PKG_INSTALL:=1
110 PKG_BUILD_PARALLEL:=1
111
112 include $(INCLUDE_DIR)/package.mk
113 # strongswan-mod-mysql needs iconv
114 include $(INCLUDE_DIR)/nls.mk
115
116 define Package/strongswan/Default
117 SUBMENU:=VPN
118 SECTION:=net
119 CATEGORY:=Network
120 TITLE:=StrongSwan
121 URL:=http://www.strongswan.org/
122 endef
123
124 define Package/strongswan/description/Default
125 StrongSwan is an OpenSource IPsec implementation for the Linux operating system.
126 endef
127
128 define Package/strongswan
129 $(call Package/strongswan/Default)
130 MENU:=1
131 DEPENDS:= +libpthread +ip \
132 +kmod-crypto-authenc \
133 +kmod-ipsec +kmod-ipsec4 +IPV6:kmod-ipsec6 \
134 +kmod-ipt-ipsec +iptables-mod-ipsec
135 endef
136
137 define Package/strongswan/config
138 source "$(SOURCE)/Config.in"
139 endef
140
141 define Package/strongswan/description
142 $(call Package/strongswan/description/Default)
143 This package contains shared libraries and scripts.
144 endef
145
146 define Package/strongswan-full
147 $(call Package/strongswan/Default)
148 TITLE+= (full)
149 DEPENDS:= strongswan \
150 +strongswan-charon \
151 +strongswan-charon-cmd \
152 +strongswan-ipsec \
153 +strongswan-libnttfft \
154 +strongswan-mod-addrblock \
155 +strongswan-mod-aes \
156 +strongswan-mod-af-alg \
157 +strongswan-mod-agent \
158 +strongswan-mod-attr \
159 +strongswan-mod-attr-sql \
160 +strongswan-mod-bliss \
161 +strongswan-mod-blowfish \
162 +strongswan-mod-ccm \
163 +strongswan-mod-chapoly \
164 +strongswan-mod-cmac \
165 +strongswan-mod-constraints \
166 +strongswan-mod-connmark \
167 +strongswan-mod-coupling \
168 +strongswan-mod-ctr \
169 +strongswan-mod-curl \
170 +strongswan-mod-curve25519 \
171 +strongswan-mod-des \
172 +strongswan-mod-dhcp \
173 +strongswan-mod-dnskey \
174 +strongswan-mod-duplicheck \
175 +strongswan-mod-eap-identity \
176 +strongswan-mod-eap-md5 \
177 +strongswan-mod-eap-mschapv2 \
178 +strongswan-mod-eap-radius \
179 +strongswan-mod-eap-tls \
180 +strongswan-mod-farp \
181 +strongswan-mod-fips-prf \
182 +strongswan-mod-forecast \
183 +strongswan-mod-gcm \
184 +strongswan-mod-gcrypt \
185 +strongswan-mod-gmp \
186 +strongswan-mod-ha \
187 +strongswan-mod-hmac \
188 +strongswan-mod-kernel-netlink \
189 +strongswan-mod-ldap \
190 +strongswan-mod-led \
191 +strongswan-mod-load-tester \
192 +strongswan-mod-nonce \
193 +strongswan-mod-md4 \
194 +strongswan-mod-md5 \
195 +strongswan-mod-mgf1 \
196 +strongswan-mod-mysql \
197 +strongswan-mod-newhope \
198 +strongswan-mod-ntru \
199 +strongswan-mod-openssl \
200 +strongswan-mod-pem \
201 +strongswan-mod-pgp \
202 +strongswan-mod-pkcs1 \
203 +strongswan-mod-pkcs7 \
204 +strongswan-mod-pkcs8 \
205 +strongswan-mod-pkcs11 \
206 +strongswan-mod-pkcs12 \
207 +strongswan-mod-pubkey \
208 +strongswan-mod-random \
209 +strongswan-mod-rc2 \
210 +strongswan-mod-resolve \
211 +strongswan-mod-revocation \
212 +strongswan-mod-sha1 \
213 +strongswan-mod-sha2 \
214 +strongswan-mod-sha3 \
215 +strongswan-mod-smp \
216 +strongswan-mod-socket-default \
217 +strongswan-mod-sql \
218 +strongswan-mod-sqlite \
219 +strongswan-mod-sshkey \
220 +strongswan-mod-stroke \
221 +strongswan-mod-test-vectors \
222 +strongswan-mod-uci \
223 +strongswan-mod-unity \
224 +strongswan-mod-updown \
225 +strongswan-mod-vici \
226 +strongswan-mod-whitelist \
227 +strongswan-mod-x509 \
228 +strongswan-mod-xauth-eap \
229 +strongswan-mod-xauth-generic \
230 +strongswan-mod-xcbc \
231 +strongswan-pki \
232 +strongswan-scepclient \
233 +strongswan-swanctl \
234 @DEVEL
235 endef
236
237 define Package/strongswan-full/description
238 $(call Package/strongswan/description/Default)
239 This meta-package contains dependencies for all of the strongswan plugins
240 except kernel-libipsec,
241 socket-dynamic and which are omitted in favor of the kernel-netlink and
242 socket-default plugins.
243 endef
244
245
246 define Package/strongswan-default
247 $(call Package/strongswan/Default)
248 TITLE+= (default)
249 DEPENDS:= strongswan \
250 +strongswan-charon \
251 +strongswan-ipsec \
252 +strongswan-mod-aes \
253 +strongswan-mod-attr \
254 +strongswan-mod-connmark \
255 +strongswan-mod-constraints \
256 +strongswan-mod-des \
257 +strongswan-mod-dnskey \
258 +strongswan-mod-fips-prf \
259 +strongswan-mod-gmp \
260 +strongswan-mod-hmac \
261 +strongswan-mod-kernel-netlink \
262 +strongswan-mod-md5 \
263 +strongswan-mod-nonce \
264 +strongswan-mod-pem \
265 +strongswan-mod-pgp \
266 +strongswan-mod-pkcs1 \
267 +strongswan-mod-pubkey \
268 +strongswan-mod-random \
269 +strongswan-mod-rc2 \
270 +strongswan-mod-resolve \
271 +strongswan-mod-revocation \
272 +strongswan-mod-sha1 \
273 +strongswan-mod-sha2 \
274 +strongswan-mod-socket-default \
275 +strongswan-mod-sshkey \
276 +strongswan-mod-stroke \
277 +strongswan-mod-updown \
278 +strongswan-mod-x509 \
279 +strongswan-mod-xauth-generic \
280 +strongswan-mod-xcbc
281 endef
282
283 define Package/strongswan-default/description
284 $(call Package/strongswan/description/Default)
285 This meta-package contains only dependencies to match upstream defaults.
286 endef
287
288
289 define Package/strongswan-isakmp
290 $(call Package/strongswan/Default)
291 TITLE+= (isakmp)
292 DEPENDS:= strongswan \
293 +strongswan-charon \
294 +strongswan-ipsec \
295 +strongswan-mod-aes \
296 +strongswan-mod-des \
297 +strongswan-mod-gmpdh \
298 +strongswan-mod-hmac \
299 +strongswan-mod-kernel-netlink \
300 +strongswan-mod-md5 \
301 +strongswan-mod-nonce \
302 +strongswan-mod-pubkey \
303 +strongswan-mod-random \
304 +strongswan-mod-sha1 \
305 +strongswan-mod-socket-default \
306 +strongswan-mod-stroke \
307 +strongswan-mod-uci \
308 +strongswan-mod-updown
309 endef
310
311 define Package/strongswan-isakmp/description
312 $(call Package/strongswan/description/Default)
313 This meta-package contains only dependencies to establish ISAKMP /
314 IKE PSK connections, dropping other capabilities in favor of small size
315 Can fit most routers even with 4Mb flash (after removing IPv6 support).
316 endef
317
318
319 define Package/strongswan-minimal
320 $(call Package/strongswan/Default)
321 TITLE+= (minimal)
322 DEPENDS:= strongswan \
323 +strongswan-charon \
324 +strongswan-mod-aes \
325 +strongswan-mod-gmp \
326 +strongswan-mod-hmac \
327 +strongswan-mod-kernel-netlink \
328 +strongswan-mod-nonce \
329 +strongswan-mod-pubkey \
330 +strongswan-mod-random \
331 +strongswan-mod-sha1 \
332 +strongswan-mod-socket-default \
333 +strongswan-mod-stroke \
334 +strongswan-mod-updown \
335 +strongswan-mod-x509 \
336 +strongswan-mod-xcbc
337 endef
338
339 define Package/strongswan-minimal/description
340 $(call Package/strongswan/description/Default)
341 This meta-package contains only dependencies for a minimal IKEv2 setup.
342 endef
343
344 define Package/strongswan-charon
345 $(call Package/strongswan/Default)
346 TITLE+= IKEv1/IKEv2 keying daemon
347 DEPENDS:= strongswan
348 endef
349
350 define Package/strongswan-charon/description
351 $(call Package/strongswan/description/Default)
352 This package contains charon, an IKEv2 keying daemon.
353 endef
354
355 define Package/strongswan-charon-cmd
356 $(call Package/strongswan/Default)
357 TITLE+= charon-cmd utility
358 DEPENDS:= strongswan +strongswan-charon
359 endef
360
361 define Package/strongswan-charon-cmd/description
362 $(call Package/strongswan/description/Default)
363 This package contains the charon-cmd utility.
364 endef
365
366 define Package/strongswan-ipsec
367 $(call Package/strongswan/Default)
368 TITLE+= utilities
369 DEPENDS:= strongswan
370 endef
371
372 define Package/strongswan-ipsec/description
373 $(call Package/strongswan/description/Default)
374 This package contains the ipsec utility.
375 endef
376
377 define Package/strongswan-libnttfft
378 $(call Package/strongswan/Default)
379 TITLE+= nttfft library
380 DEPENDS:= +strongswan
381 endef
382
383 define Package/strongswan-libnttfft/description
384 $(call Package/strongswan/description/Default)
385 This package contains the Number Theoretic Transforms library.
386 endef
387
388 define Package/strongswan-pki
389 $(call Package/strongswan/Default)
390 TITLE+= PKI tool
391 DEPENDS:= strongswan
392 endef
393
394 define Package/strongswan-pki/description
395 $(call Package/strongswan/description/Default)
396 This package contains the pki tool.
397 endef
398
399 define Package/strongswan-scepclient
400 $(call Package/strongswan/Default)
401 TITLE+= SCEP client
402 DEPENDS:= strongswan
403 endef
404
405 define Package/strongswan-scepclient/description
406 $(call Package/strongswan/description/Default)
407 This package contains the SCEP client.
408 endef
409
410 define Package/strongswan-swanctl
411 $(call Package/strongswan/Default)
412 TITLE+= swanctl utility
413 DEPENDS:= strongswan +strongswan-mod-vici
414 endef
415
416 define Package/strongswan-swanctl/description
417 $(call Package/strongswan/description/Default)
418 This package contains the swanctl utility.
419 endef
420
421 define Package/strongswan-libtls
422 $(call Package/strongswan/Default)
423 TITLE+= libtls
424 DEPENDS:= strongswan
425 endef
426
427 define Package/strongswan-libtls/description
428 $(call Package/strongswan/description/Default)
429 This package contains libtls for strongSwan plugins eap-tls, eap-ttls,
430 eap-peap, tnc-tnccs
431 endef
432
433 define BuildPlugin
434 define Package/strongswan-mod-$(1)
435 $$(call Package/strongswan/Default)
436 TITLE:= StrongSwan $(2) plugin
437 DEPENDS:= strongswan $(3)
438 endef
439
440 define Package/strongswan-mod-$(1)/install
441 $(INSTALL_DIR) $$(1)/etc/strongswan.d/charon
442 if [ -f $(PKG_INSTALL_DIR)/etc/strongswan.d/charon/$(1).conf ]; then \
443 $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon/$(1).conf $$(1)/etc/strongswan.d/charon/; fi
444 $(INSTALL_DIR) $$(1)/usr/lib/ipsec/plugins
445 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-$(1).so \
446 $$(1)/usr/lib/ipsec/plugins/
447 $(call Plugin/$(1)/install,$$(1))
448 endef
449
450 $$(eval $$(call BuildPackage,strongswan-mod-$(1)))
451 endef
452
453 CONFIGURE_ARGS+= \
454 --disable-scripts \
455 --disable-static \
456 --disable-fast \
457 --enable-mediation \
458 --with-systemdsystemunitdir=no \
459 $(if $(CONFIG_PACKAGE_strongswan-charon-cmd),--enable-cmd,--disable-cmd) \
460 $(if $(CONFIG_PACKAGE_strongswan-pki),--enable-pki,--disable-pki) \
461 $(if $(CONFIG_PACKAGE_strongswan-scepclient),--enable-scepclient,--disable-scepclient) \
462 --with-random-device=/dev/random \
463 --with-urandom-device=/dev/urandom \
464 --with-routing-table="$(call qstrip,$(CONFIG_STRONGSWAN_ROUTING_TABLE))" \
465 --with-routing-table-prio="$(call qstrip,$(CONFIG_STRONGSWAN_ROUTING_TABLE_PRIO))" \
466 $(foreach m,$(PKG_MOD_AVAILABLE), \
467 $(if $(CONFIG_PACKAGE_strongswan-mod-$(m)),--enable-$(m),--disable-$(m)) \
468 ) \
469 ac_cv_search___atomic_load=no
470
471 EXTRA_LDFLAGS+= -Wl,-rpath-link,$(STAGING_DIR)/usr/lib
472
473 define Package/strongswan/conffiles
474 /etc/strongswan.conf
475 /etc/strongswan.d/
476 endef
477
478 define Package/strongswan/install
479 $(INSTALL_DIR) $(1)/etc
480 $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/strongswan.conf $(1)/etc/
481 echo -e "\ninclude /var/ipsec/strongswan.conf" >> $(1)/etc/strongswan.conf
482 $(INSTALL_DIR) $(1)/usr/lib/ipsec
483 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libstrongswan.so.* $(1)/usr/lib/ipsec/
484 endef
485
486 define Package/strongswan-default/install
487 true
488 endef
489
490 define Package/strongswan-full/install
491 true
492 endef
493
494 define Package/strongswan-isakmp/install
495 true
496 endef
497
498 define Package/strongswan-minimal/install
499 true
500 endef
501
502 define Package/strongswan-charon/install
503 $(INSTALL_DIR) $(1)/etc/strongswan.d
504 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon.conf $(1)/etc/strongswan.d
505 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon-logging.conf $(1)/etc/strongswan.d
506 $(INSTALL_DIR) $(1)/usr/lib/ipsec
507 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/charon $(1)/usr/lib/ipsec/
508 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libcharon.so.* $(1)/usr/lib/ipsec/
509 endef
510
511 define Package/strongswan-charon-cmd/install
512 $(INSTALL_DIR) $(1)/usr/sbin
513 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/charon-cmd $(1)/usr/sbin/
514 endef
515
516 define Package/strongswan-ipsec/conffiles
517 /etc/ipsec.d/
518 /etc/ipsec.conf
519 /etc/ipsec.secrets
520 /etc/ipsec.user
521 endef
522
523 define Package/strongswan-ipsec/install
524 $(INSTALL_DIR) $(1)/etc/ $(1)/usr/sbin
525 $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/ipsec.conf $(1)/etc/
526 echo -e "\ninclude /var/ipsec/ipsec.conf" >> $(1)/etc/ipsec.conf
527 $(INSTALL_CONF) ./files/ipsec.secrets $(1)/etc/
528 echo -e "\ninclude /var/ipsec/ipsec.secrets" >> $(1)/etc/ipsec.secrets
529 $(INSTALL_CONF) ./files/ipsec.user $(1)/etc/
530 $(INSTALL_DIR) $(1)/etc/init.d
531 $(INSTALL_BIN) ./files/ipsec.init $(1)/etc/init.d/ipsec
532 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ipsec $(1)/usr/sbin/
533 endef
534
535 define Package/strongswan-ipsec/postinst
536 #!/bin/sh
537
538 [ -z "$${IPKG_INSTROOT}" ] || exit 0
539
540 opkg list-changed-conffiles | grep -qx /etc/ipsec.conf || {
541 rm -f /etc/ipsec.conf-opkg
542 }
543 endef
544
545 define Package/strongswan-libnttfft/install
546 $(INSTALL_DIR) $(1)/usr/lib/ipsec
547 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libnttfft.so.* $(1)/usr/lib/ipsec/
548 endef
549
550 define Package/strongswan-pki/install
551 $(INSTALL_DIR) $(1)/etc/strongswan.d
552 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/pki.conf $(1)/etc/strongswan.d/
553 $(INSTALL_DIR) $(1)/usr/bin
554 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/pki $(1)/usr/bin/
555 endef
556
557 define Package/strongswan-scepclient/install
558 $(INSTALL_DIR) $(1)/etc/strongswan.d
559 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/scepclient.conf $(1)/etc/strongswan.d/
560 $(INSTALL_DIR) $(1)/usr/lib/ipsec
561 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/scepclient $(1)/usr/lib/ipsec/
562 endef
563
564 define Package/strongswan-swanctl/conffiles
565 /etc/swanctl/
566 endef
567
568 define Package/strongswan-swanctl/install
569 $(INSTALL_DIR) $(1)/etc/init.d
570 $(INSTALL_DIR) $(1)/etc/swanctl/{bliss,conf.d,ecdsa,pkcs{12,8},private,pubkey,rsa}
571 $(INSTALL_DIR) $(1)/etc/swanctl/x509{,aa,ac,ca,crl,ocsp}
572 $(CP) $(PKG_INSTALL_DIR)/etc/swanctl/swanctl.conf $(1)/etc/swanctl/
573 echo "include /var/swanctl/swanctl.conf" >> $(1)/etc/swanctl/swanctl.conf
574 $(INSTALL_DIR) $(1)/usr/sbin
575 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/swanctl $(1)/usr/sbin/
576 $(INSTALL_BIN) ./files/swanctl.init $(1)/etc/init.d/swanctl
577 endef
578
579 define Package/strongswan-libtls/install
580 $(INSTALL_DIR) $(1)/usr/lib/ipsec
581 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libtls.so.* $(1)/usr/lib/ipsec/
582 endef
583
584 define Plugin/duplicheck/install
585 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
586 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/duplicheck $(1)/usr/lib/ipsec/
587 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-duplicheck.so $(1)/usr/lib/ipsec/plugins/
588 endef
589
590 define Plugin/eap-radius/install
591 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
592 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libradius.so.* $(1)/usr/lib/ipsec/
593 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-eap-radius.so $(1)/usr/lib/ipsec/plugins/
594 endef
595
596 define Plugin/attr-sql/install
597 $(INSTALL_DIR) $(1)/usr/lib/ipsec
598 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/pool $(1)/usr/lib/ipsec/
599 endef
600
601 define Plugin/stroke/install
602 $(INSTALL_DIR) $(1)/etc/ipsec.d/aacerts
603 $(INSTALL_DIR) $(1)/etc/ipsec.d/acerts
604 $(INSTALL_DIR) $(1)/etc/ipsec.d/cacerts
605 $(INSTALL_DIR) $(1)/etc/ipsec.d/certs
606 $(INSTALL_DIR) $(1)/etc/ipsec.d/crls
607 $(INSTALL_DIR) $(1)/etc/ipsec.d/ocspcerts
608 $(INSTALL_DIR) $(1)/etc/ipsec.d/private
609 $(INSTALL_DIR) $(1)/etc/ipsec.d/reqs
610
611 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
612 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{starter,stroke} $(1)/usr/lib/ipsec/
613 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-stroke.so $(1)/usr/lib/ipsec/plugins/
614 endef
615
616 define Plugin/updown/install
617 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
618 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/_updown $(1)/usr/lib/ipsec/
619 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-updown.so $(1)/usr/lib/ipsec/plugins/
620 $(INSTALL_DIR) $(1)/etc/hotplug.d/ipsec
621 $(CP) ./files/etc/hotplug.d/ipsec/01-user \
622 $(1)/etc/hotplug.d/ipsec/01-user
623 endef
624
625 define Plugin/vici/install
626 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
627 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libvici.so.* $(1)/usr/lib/ipsec/
628 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-vici.so $(1)/usr/lib/ipsec/plugins/
629 endef
630
631 define Plugin/whitelist/install
632 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
633 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/whitelist $(1)/usr/lib/ipsec/
634 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-whitelist.so $(1)/usr/lib/ipsec/plugins/
635 endef
636
637 define Plugin/kernel-libipsec/install
638 $(INSTALL_DIR) $(1)/usr/lib/ipsec
639 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libipsec.so.* $(1)/usr/lib/ipsec/
640 endef
641
642 $(eval $(call BuildPackage,strongswan))
643 $(eval $(call BuildPackage,strongswan-default))
644 $(eval $(call BuildPackage,strongswan-full))
645 $(eval $(call BuildPackage,strongswan-minimal))
646 $(eval $(call BuildPackage,strongswan-isakmp))
647 $(eval $(call BuildPackage,strongswan-charon))
648 $(eval $(call BuildPackage,strongswan-charon-cmd))
649 $(eval $(call BuildPackage,strongswan-ipsec))
650 $(eval $(call BuildPackage,strongswan-libnttfft))
651 $(eval $(call BuildPackage,strongswan-pki))
652 $(eval $(call BuildPackage,strongswan-scepclient))
653 $(eval $(call BuildPackage,strongswan-swanctl))
654 $(eval $(call BuildPackage,strongswan-libtls))
655 $(eval $(call BuildPlugin,addrblock,RFC 3779 address block constraint support,))
656 $(eval $(call BuildPlugin,aes,AES crypto,))
657 $(eval $(call BuildPlugin,af-alg,AF_ALG crypto interface to Linux Crypto API,+kmod-crypto-user))
658 $(eval $(call BuildPlugin,agent,SSH agent signing,))
659 $(eval $(call BuildPlugin,attr,file based config,))
660 $(eval $(call BuildPlugin,attr-sql,SQL based config,+strongswan-charon))
661 $(eval $(call BuildPlugin,bliss,BLISS crypto,+strongswan-libnttfft +strongswan-mod-mgf1 +strongswan-mod-hmac))
662 $(eval $(call BuildPlugin,blowfish,Blowfish crypto,))
663 $(eval $(call BuildPlugin,ccm,CCM AEAD wrapper crypto,))
664 $(eval $(call BuildPlugin,chapoly,ChaCha20-Poly1305 AEAD crypto,))
665 $(eval $(call BuildPlugin,cmac,CMAC crypto,))
666 $(eval $(call BuildPlugin,connmark,netfilter connection marking,))
667 $(eval $(call BuildPlugin,constraints,advanced X509 constraint checking,))
668 $(eval $(call BuildPlugin,coupling,IKEv2 plugin to couple peer certificates permanently to authentication,))
669 $(eval $(call BuildPlugin,ctr,Counter Mode wrapper crypto,))
670 $(eval $(call BuildPlugin,curl,cURL fetcher plugin,+PACKAGE_strongswan-mod-curl:libcurl))
671 $(eval $(call BuildPlugin,curve25519,Curve25519 Diffie-Hellman,))
672 $(eval $(call BuildPlugin,des,DES crypto,))
673 $(eval $(call BuildPlugin,dhcp,DHCP based attribute provider,))
674 $(eval $(call BuildPlugin,dnskey,DNS RR key decoding,))
675 $(eval $(call BuildPlugin,duplicheck,advanced duplicate checking,))
676 $(eval $(call BuildPlugin,eap-identity,EAP identity helper,))
677 $(eval $(call BuildPlugin,eap-md5,EAP MD5 (CHAP) EAP auth,))
678 $(eval $(call BuildPlugin,eap-mschapv2,EAP MS-CHAPv2 EAP auth,+strongswan-mod-md4 +strongswan-mod-des))
679 $(eval $(call BuildPlugin,eap-radius,EAP RADIUS auth,))
680 $(eval $(call BuildPlugin,eap-tls,EAP TLS auth,+strongswan-libtls))
681 $(eval $(call BuildPlugin,farp,fake arp respsonses,))
682 $(eval $(call BuildPlugin,fips-prf,FIPS PRF crypto,+strongswan-mod-sha1))
683 $(eval $(call BuildPlugin,forecast,forward multi/broadcast traffic,+kmod-ipt-conntrack-extra))
684 $(eval $(call BuildPlugin,gcm,GCM AEAD wrapper crypto,))
685 $(eval $(call BuildPlugin,gcrypt,libgcrypt,+PACKAGE_strongswan-mod-gcrypt:libgcrypt))
686 $(eval $(call BuildPlugin,gmp,libgmp,+PACKAGE_strongswan-mod-gmp:libgmp))
687 $(eval $(call BuildPlugin,gmpdh,DH-Groups; no libgmp dep,))
688 $(eval $(call BuildPlugin,ha,high availability cluster,))
689 $(eval $(call BuildPlugin,hmac,HMAC crypto,))
690 $(eval $(call BuildPlugin,kernel-libipsec,libipsec kernel interface,))
691 $(eval $(call BuildPlugin,kernel-netlink,netlink kernel interface,))
692 $(eval $(call BuildPlugin,ldap,LDAP,+PACKAGE_strongswan-mod-ldap:libopenldap))
693 $(eval $(call BuildPlugin,led,LED blink on IKE activity,))
694 $(eval $(call BuildPlugin,load-tester,load testing,))
695 $(eval $(call BuildPlugin,nonce,nonce genereation,))
696 $(eval $(call BuildPlugin,md4,MD4 crypto,))
697 $(eval $(call BuildPlugin,md5,MD5 crypto,))
698 $(eval $(call BuildPlugin,mgf1,MGF1 crypto,))
699 $(eval $(call BuildPlugin,mysql,MySQL database interface,+strongswan-mod-sql +PACKAGE_strongswan-mod-mysql:libmysqlclient-r))
700 $(eval $(call BuildPlugin,newhope,New Hope crypto,+strongswan-libnttfft +strongswan-mod-chapoly +strongswan-mod-sha3))
701 $(eval $(call BuildPlugin,ntru,NTRU crypto,+strongswan-mod-mgf1))
702 $(eval $(call BuildPlugin,openssl,OpenSSL crypto,+PACKAGE_strongswan-mod-openssl:libopenssl))
703 $(eval $(call BuildPlugin,pem,PEM decoding,))
704 $(eval $(call BuildPlugin,pgp,PGP key decoding,))
705 $(eval $(call BuildPlugin,pkcs1,PKCS1 key decoding,))
706 $(eval $(call BuildPlugin,pkcs7,PKCS7 key decoding,))
707 $(eval $(call BuildPlugin,pkcs8,PKCS8 key decoding,))
708 $(eval $(call BuildPlugin,pkcs11,PKCS11 key decoding,))
709 $(eval $(call BuildPlugin,pkcs12,PKCS12 key decoding,))
710 $(eval $(call BuildPlugin,pubkey,raw public key,))
711 $(eval $(call BuildPlugin,random,RNG,))
712 $(eval $(call BuildPlugin,rc2,RC2 crypto,))
713 $(eval $(call BuildPlugin,resolve,DNS resolver,))
714 $(eval $(call BuildPlugin,revocation,X509 CRL/OCSP revocation,))
715 $(eval $(call BuildPlugin,sha1,SHA1 crypto,))
716 $(eval $(call BuildPlugin,sha2,SHA2 crypto,))
717 $(eval $(call BuildPlugin,sha3,SHA3 and SHAKE crypto,))
718 $(eval $(call BuildPlugin,smp,SMP configuration and control interface,+PACKAGE_strongswan-mod-smp:libxml2))
719 $(eval $(call BuildPlugin,socket-default,default socket implementation for charon,))
720 $(eval $(call BuildPlugin,socket-dynamic,dynamic socket implementation for charon,))
721 $(eval $(call BuildPlugin,sql,SQL database interface,))
722 $(eval $(call BuildPlugin,sqlite,SQLite database interface,+strongswan-mod-sql +PACKAGE_strongswan-mod-sqlite:libsqlite3))
723 $(eval $(call BuildPlugin,sshkey,SSH key decoding,))
724 $(eval $(call BuildPlugin,stroke,Stroke,+strongswan-charon +strongswan-ipsec))
725 $(eval $(call BuildPlugin,test-vectors,crypto test vectors,))
726 $(eval $(call BuildPlugin,uci,UCI config interface,+PACKAGE_strongswan-mod-uci:libuci))
727 $(eval $(call BuildPlugin,unity,Cisco Unity extension,))
728 $(eval $(call BuildPlugin,updown,updown firewall,))
729 $(eval $(call BuildPlugin,vici,Versatile IKE Configuration Interface,))
730 $(eval $(call BuildPlugin,whitelist,peer identity whitelisting,))
731 $(eval $(call BuildPlugin,x509,x509 certificate,))
732 $(eval $(call BuildPlugin,xauth-eap,EAP XAuth backend,))
733 $(eval $(call BuildPlugin,xauth-generic,generic XAuth backend,))
734 $(eval $(call BuildPlugin,xcbc,xcbc crypto,))
Mirror of packages feed