projects / feed / packages.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge pull request #18335 from fjamarquez/keepalived_uci_support
[feed/packages.git] / net / strongswan / Makefile
1 #
2 # Copyright (C) 2012-2018 OpenWrt.org
3 #
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
6 #
7
8 include $(TOPDIR)/rules.mk
9
10 PKG_NAME:=strongswan
11 PKG_VERSION:=5.9.5
12 PKG_RELEASE:=$(AUTORELEASE)
13
14 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
15 PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/
16 PKG_HASH:=983e4ef4a4c6c9d69f5fe6707c7fe0b2b9a9291943bbf4e008faab6bf91c0bdd
17 PKG_LICENSE:=GPL-2.0-or-later
18 PKG_MAINTAINER:=Philip Prindeville <philipp@redfish-solutions.com>, Noel Kuntze <noel.kuntze@thermi.consulting>
19 PKG_CPE_ID:=cpe:/a:strongswan:strongswan
20
21 PKG_MOD_AVAILABLE:= \
22 addrblock \
23 aes \
24 af-alg \
25 agent \
26 attr \
27 attr-sql \
28 bliss \
29 blowfish \
30 ccm \
31 chapoly \
32 cmac \
33 constraints \
34 connmark \
35 coupling \
36 ctr \
37 curl \
38 curve25519 \
39 des \
40 dhcp \
41 dnskey \
42 duplicheck \
43 eap-identity \
44 eap-md5 \
45 eap-mschapv2 \
46 eap-radius \
47 eap-tls \
48 farp \
49 fips-prf \
50 forecast \
51 gcm \
52 gcrypt \
53 gmp \
54 gmpdh \
55 ha \
56 hmac \
57 kernel-libipsec \
58 kernel-netlink \
59 ldap \
60 led \
61 load-tester \
62 nonce \
63 md4 \
64 md5 \
65 mgf1 \
66 mysql \
67 newhope \
68 ntru \
69 openssl \
70 pem \
71 pgp \
72 pkcs1 \
73 pkcs7 \
74 pkcs8 \
75 pkcs11 \
76 pkcs12 \
77 pubkey \
78 random \
79 rc2 \
80 resolve \
81 revocation \
82 sha1 \
83 sha2 \
84 sha3 \
85 smp \
86 socket-default \
87 socket-dynamic \
88 sql \
89 sqlite \
90 sshkey \
91 stroke \
92 test-vectors \
93 unity \
94 uci \
95 updown \
96 vici \
97 whitelist \
98 x509 \
99 xauth-eap \
100 xauth-generic \
101 xcbc
102
103 PKG_CONFIG_DEPENDS:= \
104 CONFIG_STRONGSWAN_ROUTING_TABLE \
105 CONFIG_STRONGSWAN_ROUTING_TABLE_PRIO \
106 $(patsubst %,CONFIG_PACKAGE_strongswan-mod-%,$(PKG_MOD_AVAILABLE)) \
107
108 PKG_FIXUP:=autoreconf
109 PKG_INSTALL:=1
110 PKG_BUILD_PARALLEL:=1
111
112 include $(INCLUDE_DIR)/package.mk
113 # strongswan-mod-mysql needs iconv
114 include $(INCLUDE_DIR)/nls.mk
115
116 define Package/strongswan/Default
117 SUBMENU:=VPN
118 SECTION:=net
119 CATEGORY:=Network
120 TITLE:=StrongSwan
121 URL:=http://www.strongswan.org/
122 endef
123
124 define Package/strongswan/description/Default
125 StrongSwan is an OpenSource IPsec implementation for the Linux operating system.
126 endef
127
128 define Package/strongswan
129 $(call Package/strongswan/Default)
130 MENU:=1
131 DEPENDS:= +libpthread +ip \
132 +kmod-crypto-authenc \
133 +kmod-ipsec +kmod-ipsec4 +IPV6:kmod-ipsec6
134 endef
135
136 define Package/strongswan/config
137 source "$(SOURCE)/Config.in"
138 endef
139
140 define Package/strongswan/description
141 $(call Package/strongswan/description/Default)
142 This package contains shared libraries and scripts.
143 endef
144
145 define Package/strongswan-full
146 $(call Package/strongswan/Default)
147 TITLE+= (full)
148 DEPENDS:= strongswan \
149 +strongswan-charon \
150 +strongswan-charon-cmd \
151 +strongswan-ipsec \
152 +strongswan-libnttfft \
153 +strongswan-mod-addrblock \
154 +strongswan-mod-aes \
155 +strongswan-mod-af-alg \
156 +strongswan-mod-agent \
157 +strongswan-mod-attr \
158 +strongswan-mod-attr-sql \
159 +strongswan-mod-bliss \
160 +strongswan-mod-blowfish \
161 +strongswan-mod-ccm \
162 +strongswan-mod-chapoly \
163 +strongswan-mod-cmac \
164 +strongswan-mod-constraints \
165 +strongswan-mod-connmark \
166 +strongswan-mod-coupling \
167 +strongswan-mod-ctr \
168 +strongswan-mod-curl \
169 +strongswan-mod-curve25519 \
170 +strongswan-mod-des \
171 +strongswan-mod-dhcp \
172 +strongswan-mod-dnskey \
173 +strongswan-mod-duplicheck \
174 +strongswan-mod-eap-identity \
175 +strongswan-mod-eap-md5 \
176 +strongswan-mod-eap-mschapv2 \
177 +strongswan-mod-eap-radius \
178 +strongswan-mod-eap-tls \
179 +strongswan-mod-farp \
180 +strongswan-mod-fips-prf \
181 +strongswan-mod-forecast \
182 +strongswan-mod-gcm \
183 +strongswan-mod-gcrypt \
184 +strongswan-mod-gmp \
185 +strongswan-mod-ha \
186 +strongswan-mod-hmac \
187 +strongswan-mod-kernel-netlink \
188 +strongswan-mod-ldap \
189 +strongswan-mod-led \
190 +strongswan-mod-load-tester \
191 +strongswan-mod-nonce \
192 +strongswan-mod-md4 \
193 +strongswan-mod-md5 \
194 +strongswan-mod-mgf1 \
195 +strongswan-mod-mysql \
196 +strongswan-mod-newhope \
197 +strongswan-mod-ntru \
198 +strongswan-mod-openssl \
199 +strongswan-mod-pem \
200 +strongswan-mod-pgp \
201 +strongswan-mod-pkcs1 \
202 +strongswan-mod-pkcs7 \
203 +strongswan-mod-pkcs8 \
204 +strongswan-mod-pkcs11 \
205 +strongswan-mod-pkcs12 \
206 +strongswan-mod-pubkey \
207 +strongswan-mod-random \
208 +strongswan-mod-rc2 \
209 +strongswan-mod-resolve \
210 +strongswan-mod-revocation \
211 +strongswan-mod-sha1 \
212 +strongswan-mod-sha2 \
213 +strongswan-mod-sha3 \
214 +strongswan-mod-smp \
215 +strongswan-mod-socket-default \
216 +strongswan-mod-sql \
217 +strongswan-mod-sqlite \
218 +strongswan-mod-sshkey \
219 +strongswan-mod-stroke \
220 +strongswan-mod-test-vectors \
221 +strongswan-mod-uci \
222 +strongswan-mod-unity \
223 +strongswan-mod-updown \
224 +strongswan-mod-vici \
225 +strongswan-mod-whitelist \
226 +strongswan-mod-x509 \
227 +strongswan-mod-xauth-eap \
228 +strongswan-mod-xauth-generic \
229 +strongswan-mod-xcbc \
230 +strongswan-pki \
231 +strongswan-scepclient \
232 +strongswan-swanctl \
233 @DEVEL
234 endef
235
236 define Package/strongswan-full/description
237 $(call Package/strongswan/description/Default)
238 This meta-package contains dependencies for all of the strongswan plugins
239 except kernel-libipsec,
240 socket-dynamic and which are omitted in favor of the kernel-netlink and
241 socket-default plugins.
242 endef
243
244
245 define Package/strongswan-default
246 $(call Package/strongswan/Default)
247 TITLE+= (default)
248 DEPENDS:= strongswan \
249 +strongswan-charon \
250 +strongswan-mod-aes \
251 +strongswan-mod-attr \
252 +strongswan-mod-connmark \
253 +strongswan-mod-constraints \
254 +strongswan-mod-des \
255 +strongswan-mod-dnskey \
256 +strongswan-mod-fips-prf \
257 +strongswan-mod-gmp \
258 +strongswan-mod-hmac \
259 +strongswan-mod-kernel-netlink \
260 +strongswan-mod-md5 \
261 +strongswan-mod-nonce \
262 +strongswan-mod-pem \
263 +strongswan-mod-pgp \
264 +strongswan-mod-pkcs1 \
265 +strongswan-mod-pubkey \
266 +strongswan-mod-random \
267 +strongswan-mod-rc2 \
268 +strongswan-mod-resolve \
269 +strongswan-mod-revocation \
270 +strongswan-mod-sha1 \
271 +strongswan-mod-sha2 \
272 +strongswan-mod-socket-default \
273 +strongswan-mod-sshkey \
274 +strongswan-mod-updown \
275 +strongswan-mod-x509 \
276 +strongswan-mod-xauth-generic \
277 +strongswan-mod-xcbc \
278 +strongswan-swanctl
279 endef
280
281 define Package/strongswan-default/description
282 $(call Package/strongswan/description/Default)
283 This meta-package contains only dependencies to match upstream defaults.
284 endef
285
286
287 define Package/strongswan-isakmp
288 $(call Package/strongswan/Default)
289 TITLE+= (isakmp)
290 DEPENDS:= strongswan \
291 +strongswan-charon \
292 +strongswan-ipsec \
293 +strongswan-mod-aes \
294 +strongswan-mod-des \
295 +strongswan-mod-gmpdh \
296 +strongswan-mod-hmac \
297 +strongswan-mod-kernel-netlink \
298 +strongswan-mod-md5 \
299 +strongswan-mod-nonce \
300 +strongswan-mod-pubkey \
301 +strongswan-mod-random \
302 +strongswan-mod-sha1 \
303 +strongswan-mod-socket-default \
304 +strongswan-mod-stroke \
305 +strongswan-mod-uci \
306 +strongswan-mod-updown
307 endef
308
309 define Package/strongswan-isakmp/description
310 $(call Package/strongswan/description/Default)
311 This meta-package contains only dependencies to establish ISAKMP /
312 IKE PSK connections, dropping other capabilities in favor of small size
313 Can fit most routers even with 4Mb flash (after removing IPv6 support).
314 endef
315
316
317 define Package/strongswan-minimal
318 $(call Package/strongswan/Default)
319 TITLE+= (minimal)
320 DEPENDS:= strongswan \
321 +strongswan-charon \
322 +strongswan-mod-aes \
323 +strongswan-mod-gmp \
324 +strongswan-mod-hmac \
325 +strongswan-mod-kernel-netlink \
326 +strongswan-mod-nonce \
327 +strongswan-mod-pubkey \
328 +strongswan-mod-random \
329 +strongswan-mod-sha1 \
330 +strongswan-mod-socket-default \
331 +strongswan-mod-stroke \
332 +strongswan-mod-updown \
333 +strongswan-mod-x509 \
334 +strongswan-mod-xcbc
335 endef
336
337 define Package/strongswan-minimal/description
338 $(call Package/strongswan/description/Default)
339 This meta-package contains only dependencies for a minimal IKEv2 setup.
340 endef
341
342 define Package/strongswan-charon
343 $(call Package/strongswan/Default)
344 TITLE+= IKEv1/IKEv2 keying daemon
345 DEPENDS:= strongswan
346 endef
347
348 define Package/strongswan-charon/description
349 $(call Package/strongswan/description/Default)
350 This package contains charon, an IKEv2 keying daemon.
351 endef
352
353 define Package/strongswan-charon-cmd
354 $(call Package/strongswan/Default)
355 TITLE+= charon-cmd utility
356 DEPENDS:= strongswan +strongswan-charon
357 endef
358
359 define Package/strongswan-charon-cmd/description
360 $(call Package/strongswan/description/Default)
361 This package contains the charon-cmd utility.
362 endef
363
364 define Package/strongswan-ipsec
365 $(call Package/strongswan/Default)
366 TITLE+= utilities
367 DEPENDS:= strongswan
368 endef
369
370 define Package/strongswan-ipsec/description
371 $(call Package/strongswan/description/Default)
372 This package contains the ipsec utility.
373 endef
374
375 define Package/strongswan-libnttfft
376 $(call Package/strongswan/Default)
377 TITLE+= nttfft library
378 DEPENDS:= strongswan
379 endef
380
381 define Package/strongswan-libnttfft/description
382 $(call Package/strongswan/description/Default)
383 This package contains the Number Theoretic Transforms library.
384 endef
385
386 define Package/strongswan-pki
387 $(call Package/strongswan/Default)
388 TITLE+= PKI tool
389 DEPENDS:= strongswan
390 endef
391
392 define Package/strongswan-pki/description
393 $(call Package/strongswan/description/Default)
394 This package contains the pki tool.
395 endef
396
397 define Package/strongswan-scepclient
398 $(call Package/strongswan/Default)
399 TITLE+= SCEP client
400 DEPENDS:= strongswan
401 endef
402
403 define Package/strongswan-scepclient/description
404 $(call Package/strongswan/description/Default)
405 This package contains the SCEP client.
406 endef
407
408 define Package/strongswan-swanctl
409 $(call Package/strongswan/Default)
410 TITLE+= swanctl utility
411 DEPENDS:= strongswan +strongswan-mod-vici
412 endef
413
414 define Package/strongswan-swanctl/description
415 $(call Package/strongswan/description/Default)
416 This package contains the swanctl utility.
417 endef
418
419 define Package/strongswan-gencerts
420 $(call Package/strongswan/Default)
421 TITLE+= X.509 certificate generation utility
422 DEPENDS:= strongswan +strongswan-pki bash
423 endef
424
425 define Package/strongswan-gencerts/description
426 $(call Package/strongswan/description/Default)
427 This package contains the X.509 certificate generation utility.
428 endef
429
430 define Package/strongswan-libtls
431 $(call Package/strongswan/Default)
432 TITLE+= libtls
433 DEPENDS:= strongswan
434 endef
435
436 define Package/strongswan-libtls/description
437 $(call Package/strongswan/description/Default)
438 This package contains libtls for strongSwan plugins eap-tls, eap-ttls,
439 eap-peap, tnc-tnccs
440 endef
441
442 define BuildPlugin
443 define Package/strongswan-mod-$(1)
444 $$(call Package/strongswan/Default)
445 TITLE:= StrongSwan $(2) plugin
446 DEPENDS:= strongswan $(3)
447 endef
448
449 define Package/strongswan-mod-$(1)/install
450 $(INSTALL_DIR) $$(1)/etc/strongswan.d/charon
451 if [ -f $(PKG_INSTALL_DIR)/etc/strongswan.d/charon/$(1).conf ]; then \
452 $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon/$(1).conf $$(1)/etc/strongswan.d/charon/; fi
453 $(INSTALL_DIR) $$(1)/usr/lib/ipsec/plugins
454 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-$(1).so \
455 $$(1)/usr/lib/ipsec/plugins/
456 $(call Plugin/$(1)/install,$$(1))
457 endef
458
459 $$(eval $$(call BuildPackage,strongswan-mod-$(1)))
460 endef
461
462 CONFIGURE_ARGS+= \
463 --disable-scripts \
464 --disable-static \
465 --disable-fast \
466 --enable-mediation \
467 --with-systemdsystemunitdir=no \
468 $(if $(CONFIG_PACKAGE_strongswan-charon-cmd),--enable-cmd,--disable-cmd) \
469 $(if $(CONFIG_PACKAGE_strongswan-pki),--enable-pki,--disable-pki) \
470 $(if $(CONFIG_PACKAGE_strongswan-scepclient),--enable-scepclient,--disable-scepclient) \
471 --with-random-device=/dev/random \
472 --with-urandom-device=/dev/urandom \
473 --with-routing-table="$(call qstrip,$(CONFIG_STRONGSWAN_ROUTING_TABLE))" \
474 --with-routing-table-prio="$(call qstrip,$(CONFIG_STRONGSWAN_ROUTING_TABLE_PRIO))" \
475 $(foreach m,$(PKG_MOD_AVAILABLE), \
476 $(if $(CONFIG_PACKAGE_strongswan-mod-$(m)),--enable-$(m),--disable-$(m)) \
477 ) \
478 ac_cv_search___atomic_load=no
479
480 define Package/strongswan/conffiles
481 /etc/strongswan.conf
482 /etc/strongswan.d/
483 endef
484
485 define Package/strongswan/install
486 $(INSTALL_DIR) $(1)/etc
487 $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/strongswan.conf $(1)/etc/
488 echo -e "\ninclude /var/ipsec/strongswan.conf" >> $(1)/etc/strongswan.conf
489 $(INSTALL_DIR) $(1)/usr/lib/ipsec
490 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libstrongswan.so.* $(1)/usr/lib/ipsec/
491 endef
492
493 define Package/strongswan-default/install
494 true
495 endef
496
497 define Package/strongswan-full/install
498 true
499 endef
500
501 define Package/strongswan-isakmp/install
502 true
503 endef
504
505 define Package/strongswan-minimal/install
506 true
507 endef
508
509 define Package/strongswan-charon/install
510 $(INSTALL_DIR) $(1)/etc/strongswan.d
511 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon.conf $(1)/etc/strongswan.d
512 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon-logging.conf $(1)/etc/strongswan.d
513 $(INSTALL_DIR) $(1)/usr/lib/ipsec
514 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/charon $(1)/usr/lib/ipsec/
515 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libcharon.so.* $(1)/usr/lib/ipsec/
516 endef
517
518 define Package/strongswan-charon-cmd/install
519 $(INSTALL_DIR) $(1)/usr/sbin
520 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/charon-cmd $(1)/usr/sbin/
521 endef
522
523 define Package/strongswan-ipsec/conffiles
524 /etc/ipsec.d/
525 /etc/ipsec.conf
526 /etc/ipsec.secrets
527 /etc/ipsec.user
528 endef
529
530 define Package/strongswan-ipsec/install
531 $(INSTALL_DIR) $(1)/etc/ $(1)/usr/sbin
532 $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/ipsec.conf $(1)/etc/
533 echo -e "\ninclude /var/ipsec/ipsec.conf" >> $(1)/etc/ipsec.conf
534 $(INSTALL_CONF) ./files/ipsec.secrets $(1)/etc/
535 echo -e "\ninclude /var/ipsec/ipsec.secrets" >> $(1)/etc/ipsec.secrets
536 $(INSTALL_CONF) ./files/ipsec.user $(1)/etc/
537 $(INSTALL_DIR) $(1)/etc/init.d
538 $(INSTALL_BIN) ./files/ipsec.init $(1)/etc/init.d/ipsec
539 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ipsec $(1)/usr/sbin/
540 endef
541
542 define Package/strongswan-ipsec/postinst
543 #!/bin/sh
544
545 [ -z "$${IPKG_INSTROOT}" ] || exit 0
546
547 opkg list-changed-conffiles | grep -qx /etc/ipsec.conf || {
548 rm -f /etc/ipsec.conf-opkg
549 }
550 endef
551
552 define Package/strongswan-libnttfft/install
553 $(INSTALL_DIR) $(1)/usr/lib/ipsec
554 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libnttfft.so.* $(1)/usr/lib/ipsec/
555 endef
556
557 define Package/strongswan-pki/install
558 $(INSTALL_DIR) $(1)/etc/strongswan.d
559 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/pki.conf $(1)/etc/strongswan.d/
560 $(INSTALL_DIR) $(1)/usr/bin
561 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/pki $(1)/usr/bin/
562 endef
563
564 define Package/strongswan-scepclient/install
565 $(INSTALL_DIR) $(1)/etc/strongswan.d
566 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/scepclient.conf $(1)/etc/strongswan.d/
567 $(INSTALL_DIR) $(1)/usr/lib/ipsec
568 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/scepclient $(1)/usr/lib/ipsec/
569 endef
570
571 define Package/strongswan-swanctl/conffiles
572 /etc/config/ipsec
573 /etc/swanctl/
574 endef
575
576 define Package/strongswan-swanctl/install
577 $(INSTALL_DIR) $(1)/etc/init.d
578 $(INSTALL_DIR) $(1)/etc/swanctl/{bliss,conf.d,ecdsa,pkcs{12,8},private,pubkey,rsa}
579 $(INSTALL_DIR) $(1)/etc/swanctl/x509{,aa,ac,ca,crl,ocsp}
580 $(CP) $(PKG_INSTALL_DIR)/etc/swanctl/swanctl.conf $(1)/etc/swanctl/
581 echo "include /var/swanctl/swanctl.conf" >> $(1)/etc/swanctl/swanctl.conf
582 $(INSTALL_DIR) $(1)/usr/sbin
583 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/swanctl $(1)/usr/sbin/
584 $(INSTALL_BIN) ./files/swanctl.init $(1)/etc/init.d/swanctl
585 endef
586
587 define Package/strongswan-gencerts/install
588 $(INSTALL_DIR) $(1)/usr/bin
589 $(INSTALL_BIN) ./files/gencerts.sh $(1)/usr/bin/gencerts
590 endef
591
592 define Package/strongswan-libtls/install
593 $(INSTALL_DIR) $(1)/usr/lib/ipsec
594 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libtls.so.* $(1)/usr/lib/ipsec/
595 endef
596
597 define Plugin/duplicheck/install
598 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
599 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/duplicheck $(1)/usr/lib/ipsec/
600 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-duplicheck.so $(1)/usr/lib/ipsec/plugins/
601 endef
602
603 define Plugin/eap-radius/install
604 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
605 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libradius.so.* $(1)/usr/lib/ipsec/
606 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-eap-radius.so $(1)/usr/lib/ipsec/plugins/
607 endef
608
609 define Plugin/attr-sql/install
610 $(INSTALL_DIR) $(1)/usr/lib/ipsec
611 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/pool $(1)/usr/lib/ipsec/
612 endef
613
614 define Plugin/stroke/install
615 $(INSTALL_DIR) $(1)/etc/ipsec.d/{aacerts,acerts,cacerts,certs,crls,ocspcerts,private,reqs}
616
617 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
618 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{starter,stroke} $(1)/usr/lib/ipsec/
619 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-stroke.so $(1)/usr/lib/ipsec/plugins/
620 endef
621
622 define Plugin/updown/install
623 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
624 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/_updown $(1)/usr/lib/ipsec/
625 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-updown.so $(1)/usr/lib/ipsec/plugins/
626 $(INSTALL_DIR) $(1)/etc/hotplug.d/ipsec
627 $(CP) ./files/etc/hotplug.d/ipsec/01-user \
628 $(1)/etc/hotplug.d/ipsec/01-user
629 endef
630
631 define Plugin/vici/install
632 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
633 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libvici.so.* $(1)/usr/lib/ipsec/
634 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-vici.so $(1)/usr/lib/ipsec/plugins/
635 endef
636
637 define Plugin/whitelist/install
638 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
639 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/whitelist $(1)/usr/lib/ipsec/
640 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-whitelist.so $(1)/usr/lib/ipsec/plugins/
641 endef
642
643 define Plugin/kernel-libipsec/install
644 $(INSTALL_DIR) $(1)/usr/lib/ipsec
645 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libipsec.so.* $(1)/usr/lib/ipsec/
646 endef
647
648 $(eval $(call BuildPackage,strongswan))
649 $(eval $(call BuildPackage,strongswan-default))
650 $(eval $(call BuildPackage,strongswan-full))
651 $(eval $(call BuildPackage,strongswan-minimal))
652 $(eval $(call BuildPackage,strongswan-isakmp))
653 $(eval $(call BuildPackage,strongswan-charon))
654 $(eval $(call BuildPackage,strongswan-charon-cmd))
655 $(eval $(call BuildPackage,strongswan-ipsec))
656 $(eval $(call BuildPackage,strongswan-libnttfft))
657 $(eval $(call BuildPackage,strongswan-pki))
658 $(eval $(call BuildPackage,strongswan-scepclient))
659 $(eval $(call BuildPackage,strongswan-swanctl))
660 $(eval $(call BuildPackage,strongswan-gencerts))
661 $(eval $(call BuildPackage,strongswan-libtls))
662 $(eval $(call BuildPlugin,addrblock,RFC 3779 address block constraint support,))
663 $(eval $(call BuildPlugin,aes,AES crypto,))
664 $(eval $(call BuildPlugin,af-alg,AF_ALG crypto interface to Linux Crypto API,+kmod-crypto-user))
665 $(eval $(call BuildPlugin,agent,SSH agent signing,))
666 $(eval $(call BuildPlugin,attr,file based config,))
667 $(eval $(call BuildPlugin,attr-sql,SQL based config,+strongswan-charon))
668 $(eval $(call BuildPlugin,bliss,BLISS crypto,+strongswan-libnttfft +strongswan-mod-mgf1 +strongswan-mod-hmac))
669 $(eval $(call BuildPlugin,blowfish,Blowfish crypto,))
670 $(eval $(call BuildPlugin,ccm,CCM AEAD wrapper crypto,))
671 $(eval $(call BuildPlugin,chapoly,ChaCha20-Poly1305 AEAD crypto,))
672 $(eval $(call BuildPlugin,cmac,CMAC crypto,))
673 $(eval $(call BuildPlugin,connmark,netfilter connection marking,+libip4tc))
674 $(eval $(call BuildPlugin,constraints,advanced X509 constraint checking,))
675 $(eval $(call BuildPlugin,coupling,IKEv2 plugin to couple peer certificates permanently to authentication,))
676 $(eval $(call BuildPlugin,ctr,Counter Mode wrapper crypto,))
677 $(eval $(call BuildPlugin,curl,cURL fetcher plugin,+PACKAGE_strongswan-mod-curl:libcurl))
678 $(eval $(call BuildPlugin,curve25519,Curve25519 Diffie-Hellman,))
679 $(eval $(call BuildPlugin,des,DES crypto,))
680 $(eval $(call BuildPlugin,dhcp,DHCP based attribute provider,))
681 $(eval $(call BuildPlugin,dnskey,DNS RR key decoding,))
682 $(eval $(call BuildPlugin,duplicheck,advanced duplicate checking,))
683 $(eval $(call BuildPlugin,eap-identity,EAP identity helper,))
684 $(eval $(call BuildPlugin,eap-md5,EAP MD5 (CHAP) EAP auth,))
685 $(eval $(call BuildPlugin,eap-mschapv2,EAP MS-CHAPv2 EAP auth,+strongswan-mod-md4 +strongswan-mod-des))
686 $(eval $(call BuildPlugin,eap-radius,EAP RADIUS auth,))
687 $(eval $(call BuildPlugin,eap-tls,EAP TLS auth,+strongswan-libtls))
688 $(eval $(call BuildPlugin,farp,fake arp respsonses,))
689 $(eval $(call BuildPlugin,fips-prf,FIPS PRF crypto,+strongswan-mod-sha1))
690 $(eval $(call BuildPlugin,forecast,forward multi/broadcast traffic,+libip4tc +kmod-ipt-conntrack-extra))
691 $(eval $(call BuildPlugin,gcm,GCM AEAD wrapper crypto,))
692 $(eval $(call BuildPlugin,gcrypt,libgcrypt,+PACKAGE_strongswan-mod-gcrypt:libgcrypt))
693 $(eval $(call BuildPlugin,gmp,libgmp,+PACKAGE_strongswan-mod-gmp:libgmp))
694 $(eval $(call BuildPlugin,gmpdh,DH-Groups; no libgmp dep,))
695 $(eval $(call BuildPlugin,ha,high availability cluster,))
696 $(eval $(call BuildPlugin,hmac,HMAC crypto,))
697 $(eval $(call BuildPlugin,kernel-libipsec,libipsec kernel interface,))
698 $(eval $(call BuildPlugin,kernel-netlink,netlink kernel interface,))
699 $(eval $(call BuildPlugin,ldap,LDAP,+PACKAGE_strongswan-mod-ldap:libopenldap))
700 $(eval $(call BuildPlugin,led,LED blink on IKE activity,))
701 $(eval $(call BuildPlugin,load-tester,load testing,))
702 $(eval $(call BuildPlugin,nonce,nonce genereation,))
703 $(eval $(call BuildPlugin,md4,MD4 crypto,))
704 $(eval $(call BuildPlugin,md5,MD5 crypto,))
705 $(eval $(call BuildPlugin,mgf1,MGF1 crypto,))
706 $(eval $(call BuildPlugin,mysql,MySQL database interface,+strongswan-mod-sql +PACKAGE_strongswan-mod-mysql:libmysqlclient-r))
707 $(eval $(call BuildPlugin,newhope,New Hope crypto,+strongswan-libnttfft +strongswan-mod-chapoly +strongswan-mod-sha3))
708 $(eval $(call BuildPlugin,ntru,NTRU crypto,+strongswan-mod-mgf1))
709 $(eval $(call BuildPlugin,openssl,OpenSSL crypto,+PACKAGE_strongswan-mod-openssl:libopenssl))
710 $(eval $(call BuildPlugin,pem,PEM decoding,))
711 $(eval $(call BuildPlugin,pgp,PGP key decoding,))
712 $(eval $(call BuildPlugin,pkcs1,PKCS1 key decoding,))
713 $(eval $(call BuildPlugin,pkcs7,PKCS7 key decoding,))
714 $(eval $(call BuildPlugin,pkcs8,PKCS8 key decoding,))
715 $(eval $(call BuildPlugin,pkcs11,PKCS11 key decoding,))
716 $(eval $(call BuildPlugin,pkcs12,PKCS12 key decoding,))
717 $(eval $(call BuildPlugin,pubkey,raw public key,))
718 $(eval $(call BuildPlugin,random,RNG,))
719 $(eval $(call BuildPlugin,rc2,RC2 crypto,))
720 $(eval $(call BuildPlugin,resolve,DNS resolver,))
721 $(eval $(call BuildPlugin,revocation,X509 CRL/OCSP revocation,))
722 $(eval $(call BuildPlugin,sha1,SHA1 crypto,))
723 $(eval $(call BuildPlugin,sha2,SHA2 crypto,))
724 $(eval $(call BuildPlugin,sha3,SHA3 and SHAKE crypto,))
725 $(eval $(call BuildPlugin,smp,SMP configuration and control interface,+PACKAGE_strongswan-mod-smp:libxml2))
726 $(eval $(call BuildPlugin,socket-default,default socket implementation for charon,))
727 $(eval $(call BuildPlugin,socket-dynamic,dynamic socket implementation for charon,))
728 $(eval $(call BuildPlugin,sql,SQL database interface,))
729 $(eval $(call BuildPlugin,sqlite,SQLite database interface,+strongswan-mod-sql +PACKAGE_strongswan-mod-sqlite:libsqlite3))
730 $(eval $(call BuildPlugin,sshkey,SSH key decoding,))
731 $(eval $(call BuildPlugin,stroke,Stroke,+strongswan-charon +strongswan-ipsec))
732 $(eval $(call BuildPlugin,test-vectors,crypto test vectors,))
733 $(eval $(call BuildPlugin,uci,UCI config interface,+PACKAGE_strongswan-mod-uci:libuci))
734 $(eval $(call BuildPlugin,unity,Cisco Unity extension,))
735 $(eval $(call BuildPlugin,updown,updown firewall,+iptables +IPV6:ip6tables +iptables-mod-ipsec +kmod-ipt-ipsec))
736 $(eval $(call BuildPlugin,vici,Versatile IKE Configuration Interface,))
737 $(eval $(call BuildPlugin,whitelist,peer identity whitelisting,))
738 $(eval $(call BuildPlugin,x509,x509 certificate,))
739 $(eval $(call BuildPlugin,xauth-eap,EAP XAuth backend,))
740 $(eval $(call BuildPlugin,xauth-generic,generic XAuth backend,))
741 $(eval $(call BuildPlugin,xcbc,xcbc crypto,))
Mirror of packages feed