projects / feed / packages.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge pull request #19145 from Thermi/strongswan-5.9.7-model-kdf-dependencies
[feed/packages.git] / net / strongswan / Makefile
1 #
2 # Copyright (C) 2012-2018 OpenWrt.org
3 #
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
6 #
7
8 include $(TOPDIR)/rules.mk
9
10 PKG_NAME:=strongswan
11 PKG_VERSION:=5.9.7
12 PKG_RELEASE:=$(AUTORELEASE)
13
14 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
15 PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/
16 PKG_HASH:=9e64a2ba62efeac81abff1d962522404ebc6ed6c0d352a23ab7c0b2c639e3fcf
17 PKG_LICENSE:=GPL-2.0-or-later
18 PKG_MAINTAINER:=Philip Prindeville <philipp@redfish-solutions.com>, Noel Kuntze <noel.kuntze@thermi.consulting>
19 PKG_CPE_ID:=cpe:/a:strongswan:strongswan
20
21 PKG_MOD_AVAILABLE:= \
22 addrblock \
23 aes \
24 af-alg \
25 agent \
26 attr \
27 attr-sql \
28 bliss \
29 blowfish \
30 ccm \
31 chapoly \
32 cmac \
33 constraints \
34 connmark \
35 coupling \
36 ctr \
37 curl \
38 curve25519 \
39 des \
40 dhcp \
41 dnskey \
42 duplicheck \
43 eap-identity \
44 eap-md5 \
45 eap-mschapv2 \
46 eap-radius \
47 eap-tls \
48 farp \
49 fips-prf \
50 forecast \
51 gcm \
52 gcrypt \
53 gmp \
54 gmpdh \
55 ha \
56 hmac \
57 kernel-libipsec \
58 kernel-netlink \
59 ldap \
60 led \
61 load-tester \
62 nonce \
63 md4 \
64 md5 \
65 mgf1 \
66 mysql \
67 newhope \
68 ntru \
69 openssl \
70 pem \
71 pgp \
72 pkcs1 \
73 pkcs7 \
74 pkcs8 \
75 pkcs11 \
76 pkcs12 \
77 pubkey \
78 random \
79 rc2 \
80 resolve \
81 revocation \
82 sha1 \
83 sha2 \
84 sha3 \
85 smp \
86 socket-default \
87 socket-dynamic \
88 sql \
89 sqlite \
90 sshkey \
91 stroke \
92 test-vectors \
93 unity \
94 uci \
95 updown \
96 vici \
97 whitelist \
98 wolfssl \
99 x509 \
100 xauth-eap \
101 xauth-generic \
102 xcbc
103
104 PKG_CONFIG_DEPENDS:= \
105 CONFIG_STRONGSWAN_ROUTING_TABLE \
106 CONFIG_STRONGSWAN_ROUTING_TABLE_PRIO \
107 $(patsubst %,CONFIG_PACKAGE_strongswan-mod-%,$(PKG_MOD_AVAILABLE)) \
108
109 PKG_FIXUP:=autoreconf
110 PKG_INSTALL:=1
111 PKG_BUILD_PARALLEL:=1
112
113 include $(INCLUDE_DIR)/package.mk
114 # strongswan-mod-mysql needs iconv
115 include $(INCLUDE_DIR)/nls.mk
116
117 define Package/strongswan/Default
118 SUBMENU:=VPN
119 SECTION:=net
120 CATEGORY:=Network
121 TITLE:=StrongSwan
122 URL:=http://www.strongswan.org/
123 endef
124
125 define Package/strongswan/description/Default
126 StrongSwan is an OpenSource IPsec implementation for the Linux operating system.
127 endef
128
129 define Package/strongswan
130 $(call Package/strongswan/Default)
131 MENU:=1
132 DEPENDS:= +libpthread +ip \
133 +kmod-crypto-authenc \
134 +kmod-ipsec +kmod-ipsec4 +IPV6:kmod-ipsec6
135 endef
136
137 define Package/strongswan/config
138 source "$(SOURCE)/Config.in"
139 endef
140
141 define Package/strongswan/description
142 $(call Package/strongswan/description/Default)
143 This package contains shared libraries and scripts.
144 endef
145
146 define Package/strongswan-full
147 $(call Package/strongswan/Default)
148 TITLE+= (full)
149 DEPENDS:= strongswan \
150 +strongswan-charon \
151 +strongswan-charon-cmd \
152 +strongswan-ipsec \
153 +strongswan-libnttfft \
154 +strongswan-mod-addrblock \
155 +strongswan-mod-aes \
156 +strongswan-mod-af-alg \
157 +strongswan-mod-agent \
158 +strongswan-mod-attr \
159 +strongswan-mod-attr-sql \
160 +strongswan-mod-bliss \
161 +strongswan-mod-blowfish \
162 +strongswan-mod-ccm \
163 +strongswan-mod-chapoly \
164 +strongswan-mod-cmac \
165 +strongswan-mod-constraints \
166 +strongswan-mod-connmark \
167 +strongswan-mod-coupling \
168 +strongswan-mod-ctr \
169 +strongswan-mod-curl \
170 +strongswan-mod-curve25519 \
171 +strongswan-mod-des \
172 +strongswan-mod-dhcp \
173 +strongswan-mod-dnskey \
174 +strongswan-mod-drbg \
175 +strongswan-mod-duplicheck \
176 +strongswan-mod-eap-identity \
177 +strongswan-mod-eap-md5 \
178 +strongswan-mod-eap-mschapv2 \
179 +strongswan-mod-eap-radius \
180 +strongswan-mod-eap-tls \
181 +strongswan-mod-farp \
182 +strongswan-mod-fips-prf \
183 +strongswan-mod-forecast \
184 +strongswan-mod-gcm \
185 +strongswan-mod-gcrypt \
186 +strongswan-mod-gmp \
187 +strongswan-mod-ha \
188 +strongswan-mod-hmac \
189 +strongswan-mod-kdf \
190 +strongswan-mod-kernel-netlink \
191 +strongswan-mod-ldap \
192 +strongswan-mod-led \
193 +strongswan-mod-load-tester \
194 +strongswan-mod-nonce \
195 +strongswan-mod-md4 \
196 +strongswan-mod-md5 \
197 +strongswan-mod-mgf1 \
198 +strongswan-mod-mysql \
199 +strongswan-mod-newhope \
200 +strongswan-mod-ntru \
201 +strongswan-mod-openssl \
202 +strongswan-mod-pem \
203 +strongswan-mod-pgp \
204 +strongswan-mod-pkcs1 \
205 +strongswan-mod-pkcs7 \
206 +strongswan-mod-pkcs8 \
207 +strongswan-mod-pkcs11 \
208 +strongswan-mod-pkcs12 \
209 +strongswan-mod-pubkey \
210 +strongswan-mod-random \
211 +strongswan-mod-rc2 \
212 +strongswan-mod-resolve \
213 +strongswan-mod-revocation \
214 +strongswan-mod-sha1 \
215 +strongswan-mod-sha2 \
216 +strongswan-mod-sha3 \
217 +strongswan-mod-smp \
218 +strongswan-mod-socket-default \
219 +strongswan-mod-sql \
220 +strongswan-mod-sqlite \
221 +strongswan-mod-sshkey \
222 +strongswan-mod-stroke \
223 +strongswan-mod-test-vectors \
224 +strongswan-mod-uci \
225 +strongswan-mod-unity \
226 +strongswan-mod-updown \
227 +strongswan-mod-vici \
228 +strongswan-mod-whitelist \
229 +strongswan-mod-wolfssl \
230 +strongswan-mod-x509 \
231 +strongswan-mod-xauth-eap \
232 +strongswan-mod-xauth-generic \
233 +strongswan-mod-xcbc \
234 +strongswan-pki \
235 +strongswan-scepclient \
236 +strongswan-swanctl \
237 @DEVEL
238 endef
239
240 define Package/strongswan-full/description
241 $(call Package/strongswan/description/Default)
242 This meta-package contains dependencies for all of the strongswan plugins
243 except kernel-libipsec,
244 socket-dynamic and which are omitted in favor of the kernel-netlink and
245 socket-default plugins.
246 endef
247
248
249 define Package/strongswan-default
250 $(call Package/strongswan/Default)
251 TITLE+= (default)
252 DEPENDS:= strongswan \
253 +strongswan-charon \
254 +strongswan-mod-aes \
255 +strongswan-mod-attr \
256 +strongswan-mod-connmark \
257 +strongswan-mod-constraints \
258 +strongswan-mod-des \
259 +strongswan-mod-dnskey \
260 +strongswan-mod-fips-prf \
261 +strongswan-mod-gmp \
262 +strongswan-mod-hmac \
263 @(PACKAGE_strongswan-mod-kdf||PACKAGE_strongswan-mod-openssl||PACKAGE_strongswan-mod-wolfssl) \
264 +strongswan-mod-kernel-netlink \
265 +strongswan-mod-md5 \
266 +strongswan-mod-nonce \
267 +strongswan-mod-pem \
268 +strongswan-mod-pgp \
269 +strongswan-mod-pkcs1 \
270 +strongswan-mod-pubkey \
271 +strongswan-mod-random \
272 +strongswan-mod-rc2 \
273 +strongswan-mod-resolve \
274 +strongswan-mod-revocation \
275 +strongswan-mod-sha1 \
276 +strongswan-mod-sha2 \
277 +strongswan-mod-socket-default \
278 +strongswan-mod-sshkey \
279 +strongswan-mod-updown \
280 +strongswan-mod-x509 \
281 +strongswan-mod-xauth-generic \
282 +strongswan-mod-xcbc \
283 +strongswan-swanctl
284 endef
285
286 define Package/strongswan-default/description
287 $(call Package/strongswan/description/Default)
288 This meta-package contains only dependencies to match upstream defaults.
289 endef
290
291
292 define Package/strongswan-isakmp
293 $(call Package/strongswan/Default)
294 TITLE+= (isakmp)
295 DEPENDS:= strongswan \
296 +strongswan-charon \
297 +strongswan-ipsec \
298 +strongswan-mod-aes \
299 +strongswan-mod-des \
300 +strongswan-mod-gmpdh \
301 +strongswan-mod-hmac \
302 @(PACKAGE_strongswan-mod-kdf||PACKAGE_strongswan-mod-openssl||PACKAGE_strongswan-mod-wolfssl) \
303 +strongswan-mod-kernel-netlink \
304 +strongswan-mod-md5 \
305 +strongswan-mod-nonce \
306 +strongswan-mod-pubkey \
307 +strongswan-mod-random \
308 +strongswan-mod-sha1 \
309 +strongswan-mod-socket-default \
310 +strongswan-mod-stroke \
311 +strongswan-mod-uci \
312 +strongswan-mod-updown
313 endef
314
315 define Package/strongswan-isakmp/description
316 $(call Package/strongswan/description/Default)
317 This meta-package contains only dependencies to establish ISAKMP /
318 IKE PSK connections, dropping other capabilities in favor of small size
319 Can fit most routers even with 4Mb flash (after removing IPv6 support).
320 endef
321
322
323 define Package/strongswan-minimal
324 $(call Package/strongswan/Default)
325 TITLE+= (minimal)
326 DEPENDS:= strongswan \
327 +strongswan-charon \
328 +strongswan-mod-aes \
329 +strongswan-mod-gmp \
330 +strongswan-mod-hmac \
331 @(PACKAGE_strongswan-mod-kdf||PACKAGE_strongswan-mod-openssl||PACKAGE_strongswan-mod-wolfssl) \
332 +strongswan-mod-kernel-netlink \
333 +strongswan-mod-nonce \
334 +strongswan-mod-pubkey \
335 +strongswan-mod-random \
336 +strongswan-mod-sha1 \
337 +strongswan-mod-socket-default \
338 +strongswan-mod-stroke \
339 +strongswan-mod-updown \
340 +strongswan-mod-x509 \
341 +strongswan-mod-xcbc
342 endef
343
344 define Package/strongswan-minimal/description
345 $(call Package/strongswan/description/Default)
346 This meta-package contains only dependencies for a minimal IKEv2 setup.
347 endef
348
349 define Package/strongswan-charon
350 $(call Package/strongswan/Default)
351 TITLE+= IKEv1/IKEv2 keying daemon
352 DEPENDS:= strongswan
353 endef
354
355 define Package/strongswan-charon/description
356 $(call Package/strongswan/description/Default)
357 This package contains charon, an IKEv2 keying daemon.
358 endef
359
360 define Package/strongswan-charon-cmd
361 $(call Package/strongswan/Default)
362 TITLE+= charon-cmd utility
363 DEPENDS:= strongswan +strongswan-charon
364 endef
365
366 define Package/strongswan-charon-cmd/description
367 $(call Package/strongswan/description/Default)
368 This package contains the charon-cmd utility.
369 endef
370
371 define Package/strongswan-ipsec
372 $(call Package/strongswan/Default)
373 TITLE+= utilities
374 DEPENDS:= strongswan
375 endef
376
377 define Package/strongswan-ipsec/description
378 $(call Package/strongswan/description/Default)
379 This package contains the ipsec utility.
380 endef
381
382 define Package/strongswan-libnttfft
383 $(call Package/strongswan/Default)
384 TITLE+= nttfft library
385 DEPENDS:= strongswan
386 endef
387
388 define Package/strongswan-libnttfft/description
389 $(call Package/strongswan/description/Default)
390 This package contains the Number Theoretic Transforms library.
391 endef
392
393 define Package/strongswan-pki
394 $(call Package/strongswan/Default)
395 TITLE+= PKI tool
396 DEPENDS:= strongswan
397 endef
398
399 define Package/strongswan-pki/description
400 $(call Package/strongswan/description/Default)
401 This package contains the pki tool.
402 endef
403
404 define Package/strongswan-scepclient
405 $(call Package/strongswan/Default)
406 TITLE+= SCEP client
407 DEPENDS:= strongswan
408 endef
409
410 define Package/strongswan-scepclient/description
411 $(call Package/strongswan/description/Default)
412 This package contains the SCEP client.
413 endef
414
415 define Package/strongswan-swanctl
416 $(call Package/strongswan/Default)
417 TITLE+= swanctl utility
418 DEPENDS:= strongswan +strongswan-mod-vici
419 endef
420
421 define Package/strongswan-swanctl/description
422 $(call Package/strongswan/description/Default)
423 This package contains the swanctl utility.
424 endef
425
426 define Package/strongswan-gencerts
427 $(call Package/strongswan/Default)
428 TITLE+= X.509 certificate generation utility
429 DEPENDS:= strongswan +strongswan-pki bash
430 endef
431
432 define Package/strongswan-gencerts/description
433 $(call Package/strongswan/description/Default)
434 This package contains the X.509 certificate generation utility.
435 endef
436
437 define Package/strongswan-libtls
438 $(call Package/strongswan/Default)
439 TITLE+= libtls
440 DEPENDS:= strongswan
441 endef
442
443 define Package/strongswan-libtls/description
444 $(call Package/strongswan/description/Default)
445 This package contains libtls for strongSwan plugins eap-tls, eap-ttls,
446 eap-peap, tnc-tnccs
447 endef
448
449 define BuildPlugin
450 define Package/strongswan-mod-$(1)
451 $$(call Package/strongswan/Default)
452 TITLE:= StrongSwan $(2) plugin
453 DEPENDS:= strongswan $(3)
454 endef
455
456 define Package/strongswan-mod-$(1)/install
457 $(INSTALL_DIR) $$(1)/etc/strongswan.d/charon
458 if [ -f $(PKG_INSTALL_DIR)/etc/strongswan.d/charon/$(1).conf ]; then \
459 $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon/$(1).conf $$(1)/etc/strongswan.d/charon/; fi
460 $(INSTALL_DIR) $$(1)/usr/lib/ipsec/plugins
461 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-$(1).so \
462 $$(1)/usr/lib/ipsec/plugins/
463 $(call Plugin/$(1)/install,$$(1))
464 endef
465
466 $$(eval $$(call BuildPackage,strongswan-mod-$(1)))
467 endef
468
469 CONFIGURE_ARGS+= \
470 --disable-scripts \
471 --disable-static \
472 --disable-fast \
473 --enable-mgf1 \
474 --enable-mediation \
475 --with-systemdsystemunitdir=no \
476 $(if $(CONFIG_PACKAGE_strongswan-charon-cmd),--enable-cmd,--disable-cmd) \
477 $(if $(CONFIG_PACKAGE_strongswan-pki),--enable-pki,--disable-pki) \
478 $(if $(CONFIG_PACKAGE_strongswan-scepclient),--enable-scepclient,--disable-scepclient) \
479 --with-random-device=/dev/random \
480 --with-urandom-device=/dev/urandom \
481 --with-routing-table="$(call qstrip,$(CONFIG_STRONGSWAN_ROUTING_TABLE))" \
482 --with-routing-table-prio="$(call qstrip,$(CONFIG_STRONGSWAN_ROUTING_TABLE_PRIO))" \
483 $(foreach m,$(PKG_MOD_AVAILABLE), \
484 $(if $(CONFIG_PACKAGE_strongswan-mod-$(m)),--enable-$(m),--disable-$(m)) \
485 ) \
486 ac_cv_search___atomic_load=no
487
488 define Package/strongswan/conffiles
489 /etc/strongswan.conf
490 /etc/strongswan.d/
491 endef
492
493 define Package/strongswan/install
494 $(INSTALL_DIR) $(1)/etc
495 $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/strongswan.conf $(1)/etc/
496 echo -e "\ninclude /var/ipsec/strongswan.conf" >> $(1)/etc/strongswan.conf
497 $(INSTALL_DIR) $(1)/usr/lib/ipsec
498 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libstrongswan.so.* $(1)/usr/lib/ipsec/
499 endef
500
501 define Package/strongswan-default/install
502 true
503 endef
504
505 define Package/strongswan-full/install
506 true
507 endef
508
509 define Package/strongswan-isakmp/install
510 true
511 endef
512
513 define Package/strongswan-minimal/install
514 true
515 endef
516
517 define Package/strongswan-charon/install
518 $(INSTALL_DIR) $(1)/etc/strongswan.d
519 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon.conf $(1)/etc/strongswan.d
520 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon-logging.conf $(1)/etc/strongswan.d
521 $(INSTALL_DIR) $(1)/usr/lib/ipsec
522 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/charon $(1)/usr/lib/ipsec/
523 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libcharon.so.* $(1)/usr/lib/ipsec/
524 endef
525
526 define Package/strongswan-charon-cmd/install
527 $(INSTALL_DIR) $(1)/usr/sbin
528 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/charon-cmd $(1)/usr/sbin/
529 endef
530
531 define Package/strongswan-ipsec/conffiles
532 /etc/ipsec.d/
533 /etc/ipsec.conf
534 /etc/ipsec.secrets
535 /etc/ipsec.user
536 endef
537
538 define Package/strongswan-ipsec/install
539 $(INSTALL_DIR) $(1)/etc/ $(1)/usr/sbin
540 $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/ipsec.conf $(1)/etc/
541 echo -e "\ninclude /var/ipsec/ipsec.conf" >> $(1)/etc/ipsec.conf
542 $(INSTALL_CONF) ./files/ipsec.secrets $(1)/etc/
543 echo -e "\ninclude /var/ipsec/ipsec.secrets" >> $(1)/etc/ipsec.secrets
544 $(INSTALL_CONF) ./files/ipsec.user $(1)/etc/
545 $(INSTALL_DIR) $(1)/etc/init.d
546 $(INSTALL_BIN) ./files/ipsec.init $(1)/etc/init.d/ipsec
547 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ipsec $(1)/usr/sbin/
548 endef
549
550 define Package/strongswan-ipsec/postinst
551 #!/bin/sh
552
553 [ -z "$${IPKG_INSTROOT}" ] || exit 0
554
555 opkg list-changed-conffiles | grep -qx /etc/ipsec.conf || {
556 rm -f /etc/ipsec.conf-opkg
557 }
558 endef
559
560 define Package/strongswan-libnttfft/install
561 $(INSTALL_DIR) $(1)/usr/lib/ipsec
562 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libnttfft.so.* $(1)/usr/lib/ipsec/
563 endef
564
565 define Package/strongswan-pki/install
566 $(INSTALL_DIR) $(1)/etc/strongswan.d
567 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/pki.conf $(1)/etc/strongswan.d/
568 $(INSTALL_DIR) $(1)/usr/bin
569 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/pki $(1)/usr/bin/
570 endef
571
572 define Package/strongswan-scepclient/install
573 $(INSTALL_DIR) $(1)/etc/strongswan.d
574 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/scepclient.conf $(1)/etc/strongswan.d/
575 $(INSTALL_DIR) $(1)/usr/lib/ipsec
576 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/scepclient $(1)/usr/lib/ipsec/
577 endef
578
579 define Package/strongswan-swanctl/conffiles
580 /etc/config/ipsec
581 /etc/swanctl/
582 endef
583
584 define Package/strongswan-swanctl/install
585 $(INSTALL_DIR) $(1)/etc/init.d
586 $(INSTALL_DIR) $(1)/etc/swanctl/{bliss,conf.d,ecdsa,pkcs{12,8},private,pubkey,rsa}
587 $(INSTALL_DIR) $(1)/etc/swanctl/x509{,aa,ac,ca,crl,ocsp}
588 $(CP) $(PKG_INSTALL_DIR)/etc/swanctl/swanctl.conf $(1)/etc/swanctl/
589 echo "include /var/swanctl/swanctl.conf" >> $(1)/etc/swanctl/swanctl.conf
590 $(INSTALL_DIR) $(1)/usr/sbin
591 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/swanctl $(1)/usr/sbin/
592 $(INSTALL_BIN) ./files/swanctl.init $(1)/etc/init.d/swanctl
593 endef
594
595 define Package/strongswan-gencerts/install
596 $(INSTALL_DIR) $(1)/usr/bin
597 $(INSTALL_BIN) ./files/gencerts.sh $(1)/usr/bin/gencerts
598 endef
599
600 define Package/strongswan-libtls/install
601 $(INSTALL_DIR) $(1)/usr/lib/ipsec
602 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libtls.so.* $(1)/usr/lib/ipsec/
603 endef
604
605 define Plugin/duplicheck/install
606 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
607 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/duplicheck $(1)/usr/lib/ipsec/
608 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-duplicheck.so $(1)/usr/lib/ipsec/plugins/
609 endef
610
611 define Plugin/eap-radius/install
612 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
613 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libradius.so.* $(1)/usr/lib/ipsec/
614 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-eap-radius.so $(1)/usr/lib/ipsec/plugins/
615 endef
616
617 define Plugin/attr-sql/install
618 $(INSTALL_DIR) $(1)/usr/lib/ipsec
619 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/pool $(1)/usr/lib/ipsec/
620 endef
621
622 define Plugin/stroke/install
623 $(INSTALL_DIR) $(1)/etc/ipsec.d/{aacerts,acerts,cacerts,certs,crls,ocspcerts,private,reqs}
624
625 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
626 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{starter,stroke} $(1)/usr/lib/ipsec/
627 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-stroke.so $(1)/usr/lib/ipsec/plugins/
628 endef
629
630 define Plugin/updown/install
631 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
632 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/_updown $(1)/usr/lib/ipsec/
633 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-updown.so $(1)/usr/lib/ipsec/plugins/
634 $(INSTALL_DIR) $(1)/etc/hotplug.d/ipsec
635 $(CP) ./files/etc/hotplug.d/ipsec/01-user \
636 $(1)/etc/hotplug.d/ipsec/01-user
637 endef
638
639 define Plugin/vici/install
640 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
641 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libvici.so.* $(1)/usr/lib/ipsec/
642 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-vici.so $(1)/usr/lib/ipsec/plugins/
643 endef
644
645 define Plugin/whitelist/install
646 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
647 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/whitelist $(1)/usr/lib/ipsec/
648 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-whitelist.so $(1)/usr/lib/ipsec/plugins/
649 endef
650
651 define Plugin/kernel-libipsec/install
652 $(INSTALL_DIR) $(1)/usr/lib/ipsec
653 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libipsec.so.* $(1)/usr/lib/ipsec/
654 endef
655
656 $(eval $(call BuildPackage,strongswan))
657 $(eval $(call BuildPackage,strongswan-default))
658 $(eval $(call BuildPackage,strongswan-full))
659 $(eval $(call BuildPackage,strongswan-minimal))
660 $(eval $(call BuildPackage,strongswan-isakmp))
661 $(eval $(call BuildPackage,strongswan-charon))
662 $(eval $(call BuildPackage,strongswan-charon-cmd))
663 $(eval $(call BuildPackage,strongswan-ipsec))
664 $(eval $(call BuildPackage,strongswan-libnttfft))
665 $(eval $(call BuildPackage,strongswan-pki))
666 $(eval $(call BuildPackage,strongswan-scepclient))
667 $(eval $(call BuildPackage,strongswan-swanctl))
668 $(eval $(call BuildPackage,strongswan-gencerts))
669 $(eval $(call BuildPackage,strongswan-libtls))
670 $(eval $(call BuildPlugin,addrblock,RFC 3779 address block constraint support,))
671 $(eval $(call BuildPlugin,aes,AES crypto,))
672 $(eval $(call BuildPlugin,af-alg,AF_ALG crypto interface to Linux Crypto API,+kmod-crypto-user))
673 $(eval $(call BuildPlugin,agent,SSH agent signing,))
674 $(eval $(call BuildPlugin,attr,file based config,))
675 $(eval $(call BuildPlugin,attr-sql,SQL based config,+strongswan-charon))
676 $(eval $(call BuildPlugin,bliss,BLISS crypto,+strongswan-libnttfft +strongswan-mod-mgf1 +strongswan-mod-hmac))
677 $(eval $(call BuildPlugin,blowfish,Blowfish crypto,))
678 $(eval $(call BuildPlugin,ccm,CCM AEAD wrapper crypto,))
679 $(eval $(call BuildPlugin,chapoly,ChaCha20-Poly1305 AEAD crypto,+kmod-crypto-chacha20poly1305))
680 $(eval $(call BuildPlugin,cmac,CMAC crypto,))
681 $(eval $(call BuildPlugin,connmark,netfilter connection marking,+libip4tc))
682 $(eval $(call BuildPlugin,constraints,advanced X509 constraint checking,))
683 $(eval $(call BuildPlugin,coupling,IKEv2 plugin to couple peer certificates permanently to authentication,))
684 $(eval $(call BuildPlugin,ctr,Counter Mode wrapper crypto,))
685 $(eval $(call BuildPlugin,curl,cURL fetcher plugin,+PACKAGE_strongswan-mod-curl:libcurl))
686 $(eval $(call BuildPlugin,curve25519,Curve25519 Diffie-Hellman,))
687 $(eval $(call BuildPlugin,des,DES crypto,))
688 $(eval $(call BuildPlugin,dhcp,DHCP based attribute provider,))
689 $(eval $(call BuildPlugin,dnskey,DNS RR key decoding,))
690 $(eval $(call BuildPlugin,drbg,Deterministic random bit generator,,))
691 $(eval $(call BuildPlugin,duplicheck,advanced duplicate checking,))
692 $(eval $(call BuildPlugin,eap-identity,EAP identity helper,))
693 $(eval $(call BuildPlugin,eap-md5,EAP MD5 (CHAP) EAP auth,))
694 $(eval $(call BuildPlugin,eap-mschapv2,EAP MS-CHAPv2 EAP auth,+strongswan-mod-md4 +strongswan-mod-des))
695 $(eval $(call BuildPlugin,eap-radius,EAP RADIUS auth,))
696 $(eval $(call BuildPlugin,eap-tls,EAP TLS auth,+strongswan-libtls))
697 $(eval $(call BuildPlugin,farp,fake arp respsonses,))
698 $(eval $(call BuildPlugin,fips-prf,FIPS PRF crypto,+strongswan-mod-sha1))
699 $(eval $(call BuildPlugin,forecast,forward multi/broadcast traffic,+libip4tc +kmod-ipt-conntrack-extra))
700 $(eval $(call BuildPlugin,gcm,GCM AEAD wrapper crypto,))
701 $(eval $(call BuildPlugin,gcrypt,libgcrypt,+PACKAGE_strongswan-mod-gcrypt:libgcrypt))
702 $(eval $(call BuildPlugin,gmp,libgmp,+PACKAGE_strongswan-mod-gmp:libgmp))
703 $(eval $(call BuildPlugin,gmpdh,DH-Groups; no libgmp dep,))
704 $(eval $(call BuildPlugin,ha,high availability cluster,))
705 $(eval $(call BuildPlugin,hmac,HMAC crypto,))
706 $(eval $(call BuildPlugin,kdf,KDF/PRF+,))
707 $(eval $(call BuildPlugin,kernel-libipsec,libipsec kernel interface,))
708 $(eval $(call BuildPlugin,kernel-netlink,netlink kernel interface,))
709 $(eval $(call BuildPlugin,ldap,LDAP,+PACKAGE_strongswan-mod-ldap:libopenldap))
710 $(eval $(call BuildPlugin,led,LED blink on IKE activity,))
711 $(eval $(call BuildPlugin,load-tester,load testing,))
712 $(eval $(call BuildPlugin,nonce,nonce genereation,))
713 $(eval $(call BuildPlugin,md4,MD4 crypto,))
714 $(eval $(call BuildPlugin,md5,MD5 crypto,))
715 $(eval $(call BuildPlugin,mgf1,MGF1 crypto,))
716 $(eval $(call BuildPlugin,mysql,MySQL database interface,+strongswan-mod-sql +PACKAGE_strongswan-mod-mysql:libmysqlclient-r))
717 $(eval $(call BuildPlugin,newhope,New Hope crypto,+strongswan-libnttfft +strongswan-mod-chapoly +strongswan-mod-sha3))
718 $(eval $(call BuildPlugin,ntru,NTRU crypto,+strongswan-mod-mgf1))
719 $(eval $(call BuildPlugin,openssl,OpenSSL crypto,+PACKAGE_strongswan-mod-openssl:libopenssl))
720 $(eval $(call BuildPlugin,pem,PEM decoding,))
721 $(eval $(call BuildPlugin,pgp,PGP key decoding,))
722 $(eval $(call BuildPlugin,pkcs1,PKCS1 key decoding,))
723 $(eval $(call BuildPlugin,pkcs7,PKCS7 key decoding,))
724 $(eval $(call BuildPlugin,pkcs8,PKCS8 key decoding,))
725 $(eval $(call BuildPlugin,pkcs11,PKCS11 key decoding,))
726 $(eval $(call BuildPlugin,pkcs12,PKCS12 key decoding,))
727 $(eval $(call BuildPlugin,pubkey,raw public key,))
728 $(eval $(call BuildPlugin,random,RNG,))
729 $(eval $(call BuildPlugin,rc2,RC2 crypto,))
730 $(eval $(call BuildPlugin,resolve,DNS resolver,))
731 $(eval $(call BuildPlugin,revocation,X509 CRL/OCSP revocation,))
732 $(eval $(call BuildPlugin,sha1,SHA1 crypto,))
733 $(eval $(call BuildPlugin,sha2,SHA2 crypto,))
734 $(eval $(call BuildPlugin,sha3,SHA3 and SHAKE crypto,))
735 $(eval $(call BuildPlugin,smp,SMP configuration and control interface,+PACKAGE_strongswan-mod-smp:libxml2))
736 $(eval $(call BuildPlugin,socket-default,default socket implementation for charon,))
737 $(eval $(call BuildPlugin,socket-dynamic,dynamic socket implementation for charon,))
738 $(eval $(call BuildPlugin,sql,SQL database interface,))
739 $(eval $(call BuildPlugin,sqlite,SQLite database interface,+strongswan-mod-sql +PACKAGE_strongswan-mod-sqlite:libsqlite3))
740 $(eval $(call BuildPlugin,sshkey,SSH key decoding,))
741 $(eval $(call BuildPlugin,stroke,Stroke,+strongswan-charon +strongswan-ipsec))
742 $(eval $(call BuildPlugin,test-vectors,crypto test vectors,))
743 $(eval $(call BuildPlugin,uci,UCI config interface,+PACKAGE_strongswan-mod-uci:libuci))
744 $(eval $(call BuildPlugin,unity,Cisco Unity extension,))
745 $(eval $(call BuildPlugin,updown,updown firewall,+iptables +IPV6:ip6tables +iptables-mod-ipsec +kmod-ipt-ipsec))
746 $(eval $(call BuildPlugin,vici,Versatile IKE Configuration Interface,))
747 $(eval $(call BuildPlugin,whitelist,peer identity whitelisting,))
748 $(eval $(call BuildPlugin,wolfssl,WolfSSL crypto,+PACKAGE_strongswan-mod-wolfssl:libwolfssl))
749 $(eval $(call BuildPlugin,x509,x509 certificate,))
750 $(eval $(call BuildPlugin,xauth-eap,EAP XAuth backend,))
751 $(eval $(call BuildPlugin,xauth-generic,generic XAuth backend,))
752 $(eval $(call BuildPlugin,xcbc,xcbc crypto,))
Mirror of packages feed