projects / feed / packages.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge pull request #16367 from pprindeville/strongswan-mod-socket-dep
[feed/packages.git] / net / strongswan / Makefile
1 #
2 # Copyright (C) 2012-2018 OpenWrt.org
3 #
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
6 #
7
8 include $(TOPDIR)/rules.mk
9
10 PKG_NAME:=strongswan
11 PKG_VERSION:=5.9.7
12 PKG_RELEASE:=$(AUTORELEASE)
13
14 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
15 PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/
16 PKG_HASH:=9e64a2ba62efeac81abff1d962522404ebc6ed6c0d352a23ab7c0b2c639e3fcf
17 PKG_LICENSE:=GPL-2.0-or-later
18 PKG_MAINTAINER:=Philip Prindeville <philipp@redfish-solutions.com>, Noel Kuntze <noel.kuntze@thermi.consulting>
19 PKG_CPE_ID:=cpe:/a:strongswan:strongswan
20
21 PKG_MOD_AVAILABLE:= \
22 addrblock \
23 aes \
24 af-alg \
25 agent \
26 attr \
27 attr-sql \
28 bliss \
29 blowfish \
30 ccm \
31 chapoly \
32 cmac \
33 constraints \
34 connmark \
35 coupling \
36 ctr \
37 curl \
38 curve25519 \
39 des \
40 dhcp \
41 dnskey \
42 duplicheck \
43 eap-identity \
44 eap-md5 \
45 eap-mschapv2 \
46 eap-radius \
47 eap-tls \
48 farp \
49 fips-prf \
50 forecast \
51 gcm \
52 gcrypt \
53 gmp \
54 gmpdh \
55 ha \
56 hmac \
57 kernel-libipsec \
58 kernel-netlink \
59 ldap \
60 led \
61 load-tester \
62 nonce \
63 md4 \
64 md5 \
65 mgf1 \
66 mysql \
67 newhope \
68 ntru \
69 openssl \
70 pem \
71 pgp \
72 pkcs1 \
73 pkcs7 \
74 pkcs8 \
75 pkcs11 \
76 pkcs12 \
77 pubkey \
78 random \
79 rc2 \
80 resolve \
81 revocation \
82 sha1 \
83 sha2 \
84 sha3 \
85 smp \
86 socket-default \
87 socket-dynamic \
88 sql \
89 sqlite \
90 sshkey \
91 stroke \
92 test-vectors \
93 unity \
94 uci \
95 updown \
96 vici \
97 whitelist \
98 wolfssl \
99 x509 \
100 xauth-eap \
101 xauth-generic \
102 xcbc
103
104 PKG_CONFIG_DEPENDS:= \
105 CONFIG_STRONGSWAN_ROUTING_TABLE \
106 CONFIG_STRONGSWAN_ROUTING_TABLE_PRIO \
107 $(patsubst %,CONFIG_PACKAGE_strongswan-mod-%,$(PKG_MOD_AVAILABLE)) \
108
109 PKG_FIXUP:=autoreconf
110 PKG_INSTALL:=1
111 PKG_BUILD_PARALLEL:=1
112
113 include $(INCLUDE_DIR)/package.mk
114 # strongswan-mod-mysql needs iconv
115 include $(INCLUDE_DIR)/nls.mk
116
117 define Package/strongswan/Default
118 SUBMENU:=VPN
119 SECTION:=net
120 CATEGORY:=Network
121 TITLE:=StrongSwan
122 URL:=http://www.strongswan.org/
123 endef
124
125 define Package/strongswan/description/Default
126 StrongSwan is an OpenSource IPsec implementation for the Linux operating system.
127 endef
128
129 define Package/strongswan
130 $(call Package/strongswan/Default)
131 MENU:=1
132 DEPENDS:= +libpthread +ip \
133 +kmod-crypto-authenc \
134 +kmod-ipsec +kmod-ipsec4 +IPV6:kmod-ipsec6
135 endef
136
137 define Package/strongswan/config
138 source "$(SOURCE)/Config.in"
139 endef
140
141 define Package/strongswan/description
142 $(call Package/strongswan/description/Default)
143 This package contains shared libraries and scripts.
144 endef
145
146 define Package/strongswan-full
147 $(call Package/strongswan/Default)
148 TITLE+= (full)
149 DEPENDS:= strongswan \
150 +strongswan-charon \
151 +strongswan-charon-cmd \
152 +strongswan-ipsec \
153 +strongswan-libnttfft \
154 +strongswan-mod-addrblock \
155 +strongswan-mod-aes \
156 +strongswan-mod-af-alg \
157 +strongswan-mod-agent \
158 +strongswan-mod-attr \
159 +strongswan-mod-attr-sql \
160 +strongswan-mod-bliss \
161 +strongswan-mod-blowfish \
162 +strongswan-mod-ccm \
163 +strongswan-mod-chapoly \
164 +strongswan-mod-cmac \
165 +strongswan-mod-constraints \
166 +strongswan-mod-connmark \
167 +strongswan-mod-coupling \
168 +strongswan-mod-ctr \
169 +strongswan-mod-curl \
170 +strongswan-mod-curve25519 \
171 +strongswan-mod-des \
172 +strongswan-mod-dhcp \
173 +strongswan-mod-dnskey \
174 +strongswan-mod-drbg \
175 +strongswan-mod-duplicheck \
176 +strongswan-mod-eap-identity \
177 +strongswan-mod-eap-md5 \
178 +strongswan-mod-eap-mschapv2 \
179 +strongswan-mod-eap-radius \
180 +strongswan-mod-eap-tls \
181 +strongswan-mod-farp \
182 +strongswan-mod-fips-prf \
183 +strongswan-mod-forecast \
184 +strongswan-mod-gcm \
185 +strongswan-mod-gcrypt \
186 +strongswan-mod-gmp \
187 +strongswan-mod-ha \
188 +strongswan-mod-hmac \
189 +strongswan-mod-kdf \
190 +strongswan-mod-kernel-netlink \
191 +strongswan-mod-ldap \
192 +strongswan-mod-led \
193 +strongswan-mod-load-tester \
194 +strongswan-mod-nonce \
195 +strongswan-mod-md4 \
196 +strongswan-mod-md5 \
197 +strongswan-mod-mgf1 \
198 +strongswan-mod-mysql \
199 +strongswan-mod-newhope \
200 +strongswan-mod-ntru \
201 +strongswan-mod-openssl \
202 +strongswan-mod-pem \
203 +strongswan-mod-pgp \
204 +strongswan-mod-pkcs1 \
205 +strongswan-mod-pkcs7 \
206 +strongswan-mod-pkcs8 \
207 +strongswan-mod-pkcs11 \
208 +strongswan-mod-pkcs12 \
209 +strongswan-mod-pubkey \
210 +strongswan-mod-random \
211 +strongswan-mod-rc2 \
212 +strongswan-mod-resolve \
213 +strongswan-mod-revocation \
214 +strongswan-mod-sha1 \
215 +strongswan-mod-sha2 \
216 +strongswan-mod-sha3 \
217 +strongswan-mod-smp \
218 +strongswan-mod-socket-default \
219 +strongswan-mod-sql \
220 +strongswan-mod-sqlite \
221 +strongswan-mod-sshkey \
222 +strongswan-mod-stroke \
223 +strongswan-mod-test-vectors \
224 +strongswan-mod-uci \
225 +strongswan-mod-unity \
226 +strongswan-mod-updown \
227 +strongswan-mod-vici \
228 +strongswan-mod-whitelist \
229 +strongswan-mod-wolfssl \
230 +strongswan-mod-x509 \
231 +strongswan-mod-xauth-eap \
232 +strongswan-mod-xauth-generic \
233 +strongswan-mod-xcbc \
234 +strongswan-pki \
235 +strongswan-scepclient \
236 +strongswan-swanctl \
237 @DEVEL
238 endef
239
240 define Package/strongswan-full/description
241 $(call Package/strongswan/description/Default)
242 This meta-package contains dependencies for all of the strongswan plugins
243 except kernel-libipsec,
244 socket-dynamic and which are omitted in favor of the kernel-netlink and
245 socket-default plugins.
246 endef
247
248
249 define Package/strongswan-default
250 $(call Package/strongswan/Default)
251 TITLE+= (default)
252 DEPENDS:= strongswan \
253 +strongswan-charon \
254 +strongswan-mod-aes \
255 +strongswan-mod-attr \
256 +strongswan-mod-connmark \
257 +strongswan-mod-constraints \
258 +strongswan-mod-des \
259 +strongswan-mod-dnskey \
260 +strongswan-mod-fips-prf \
261 +strongswan-mod-gmp \
262 +strongswan-mod-hmac \
263 @(PACKAGE_strongswan-mod-kdf||PACKAGE_strongswan-mod-openssl||PACKAGE_strongswan-mod-wolfssl) \
264 +strongswan-mod-kernel-netlink \
265 +strongswan-mod-md5 \
266 +strongswan-mod-mgf1 \
267 +strongswan-mod-nonce \
268 +strongswan-mod-pem \
269 +strongswan-mod-pgp \
270 +strongswan-mod-pkcs1 \
271 +strongswan-mod-pubkey \
272 +strongswan-mod-random \
273 +strongswan-mod-rc2 \
274 +strongswan-mod-resolve \
275 +strongswan-mod-revocation \
276 +strongswan-mod-sha1 \
277 +strongswan-mod-sha2 \
278 +strongswan-mod-socket-default \
279 +strongswan-mod-sshkey \
280 +strongswan-mod-updown \
281 +strongswan-mod-x509 \
282 +strongswan-mod-xauth-generic \
283 +strongswan-mod-xcbc \
284 +strongswan-swanctl
285 endef
286
287 define Package/strongswan-default/description
288 $(call Package/strongswan/description/Default)
289 This meta-package contains only dependencies to match upstream defaults.
290 endef
291
292
293 define Package/strongswan-isakmp
294 $(call Package/strongswan/Default)
295 TITLE+= (isakmp)
296 DEPENDS:= strongswan \
297 +strongswan-charon \
298 +strongswan-ipsec \
299 +strongswan-mod-aes \
300 +strongswan-mod-des \
301 +strongswan-mod-gmpdh \
302 +strongswan-mod-hmac \
303 @(PACKAGE_strongswan-mod-kdf||PACKAGE_strongswan-mod-openssl||PACKAGE_strongswan-mod-wolfssl) \
304 +strongswan-mod-kernel-netlink \
305 +strongswan-mod-md5 \
306 +strongswan-mod-mgf1 \
307 +strongswan-mod-nonce \
308 +strongswan-mod-pubkey \
309 +strongswan-mod-random \
310 +strongswan-mod-sha1 \
311 +strongswan-mod-socket-default \
312 +strongswan-mod-stroke \
313 +strongswan-mod-uci \
314 +strongswan-mod-updown
315 endef
316
317 define Package/strongswan-isakmp/description
318 $(call Package/strongswan/description/Default)
319 This meta-package contains only dependencies to establish ISAKMP /
320 IKE PSK connections, dropping other capabilities in favor of small size
321 Can fit most routers even with 4Mb flash (after removing IPv6 support).
322 endef
323
324
325 define Package/strongswan-minimal
326 $(call Package/strongswan/Default)
327 TITLE+= (minimal)
328 DEPENDS:= strongswan \
329 +strongswan-charon \
330 +strongswan-mod-aes \
331 +strongswan-mod-gmp \
332 +strongswan-mod-hmac \
333 @(PACKAGE_strongswan-mod-kdf||PACKAGE_strongswan-mod-openssl||PACKAGE_strongswan-mod-wolfssl) \
334 +strongswan-mod-kernel-netlink \
335 +strongswan-mod-mgf1 \
336 +strongswan-mod-nonce \
337 +strongswan-mod-pubkey \
338 +strongswan-mod-random \
339 +strongswan-mod-sha1 \
340 +strongswan-mod-socket-default \
341 +strongswan-mod-stroke \
342 +strongswan-mod-updown \
343 +strongswan-mod-x509 \
344 +strongswan-mod-xcbc
345 endef
346
347 define Package/strongswan-minimal/description
348 $(call Package/strongswan/description/Default)
349 This meta-package contains only dependencies for a minimal IKEv2 setup.
350 endef
351
352 define Package/strongswan-charon
353 $(call Package/strongswan/Default)
354 TITLE+= IKEv1/IKEv2 keying daemon
355 DEPENDS:= strongswan strongswan-mod-socket
356 endef
357
358 define Package/strongswan-charon/description
359 $(call Package/strongswan/description/Default)
360 This package contains charon, an IKEv2 keying daemon.
361 endef
362
363 define Package/strongswan-charon-cmd
364 $(call Package/strongswan/Default)
365 TITLE+= charon-cmd utility
366 DEPENDS:= strongswan +strongswan-charon
367 endef
368
369 define Package/strongswan-charon-cmd/description
370 $(call Package/strongswan/description/Default)
371 This package contains the charon-cmd utility.
372 endef
373
374 define Package/strongswan-ipsec
375 $(call Package/strongswan/Default)
376 TITLE+= utilities
377 DEPENDS:= strongswan
378 endef
379
380 define Package/strongswan-ipsec/description
381 $(call Package/strongswan/description/Default)
382 This package contains the ipsec utility.
383 endef
384
385 define Package/strongswan-libnttfft
386 $(call Package/strongswan/Default)
387 TITLE+= nttfft library
388 DEPENDS:= strongswan
389 endef
390
391 define Package/strongswan-libnttfft/description
392 $(call Package/strongswan/description/Default)
393 This package contains the Number Theoretic Transforms library.
394 endef
395
396 define Package/strongswan-pki
397 $(call Package/strongswan/Default)
398 TITLE+= PKI tool
399 DEPENDS:= strongswan
400 endef
401
402 define Package/strongswan-pki/description
403 $(call Package/strongswan/description/Default)
404 This package contains the pki tool.
405 endef
406
407 define Package/strongswan-scepclient
408 $(call Package/strongswan/Default)
409 TITLE+= SCEP client
410 DEPENDS:= strongswan
411 endef
412
413 define Package/strongswan-scepclient/description
414 $(call Package/strongswan/description/Default)
415 This package contains the SCEP client.
416 endef
417
418 define Package/strongswan-swanctl
419 $(call Package/strongswan/Default)
420 TITLE+= swanctl utility
421 DEPENDS:= strongswan +strongswan-mod-vici
422 endef
423
424 define Package/strongswan-swanctl/description
425 $(call Package/strongswan/description/Default)
426 This package contains the swanctl utility.
427 endef
428
429 define Package/strongswan-gencerts
430 $(call Package/strongswan/Default)
431 TITLE+= X.509 certificate generation utility
432 DEPENDS:= strongswan +strongswan-pki bash
433 endef
434
435 define Package/strongswan-gencerts/description
436 $(call Package/strongswan/description/Default)
437 This package contains the X.509 certificate generation utility.
438 endef
439
440 define Package/strongswan-libtls
441 $(call Package/strongswan/Default)
442 TITLE+= libtls
443 DEPENDS:= strongswan
444 endef
445
446 define Package/strongswan-libtls/description
447 $(call Package/strongswan/description/Default)
448 This package contains libtls for strongSwan plugins eap-tls, eap-ttls,
449 eap-peap, tnc-tnccs
450 endef
451
452 define BuildPlugin
453 define Package/strongswan-mod-$(1)
454 $$(call Package/strongswan/Default)
455 TITLE:= StrongSwan $(2) plugin
456 DEPENDS:= strongswan $(3)
457 ifneq ($(4),)
458 PROVIDES:=strongswan-mod-$(4)
459 endif
460 endef
461
462 define Package/strongswan-mod-$(1)/install
463 $(INSTALL_DIR) $$(1)/etc/strongswan.d/charon
464 if [ -f $(PKG_INSTALL_DIR)/etc/strongswan.d/charon/$(1).conf ]; then \
465 $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon/$(1).conf $$(1)/etc/strongswan.d/charon/; fi
466 $(INSTALL_DIR) $$(1)/usr/lib/ipsec/plugins
467 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-$(1).so \
468 $$(1)/usr/lib/ipsec/plugins/
469 $(call Plugin/$(1)/install,$$(1))
470 endef
471
472 $$(eval $$(call BuildPackage,strongswan-mod-$(1)))
473 endef
474
475 define BuildPluginProvides
476 ifeq ($(4),)
477 $$(error BuildPluginProvides requires provider suffix)
478 endif
479 $(call BuildPlugin,$1,$2,$3,$4)
480 endef
481
482 CONFIGURE_ARGS+= \
483 --disable-scripts \
484 --disable-static \
485 --disable-fast \
486 --enable-mgf1 \
487 --enable-mediation \
488 --with-systemdsystemunitdir=no \
489 $(if $(CONFIG_PACKAGE_strongswan-charon-cmd),--enable-cmd,--disable-cmd) \
490 $(if $(CONFIG_PACKAGE_strongswan-pki),--enable-pki,--disable-pki) \
491 $(if $(CONFIG_PACKAGE_strongswan-scepclient),--enable-scepclient,--disable-scepclient) \
492 --with-random-device=/dev/random \
493 --with-urandom-device=/dev/urandom \
494 --with-routing-table="$(call qstrip,$(CONFIG_STRONGSWAN_ROUTING_TABLE))" \
495 --with-routing-table-prio="$(call qstrip,$(CONFIG_STRONGSWAN_ROUTING_TABLE_PRIO))" \
496 $(foreach m,$(PKG_MOD_AVAILABLE), \
497 $(if $(CONFIG_PACKAGE_strongswan-mod-$(m)),--enable-$(m),--disable-$(m)) \
498 ) \
499 ac_cv_search___atomic_load=no
500
501 define Package/strongswan/conffiles
502 /etc/strongswan.conf
503 /etc/strongswan.d/
504 endef
505
506 define Package/strongswan/install
507 $(INSTALL_DIR) $(1)/etc
508 $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/strongswan.conf $(1)/etc/
509 echo -e "\ninclude /var/ipsec/strongswan.conf" >> $(1)/etc/strongswan.conf
510 $(INSTALL_DIR) $(1)/usr/lib/ipsec
511 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libstrongswan.so.* $(1)/usr/lib/ipsec/
512 endef
513
514 define Package/strongswan-default/install
515 true
516 endef
517
518 define Package/strongswan-full/install
519 true
520 endef
521
522 define Package/strongswan-isakmp/install
523 true
524 endef
525
526 define Package/strongswan-minimal/install
527 true
528 endef
529
530 define Package/strongswan-charon/install
531 $(INSTALL_DIR) $(1)/etc/strongswan.d
532 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon.conf $(1)/etc/strongswan.d
533 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon-logging.conf $(1)/etc/strongswan.d
534 $(INSTALL_DIR) $(1)/usr/lib/ipsec
535 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/charon $(1)/usr/lib/ipsec/
536 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libcharon.so.* $(1)/usr/lib/ipsec/
537 endef
538
539 define Package/strongswan-charon-cmd/install
540 $(INSTALL_DIR) $(1)/usr/sbin
541 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/charon-cmd $(1)/usr/sbin/
542 endef
543
544 define Package/strongswan-ipsec/conffiles
545 /etc/ipsec.d/
546 /etc/ipsec.conf
547 /etc/ipsec.secrets
548 /etc/ipsec.user
549 endef
550
551 define Package/strongswan-ipsec/install
552 $(INSTALL_DIR) $(1)/etc/ $(1)/usr/sbin
553 $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/ipsec.conf $(1)/etc/
554 echo -e "\ninclude /var/ipsec/ipsec.conf" >> $(1)/etc/ipsec.conf
555 $(INSTALL_CONF) ./files/ipsec.secrets $(1)/etc/
556 echo -e "\ninclude /var/ipsec/ipsec.secrets" >> $(1)/etc/ipsec.secrets
557 $(INSTALL_CONF) ./files/ipsec.user $(1)/etc/
558 $(INSTALL_DIR) $(1)/etc/init.d
559 $(INSTALL_BIN) ./files/ipsec.init $(1)/etc/init.d/ipsec
560 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ipsec $(1)/usr/sbin/
561 endef
562
563 define Package/strongswan-ipsec/postinst
564 #!/bin/sh
565
566 [ -z "$${IPKG_INSTROOT}" ] || exit 0
567
568 opkg list-changed-conffiles | grep -qx /etc/ipsec.conf || {
569 rm -f /etc/ipsec.conf-opkg
570 }
571 endef
572
573 define Package/strongswan-libnttfft/install
574 $(INSTALL_DIR) $(1)/usr/lib/ipsec
575 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libnttfft.so.* $(1)/usr/lib/ipsec/
576 endef
577
578 define Package/strongswan-pki/install
579 $(INSTALL_DIR) $(1)/etc/strongswan.d
580 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/pki.conf $(1)/etc/strongswan.d/
581 $(INSTALL_DIR) $(1)/usr/bin
582 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/pki $(1)/usr/bin/
583 endef
584
585 define Package/strongswan-scepclient/install
586 $(INSTALL_DIR) $(1)/etc/strongswan.d
587 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/scepclient.conf $(1)/etc/strongswan.d/
588 $(INSTALL_DIR) $(1)/usr/lib/ipsec
589 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/scepclient $(1)/usr/lib/ipsec/
590 endef
591
592 define Package/strongswan-swanctl/conffiles
593 /etc/config/ipsec
594 /etc/swanctl/
595 endef
596
597 define Package/strongswan-swanctl/install
598 $(INSTALL_DIR) $(1)/etc/init.d
599 $(INSTALL_DIR) $(1)/etc/swanctl/{bliss,conf.d,ecdsa,pkcs{12,8},private,pubkey,rsa}
600 $(INSTALL_DIR) $(1)/etc/swanctl/x509{,aa,ac,ca,crl,ocsp}
601 $(CP) $(PKG_INSTALL_DIR)/etc/swanctl/swanctl.conf $(1)/etc/swanctl/
602 echo "include /var/swanctl/swanctl.conf" >> $(1)/etc/swanctl/swanctl.conf
603 $(INSTALL_DIR) $(1)/usr/sbin
604 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/swanctl $(1)/usr/sbin/
605 $(INSTALL_BIN) ./files/swanctl.init $(1)/etc/init.d/swanctl
606 endef
607
608 define Package/strongswan-gencerts/install
609 $(INSTALL_DIR) $(1)/usr/bin
610 $(INSTALL_BIN) ./files/gencerts.sh $(1)/usr/bin/gencerts
611 endef
612
613 define Package/strongswan-libtls/install
614 $(INSTALL_DIR) $(1)/usr/lib/ipsec
615 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libtls.so.* $(1)/usr/lib/ipsec/
616 endef
617
618 define Plugin/duplicheck/install
619 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
620 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/duplicheck $(1)/usr/lib/ipsec/
621 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-duplicheck.so $(1)/usr/lib/ipsec/plugins/
622 endef
623
624 define Plugin/eap-radius/install
625 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
626 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libradius.so.* $(1)/usr/lib/ipsec/
627 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-eap-radius.so $(1)/usr/lib/ipsec/plugins/
628 endef
629
630 define Plugin/attr-sql/install
631 $(INSTALL_DIR) $(1)/usr/lib/ipsec
632 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/pool $(1)/usr/lib/ipsec/
633 endef
634
635 define Plugin/stroke/install
636 $(INSTALL_DIR) $(1)/etc/ipsec.d/{aacerts,acerts,cacerts,certs,crls,ocspcerts,private,reqs}
637
638 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
639 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{starter,stroke} $(1)/usr/lib/ipsec/
640 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-stroke.so $(1)/usr/lib/ipsec/plugins/
641 endef
642
643 define Plugin/updown/install
644 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
645 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/_updown $(1)/usr/lib/ipsec/
646 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-updown.so $(1)/usr/lib/ipsec/plugins/
647 $(INSTALL_DIR) $(1)/etc/hotplug.d/ipsec
648 $(CP) ./files/etc/hotplug.d/ipsec/01-user \
649 $(1)/etc/hotplug.d/ipsec/01-user
650 endef
651
652 define Plugin/vici/install
653 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
654 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libvici.so.* $(1)/usr/lib/ipsec/
655 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-vici.so $(1)/usr/lib/ipsec/plugins/
656 endef
657
658 define Plugin/whitelist/install
659 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
660 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/whitelist $(1)/usr/lib/ipsec/
661 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-whitelist.so $(1)/usr/lib/ipsec/plugins/
662 endef
663
664 define Plugin/kernel-libipsec/install
665 $(INSTALL_DIR) $(1)/usr/lib/ipsec
666 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libipsec.so.* $(1)/usr/lib/ipsec/
667 endef
668
669 $(eval $(call BuildPackage,strongswan))
670 $(eval $(call BuildPackage,strongswan-default))
671 $(eval $(call BuildPackage,strongswan-full))
672 $(eval $(call BuildPackage,strongswan-minimal))
673 $(eval $(call BuildPackage,strongswan-isakmp))
674 $(eval $(call BuildPackage,strongswan-charon))
675 $(eval $(call BuildPackage,strongswan-charon-cmd))
676 $(eval $(call BuildPackage,strongswan-ipsec))
677 $(eval $(call BuildPackage,strongswan-libnttfft))
678 $(eval $(call BuildPackage,strongswan-pki))
679 $(eval $(call BuildPackage,strongswan-scepclient))
680 $(eval $(call BuildPackage,strongswan-swanctl))
681 $(eval $(call BuildPackage,strongswan-gencerts))
682 $(eval $(call BuildPackage,strongswan-libtls))
683 $(eval $(call BuildPlugin,addrblock,RFC 3779 address block constraint support,))
684 $(eval $(call BuildPlugin,aes,AES crypto,))
685 $(eval $(call BuildPlugin,af-alg,AF_ALG crypto interface to Linux Crypto API,+kmod-crypto-user))
686 $(eval $(call BuildPlugin,agent,SSH agent signing,))
687 $(eval $(call BuildPlugin,attr,file based config,))
688 $(eval $(call BuildPlugin,attr-sql,SQL based config,+strongswan-charon))
689 $(eval $(call BuildPlugin,bliss,BLISS crypto,+strongswan-libnttfft +strongswan-mod-mgf1 +strongswan-mod-hmac))
690 $(eval $(call BuildPlugin,blowfish,Blowfish crypto,))
691 $(eval $(call BuildPlugin,ccm,CCM AEAD wrapper crypto,))
692 $(eval $(call BuildPlugin,chapoly,ChaCha20-Poly1305 AEAD crypto,+kmod-crypto-chacha20poly1305))
693 $(eval $(call BuildPlugin,cmac,CMAC crypto,))
694 $(eval $(call BuildPlugin,connmark,netfilter connection marking,+libip4tc))
695 $(eval $(call BuildPlugin,constraints,advanced X509 constraint checking,))
696 $(eval $(call BuildPlugin,coupling,IKEv2 plugin to couple peer certificates permanently to authentication,))
697 $(eval $(call BuildPlugin,ctr,Counter Mode wrapper crypto,))
698 $(eval $(call BuildPlugin,curl,cURL fetcher plugin,+PACKAGE_strongswan-mod-curl:libcurl))
699 $(eval $(call BuildPlugin,curve25519,Curve25519 Diffie-Hellman,))
700 $(eval $(call BuildPlugin,des,DES crypto,))
701 $(eval $(call BuildPlugin,dhcp,DHCP based attribute provider,))
702 $(eval $(call BuildPlugin,dnskey,DNS RR key decoding,))
703 $(eval $(call BuildPlugin,drbg,Deterministic random bit generator,,))
704 $(eval $(call BuildPlugin,duplicheck,advanced duplicate checking,))
705 $(eval $(call BuildPlugin,eap-identity,EAP identity helper,))
706 $(eval $(call BuildPlugin,eap-md5,EAP MD5 (CHAP) EAP auth,))
707 $(eval $(call BuildPlugin,eap-mschapv2,EAP MS-CHAPv2 EAP auth,+strongswan-mod-md4 +strongswan-mod-des))
708 $(eval $(call BuildPlugin,eap-radius,EAP RADIUS auth,))
709 $(eval $(call BuildPlugin,eap-tls,EAP TLS auth,+strongswan-libtls))
710 $(eval $(call BuildPlugin,farp,fake arp respsonses,))
711 $(eval $(call BuildPlugin,fips-prf,FIPS PRF crypto,+strongswan-mod-sha1))
712 $(eval $(call BuildPlugin,forecast,forward multi/broadcast traffic,+libip4tc +kmod-ipt-conntrack-extra))
713 $(eval $(call BuildPlugin,gcm,GCM AEAD wrapper crypto,))
714 $(eval $(call BuildPlugin,gcrypt,libgcrypt,+PACKAGE_strongswan-mod-gcrypt:libgcrypt))
715 $(eval $(call BuildPlugin,gmp,libgmp,+PACKAGE_strongswan-mod-gmp:libgmp))
716 $(eval $(call BuildPlugin,gmpdh,DH-Groups; no libgmp dep,))
717 $(eval $(call BuildPlugin,ha,high availability cluster,))
718 $(eval $(call BuildPlugin,hmac,HMAC crypto,))
719 $(eval $(call BuildPlugin,kdf,KDF/PRF+,))
720 $(eval $(call BuildPlugin,kernel-libipsec,libipsec kernel interface,))
721 $(eval $(call BuildPlugin,kernel-netlink,netlink kernel interface,))
722 $(eval $(call BuildPlugin,ldap,LDAP,+PACKAGE_strongswan-mod-ldap:libopenldap))
723 $(eval $(call BuildPlugin,led,LED blink on IKE activity,))
724 $(eval $(call BuildPlugin,load-tester,load testing,))
725 $(eval $(call BuildPlugin,nonce,nonce genereation,))
726 $(eval $(call BuildPlugin,md4,MD4 crypto,))
727 $(eval $(call BuildPlugin,md5,MD5 crypto,))
728 $(eval $(call BuildPlugin,mgf1,MGF1 crypto,))
729 $(eval $(call BuildPlugin,mysql,MySQL database interface,+strongswan-mod-sql +PACKAGE_strongswan-mod-mysql:libmysqlclient-r))
730 $(eval $(call BuildPlugin,newhope,New Hope crypto,+strongswan-libnttfft +strongswan-mod-chapoly +strongswan-mod-sha3))
731 $(eval $(call BuildPlugin,ntru,NTRU crypto,+strongswan-mod-mgf1))
732 $(eval $(call BuildPlugin,openssl,OpenSSL crypto,+PACKAGE_strongswan-mod-openssl:libopenssl))
733 $(eval $(call BuildPlugin,pem,PEM decoding,))
734 $(eval $(call BuildPlugin,pgp,PGP key decoding,))
735 $(eval $(call BuildPlugin,pkcs1,PKCS1 key decoding,))
736 $(eval $(call BuildPlugin,pkcs7,PKCS7 key decoding,))
737 $(eval $(call BuildPlugin,pkcs8,PKCS8 key decoding,))
738 $(eval $(call BuildPlugin,pkcs11,PKCS11 key decoding,))
739 $(eval $(call BuildPlugin,pkcs12,PKCS12 key decoding,))
740 $(eval $(call BuildPlugin,pubkey,raw public key,))
741 $(eval $(call BuildPlugin,random,RNG,))
742 $(eval $(call BuildPlugin,rc2,RC2 crypto,))
743 $(eval $(call BuildPlugin,resolve,DNS resolver,))
744 $(eval $(call BuildPlugin,revocation,X509 CRL/OCSP revocation,))
745 $(eval $(call BuildPlugin,sha1,SHA1 crypto,))
746 $(eval $(call BuildPlugin,sha2,SHA2 crypto,))
747 $(eval $(call BuildPlugin,sha3,SHA3 and SHAKE crypto,))
748 $(eval $(call BuildPlugin,smp,SMP configuration and control interface,+PACKAGE_strongswan-mod-smp:libxml2))
749 $(eval $(call BuildPluginProvides,socket-default,default socket implementation for charon,,socket))
750 $(eval $(call BuildPluginProvides,socket-dynamic,dynamic socket implementation for charon,,socket))
751 $(eval $(call BuildPlugin,sql,SQL database interface,))
752 $(eval $(call BuildPlugin,sqlite,SQLite database interface,+strongswan-mod-sql +PACKAGE_strongswan-mod-sqlite:libsqlite3))
753 $(eval $(call BuildPlugin,sshkey,SSH key decoding,))
754 $(eval $(call BuildPlugin,stroke,Stroke,+strongswan-charon +strongswan-ipsec))
755 $(eval $(call BuildPlugin,test-vectors,crypto test vectors,))
756 $(eval $(call BuildPlugin,uci,UCI config interface,+PACKAGE_strongswan-mod-uci:libuci))
757 $(eval $(call BuildPlugin,unity,Cisco Unity extension,))
758 $(eval $(call BuildPlugin,updown,updown firewall,+iptables +IPV6:ip6tables +iptables-mod-ipsec +kmod-ipt-ipsec))
759 $(eval $(call BuildPlugin,vici,Versatile IKE Configuration Interface,))
760 $(eval $(call BuildPlugin,whitelist,peer identity whitelisting,))
761 $(eval $(call BuildPlugin,wolfssl,WolfSSL crypto,+PACKAGE_strongswan-mod-wolfssl:libwolfssl))
762 $(eval $(call BuildPlugin,x509,x509 certificate,))
763 $(eval $(call BuildPlugin,xauth-eap,EAP XAuth backend,))
764 $(eval $(call BuildPlugin,xauth-generic,generic XAuth backend,))
765 $(eval $(call BuildPlugin,xcbc,xcbc crypto,))
Mirror of packages feed