projects / feed / packages.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge pull request #18361 from stangri/master-https-dns-proxy
[feed/packages.git] / net / strongswan / Makefile
1 #
2 # Copyright (C) 2012-2018 OpenWrt.org
3 #
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
6 #
7
8 include $(TOPDIR)/rules.mk
9
10 PKG_NAME:=strongswan
11 PKG_VERSION:=5.9.6
12 PKG_RELEASE:=$(AUTORELEASE)
13
14 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
15 PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/
16 PKG_HASH:=91d0978ac448912759b85452d8ff0d578aafd4507aaf4f1c1719f9d0c7318ab7
17 PKG_LICENSE:=GPL-2.0-or-later
18 PKG_MAINTAINER:=Philip Prindeville <philipp@redfish-solutions.com>, Noel Kuntze <noel.kuntze@thermi.consulting>
19 PKG_CPE_ID:=cpe:/a:strongswan:strongswan
20
21 PKG_MOD_AVAILABLE:= \
22 addrblock \
23 aes \
24 af-alg \
25 agent \
26 attr \
27 attr-sql \
28 bliss \
29 blowfish \
30 ccm \
31 chapoly \
32 cmac \
33 constraints \
34 connmark \
35 coupling \
36 ctr \
37 curl \
38 curve25519 \
39 des \
40 dhcp \
41 dnskey \
42 duplicheck \
43 eap-identity \
44 eap-md5 \
45 eap-mschapv2 \
46 eap-radius \
47 eap-tls \
48 farp \
49 fips-prf \
50 forecast \
51 gcm \
52 gcrypt \
53 gmp \
54 gmpdh \
55 ha \
56 hmac \
57 kernel-libipsec \
58 kernel-netlink \
59 ldap \
60 led \
61 load-tester \
62 nonce \
63 md4 \
64 md5 \
65 mgf1 \
66 mysql \
67 newhope \
68 ntru \
69 openssl \
70 pem \
71 pgp \
72 pkcs1 \
73 pkcs7 \
74 pkcs8 \
75 pkcs11 \
76 pkcs12 \
77 pubkey \
78 random \
79 rc2 \
80 resolve \
81 revocation \
82 sha1 \
83 sha2 \
84 sha3 \
85 smp \
86 socket-default \
87 socket-dynamic \
88 sql \
89 sqlite \
90 sshkey \
91 stroke \
92 test-vectors \
93 unity \
94 uci \
95 updown \
96 vici \
97 whitelist \
98 wolfssl \
99 x509 \
100 xauth-eap \
101 xauth-generic \
102 xcbc
103
104 PKG_CONFIG_DEPENDS:= \
105 CONFIG_STRONGSWAN_ROUTING_TABLE \
106 CONFIG_STRONGSWAN_ROUTING_TABLE_PRIO \
107 $(patsubst %,CONFIG_PACKAGE_strongswan-mod-%,$(PKG_MOD_AVAILABLE)) \
108
109 PKG_FIXUP:=autoreconf
110 PKG_INSTALL:=1
111 PKG_BUILD_PARALLEL:=1
112
113 include $(INCLUDE_DIR)/package.mk
114 # strongswan-mod-mysql needs iconv
115 include $(INCLUDE_DIR)/nls.mk
116
117 define Package/strongswan/Default
118 SUBMENU:=VPN
119 SECTION:=net
120 CATEGORY:=Network
121 TITLE:=StrongSwan
122 URL:=http://www.strongswan.org/
123 endef
124
125 define Package/strongswan/description/Default
126 StrongSwan is an OpenSource IPsec implementation for the Linux operating system.
127 endef
128
129 define Package/strongswan
130 $(call Package/strongswan/Default)
131 MENU:=1
132 DEPENDS:= +libpthread +ip \
133 +kmod-crypto-authenc \
134 +kmod-ipsec +kmod-ipsec4 +IPV6:kmod-ipsec6
135 endef
136
137 define Package/strongswan/config
138 source "$(SOURCE)/Config.in"
139 endef
140
141 define Package/strongswan/description
142 $(call Package/strongswan/description/Default)
143 This package contains shared libraries and scripts.
144 endef
145
146 define Package/strongswan-full
147 $(call Package/strongswan/Default)
148 TITLE+= (full)
149 DEPENDS:= strongswan \
150 +strongswan-charon \
151 +strongswan-charon-cmd \
152 +strongswan-ipsec \
153 +strongswan-libnttfft \
154 +strongswan-mod-addrblock \
155 +strongswan-mod-aes \
156 +strongswan-mod-af-alg \
157 +strongswan-mod-agent \
158 +strongswan-mod-attr \
159 +strongswan-mod-attr-sql \
160 +strongswan-mod-bliss \
161 +strongswan-mod-blowfish \
162 +strongswan-mod-ccm \
163 +strongswan-mod-chapoly \
164 +strongswan-mod-cmac \
165 +strongswan-mod-constraints \
166 +strongswan-mod-connmark \
167 +strongswan-mod-coupling \
168 +strongswan-mod-ctr \
169 +strongswan-mod-curl \
170 +strongswan-mod-curve25519 \
171 +strongswan-mod-des \
172 +strongswan-mod-dhcp \
173 +strongswan-mod-dnskey \
174 +strongswan-mod-duplicheck \
175 +strongswan-mod-eap-identity \
176 +strongswan-mod-eap-md5 \
177 +strongswan-mod-eap-mschapv2 \
178 +strongswan-mod-eap-radius \
179 +strongswan-mod-eap-tls \
180 +strongswan-mod-farp \
181 +strongswan-mod-fips-prf \
182 +strongswan-mod-forecast \
183 +strongswan-mod-gcm \
184 +strongswan-mod-gcrypt \
185 +strongswan-mod-gmp \
186 +strongswan-mod-ha \
187 +strongswan-mod-hmac \
188 +strongswan-mod-kernel-netlink \
189 +strongswan-mod-ldap \
190 +strongswan-mod-led \
191 +strongswan-mod-load-tester \
192 +strongswan-mod-nonce \
193 +strongswan-mod-md4 \
194 +strongswan-mod-md5 \
195 +strongswan-mod-mgf1 \
196 +strongswan-mod-mysql \
197 +strongswan-mod-newhope \
198 +strongswan-mod-ntru \
199 +strongswan-mod-openssl \
200 +strongswan-mod-pem \
201 +strongswan-mod-pgp \
202 +strongswan-mod-pkcs1 \
203 +strongswan-mod-pkcs7 \
204 +strongswan-mod-pkcs8 \
205 +strongswan-mod-pkcs11 \
206 +strongswan-mod-pkcs12 \
207 +strongswan-mod-pubkey \
208 +strongswan-mod-random \
209 +strongswan-mod-rc2 \
210 +strongswan-mod-resolve \
211 +strongswan-mod-revocation \
212 +strongswan-mod-sha1 \
213 +strongswan-mod-sha2 \
214 +strongswan-mod-sha3 \
215 +strongswan-mod-smp \
216 +strongswan-mod-socket-default \
217 +strongswan-mod-sql \
218 +strongswan-mod-sqlite \
219 +strongswan-mod-sshkey \
220 +strongswan-mod-stroke \
221 +strongswan-mod-test-vectors \
222 +strongswan-mod-uci \
223 +strongswan-mod-unity \
224 +strongswan-mod-updown \
225 +strongswan-mod-vici \
226 +strongswan-mod-whitelist \
227 +strongswan-mod-wolfssl \
228 +strongswan-mod-x509 \
229 +strongswan-mod-xauth-eap \
230 +strongswan-mod-xauth-generic \
231 +strongswan-mod-xcbc \
232 +strongswan-pki \
233 +strongswan-scepclient \
234 +strongswan-swanctl \
235 @DEVEL
236 endef
237
238 define Package/strongswan-full/description
239 $(call Package/strongswan/description/Default)
240 This meta-package contains dependencies for all of the strongswan plugins
241 except kernel-libipsec,
242 socket-dynamic and which are omitted in favor of the kernel-netlink and
243 socket-default plugins.
244 endef
245
246
247 define Package/strongswan-default
248 $(call Package/strongswan/Default)
249 TITLE+= (default)
250 DEPENDS:= strongswan \
251 +strongswan-charon \
252 +strongswan-mod-aes \
253 +strongswan-mod-attr \
254 +strongswan-mod-connmark \
255 +strongswan-mod-constraints \
256 +strongswan-mod-des \
257 +strongswan-mod-dnskey \
258 +strongswan-mod-fips-prf \
259 +strongswan-mod-gmp \
260 +strongswan-mod-hmac \
261 +strongswan-mod-kernel-netlink \
262 +strongswan-mod-md5 \
263 +strongswan-mod-nonce \
264 +strongswan-mod-pem \
265 +strongswan-mod-pgp \
266 +strongswan-mod-pkcs1 \
267 +strongswan-mod-pubkey \
268 +strongswan-mod-random \
269 +strongswan-mod-rc2 \
270 +strongswan-mod-resolve \
271 +strongswan-mod-revocation \
272 +strongswan-mod-sha1 \
273 +strongswan-mod-sha2 \
274 +strongswan-mod-socket-default \
275 +strongswan-mod-sshkey \
276 +strongswan-mod-updown \
277 +strongswan-mod-x509 \
278 +strongswan-mod-xauth-generic \
279 +strongswan-mod-xcbc \
280 +strongswan-swanctl
281 endef
282
283 define Package/strongswan-default/description
284 $(call Package/strongswan/description/Default)
285 This meta-package contains only dependencies to match upstream defaults.
286 endef
287
288
289 define Package/strongswan-isakmp
290 $(call Package/strongswan/Default)
291 TITLE+= (isakmp)
292 DEPENDS:= strongswan \
293 +strongswan-charon \
294 +strongswan-ipsec \
295 +strongswan-mod-aes \
296 +strongswan-mod-des \
297 +strongswan-mod-gmpdh \
298 +strongswan-mod-hmac \
299 +strongswan-mod-kernel-netlink \
300 +strongswan-mod-md5 \
301 +strongswan-mod-nonce \
302 +strongswan-mod-pubkey \
303 +strongswan-mod-random \
304 +strongswan-mod-sha1 \
305 +strongswan-mod-socket-default \
306 +strongswan-mod-stroke \
307 +strongswan-mod-uci \
308 +strongswan-mod-updown
309 endef
310
311 define Package/strongswan-isakmp/description
312 $(call Package/strongswan/description/Default)
313 This meta-package contains only dependencies to establish ISAKMP /
314 IKE PSK connections, dropping other capabilities in favor of small size
315 Can fit most routers even with 4Mb flash (after removing IPv6 support).
316 endef
317
318
319 define Package/strongswan-minimal
320 $(call Package/strongswan/Default)
321 TITLE+= (minimal)
322 DEPENDS:= strongswan \
323 +strongswan-charon \
324 +strongswan-mod-aes \
325 +strongswan-mod-gmp \
326 +strongswan-mod-hmac \
327 +strongswan-mod-kernel-netlink \
328 +strongswan-mod-nonce \
329 +strongswan-mod-pubkey \
330 +strongswan-mod-random \
331 +strongswan-mod-sha1 \
332 +strongswan-mod-socket-default \
333 +strongswan-mod-stroke \
334 +strongswan-mod-updown \
335 +strongswan-mod-x509 \
336 +strongswan-mod-xcbc
337 endef
338
339 define Package/strongswan-minimal/description
340 $(call Package/strongswan/description/Default)
341 This meta-package contains only dependencies for a minimal IKEv2 setup.
342 endef
343
344 define Package/strongswan-charon
345 $(call Package/strongswan/Default)
346 TITLE+= IKEv1/IKEv2 keying daemon
347 DEPENDS:= strongswan
348 endef
349
350 define Package/strongswan-charon/description
351 $(call Package/strongswan/description/Default)
352 This package contains charon, an IKEv2 keying daemon.
353 endef
354
355 define Package/strongswan-charon-cmd
356 $(call Package/strongswan/Default)
357 TITLE+= charon-cmd utility
358 DEPENDS:= strongswan +strongswan-charon
359 endef
360
361 define Package/strongswan-charon-cmd/description
362 $(call Package/strongswan/description/Default)
363 This package contains the charon-cmd utility.
364 endef
365
366 define Package/strongswan-ipsec
367 $(call Package/strongswan/Default)
368 TITLE+= utilities
369 DEPENDS:= strongswan
370 endef
371
372 define Package/strongswan-ipsec/description
373 $(call Package/strongswan/description/Default)
374 This package contains the ipsec utility.
375 endef
376
377 define Package/strongswan-libnttfft
378 $(call Package/strongswan/Default)
379 TITLE+= nttfft library
380 DEPENDS:= strongswan
381 endef
382
383 define Package/strongswan-libnttfft/description
384 $(call Package/strongswan/description/Default)
385 This package contains the Number Theoretic Transforms library.
386 endef
387
388 define Package/strongswan-pki
389 $(call Package/strongswan/Default)
390 TITLE+= PKI tool
391 DEPENDS:= strongswan
392 endef
393
394 define Package/strongswan-pki/description
395 $(call Package/strongswan/description/Default)
396 This package contains the pki tool.
397 endef
398
399 define Package/strongswan-scepclient
400 $(call Package/strongswan/Default)
401 TITLE+= SCEP client
402 DEPENDS:= strongswan
403 endef
404
405 define Package/strongswan-scepclient/description
406 $(call Package/strongswan/description/Default)
407 This package contains the SCEP client.
408 endef
409
410 define Package/strongswan-swanctl
411 $(call Package/strongswan/Default)
412 TITLE+= swanctl utility
413 DEPENDS:= strongswan +strongswan-mod-vici
414 endef
415
416 define Package/strongswan-swanctl/description
417 $(call Package/strongswan/description/Default)
418 This package contains the swanctl utility.
419 endef
420
421 define Package/strongswan-gencerts
422 $(call Package/strongswan/Default)
423 TITLE+= X.509 certificate generation utility
424 DEPENDS:= strongswan +strongswan-pki bash
425 endef
426
427 define Package/strongswan-gencerts/description
428 $(call Package/strongswan/description/Default)
429 This package contains the X.509 certificate generation utility.
430 endef
431
432 define Package/strongswan-libtls
433 $(call Package/strongswan/Default)
434 TITLE+= libtls
435 DEPENDS:= strongswan
436 endef
437
438 define Package/strongswan-libtls/description
439 $(call Package/strongswan/description/Default)
440 This package contains libtls for strongSwan plugins eap-tls, eap-ttls,
441 eap-peap, tnc-tnccs
442 endef
443
444 define BuildPlugin
445 define Package/strongswan-mod-$(1)
446 $$(call Package/strongswan/Default)
447 TITLE:= StrongSwan $(2) plugin
448 DEPENDS:= strongswan $(3)
449 endef
450
451 define Package/strongswan-mod-$(1)/install
452 $(INSTALL_DIR) $$(1)/etc/strongswan.d/charon
453 if [ -f $(PKG_INSTALL_DIR)/etc/strongswan.d/charon/$(1).conf ]; then \
454 $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon/$(1).conf $$(1)/etc/strongswan.d/charon/; fi
455 $(INSTALL_DIR) $$(1)/usr/lib/ipsec/plugins
456 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-$(1).so \
457 $$(1)/usr/lib/ipsec/plugins/
458 $(call Plugin/$(1)/install,$$(1))
459 endef
460
461 $$(eval $$(call BuildPackage,strongswan-mod-$(1)))
462 endef
463
464 CONFIGURE_ARGS+= \
465 --disable-scripts \
466 --disable-static \
467 --disable-fast \
468 --enable-mediation \
469 --with-systemdsystemunitdir=no \
470 $(if $(CONFIG_PACKAGE_strongswan-charon-cmd),--enable-cmd,--disable-cmd) \
471 $(if $(CONFIG_PACKAGE_strongswan-pki),--enable-pki,--disable-pki) \
472 $(if $(CONFIG_PACKAGE_strongswan-scepclient),--enable-scepclient,--disable-scepclient) \
473 --with-random-device=/dev/random \
474 --with-urandom-device=/dev/urandom \
475 --with-routing-table="$(call qstrip,$(CONFIG_STRONGSWAN_ROUTING_TABLE))" \
476 --with-routing-table-prio="$(call qstrip,$(CONFIG_STRONGSWAN_ROUTING_TABLE_PRIO))" \
477 $(foreach m,$(PKG_MOD_AVAILABLE), \
478 $(if $(CONFIG_PACKAGE_strongswan-mod-$(m)),--enable-$(m),--disable-$(m)) \
479 ) \
480 ac_cv_search___atomic_load=no
481
482 define Package/strongswan/conffiles
483 /etc/strongswan.conf
484 /etc/strongswan.d/
485 endef
486
487 define Package/strongswan/install
488 $(INSTALL_DIR) $(1)/etc
489 $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/strongswan.conf $(1)/etc/
490 echo -e "\ninclude /var/ipsec/strongswan.conf" >> $(1)/etc/strongswan.conf
491 $(INSTALL_DIR) $(1)/usr/lib/ipsec
492 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libstrongswan.so.* $(1)/usr/lib/ipsec/
493 endef
494
495 define Package/strongswan-default/install
496 true
497 endef
498
499 define Package/strongswan-full/install
500 true
501 endef
502
503 define Package/strongswan-isakmp/install
504 true
505 endef
506
507 define Package/strongswan-minimal/install
508 true
509 endef
510
511 define Package/strongswan-charon/install
512 $(INSTALL_DIR) $(1)/etc/strongswan.d
513 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon.conf $(1)/etc/strongswan.d
514 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon-logging.conf $(1)/etc/strongswan.d
515 $(INSTALL_DIR) $(1)/usr/lib/ipsec
516 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/charon $(1)/usr/lib/ipsec/
517 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libcharon.so.* $(1)/usr/lib/ipsec/
518 endef
519
520 define Package/strongswan-charon-cmd/install
521 $(INSTALL_DIR) $(1)/usr/sbin
522 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/charon-cmd $(1)/usr/sbin/
523 endef
524
525 define Package/strongswan-ipsec/conffiles
526 /etc/ipsec.d/
527 /etc/ipsec.conf
528 /etc/ipsec.secrets
529 /etc/ipsec.user
530 endef
531
532 define Package/strongswan-ipsec/install
533 $(INSTALL_DIR) $(1)/etc/ $(1)/usr/sbin
534 $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/ipsec.conf $(1)/etc/
535 echo -e "\ninclude /var/ipsec/ipsec.conf" >> $(1)/etc/ipsec.conf
536 $(INSTALL_CONF) ./files/ipsec.secrets $(1)/etc/
537 echo -e "\ninclude /var/ipsec/ipsec.secrets" >> $(1)/etc/ipsec.secrets
538 $(INSTALL_CONF) ./files/ipsec.user $(1)/etc/
539 $(INSTALL_DIR) $(1)/etc/init.d
540 $(INSTALL_BIN) ./files/ipsec.init $(1)/etc/init.d/ipsec
541 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ipsec $(1)/usr/sbin/
542 endef
543
544 define Package/strongswan-ipsec/postinst
545 #!/bin/sh
546
547 [ -z "$${IPKG_INSTROOT}" ] || exit 0
548
549 opkg list-changed-conffiles | grep -qx /etc/ipsec.conf || {
550 rm -f /etc/ipsec.conf-opkg
551 }
552 endef
553
554 define Package/strongswan-libnttfft/install
555 $(INSTALL_DIR) $(1)/usr/lib/ipsec
556 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libnttfft.so.* $(1)/usr/lib/ipsec/
557 endef
558
559 define Package/strongswan-pki/install
560 $(INSTALL_DIR) $(1)/etc/strongswan.d
561 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/pki.conf $(1)/etc/strongswan.d/
562 $(INSTALL_DIR) $(1)/usr/bin
563 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/pki $(1)/usr/bin/
564 endef
565
566 define Package/strongswan-scepclient/install
567 $(INSTALL_DIR) $(1)/etc/strongswan.d
568 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/scepclient.conf $(1)/etc/strongswan.d/
569 $(INSTALL_DIR) $(1)/usr/lib/ipsec
570 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/scepclient $(1)/usr/lib/ipsec/
571 endef
572
573 define Package/strongswan-swanctl/conffiles
574 /etc/config/ipsec
575 /etc/swanctl/
576 endef
577
578 define Package/strongswan-swanctl/install
579 $(INSTALL_DIR) $(1)/etc/init.d
580 $(INSTALL_DIR) $(1)/etc/swanctl/{bliss,conf.d,ecdsa,pkcs{12,8},private,pubkey,rsa}
581 $(INSTALL_DIR) $(1)/etc/swanctl/x509{,aa,ac,ca,crl,ocsp}
582 $(CP) $(PKG_INSTALL_DIR)/etc/swanctl/swanctl.conf $(1)/etc/swanctl/
583 echo "include /var/swanctl/swanctl.conf" >> $(1)/etc/swanctl/swanctl.conf
584 $(INSTALL_DIR) $(1)/usr/sbin
585 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/swanctl $(1)/usr/sbin/
586 $(INSTALL_BIN) ./files/swanctl.init $(1)/etc/init.d/swanctl
587 endef
588
589 define Package/strongswan-gencerts/install
590 $(INSTALL_DIR) $(1)/usr/bin
591 $(INSTALL_BIN) ./files/gencerts.sh $(1)/usr/bin/gencerts
592 endef
593
594 define Package/strongswan-libtls/install
595 $(INSTALL_DIR) $(1)/usr/lib/ipsec
596 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libtls.so.* $(1)/usr/lib/ipsec/
597 endef
598
599 define Plugin/duplicheck/install
600 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
601 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/duplicheck $(1)/usr/lib/ipsec/
602 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-duplicheck.so $(1)/usr/lib/ipsec/plugins/
603 endef
604
605 define Plugin/eap-radius/install
606 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
607 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libradius.so.* $(1)/usr/lib/ipsec/
608 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-eap-radius.so $(1)/usr/lib/ipsec/plugins/
609 endef
610
611 define Plugin/attr-sql/install
612 $(INSTALL_DIR) $(1)/usr/lib/ipsec
613 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/pool $(1)/usr/lib/ipsec/
614 endef
615
616 define Plugin/stroke/install
617 $(INSTALL_DIR) $(1)/etc/ipsec.d/{aacerts,acerts,cacerts,certs,crls,ocspcerts,private,reqs}
618
619 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
620 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{starter,stroke} $(1)/usr/lib/ipsec/
621 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-stroke.so $(1)/usr/lib/ipsec/plugins/
622 endef
623
624 define Plugin/updown/install
625 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
626 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/_updown $(1)/usr/lib/ipsec/
627 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-updown.so $(1)/usr/lib/ipsec/plugins/
628 $(INSTALL_DIR) $(1)/etc/hotplug.d/ipsec
629 $(CP) ./files/etc/hotplug.d/ipsec/01-user \
630 $(1)/etc/hotplug.d/ipsec/01-user
631 endef
632
633 define Plugin/vici/install
634 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
635 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libvici.so.* $(1)/usr/lib/ipsec/
636 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-vici.so $(1)/usr/lib/ipsec/plugins/
637 endef
638
639 define Plugin/whitelist/install
640 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
641 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/whitelist $(1)/usr/lib/ipsec/
642 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-whitelist.so $(1)/usr/lib/ipsec/plugins/
643 endef
644
645 define Plugin/kernel-libipsec/install
646 $(INSTALL_DIR) $(1)/usr/lib/ipsec
647 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libipsec.so.* $(1)/usr/lib/ipsec/
648 endef
649
650 $(eval $(call BuildPackage,strongswan))
651 $(eval $(call BuildPackage,strongswan-default))
652 $(eval $(call BuildPackage,strongswan-full))
653 $(eval $(call BuildPackage,strongswan-minimal))
654 $(eval $(call BuildPackage,strongswan-isakmp))
655 $(eval $(call BuildPackage,strongswan-charon))
656 $(eval $(call BuildPackage,strongswan-charon-cmd))
657 $(eval $(call BuildPackage,strongswan-ipsec))
658 $(eval $(call BuildPackage,strongswan-libnttfft))
659 $(eval $(call BuildPackage,strongswan-pki))
660 $(eval $(call BuildPackage,strongswan-scepclient))
661 $(eval $(call BuildPackage,strongswan-swanctl))
662 $(eval $(call BuildPackage,strongswan-gencerts))
663 $(eval $(call BuildPackage,strongswan-libtls))
664 $(eval $(call BuildPlugin,addrblock,RFC 3779 address block constraint support,))
665 $(eval $(call BuildPlugin,aes,AES crypto,))
666 $(eval $(call BuildPlugin,af-alg,AF_ALG crypto interface to Linux Crypto API,+kmod-crypto-user))
667 $(eval $(call BuildPlugin,agent,SSH agent signing,))
668 $(eval $(call BuildPlugin,attr,file based config,))
669 $(eval $(call BuildPlugin,attr-sql,SQL based config,+strongswan-charon))
670 $(eval $(call BuildPlugin,bliss,BLISS crypto,+strongswan-libnttfft +strongswan-mod-mgf1 +strongswan-mod-hmac))
671 $(eval $(call BuildPlugin,blowfish,Blowfish crypto,))
672 $(eval $(call BuildPlugin,ccm,CCM AEAD wrapper crypto,))
673 $(eval $(call BuildPlugin,chapoly,ChaCha20-Poly1305 AEAD crypto,))
674 $(eval $(call BuildPlugin,cmac,CMAC crypto,))
675 $(eval $(call BuildPlugin,connmark,netfilter connection marking,+libip4tc))
676 $(eval $(call BuildPlugin,constraints,advanced X509 constraint checking,))
677 $(eval $(call BuildPlugin,coupling,IKEv2 plugin to couple peer certificates permanently to authentication,))
678 $(eval $(call BuildPlugin,ctr,Counter Mode wrapper crypto,))
679 $(eval $(call BuildPlugin,curl,cURL fetcher plugin,+PACKAGE_strongswan-mod-curl:libcurl))
680 $(eval $(call BuildPlugin,curve25519,Curve25519 Diffie-Hellman,))
681 $(eval $(call BuildPlugin,des,DES crypto,))
682 $(eval $(call BuildPlugin,dhcp,DHCP based attribute provider,))
683 $(eval $(call BuildPlugin,dnskey,DNS RR key decoding,))
684 $(eval $(call BuildPlugin,duplicheck,advanced duplicate checking,))
685 $(eval $(call BuildPlugin,eap-identity,EAP identity helper,))
686 $(eval $(call BuildPlugin,eap-md5,EAP MD5 (CHAP) EAP auth,))
687 $(eval $(call BuildPlugin,eap-mschapv2,EAP MS-CHAPv2 EAP auth,+strongswan-mod-md4 +strongswan-mod-des))
688 $(eval $(call BuildPlugin,eap-radius,EAP RADIUS auth,))
689 $(eval $(call BuildPlugin,eap-tls,EAP TLS auth,+strongswan-libtls))
690 $(eval $(call BuildPlugin,farp,fake arp respsonses,))
691 $(eval $(call BuildPlugin,fips-prf,FIPS PRF crypto,+strongswan-mod-sha1))
692 $(eval $(call BuildPlugin,forecast,forward multi/broadcast traffic,+libip4tc +kmod-ipt-conntrack-extra))
693 $(eval $(call BuildPlugin,gcm,GCM AEAD wrapper crypto,))
694 $(eval $(call BuildPlugin,gcrypt,libgcrypt,+PACKAGE_strongswan-mod-gcrypt:libgcrypt))
695 $(eval $(call BuildPlugin,gmp,libgmp,+PACKAGE_strongswan-mod-gmp:libgmp))
696 $(eval $(call BuildPlugin,gmpdh,DH-Groups; no libgmp dep,))
697 $(eval $(call BuildPlugin,ha,high availability cluster,))
698 $(eval $(call BuildPlugin,hmac,HMAC crypto,))
699 $(eval $(call BuildPlugin,kernel-libipsec,libipsec kernel interface,))
700 $(eval $(call BuildPlugin,kernel-netlink,netlink kernel interface,))
701 $(eval $(call BuildPlugin,ldap,LDAP,+PACKAGE_strongswan-mod-ldap:libopenldap))
702 $(eval $(call BuildPlugin,led,LED blink on IKE activity,))
703 $(eval $(call BuildPlugin,load-tester,load testing,))
704 $(eval $(call BuildPlugin,nonce,nonce genereation,))
705 $(eval $(call BuildPlugin,md4,MD4 crypto,))
706 $(eval $(call BuildPlugin,md5,MD5 crypto,))
707 $(eval $(call BuildPlugin,mgf1,MGF1 crypto,))
708 $(eval $(call BuildPlugin,mysql,MySQL database interface,+strongswan-mod-sql +PACKAGE_strongswan-mod-mysql:libmysqlclient-r))
709 $(eval $(call BuildPlugin,newhope,New Hope crypto,+strongswan-libnttfft +strongswan-mod-chapoly +strongswan-mod-sha3))
710 $(eval $(call BuildPlugin,ntru,NTRU crypto,+strongswan-mod-mgf1))
711 $(eval $(call BuildPlugin,openssl,OpenSSL crypto,+PACKAGE_strongswan-mod-openssl:libopenssl))
712 $(eval $(call BuildPlugin,pem,PEM decoding,))
713 $(eval $(call BuildPlugin,pgp,PGP key decoding,))
714 $(eval $(call BuildPlugin,pkcs1,PKCS1 key decoding,))
715 $(eval $(call BuildPlugin,pkcs7,PKCS7 key decoding,))
716 $(eval $(call BuildPlugin,pkcs8,PKCS8 key decoding,))
717 $(eval $(call BuildPlugin,pkcs11,PKCS11 key decoding,))
718 $(eval $(call BuildPlugin,pkcs12,PKCS12 key decoding,))
719 $(eval $(call BuildPlugin,pubkey,raw public key,))
720 $(eval $(call BuildPlugin,random,RNG,))
721 $(eval $(call BuildPlugin,rc2,RC2 crypto,))
722 $(eval $(call BuildPlugin,resolve,DNS resolver,))
723 $(eval $(call BuildPlugin,revocation,X509 CRL/OCSP revocation,))
724 $(eval $(call BuildPlugin,sha1,SHA1 crypto,))
725 $(eval $(call BuildPlugin,sha2,SHA2 crypto,))
726 $(eval $(call BuildPlugin,sha3,SHA3 and SHAKE crypto,))
727 $(eval $(call BuildPlugin,smp,SMP configuration and control interface,+PACKAGE_strongswan-mod-smp:libxml2))
728 $(eval $(call BuildPlugin,socket-default,default socket implementation for charon,))
729 $(eval $(call BuildPlugin,socket-dynamic,dynamic socket implementation for charon,))
730 $(eval $(call BuildPlugin,sql,SQL database interface,))
731 $(eval $(call BuildPlugin,sqlite,SQLite database interface,+strongswan-mod-sql +PACKAGE_strongswan-mod-sqlite:libsqlite3))
732 $(eval $(call BuildPlugin,sshkey,SSH key decoding,))
733 $(eval $(call BuildPlugin,stroke,Stroke,+strongswan-charon +strongswan-ipsec))
734 $(eval $(call BuildPlugin,test-vectors,crypto test vectors,))
735 $(eval $(call BuildPlugin,uci,UCI config interface,+PACKAGE_strongswan-mod-uci:libuci))
736 $(eval $(call BuildPlugin,unity,Cisco Unity extension,))
737 $(eval $(call BuildPlugin,updown,updown firewall,+iptables +IPV6:ip6tables +iptables-mod-ipsec +kmod-ipt-ipsec))
738 $(eval $(call BuildPlugin,vici,Versatile IKE Configuration Interface,))
739 $(eval $(call BuildPlugin,whitelist,peer identity whitelisting,))
740 $(eval $(call BuildPlugin,wolfssl,WolfSSL crypto,+PACKAGE_strongswan-mod-wolfssl:libwolfssl))
741 $(eval $(call BuildPlugin,x509,x509 certificate,))
742 $(eval $(call BuildPlugin,xauth-eap,EAP XAuth backend,))
743 $(eval $(call BuildPlugin,xauth-generic,generic XAuth backend,))
744 $(eval $(call BuildPlugin,xcbc,xcbc crypto,))
Mirror of packages feed