projects / feed / packages.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
strongswan: Update to 5.9.7
[feed/packages.git] / net / strongswan / Makefile
1 #
2 # Copyright (C) 2012-2018 OpenWrt.org
3 #
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
6 #
7
8 include $(TOPDIR)/rules.mk
9
10 PKG_NAME:=strongswan
11 PKG_VERSION:=5.9.7
12 PKG_RELEASE:=$(AUTORELEASE)
13
14 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
15 PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/
16 PKG_HASH:=9e64a2ba62efeac81abff1d962522404ebc6ed6c0d352a23ab7c0b2c639e3fcf
17 PKG_LICENSE:=GPL-2.0-or-later
18 PKG_MAINTAINER:=Philip Prindeville <philipp@redfish-solutions.com>, Noel Kuntze <noel.kuntze@thermi.consulting>
19 PKG_CPE_ID:=cpe:/a:strongswan:strongswan
20
21 PKG_MOD_AVAILABLE:= \
22 addrblock \
23 aes \
24 af-alg \
25 agent \
26 attr \
27 attr-sql \
28 bliss \
29 blowfish \
30 ccm \
31 chapoly \
32 cmac \
33 constraints \
34 connmark \
35 coupling \
36 ctr \
37 curl \
38 curve25519 \
39 des \
40 dhcp \
41 dnskey \
42 duplicheck \
43 eap-identity \
44 eap-md5 \
45 eap-mschapv2 \
46 eap-radius \
47 eap-tls \
48 farp \
49 fips-prf \
50 forecast \
51 gcm \
52 gcrypt \
53 gmp \
54 gmpdh \
55 ha \
56 hmac \
57 kernel-libipsec \
58 kernel-netlink \
59 ldap \
60 led \
61 load-tester \
62 nonce \
63 md4 \
64 md5 \
65 mgf1 \
66 mysql \
67 newhope \
68 ntru \
69 openssl \
70 pem \
71 pgp \
72 pkcs1 \
73 pkcs7 \
74 pkcs8 \
75 pkcs11 \
76 pkcs12 \
77 pubkey \
78 random \
79 rc2 \
80 resolve \
81 revocation \
82 sha1 \
83 sha2 \
84 sha3 \
85 smp \
86 socket-default \
87 socket-dynamic \
88 sql \
89 sqlite \
90 sshkey \
91 stroke \
92 test-vectors \
93 unity \
94 uci \
95 updown \
96 vici \
97 whitelist \
98 wolfssl \
99 x509 \
100 xauth-eap \
101 xauth-generic \
102 xcbc
103
104 PKG_CONFIG_DEPENDS:= \
105 CONFIG_STRONGSWAN_ROUTING_TABLE \
106 CONFIG_STRONGSWAN_ROUTING_TABLE_PRIO \
107 $(patsubst %,CONFIG_PACKAGE_strongswan-mod-%,$(PKG_MOD_AVAILABLE)) \
108
109 PKG_FIXUP:=autoreconf
110 PKG_INSTALL:=1
111 PKG_BUILD_PARALLEL:=1
112
113 include $(INCLUDE_DIR)/package.mk
114 # strongswan-mod-mysql needs iconv
115 include $(INCLUDE_DIR)/nls.mk
116
117 define Package/strongswan/Default
118 SUBMENU:=VPN
119 SECTION:=net
120 CATEGORY:=Network
121 TITLE:=StrongSwan
122 URL:=http://www.strongswan.org/
123 endef
124
125 define Package/strongswan/description/Default
126 StrongSwan is an OpenSource IPsec implementation for the Linux operating system.
127 endef
128
129 define Package/strongswan
130 $(call Package/strongswan/Default)
131 MENU:=1
132 DEPENDS:= +libpthread +ip \
133 +kmod-crypto-authenc \
134 +kmod-ipsec +kmod-ipsec4 +IPV6:kmod-ipsec6
135 endef
136
137 define Package/strongswan/config
138 source "$(SOURCE)/Config.in"
139 endef
140
141 define Package/strongswan/description
142 $(call Package/strongswan/description/Default)
143 This package contains shared libraries and scripts.
144 endef
145
146 define Package/strongswan-full
147 $(call Package/strongswan/Default)
148 TITLE+= (full)
149 DEPENDS:= strongswan \
150 +strongswan-charon \
151 +strongswan-charon-cmd \
152 +strongswan-ipsec \
153 +strongswan-libnttfft \
154 +strongswan-mod-addrblock \
155 +strongswan-mod-aes \
156 +strongswan-mod-af-alg \
157 +strongswan-mod-agent \
158 +strongswan-mod-attr \
159 +strongswan-mod-attr-sql \
160 +strongswan-mod-bliss \
161 +strongswan-mod-blowfish \
162 +strongswan-mod-ccm \
163 +strongswan-mod-chapoly \
164 +strongswan-mod-cmac \
165 +strongswan-mod-constraints \
166 +strongswan-mod-connmark \
167 +strongswan-mod-coupling \
168 +strongswan-mod-ctr \
169 +strongswan-mod-curl \
170 +strongswan-mod-curve25519 \
171 +strongswan-mod-des \
172 +strongswan-mod-dhcp \
173 +strongswan-mod-dnskey \
174 +strongswan-mod-drbg \
175 +strongswan-mod-duplicheck \
176 +strongswan-mod-eap-identity \
177 +strongswan-mod-eap-md5 \
178 +strongswan-mod-eap-mschapv2 \
179 +strongswan-mod-eap-radius \
180 +strongswan-mod-eap-tls \
181 +strongswan-mod-farp \
182 +strongswan-mod-fips-prf \
183 +strongswan-mod-forecast \
184 +strongswan-mod-gcm \
185 +strongswan-mod-gcrypt \
186 +strongswan-mod-gmp \
187 +strongswan-mod-ha \
188 +strongswan-mod-hmac \
189 +strongswan-mod-kdf \
190 +strongswan-mod-kernel-netlink \
191 +strongswan-mod-ldap \
192 +strongswan-mod-led \
193 +strongswan-mod-load-tester \
194 +strongswan-mod-nonce \
195 +strongswan-mod-md4 \
196 +strongswan-mod-md5 \
197 +strongswan-mod-mgf1 \
198 +strongswan-mod-mysql \
199 +strongswan-mod-newhope \
200 +strongswan-mod-ntru \
201 +strongswan-mod-openssl \
202 +strongswan-mod-pem \
203 +strongswan-mod-pgp \
204 +strongswan-mod-pkcs1 \
205 +strongswan-mod-pkcs7 \
206 +strongswan-mod-pkcs8 \
207 +strongswan-mod-pkcs11 \
208 +strongswan-mod-pkcs12 \
209 +strongswan-mod-pubkey \
210 +strongswan-mod-random \
211 +strongswan-mod-rc2 \
212 +strongswan-mod-resolve \
213 +strongswan-mod-revocation \
214 +strongswan-mod-sha1 \
215 +strongswan-mod-sha2 \
216 +strongswan-mod-sha3 \
217 +strongswan-mod-smp \
218 +strongswan-mod-socket-default \
219 +strongswan-mod-sql \
220 +strongswan-mod-sqlite \
221 +strongswan-mod-sshkey \
222 +strongswan-mod-stroke \
223 +strongswan-mod-test-vectors \
224 +strongswan-mod-uci \
225 +strongswan-mod-unity \
226 +strongswan-mod-updown \
227 +strongswan-mod-vici \
228 +strongswan-mod-whitelist \
229 +strongswan-mod-wolfssl \
230 +strongswan-mod-x509 \
231 +strongswan-mod-xauth-eap \
232 +strongswan-mod-xauth-generic \
233 +strongswan-mod-xcbc \
234 +strongswan-pki \
235 +strongswan-scepclient \
236 +strongswan-swanctl \
237 @DEVEL
238 endef
239
240 define Package/strongswan-full/description
241 $(call Package/strongswan/description/Default)
242 This meta-package contains dependencies for all of the strongswan plugins
243 except kernel-libipsec,
244 socket-dynamic and which are omitted in favor of the kernel-netlink and
245 socket-default plugins.
246 endef
247
248
249 define Package/strongswan-default
250 $(call Package/strongswan/Default)
251 TITLE+= (default)
252 DEPENDS:= strongswan \
253 +strongswan-charon \
254 +strongswan-mod-aes \
255 +strongswan-mod-attr \
256 +strongswan-mod-connmark \
257 +strongswan-mod-constraints \
258 +strongswan-mod-des \
259 +strongswan-mod-dnskey \
260 +strongswan-mod-fips-prf \
261 +strongswan-mod-gmp \
262 +strongswan-mod-hmac \
263 +strongswan-mod-kernel-netlink \
264 +strongswan-mod-md5 \
265 +strongswan-mod-nonce \
266 +strongswan-mod-pem \
267 +strongswan-mod-pgp \
268 +strongswan-mod-pkcs1 \
269 +strongswan-mod-pubkey \
270 +strongswan-mod-random \
271 +strongswan-mod-rc2 \
272 +strongswan-mod-resolve \
273 +strongswan-mod-revocation \
274 +strongswan-mod-sha1 \
275 +strongswan-mod-sha2 \
276 +strongswan-mod-socket-default \
277 +strongswan-mod-sshkey \
278 +strongswan-mod-updown \
279 +strongswan-mod-x509 \
280 +strongswan-mod-xauth-generic \
281 +strongswan-mod-xcbc \
282 +strongswan-swanctl
283 endef
284
285 define Package/strongswan-default/description
286 $(call Package/strongswan/description/Default)
287 This meta-package contains only dependencies to match upstream defaults.
288 endef
289
290
291 define Package/strongswan-isakmp
292 $(call Package/strongswan/Default)
293 TITLE+= (isakmp)
294 DEPENDS:= strongswan \
295 +strongswan-charon \
296 +strongswan-ipsec \
297 +strongswan-mod-aes \
298 +strongswan-mod-des \
299 +strongswan-mod-gmpdh \
300 +strongswan-mod-hmac \
301 +strongswan-mod-kernel-netlink \
302 +strongswan-mod-md5 \
303 +strongswan-mod-nonce \
304 +strongswan-mod-pubkey \
305 +strongswan-mod-random \
306 +strongswan-mod-sha1 \
307 +strongswan-mod-socket-default \
308 +strongswan-mod-stroke \
309 +strongswan-mod-uci \
310 +strongswan-mod-updown
311 endef
312
313 define Package/strongswan-isakmp/description
314 $(call Package/strongswan/description/Default)
315 This meta-package contains only dependencies to establish ISAKMP /
316 IKE PSK connections, dropping other capabilities in favor of small size
317 Can fit most routers even with 4Mb flash (after removing IPv6 support).
318 endef
319
320
321 define Package/strongswan-minimal
322 $(call Package/strongswan/Default)
323 TITLE+= (minimal)
324 DEPENDS:= strongswan \
325 +strongswan-charon \
326 +strongswan-mod-aes \
327 +strongswan-mod-gmp \
328 +strongswan-mod-hmac \
329 +strongswan-mod-kernel-netlink \
330 +strongswan-mod-nonce \
331 +strongswan-mod-pubkey \
332 +strongswan-mod-random \
333 +strongswan-mod-sha1 \
334 +strongswan-mod-socket-default \
335 +strongswan-mod-stroke \
336 +strongswan-mod-updown \
337 +strongswan-mod-x509 \
338 +strongswan-mod-xcbc
339 endef
340
341 define Package/strongswan-minimal/description
342 $(call Package/strongswan/description/Default)
343 This meta-package contains only dependencies for a minimal IKEv2 setup.
344 endef
345
346 define Package/strongswan-charon
347 $(call Package/strongswan/Default)
348 TITLE+= IKEv1/IKEv2 keying daemon
349 DEPENDS:= strongswan
350 endef
351
352 define Package/strongswan-charon/description
353 $(call Package/strongswan/description/Default)
354 This package contains charon, an IKEv2 keying daemon.
355 endef
356
357 define Package/strongswan-charon-cmd
358 $(call Package/strongswan/Default)
359 TITLE+= charon-cmd utility
360 DEPENDS:= strongswan +strongswan-charon
361 endef
362
363 define Package/strongswan-charon-cmd/description
364 $(call Package/strongswan/description/Default)
365 This package contains the charon-cmd utility.
366 endef
367
368 define Package/strongswan-ipsec
369 $(call Package/strongswan/Default)
370 TITLE+= utilities
371 DEPENDS:= strongswan
372 endef
373
374 define Package/strongswan-ipsec/description
375 $(call Package/strongswan/description/Default)
376 This package contains the ipsec utility.
377 endef
378
379 define Package/strongswan-libnttfft
380 $(call Package/strongswan/Default)
381 TITLE+= nttfft library
382 DEPENDS:= strongswan
383 endef
384
385 define Package/strongswan-libnttfft/description
386 $(call Package/strongswan/description/Default)
387 This package contains the Number Theoretic Transforms library.
388 endef
389
390 define Package/strongswan-pki
391 $(call Package/strongswan/Default)
392 TITLE+= PKI tool
393 DEPENDS:= strongswan
394 endef
395
396 define Package/strongswan-pki/description
397 $(call Package/strongswan/description/Default)
398 This package contains the pki tool.
399 endef
400
401 define Package/strongswan-scepclient
402 $(call Package/strongswan/Default)
403 TITLE+= SCEP client
404 DEPENDS:= strongswan
405 endef
406
407 define Package/strongswan-scepclient/description
408 $(call Package/strongswan/description/Default)
409 This package contains the SCEP client.
410 endef
411
412 define Package/strongswan-swanctl
413 $(call Package/strongswan/Default)
414 TITLE+= swanctl utility
415 DEPENDS:= strongswan +strongswan-mod-vici
416 endef
417
418 define Package/strongswan-swanctl/description
419 $(call Package/strongswan/description/Default)
420 This package contains the swanctl utility.
421 endef
422
423 define Package/strongswan-gencerts
424 $(call Package/strongswan/Default)
425 TITLE+= X.509 certificate generation utility
426 DEPENDS:= strongswan +strongswan-pki bash
427 endef
428
429 define Package/strongswan-gencerts/description
430 $(call Package/strongswan/description/Default)
431 This package contains the X.509 certificate generation utility.
432 endef
433
434 define Package/strongswan-libtls
435 $(call Package/strongswan/Default)
436 TITLE+= libtls
437 DEPENDS:= strongswan
438 endef
439
440 define Package/strongswan-libtls/description
441 $(call Package/strongswan/description/Default)
442 This package contains libtls for strongSwan plugins eap-tls, eap-ttls,
443 eap-peap, tnc-tnccs
444 endef
445
446 define BuildPlugin
447 define Package/strongswan-mod-$(1)
448 $$(call Package/strongswan/Default)
449 TITLE:= StrongSwan $(2) plugin
450 DEPENDS:= strongswan $(3)
451 endef
452
453 define Package/strongswan-mod-$(1)/install
454 $(INSTALL_DIR) $$(1)/etc/strongswan.d/charon
455 if [ -f $(PKG_INSTALL_DIR)/etc/strongswan.d/charon/$(1).conf ]; then \
456 $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon/$(1).conf $$(1)/etc/strongswan.d/charon/; fi
457 $(INSTALL_DIR) $$(1)/usr/lib/ipsec/plugins
458 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-$(1).so \
459 $$(1)/usr/lib/ipsec/plugins/
460 $(call Plugin/$(1)/install,$$(1))
461 endef
462
463 $$(eval $$(call BuildPackage,strongswan-mod-$(1)))
464 endef
465
466 CONFIGURE_ARGS+= \
467 --disable-scripts \
468 --disable-static \
469 --disable-fast \
470 --enable-mgf1 \
471 --enable-mediation \
472 --with-systemdsystemunitdir=no \
473 $(if $(CONFIG_PACKAGE_strongswan-charon-cmd),--enable-cmd,--disable-cmd) \
474 $(if $(CONFIG_PACKAGE_strongswan-pki),--enable-pki,--disable-pki) \
475 $(if $(CONFIG_PACKAGE_strongswan-scepclient),--enable-scepclient,--disable-scepclient) \
476 --with-random-device=/dev/random \
477 --with-urandom-device=/dev/urandom \
478 --with-routing-table="$(call qstrip,$(CONFIG_STRONGSWAN_ROUTING_TABLE))" \
479 --with-routing-table-prio="$(call qstrip,$(CONFIG_STRONGSWAN_ROUTING_TABLE_PRIO))" \
480 $(foreach m,$(PKG_MOD_AVAILABLE), \
481 $(if $(CONFIG_PACKAGE_strongswan-mod-$(m)),--enable-$(m),--disable-$(m)) \
482 ) \
483 ac_cv_search___atomic_load=no
484
485 define Package/strongswan/conffiles
486 /etc/strongswan.conf
487 /etc/strongswan.d/
488 endef
489
490 define Package/strongswan/install
491 $(INSTALL_DIR) $(1)/etc
492 $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/strongswan.conf $(1)/etc/
493 echo -e "\ninclude /var/ipsec/strongswan.conf" >> $(1)/etc/strongswan.conf
494 $(INSTALL_DIR) $(1)/usr/lib/ipsec
495 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libstrongswan.so.* $(1)/usr/lib/ipsec/
496 endef
497
498 define Package/strongswan-default/install
499 true
500 endef
501
502 define Package/strongswan-full/install
503 true
504 endef
505
506 define Package/strongswan-isakmp/install
507 true
508 endef
509
510 define Package/strongswan-minimal/install
511 true
512 endef
513
514 define Package/strongswan-charon/install
515 $(INSTALL_DIR) $(1)/etc/strongswan.d
516 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon.conf $(1)/etc/strongswan.d
517 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon-logging.conf $(1)/etc/strongswan.d
518 $(INSTALL_DIR) $(1)/usr/lib/ipsec
519 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/charon $(1)/usr/lib/ipsec/
520 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libcharon.so.* $(1)/usr/lib/ipsec/
521 endef
522
523 define Package/strongswan-charon-cmd/install
524 $(INSTALL_DIR) $(1)/usr/sbin
525 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/charon-cmd $(1)/usr/sbin/
526 endef
527
528 define Package/strongswan-ipsec/conffiles
529 /etc/ipsec.d/
530 /etc/ipsec.conf
531 /etc/ipsec.secrets
532 /etc/ipsec.user
533 endef
534
535 define Package/strongswan-ipsec/install
536 $(INSTALL_DIR) $(1)/etc/ $(1)/usr/sbin
537 $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/ipsec.conf $(1)/etc/
538 echo -e "\ninclude /var/ipsec/ipsec.conf" >> $(1)/etc/ipsec.conf
539 $(INSTALL_CONF) ./files/ipsec.secrets $(1)/etc/
540 echo -e "\ninclude /var/ipsec/ipsec.secrets" >> $(1)/etc/ipsec.secrets
541 $(INSTALL_CONF) ./files/ipsec.user $(1)/etc/
542 $(INSTALL_DIR) $(1)/etc/init.d
543 $(INSTALL_BIN) ./files/ipsec.init $(1)/etc/init.d/ipsec
544 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ipsec $(1)/usr/sbin/
545 endef
546
547 define Package/strongswan-ipsec/postinst
548 #!/bin/sh
549
550 [ -z "$${IPKG_INSTROOT}" ] || exit 0
551
552 opkg list-changed-conffiles | grep -qx /etc/ipsec.conf || {
553 rm -f /etc/ipsec.conf-opkg
554 }
555 endef
556
557 define Package/strongswan-libnttfft/install
558 $(INSTALL_DIR) $(1)/usr/lib/ipsec
559 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libnttfft.so.* $(1)/usr/lib/ipsec/
560 endef
561
562 define Package/strongswan-pki/install
563 $(INSTALL_DIR) $(1)/etc/strongswan.d
564 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/pki.conf $(1)/etc/strongswan.d/
565 $(INSTALL_DIR) $(1)/usr/bin
566 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/pki $(1)/usr/bin/
567 endef
568
569 define Package/strongswan-scepclient/install
570 $(INSTALL_DIR) $(1)/etc/strongswan.d
571 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/scepclient.conf $(1)/etc/strongswan.d/
572 $(INSTALL_DIR) $(1)/usr/lib/ipsec
573 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/scepclient $(1)/usr/lib/ipsec/
574 endef
575
576 define Package/strongswan-swanctl/conffiles
577 /etc/config/ipsec
578 /etc/swanctl/
579 endef
580
581 define Package/strongswan-swanctl/install
582 $(INSTALL_DIR) $(1)/etc/init.d
583 $(INSTALL_DIR) $(1)/etc/swanctl/{bliss,conf.d,ecdsa,pkcs{12,8},private,pubkey,rsa}
584 $(INSTALL_DIR) $(1)/etc/swanctl/x509{,aa,ac,ca,crl,ocsp}
585 $(CP) $(PKG_INSTALL_DIR)/etc/swanctl/swanctl.conf $(1)/etc/swanctl/
586 echo "include /var/swanctl/swanctl.conf" >> $(1)/etc/swanctl/swanctl.conf
587 $(INSTALL_DIR) $(1)/usr/sbin
588 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/swanctl $(1)/usr/sbin/
589 $(INSTALL_BIN) ./files/swanctl.init $(1)/etc/init.d/swanctl
590 endef
591
592 define Package/strongswan-gencerts/install
593 $(INSTALL_DIR) $(1)/usr/bin
594 $(INSTALL_BIN) ./files/gencerts.sh $(1)/usr/bin/gencerts
595 endef
596
597 define Package/strongswan-libtls/install
598 $(INSTALL_DIR) $(1)/usr/lib/ipsec
599 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libtls.so.* $(1)/usr/lib/ipsec/
600 endef
601
602 define Plugin/duplicheck/install
603 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
604 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/duplicheck $(1)/usr/lib/ipsec/
605 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-duplicheck.so $(1)/usr/lib/ipsec/plugins/
606 endef
607
608 define Plugin/eap-radius/install
609 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
610 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libradius.so.* $(1)/usr/lib/ipsec/
611 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-eap-radius.so $(1)/usr/lib/ipsec/plugins/
612 endef
613
614 define Plugin/attr-sql/install
615 $(INSTALL_DIR) $(1)/usr/lib/ipsec
616 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/pool $(1)/usr/lib/ipsec/
617 endef
618
619 define Plugin/stroke/install
620 $(INSTALL_DIR) $(1)/etc/ipsec.d/{aacerts,acerts,cacerts,certs,crls,ocspcerts,private,reqs}
621
622 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
623 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{starter,stroke} $(1)/usr/lib/ipsec/
624 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-stroke.so $(1)/usr/lib/ipsec/plugins/
625 endef
626
627 define Plugin/updown/install
628 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
629 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/_updown $(1)/usr/lib/ipsec/
630 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-updown.so $(1)/usr/lib/ipsec/plugins/
631 $(INSTALL_DIR) $(1)/etc/hotplug.d/ipsec
632 $(CP) ./files/etc/hotplug.d/ipsec/01-user \
633 $(1)/etc/hotplug.d/ipsec/01-user
634 endef
635
636 define Plugin/vici/install
637 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
638 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libvici.so.* $(1)/usr/lib/ipsec/
639 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-vici.so $(1)/usr/lib/ipsec/plugins/
640 endef
641
642 define Plugin/whitelist/install
643 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
644 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/whitelist $(1)/usr/lib/ipsec/
645 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-whitelist.so $(1)/usr/lib/ipsec/plugins/
646 endef
647
648 define Plugin/kernel-libipsec/install
649 $(INSTALL_DIR) $(1)/usr/lib/ipsec
650 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libipsec.so.* $(1)/usr/lib/ipsec/
651 endef
652
653 $(eval $(call BuildPackage,strongswan))
654 $(eval $(call BuildPackage,strongswan-default))
655 $(eval $(call BuildPackage,strongswan-full))
656 $(eval $(call BuildPackage,strongswan-minimal))
657 $(eval $(call BuildPackage,strongswan-isakmp))
658 $(eval $(call BuildPackage,strongswan-charon))
659 $(eval $(call BuildPackage,strongswan-charon-cmd))
660 $(eval $(call BuildPackage,strongswan-ipsec))
661 $(eval $(call BuildPackage,strongswan-libnttfft))
662 $(eval $(call BuildPackage,strongswan-pki))
663 $(eval $(call BuildPackage,strongswan-scepclient))
664 $(eval $(call BuildPackage,strongswan-swanctl))
665 $(eval $(call BuildPackage,strongswan-gencerts))
666 $(eval $(call BuildPackage,strongswan-libtls))
667 $(eval $(call BuildPlugin,addrblock,RFC 3779 address block constraint support,))
668 $(eval $(call BuildPlugin,aes,AES crypto,))
669 $(eval $(call BuildPlugin,af-alg,AF_ALG crypto interface to Linux Crypto API,+kmod-crypto-user))
670 $(eval $(call BuildPlugin,agent,SSH agent signing,))
671 $(eval $(call BuildPlugin,attr,file based config,))
672 $(eval $(call BuildPlugin,attr-sql,SQL based config,+strongswan-charon))
673 $(eval $(call BuildPlugin,bliss,BLISS crypto,+strongswan-libnttfft +strongswan-mod-mgf1 +strongswan-mod-hmac))
674 $(eval $(call BuildPlugin,blowfish,Blowfish crypto,))
675 $(eval $(call BuildPlugin,ccm,CCM AEAD wrapper crypto,))
676 $(eval $(call BuildPlugin,chapoly,ChaCha20-Poly1305 AEAD crypto,+kmod-crypto-chacha20poly1305))
677 $(eval $(call BuildPlugin,cmac,CMAC crypto,))
678 $(eval $(call BuildPlugin,connmark,netfilter connection marking,+libip4tc))
679 $(eval $(call BuildPlugin,constraints,advanced X509 constraint checking,))
680 $(eval $(call BuildPlugin,coupling,IKEv2 plugin to couple peer certificates permanently to authentication,))
681 $(eval $(call BuildPlugin,ctr,Counter Mode wrapper crypto,))
682 $(eval $(call BuildPlugin,curl,cURL fetcher plugin,+PACKAGE_strongswan-mod-curl:libcurl))
683 $(eval $(call BuildPlugin,curve25519,Curve25519 Diffie-Hellman,))
684 $(eval $(call BuildPlugin,des,DES crypto,))
685 $(eval $(call BuildPlugin,dhcp,DHCP based attribute provider,))
686 $(eval $(call BuildPlugin,dnskey,DNS RR key decoding,))
687 $(eval $(call BuildPlugin,drbg,Deterministic random bit generator,,))
688 $(eval $(call BuildPlugin,duplicheck,advanced duplicate checking,))
689 $(eval $(call BuildPlugin,eap-identity,EAP identity helper,))
690 $(eval $(call BuildPlugin,eap-md5,EAP MD5 (CHAP) EAP auth,))
691 $(eval $(call BuildPlugin,eap-mschapv2,EAP MS-CHAPv2 EAP auth,+strongswan-mod-md4 +strongswan-mod-des))
692 $(eval $(call BuildPlugin,eap-radius,EAP RADIUS auth,))
693 $(eval $(call BuildPlugin,eap-tls,EAP TLS auth,+strongswan-libtls))
694 $(eval $(call BuildPlugin,farp,fake arp respsonses,))
695 $(eval $(call BuildPlugin,fips-prf,FIPS PRF crypto,+strongswan-mod-sha1))
696 $(eval $(call BuildPlugin,forecast,forward multi/broadcast traffic,+libip4tc +kmod-ipt-conntrack-extra))
697 $(eval $(call BuildPlugin,gcm,GCM AEAD wrapper crypto,))
698 $(eval $(call BuildPlugin,gcrypt,libgcrypt,+PACKAGE_strongswan-mod-gcrypt:libgcrypt))
699 $(eval $(call BuildPlugin,gmp,libgmp,+PACKAGE_strongswan-mod-gmp:libgmp))
700 $(eval $(call BuildPlugin,gmpdh,DH-Groups; no libgmp dep,))
701 $(eval $(call BuildPlugin,ha,high availability cluster,))
702 $(eval $(call BuildPlugin,hmac,HMAC crypto,))
703 $(eval $(call BuildPlugin,kdf,KDF/PRF+,))
704 $(eval $(call BuildPlugin,kernel-libipsec,libipsec kernel interface,))
705 $(eval $(call BuildPlugin,kernel-netlink,netlink kernel interface,))
706 $(eval $(call BuildPlugin,ldap,LDAP,+PACKAGE_strongswan-mod-ldap:libopenldap))
707 $(eval $(call BuildPlugin,led,LED blink on IKE activity,))
708 $(eval $(call BuildPlugin,load-tester,load testing,))
709 $(eval $(call BuildPlugin,nonce,nonce genereation,))
710 $(eval $(call BuildPlugin,md4,MD4 crypto,))
711 $(eval $(call BuildPlugin,md5,MD5 crypto,))
712 $(eval $(call BuildPlugin,mgf1,MGF1 crypto,))
713 $(eval $(call BuildPlugin,mysql,MySQL database interface,+strongswan-mod-sql +PACKAGE_strongswan-mod-mysql:libmysqlclient-r))
714 $(eval $(call BuildPlugin,newhope,New Hope crypto,+strongswan-libnttfft +strongswan-mod-chapoly +strongswan-mod-sha3))
715 $(eval $(call BuildPlugin,ntru,NTRU crypto,+strongswan-mod-mgf1))
716 $(eval $(call BuildPlugin,openssl,OpenSSL crypto,+PACKAGE_strongswan-mod-openssl:libopenssl))
717 $(eval $(call BuildPlugin,pem,PEM decoding,))
718 $(eval $(call BuildPlugin,pgp,PGP key decoding,))
719 $(eval $(call BuildPlugin,pkcs1,PKCS1 key decoding,))
720 $(eval $(call BuildPlugin,pkcs7,PKCS7 key decoding,))
721 $(eval $(call BuildPlugin,pkcs8,PKCS8 key decoding,))
722 $(eval $(call BuildPlugin,pkcs11,PKCS11 key decoding,))
723 $(eval $(call BuildPlugin,pkcs12,PKCS12 key decoding,))
724 $(eval $(call BuildPlugin,pubkey,raw public key,))
725 $(eval $(call BuildPlugin,random,RNG,))
726 $(eval $(call BuildPlugin,rc2,RC2 crypto,))
727 $(eval $(call BuildPlugin,resolve,DNS resolver,))
728 $(eval $(call BuildPlugin,revocation,X509 CRL/OCSP revocation,))
729 $(eval $(call BuildPlugin,sha1,SHA1 crypto,))
730 $(eval $(call BuildPlugin,sha2,SHA2 crypto,))
731 $(eval $(call BuildPlugin,sha3,SHA3 and SHAKE crypto,))
732 $(eval $(call BuildPlugin,smp,SMP configuration and control interface,+PACKAGE_strongswan-mod-smp:libxml2))
733 $(eval $(call BuildPlugin,socket-default,default socket implementation for charon,))
734 $(eval $(call BuildPlugin,socket-dynamic,dynamic socket implementation for charon,))
735 $(eval $(call BuildPlugin,sql,SQL database interface,))
736 $(eval $(call BuildPlugin,sqlite,SQLite database interface,+strongswan-mod-sql +PACKAGE_strongswan-mod-sqlite:libsqlite3))
737 $(eval $(call BuildPlugin,sshkey,SSH key decoding,))
738 $(eval $(call BuildPlugin,stroke,Stroke,+strongswan-charon +strongswan-ipsec))
739 $(eval $(call BuildPlugin,test-vectors,crypto test vectors,))
740 $(eval $(call BuildPlugin,uci,UCI config interface,+PACKAGE_strongswan-mod-uci:libuci))
741 $(eval $(call BuildPlugin,unity,Cisco Unity extension,))
742 $(eval $(call BuildPlugin,updown,updown firewall,+iptables +IPV6:ip6tables +iptables-mod-ipsec +kmod-ipt-ipsec))
743 $(eval $(call BuildPlugin,vici,Versatile IKE Configuration Interface,))
744 $(eval $(call BuildPlugin,whitelist,peer identity whitelisting,))
745 $(eval $(call BuildPlugin,wolfssl,WolfSSL crypto,+PACKAGE_strongswan-mod-wolfssl:libwolfssl))
746 $(eval $(call BuildPlugin,x509,x509 certificate,))
747 $(eval $(call BuildPlugin,xauth-eap,EAP XAuth backend,))
748 $(eval $(call BuildPlugin,xauth-generic,generic XAuth backend,))
749 $(eval $(call BuildPlugin,xcbc,xcbc crypto,))
Mirror of packages feed