projects / feed / packages.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge pull request #6924 from derekyerger/strongswan-lattice-sha3
[feed/packages.git] / net / strongswan / Makefile
diff --git a/net/strongswan/Makefile b/net/strongswan/Makefile
index f292290d4762931119cec59451304fe39e939d0c..f2a5dfdd443bffa6d6e57197e4653af3e08e3921 100644 (file)
--- a/net/strongswan/Makefile
+++ b/net/strongswan/Makefile
@@ -8,14 +8,14 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=strongswan
-PKG_VERSION:=5.9.1
-PKG_RELEASE:=3
+PKG_VERSION:=5.9.2
+PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/
-PKG_HASH:=a337c9fb63d973b8440827755c784031648bf423b7114a04918b0b00fd42cafb
+PKG_HASH:=61c72f741edb2c1295a7b7ccce0317a104b3f9d39efd04c52cd05b01b55ab063
 PKG_LICENSE:=GPL-2.0-or-later
-PKG_MAINTAINER:=Stijn Tintel <stijn@linux-ipv6.be>
+PKG_MAINTAINER:=Philip Prindeville <philipp@redfish-solutions.com>, Noel Kuntze <noel.kuntze@thermi.consulting>
 PKG_CPE_ID:=cpe:/a:strongswan:strongswan
 
 PKG_MOD_AVAILABLE:= \
@@ -25,8 +25,10 @@ PKG_MOD_AVAILABLE:= \
        agent \
        attr \
        attr-sql \
+       bliss \
        blowfish \
        ccm \
+       chapoly \
        cmac \
        constraints \
        connmark \
@@ -60,7 +62,10 @@ PKG_MOD_AVAILABLE:= \
        nonce \
        md4 \
        md5 \
+       mgf1 \
        mysql \
+       newhope \
+       ntru \
        openssl \
        pem \
        pgp \
@@ -76,6 +81,7 @@ PKG_MOD_AVAILABLE:= \
        revocation \
        sha1 \
        sha2 \
+       sha3 \
        smp \
        socket-default \
        socket-dynamic \
@@ -144,14 +150,17 @@ $(call Package/strongswan/Default)
        +strongswan-charon \
        +strongswan-charon-cmd \
        +strongswan-ipsec \
+       +strongswan-libnttfft \
        +strongswan-mod-addrblock \
        +strongswan-mod-aes \
        +strongswan-mod-af-alg \
        +strongswan-mod-agent \
        +strongswan-mod-attr \
        +strongswan-mod-attr-sql \
+       +strongswan-mod-bliss \
        +strongswan-mod-blowfish \
        +strongswan-mod-ccm \
+       +strongswan-mod-chapoly \
        +strongswan-mod-cmac \
        +strongswan-mod-constraints \
        +strongswan-mod-connmark \
@@ -183,7 +192,10 @@ $(call Package/strongswan/Default)
        +strongswan-mod-nonce \
        +strongswan-mod-md4 \
        +strongswan-mod-md5 \
+       +strongswan-mod-mgf1 \
        +strongswan-mod-mysql \
+       +strongswan-mod-newhope \
+       +strongswan-mod-ntru \
        +strongswan-mod-openssl \
        +strongswan-mod-pem \
        +strongswan-mod-pgp \
@@ -199,6 +211,7 @@ $(call Package/strongswan/Default)
        +strongswan-mod-revocation \
        +strongswan-mod-sha1 \
        +strongswan-mod-sha2 \
+       +strongswan-mod-sha3 \
        +strongswan-mod-smp \
        +strongswan-mod-socket-default \
        +strongswan-mod-sql \
@@ -361,6 +374,17 @@ $(call Package/strongswan/description/Default)
  This package contains the ipsec utility.
 endef
 
+define Package/strongswan-libnttfft
+$(call Package/strongswan/Default)
+  TITLE+= nttfft library
+  DEPENDS:= +strongswan
+endef
+
+define Package/strongswan-libnttfft/description
+$(call Package/strongswan/description/Default)
+ This package contains the Number Theoretic Transforms library.
+endef
+
 define Package/strongswan-pki
 $(call Package/strongswan/Default)
   TITLE+= PKI tool
@@ -454,12 +478,9 @@ endef
 define Package/strongswan/install
        $(INSTALL_DIR) $(1)/etc
        $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/strongswan.conf $(1)/etc/
+       echo -e "\ninclude /var/ipsec/strongswan.conf" >> $(1)/etc/strongswan.conf
        $(INSTALL_DIR) $(1)/usr/lib/ipsec
        $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libstrongswan.so.* $(1)/usr/lib/ipsec/
-       $(INSTALL_CONF) ./files/ipsec.secrets $(1)/etc/
-       $(INSTALL_CONF) ./files/ipsec.user $(1)/etc/
-       $(INSTALL_DIR) $(1)/etc/init.d
-       $(INSTALL_BIN) ./files/ipsec.init $(1)/etc/init.d/ipsec
 endef
 
 define Package/strongswan-default/install
@@ -502,9 +523,30 @@ endef
 define Package/strongswan-ipsec/install
        $(INSTALL_DIR) $(1)/etc/ $(1)/usr/sbin
        $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/ipsec.conf $(1)/etc/
+       echo -e "\ninclude /var/ipsec/ipsec.conf" >> $(1)/etc/ipsec.conf
+       $(INSTALL_CONF) ./files/ipsec.secrets $(1)/etc/
+       echo -e "\ninclude /var/ipsec/ipsec.secrets" >> $(1)/etc/ipsec.secrets
+       $(INSTALL_CONF) ./files/ipsec.user $(1)/etc/
+       $(INSTALL_DIR) $(1)/etc/init.d
+       $(INSTALL_BIN) ./files/ipsec.init $(1)/etc/init.d/ipsec
        $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ipsec $(1)/usr/sbin/
 endef
 
+define Package/strongswan-ipsec/postinst
+#!/bin/sh
+
+[ -z "$${IPKG_INSTROOT}" ] || exit 0
+
+opkg list-changed-conffiles | grep -qx /etc/ipsec.conf || {
+       rm -f /etc/ipsec.conf-opkg
+}
+endef
+
+define Package/strongswan-libnttfft/install
+       $(INSTALL_DIR) $(1)/usr/lib/ipsec
+       $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libnttfft.so.* $(1)/usr/lib/ipsec/
+endef
+
 define Package/strongswan-pki/install
        $(INSTALL_DIR) $(1)/etc/strongswan.d
        $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/pki.conf $(1)/etc/strongswan.d/
@@ -524,11 +566,14 @@ define Package/strongswan-swanctl/conffiles
 endef
 
 define Package/strongswan-swanctl/install
+       $(INSTALL_DIR) $(1)/etc/init.d
        $(INSTALL_DIR) $(1)/etc/swanctl/{bliss,conf.d,ecdsa,pkcs{12,8},private,pubkey,rsa}
        $(INSTALL_DIR) $(1)/etc/swanctl/x509{,aa,ac,ca,crl,ocsp}
        $(CP) $(PKG_INSTALL_DIR)/etc/swanctl/swanctl.conf $(1)/etc/swanctl/
+       echo "include /var/swanctl/swanctl.conf" >> $(1)/etc/swanctl/swanctl.conf
        $(INSTALL_DIR) $(1)/usr/sbin
        $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/swanctl $(1)/usr/sbin/
+       $(INSTALL_BIN) ./files/swanctl.init $(1)/etc/init.d/swanctl
 endef
 
 define Package/strongswan-libtls/install
@@ -602,6 +647,7 @@ $(eval $(call BuildPackage,strongswan-isakmp))
 $(eval $(call BuildPackage,strongswan-charon))
 $(eval $(call BuildPackage,strongswan-charon-cmd))
 $(eval $(call BuildPackage,strongswan-ipsec))
+$(eval $(call BuildPackage,strongswan-libnttfft))
 $(eval $(call BuildPackage,strongswan-pki))
 $(eval $(call BuildPackage,strongswan-scepclient))
 $(eval $(call BuildPackage,strongswan-swanctl))
@@ -612,8 +658,10 @@ $(eval $(call BuildPlugin,af-alg,AF_ALG crypto interface to Linux Crypto API,+km
 $(eval $(call BuildPlugin,agent,SSH agent signing,))
 $(eval $(call BuildPlugin,attr,file based config,))
 $(eval $(call BuildPlugin,attr-sql,SQL based config,+strongswan-charon))
+$(eval $(call BuildPlugin,bliss,BLISS crypto,+strongswan-libnttfft +strongswan-mod-mgf1 +strongswan-mod-hmac))
 $(eval $(call BuildPlugin,blowfish,Blowfish crypto,))
 $(eval $(call BuildPlugin,ccm,CCM AEAD wrapper crypto,))
+$(eval $(call BuildPlugin,chapoly,ChaCha20-Poly1305 AEAD crypto,))
 $(eval $(call BuildPlugin,cmac,CMAC crypto,))
 $(eval $(call BuildPlugin,connmark,netfilter connection marking,))
 $(eval $(call BuildPlugin,constraints,advanced X509 constraint checking,))
@@ -647,7 +695,10 @@ $(eval $(call BuildPlugin,load-tester,load testing,))
 $(eval $(call BuildPlugin,nonce,nonce genereation,))
 $(eval $(call BuildPlugin,md4,MD4 crypto,))
 $(eval $(call BuildPlugin,md5,MD5 crypto,))
+$(eval $(call BuildPlugin,mgf1,MGF1 crypto,))
 $(eval $(call BuildPlugin,mysql,MySQL database interface,+strongswan-mod-sql +PACKAGE_strongswan-mod-mysql:libmysqlclient-r))
+$(eval $(call BuildPlugin,newhope,New Hope crypto,+strongswan-libnttfft +strongswan-mod-chapoly +strongswan-mod-sha3))
+$(eval $(call BuildPlugin,ntru,NTRU crypto,+strongswan-mod-mgf1))
 $(eval $(call BuildPlugin,openssl,OpenSSL crypto,+PACKAGE_strongswan-mod-openssl:libopenssl))
 $(eval $(call BuildPlugin,pem,PEM decoding,))
 $(eval $(call BuildPlugin,pgp,PGP key decoding,))
@@ -663,6 +714,7 @@ $(eval $(call BuildPlugin,resolve,DNS resolver,))
 $(eval $(call BuildPlugin,revocation,X509 CRL/OCSP revocation,))
 $(eval $(call BuildPlugin,sha1,SHA1 crypto,))
 $(eval $(call BuildPlugin,sha2,SHA2 crypto,))
+$(eval $(call BuildPlugin,sha3,SHA3 and SHAKE crypto,))
 $(eval $(call BuildPlugin,smp,SMP configuration and control interface,+PACKAGE_strongswan-mod-smp:libxml2))
 $(eval $(call BuildPlugin,socket-default,default socket implementation for charon,))
 $(eval $(call BuildPlugin,socket-dynamic,dynamic socket implementation for charon,))
Mirror of packages feed