2 # Copyright (C) 2010-2011 OpenWrt.org
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
8 include $(TOPDIR
)/rules.mk
14 PKG_SOURCE
:=$(PKG_NAME
)-$(PKG_VERSION
).
tar.bz2
15 PKG_SOURCE_URL
:=http
://download.strongswan.org
/
16 PKG_MD5SUM
:=ee7c50a90c91307b111e8085f2479890
74 PACKAGE_strongswan4-libfast
:clearsilver \
75 PACKAGE_strongswan4-libfast
:fcgi \
77 PKG_CONFIG_DEPENDS
:= \
78 CONFIG_STRONGSWAN4_ENABLE_CISCO_QUIRKS \
79 CONFIG_STRONGSWAN4_ENABLE_NAT_TRANSPORT \
80 CONFIG_STRONGSWAN4_ENABLE_VENDOR_ID \
81 CONFIG_STRONGSWAN4_ENABLE_XAUTH_VID \
82 CONFIG_STRONGSWAN4_DEVICE_RANDOM \
83 CONFIG_STRONGSWAN4_DEVICE_URANDOM \
84 CONFIG_STRONGSWAN4_ROUTING_TABLE \
85 CONFIG_STRONGSWAN4_ROUTING_TABLE_PRIO \
86 $(patsubst %,CONFIG_PACKAGE_strongswan4-mod-
%,$(PKG_MOD_AVAILABLE
)) \
92 include $(INCLUDE_DIR
)/package.mk
95 define Package
/strongswan4
/Default
100 URL
:=http
://www.strongswan.org
/
103 define Package
/strongswan4
/description
/Default
104 StrongSwan is an OpenSource IPsec implementation for the Linux
109 define Package
/strongswan4
110 $(call Package
/strongswan4
/Default
)
111 DEPENDS
:= +libpthread
+ip \
112 +kmod-crypto-authenc \
113 +kmod-ipsec
+kmod-ipsec4 \
114 +kmod-ipt-ipsec
+iptables-mod-ipsec
117 define Package
/strongswan4
/config
118 source
"$(SOURCE)/Config.in"
121 define Package
/strongswan4
/description
122 $(call Package
/strongswan4
/description
/Default
)
124 This package contains shared libraries and scripts.
128 define Package
/strongswan4-full
129 $(call Package
/strongswan4
/Default
)
131 DEPENDS
:= +strongswan4 \
132 +strongswan4-app-charon \
133 +strongswan4-app-pluto \
134 +strongswan4-libfast \
135 +strongswan4-mod-aes \
136 +strongswan4-mod-af-alg \
137 +strongswan4-mod-agent \
138 +strongswan4-mod-attr \
139 +strongswan4-mod-attr-sql \
140 +strongswan4-mod-blowfish \
141 +strongswan4-mod-constraints \
142 +strongswan4-mod-coupling \
143 +strongswan4-mod-curl \
144 +strongswan4-mod-des \
145 +strongswan4-mod-dhcp \
146 +strongswan4-mod-dnskey \
147 +strongswan4-mod-duplicheck \
148 +strongswan4-mod-eap-md5 \
149 +strongswan4-mod-eap-mschapv2 \
150 +strongswan4-mod-eap-radius \
151 +strongswan4-mod-farp \
152 +strongswan4-mod-fips-prf \
153 +strongswan4-mod-gcrypt \
154 +strongswan4-mod-gmp \
155 +strongswan4-mod-hmac \
156 +strongswan4-mod-kernel-netlink \
157 +strongswan4-mod-kernel-pfkey \
158 +strongswan4-mod-ldap \
159 +strongswan4-mod-led \
160 +strongswan4-mod-load-tester \
161 +strongswan4-mod-md5 \
162 +strongswan4-mod-medcli \
163 +strongswan4-mod-medsrv \
164 +strongswan4-mod-mysql \
165 +TARGET_x86
:strongswan4-mod-padlock \
166 +strongswan4-mod-pem \
167 +strongswan4-mod-pgp \
168 +strongswan4-mod-pkcs1 \
169 +strongswan4-mod-pubkey \
170 +strongswan4-mod-random \
171 +strongswan4-mod-resolve \
172 +strongswan4-mod-revocation \
173 +strongswan4-mod-sha1 \
174 +strongswan4-mod-sha2 \
175 +strongswan4-mod-smp \
176 +strongswan4-mod-socket-raw \
177 +strongswan4-mod-sql \
178 +strongswan4-mod-sqlite \
179 +strongswan4-mod-stroke \
180 +strongswan4-mod-uci \
181 +strongswan4-mod-updown \
182 +strongswan4-mod-whitelist \
183 +strongswan4-mod-x509 \
184 +strongswan4-mod-xauth \
185 +strongswan4-mod-xcbc \
190 define Package
/strongswan4-full
/description
191 $(call Package
/strongswan4
/description
/Default
)
193 This meta-package contains dependencies for
all of the strongswan4
194 plugins except kernel-klips and socket-default which are ommitted in
195 favor of the kernel-netlink and socket-raw plugins.
199 define Package
/strongswan4-default
200 $(call Package
/strongswan4
/Default
)
202 DEPENDS
:= +strongswan4 \
203 +strongswan4-app-charon \
204 +strongswan4-app-pluto \
205 +strongswan4-mod-aes \
206 +strongswan4-mod-constraints \
207 +strongswan4-mod-attr \
208 +strongswan4-mod-des \
209 +strongswan4-mod-dnskey \
210 +strongswan4-mod-fips-prf \
211 +strongswan4-mod-gmp \
212 +strongswan4-mod-hmac \
213 +strongswan4-mod-kernel-netlink \
214 +strongswan4-mod-md5 \
215 +strongswan4-mod-pem \
216 +strongswan4-mod-pgp \
217 +strongswan4-mod-pkcs1 \
218 +strongswan4-mod-pubkey \
219 +strongswan4-mod-random \
220 +strongswan4-mod-revocation \
221 +strongswan4-mod-resolve \
222 +strongswan4-mod-sha1 \
223 +strongswan4-mod-sha2 \
224 +strongswan4-mod-socket-raw \
225 +strongswan4-mod-stroke \
226 +strongswan4-mod-updown \
227 +strongswan4-mod-x509 \
228 +strongswan4-mod-xauth \
229 +strongswan4-mod-xcbc \
233 define Package
/strongswan4-default
/description
234 $(call Package
/strongswan4
/description
/Default
)
236 This meta-package contains only dependencies to match upstream
241 define Package
/strongswan4-minimal
242 $(call Package
/strongswan4
/Default
)
244 DEPENDS
:= +strongswan4 \
245 +strongswan4-app-charon \
246 +strongswan4-mod-aes \
247 +strongswan4-mod-gmp \
248 +strongswan4-mod-hmac \
249 +strongswan4-mod-kernel-netlink \
250 +strongswan4-mod-pubkey \
251 +strongswan4-mod-random \
252 +strongswan4-mod-sha1 \
253 +strongswan4-mod-socket-default \
254 +strongswan4-mod-stroke \
255 +strongswan4-mod-updown \
256 +strongswan4-mod-x509 \
257 +strongswan4-mod-xcbc
260 define Package
/strongswan4-minimal
/description
261 $(call Package
/strongswan4
/description
/Default
)
263 This meta-package contains only dependencies for a minimal IKEv2 setup.
267 define Package
/strongswan4-app-charon
268 $(call Package
/strongswan4
/Default
)
269 TITLE
+= IKEv2 keying daemon
270 DEPENDS
:= +strongswan4
273 define Package
/strongswan4-app-charon
/description
274 $(call Package
/strongswan4
/description
/Default
)
276 This package contains charon
, an IKEv2 keying daemon.
280 define Package
/strongswan4-app-pluto
281 $(call Package
/strongswan4
/Default
)
282 TITLE
+= IKEv1 keying daemon
283 DEPENDS
:= +strongswan4
286 define Package
/strongswan4-app-pluto
/description
287 $(call Package
/strongswan4
/description
/Default
)
289 This package contains pluto
, an IKEv1 keying daemon.
293 define Package
/strongswan4-libfast
294 $(call Package
/strongswan4
/Default
)
296 DEPENDS
:= +strongswan4
299 define Package
/strongswan4-libfast
/description
300 $(call Package
/strongswan4
/description
/Default
)
302 This package contains libfast
, a lightweight framework to build native
303 web applications using ClearSilver and FastCGI.
307 define Package
/strongswan4-utils
308 $(call Package
/strongswan4
/Default
)
310 DEPENDS
:= +strongswan4
313 define Package
/strongswan4-utils
/description
314 $(call Package
/strongswan4
/description
/Default
)
316 This package contains the openac
, pki
& scepclient utilities.
324 define Package
/strongswan4-mod-
$(1)
325 $$(call Package
/strongswan4
/Default
)
326 TITLE
:= StrongSwan
$(2) plugin
327 DEPENDS
:= +strongswan4
$(3)
330 define Package
/strongswan4-mod-
$(1)/install
331 $(INSTALL_DIR
) $$(1)/usr
/lib
/ipsec
/plugins
333 $(PKG_INSTALL_DIR
)/usr
/lib
/ipsec
/plugins
/libstrongswan-
$(1).so \
334 $$(1)/usr
/lib
/ipsec
/plugins
/ ;
335 $(call Plugin
/$(1)/install,$$(1))
338 $$(eval
$$(call BuildPackage
,strongswan4-mod-
$(1)))
343 $(if
$(CONFIG_STRONGSWAN4_ENABLE_CISCO_QUIRKS
),--enable-cisco-quirks
,--disable-cisco-quirks
) \
344 $(if
$(CONFIG_STRONGSWAN4_ENABLE_NAT_TRANSPORT
),--enable-nat-transport
,--disable-nat-transport
) \
345 $(if
$(CONFIG_STRONGSWAN4_ENABLE_VENDOR_ID
),--enable-vendor-id
,--disable-vendor-id
) \
346 $(if
$(CONFIG_STRONGSWAN4_ENABLE_XAUTH_VID
),--enable-xauth-vid
,--disable-xauth-vid
) \
349 $(if
$(CONFIG_PACKAGE_strongswan4-libfast
),--enable-fast
,--disable-fast
) \
350 $(if
$(CONFIG_PACKAGE_strongswan4-utils
),--enable-tools
,--disable-tools
) \
351 --with-random-device
="$(call qstrip,$(CONFIG_STRONGSWAN4_DEVICE_RANDOM))" \
352 --with-urandom-device
="$(call qstrip,$(CONFIG_STRONGSWAN4_DEVICE_URANDOM))" \
353 --with-routing-table
="$(call qstrip,$(CONFIG_STRONGSWAN4_ROUTING_TABLE))" \
354 --with-routing-table-prio
="$(call qstrip,$(CONFIG_STRONGSWAN4_ROUTING_TABLE_PRIO))" \
355 $(foreach m
,$(PKG_MOD_AVAILABLE
), \
356 $(if
$(CONFIG_PACKAGE_strongswan4-mod-
$(m
)),--enable-
$(m
),--disable-
$(m
)) \
359 ifneq ($(CONFIG_PACKAGE_strongswan4-libfast
),)
360 EXTRA_CPPFLAGS
+= -I
$(STAGING_DIR
)/usr
/include/ClearSilver
363 EXTRA_LDFLAGS
+= -Wl
,-rpath-link
,$(STAGING_DIR
)/usr
/lib
366 define Package
/strongswan4
/conffiles
372 define Package
/strongswan4
/install
373 $(INSTALL_DIR
) $(1)/etc
374 $(CP
) -R
$(PKG_INSTALL_DIR
)/etc
/ipsec.d
$(1)/etc
/
375 $(CP
) $(PKG_INSTALL_DIR
)/etc
/{ipsec.conf
,strongswan.conf
} $(1)/etc
/
376 $(INSTALL_DIR
) $(1)/usr
/lib
/ipsec
377 $(CP
) $(PKG_INSTALL_DIR
)/usr
/lib
/ipsec
/{libstrongswan.so.
*,libhydra.so.
*} $(1)/usr
/lib
/ipsec
/
378 $(INSTALL_DIR
) $(1)/usr
/sbin
379 $(INSTALL_BIN
) $(PKG_INSTALL_DIR
)/usr
/sbin
/ipsec
$(1)/usr
/sbin
/
380 $(INSTALL_DIR
) $(1)/usr
/lib
/ipsec
381 $(CP
) $(PKG_INSTALL_DIR
)/usr
/lib
/ipsec
/{_copyright
,starter
} $(1)/usr
/lib
/ipsec
/
382 $(INSTALL_CONF
) .
/files
/ipsec.secrets
$(1)/etc
/
386 define Package
/strongswan4-default
/install
391 define Package
/strongswan4-full
/install
396 define Package
/strongswan4-minimal
/install
401 define Package
/strongswan4-app-charon
/install
402 $(INSTALL_DIR
) $(1)/usr
/lib
/ipsec
403 $(CP
) $(PKG_INSTALL_DIR
)/usr
/lib
/ipsec
/libcharon.so.
* $(1)/usr
/lib
/ipsec
/
404 $(INSTALL_DIR
) $(1)/usr
/lib
/ipsec
405 $(CP
) $(PKG_INSTALL_DIR
)/usr
/lib
/ipsec
/{charon
,stroke
} $(1)/usr
/lib
/ipsec
/
409 define Package
/strongswan4-app-pluto
/install
410 $(INSTALL_DIR
) $(1)/usr
/lib
/ipsec
411 $(CP
) $(PKG_INSTALL_DIR
)/usr
/lib
/ipsec
/{pluto
,_pluto_adns
,whack
} $(1)/usr
/lib
/ipsec
/
415 define Package
/strongswan4-libfast
/install
416 $(INSTALL_DIR
) $(1)/usr
/lib
/ipsec
417 $(CP
) $(PKG_INSTALL_DIR
)/usr
/lib
/ipsec
/libfast.so.
* $(1)/usr
/lib
/ipsec
/
421 define Package
/strongswan4-utils
/install
422 $(INSTALL_DIR
) $(1)/usr
/lib
/ipsec
423 $(CP
) $(PKG_INSTALL_DIR
)/usr
/lib
/ipsec
/{openac
,pki
,scepclient
} $(1)/usr
/lib
/ipsec
/
427 define Plugin
/attr-sql
/install
428 $(INSTALL_DIR
) $(1)/usr
/lib
/ipsec
429 $(CP
) $(PKG_INSTALL_DIR
)/usr
/lib
/ipsec
/pool
$(1)/usr
/lib
/ipsec
/
432 define Plugin
/updown
/install
433 $(INSTALL_DIR
) $(1)/usr
/lib
/ipsec
434 $(CP
) $(PKG_INSTALL_DIR
)/usr
/lib
/ipsec
/{_updown
,_updown_espmark
} $(1)/usr
/lib
/ipsec
/
438 $(eval
$(call BuildPackage
,strongswan4
))
439 $(eval
$(call BuildPackage
,strongswan4-default
))
440 $(eval
$(call BuildPackage
,strongswan4-full
))
441 $(eval
$(call BuildPackage
,strongswan4-minimal
))
442 $(eval
$(call BuildPackage
,strongswan4-app-charon
))
443 $(eval
$(call BuildPackage
,strongswan4-app-pluto
))
444 $(eval
$(call BuildPackage
,strongswan4-libfast
))
445 $(eval
$(call BuildPackage
,strongswan4-utils
))
447 $(eval
$(call BuildPlugin
,aes
,AES crypto
,))
448 $(eval
$(call BuildPlugin
,agent
,SSH agent signing
,))
449 $(eval
$(call BuildPlugin
,af-alg
,AF_ALG Linux crypto API
,+kmod-crypto-user
))
450 $(eval
$(call BuildPlugin
,attr
,File-based config attr
,))
451 $(eval
$(call BuildPlugin
,attr-sql
,SQL-based config attrib
,+strongswan4-mod-sql
))
452 $(eval
$(call BuildPlugin
,blowfish
,Blowfish crypto
,))
453 $(eval
$(call BuildPlugin
,constraints
,X
.509 constraint checking
,))
454 $(eval
$(call BuildPlugin
,coupling
,Peer certificate coupling
,))
455 $(eval
$(call BuildPlugin
,curl
,cURL
,+PACKAGE_strongswan4-mod-curl
:libcurl
))
456 $(eval
$(call BuildPlugin
,des
,DES crypto
,))
457 $(eval
$(call BuildPlugin
,dhcp
,DHCP-based IP and DNS
,))
458 $(eval
$(call BuildPlugin
,dnskey
,DNS RR key decoding
,))
459 $(eval
$(call BuildPlugin
,duplicheck
,Duplicate checking
,))
460 $(eval
$(call BuildPlugin
,eap-md5
,MD5 EAP
(CHAP
) auth
,))
461 $(eval
$(call BuildPlugin
,eap-mschapv2
,MS-CHAPv2 EAP auth
,))
462 $(eval
$(call BuildPlugin
,eap-radius
,RADIUS proxy auth
,))
463 $(eval
$(call BuildPlugin
,farp
,Fake arp respsonses
,))
464 $(eval
$(call BuildPlugin
,fips-prf
,FIPS PRF crypto
,))
465 $(eval
$(call BuildPlugin
,gcrypt
,libgcrypt
,+PACKAGE_strongswan4-mod-gcrypt
:libgcrypt
))
466 $(eval
$(call BuildPlugin
,gmp
,libgmp
,+PACKAGE_strongswan4-mod-gmp
:libgmp
))
467 $(eval
$(call BuildPlugin
,hmac
,HMAC crypto
,))
468 $(eval
$(call BuildPlugin
,kernel-klips
,KLIPS kernel interface
,))
469 $(eval
$(call BuildPlugin
,kernel-netlink
,netlink kernel interface
,))
470 $(eval
$(call BuildPlugin
,kernel-pfkey
,PK_KEY kernel interface
,))
471 $(eval
$(call BuildPlugin
,ldap
,LDAP
,+PACKAGE_strongswan4-mod-ldap
:libopenldap
))
472 $(eval
$(call BuildPlugin
,led
,LED blink on IKE activity
,))
473 $(eval
$(call BuildPlugin
,load-tester
,load testing
,))
474 $(eval
$(call BuildPlugin
,md5
,MD5 crypto
,))
475 $(eval
$(call BuildPlugin
,medcli
,mediation client configuration database
,))
476 $(eval
$(call BuildPlugin
,medsrv
,mediation server configuration database
,))
477 $(eval
$(call BuildPlugin
,mysql
,MySQL database interface
,+strongswan4-mod-sql
+PACKAGE_strongswan4-mod-mysql
:libmysqlclient
))
478 $(eval
$(call BuildPlugin
,padlock
,VIA PadLock crypto
,@TARGET_x86
))
479 $(eval
$(call BuildPlugin
,pem
,PEM decoding
,))
480 $(eval
$(call BuildPlugin
,pgp
,PGP key decoding
,))
481 $(eval
$(call BuildPlugin
,pkcs1
,PKCS1 key decoding
,))
482 $(eval
$(call BuildPlugin
,pubkey
,raw public key
,))
483 $(eval
$(call BuildPlugin
,random
,RNG
,))
484 $(eval
$(call BuildPlugin
,resolve
,DNS resolver
,))
485 $(eval
$(call BuildPlugin
,revocation
,X
.509 revocation checking
,))
486 $(eval
$(call BuildPlugin
,sha1
,SHA1 crypto
,))
487 $(eval
$(call BuildPlugin
,sha2
,SHA2 crypto
,))
488 $(eval
$(call BuildPlugin
,smp
,SMP configuration and control interface
,+PACKAGE_strongswan4-mod-smp
:libxml2
))
489 $(eval
$(call BuildPlugin
,socket-default
,default socket for IKEv2
,))
490 $(eval
$(call BuildPlugin
,socket-raw
,RAW socket for IKEv1 and IKEv2
,))
491 $(eval
$(call BuildPlugin
,sql
,SQL database interface
,))
492 $(eval
$(call BuildPlugin
,sqlite
,SQLite database interface
,+strongswan4-mod-sql
+PACKAGE_strongswan4-mod-sqlite
:libsqlite3
))
493 $(eval
$(call BuildPlugin
,stroke
,Stroke
,))
494 $(eval
$(call BuildPlugin
,uci
,UCI config interface
,+PACKAGE_strongswan4-mod-uci
:libuci
))
495 $(eval
$(call BuildPlugin
,updown
,updown firewall
,))
496 $(eval
$(call BuildPlugin
,whitelist
,Peer identity whitelisting
,))
497 $(eval
$(call BuildPlugin
,x509
,x509 certificate
,))
498 $(eval
$(call BuildPlugin
,xauth
,XAUTH authentication
,))
499 $(eval
$(call BuildPlugin
,xcbc
,xcbc crypto
,))