projects / openwrt / svn-archive / archive.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
packages/lsm: use new service functions, pass proper CFLAGS, cleanup
[openwrt/svn-archive/archive.git] / net / strongswan4 / Makefile
1 #
2 # Copyright (C) 2010-2011 OpenWrt.org
3 #
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
6 #
7
8 include $(TOPDIR)/rules.mk
9
10 PKG_NAME:=strongswan
11 PKG_VERSION:=4.5.3
12 PKG_RELEASE:=1
13
14 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
15 PKG_SOURCE_URL:=http://download.strongswan.org/
16 PKG_MD5SUM:=ee7c50a90c91307b111e8085f2479890
17
18 PKG_MOD_AVAILABLE:= \
19 aes \
20 af-alg \
21 agent \
22 attr \
23 attr-sql \
24 blowfish \
25 constraints \
26 coupling \
27 curl \
28 des \
29 dhcp \
30 dnskey \
31 duplicheck \
32 eap-md5 \
33 eap-mschapv2 \
34 eap-radius \
35 farp \
36 fips-prf \
37 gcrypt \
38 gmp \
39 hmac \
40 kernel-klips \
41 kernel-netlink \
42 kernel-pfkey \
43 ldap \
44 led \
45 load-tester \
46 md5 \
47 medcli \
48 medsrv \
49 mysql \
50 padlock \
51 pem \
52 pgp \
53 pkcs1 \
54 pubkey \
55 random \
56 resolve \
57 revocation \
58 sha1 \
59 sha2 \
60 smp \
61 socket-default \
62 socket-raw \
63 sql \
64 sqlite \
65 stroke \
66 uci \
67 updown \
68 whitelist \
69 x509 \
70 xauth \
71 xcbc \
72
73 PKG_BUILD_DEPENDS:= \
74 PACKAGE_strongswan4-libfast:clearsilver \
75 PACKAGE_strongswan4-libfast:fcgi \
76
77 PKG_CONFIG_DEPENDS:= \
78 CONFIG_STRONGSWAN4_ENABLE_CISCO_QUIRKS \
79 CONFIG_STRONGSWAN4_ENABLE_NAT_TRANSPORT \
80 CONFIG_STRONGSWAN4_ENABLE_VENDOR_ID \
81 CONFIG_STRONGSWAN4_ENABLE_XAUTH_VID \
82 CONFIG_STRONGSWAN4_DEVICE_RANDOM \
83 CONFIG_STRONGSWAN4_DEVICE_URANDOM \
84 CONFIG_STRONGSWAN4_ROUTING_TABLE \
85 CONFIG_STRONGSWAN4_ROUTING_TABLE_PRIO \
86 $(patsubst %,CONFIG_PACKAGE_strongswan4-mod-%,$(PKG_MOD_AVAILABLE)) \
87
88 PKG_FIXUP:=autoreconf
89 PKG_INSTALL:=1
90 PKG_BUILD_PARALLEL:=1
91
92 include $(INCLUDE_DIR)/package.mk
93
94
95 define Package/strongswan4/Default
96 SUBMENU:=VPN
97 SECTION:=net
98 CATEGORY:=Network
99 TITLE:=StrongSwan
100 URL:=http://www.strongswan.org/
101 endef
102
103 define Package/strongswan4/description/Default
104 StrongSwan is an OpenSource IPsec implementation for the Linux
105 operating system.
106 endef
107
108
109 define Package/strongswan4
110 $(call Package/strongswan4/Default)
111 DEPENDS:= +libpthread +ip \
112 +kmod-crypto-authenc \
113 +kmod-ipsec +kmod-ipsec4 \
114 +kmod-ipt-ipsec +iptables-mod-ipsec
115 endef
116
117 define Package/strongswan4/config
118 source "$(SOURCE)/Config.in"
119 endef
120
121 define Package/strongswan4/description
122 $(call Package/strongswan4/description/Default)
123 .
124 This package contains shared libraries and scripts.
125 endef
126
127
128 define Package/strongswan4-full
129 $(call Package/strongswan4/Default)
130 TITLE+= (full)
131 DEPENDS:= +strongswan4 \
132 +strongswan4-app-charon \
133 +strongswan4-app-pluto \
134 +strongswan4-libfast \
135 +strongswan4-mod-aes \
136 +strongswan4-mod-af-alg \
137 +strongswan4-mod-agent \
138 +strongswan4-mod-attr \
139 +strongswan4-mod-attr-sql \
140 +strongswan4-mod-blowfish \
141 +strongswan4-mod-constraints \
142 +strongswan4-mod-coupling \
143 +strongswan4-mod-curl \
144 +strongswan4-mod-des \
145 +strongswan4-mod-dhcp \
146 +strongswan4-mod-dnskey \
147 +strongswan4-mod-duplicheck \
148 +strongswan4-mod-eap-md5 \
149 +strongswan4-mod-eap-mschapv2 \
150 +strongswan4-mod-eap-radius \
151 +strongswan4-mod-farp \
152 +strongswan4-mod-fips-prf \
153 +strongswan4-mod-gcrypt \
154 +strongswan4-mod-gmp \
155 +strongswan4-mod-hmac \
156 +strongswan4-mod-kernel-netlink \
157 +strongswan4-mod-kernel-pfkey \
158 +strongswan4-mod-ldap \
159 +strongswan4-mod-led \
160 +strongswan4-mod-load-tester \
161 +strongswan4-mod-md5 \
162 +strongswan4-mod-medcli \
163 +strongswan4-mod-medsrv \
164 +strongswan4-mod-mysql \
165 +TARGET_x86:strongswan4-mod-padlock \
166 +strongswan4-mod-pem \
167 +strongswan4-mod-pgp \
168 +strongswan4-mod-pkcs1 \
169 +strongswan4-mod-pubkey \
170 +strongswan4-mod-random \
171 +strongswan4-mod-resolve \
172 +strongswan4-mod-revocation \
173 +strongswan4-mod-sha1 \
174 +strongswan4-mod-sha2 \
175 +strongswan4-mod-smp \
176 +strongswan4-mod-socket-raw \
177 +strongswan4-mod-sql \
178 +strongswan4-mod-sqlite \
179 +strongswan4-mod-stroke \
180 +strongswan4-mod-uci \
181 +strongswan4-mod-updown \
182 +strongswan4-mod-whitelist \
183 +strongswan4-mod-x509 \
184 +strongswan4-mod-xauth \
185 +strongswan4-mod-xcbc \
186 +strongswan4-utils \
187 @DEVEL
188 endef
189
190 define Package/strongswan4-full/description
191 $(call Package/strongswan4/description/Default)
192 .
193 This meta-package contains dependencies for all of the strongswan4
194 plugins except kernel-klips and socket-default which are ommitted in
195 favor of the kernel-netlink and socket-raw plugins.
196 endef
197
198
199 define Package/strongswan4-default
200 $(call Package/strongswan4/Default)
201 TITLE+= (default)
202 DEPENDS:= +strongswan4 \
203 +strongswan4-app-charon \
204 +strongswan4-app-pluto \
205 +strongswan4-mod-aes \
206 +strongswan4-mod-constraints \
207 +strongswan4-mod-attr \
208 +strongswan4-mod-des \
209 +strongswan4-mod-dnskey \
210 +strongswan4-mod-fips-prf \
211 +strongswan4-mod-gmp \
212 +strongswan4-mod-hmac \
213 +strongswan4-mod-kernel-netlink \
214 +strongswan4-mod-md5 \
215 +strongswan4-mod-pem \
216 +strongswan4-mod-pgp \
217 +strongswan4-mod-pkcs1 \
218 +strongswan4-mod-pubkey \
219 +strongswan4-mod-random \
220 +strongswan4-mod-revocation \
221 +strongswan4-mod-resolve \
222 +strongswan4-mod-sha1 \
223 +strongswan4-mod-sha2 \
224 +strongswan4-mod-socket-raw \
225 +strongswan4-mod-stroke \
226 +strongswan4-mod-updown \
227 +strongswan4-mod-x509 \
228 +strongswan4-mod-xauth \
229 +strongswan4-mod-xcbc \
230 +strongswan4-utils
231 endef
232
233 define Package/strongswan4-default/description
234 $(call Package/strongswan4/description/Default)
235 .
236 This meta-package contains only dependencies to match upstream
237 defaults.
238 endef
239
240
241 define Package/strongswan4-minimal
242 $(call Package/strongswan4/Default)
243 TITLE+= (minimal)
244 DEPENDS:= +strongswan4 \
245 +strongswan4-app-charon \
246 +strongswan4-mod-aes \
247 +strongswan4-mod-gmp \
248 +strongswan4-mod-hmac \
249 +strongswan4-mod-kernel-netlink \
250 +strongswan4-mod-pubkey \
251 +strongswan4-mod-random \
252 +strongswan4-mod-sha1 \
253 +strongswan4-mod-socket-default \
254 +strongswan4-mod-stroke \
255 +strongswan4-mod-updown \
256 +strongswan4-mod-x509 \
257 +strongswan4-mod-xcbc
258 endef
259
260 define Package/strongswan4-minimal/description
261 $(call Package/strongswan4/description/Default)
262 .
263 This meta-package contains only dependencies for a minimal IKEv2 setup.
264 endef
265
266
267 define Package/strongswan4-app-charon
268 $(call Package/strongswan4/Default)
269 TITLE+= IKEv2 keying daemon
270 DEPENDS:= +strongswan4
271 endef
272
273 define Package/strongswan4-app-charon/description
274 $(call Package/strongswan4/description/Default)
275 .
276 This package contains charon, an IKEv2 keying daemon.
277 endef
278
279
280 define Package/strongswan4-app-pluto
281 $(call Package/strongswan4/Default)
282 TITLE+= IKEv1 keying daemon
283 DEPENDS:= +strongswan4
284 endef
285
286 define Package/strongswan4-app-pluto/description
287 $(call Package/strongswan4/description/Default)
288 .
289 This package contains pluto, an IKEv1 keying daemon.
290 endef
291
292
293 define Package/strongswan4-libfast
294 $(call Package/strongswan4/Default)
295 TITLE+= libfast
296 DEPENDS:= +strongswan4
297 endef
298
299 define Package/strongswan4-libfast/description
300 $(call Package/strongswan4/description/Default)
301 .
302 This package contains libfast, a lightweight framework to build native
303 web applications using ClearSilver and FastCGI.
304 endef
305
306
307 define Package/strongswan4-utils
308 $(call Package/strongswan4/Default)
309 TITLE+= utilities
310 DEPENDS:= +strongswan4
311 endef
312
313 define Package/strongswan4-utils/description
314 $(call Package/strongswan4/description/Default)
315 .
316 This package contains the openac, pki & scepclient utilities.
317 endef
318
319
320 # 1. Name
321 # 2. Title
322 # 3. Depends
323 define BuildPlugin
324 define Package/strongswan4-mod-$(1)
325 $$(call Package/strongswan4/Default)
326 TITLE:= StrongSwan $(2) plugin
327 DEPENDS:= +strongswan4 $(3)
328 endef
329
330 define Package/strongswan4-mod-$(1)/install
331 $(INSTALL_DIR) $$(1)/usr/lib/ipsec/plugins
332 $(CP) \
333 $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-$(1).so \
334 $$(1)/usr/lib/ipsec/plugins/ ;
335 $(call Plugin/$(1)/install,$$(1))
336 endef
337
338 $$(eval $$(call BuildPackage,strongswan4-mod-$(1)))
339 endef
340
341
342 CONFIGURE_ARGS+= \
343 $(if $(CONFIG_STRONGSWAN4_ENABLE_CISCO_QUIRKS),--enable-cisco-quirks,--disable-cisco-quirks) \
344 $(if $(CONFIG_STRONGSWAN4_ENABLE_NAT_TRANSPORT),--enable-nat-transport,--disable-nat-transport) \
345 $(if $(CONFIG_STRONGSWAN4_ENABLE_VENDOR_ID),--enable-vendor-id,--disable-vendor-id) \
346 $(if $(CONFIG_STRONGSWAN4_ENABLE_XAUTH_VID),--enable-xauth-vid,--disable-xauth-vid) \
347 --disable-scripts \
348 --disable-static \
349 $(if $(CONFIG_PACKAGE_strongswan4-libfast),--enable-fast,--disable-fast) \
350 $(if $(CONFIG_PACKAGE_strongswan4-utils),--enable-tools,--disable-tools) \
351 --with-random-device="$(call qstrip,$(CONFIG_STRONGSWAN4_DEVICE_RANDOM))" \
352 --with-urandom-device="$(call qstrip,$(CONFIG_STRONGSWAN4_DEVICE_URANDOM))" \
353 --with-routing-table="$(call qstrip,$(CONFIG_STRONGSWAN4_ROUTING_TABLE))" \
354 --with-routing-table-prio="$(call qstrip,$(CONFIG_STRONGSWAN4_ROUTING_TABLE_PRIO))" \
355 $(foreach m,$(PKG_MOD_AVAILABLE), \
356 $(if $(CONFIG_PACKAGE_strongswan4-mod-$(m)),--enable-$(m),--disable-$(m)) \
357 ) \
358
359 ifneq ($(CONFIG_PACKAGE_strongswan4-libfast),)
360 EXTRA_CPPFLAGS+= -I$(STAGING_DIR)/usr/include/ClearSilver
361 endif
362
363 EXTRA_LDFLAGS+= -Wl,-rpath-link,$(STAGING_DIR)/usr/lib
364
365
366 define Package/strongswan4/conffiles
367 /etc/ipsec.conf
368 /etc/ipsec.secrets
369 /etc/strongswan.conf
370 endef
371
372 define Package/strongswan4/install
373 $(INSTALL_DIR) $(1)/etc
374 $(CP) -R $(PKG_INSTALL_DIR)/etc/ipsec.d $(1)/etc/
375 $(CP) $(PKG_INSTALL_DIR)/etc/{ipsec.conf,strongswan.conf} $(1)/etc/
376 $(INSTALL_DIR) $(1)/usr/lib/ipsec
377 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{libstrongswan.so.*,libhydra.so.*} $(1)/usr/lib/ipsec/
378 $(INSTALL_DIR) $(1)/usr/sbin
379 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ipsec $(1)/usr/sbin/
380 $(INSTALL_DIR) $(1)/usr/lib/ipsec
381 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{_copyright,starter} $(1)/usr/lib/ipsec/
382 $(INSTALL_CONF) ./files/ipsec.secrets $(1)/etc/
383 endef
384
385
386 define Package/strongswan4-default/install
387 true
388 endef
389
390
391 define Package/strongswan4-full/install
392 true
393 endef
394
395
396 define Package/strongswan4-minimal/install
397 true
398 endef
399
400
401 define Package/strongswan4-app-charon/install
402 $(INSTALL_DIR) $(1)/usr/lib/ipsec
403 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libcharon.so.* $(1)/usr/lib/ipsec/
404 $(INSTALL_DIR) $(1)/usr/lib/ipsec
405 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{charon,stroke} $(1)/usr/lib/ipsec/
406 endef
407
408
409 define Package/strongswan4-app-pluto/install
410 $(INSTALL_DIR) $(1)/usr/lib/ipsec
411 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{pluto,_pluto_adns,whack} $(1)/usr/lib/ipsec/
412 endef
413
414
415 define Package/strongswan4-libfast/install
416 $(INSTALL_DIR) $(1)/usr/lib/ipsec
417 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libfast.so.* $(1)/usr/lib/ipsec/
418 endef
419
420
421 define Package/strongswan4-utils/install
422 $(INSTALL_DIR) $(1)/usr/lib/ipsec
423 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{openac,pki,scepclient} $(1)/usr/lib/ipsec/
424 endef
425
426
427 define Plugin/attr-sql/install
428 $(INSTALL_DIR) $(1)/usr/lib/ipsec
429 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/pool $(1)/usr/lib/ipsec/
430 endef
431
432 define Plugin/updown/install
433 $(INSTALL_DIR) $(1)/usr/lib/ipsec
434 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{_updown,_updown_espmark} $(1)/usr/lib/ipsec/
435 endef
436
437
438 $(eval $(call BuildPackage,strongswan4))
439 $(eval $(call BuildPackage,strongswan4-default))
440 $(eval $(call BuildPackage,strongswan4-full))
441 $(eval $(call BuildPackage,strongswan4-minimal))
442 $(eval $(call BuildPackage,strongswan4-app-charon))
443 $(eval $(call BuildPackage,strongswan4-app-pluto))
444 $(eval $(call BuildPackage,strongswan4-libfast))
445 $(eval $(call BuildPackage,strongswan4-utils))
446
447 $(eval $(call BuildPlugin,aes,AES crypto,))
448 $(eval $(call BuildPlugin,agent,SSH agent signing,))
449 $(eval $(call BuildPlugin,af-alg,AF_ALG Linux crypto API,+kmod-crypto-user))
450 $(eval $(call BuildPlugin,attr,File-based config attr,))
451 $(eval $(call BuildPlugin,attr-sql,SQL-based config attrib,+strongswan4-mod-sql))
452 $(eval $(call BuildPlugin,blowfish,Blowfish crypto,))
453 $(eval $(call BuildPlugin,constraints,X.509 constraint checking,))
454 $(eval $(call BuildPlugin,coupling,Peer certificate coupling,))
455 $(eval $(call BuildPlugin,curl,cURL,+PACKAGE_strongswan4-mod-curl:libcurl))
456 $(eval $(call BuildPlugin,des,DES crypto,))
457 $(eval $(call BuildPlugin,dhcp,DHCP-based IP and DNS,))
458 $(eval $(call BuildPlugin,dnskey,DNS RR key decoding,))
459 $(eval $(call BuildPlugin,duplicheck,Duplicate checking,))
460 $(eval $(call BuildPlugin,eap-md5,MD5 EAP (CHAP) auth,))
461 $(eval $(call BuildPlugin,eap-mschapv2,MS-CHAPv2 EAP auth,))
462 $(eval $(call BuildPlugin,eap-radius,RADIUS proxy auth,))
463 $(eval $(call BuildPlugin,farp,Fake arp respsonses,))
464 $(eval $(call BuildPlugin,fips-prf,FIPS PRF crypto,))
465 $(eval $(call BuildPlugin,gcrypt,libgcrypt,+PACKAGE_strongswan4-mod-gcrypt:libgcrypt))
466 $(eval $(call BuildPlugin,gmp,libgmp,+PACKAGE_strongswan4-mod-gmp:libgmp))
467 $(eval $(call BuildPlugin,hmac,HMAC crypto,))
468 $(eval $(call BuildPlugin,kernel-klips,KLIPS kernel interface,))
469 $(eval $(call BuildPlugin,kernel-netlink,netlink kernel interface,))
470 $(eval $(call BuildPlugin,kernel-pfkey,PK_KEY kernel interface,))
471 $(eval $(call BuildPlugin,ldap,LDAP,+PACKAGE_strongswan4-mod-ldap:libopenldap))
472 $(eval $(call BuildPlugin,led,LED blink on IKE activity,))
473 $(eval $(call BuildPlugin,load-tester,load testing,))
474 $(eval $(call BuildPlugin,md5,MD5 crypto,))
475 $(eval $(call BuildPlugin,medcli,mediation client configuration database,))
476 $(eval $(call BuildPlugin,medsrv,mediation server configuration database,))
477 $(eval $(call BuildPlugin,mysql,MySQL database interface,+strongswan4-mod-sql +PACKAGE_strongswan4-mod-mysql:libmysqlclient))
478 $(eval $(call BuildPlugin,padlock,VIA PadLock crypto,@TARGET_x86))
479 $(eval $(call BuildPlugin,pem,PEM decoding,))
480 $(eval $(call BuildPlugin,pgp,PGP key decoding,))
481 $(eval $(call BuildPlugin,pkcs1,PKCS1 key decoding,))
482 $(eval $(call BuildPlugin,pubkey,raw public key,))
483 $(eval $(call BuildPlugin,random,RNG,))
484 $(eval $(call BuildPlugin,resolve,DNS resolver,))
485 $(eval $(call BuildPlugin,revocation,X.509 revocation checking,))
486 $(eval $(call BuildPlugin,sha1,SHA1 crypto,))
487 $(eval $(call BuildPlugin,sha2,SHA2 crypto,))
488 $(eval $(call BuildPlugin,smp,SMP configuration and control interface,+PACKAGE_strongswan4-mod-smp:libxml2))
489 $(eval $(call BuildPlugin,socket-default,default socket for IKEv2,))
490 $(eval $(call BuildPlugin,socket-raw,RAW socket for IKEv1 and IKEv2,))
491 $(eval $(call BuildPlugin,sql,SQL database interface,))
492 $(eval $(call BuildPlugin,sqlite,SQLite database interface,+strongswan4-mod-sql +PACKAGE_strongswan4-mod-sqlite:libsqlite3))
493 $(eval $(call BuildPlugin,stroke,Stroke,))
494 $(eval $(call BuildPlugin,uci,UCI config interface,+PACKAGE_strongswan4-mod-uci:libuci))
495 $(eval $(call BuildPlugin,updown,updown firewall,))
496 $(eval $(call BuildPlugin,whitelist,Peer identity whitelisting,))
497 $(eval $(call BuildPlugin,x509,x509 certificate,))
498 $(eval $(call BuildPlugin,xauth,XAUTH authentication,))
499 $(eval $(call BuildPlugin,xcbc,xcbc crypto,))
OpenWrt SVN history