projects / openwrt / svn-archive / archive.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[PATCH] strongswan4 update to 4.5.1
[openwrt/svn-archive/archive.git] / net / strongswan4 / Makefile
1 #
2 # Copyright (C) 2010-2011 OpenWrt.org
3 #
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
6 #
7
8 include $(TOPDIR)/rules.mk
9
10 PKG_NAME:=strongswan
11 PKG_VERSION:=4.5.1
12 PKG_RELEASE:=1
13
14 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
15 PKG_SOURCE_URL:=http://download.strongswan.org/
16 PKG_MD5SUM:=81a4a699c4a1a49b74061dfa47b5a033
17
18 PKG_MOD_AVAILABLE:= \
19 aes \
20 agent \
21 attr \
22 attr-sql \
23 blowfish \
24 constraints \
25 curl \
26 des \
27 dhcp \
28 dnskey \
29 eap-md5 \
30 eap-mschapv2 \
31 eap-radius \
32 farp \
33 fips-prf \
34 gcrypt \
35 gmp \
36 hmac \
37 kernel-klips \
38 kernel-netlink \
39 kernel-pfkey \
40 ldap \
41 led \
42 load-tester \
43 md5 \
44 medcli \
45 medsrv \
46 mysql \
47 padlock \
48 pem \
49 pgp \
50 pkcs1 \
51 pubkey \
52 random \
53 resolve \
54 revocation \
55 sha1 \
56 sha2 \
57 smp \
58 socket-default \
59 socket-raw \
60 sql \
61 sqlite \
62 stroke \
63 uci \
64 updown \
65 x509 \
66 xauth \
67 xcbc \
68
69 PKG_BUILD_DEPENDS:= \
70 clearsilver \
71 fcgi \
72
73 PKG_CONFIG_DEPENDS:= \
74 CONFIG_STRONGSWAN4_ENABLE_CISCO_QUIRKS \
75 CONFIG_STRONGSWAN4_ENABLE_NAT_TRANSPORT \
76 CONFIG_STRONGSWAN4_ENABLE_VENDOR_ID \
77 CONFIG_STRONGSWAN4_ENABLE_XAUTH_VID \
78 CONFIG_STRONGSWAN4_DEVICE_RANDOM \
79 CONFIG_STRONGSWAN4_DEVICE_URANDOM \
80 CONFIG_STRONGSWAN4_ROUTING_TABLE \
81 CONFIG_STRONGSWAN4_ROUTING_TABLE_PRIO \
82 $(patsubst %,CONFIG_PACKAGE_strongswan4-mod-%,$(PKG_MOD_AVAILABLE)) \
83
84 PKG_FIXUP:=autoreconf
85 PKG_INSTALL:=1
86 PKG_BUILD_PARALLEL:=1
87
88 include $(INCLUDE_DIR)/package.mk
89
90
91 define Package/strongswan4/Default
92 SUBMENU:=VPN
93 SECTION:=net
94 CATEGORY:=Network
95 TITLE:=StrongSwan
96 URL:=http://www.strongswan.org/
97 endef
98
99 define Package/strongswan4/description/Default
100 StrongSwan is an OpenSource IPsec implementation for the Linux
101 operating system.
102 endef
103
104
105 define Package/strongswan4
106 $(call Package/strongswan4/Default)
107 DEPENDS:= +libpthread +ip \
108 +kmod-crypto-authenc \
109 +kmod-ipsec +kmod-ipsec4 \
110 +kmod-ipt-ipsec +iptables-mod-ipsec
111 MENU:=1
112 endef
113
114 define Package/strongswan4/config
115 source "$(SOURCE)/Config.in"
116 endef
117
118 define Package/strongswan4/description
119 $(call Package/strongswan4/description/Default)
120 .
121 This package contains shared libraries and scripts.
122 endef
123
124
125 define Package/strongswan4-full
126 $(call Package/strongswan4/Default)
127 TITLE+= (full)
128 DEPENDS:= strongswan4 \
129 +strongswan4-app-charon \
130 +strongswan4-app-pluto \
131 +strongswan4-mod-aes \
132 +strongswan4-mod-agent \
133 +strongswan4-mod-attr \
134 +strongswan4-mod-attr-sql \
135 +strongswan4-mod-blowfish \
136 +strongswan4-mod-constraints \
137 +strongswan4-mod-curl \
138 +strongswan4-mod-des \
139 +strongswan4-mod-dhcp \
140 +strongswan4-mod-dnskey \
141 +strongswan4-mod-eap-md5 \
142 +strongswan4-mod-eap-mschapv2 \
143 +strongswan4-mod-eap-radius \
144 +strongswan4-mod-farp \
145 +strongswan4-mod-fips-prf \
146 +strongswan4-mod-gcrypt \
147 +strongswan4-mod-gmp \
148 +strongswan4-mod-hmac \
149 +strongswan4-mod-kernel-klips \
150 +strongswan4-mod-kernel-netlink \
151 +strongswan4-mod-kernel-pfkey \
152 +strongswan4-mod-ldap \
153 +strongswan4-mod-led \
154 +strongswan4-mod-load-tester \
155 +strongswan4-mod-md5 \
156 +strongswan4-mod-medcli \
157 +strongswan4-mod-medsrv \
158 +strongswan4-mod-mysql \
159 +TARGET_x86:strongswan4-mod-padlock \
160 +strongswan4-mod-pem \
161 +strongswan4-mod-pgp \
162 +strongswan4-mod-pkcs1 \
163 +strongswan4-mod-pubkey \
164 +strongswan4-mod-random \
165 +strongswan4-mod-resolve \
166 +strongswan4-mod-revocation \
167 +strongswan4-mod-sha1 \
168 +strongswan4-mod-sha2 \
169 +strongswan4-mod-smp \
170 +strongswan4-mod-socket-default \
171 +strongswan4-mod-socket-raw \
172 +strongswan4-mod-sql \
173 +strongswan4-mod-sqlite \
174 +strongswan4-mod-stroke \
175 +strongswan4-mod-uci \
176 +strongswan4-mod-updown \
177 +strongswan4-mod-x509 \
178 +strongswan4-mod-xauth \
179 +strongswan4-mod-xcbc \
180 +strongswan4-utils
181 endef
182
183 define Package/strongswan4-full/description
184 $(call Package/strongswan4/description/Default)
185 .
186 This meta-package contains only dependencies for a complete setup.
187 endef
188
189
190 define Package/strongswan4-default
191 $(call Package/strongswan4/Default)
192 TITLE+= (default)
193 DEPENDS:= strongswan4 \
194 +strongswan4-app-charon \
195 +strongswan4-app-pluto \
196 +strongswan4-mod-aes \
197 +strongswan4-mod-constraints \
198 +strongswan4-mod-attr \
199 +strongswan4-mod-des \
200 +strongswan4-mod-dnskey \
201 +strongswan4-mod-fips-prf \
202 +strongswan4-mod-gmp \
203 +strongswan4-mod-hmac \
204 +strongswan4-mod-kernel-netlink \
205 +strongswan4-mod-md5 \
206 +strongswan4-mod-pem \
207 +strongswan4-mod-pgp \
208 +strongswan4-mod-pkcs1 \
209 +strongswan4-mod-pubkey \
210 +strongswan4-mod-random \
211 +strongswan4-mod-revocation \
212 +strongswan4-mod-resolve \
213 +strongswan4-mod-sha1 \
214 +strongswan4-mod-sha2 \
215 +strongswan4-mod-socket-raw \
216 +strongswan4-mod-stroke \
217 +strongswan4-mod-updown \
218 +strongswan4-mod-x509 \
219 +strongswan4-mod-xauth \
220 +strongswan4-mod-xcbc \
221 +strongswan4-utils
222 endef
223
224 define Package/strongswan4-default/description
225 $(call Package/strongswan4/description/Default)
226 .
227 This meta-package contains only dependencies to match upstream
228 defaults.
229 endef
230
231
232 define Package/strongswan4-minimal
233 $(call Package/strongswan4/Default)
234 TITLE+= (minimal)
235 DEPENDS:= strongswan4 \
236 +strongswan4-app-charon \
237 +strongswan4-mod-aes \
238 +strongswan4-mod-gmp \
239 +strongswan4-mod-hmac \
240 +strongswan4-mod-kernel-netlink \
241 +strongswan4-mod-pubkey \
242 +strongswan4-mod-random \
243 +strongswan4-mod-sha1 \
244 +strongswan4-mod-socket-default \
245 +strongswan4-mod-stroke \
246 +strongswan4-mod-updown \
247 +strongswan4-mod-x509 \
248 +strongswan4-mod-xcbc
249 endef
250
251 define Package/strongswan4-minimal/description
252 $(call Package/strongswan4/description/Default)
253 .
254 This meta-package contains only dependencies for a minimal IKEv2 setup.
255 endef
256
257
258 define Package/strongswan4-app-charon
259 $(call Package/strongswan4/Default)
260 TITLE+= IKEv2 keying daemon
261 DEPENDS:= strongswan4
262 endef
263
264 define Package/strongswan4-app-charon/description
265 $(call Package/strongswan4/description/Default)
266 .
267 This package contains charon, an IKEv2 keying daemon.
268 endef
269
270
271 define Package/strongswan4-app-pluto
272 $(call Package/strongswan4/Default)
273 TITLE+= IKEv1 keying daemon
274 DEPENDS:= strongswan4
275 endef
276
277 define Package/strongswan4-app-pluto/description
278 $(call Package/strongswan4/description/Default)
279 .
280 This package contains pluto, an IKEv1 keying daemon.
281 endef
282
283
284 define Package/strongswan4-utils
285 $(call Package/strongswan4/Default)
286 TITLE+= utilities
287 DEPENDS:= strongswan4
288 endef
289
290 define Package/strongswan4-utils/description
291 $(call Package/strongswan4/description/Default)
292 .
293 This package contains the openac, pki & scepclient utilities.
294 endef
295
296
297 # 1. Name
298 # 2. Title
299 # 3. Depends
300 define BuildPlugin
301 define Package/strongswan4-mod-$(1)
302 $$(call Package/strongswan4/Default)
303 TITLE:= StrongSwan $(2) plugin
304 DEPENDS:= strongswan4 $(3)
305 endef
306
307 define Package/strongswan4-mod-$(1)/install
308 $(INSTALL_DIR) $$(1)/usr/lib/ipsec/plugins
309 $(CP) \
310 $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-$(1).so \
311 $$(1)/usr/lib/ipsec/plugins/ ;
312 $(call Plugin/$(1)/install,$$(1))
313 endef
314
315 $$(eval $$(call BuildPackage,strongswan4-mod-$(1)))
316 endef
317
318
319 CONFIGURE_ARGS+= \
320 $(if $(CONFIG_STRONGSWAN4_ENABLE_CISCO_QUIRKS),--enable-cisco-quirks,--disable-cisco-quirks) \
321 $(if $(CONFIG_STRONGSWAN4_ENABLE_NAT_TRANSPORT),--enable-nat-transport,--disable-nat-transport) \
322 $(if $(CONFIG_STRONGSWAN4_ENABLE_VENDOR_ID),--enable-vendor-id,--disable-vendor-id) \
323 $(if $(CONFIG_STRONGSWAN4_ENABLE_XAUTH_VID),--enable-xauth-vid,--disable-xauth-vid) \
324 --disable-scripts \
325 --disable-static \
326 $(if $(CONFIG_PACKAGE_strongswan4-utils),--enable-tools,--disable-tools) \
327 --with-random-device="$(call qstrip,$(CONFIG_STRONGSWAN4_DEVICE_RANDOM))" \
328 --with-urandom-device="$(call qstrip,$(CONFIG_STRONGSWAN4_DEVICE_URANDOM))" \
329 --with-routing-table="$(call qstrip,$(CONFIG_STRONGSWAN4_ROUTING_TABLE))" \
330 --with-routing-table-prio="$(call qstrip,$(CONFIG_STRONGSWAN4_ROUTING_TABLE_PRIO))" \
331 $(foreach m,$(PKG_MOD_AVAILABLE), \
332 $(if $(CONFIG_PACKAGE_strongswan4-mod-$(m)),--enable-$(m),--disable-$(m)) \
333 ) \
334
335 EXTRA_CPPFLAGS+= -I$(STAGING_DIR)/usr/include/ClearSilver
336
337 EXTRA_LDFLAGS+= -Wl,-rpath-link,$(STAGING_DIR)/usr/lib
338
339
340 define Package/strongswan4/conffiles
341 /etc/ipsec.conf
342 /etc/ipsec.secrets
343 /etc/strongswan.conf
344 endef
345
346 define Package/strongswan4/install
347 $(INSTALL_DIR) $(1)/etc
348 $(CP) -R $(PKG_INSTALL_DIR)/etc/ipsec.d $(1)/etc/
349 $(INSTALL_DIR) $(1)/usr/lib
350 $(CP) \
351 $(PKG_INSTALL_DIR)/usr/lib/libstrongswan.so.* \
352 $(PKG_INSTALL_DIR)/usr/lib/libhydra.so.* \
353 $(1)/usr/lib/
354 $(INSTALL_DIR) $(1)/usr/sbin
355 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/ipsec $(1)/usr/sbin/
356 $(INSTALL_DIR) $(1)/usr/lib/ipsec
357 $(CP) \
358 $(PKG_INSTALL_DIR)/usr/lib/ipsec/_copyright \
359 $(PKG_INSTALL_DIR)/usr/lib/ipsec/starter \
360 $(1)/usr/lib/ipsec/
361 $(INSTALL_CONF) \
362 ./files/ipsec.conf \
363 ./files/ipsec.secrets \
364 ./files/strongswan.conf \
365 $(1)/etc/
366 endef
367
368
369 define Package/strongswan4-default/install
370 true
371 endef
372
373
374 define Package/strongswan4-full/install
375 true
376 endef
377
378
379 define Package/strongswan4-minimal/install
380 true
381 endef
382
383
384 define Package/strongswan4-app-charon/install
385 $(INSTALL_DIR) $(1)/usr/lib
386 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libcharon.so.* $(1)/usr/lib/
387 $(INSTALL_DIR) $(1)/usr/lib/ipsec
388 $(CP) \
389 $(PKG_INSTALL_DIR)/usr/lib/ipsec/charon \
390 $(PKG_INSTALL_DIR)/usr/lib/ipsec/stroke \
391 $(1)/usr/lib/ipsec/
392 endef
393
394
395 define Package/strongswan4-app-pluto/install
396 $(INSTALL_DIR) $(1)/usr/lib/ipsec
397 $(CP) \
398 $(PKG_INSTALL_DIR)/usr/lib/ipsec/pluto \
399 $(PKG_INSTALL_DIR)/usr/lib/ipsec/_pluto_adns \
400 $(PKG_INSTALL_DIR)/usr/lib/ipsec/whack \
401 $(1)/usr/lib/ipsec/
402 endef
403
404
405 define Package/strongswan4-utils/install
406 $(INSTALL_DIR) $(1)/usr/lib/ipsec
407 $(CP) \
408 $(PKG_INSTALL_DIR)/usr/lib/ipsec/openac \
409 $(PKG_INSTALL_DIR)/usr/lib/ipsec/pki \
410 $(PKG_INSTALL_DIR)/usr/lib/ipsec/scepclient \
411 $(1)/usr/lib/ipsec/
412 endef
413
414
415 define Plugin/attr-sql/install
416 $(INSTALL_DIR) $(1)/usr/lib/ipsec
417 $(CP) \
418 $(PKG_INSTALL_DIR)/usr/lib/ipsec/pool \
419 $(1)/usr/lib/ipsec/
420 endef
421
422 define Plugin/updown/install
423 $(INSTALL_DIR) $(1)/usr/lib/ipsec
424 $(CP) \
425 $(PKG_INSTALL_DIR)/usr/lib/ipsec/_updown \
426 $(PKG_INSTALL_DIR)/usr/lib/ipsec/_updown_espmark \
427 $(1)/usr/lib/ipsec/
428 endef
429
430
431 $(eval $(call BuildPackage,strongswan4))
432 $(eval $(call BuildPackage,strongswan4-default))
433 $(eval $(call BuildPackage,strongswan4-full))
434 $(eval $(call BuildPackage,strongswan4-minimal))
435 $(eval $(call BuildPackage,strongswan4-app-charon))
436 $(eval $(call BuildPackage,strongswan4-app-pluto))
437 $(eval $(call BuildPackage,strongswan4-utils))
438
439 $(eval $(call BuildPlugin,aes,AES crypto,))
440 $(eval $(call BuildPlugin,agent,SSH agent signing,))
441 $(eval $(call BuildPlugin,attr,File-based config attr,))
442 $(eval $(call BuildPlugin,attr-sql,SQL-based config attrib,+strongswan4-mod-sql))
443 $(eval $(call BuildPlugin,blowfish,Blowfish crypto,))
444 $(eval $(call BuildPlugin,constraints,X.509 constraint checking,))
445 $(eval $(call BuildPlugin,curl,cURL,+libcurl))
446 $(eval $(call BuildPlugin,des,DES crypto,))
447 $(eval $(call BuildPlugin,dhcp,DHCP-based IP and DNS,))
448 $(eval $(call BuildPlugin,dnskey,DNS RR key decoding,))
449 $(eval $(call BuildPlugin,eap-md5,MD5 EAP (CHAP) auth,))
450 $(eval $(call BuildPlugin,eap-mschapv2,MS-CHAPv2 EAP auth,))
451 $(eval $(call BuildPlugin,eap-radius,RADIUS proxy auth,))
452 $(eval $(call BuildPlugin,farp,Fake arp respsonses,))
453 $(eval $(call BuildPlugin,fips-prf,FIPS PRF crypto,))
454 $(eval $(call BuildPlugin,gcrypt,libgcrypt,+libgcrypt))
455 $(eval $(call BuildPlugin,gmp,libgmp,+libgmp))
456 $(eval $(call BuildPlugin,hmac,HMAC crypto,))
457 $(eval $(call BuildPlugin,kernel-klips,KLIPS kernel interface,))
458 $(eval $(call BuildPlugin,kernel-netlink,netlink kernel interface,))
459 $(eval $(call BuildPlugin,kernel-pfkey,PK_KEY kernel interface,))
460 $(eval $(call BuildPlugin,ldap,LDAP,+libopenldap))
461 $(eval $(call BuildPlugin,led,LED blink on IKE activity,))
462 $(eval $(call BuildPlugin,load-tester,load testing,))
463 $(eval $(call BuildPlugin,md5,MD5 crypto,))
464 $(eval $(call BuildPlugin,medcli,mediation client configuration database,))
465 $(eval $(call BuildPlugin,medsrv,mediation server configuration database,))
466 $(eval $(call BuildPlugin,mysql,MySQL database interface,+strongswan4-mod-sql +PACKAGE_strongswan4-mod-mysql:libmysqlclient))
467 $(eval $(call BuildPlugin,padlock,VIA PadLock crypto,@TARGET_x86))
468 $(eval $(call BuildPlugin,pem,PEM decoding,))
469 $(eval $(call BuildPlugin,pgp,PGP key decoding,))
470 $(eval $(call BuildPlugin,pkcs1,PKCS1 key decoding,))
471 $(eval $(call BuildPlugin,pubkey,raw public key,))
472 $(eval $(call BuildPlugin,random,RNG,))
473 $(eval $(call BuildPlugin,resolve,DNS resolver,))
474 $(eval $(call BuildPlugin,revocation,X.509 revocation checking,))
475 $(eval $(call BuildPlugin,sha1,SHA1 crypto,))
476 $(eval $(call BuildPlugin,sha2,SHA2 crypto,))
477 $(eval $(call BuildPlugin,smp,SMP configuration and control interface,+PACKAGE_strongswan4-mod-smp:libxml2))
478 $(eval $(call BuildPlugin,socket-default,default socket for IKEv2,))
479 $(eval $(call BuildPlugin,socket-raw,RAW socket for IKEv1 and IKEv2,))
480 $(eval $(call BuildPlugin,sql,SQL database interface,))
481 $(eval $(call BuildPlugin,sqlite,SQLite database interface,+strongswan4-mod-sql +PACKAGE_strongswan4-mod-sqlite:libsqlite3))
482 $(eval $(call BuildPlugin,stroke,Stroke,))
483 $(eval $(call BuildPlugin,uci,UCI config interface,+libuci))
484 $(eval $(call BuildPlugin,updown,updown firewall,))
485 $(eval $(call BuildPlugin,x509,x509 certificate,))
486 $(eval $(call BuildPlugin,xauth,XAUTH authentication,))
487 $(eval $(call BuildPlugin,xcbc,xcbc crypto,))
OpenWrt SVN history