projects / feed / packages.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
banip: release 0.9.6-1
[feed/packages.git] / net / strongswan / Makefile
1 #
2 # Copyright (C) 2012-2018 OpenWrt.org
3 #
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
6 #
7
8 include $(TOPDIR)/rules.mk
9
10 PKG_NAME:=strongswan
11 PKG_VERSION:=5.9.14
12 PKG_RELEASE:=2
13
14 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
15 PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/
16 PKG_HASH:=728027ddda4cb34c67c4cec97d3ddb8c274edfbabdaeecf7e74693b54fc33678
17 PKG_LICENSE:=GPL-2.0-or-later
18 PKG_MAINTAINER:=Philip Prindeville <philipp@redfish-solutions.com>, Noel Kuntze <noel.kuntze@thermi.consulting>
19 PKG_CPE_ID:=cpe:/a:strongswan:strongswan
20
21 PKG_MOD_AVAILABLE:= \
22 addrblock \
23 aes \
24 af-alg \
25 agent \
26 attr \
27 attr-sql \
28 bliss \
29 blowfish \
30 ccm \
31 chapoly \
32 cmac \
33 constraints \
34 connmark \
35 coupling \
36 ctr \
37 curl \
38 curve25519 \
39 des \
40 dhcp \
41 dnskey \
42 drbg \
43 duplicheck \
44 eap-dynamic \
45 eap-identity \
46 eap-md5 \
47 eap-mschapv2 \
48 eap-radius \
49 eap-tls \
50 farp \
51 fips-prf \
52 forecast \
53 gcm \
54 gcrypt \
55 gmp \
56 gmpdh \
57 ha \
58 hmac \
59 kdf \
60 kernel-libipsec \
61 kernel-netlink \
62 ldap \
63 led \
64 load-tester \
65 md4 \
66 md5 \
67 mgf1 \
68 mysql \
69 newhope \
70 ntru \
71 openssl \
72 pem \
73 pgp \
74 pkcs1 \
75 pkcs7 \
76 pkcs8 \
77 pkcs11 \
78 pkcs12 \
79 pubkey \
80 random \
81 rc2 \
82 resolve \
83 revocation \
84 sha1 \
85 sha2 \
86 sha3 \
87 smp \
88 socket-default \
89 socket-dynamic \
90 sql \
91 sqlite \
92 sshkey \
93 stroke \
94 test-vectors \
95 unity \
96 uci \
97 updown \
98 vici \
99 whitelist \
100 wolfssl \
101 x509 \
102 xauth-eap \
103 xauth-generic \
104 xcbc
105
106 PKG_CONFIG_DEPENDS:= \
107 CONFIG_STRONGSWAN_ROUTING_TABLE \
108 CONFIG_STRONGSWAN_ROUTING_TABLE_PRIO \
109 $(patsubst %,CONFIG_PACKAGE_strongswan-mod-%,$(PKG_MOD_AVAILABLE)) \
110
111 PKG_FIXUP:=autoreconf
112 PKG_INSTALL:=1
113 PKG_BUILD_PARALLEL:=1
114
115 include $(INCLUDE_DIR)/package.mk
116 # strongswan-mod-mysql needs iconv
117 include $(INCLUDE_DIR)/nls.mk
118
119 define Package/strongswan/Default
120 SUBMENU:=VPN
121 SECTION:=net
122 CATEGORY:=Network
123 TITLE:=StrongSwan
124 URL:=http://www.strongswan.org/
125 endef
126
127 define Package/strongswan/description/Default
128 StrongSwan is an OpenSource IPsec implementation for the Linux operating system.
129 endef
130
131 define Package/strongswan
132 $(call Package/strongswan/Default)
133 MENU:=1
134 DEPENDS:= +libpthread +ip \
135 +kmod-crypto-aead \
136 +kmod-crypto-authenc \
137 +kmod-crypto-cbc \
138 +kmod-lib-zlib-inflate \
139 +kmod-lib-zlib-deflate \
140 +kmod-crypto-des \
141 +kmod-crypto-echainiv \
142 +kmod-crypto-hmac \
143 +kmod-crypto-md5 \
144 +kmod-crypto-sha1 \
145 +kmod-ipsec +kmod-ipsec4 +IPV6:kmod-ipsec6
146 endef
147
148 define Package/strongswan/config
149 source "$(SOURCE)/Config.in"
150 endef
151
152 define Package/strongswan/description
153 $(call Package/strongswan/description/Default)
154 This package contains shared libraries and scripts.
155 endef
156
157 define Package/strongswan-full
158 $(call Package/strongswan/Default)
159 TITLE+= (full)
160 DEPENDS:= strongswan \
161 +strongswan-charon \
162 +strongswan-charon-cmd \
163 +strongswan-ipsec \
164 +strongswan-libnttfft \
165 +strongswan-mod-addrblock \
166 +strongswan-mod-aes \
167 +strongswan-mod-af-alg \
168 +strongswan-mod-agent \
169 +strongswan-mod-attr \
170 +strongswan-mod-attr-sql \
171 +strongswan-mod-bliss \
172 +strongswan-mod-blowfish \
173 +strongswan-mod-ccm \
174 +strongswan-mod-chapoly \
175 +strongswan-mod-cmac \
176 +strongswan-mod-constraints \
177 +strongswan-mod-connmark \
178 +strongswan-mod-coupling \
179 +strongswan-mod-ctr \
180 +strongswan-mod-curl \
181 +strongswan-mod-curve25519 \
182 +strongswan-mod-des \
183 +strongswan-mod-dhcp \
184 +strongswan-mod-dnskey \
185 +strongswan-mod-drbg \
186 +strongswan-mod-duplicheck \
187 +strongswan-mod-eap-dynamic \
188 +strongswan-mod-eap-identity \
189 +strongswan-mod-eap-md5 \
190 +strongswan-mod-eap-mschapv2 \
191 +strongswan-mod-eap-radius \
192 +strongswan-mod-eap-tls \
193 +strongswan-mod-farp \
194 +strongswan-mod-fips-prf \
195 +strongswan-mod-forecast \
196 +strongswan-mod-gcm \
197 +strongswan-mod-gcrypt \
198 +strongswan-mod-gmp \
199 +strongswan-mod-ha \
200 +strongswan-mod-hmac \
201 +strongswan-mod-kdf \
202 +strongswan-mod-kernel-netlink \
203 +strongswan-mod-ldap \
204 +strongswan-mod-led \
205 +strongswan-mod-load-tester \
206 +strongswan-mod-md4 \
207 +strongswan-mod-md5 \
208 +strongswan-mod-mgf1 \
209 +strongswan-mod-mysql \
210 +strongswan-mod-newhope \
211 +strongswan-mod-ntru \
212 +strongswan-mod-openssl \
213 +strongswan-mod-pem \
214 +strongswan-mod-pgp \
215 +strongswan-mod-pkcs1 \
216 +strongswan-mod-pkcs7 \
217 +strongswan-mod-pkcs8 \
218 +strongswan-mod-pkcs11 \
219 +strongswan-mod-pkcs12 \
220 +strongswan-mod-pubkey \
221 +strongswan-mod-random \
222 +strongswan-mod-rc2 \
223 +strongswan-mod-resolve \
224 +strongswan-mod-revocation \
225 +strongswan-mod-sha1 \
226 +strongswan-mod-sha2 \
227 +strongswan-mod-sha3 \
228 +strongswan-mod-smp \
229 +strongswan-mod-socket-default \
230 +strongswan-mod-sql \
231 +strongswan-mod-sqlite \
232 +strongswan-mod-sshkey \
233 +strongswan-mod-stroke \
234 +strongswan-mod-test-vectors \
235 +strongswan-mod-uci \
236 +strongswan-mod-unity \
237 +strongswan-mod-updown \
238 +strongswan-mod-vici \
239 +strongswan-mod-whitelist \
240 +strongswan-mod-wolfssl \
241 +strongswan-mod-x509 \
242 +strongswan-mod-xauth-eap \
243 +strongswan-mod-xauth-generic \
244 +strongswan-mod-xcbc \
245 +strongswan-pki \
246 +strongswan-swanctl \
247 @DEVEL
248 endef
249
250 define Package/strongswan-full/description
251 $(call Package/strongswan/description/Default)
252 This meta-package contains dependencies for all of the strongswan plugins
253 except kernel-libipsec,
254 socket-dynamic and which are omitted in favor of the kernel-netlink and
255 socket-default plugins.
256 endef
257
258
259 define Package/strongswan-default
260 $(call Package/strongswan/Default)
261 TITLE+= (default)
262 DEPENDS:= strongswan \
263 +strongswan-charon \
264 +strongswan-mod-aes \
265 +strongswan-mod-attr \
266 +strongswan-mod-connmark \
267 +strongswan-mod-constraints \
268 +strongswan-mod-des \
269 +strongswan-mod-dnskey \
270 +strongswan-mod-fips-prf \
271 +strongswan-mod-gmp \
272 +strongswan-mod-hmac \
273 @(PACKAGE_strongswan-mod-kdf||PACKAGE_strongswan-mod-openssl||PACKAGE_strongswan-mod-wolfssl) \
274 +strongswan-mod-kernel-netlink \
275 +strongswan-mod-md5 \
276 +strongswan-mod-mgf1 \
277 +strongswan-mod-pem \
278 +strongswan-mod-pgp \
279 +strongswan-mod-pkcs1 \
280 +strongswan-mod-pubkey \
281 +strongswan-mod-random \
282 +strongswan-mod-rc2 \
283 +strongswan-mod-resolve \
284 +strongswan-mod-revocation \
285 +strongswan-mod-sha1 \
286 +strongswan-mod-sha2 \
287 +strongswan-mod-socket-default \
288 +strongswan-mod-sshkey \
289 +strongswan-mod-updown \
290 +strongswan-mod-x509 \
291 +strongswan-mod-xauth-generic \
292 +strongswan-mod-xcbc \
293 +strongswan-swanctl
294 endef
295
296 define Package/strongswan-default/description
297 $(call Package/strongswan/description/Default)
298 This meta-package contains only dependencies to match upstream defaults.
299 endef
300
301
302 define Package/strongswan-isakmp
303 $(call Package/strongswan/Default)
304 TITLE+= (isakmp)
305 DEPENDS:= strongswan \
306 +strongswan-charon \
307 +strongswan-ipsec \
308 +strongswan-mod-aes \
309 +strongswan-mod-des \
310 +strongswan-mod-gmpdh \
311 +strongswan-mod-hmac \
312 @(PACKAGE_strongswan-mod-kdf||PACKAGE_strongswan-mod-openssl||PACKAGE_strongswan-mod-wolfssl) \
313 +strongswan-mod-kernel-netlink \
314 +strongswan-mod-md5 \
315 +strongswan-mod-mgf1 \
316 +strongswan-mod-pubkey \
317 +strongswan-mod-random \
318 +strongswan-mod-sha1 \
319 +strongswan-mod-socket-default \
320 +strongswan-mod-stroke \
321 +strongswan-mod-uci \
322 +strongswan-mod-updown
323 endef
324
325 define Package/strongswan-isakmp/description
326 $(call Package/strongswan/description/Default)
327 This meta-package contains only dependencies to establish ISAKMP /
328 IKE PSK connections, dropping other capabilities in favor of small size
329 Can fit most routers even with 4Mb flash (after removing IPv6 support).
330 endef
331
332
333 define Package/strongswan-minimal
334 $(call Package/strongswan/Default)
335 TITLE+= (minimal)
336 DEPENDS:= strongswan \
337 +strongswan-charon \
338 +strongswan-mod-aes \
339 +strongswan-mod-gmp \
340 +strongswan-mod-hmac \
341 @(PACKAGE_strongswan-mod-kdf||PACKAGE_strongswan-mod-openssl||PACKAGE_strongswan-mod-wolfssl) \
342 +strongswan-mod-kernel-netlink \
343 +strongswan-mod-mgf1 \
344 +strongswan-mod-pubkey \
345 +strongswan-mod-random \
346 +strongswan-mod-sha1 \
347 +strongswan-mod-socket-default \
348 +strongswan-mod-stroke \
349 +strongswan-mod-updown \
350 +strongswan-mod-x509 \
351 +strongswan-mod-xcbc
352 endef
353
354 define Package/strongswan-minimal/description
355 $(call Package/strongswan/description/Default)
356 This meta-package contains only dependencies for a minimal IKEv2 setup.
357 endef
358
359 define Package/strongswan-charon
360 $(call Package/strongswan/Default)
361 TITLE+= IKEv1/IKEv2 keying daemon
362 DEPENDS:= strongswan
363 endef
364
365 define Package/strongswan-charon/description
366 $(call Package/strongswan/description/Default)
367 This package contains charon, an IKEv2 keying daemon.
368 endef
369
370 define Package/strongswan-charon-cmd
371 $(call Package/strongswan/Default)
372 TITLE+= charon-cmd utility
373 DEPENDS:= strongswan +strongswan-charon
374 endef
375
376 define Package/strongswan-charon-cmd/description
377 $(call Package/strongswan/description/Default)
378 This package contains the charon-cmd utility.
379 endef
380
381 define Package/strongswan-ipsec
382 $(call Package/strongswan/Default)
383 TITLE+= utilities
384 DEPENDS:= strongswan
385 endef
386
387 define Package/strongswan-ipsec/description
388 $(call Package/strongswan/description/Default)
389 This package contains the ipsec utility.
390 endef
391
392 define Package/strongswan-libnttfft
393 $(call Package/strongswan/Default)
394 TITLE+= nttfft library
395 DEPENDS:= strongswan
396 endef
397
398 define Package/strongswan-libnttfft/description
399 $(call Package/strongswan/description/Default)
400 This package contains the Number Theoretic Transforms library.
401 endef
402
403 define Package/strongswan-pki
404 $(call Package/strongswan/Default)
405 TITLE+= PKI tool
406 DEPENDS:= strongswan strongswan-libtls
407 endef
408
409 define Package/strongswan-pki/description
410 $(call Package/strongswan/description/Default)
411 This package contains the pki tool.
412 endef
413
414 define Package/strongswan-swanctl
415 $(call Package/strongswan/Default)
416 TITLE+= swanctl utility
417 DEPENDS:= strongswan +strongswan-mod-vici
418 endef
419
420 define Package/strongswan-swanctl/description
421 $(call Package/strongswan/description/Default)
422 This package contains the swanctl utility.
423 endef
424
425 define Package/strongswan-gencerts
426 $(call Package/strongswan/Default)
427 TITLE+= X.509 certificate generation utility
428 DEPENDS:= strongswan +strongswan-pki bash
429 endef
430
431 define Package/strongswan-gencerts/description
432 $(call Package/strongswan/description/Default)
433 This package contains the X.509 certificate generation utility.
434 endef
435
436 define Package/strongswan-libtls
437 $(call Package/strongswan/Default)
438 TITLE+= libtls
439 DEPENDS:= strongswan
440 endef
441
442 define Package/strongswan-libtls/description
443 $(call Package/strongswan/description/Default)
444 This package contains libtls for strongSwan plugins eap-tls, eap-ttls,
445 eap-peap, tnc-tnccs
446 endef
447
448 define BuildPlugin
449 define Package/strongswan-mod-$(1)
450 $$(call Package/strongswan/Default)
451 TITLE:= StrongSwan $(2) plugin
452 DEPENDS:= strongswan $(3)
453 endef
454
455 define Package/strongswan-mod-$(1)/install
456 $(INSTALL_DIR) $$(1)/etc/strongswan.d/charon
457 if [ -f $(PKG_INSTALL_DIR)/etc/strongswan.d/charon/$(1).conf ]; then \
458 $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon/$(1).conf $$(1)/etc/strongswan.d/charon/; fi
459 $(INSTALL_DIR) $$(1)/usr/lib/ipsec/plugins
460 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-$(1).so \
461 $$(1)/usr/lib/ipsec/plugins/
462 $(call Plugin/$(1)/install,$$(1))
463 endef
464
465 $$(eval $$(call BuildPackage,strongswan-mod-$(1)))
466 endef
467
468 CONFIGURE_ARGS+= \
469 --disable-scripts \
470 --disable-static \
471 --disable-fast \
472 --enable-nonce \
473 --enable-mgf1 \
474 --enable-mediation \
475 --with-systemdsystemunitdir=no \
476 $(if $(CONFIG_PACKAGE_strongswan-charon-cmd),--enable-cmd,--disable-cmd) \
477 $(if $(CONFIG_PACKAGE_strongswan-pki),--enable-pki,--disable-pki) \
478 --with-random-device=/dev/random \
479 --with-urandom-device=/dev/urandom \
480 --with-routing-table="$(call qstrip,$(CONFIG_STRONGSWAN_ROUTING_TABLE))" \
481 --with-routing-table-prio="$(call qstrip,$(CONFIG_STRONGSWAN_ROUTING_TABLE_PRIO))" \
482 $(foreach m,$(PKG_MOD_AVAILABLE), \
483 $(if $(CONFIG_PACKAGE_strongswan-mod-$(m)),--enable-$(m),--disable-$(m)) \
484 ) \
485 ac_cv_search___atomic_load=no
486
487 define Package/strongswan/conffiles
488 /etc/strongswan.conf
489 /etc/strongswan.d/
490 endef
491
492 define Package/strongswan/install
493 $(INSTALL_DIR) $(1)/etc
494 $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/strongswan.conf $(1)/etc/
495 echo -e "\ninclude /var/ipsec/strongswan.conf" >> $(1)/etc/strongswan.conf
496 $(INSTALL_DIR) $(1)/etc/strongswan.d/charon
497 $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon/nonce.conf $(1)/etc/strongswan.d/charon/
498 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
499 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libstrongswan.so.* $(1)/usr/lib/ipsec/
500 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-nonce.so $(1)/usr/lib/ipsec/plugins/
501 endef
502
503 define Package/strongswan-default/install
504 true
505 endef
506
507 define Package/strongswan-full/install
508 true
509 endef
510
511 define Package/strongswan-isakmp/install
512 true
513 endef
514
515 define Package/strongswan-minimal/install
516 true
517 endef
518
519 define Package/strongswan-charon/install
520 $(INSTALL_DIR) $(1)/etc/strongswan.d
521 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon.conf $(1)/etc/strongswan.d
522 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/charon-logging.conf $(1)/etc/strongswan.d
523 $(INSTALL_DIR) $(1)/usr/lib/ipsec
524 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/charon $(1)/usr/lib/ipsec/
525 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libcharon.so.* $(1)/usr/lib/ipsec/
526 endef
527
528 define Package/strongswan-charon-cmd/install
529 $(INSTALL_DIR) $(1)/usr/sbin
530 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/charon-cmd $(1)/usr/sbin/
531 endef
532
533 define Package/strongswan-ipsec/conffiles
534 /etc/ipsec.d/
535 /etc/ipsec.conf
536 /etc/ipsec.secrets
537 /etc/ipsec.user
538 endef
539
540 define Package/strongswan-ipsec/install
541 $(INSTALL_DIR) $(1)/etc/ $(1)/usr/sbin
542 $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/ipsec.conf $(1)/etc/
543 echo -e "\ninclude /var/ipsec/ipsec.conf" >> $(1)/etc/ipsec.conf
544 $(INSTALL_CONF) ./files/ipsec.secrets $(1)/etc/
545 echo -e "\ninclude /var/ipsec/ipsec.secrets" >> $(1)/etc/ipsec.secrets
546 $(INSTALL_CONF) ./files/ipsec.user $(1)/etc/
547 $(INSTALL_DIR) $(1)/etc/init.d
548 $(INSTALL_BIN) ./files/ipsec.init $(1)/etc/init.d/ipsec
549 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ipsec $(1)/usr/sbin/
550 endef
551
552 define Package/strongswan-ipsec/postinst
553 #!/bin/sh
554
555 [ -z "$${IPKG_INSTROOT}" ] || exit 0
556
557 opkg list-changed-conffiles | grep -qx /etc/ipsec.conf || {
558 rm -f /etc/ipsec.conf-opkg
559 }
560 endef
561
562 define Package/strongswan-libnttfft/install
563 $(INSTALL_DIR) $(1)/usr/lib/ipsec
564 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libnttfft.so.* $(1)/usr/lib/ipsec/
565 endef
566
567 define Package/strongswan-pki/install
568 $(INSTALL_DIR) $(1)/etc/strongswan.d
569 $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/pki.conf $(1)/etc/strongswan.d/
570 $(INSTALL_DIR) $(1)/usr/bin
571 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/pki $(1)/usr/bin/
572 endef
573
574 define Package/strongswan-swanctl/conffiles
575 /etc/config/ipsec
576 /etc/swanctl/
577 endef
578
579 define Package/strongswan-swanctl/install
580 $(INSTALL_DIR) $(1)/etc/init.d
581 $(INSTALL_DIR) $(1)/etc/swanctl/{bliss,conf.d,ecdsa,pkcs{12,8},private,pubkey,rsa}
582 $(INSTALL_DIR) $(1)/etc/swanctl/x509{,aa,ac,ca,crl,ocsp}
583 $(CP) $(PKG_INSTALL_DIR)/etc/swanctl/swanctl.conf $(1)/etc/swanctl/
584 echo "include /var/swanctl/swanctl.conf" >> $(1)/etc/swanctl/swanctl.conf
585 $(INSTALL_DIR) $(1)/usr/sbin
586 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/swanctl $(1)/usr/sbin/
587 $(INSTALL_BIN) ./files/swanctl.init $(1)/etc/init.d/swanctl
588 $(INSTALL_DIR) $(1)/etc/config
589 $(INSTALL_CONF) ./files/ipsec.config $(1)/etc/config/ipsec
590 endef
591
592 define Package/strongswan-gencerts/install
593 $(INSTALL_DIR) $(1)/usr/bin
594 $(INSTALL_BIN) ./files/gencerts.sh $(1)/usr/bin/gencerts
595 endef
596
597 define Package/strongswan-libtls/install
598 $(INSTALL_DIR) $(1)/usr/lib/ipsec
599 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libtls.so.* $(1)/usr/lib/ipsec/
600 endef
601
602 define Plugin/duplicheck/install
603 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
604 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/duplicheck $(1)/usr/lib/ipsec/
605 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-duplicheck.so $(1)/usr/lib/ipsec/plugins/
606 endef
607
608 define Plugin/eap-radius/install
609 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
610 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libradius.so.* $(1)/usr/lib/ipsec/
611 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-eap-radius.so $(1)/usr/lib/ipsec/plugins/
612 endef
613
614 define Plugin/attr-sql/install
615 $(INSTALL_DIR) $(1)/usr/lib/ipsec
616 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/pool $(1)/usr/lib/ipsec/
617 endef
618
619 define Plugin/stroke/install
620 $(INSTALL_DIR) $(1)/etc/ipsec.d/{aacerts,acerts,cacerts,certs,crls,ocspcerts,private,reqs}
621
622 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
623 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{starter,stroke} $(1)/usr/lib/ipsec/
624 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-stroke.so $(1)/usr/lib/ipsec/plugins/
625 endef
626
627 define Plugin/updown/install
628 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
629 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/_updown $(1)/usr/lib/ipsec/
630 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-updown.so $(1)/usr/lib/ipsec/plugins/
631 $(INSTALL_DIR) $(1)/etc/hotplug.d/ipsec
632 $(CP) ./files/etc/hotplug.d/ipsec/01-user \
633 $(1)/etc/hotplug.d/ipsec/01-user
634 endef
635
636 define Plugin/vici/install
637 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
638 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libvici.so.* $(1)/usr/lib/ipsec/
639 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-vici.so $(1)/usr/lib/ipsec/plugins/
640 endef
641
642 define Plugin/whitelist/install
643 $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
644 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/whitelist $(1)/usr/lib/ipsec/
645 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-whitelist.so $(1)/usr/lib/ipsec/plugins/
646 endef
647
648 define Plugin/kernel-libipsec/install
649 $(INSTALL_DIR) $(1)/usr/lib/ipsec
650 $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libipsec.so.* $(1)/usr/lib/ipsec/
651 endef
652
653 $(eval $(call BuildPackage,strongswan))
654 $(eval $(call BuildPackage,strongswan-default))
655 $(eval $(call BuildPackage,strongswan-full))
656 $(eval $(call BuildPackage,strongswan-minimal))
657 $(eval $(call BuildPackage,strongswan-isakmp))
658 $(eval $(call BuildPackage,strongswan-charon))
659 $(eval $(call BuildPackage,strongswan-charon-cmd))
660 $(eval $(call BuildPackage,strongswan-ipsec))
661 $(eval $(call BuildPackage,strongswan-libnttfft))
662 $(eval $(call BuildPackage,strongswan-pki))
663 $(eval $(call BuildPackage,strongswan-swanctl))
664 $(eval $(call BuildPackage,strongswan-gencerts))
665 $(eval $(call BuildPackage,strongswan-libtls))
666 $(eval $(call BuildPlugin,addrblock,RFC 3779 address block constraint support,))
667 $(eval $(call BuildPlugin,aes,AES crypto,))
668 $(eval $(call BuildPlugin,af-alg,AF_ALG crypto interface to Linux Crypto API,+kmod-crypto-user))
669 $(eval $(call BuildPlugin,agent,SSH agent signing,))
670 $(eval $(call BuildPlugin,attr,file based config,))
671 $(eval $(call BuildPlugin,attr-sql,SQL based config,+strongswan-charon))
672 $(eval $(call BuildPlugin,bliss,BLISS crypto,+strongswan-libnttfft +strongswan-mod-mgf1 +strongswan-mod-hmac))
673 $(eval $(call BuildPlugin,blowfish,Blowfish crypto,))
674 $(eval $(call BuildPlugin,ccm,CCM AEAD wrapper crypto,))
675 $(eval $(call BuildPlugin,chapoly,ChaCha20-Poly1305 AEAD crypto,+kmod-crypto-chacha20poly1305))
676 $(eval $(call BuildPlugin,cmac,CMAC crypto,))
677 $(eval $(call BuildPlugin,connmark,netfilter connection marking,+libip4tc))
678 $(eval $(call BuildPlugin,constraints,advanced X509 constraint checking,))
679 $(eval $(call BuildPlugin,coupling,IKEv2 plugin to couple peer certificates permanently to authentication,))
680 $(eval $(call BuildPlugin,ctr,Counter Mode wrapper crypto,))
681 $(eval $(call BuildPlugin,curl,cURL fetcher plugin,+PACKAGE_strongswan-mod-curl:libcurl))
682 $(eval $(call BuildPlugin,curve25519,Curve25519 Diffie-Hellman,))
683 $(eval $(call BuildPlugin,des,DES crypto,))
684 $(eval $(call BuildPlugin,dhcp,DHCP based attribute provider,))
685 $(eval $(call BuildPlugin,dnskey,DNS RR key decoding,))
686 $(eval $(call BuildPlugin,drbg,Deterministic random bit generator,,))
687 $(eval $(call BuildPlugin,duplicheck,advanced duplicate checking,))
688 $(eval $(call BuildPlugin,eap-dynamic,EAP dynamic selector,))
689 $(eval $(call BuildPlugin,eap-identity,EAP identity helper,))
690 $(eval $(call BuildPlugin,eap-md5,EAP MD5 (CHAP) EAP auth,))
691 $(eval $(call BuildPlugin,eap-mschapv2,EAP MS-CHAPv2 EAP auth,+strongswan-mod-md4 +strongswan-mod-des))
692 $(eval $(call BuildPlugin,eap-radius,EAP RADIUS auth,))
693 $(eval $(call BuildPlugin,eap-tls,EAP TLS auth,+strongswan-libtls))
694 $(eval $(call BuildPlugin,farp,fake arp respsonses,))
695 $(eval $(call BuildPlugin,fips-prf,FIPS PRF crypto,+strongswan-mod-sha1))
696 $(eval $(call BuildPlugin,forecast,forward multi/broadcast traffic,+libip4tc +kmod-ipt-conntrack-extra))
697 $(eval $(call BuildPlugin,gcm,GCM AEAD wrapper crypto,))
698 $(eval $(call BuildPlugin,gcrypt,libgcrypt,+PACKAGE_strongswan-mod-gcrypt:libgcrypt))
699 $(eval $(call BuildPlugin,gmp,libgmp,+PACKAGE_strongswan-mod-gmp:libgmp))
700 $(eval $(call BuildPlugin,gmpdh,DH-Groups; no libgmp dep,))
701 $(eval $(call BuildPlugin,ha,high availability cluster,))
702 $(eval $(call BuildPlugin,hmac,HMAC crypto,))
703 $(eval $(call BuildPlugin,kdf,KDF/PRF+,))
704 $(eval $(call BuildPlugin,kernel-libipsec,libipsec kernel interface,))
705 $(eval $(call BuildPlugin,kernel-netlink,netlink kernel interface,))
706 $(eval $(call BuildPlugin,ldap,LDAP,+PACKAGE_strongswan-mod-ldap:libopenldap))
707 $(eval $(call BuildPlugin,led,LED blink on IKE activity,))
708 $(eval $(call BuildPlugin,load-tester,load testing,))
709 $(eval $(call BuildPlugin,md4,MD4 crypto,))
710 $(eval $(call BuildPlugin,md5,MD5 crypto,))
711 $(eval $(call BuildPlugin,mgf1,MGF1 crypto,))
712 $(eval $(call BuildPlugin,mysql,MySQL database interface,+strongswan-mod-sql +PACKAGE_strongswan-mod-mysql:libmysqlclient-r))
713 $(eval $(call BuildPlugin,newhope,New Hope crypto,+strongswan-libnttfft +strongswan-mod-chapoly +strongswan-mod-sha3))
714 $(eval $(call BuildPlugin,ntru,NTRU crypto,+strongswan-mod-mgf1))
715 $(eval $(call BuildPlugin,openssl,OpenSSL crypto,+PACKAGE_strongswan-mod-openssl:libopenssl))
716 $(eval $(call BuildPlugin,pem,PEM decoding,))
717 $(eval $(call BuildPlugin,pgp,PGP key decoding,))
718 $(eval $(call BuildPlugin,pkcs1,PKCS1 key decoding,))
719 $(eval $(call BuildPlugin,pkcs7,PKCS7 key decoding,))
720 $(eval $(call BuildPlugin,pkcs8,PKCS8 key decoding,))
721 $(eval $(call BuildPlugin,pkcs11,PKCS11 key decoding,))
722 $(eval $(call BuildPlugin,pkcs12,PKCS12 key decoding,))
723 $(eval $(call BuildPlugin,pubkey,raw public key,))
724 $(eval $(call BuildPlugin,random,RNG,))
725 $(eval $(call BuildPlugin,rc2,RC2 crypto,))
726 $(eval $(call BuildPlugin,resolve,DNS resolver,))
727 $(eval $(call BuildPlugin,revocation,X509 CRL/OCSP revocation,))
728 $(eval $(call BuildPlugin,sha1,SHA1 crypto,))
729 $(eval $(call BuildPlugin,sha2,SHA2 crypto,))
730 $(eval $(call BuildPlugin,sha3,SHA3 and SHAKE crypto,))
731 $(eval $(call BuildPlugin,smp,SMP configuration and control interface,+PACKAGE_strongswan-mod-smp:libxml2))
732 $(eval $(call BuildPlugin,socket-default,default socket implementation for charon,))
733 $(eval $(call BuildPlugin,socket-dynamic,dynamic socket implementation for charon,))
734 $(eval $(call BuildPlugin,sql,SQL database interface,))
735 $(eval $(call BuildPlugin,sqlite,SQLite database interface,+strongswan-mod-sql +PACKAGE_strongswan-mod-sqlite:libsqlite3))
736 $(eval $(call BuildPlugin,sshkey,SSH key decoding,))
737 $(eval $(call BuildPlugin,stroke,Stroke,+strongswan-charon +strongswan-ipsec))
738 $(eval $(call BuildPlugin,test-vectors,crypto test vectors,))
739 $(eval $(call BuildPlugin,uci,UCI config interface,+PACKAGE_strongswan-mod-uci:libuci))
740 $(eval $(call BuildPlugin,unity,Cisco Unity extension,))
741 $(eval $(call BuildPlugin,updown,updown firewall,+iptables +IPV6:ip6tables +iptables-mod-ipsec +kmod-ipt-ipsec))
742 $(eval $(call BuildPlugin,vici,Versatile IKE Configuration Interface,))
743 $(eval $(call BuildPlugin,whitelist,peer identity whitelisting,))
744 $(eval $(call BuildPlugin,wolfssl,WolfSSL crypto,+PACKAGE_strongswan-mod-wolfssl:libwolfssl))
745 $(eval $(call BuildPlugin,x509,x509 certificate,))
746 $(eval $(call BuildPlugin,xauth-eap,EAP XAuth backend,))
747 $(eval $(call BuildPlugin,xauth-generic,generic XAuth backend,))
748 $(eval $(call BuildPlugin,xcbc,xcbc crypto,))
Mirror of packages feed