-#
-# Copyright (C) 2012 OpenWrt.org
+#
+# Copyright (C) 2012-2014 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=strongswan
-PKG_VERSION:=5.0.0
+PKG_VERSION:=5.1.3
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_SOURCE_URL:=http://download.strongswan.org/
-PKG_MD5SUM:=c8b861305def7c0abae04f7bbefec212
+PKG_SOURCE_URL:=http://download.strongswan.org/ http://download2.strongswan.org/
+PKG_MD5SUM:=1d1c108775242743cd8699215b2918c3
PKG_MOD_AVAILABLE:= \
addrblock \
eap-identity \
eap-md5 \
eap-mschapv2 \
+ eap-radius \
farp \
fips-prf \
gcm \
ha \
hmac \
kernel-klips \
+ kernel-libipsec \
kernel-netlink \
kernel-pfkey \
ldap \
smp \
socket-default \
socket-dynamic \
- socket-raw \
sql \
sqlite \
stroke \
test-vectors \
+ unity \
uci \
updown \
whitelist \
x509 \
xauth-eap \
xauth-generic \
- xcbc \
+ xcbc
PKG_CONFIG_DEPENDS:= \
CONFIG_STRONGSWAN_DEVICE_RANDOM \
+strongswan-mod-eap-identity \
+strongswan-mod-eap-md5 \
+strongswan-mod-eap-mschapv2 \
+ +strongswan-mod-eap-radius \
+strongswan-mod-farp \
+strongswan-mod-fips-prf \
+strongswan-mod-gcm \
+strongswan-mod-stroke \
+strongswan-mod-test-vectors \
+strongswan-mod-uci \
+ +strongswan-mod-unity \
+strongswan-mod-updown \
+strongswan-mod-whitelist \
+strongswan-mod-x509 \
define Package/strongswan-full/description
$(call Package/strongswan/description/Default)
This meta-package contains dependencies for all of the strongswan plugins
- except kernel-klips, kernel-pfkey, socket-dynamic and socket-raw which are
- ommitted in favor of the kernel-netlink and socket-default plugins.
+ except kernel-klips, kernel-libipsec, kernel-pfkey,
+ socket-dynamic and which are ommitted in favor of the kernel-netlink and
+ socket-default plugins.
endef
define Package/strongswan-utils/description
$(call Package/strongswan/description/Default)
- This package contains the openac, pki & scepclient utilities.
+ This package contains the pki & scepclient utilities.
endef
define BuildPlugin
define Package/strongswan/conffiles
/etc/ipsec.conf
/etc/ipsec.secrets
+/etc/ipsec.user
/etc/strongswan.conf
endef
$(INSTALL_DIR) $(1)/usr/lib/ipsec
$(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{libstrongswan.so.*,libhydra.so.*} $(1)/usr/lib/ipsec/
$(INSTALL_CONF) ./files/ipsec.secrets $(1)/etc/
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) ./files/ipsec.init $(1)/etc/init.d/ipsec
endef
define Package/strongswan-default/install
define Package/strongswan-utils/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ipsec $(1)/usr/sbin/
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/pki $(1)/usr/bin/
$(INSTALL_DIR) $(1)/usr/lib/ipsec
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{openac,pki,scepclient} $(1)/usr/lib/ipsec/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/scepclient $(1)/usr/lib/ipsec/
endef
define Plugin/duplicheck/install
$(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-duplicheck.so $(1)/usr/lib/ipsec/plugins/
endef
+define Plugin/eap-radius/install
+ $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libradius.so.* $(1)/usr/lib/ipsec/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-eap-radius.so $(1)/usr/lib/ipsec/plugins/
+endef
+
define Plugin/attr-sql/install
$(INSTALL_DIR) $(1)/usr/lib/ipsec
$(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/pool $(1)/usr/lib/ipsec/
$(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
$(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{_updown,_updown_espmark} $(1)/usr/lib/ipsec/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-updown.so $(1)/usr/lib/ipsec/plugins/
+ $(INSTALL_DIR) $(1)/etc
+ $(INSTALL_CONF) ./files/ipsec.user $(1)/etc/
endef
define Plugin/whitelist/install
$(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-whitelist.so $(1)/usr/lib/ipsec/plugins/
endef
+define Plugin/kernel-libipsec/install
+ $(INSTALL_DIR) $(1)/usr/lib/ipsec
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libipsec.so.* $(1)/usr/lib/ipsec/
+endef
+
$(eval $(call BuildPackage,strongswan))
$(eval $(call BuildPackage,strongswan-default))
$(eval $(call BuildPackage,strongswan-full))
$(eval $(call BuildPlugin,duplicheck,advanced duplicate checking,))
$(eval $(call BuildPlugin,eap-identity,EAP identity helper,))
$(eval $(call BuildPlugin,eap-md5,EAP MD5 (CHAP) EAP auth,))
-$(eval $(call BuildPlugin,eap-mschapv2,EAP MS-CHAPv2 EAP auth,))
+$(eval $(call BuildPlugin,eap-mschapv2,EAP MS-CHAPv2 EAP auth,+strongswan-mod-md4 +strongswan-mod-des))
+$(eval $(call BuildPlugin,eap-radius,EAP RADIUS auth,))
$(eval $(call BuildPlugin,farp,fake arp respsonses,))
$(eval $(call BuildPlugin,fips-prf,FIPS PRF crypto,+strongswan-mod-sha1))
$(eval $(call BuildPlugin,gcm,GCM AEAD wrapper crypto,))
$(eval $(call BuildPlugin,ha,high availability cluster,))
$(eval $(call BuildPlugin,hmac,HMAC crypto,))
$(eval $(call BuildPlugin,kernel-klips,KLIPS kernel interface,))
+$(eval $(call BuildPlugin,kernel-libipsec,libipsec kernel interface,))
$(eval $(call BuildPlugin,kernel-netlink,netlink kernel interface,))
$(eval $(call BuildPlugin,kernel-pfkey,PK_KEY kernel interface,))
$(eval $(call BuildPlugin,ldap,LDAP,+PACKAGE_strongswan-mod-ldap:libopenldap))
$(eval $(call BuildPlugin,smp,SMP configuration and control interface,+PACKAGE_strongswan-mod-smp:libxml2))
$(eval $(call BuildPlugin,socket-default,default socket implementation for charon,))
$(eval $(call BuildPlugin,socket-dynamic,dynamic socket implementation for charon,))
-$(eval $(call BuildPlugin,socket-raw,raw socket implementation for charon,))
$(eval $(call BuildPlugin,sql,SQL database interface,))
$(eval $(call BuildPlugin,sqlite,SQLite database interface,+strongswan-mod-sql +PACKAGE_strongswan-mod-sqlite:libsqlite3))
$(eval $(call BuildPlugin,stroke,Stroke,+strongswan-utils))
$(eval $(call BuildPlugin,test-vectors,crypto test vectors,))
$(eval $(call BuildPlugin,uci,UCI config interface,+PACKAGE_strongswan-mod-uci:libuci))
+$(eval $(call BuildPlugin,unity,Cisco Unity extension,))
$(eval $(call BuildPlugin,updown,updown firewall,))
$(eval $(call BuildPlugin,whitelist,peer identity whitelisting,))
$(eval $(call BuildPlugin,x509,x509 certificate,))
--- /dev/null
+--- a/src/libipsec/ip_packet.c
++++ b/src/libipsec/ip_packet.c
+@@ -95,7 +95,7 @@ METHOD(ip_packet_t, get_next_header, u_i
+ return this->next_header;
+ }
+
+-METHOD(ip_packet_t, clone, ip_packet_t*,
++METHOD(ip_packet_t, clone_, ip_packet_t*,
+ private_ip_packet_t *this)
+ {
+ return ip_packet_create(chunk_clone(this->packet));
+@@ -183,7 +183,7 @@ ip_packet_t *ip_packet_create(chunk_t pa
+ .get_destination = _get_destination,
+ .get_next_header = _get_next_header,
+ .get_encoding = _get_encoding,
+- .clone = _clone,
++ .clone = _clone_,
+ .destroy = _destroy,
+ },
+ .src = src,
+--- a/src/libipsec/esp_packet.c
++++ b/src/libipsec/esp_packet.c
+@@ -115,7 +115,7 @@ METHOD(packet_t, skip_bytes, void,
+ return this->packet->skip_bytes(this->packet, bytes);
+ }
+
+-METHOD(packet_t, clone, packet_t*,
++METHOD(packet_t, clone_, packet_t*,
+ private_esp_packet_t *this)
+ {
+ private_esp_packet_t *pkt;
+@@ -414,7 +414,7 @@ static private_esp_packet_t *esp_packet_
+ .get_dscp = _get_dscp,
+ .set_dscp = _set_dscp,
+ .skip_bytes = _skip_bytes,
+- .clone = _clone,
++ .clone = _clone_,
+ .destroy = _destroy,
+ },
+ .get_source = _get_source,
projects / 12.09 / packages.git / commitdiff