-#
-# Copyright (C) 2012 OpenWrt.org
+#
+# Copyright (C) 2012-2014 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=strongswan
-PKG_VERSION:=5.0.0
+PKG_VERSION:=5.1.3
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_SOURCE_URL:=http://download.strongswan.org/
-PKG_MD5SUM:=c8b861305def7c0abae04f7bbefec212
+PKG_SOURCE_URL:=http://download.strongswan.org/ http://download2.strongswan.org/
+PKG_MD5SUM:=1d1c108775242743cd8699215b2918c3
PKG_MOD_AVAILABLE:= \
addrblock \
eap-identity \
eap-md5 \
eap-mschapv2 \
+ eap-radius \
farp \
fips-prf \
gcm \
ha \
hmac \
kernel-klips \
+ kernel-libipsec \
kernel-netlink \
kernel-pfkey \
ldap \
smp \
socket-default \
socket-dynamic \
- socket-raw \
sql \
sqlite \
stroke \
test-vectors \
+ unity \
uci \
updown \
whitelist \
x509 \
xauth-eap \
xauth-generic \
- xcbc \
+ xcbc
PKG_CONFIG_DEPENDS:= \
CONFIG_STRONGSWAN_DEVICE_RANDOM \
+strongswan-mod-eap-identity \
+strongswan-mod-eap-md5 \
+strongswan-mod-eap-mschapv2 \
+ +strongswan-mod-eap-radius \
+strongswan-mod-farp \
+strongswan-mod-fips-prf \
+strongswan-mod-gcm \
+strongswan-mod-stroke \
+strongswan-mod-test-vectors \
+strongswan-mod-uci \
+ +strongswan-mod-unity \
+strongswan-mod-updown \
+strongswan-mod-whitelist \
+strongswan-mod-x509 \
define Package/strongswan-full/description
$(call Package/strongswan/description/Default)
This meta-package contains dependencies for all of the strongswan plugins
- except kernel-klips, kernel-pfkey, socket-dynamic and socket-raw which are
- ommitted in favor of the kernel-netlink and socket-default plugins.
+ except kernel-klips, kernel-libipsec, kernel-pfkey,
+ socket-dynamic and which are ommitted in favor of the kernel-netlink and
+ socket-default plugins.
endef
define Package/strongswan-utils/description
$(call Package/strongswan/description/Default)
- This package contains the openac, pki & scepclient utilities.
+ This package contains the pki & scepclient utilities.
endef
define BuildPlugin
DEPENDS:= +strongswan $(3)
endef
+ strongswan_mod_conf=$(wildcard $(PKG_INSTALL_DIR)/etc/strongswan.d/charon/$(1).conf)
define Package/strongswan-mod-$(1)/install
+ $(INSTALL_DIR) $$(1)/etc/strongswan.d/charon
+ $(if $(call strongswan_mod_conf,$(1)), \
+ $(INSTALL_DATA) \
+ $(call strongswan_mod_conf,$(1)) \
+ $$(1)/etc/strongswan.d/charon/ \
+ )
$(INSTALL_DIR) $$(1)/usr/lib/ipsec/plugins
$(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-$(1).so \
$$(1)/usr/lib/ipsec/plugins/
$(call Plugin/$(1)/install,$$(1))
endef
+ Package/strongswan-mod-$(1)/conffiles=$(patsubst $(PKG_INSTALL_DIR)%,%,$(call strongswan_mod_conf,$(1)))
+
$$(eval $$(call BuildPackage,strongswan-mod-$(1)))
endef
define Package/strongswan/conffiles
/etc/ipsec.conf
/etc/ipsec.secrets
+/etc/ipsec.user
/etc/strongswan.conf
endef
$(INSTALL_DIR) $(1)/usr/lib/ipsec
$(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{libstrongswan.so.*,libhydra.so.*} $(1)/usr/lib/ipsec/
$(INSTALL_CONF) ./files/ipsec.secrets $(1)/etc/
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) ./files/ipsec.init $(1)/etc/init.d/ipsec
endef
define Package/strongswan-default/install
define Package/strongswan-utils/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ipsec $(1)/usr/sbin/
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/pki $(1)/usr/bin/
$(INSTALL_DIR) $(1)/usr/lib/ipsec
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{openac,pki,scepclient,_copyright} $(1)/usr/lib/ipsec/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/scepclient $(1)/usr/lib/ipsec/
endef
define Plugin/duplicheck/install
$(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-duplicheck.so $(1)/usr/lib/ipsec/plugins/
endef
+define Plugin/eap-radius/install
+ $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libradius.so.* $(1)/usr/lib/ipsec/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-eap-radius.so $(1)/usr/lib/ipsec/plugins/
+endef
+
define Plugin/attr-sql/install
$(INSTALL_DIR) $(1)/usr/lib/ipsec
$(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/pool $(1)/usr/lib/ipsec/
$(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/ipsec.conf $(1)/etc/
$(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{starter,stroke,_copyright} $(1)/usr/lib/ipsec/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{starter,stroke} $(1)/usr/lib/ipsec/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-stroke.so $(1)/usr/lib/ipsec/plugins/
endef
$(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
$(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{_updown,_updown_espmark} $(1)/usr/lib/ipsec/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-updown.so $(1)/usr/lib/ipsec/plugins/
+ $(INSTALL_DIR) $(1)/etc
+ $(INSTALL_CONF) ./files/ipsec.user $(1)/etc/
endef
define Plugin/whitelist/install
$(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-whitelist.so $(1)/usr/lib/ipsec/plugins/
endef
+define Plugin/kernel-libipsec/install
+ $(INSTALL_DIR) $(1)/usr/lib/ipsec
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libipsec.so.* $(1)/usr/lib/ipsec/
+endef
+
$(eval $(call BuildPackage,strongswan))
$(eval $(call BuildPackage,strongswan-default))
$(eval $(call BuildPackage,strongswan-full))
$(eval $(call BuildPlugin,duplicheck,advanced duplicate checking,))
$(eval $(call BuildPlugin,eap-identity,EAP identity helper,))
$(eval $(call BuildPlugin,eap-md5,EAP MD5 (CHAP) EAP auth,))
-$(eval $(call BuildPlugin,eap-mschapv2,EAP MS-CHAPv2 EAP auth,))
+$(eval $(call BuildPlugin,eap-mschapv2,EAP MS-CHAPv2 EAP auth,+strongswan-mod-md4 +strongswan-mod-des))
+$(eval $(call BuildPlugin,eap-radius,EAP RADIUS auth,))
$(eval $(call BuildPlugin,farp,fake arp respsonses,))
$(eval $(call BuildPlugin,fips-prf,FIPS PRF crypto,+strongswan-mod-sha1))
$(eval $(call BuildPlugin,gcm,GCM AEAD wrapper crypto,))
$(eval $(call BuildPlugin,ha,high availability cluster,))
$(eval $(call BuildPlugin,hmac,HMAC crypto,))
$(eval $(call BuildPlugin,kernel-klips,KLIPS kernel interface,))
+$(eval $(call BuildPlugin,kernel-libipsec,libipsec kernel interface,))
$(eval $(call BuildPlugin,kernel-netlink,netlink kernel interface,))
$(eval $(call BuildPlugin,kernel-pfkey,PK_KEY kernel interface,))
$(eval $(call BuildPlugin,ldap,LDAP,+PACKAGE_strongswan-mod-ldap:libopenldap))
$(eval $(call BuildPlugin,smp,SMP configuration and control interface,+PACKAGE_strongswan-mod-smp:libxml2))
$(eval $(call BuildPlugin,socket-default,default socket implementation for charon,))
$(eval $(call BuildPlugin,socket-dynamic,dynamic socket implementation for charon,))
-$(eval $(call BuildPlugin,socket-raw,raw socket implementation for charon,))
$(eval $(call BuildPlugin,sql,SQL database interface,))
$(eval $(call BuildPlugin,sqlite,SQLite database interface,+strongswan-mod-sql +PACKAGE_strongswan-mod-sqlite:libsqlite3))
$(eval $(call BuildPlugin,stroke,Stroke,+strongswan-utils))
$(eval $(call BuildPlugin,test-vectors,crypto test vectors,))
$(eval $(call BuildPlugin,uci,UCI config interface,+PACKAGE_strongswan-mod-uci:libuci))
+$(eval $(call BuildPlugin,unity,Cisco Unity extension,))
$(eval $(call BuildPlugin,updown,updown firewall,))
$(eval $(call BuildPlugin,whitelist,peer identity whitelisting,))
$(eval $(call BuildPlugin,x509,x509 certificate,))
projects / packages.git / blobdiff