From 737b52ad4f4a09974571d3d23074c539d6e6b749 Mon Sep 17 00:00:00 2001 From: cyrus Date: Sun, 17 Aug 2014 08:12:20 +0000 Subject: [PATCH] strongswan: moved to github git-svn-id: svn://svn.openwrt.org/openwrt/packages@42174 3c298f89-4303-0410-b956-a3cf2f4a3e73 --- net/strongswan/Config.in | 28 - net/strongswan/Makefile | 532 ------------------ net/strongswan/files/ipsec.init | 20 - net/strongswan/files/ipsec.secrets | 1 - net/strongswan/files/ipsec.user | 6 - .../patches/100-method_name_fix.patch | 40 -- net/strongswan/patches/201-kmodloader.patch | 28 - net/strongswan/patches/203-uci.patch | 20 - .../300-include-ipsec-user-script.patch | 17 - 9 files changed, 692 deletions(-) delete mode 100644 net/strongswan/Config.in delete mode 100644 net/strongswan/Makefile delete mode 100644 net/strongswan/files/ipsec.init delete mode 100644 net/strongswan/files/ipsec.secrets delete mode 100644 net/strongswan/files/ipsec.user delete mode 100644 net/strongswan/patches/100-method_name_fix.patch delete mode 100644 net/strongswan/patches/201-kmodloader.patch delete mode 100644 net/strongswan/patches/203-uci.patch delete mode 100644 net/strongswan/patches/300-include-ipsec-user-script.patch diff --git a/net/strongswan/Config.in b/net/strongswan/Config.in deleted file mode 100644 index 10b4ec609..000000000 --- a/net/strongswan/Config.in +++ /dev/null @@ -1,28 +0,0 @@ -menu "Configuration" - depends on PACKAGE_strongswan - -# --with-random-device -config STRONGSWAN_DEVICE_RANDOM - string - prompt "Set the device to read real random data from" - default "/dev/random" - -# --with-urandom-device -config STRONGSWAN_DEVICE_URANDOM - string - prompt "Set the device to read pseudo random data from" - default "/dev/urandom" - -# --with-routing-table -config STRONGSWAN_ROUTING_TABLE - string - prompt "Set the IPsec routing table ID" - default "220" - -# --with-routing-table-prio -config STRONGSWAN_ROUTING_TABLE_PRIO - string - prompt "Set the IPsec routing table priority" - default "220" - -endmenu diff --git a/net/strongswan/Makefile b/net/strongswan/Makefile deleted file mode 100644 index a85a01b62..000000000 --- a/net/strongswan/Makefile +++ /dev/null @@ -1,532 +0,0 @@ -# -# Copyright (C) 2012-2014 OpenWrt.org -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=strongswan -PKG_VERSION:=5.1.3 -PKG_RELEASE:=1 - -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 -PKG_SOURCE_URL:=http://download.strongswan.org/ http://download2.strongswan.org/ -PKG_MD5SUM:=1d1c108775242743cd8699215b2918c3 - -PKG_MOD_AVAILABLE:= \ - addrblock \ - aes \ - af-alg \ - agent \ - attr \ - attr-sql \ - blowfish \ - ccm \ - cmac \ - constraints \ - coupling \ - ctr \ - curl \ - des \ - dhcp \ - dnskey \ - duplicheck \ - eap-identity \ - eap-md5 \ - eap-mschapv2 \ - eap-radius \ - farp \ - fips-prf \ - gcm \ - gcrypt \ - gmp \ - ha \ - hmac \ - kernel-klips \ - kernel-libipsec \ - kernel-netlink \ - kernel-pfkey \ - ldap \ - led \ - load-tester \ - nonce \ - md4 \ - md5 \ - mysql \ - openssl \ - padlock \ - pem \ - pgp \ - pkcs1 \ - pkcs8 \ - pkcs11 \ - pubkey \ - random \ - resolve \ - revocation \ - sha1 \ - sha2 \ - smp \ - socket-default \ - socket-dynamic \ - sql \ - sqlite \ - stroke \ - test-vectors \ - unity \ - uci \ - updown \ - whitelist \ - x509 \ - xauth-eap \ - xauth-generic \ - xcbc - -PKG_CONFIG_DEPENDS:= \ - CONFIG_STRONGSWAN_DEVICE_RANDOM \ - CONFIG_STRONGSWAN_DEVICE_URANDOM \ - CONFIG_STRONGSWAN_ROUTING_TABLE \ - CONFIG_STRONGSWAN_ROUTING_TABLE_PRIO \ - $(patsubst %,CONFIG_PACKAGE_strongswan-mod-%,$(PKG_MOD_AVAILABLE)) \ - -PKG_FIXUP:=autoreconf -PKG_INSTALL:=1 -PKG_BUILD_PARALLEL:=1 - -include $(INCLUDE_DIR)/package.mk - -define Package/strongswan/Default - SUBMENU:=VPN - SECTION:=net - CATEGORY:=Network - TITLE:=StrongSwan - URL:=http://www.strongswan.org/ -endef - -define Package/strongswan/description/Default - StrongSwan is an OpenSource IPsec implementation for the Linux operating system. -endef - -define Package/strongswan -$(call Package/strongswan/Default) - DEPENDS:= +libpthread +ip \ - +kmod-crypto-authenc \ - +kmod-ipsec +kmod-ipsec4 +kmod-ipsec6 \ - +kmod-ipt-ipsec +iptables-mod-ipsec -endef - -define Package/strongswan/config - source "$(SOURCE)/Config.in" -endef - -define Package/strongswan/description -$(call Package/strongswan/description/Default) - This package contains shared libraries and scripts. -endef - -define Package/strongswan-full -$(call Package/strongswan/Default) - TITLE+= (full) - DEPENDS:= +strongswan \ - +strongswan-charon \ - +strongswan-libfast \ - +strongswan-mod-addrblock \ - +strongswan-mod-aes \ - +strongswan-mod-af-alg \ - +strongswan-mod-agent \ - +strongswan-mod-attr \ - +strongswan-mod-attr-sql \ - +strongswan-mod-blowfish \ - +strongswan-mod-ccm \ - +strongswan-mod-cmac \ - +strongswan-mod-constraints \ - +strongswan-mod-coupling \ - +strongswan-mod-ctr \ - +strongswan-mod-curl \ - +strongswan-mod-des \ - +strongswan-mod-dhcp \ - +strongswan-mod-dnskey \ - +strongswan-mod-duplicheck \ - +strongswan-mod-eap-identity \ - +strongswan-mod-eap-md5 \ - +strongswan-mod-eap-mschapv2 \ - +strongswan-mod-eap-radius \ - +strongswan-mod-farp \ - +strongswan-mod-fips-prf \ - +strongswan-mod-gcm \ - +strongswan-mod-gcrypt \ - +strongswan-mod-gmp \ - +strongswan-mod-ha \ - +strongswan-mod-hmac \ - +strongswan-mod-kernel-netlink \ - +strongswan-mod-ldap \ - +strongswan-mod-led \ - +strongswan-mod-load-tester \ - +strongswan-mod-nonce \ - +strongswan-mod-md4 \ - +strongswan-mod-md5 \ - +strongswan-mod-mysql \ - +strongswan-mod-openssl \ - +TARGET_x86:strongswan-mod-padlock \ - +strongswan-mod-pem \ - +strongswan-mod-pgp \ - +strongswan-mod-pkcs1 \ - +strongswan-mod-pkcs8 \ - +strongswan-mod-pkcs11 \ - +strongswan-mod-pubkey \ - +strongswan-mod-random \ - +strongswan-mod-resolve \ - +strongswan-mod-revocation \ - +strongswan-mod-sha1 \ - +strongswan-mod-sha2 \ - +strongswan-mod-smp \ - +strongswan-mod-socket-default \ - +strongswan-mod-sql \ - +strongswan-mod-sqlite \ - +strongswan-mod-stroke \ - +strongswan-mod-test-vectors \ - +strongswan-mod-uci \ - +strongswan-mod-unity \ - +strongswan-mod-updown \ - +strongswan-mod-whitelist \ - +strongswan-mod-x509 \ - +strongswan-mod-xauth-eap \ - +strongswan-mod-xauth-generic \ - +strongswan-mod-xcbc \ - +strongswan-utils \ - @DEVEL -endef - -define Package/strongswan-full/description -$(call Package/strongswan/description/Default) - This meta-package contains dependencies for all of the strongswan plugins - except kernel-klips, kernel-libipsec, kernel-pfkey, - socket-dynamic and which are ommitted in favor of the kernel-netlink and - socket-default plugins. -endef - - -define Package/strongswan-default -$(call Package/strongswan/Default) - TITLE+= (default) - DEPENDS:= +strongswan \ - +strongswan-charon \ - +strongswan-mod-aes \ - +strongswan-mod-attr \ - +strongswan-mod-constraints \ - +strongswan-mod-des \ - +strongswan-mod-dnskey \ - +strongswan-mod-fips-prf \ - +strongswan-mod-gmp \ - +strongswan-mod-hmac \ - +strongswan-mod-kernel-netlink \ - +strongswan-mod-md5 \ - +strongswan-mod-nonce \ - +strongswan-mod-pem \ - +strongswan-mod-pgp \ - +strongswan-mod-pkcs1 \ - +strongswan-mod-pubkey \ - +strongswan-mod-random \ - +strongswan-mod-resolve \ - +strongswan-mod-revocation \ - +strongswan-mod-sha1 \ - +strongswan-mod-sha2 \ - +strongswan-mod-socket-default \ - +strongswan-mod-stroke \ - +strongswan-mod-updown \ - +strongswan-mod-x509 \ - +strongswan-mod-xauth-generic \ - +strongswan-mod-xcbc \ - +strongswan-utils -endef - -define Package/strongswan-default/description -$(call Package/strongswan/description/Default) - This meta-package contains only dependencies to match upstream defaults. -endef - -define Package/strongswan-minimal -$(call Package/strongswan/Default) - TITLE+= (minimal) - DEPENDS:= +strongswan \ - +strongswan-charon \ - +strongswan-mod-aes \ - +strongswan-mod-gmp \ - +strongswan-mod-hmac \ - +strongswan-mod-kernel-netlink \ - +strongswan-mod-nonce \ - +strongswan-mod-pubkey \ - +strongswan-mod-random \ - +strongswan-mod-sha1 \ - +strongswan-mod-socket-default \ - +strongswan-mod-stroke \ - +strongswan-mod-updown \ - +strongswan-mod-x509 \ - +strongswan-mod-xcbc -endef - -define Package/strongswan-minimal/description -$(call Package/strongswan/description/Default) - This meta-package contains only dependencies for a minimal IKEv2 setup. -endef - -define Package/strongswan-charon -$(call Package/strongswan/Default) - TITLE+= IKEv1/IKEv2 keying daemon - DEPENDS:= +strongswan -endef - -define Package/strongswan-charon/description -$(call Package/strongswan/description/Default) - This package contains charon, an IKEv2 keying daemon. -endef - -define Package/strongswan-libfast -$(call Package/strongswan/Default) - TITLE+= libfast - DEPENDS:= +strongswan \ - +PACKAGE_strongswan-libfast:zlib \ - +PACKAGE_strongswan-libfast:fcgi \ - +PACKAGE_strongswan-libfast:clearsilver -endef - -define Package/strongswan-libfast/description -$(call Package/strongswan/description/Default) - This package contains libfast, a lightweight framework to build native web - applications using ClearSilver and FastCGI. -endef - -define Package/strongswan-utils -$(call Package/strongswan/Default) - TITLE+= utilities - DEPENDS:= +strongswan -endef - -define Package/strongswan-utils/description -$(call Package/strongswan/description/Default) - This package contains the pki & scepclient utilities. -endef - -define BuildPlugin - define Package/strongswan-mod-$(1) - $$(call Package/strongswan/Default) - TITLE:= StrongSwan $(2) plugin - DEPENDS:= +strongswan $(3) - endef - - strongswan_mod_conf=$(wildcard $(PKG_INSTALL_DIR)/etc/strongswan.d/charon/$(1).conf) - define Package/strongswan-mod-$(1)/install - $(INSTALL_DIR) $$(1)/etc/strongswan.d/charon - $(if $(call strongswan_mod_conf,$(1)), \ - $(INSTALL_DATA) \ - $(call strongswan_mod_conf,$(1)) \ - $$(1)/etc/strongswan.d/charon/ \ - ) - $(INSTALL_DIR) $$(1)/usr/lib/ipsec/plugins - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-$(1).so \ - $$(1)/usr/lib/ipsec/plugins/ - $(call Plugin/$(1)/install,$$(1)) - endef - - Package/strongswan-mod-$(1)/conffiles=$(patsubst $(PKG_INSTALL_DIR)%,%,$(call strongswan_mod_conf,$(1))) - - $$(eval $$(call BuildPackage,strongswan-mod-$(1))) -endef - -CONFIGURE_ARGS+= \ - --disable-scripts \ - --disable-static \ - $(if $(CONFIG_PACKAGE_strongswan-libfast),--enable-fast,--disable-fast) \ - $(if $(CONFIG_PACKAGE_strongswan-utils),--enable-tools,--disable-tools) \ - --with-random-device="$(call qstrip,$(CONFIG_STRONGSWAN_DEVICE_RANDOM))" \ - --with-urandom-device="$(call qstrip,$(CONFIG_STRONGSWAN_DEVICE_URANDOM))" \ - --with-routing-table="$(call qstrip,$(CONFIG_STRONGSWAN_ROUTING_TABLE))" \ - --with-routing-table-prio="$(call qstrip,$(CONFIG_STRONGSWAN_ROUTING_TABLE_PRIO))" \ - $(foreach m,$(PKG_MOD_AVAILABLE), \ - $(if $(CONFIG_PACKAGE_strongswan-mod-$(m)),--enable-$(m),--disable-$(m)) \ - ) - -ifneq ($(CONFIG_PACKAGE_strongswan-libfast),) - EXTRA_CPPFLAGS+= -I$(STAGING_DIR)/usr/include/ClearSilver -endif - -EXTRA_LDFLAGS+= -Wl,-rpath-link,$(STAGING_DIR)/usr/lib - -define Package/strongswan/conffiles -/etc/ipsec.conf -/etc/ipsec.secrets -/etc/ipsec.user -/etc/strongswan.conf -endef - -define Package/strongswan/install - $(INSTALL_DIR) $(1)/etc - $(CP) $(PKG_INSTALL_DIR)/etc/strongswan.conf $(1)/etc/ - $(INSTALL_DIR) $(1)/usr/lib/ipsec - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{libstrongswan.so.*,libhydra.so.*} $(1)/usr/lib/ipsec/ - $(INSTALL_CONF) ./files/ipsec.secrets $(1)/etc/ - $(INSTALL_DIR) $(1)/etc/init.d - $(INSTALL_BIN) ./files/ipsec.init $(1)/etc/init.d/ipsec -endef - -define Package/strongswan-default/install - true -endef - -define Package/strongswan-full/install - true -endef - -define Package/strongswan-minimal/install - true -endef - -define Package/strongswan-charon/install - $(INSTALL_DIR) $(1)/usr/lib/ipsec - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/charon $(1)/usr/lib/ipsec/ - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libcharon.so.* $(1)/usr/lib/ipsec/ -endef - -define Package/strongswan-libfast/install - $(INSTALL_DIR) $(1)/usr/lib/ipsec - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libfast.so.* $(1)/usr/lib/ipsec/ -endef - -define Package/strongswan-utils/install - $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ipsec $(1)/usr/sbin/ - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/pki $(1)/usr/bin/ - $(INSTALL_DIR) $(1)/usr/lib/ipsec - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/scepclient $(1)/usr/lib/ipsec/ -endef - -define Plugin/duplicheck/install - $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/duplicheck $(1)/usr/lib/ipsec/ - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-duplicheck.so $(1)/usr/lib/ipsec/plugins/ -endef - -define Plugin/eap-radius/install - $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libradius.so.* $(1)/usr/lib/ipsec/ - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-eap-radius.so $(1)/usr/lib/ipsec/plugins/ -endef - -define Plugin/attr-sql/install - $(INSTALL_DIR) $(1)/usr/lib/ipsec - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/pool $(1)/usr/lib/ipsec/ -endef - -define Plugin/stroke/install - $(INSTALL_DIR) $(1)/etc/ipsec.d/aacerts - $(INSTALL_DIR) $(1)/etc/ipsec.d/acerts - $(INSTALL_DIR) $(1)/etc/ipsec.d/cacerts - $(INSTALL_DIR) $(1)/etc/ipsec.d/certs - $(INSTALL_DIR) $(1)/etc/ipsec.d/crls - $(INSTALL_DIR) $(1)/etc/ipsec.d/ocspcerts - $(INSTALL_DIR) $(1)/etc/ipsec.d/private - $(INSTALL_DIR) $(1)/etc/ipsec.d/reqs - - $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/ipsec.conf $(1)/etc/ - - $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{starter,stroke} $(1)/usr/lib/ipsec/ - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-stroke.so $(1)/usr/lib/ipsec/plugins/ -endef - -define Plugin/updown/install - $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{_updown,_updown_espmark} $(1)/usr/lib/ipsec/ - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-updown.so $(1)/usr/lib/ipsec/plugins/ - $(INSTALL_DIR) $(1)/etc - $(INSTALL_CONF) ./files/ipsec.user $(1)/etc/ -endef - -define Plugin/whitelist/install - $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/whitelist $(1)/usr/lib/ipsec/ - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-whitelist.so $(1)/usr/lib/ipsec/plugins/ -endef - -define Plugin/kernel-libipsec/install - $(INSTALL_DIR) $(1)/usr/lib/ipsec - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libipsec.so.* $(1)/usr/lib/ipsec/ -endef - -$(eval $(call BuildPackage,strongswan)) -$(eval $(call BuildPackage,strongswan-default)) -$(eval $(call BuildPackage,strongswan-full)) -$(eval $(call BuildPackage,strongswan-minimal)) -$(eval $(call BuildPackage,strongswan-charon)) -$(eval $(call BuildPackage,strongswan-libfast)) -$(eval $(call BuildPackage,strongswan-utils)) -$(eval $(call BuildPlugin,addrblock,RFC 3779 address block constraint support,)) -$(eval $(call BuildPlugin,aes,AES crypto,)) -$(eval $(call BuildPlugin,af-alg,AF_ALG crypto interface to Linux Crypto API,+kmod-crypto-user)) -$(eval $(call BuildPlugin,agent,SSH agent signing,)) -$(eval $(call BuildPlugin,attr,file based config,)) -$(eval $(call BuildPlugin,attr-sql,SQL based config,+strongswan-mod-sql)) -$(eval $(call BuildPlugin,blowfish,Blowfish crypto,)) -$(eval $(call BuildPlugin,ccm,CCM AEAD wrapper crypto,)) -$(eval $(call BuildPlugin,cmac,CMAC crypto,)) -$(eval $(call BuildPlugin,constraints,advanced X509 constraint checking,)) -$(eval $(call BuildPlugin,coupling,IKEv2 plugin to couple peer certificates permanently to authentication,)) -$(eval $(call BuildPlugin,ctr,Counter Mode wrapper crypto,)) -$(eval $(call BuildPlugin,curl,cURL fetcher plugin,+PACKAGE_strongswan-mod-curl:libcurl)) -$(eval $(call BuildPlugin,des,DES crypto,)) -$(eval $(call BuildPlugin,dhcp,DHCP based attribute provider,)) -$(eval $(call BuildPlugin,dnskey,DNS RR key decoding,)) -$(eval $(call BuildPlugin,duplicheck,advanced duplicate checking,)) -$(eval $(call BuildPlugin,eap-identity,EAP identity helper,)) -$(eval $(call BuildPlugin,eap-md5,EAP MD5 (CHAP) EAP auth,)) -$(eval $(call BuildPlugin,eap-mschapv2,EAP MS-CHAPv2 EAP auth,+strongswan-mod-md4 +strongswan-mod-des)) -$(eval $(call BuildPlugin,eap-radius,EAP RADIUS auth,)) -$(eval $(call BuildPlugin,farp,fake arp respsonses,)) -$(eval $(call BuildPlugin,fips-prf,FIPS PRF crypto,+strongswan-mod-sha1)) -$(eval $(call BuildPlugin,gcm,GCM AEAD wrapper crypto,)) -$(eval $(call BuildPlugin,gcrypt,libgcrypt,+PACKAGE_strongswan-mod-gcrypt:libgcrypt)) -$(eval $(call BuildPlugin,gmp,libgmp,+PACKAGE_strongswan-mod-gmp:libgmp)) -$(eval $(call BuildPlugin,ha,high availability cluster,)) -$(eval $(call BuildPlugin,hmac,HMAC crypto,)) -$(eval $(call BuildPlugin,kernel-klips,KLIPS kernel interface,)) -$(eval $(call BuildPlugin,kernel-libipsec,libipsec kernel interface,)) -$(eval $(call BuildPlugin,kernel-netlink,netlink kernel interface,)) -$(eval $(call BuildPlugin,kernel-pfkey,PK_KEY kernel interface,)) -$(eval $(call BuildPlugin,ldap,LDAP,+PACKAGE_strongswan-mod-ldap:libopenldap)) -$(eval $(call BuildPlugin,led,LED blink on IKE activity,)) -$(eval $(call BuildPlugin,load-tester,load testing,)) -$(eval $(call BuildPlugin,nonce,nonce genereation,)) -$(eval $(call BuildPlugin,md4,MD4 crypto,)) -$(eval $(call BuildPlugin,md5,MD5 crypto,)) -$(eval $(call BuildPlugin,mysql,MySQL database interface,+strongswan-mod-sql +PACKAGE_strongswan-mod-mysql:libmysqlclient-r)) -$(eval $(call BuildPlugin,openssl,OpenSSL crypto,+PACKAGE_strongswan-mod-openssl:libopenssl)) -$(eval $(call BuildPlugin,padlock,VIA PadLock crypto,@TARGET_x86)) -$(eval $(call BuildPlugin,pem,PEM decoding,)) -$(eval $(call BuildPlugin,pgp,PGP key decoding,)) -$(eval $(call BuildPlugin,pkcs1,PKCS1 key decoding,)) -$(eval $(call BuildPlugin,pkcs8,PKCS8 key decoding,)) -$(eval $(call BuildPlugin,pkcs11,PKCS11 key decoding,)) -$(eval $(call BuildPlugin,pubkey,raw public key,)) -$(eval $(call BuildPlugin,random,RNG,)) -$(eval $(call BuildPlugin,resolve,DNS resolver,)) -$(eval $(call BuildPlugin,revocation,X509 CRL/OCSP revocation,)) -$(eval $(call BuildPlugin,sha1,SHA1 crypto,)) -$(eval $(call BuildPlugin,sha2,SHA2 crypto,)) -$(eval $(call BuildPlugin,smp,SMP configuration and control interface,+PACKAGE_strongswan-mod-smp:libxml2)) -$(eval $(call BuildPlugin,socket-default,default socket implementation for charon,)) -$(eval $(call BuildPlugin,socket-dynamic,dynamic socket implementation for charon,)) -$(eval $(call BuildPlugin,sql,SQL database interface,)) -$(eval $(call BuildPlugin,sqlite,SQLite database interface,+strongswan-mod-sql +PACKAGE_strongswan-mod-sqlite:libsqlite3)) -$(eval $(call BuildPlugin,stroke,Stroke,+strongswan-utils)) -$(eval $(call BuildPlugin,test-vectors,crypto test vectors,)) -$(eval $(call BuildPlugin,uci,UCI config interface,+PACKAGE_strongswan-mod-uci:libuci)) -$(eval $(call BuildPlugin,unity,Cisco Unity extension,)) -$(eval $(call BuildPlugin,updown,updown firewall,)) -$(eval $(call BuildPlugin,whitelist,peer identity whitelisting,)) -$(eval $(call BuildPlugin,x509,x509 certificate,)) -$(eval $(call BuildPlugin,xauth-eap,EAP XAuth backend,)) -$(eval $(call BuildPlugin,xauth-generic,generic XAuth backend,)) -$(eval $(call BuildPlugin,xcbc,xcbc crypto,)) diff --git a/net/strongswan/files/ipsec.init b/net/strongswan/files/ipsec.init deleted file mode 100644 index 391a2ae8c..000000000 --- a/net/strongswan/files/ipsec.init +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/sh /etc/rc.common - -START=90 -STOP=10 - -start() { - ipsec start -} - -stop() { - ipsec stop -} - -restart() { - ipsec restart -} - -reload() { - ipsec update -} diff --git a/net/strongswan/files/ipsec.secrets b/net/strongswan/files/ipsec.secrets deleted file mode 100644 index ddd495699..000000000 --- a/net/strongswan/files/ipsec.secrets +++ /dev/null @@ -1 +0,0 @@ -# /etc/ipsec.secrets - strongSwan IPsec secrets file diff --git a/net/strongswan/files/ipsec.user b/net/strongswan/files/ipsec.user deleted file mode 100644 index 4351ace39..000000000 --- a/net/strongswan/files/ipsec.user +++ /dev/null @@ -1,6 +0,0 @@ -# This file is interpreted as shell script. -# Put your custom ip rules here, they will -# be executed with each call to the script -# /usr/lib/ipsec/_updown which by default -# strongswan executes. - diff --git a/net/strongswan/patches/100-method_name_fix.patch b/net/strongswan/patches/100-method_name_fix.patch deleted file mode 100644 index 477f399c6..000000000 --- a/net/strongswan/patches/100-method_name_fix.patch +++ /dev/null @@ -1,40 +0,0 @@ ---- a/src/libipsec/ip_packet.c -+++ b/src/libipsec/ip_packet.c -@@ -95,7 +95,7 @@ METHOD(ip_packet_t, get_next_header, u_i - return this->next_header; - } - --METHOD(ip_packet_t, clone, ip_packet_t*, -+METHOD(ip_packet_t, clone_, ip_packet_t*, - private_ip_packet_t *this) - { - return ip_packet_create(chunk_clone(this->packet)); -@@ -183,7 +183,7 @@ ip_packet_t *ip_packet_create(chunk_t pa - .get_destination = _get_destination, - .get_next_header = _get_next_header, - .get_encoding = _get_encoding, -- .clone = _clone, -+ .clone = _clone_, - .destroy = _destroy, - }, - .src = src, ---- a/src/libipsec/esp_packet.c -+++ b/src/libipsec/esp_packet.c -@@ -115,7 +115,7 @@ METHOD(packet_t, skip_bytes, void, - return this->packet->skip_bytes(this->packet, bytes); - } - --METHOD(packet_t, clone, packet_t*, -+METHOD(packet_t, clone_, packet_t*, - private_esp_packet_t *this) - { - private_esp_packet_t *pkt; -@@ -414,7 +414,7 @@ static private_esp_packet_t *esp_packet_ - .get_dscp = _get_dscp, - .set_dscp = _set_dscp, - .skip_bytes = _skip_bytes, -- .clone = _clone, -+ .clone = _clone_, - .destroy = _destroy, - }, - .get_source = _get_source, diff --git a/net/strongswan/patches/201-kmodloader.patch b/net/strongswan/patches/201-kmodloader.patch deleted file mode 100644 index 7d4615638..000000000 --- a/net/strongswan/patches/201-kmodloader.patch +++ /dev/null @@ -1,28 +0,0 @@ ---- a/src/starter/netkey.c -+++ b/src/starter/netkey.c -@@ -31,7 +31,7 @@ bool starter_netkey_init(void) - /* af_key module makes the netkey proc interface visible */ - if (stat(PROC_MODULES, &stb) == 0) - { -- ignore_result(system("modprobe -qv af_key")); -+ ignore_result(system("modprobe af_key 2>&1 >/dev/null")); - } - - /* now test again */ -@@ -45,11 +45,11 @@ bool starter_netkey_init(void) - /* make sure that all required IPsec modules are loaded */ - if (stat(PROC_MODULES, &stb) == 0) - { -- ignore_result(system("modprobe -qv ah4")); -- ignore_result(system("modprobe -qv esp4")); -- ignore_result(system("modprobe -qv ipcomp")); -- ignore_result(system("modprobe -qv xfrm4_tunnel")); -- ignore_result(system("modprobe -qv xfrm_user")); -+ ignore_result(system("modprobe ah4 2>&1 >/dev/null")); -+ ignore_result(system("modprobe esp4 2>&1 >/dev/null")); -+ ignore_result(system("modprobe ipcomp 2>&1 >/dev/null")); -+ ignore_result(system("modprobe xfrm4_tunnel 2>&1 >/dev/null")); -+ ignore_result(system("modprobe xfrm_user 2>&1 >/dev/null")); - } - - DBG2(DBG_APP, "found netkey IPsec stack"); diff --git a/net/strongswan/patches/203-uci.patch b/net/strongswan/patches/203-uci.patch deleted file mode 100644 index 274ea8694..000000000 --- a/net/strongswan/patches/203-uci.patch +++ /dev/null @@ -1,20 +0,0 @@ ---- a/src/libcharon/plugins/uci/uci_parser.c -+++ b/src/libcharon/plugins/uci/uci_parser.c -@@ -78,7 +78,7 @@ METHOD(enumerator_t, section_enumerator_ - if (uci_lookup(this->ctx, &element, this->package, - this->current->name, "name") == UCI_OK) - { /* use "name" attribute as config name if available ... */ -- *value = uci_to_option(element)->value; -+ *value = uci_to_option(element)->v.string; - } - else - { /* ... or the section name becomes config name */ -@@ -93,7 +93,7 @@ METHOD(enumerator_t, section_enumerator_ - if (value && uci_lookup(this->ctx, &element, this->package, - this->current->name, this->keywords[i]) == UCI_OK) - { -- *value = uci_to_option(element)->value; -+ *value = uci_to_option(element)->v.string; - } - } - va_end(args); diff --git a/net/strongswan/patches/300-include-ipsec-user-script.patch b/net/strongswan/patches/300-include-ipsec-user-script.patch deleted file mode 100644 index d96e84492..000000000 --- a/net/strongswan/patches/300-include-ipsec-user-script.patch +++ /dev/null @@ -1,17 +0,0 @@ ---- a/src/_updown/_updown.in -+++ b/src/_updown/_updown.in -@@ -16,11 +16,9 @@ - # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - # for more details. - --# CAUTION: Installing a new version of strongSwan will install a new --# copy of this script, wiping out any custom changes you make. If --# you need changes, make a copy of this under another name, and customize --# that, and use the (left/right)updown parameters in ipsec.conf to make --# strongSwan use yours instead of this default one. -+# Add your custom ip rules to the /etc/ipsec.user file if you need that functionality. -+ -+[ -e /etc/ipsec.user ] && . /etc/ipsec.user "$1" - - # things that this script gets (from ipsec_pluto(8) man page) - #