Skip to content

Commit

Permalink
package/strongswan: add options to select EAP plugins
Browse files Browse the repository at this point in the history 
Add options to chose individual EAP plugins.

All the new plugins are enabled by default if the old single option was
enabled, for a seamless update from an older Buildroot config, but for
new configurations, they are not enabled by default.

BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2 is the only plugin requiring
libgmp; the selection of BR2_PACKAGE_GMP is moved down accordingly.

Signed-off-by: Martin Elshuber <[email protected]>
[[email protected]:
  - move BR2_PACKAGE_STRONGSWAN_EAP to legacy
  - extend commit log accordingly
  - fix check-package
]
Signed-off-by: Yann E. MORIN <[email protected]>
  • Loading branch information
@martin-cherry @yann-morin-1998
martin-cherry authored and yann-morin-1998 committed Sep 28, 2021
1 parent f8b17f7 commit 89f20c1
Show file tree
Hide file tree
Showing 3 changed files with 91 additions and 47 deletions.
6 changes: 6 additions & 0 deletions Config.in.legacy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -146,6 +146,12 @@ endif

comment "Legacy options removed in 2021.11"

config BR2_PACKAGE_STRONGSWAN_EAP
bool "strongswan EAP plugins now individually selectable"
select BR2_LEGACY
help
The various EAP plugins are now individually selectable.

config BR2_PACKAGE_GNURADIO_PAGER
bool "gnuradio gr-flex support removed"
select BR2_LEGACY
Expand Down
92 changes: 67 additions & 25 deletions package/strongswan/Config.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,37 +76,79 @@ config BR2_PACKAGE_STRONGSWAN_TNCCS_DYNAMIC
config BR2_PACKAGE_STRONGSWAN_SYSTIME_FIX
bool "Enable systime-fix plugin"

config BR2_PACKAGE_STRONGSWAN_EAP
bool "Enable EAP protocols"
select BR2_PACKAGE_GMP
help
Enable various EAP protocols:
- mschapv2
- tls
- ttls
- peap
- sim
- sim-file
- aka
- aka-3gpp2
- simaka-sql
- simaka-pseudonym
- simaka-reauth
- identity
- md5
- gtc
- tnc
- dynamic
- radius

if BR2_PACKAGE_STRONGSWAN_EAP
config BR2_PACKAGE_STRONGSWAN_EAP_SIM
bool "Enable EAP-SIM"
default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy

config BR2_PACKAGE_STRONGSWAN_EAP_SIM_FILE
bool "Enable EAP-SIM file backend"
default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy

config BR2_PACKAGE_STRONGSWAN_EAP_SIM_PCSC
bool "Enable EAP-SIM smart card backend"
depends on !BR2_STATIC_LIBS # pcsc-lite
select BR2_PACKAGE_PCSC_LITE

endif
config BR2_PACKAGE_STRONGSWAN_EAP_AKA
bool "Enable EAP-AKA"
default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy

config BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2
bool "Enable EAP-AKA 3GPP2 algorithms"
default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
select BR2_PACKAGE_GMP

config BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_SQL
bool "Enable EAP-SIM/AKA backend based on a triplet/quintuplet SQL database"
default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy

config BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_PSEUDONYM
bool "Enable EAP-SIM/AKA pseudonym storage"
default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy

config BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_REAUTH
bool "Enable EAP-SIM/AKA reauthentication data storage"
default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy

config BR2_PACKAGE_STRONGSWAN_EAP_IDENTITY
bool "Enable EAP-Identity"
default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy

config BR2_PACKAGE_STRONGSWAN_EAP_MD5
bool "Enable EAP-MD5"
default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy

config BR2_PACKAGE_STRONGSWAN_EAP_GTC
bool "Enable EAP-GDC"
default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy

config BR2_PACKAGE_STRONGSWAN_EAP_MSCHAPV2
bool "Enable EAP-MSCHAPv2"
default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy

config BR2_PACKAGE_STRONGSWAN_EAP_PEAP
bool "Enable EAP-PEAP"
default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy

config BR2_PACKAGE_STRONGSWAN_EAP_RADIUS
bool "Enable EAP-RADIUS"
default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy

config BR2_PACKAGE_STRONGSWAN_EAP_TLS
bool "Enable EAP-TLS"
default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy

config BR2_PACKAGE_STRONGSWAN_EAP_TTLS
bool "Enable EAP-TTLS"
default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy

config BR2_PACKAGE_STRONGSWAN_EAP_DYNAMIC
bool "Enable EAP-DYNAMIC"
default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy

config BR2_PACKAGE_STRONGSWAN_EAP_TNC
bool "Enable EAP-TNC"
default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy

config BR2_PACKAGE_STRONGSWAN_UNITY
bool "Enables Cisco Unity extension plugin"
Expand Down
40 changes: 18 additions & 22 deletions package/strongswan/strongswan.mk
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,23 @@ STRONGSWAN_CONF_OPTS += \
--enable-swanctl=$(if $(BR2_PACKAGE_STRONGSWAN_VICI),yes,no) \
--enable-wolfssl=$(if $(BR2_PACKAGE_STRONGSWAN_WOLFSSL),yes,no) \
--enable-systime-fix=$(if $(BR2_PACKAGE_STRONGSWAN_SYSTIME_FIX),yes,no) \
--enable-eap-sim=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIM),yes,no) \
--enable-eap-sim-file=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIM_FILE),yes,no) \
--enable-eap-aka=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_AKA),yes,no) \
--enable-eap-aka-3gpp2=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2),yes,no) \
--enable-eap-simaka-sql=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_SQL),yes,no) \
--enable-eap-simaka-pseudonym=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_PSEUDONYM),yes,no) \
--enable-eap-simaka-reauth=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_REAUTH),yes,no) \
--enable-eap-identity=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_IDENTITY),yes,no) \
--enable-eap-md5=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_MD5),yes,no) \
--enable-eap-gtc=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_GTC),yes,no) \
--enable-eap-mschapv2=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_MSCHAPV2),yes,no) \
--enable-eap-tls=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_TLS),yes,no) \
--enable-eap-ttls=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_TTLS),yes,no) \
--enable-eap-peap=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_PEAP),yes,no) \
--enable-eap-tnc=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_TNC),yes,no) \
--enable-eap-dynamic=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_DYNAMIC),yes,no) \
--enable-eap-radius=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_RADIUS),yes,no) \
--with-ipseclibdir=/usr/lib \
--with-plugindir=/usr/lib/ipsec/plugins \
--with-imcvdir=/usr/lib/ipsec/imcvs \
Expand All @@ -47,32 +64,11 @@ ifeq ($(BR2_TOOLCHAIN_HAS_LIBATOMIC),y)
STRONGSWAN_CONF_ENV += LIBS='-latomic'
endif

ifeq ($(BR2_PACKAGE_STRONGSWAN_EAP),y)
STRONGSWAN_CONF_OPTS += \
--enable-eap-sim \
--enable-eap-sim-file \
--enable-eap-aka \
--enable-eap-aka-3gpp2 \
--enable-eap-simaka-sql \
--enable-eap-simaka-pseudonym \
--enable-eap-simaka-reauth \
--enable-eap-identity \
--enable-eap-md5 \
--enable-eap-gtc \
--enable-eap-mschapv2 \
--enable-eap-tls \
--enable-eap-ttls \
--enable-eap-peap \
--enable-eap-tnc \
--enable-eap-dynamic \
--enable-eap-radius
STRONGSWAN_DEPENDENCIES += gmp
endif

STRONGSWAN_DEPENDENCIES += \
$(if $(BR2_PACKAGE_STRONGSWAN_OPENSSL),openssl) \
$(if $(BR2_PACKAGE_STRONGSWAN_GCRYPT),libgcrypt) \
$(if $(BR2_PACKAGE_STRONGSWAN_GMP),gmp) \
$(if $(BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2),gmp) \
$(if $(BR2_PACKAGE_STRONGSWAN_CURL),libcurl) \
$(if $(BR2_PACKAGE_STRONGSWAN_TNCCS_11),libxml2) \
$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIM_PCSC),pcsc-lite) \
Expand Down

0 comments on commit 89f20c1

Please sign in to comment.