[Buildroot] [git commit] package/strongswan: add options to select EAP plugins
Yann E. MORIN
yann.morin.1998 at free.fr
Tue Sep 28 20:43:51 UTC 2021
commit: https://git.buildroot.net/buildroot/commit/?id=89f20c1c3f9d667ec0a40bcfe17db94ff098e6c0
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master
Add options to chose individual EAP plugins.
All the new plugins are enabled by default if the old single option was
enabled, for a seamless update from an older Buildroot config, but for
new configurations, they are not enabled by default.
BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2 is the only plugin requiring
libgmp; the selection of BR2_PACKAGE_GMP is moved down accordingly.
Signed-off-by: Martin Elshuber <martin.elshuber at theobroma-systems.com>
[yann.morin.1998 at free.fr:
- move BR2_PACKAGE_STRONGSWAN_EAP to legacy
- extend commit log accordingly
- fix check-package
]
Signed-off-by: Yann E. MORIN <yann.morin.1998 at free.fr>
---
Config.in.legacy | 6 +++
package/strongswan/Config.in | 92 +++++++++++++++++++++++++++++-----------
package/strongswan/strongswan.mk | 40 ++++++++---------
3 files changed, 91 insertions(+), 47 deletions(-)
diff --git a/Config.in.legacy b/Config.in.legacy
index 7eebe85298..9f1f7687fb 100644
--- a/Config.in.legacy
+++ b/Config.in.legacy
@@ -146,6 +146,12 @@ endif
comment "Legacy options removed in 2021.11"
+config BR2_PACKAGE_STRONGSWAN_EAP
+ bool "strongswan EAP plugins now individually selectable"
+ select BR2_LEGACY
+ help
+ The various EAP plugins are now individually selectable.
+
config BR2_PACKAGE_GNURADIO_PAGER
bool "gnuradio gr-flex support removed"
select BR2_LEGACY
diff --git a/package/strongswan/Config.in b/package/strongswan/Config.in
index 5b601598f5..f6e78db22e 100644
--- a/package/strongswan/Config.in
+++ b/package/strongswan/Config.in
@@ -76,37 +76,79 @@ config BR2_PACKAGE_STRONGSWAN_TNCCS_DYNAMIC
config BR2_PACKAGE_STRONGSWAN_SYSTIME_FIX
bool "Enable systime-fix plugin"
-config BR2_PACKAGE_STRONGSWAN_EAP
- bool "Enable EAP protocols"
- select BR2_PACKAGE_GMP
- help
- Enable various EAP protocols:
- - mschapv2
- - tls
- - ttls
- - peap
- - sim
- - sim-file
- - aka
- - aka-3gpp2
- - simaka-sql
- - simaka-pseudonym
- - simaka-reauth
- - identity
- - md5
- - gtc
- - tnc
- - dynamic
- - radius
-
-if BR2_PACKAGE_STRONGSWAN_EAP
+config BR2_PACKAGE_STRONGSWAN_EAP_SIM
+ bool "Enable EAP-SIM"
+ default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_SIM_FILE
+ bool "Enable EAP-SIM file backend"
+ default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
config BR2_PACKAGE_STRONGSWAN_EAP_SIM_PCSC
bool "Enable EAP-SIM smart card backend"
depends on !BR2_STATIC_LIBS # pcsc-lite
select BR2_PACKAGE_PCSC_LITE
-endif
+config BR2_PACKAGE_STRONGSWAN_EAP_AKA
+ bool "Enable EAP-AKA"
+ default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2
+ bool "Enable EAP-AKA 3GPP2 algorithms"
+ default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+ select BR2_PACKAGE_GMP
+
+config BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_SQL
+ bool "Enable EAP-SIM/AKA backend based on a triplet/quintuplet SQL database"
+ default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_PSEUDONYM
+ bool "Enable EAP-SIM/AKA pseudonym storage"
+ default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_REAUTH
+ bool "Enable EAP-SIM/AKA reauthentication data storage"
+ default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_IDENTITY
+ bool "Enable EAP-Identity"
+ default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_MD5
+ bool "Enable EAP-MD5"
+ default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_GTC
+ bool "Enable EAP-GDC"
+ default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_MSCHAPV2
+ bool "Enable EAP-MSCHAPv2"
+ default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_PEAP
+ bool "Enable EAP-PEAP"
+ default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_RADIUS
+ bool "Enable EAP-RADIUS"
+ default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_TLS
+ bool "Enable EAP-TLS"
+ default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_TTLS
+ bool "Enable EAP-TTLS"
+ default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_DYNAMIC
+ bool "Enable EAP-DYNAMIC"
+ default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_TNC
+ bool "Enable EAP-TNC"
+ default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
config BR2_PACKAGE_STRONGSWAN_UNITY
bool "Enables Cisco Unity extension plugin"
diff --git a/package/strongswan/strongswan.mk b/package/strongswan/strongswan.mk
index 6c1f411ab5..a23ac8af22 100644
--- a/package/strongswan/strongswan.mk
+++ b/package/strongswan/strongswan.mk
@@ -38,6 +38,23 @@ STRONGSWAN_CONF_OPTS += \
--enable-swanctl=$(if $(BR2_PACKAGE_STRONGSWAN_VICI),yes,no) \
--enable-wolfssl=$(if $(BR2_PACKAGE_STRONGSWAN_WOLFSSL),yes,no) \
--enable-systime-fix=$(if $(BR2_PACKAGE_STRONGSWAN_SYSTIME_FIX),yes,no) \
+ --enable-eap-sim=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIM),yes,no) \
+ --enable-eap-sim-file=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIM_FILE),yes,no) \
+ --enable-eap-aka=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_AKA),yes,no) \
+ --enable-eap-aka-3gpp2=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2),yes,no) \
+ --enable-eap-simaka-sql=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_SQL),yes,no) \
+ --enable-eap-simaka-pseudonym=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_PSEUDONYM),yes,no) \
+ --enable-eap-simaka-reauth=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_REAUTH),yes,no) \
+ --enable-eap-identity=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_IDENTITY),yes,no) \
+ --enable-eap-md5=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_MD5),yes,no) \
+ --enable-eap-gtc=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_GTC),yes,no) \
+ --enable-eap-mschapv2=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_MSCHAPV2),yes,no) \
+ --enable-eap-tls=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_TLS),yes,no) \
+ --enable-eap-ttls=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_TTLS),yes,no) \
+ --enable-eap-peap=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_PEAP),yes,no) \
+ --enable-eap-tnc=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_TNC),yes,no) \
+ --enable-eap-dynamic=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_DYNAMIC),yes,no) \
+ --enable-eap-radius=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_RADIUS),yes,no) \
--with-ipseclibdir=/usr/lib \
--with-plugindir=/usr/lib/ipsec/plugins \
--with-imcvdir=/usr/lib/ipsec/imcvs \
@@ -47,32 +64,11 @@ ifeq ($(BR2_TOOLCHAIN_HAS_LIBATOMIC),y)
STRONGSWAN_CONF_ENV += LIBS='-latomic'
endif
-ifeq ($(BR2_PACKAGE_STRONGSWAN_EAP),y)
-STRONGSWAN_CONF_OPTS += \
- --enable-eap-sim \
- --enable-eap-sim-file \
- --enable-eap-aka \
- --enable-eap-aka-3gpp2 \
- --enable-eap-simaka-sql \
- --enable-eap-simaka-pseudonym \
- --enable-eap-simaka-reauth \
- --enable-eap-identity \
- --enable-eap-md5 \
- --enable-eap-gtc \
- --enable-eap-mschapv2 \
- --enable-eap-tls \
- --enable-eap-ttls \
- --enable-eap-peap \
- --enable-eap-tnc \
- --enable-eap-dynamic \
- --enable-eap-radius
-STRONGSWAN_DEPENDENCIES += gmp
-endif
-
STRONGSWAN_DEPENDENCIES += \
$(if $(BR2_PACKAGE_STRONGSWAN_OPENSSL),openssl) \
$(if $(BR2_PACKAGE_STRONGSWAN_GCRYPT),libgcrypt) \
$(if $(BR2_PACKAGE_STRONGSWAN_GMP),gmp) \
+ $(if $(BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2),gmp) \
$(if $(BR2_PACKAGE_STRONGSWAN_CURL),libcurl) \
$(if $(BR2_PACKAGE_STRONGSWAN_TNCCS_11),libxml2) \
$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIM_PCSC),pcsc-lite) \
More information about the buildroot
mailing list