From: Carsten Schlote <[email protected]> Not for upstream.
Signed-off-by: Carsten Schlote <[email protected]> --- patches/strongswan-4.2.12/crossfixes.diff | 19 ++ patches/strongswan-4.2.12/series | 3 + .../strongswan-diffs-vendor-kp.diff | 74 ++++++ rules/strongswan.in | 76 ++++++ rules/strongswan.make | 257 ++++++++++++++++++++ 5 files changed, 429 insertions(+), 0 deletions(-) create mode 100644 patches/strongswan-4.2.12/crossfixes.diff create mode 100644 patches/strongswan-4.2.12/series create mode 100644 patches/strongswan-4.2.12/strongswan-diffs-vendor-kp.diff create mode 100644 rules/strongswan.in create mode 100644 rules/strongswan.make diff --git a/patches/strongswan-4.2.12/crossfixes.diff b/patches/strongswan-4.2.12/crossfixes.diff new file mode 100644 index 0000000..29df297 --- /dev/null +++ b/patches/strongswan-4.2.12/crossfixes.diff @@ -0,0 +1,19 @@ +--- + configure | 80 +++++--------------------------------------- + configure.in | 29 ++++++++------- + src/starter/starterstroke.c | 1 + src/starter/starterstroke.c | 1 + + 1 file changed, 1 insertion(+) + +Index: strongswan-4.2.12/src/starter/starterstroke.c +=================================================================== +--- strongswan-4.2.12.orig/src/starter/starterstroke.c 2009-02-05 23:09:08.000000000 +0100 ++++ strongswan-4.2.12/src/starter/starterstroke.c 2009-02-25 11:04:44.000000000 +0100 +@@ -25,6 +25,7 @@ + #include <netinet/in.h> + #include <arpa/inet.h> + #include <linux/xfrm.h> ++#define XFRM_MODE_BEET 4 + + #include <freeswan.h> + diff --git a/patches/strongswan-4.2.12/series b/patches/strongswan-4.2.12/series new file mode 100644 index 0000000..6097235 --- /dev/null +++ b/patches/strongswan-4.2.12/series @@ -0,0 +1,3 @@ +crossfixes.diff +strongswan-diffs-vendor-kp.diff -p0 + diff --git a/patches/strongswan-4.2.12/strongswan-diffs-vendor-kp.diff b/patches/strongswan-4.2.12/strongswan-diffs-vendor-kp.diff new file mode 100644 index 0000000..7dac3d7 --- /dev/null +++ b/patches/strongswan-4.2.12/strongswan-diffs-vendor-kp.diff @@ -0,0 +1,74 @@ +Patch to add DH Group 1 to build. +--- + src/pluto/crypto.c | 3 +++ + src/pluto/crypto.h | 2 +- + src/pluto/defs.h | 2 +- + src/starter/args.c | 1 + + 4 files changed, 6 insertions(+), 2 deletions(-) + +Index: src/starter/args.c +=================================================================== +--- src/starter/args.c.orig 2008-12-23 07:24:01.000000000 +0100 ++++ src/starter/args.c 2009-01-25 17:40:37.000000000 +0100 +@@ -106,6 +106,7 @@ + }; + + static const char *LST_pfsgroup[] = { ++ "modp768", + "modp1024", + "modp1536", + "modp2048", +Index: src/pluto/crypto.c +=================================================================== +--- src/pluto/crypto.c.orig 2008-12-23 07:24:11.000000000 +0100 ++++ src/pluto/crypto.c 2009-01-25 17:40:37.000000000 +0100 +@@ -40,6 +40,7 @@ + /* moduli and generator. */ + + static MP_INT ++ modp768_modulus, + modp1024_modulus, + modp1536_modulus, + modp2048_modulus, +@@ -457,6 +458,7 @@ + init_crypto(void) + { + if (mpz_init_set_str(&groupgenerator, MODP_GENERATOR, 10) != 0 ++ || mpz_init_set_str(&modp768_modulus, MODP768_MODULUS, 16) != 0 + || mpz_init_set_str(&modp1024_modulus, MODP1024_MODULUS, 16) != 0 + || mpz_init_set_str(&modp1536_modulus, MODP1536_MODULUS, 16) != 0 + || mpz_init_set_str(&modp2048_modulus, MODP2048_MODULUS, 16) != 0 +@@ -482,6 +484,7 @@ + + const struct oakley_group_desc oakley_group[OAKLEY_GROUP_SIZE] = { + # define BYTES(bits) (((bits) + BITS_PER_BYTE - 1) / BITS_PER_BYTE) ++ { OAKLEY_GROUP_MODP768 , &modp768_modulus, BYTES(768) }, + { OAKLEY_GROUP_MODP1024, &modp1024_modulus, BYTES(1024) }, + { OAKLEY_GROUP_MODP1536, &modp1536_modulus, BYTES(1536) }, + { OAKLEY_GROUP_MODP2048, &modp2048_modulus, BYTES(2048) }, +Index: src/pluto/crypto.h +=================================================================== +--- src/pluto/crypto.h.orig 2008-12-23 07:24:11.000000000 +0100 ++++ src/pluto/crypto.h 2009-01-25 17:40:37.000000000 +0100 +@@ -33,7 +33,7 @@ + + extern const struct oakley_group_desc unset_group; /* magic signifier */ + extern const struct oakley_group_desc *lookup_group(u_int16_t group); +-#define OAKLEY_GROUP_SIZE 7 ++#define OAKLEY_GROUP_SIZE 8 + extern const struct oakley_group_desc oakley_group[OAKLEY_GROUP_SIZE]; + + /* unification of cryptographic encoding/decoding algorithms +Index: src/pluto/defs.h +=================================================================== +--- src/pluto/defs.h.orig 2008-12-23 07:24:11.000000000 +0100 ++++ src/pluto/defs.h 2009-01-25 17:40:37.000000000 +0100 +@@ -34,7 +34,7 @@ + + /* Length of temporary buffers */ + +-#define BUF_LEN 512 ++#define BUF_LEN 1024 + + /* type of serial number of a state object + * Needed in connections.h and state.h; here to simplify dependencies. diff --git a/rules/strongswan.in b/rules/strongswan.in new file mode 100644 index 0000000..1440f3e --- /dev/null +++ b/rules/strongswan.in @@ -0,0 +1,76 @@ +## SECTION=networking +menuconfig STRONGSWAN + tristate + prompt "strongswan " + select KERNEL + select LIBGMP + select PPP if STRONGSWAN_PPPSCRIPTS + select LIBCURL if STRONGSWAN_USECURL + help + This adds StrongSwan to your root filesystem. It contains special + hacks and patches for customers like Arcor. + +if STRONGSWAN + +config STRONGSWAN_USECURL + bool + default n + prompt "Use libcurl for downloads" + help + enable CURL fetcher plugin to fetch files via + libcurl (default is NO). Requires libcurl. + +config STRONGSWAN_CISCOQUIRKS + bool + default y + prompt "Enables CISCO quirks" + help + Enables support for CISCO Routers. + +config STRONGSWAN_HTTP + bool + default n + prompt "Enables support for HTTP" + select LIBCURL + help + Enables support for HTTP Request. Required for SCEP, OSCP ... + Requires libcurl + +config STRONGSWAN_CONFIGFILES + bool + default n + prompt "Install config files" + help + Install ipsec.conf and ipsec.secrets file + + choice + prompt "Kind of ipsec.conf" + default STRONGSWAN_ETC_IPSEC_CONF_DEFAULT + depends on STRONGSWAN_CONFIGFILES + + config STRONGSWAN_ETC_IPSEC_CONF_DEFAULT + bool + prompt "Use generic" + help + Installs a generic /etc/ipsec.conf and /etc/ipsec.secrets file. + See <ptxdist-install>/generic/etc/ipsec.conf + + config STRONGSWAN_ETC_IPSEC_CONF_USER + bool + prompt "User defined" + help + This uses a user defined ipsec.conf and ipsec.secrets file. PTXdist + uses file projectroot/etc/ipsec.(conf|secrets) in your + local project. + + endchoice + +config STRONGSWAN_PPPSCRIPTS + bool + default n + select PPP + prompt "Install ppp up/down scripts" + help + Install ppp up/down scripts + +endif diff --git a/rules/strongswan.make b/rules/strongswan.make new file mode 100644 index 0000000..67ed789 --- /dev/null +++ b/rules/strongswan.make @@ -0,0 +1,257 @@ +# -*-makefile-*- +# $Id$ +# +# Copyright (C) 2008 by Carsten Schlote <[email protected]> +# +# See CREDITS for details about who has contributed to this project. +# +# For further information about the PTXdist project and license conditions +# see the README file. +# + +# +# We provide this package +# +PACKAGES-$(PTXCONF_STRONGSWAN) += strongswan + +# +# Paths and names +# +STRONGSWAN_VERSION := 4.2.12 +STRONGSWAN := strongswan-$(STRONGSWAN_VERSION) +STRONGSWAN_SUFFIX := tar.bz2 +STRONGSWAN_URL := http://download.strongswan.org/$(STRONGSWAN).$(STRONGSWAN_SUFFIX) +STRONGSWAN_SOURCE := $(SRCDIR)/$(STRONGSWAN).$(STRONGSWAN_SUFFIX) +STRONGSWAN_DIR := $(BUILDDIR)/$(STRONGSWAN) + +# ---------------------------------------------------------------------------- +# Get +# ---------------------------------------------------------------------------- + +$(STRONGSWAN_SOURCE): + @$(call targetinfo) + @$(call get, STRONGSWAN) + +# ---------------------------------------------------------------------------- +# Extract +# ---------------------------------------------------------------------------- + +$(STATEDIR)/strongswan.extract: + @$(call targetinfo) + @$(call clean, $(STRONGSWAN_DIR)) + @$(call extract, STRONGSWAN) + @$(call patchin, STRONGSWAN) + @$(call touch) + +# ---------------------------------------------------------------------------- +# Prepare +# ---------------------------------------------------------------------------- + +STRONGSWAN_PATH := PATH=$(CROSS_PATH) +STRONGSWAN_ENV := $(CROSS_ENV) \ + CFLAGS="-I=$(KERNEL_DIR)/include" + +# +# autoconf +# +STRONGSWAN_AUTOCONF := $(CROSS_AUTOCONF_USR) + +ifdef STRONGSWAN_USECURL +STRONGSWAN_AUTOCONF += --enable-curl +endif +ifdef STRONGSWAN_CISCOQUIRKS +STRONGSWAN_AUTOCONF += --enable-cisco-quirks +endif +ifdef STRONGSWAN_HTTP +STRONGSWAN_AUTOCONF += --enable-http +endif +STRONGSWAN_AUTOCONF += --enable-kernel-pfkey +STRONGSWAN_AUTOCONF += --enable-nat-transport + +# --enable-manager build web management console (default is NO). +# --enable-mediation enable IKEv2 Mediation Extension (default is NO). +# --enable-integrity-test enable the integrity test of the crypto library (default is NO). +# --enable-openssl enables the OpenSSL crypto plugin. (default is NO). +# --enable-agent enables the ssh-agent signing plugin. (default is NO). +# --enable-uci enable OpenWRT UCI configuration plugin (default is NO). +# --enable-nm enable NetworkManager plugin (default is NO). + + +$(STATEDIR)/strongswan.prepare: + @$(call targetinfo) + @$(call clean, $(STRONGSWAN_DIR)/config.cache) + cd $(STRONGSWAN_DIR) && \ + autoconf + cd $(STRONGSWAN_DIR) && \ + $(STRONGSWAN_PATH) $(STRONGSWAN_ENV) \ + ./configure $(STRONGSWAN_AUTOCONF) + @$(call touch) + +# ---------------------------------------------------------------------------- +# Compile +# ---------------------------------------------------------------------------- + +$(STATEDIR)/strongswan.compile: + @$(call targetinfo) + cd $(STRONGSWAN_DIR) && $(STRONGSWAN_PATH) $(STRONGSWAN_ENV) $(MAKE) $(PARALLELMFLAGS) + @$(call touch) + +# ---------------------------------------------------------------------------- +# Install +# ---------------------------------------------------------------------------- + +$(STATEDIR)/strongswan.install: + @$(call targetinfo) + @$(call install, STRONGSWAN) + @$(call touch) + +# ---------------------------------------------------------------------------- +# Target-Install +# ---------------------------------------------------------------------------- + +$(STATEDIR)/strongswan.targetinstall: + @$(call targetinfo) + + @$(call install_init, strongswan) + @$(call install_fixup, strongswan,PACKAGE,strongswan) + @$(call install_fixup, strongswan,PRIORITY,optional) + @$(call install_fixup, strongswan,VERSION,$(STRONGSWAN_VERSION)) + @$(call install_fixup, strongswan,SECTION,base) + @$(call install_fixup, strongswan,AUTHOR,"Carsten Schlote <[email protected]>") + @$(call install_fixup, strongswan,DEPENDS,) + @$(call install_fixup,strongswan,DESCRIPTION,"Konzeptpark version of StrongSwan") + + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/lib/libstrongswan.so.0.0.0) + @$(call install_link, strongswan, libstrongswan.so.0.0.0, /usr/lib/libstrongswan.so.0) + @$(call install_link, strongswan, libstrongswan.so.0.0.0, /usr/lib/libstrongswan.so) + + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/plugins/libstrongswan-aes.so.0.0.0) + @$(call install_link, strongswan, libstrongswan-aes.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-aes.so.0) + @$(call install_link, strongswan, libstrongswan-aes.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-aes.so) + + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/plugins/libstrongswan-des.so.0.0.0) + @$(call install_link, strongswan, libstrongswan-des.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-des.so.0) + @$(call install_link, strongswan, libstrongswan-des.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-des.so) + + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/plugins/libstrongswan-fips-prf.so.0.0.0) + @$(call install_link, strongswan, libstrongswan-fips-prf.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-fips-prf.so.0) + @$(call install_link, strongswan, libstrongswan-fips-prf.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-fips-prf.so) + + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/plugins/libstrongswan-gmp.so.0.0.0) + @$(call install_link, strongswan, libstrongswan-gmp.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-gmp.so.0) + @$(call install_link, strongswan, libstrongswan-gmp.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-gmp.so) + + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/plugins/libstrongswan-hmac.so.0.0.0) + @$(call install_link, strongswan, libstrongswan-hmac.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-hmac.so.0) + @$(call install_link, strongswan, libstrongswan-hmac.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-hmac.so) + + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/plugins/libstrongswan-kernel-netlink.so.0.0.0) + @$(call install_link, strongswan, libstrongswan-kernel-netlink.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-kernel-netlink.so.0) + @$(call install_link, strongswan, libstrongswan-kernel-netlink.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-kernel-netlink.so) + + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/plugins/libstrongswan-kernel-pfkey.so.0.0.0) + @$(call install_link, strongswan, libstrongswan-kernel-pfkey.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-kernel-pfkey.so.0) + @$(call install_link, strongswan, libstrongswan-kernel-pfkey.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-kernel-pfkey.so) + + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/plugins/libstrongswan-md5.so.0.0.0) + @$(call install_link, strongswan, libstrongswan-md5.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-md5.so.0) + @$(call install_link, strongswan, libstrongswan-md5.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-md5.so) + + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/plugins/libstrongswan-pubkey.so.0.0.0) + @$(call install_link, strongswan, libstrongswan-pubkey.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-pubkey.so.0) + @$(call install_link, strongswan, libstrongswan-pubkey.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-pubkey.so) + + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/plugins/libstrongswan-random.so.0.0.0) + @$(call install_link, strongswan, libstrongswan-random.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-random.so.0) + @$(call install_link, strongswan, libstrongswan-random.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-random.so) + + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/plugins/libstrongswan-sha1.so.0.0.0) + @$(call install_link, strongswan, libstrongswan-sha1.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-sha1.so.0) + @$(call install_link, strongswan, libstrongswan-sha1.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-sha1.so) + + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/plugins/libstrongswan-sha2.so.0.0.0) + @$(call install_link, strongswan, libstrongswan-sha2.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-sha2.so.0) + @$(call install_link, strongswan, libstrongswan-sha2.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-sha2.so) + + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/plugins/libstrongswan-stroke.so.0.0.0) + @$(call install_link, strongswan, libstrongswan-stroke.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-stroke.so.0) + @$(call install_link, strongswan, libstrongswan-stroke.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-stroke.so) + + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/plugins/libstrongswan-updown.so.0.0.0) + @$(call install_link, strongswan, libstrongswan-updown.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-updown.so.0) + @$(call install_link, strongswan, libstrongswan-updown.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-updown.so) + + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/plugins/libstrongswan-x509.so.0.0.0) + @$(call install_link, strongswan, libstrongswan-x509.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-x509.so.0) + @$(call install_link, strongswan, libstrongswan-x509.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-x509.so) + + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/plugins/libstrongswan-xcbc.so.0.0.0) + @$(call install_link, strongswan, libstrongswan-xcbc.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-xcbc.so.0) + @$(call install_link, strongswan, libstrongswan-xcbc.so.0.0.0, /usr/libexec/ipsec/plugins/libstrongswan-xcbc.so) + + + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/_copyright, n) + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/_pluto_adns) + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/_updown, n) + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/_updown_espmark, n) + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/charon, n) + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/openac) + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/pluto) + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/scepclient) + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/starter) + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/stroke) + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/libexec/ipsec/whack) + + @$(call install_copy, strongswan, 0, 0, 0755, "-", /usr/sbin/ipsec, n) + + + @$(call install_copy, strongswan, 0, 0, 0640, "-", /etc/strongswan.conf, n) + + @$(call install_copy, strongswan, 0, 0, 0755, /etc/ipsec.d/ ) + @$(call install_copy, strongswan, 0, 0, 0755, /etc/ipsec.d/aacerts ) + @$(call install_copy, strongswan, 0, 0, 0755, /etc/ipsec.d/acerts ) + @$(call install_copy, strongswan, 0, 0, 0755, /etc/ipsec.d/cacerts ) + @$(call install_copy, strongswan, 0, 0, 0755, /etc/ipsec.d/certs ) + @$(call install_copy, strongswan, 0, 0, 0755, /etc/ipsec.d/crls ) + @$(call install_copy, strongswan, 0, 0, 0755, /etc/ipsec.d/ocspcerts ) + @$(call install_copy, strongswan, 0, 0, 0700, /etc/ipsec.d/private ) + @$(call install_copy, strongswan, 0, 0, 0700, /etc/ipsec.d/reqs ) + + ifdef PTXCONF_STRONGSWAN_ETC_IPSEC_CONF_DEFAULT + @$(call install_copy, strongswan, 0, 0, 0644, $(PTXDIST_TOPDIR)/generic/etc/ipsec.conf, /etc/ipsec.conf, n) + @$(call install_copy, strongswan, 0, 0, 0600, $(PTXDIST_TOPDIR)/generic/etc/ipsec.secrets, /etc/ipsec.secrets, n) + endif + ifdef PTXCONF_STRONGSWAN_ETC_IPSEC_CONF_USER + @$(call install_copy, strongswan, 0, 0, 0644, $(PTXDIST_WORKSPACE)/projectroot/etc/ipsec.conf.strongswan, /etc/ipsec.conf, n) + @$(call install_copy, strongswan, 0, 0, 0600, $(PTXDIST_WORKSPACE)/projectroot/etc/ipsec.secrets.strongswan, /etc/ipsec.secrets, n) + + @for file in `ls $(PTXDIST_WORKSPACE)/projectroot/etc/ipsec.d/cacerts`; do \ + $(call install_copy, strongswan, 0, 0, 0600, $(PTXDIST_WORKSPACE)/projectroot/etc/ipsec.d/cacerts/$$file, /etc/ipsec.d/cacerts/$$file); \ + done + @for file in `ls $(PTXDIST_WORKSPACE)/projectroot/etc/ipsec.d/certs`; do \ + $(call install_copy, strongswan, 0, 0, 0600, $(PTXDIST_WORKSPACE)/projectroot/etc/ipsec.d/certs/$$file, /etc/ipsec.d/certs/$$file); \ + done + @for file in `ls $(PTXDIST_WORKSPACE)/projectroot/etc/ipsec.d/private`; do \ + $(call install_copy, strongswan, 0, 0, 0600, $(PTXDIST_WORKSPACE)/projectroot/etc/ipsec.d/private/$$file, /etc/ipsec.d/private/$$file); \ + done + endif + + ifdef PTXCONF_STRONGSWAN_PPPSCRIPTS + @$(call install_copy, strongswan, 0, 0, 0755, $(PTXDIST_WORKSPACE)/projectroot/etc/ppp/ip-up.d/50-ipsec-up, /etc/ppp/ip-up.d/50-ipsec-up, n) + @$(call install_copy, strongswan, 0, 0, 0755, $(PTXDIST_WORKSPACE)/projectroot/etc/ppp/ip-down.d/50-ipsec-down, /etc/ppp/ip-down.d/50-ipsec-down, n) + endif + + @$(call install_finish,strongswan) + + @$(call touch, $@) + +# ---------------------------------------------------------------------------- +# Clean +# ---------------------------------------------------------------------------- + +strongswan_clean: + rm -rf $(STATEDIR)/strongswan.* + rm -rf $(PKGDIR)/strongswan_* + rm -rf $(STRONGSWAN_DIR) + +# vim: syntax=make -- 1.6.5.6.gb3118 -- ptxdist mailing list [email protected]
