[ptxdist] [PATCH] ipsec-tools: add new package

["Bart vdr. Meulen" <bartvdrmeulen@gmail.com>]

From: "Bart vdr. Meulen" <bartvdrmeulen@gmail.com>

Add ipsec-tools package, it contains a port of the
KAME's libipsec, setkey, and racoon tools for Linux.

Signed-off-by: Bart vdr. Meulen <bartvdrmeulen@gmail.com>
---
 rules/ipsec-tools.in   |  113 ++++++++++++++++++++++++++++++++++++++
 rules/ipsec-tools.make |  140 ++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 253 insertions(+)
 create mode 100644 rules/ipsec-tools.in
 create mode 100644 rules/ipsec-tools.make

diff --git a/rules/ipsec-tools.in b/rules/ipsec-tools.in
new file mode 100644
index 0000000..31ebf5a
--- /dev/null
+++ b/rules/ipsec-tools.in
@@ -0,0 +1,113 @@
+## SECTION=networking
+
+menuconfig IPSEC_TOOLS
+	tristate
+	prompt "ipsec-tools"
+	select KERNEL_HEADER
+	select OPENSSL
+	select FLEX
+	select HOST_FLEX
+	select READLINE if IPSEC_TOOLS_READLINE
+	help
+	  User-space IPsec tools for various IPsec implementations.
+	  A port of KAME's libipsec, setkey, and racoon to the Linux OS.
+
+if IPSEC_TOOLS
+
+config IPSEC_TOOLS_SETKEY
+	bool
+	default y
+	prompt "Install setkey"
+	help
+	  Install setkey, for manually manipulating the IPsec SA/SP database
+
+config IPSEC_TOOLS_SETKEY_CONF
+	bool
+	depends on IPSEC_TOOLS_SETKEY
+	prompt "Install setkey.conf"
+
+config IPSEC_TOOLS_RACOON
+	bool
+	default y
+	prompt "Install racoon"
+	help
+	  Install racoon, the IKE (ISAKMP/Oakley) key management daemon
+
+config IPSEC_TOOLS_RACOON_CONF
+	bool
+	depends on IPSEC_TOOLS_RACOON
+	prompt "Install racoon.conf"
+
+config IPSEC_TOOLS_RACOON_PSK_FILE
+	string
+	default "/etc/racoon.psk"
+	depends on IPSEC_TOOLS_RACOON_CONF
+	prompt "Install this racoon PSK file"
+
+config IPSEC_TOOLS_PLAINRSA_GEN
+	bool
+	depends on IPSEC_TOOLS_RACOON
+	prompt "Install plainrsa-gen"
+	help
+	  Install plainrsa-gen, a generator for Plain RSA keys
+
+config IPSEC_TOOLS_ADMINPORT
+	bool
+	depends on IPSEC_TOOLS_RACOON
+	default y
+	prompt "Enable racoonctl support"
+	help
+	  This lets racoon to listen to racoon admin port, and will install
+	  racoonctl which will use the port to control racoon
+
+config IPSEC_TOOLS_NATT
+	bool
+	prompt "Enable NAT-Traversal"
+	help
+	  This needs kernel support, which is available on Linux.
+	  If you live in a country where software patents are legal, using
+	  NAT-Traversal might infringe a patent.
+
+config IPSEC_TOOLS_FRAG
+	bool
+	prompt "Enable IKE fragmentation."
+	help
+	  Enable IKE fragmentation, which is a workaround for
+	  broken routers that drop fragmented packets
+
+config IPSEC_TOOLS_STATS
+	bool
+	default y
+	prompt "Enable statistics logging function."
+
+config IPSEC_TOOLS_IPV6_SUPPORT
+	bool
+	default y
+	prompt "Enable IPv6 Support"
+
+config IPSEC_TOOLS_READLINE
+	bool
+	default y
+	prompt "Enable readline input support"
+
+choice
+	prompt "Security context"
+	default IPSEC_SECCTX_DISABLE
+	help
+	  Selects whether or not to enable security context support.
+
+config IPSEC_SECCTX_DISABLE
+	bool
+	prompt "Disable security context support"
+
+config IPSEC_SECCTX_ENABLE
+	bool
+	prompt "Enable SELinux security context support"
+
+config IPSEC_SECCTX_KERNEL
+	bool
+	prompt "Enable kernel security context"
+
+endchoice
+
+endif
diff --git a/rules/ipsec-tools.make b/rules/ipsec-tools.make
new file mode 100644
index 0000000..00d9e4f
--- /dev/null
+++ b/rules/ipsec-tools.make
@@ -0,0 +1,140 @@
+# -*-makefile-*-
+#
+# Copyright (C) 2011 by Bart vdr. Meulen <bartvdrmeulen@gmail.com>
+#
+# See CREDITS for details about who has contributed to this project.
+#
+# For further information about the PTXdist project and license conditions
+# see the README file.
+#
+
+#
+# We provide this package
+#
+PACKAGES-$(PTXCONF_IPSEC_TOOLS) += ipsec-tools
+
+#
+# Paths and names
+#
+IPSEC_TOOLS_VERSION	:= 0.8.0
+IPSEC_TOOLS_MD5		:= b79aae3055a51f8de5c0f1b8ca6cf619
+IPSEC_TOOLS		:= ipsec-tools-$(IPSEC_TOOLS_VERSION)
+IPSEC_TOOLS_SUFFIX	:= tar.bz2
+IPSEC_TOOLS_URL		:= $(PTXCONF_SETUP_SFMIRROR)/ipsec-tools/$(IPSEC_TOOLS_VERSION)/$(IPSEC_TOOLS).$(IPSEC_TOOLS_SUFFIX)
+IPSEC_TOOLS_SOURCE	:= $(SRCDIR)/$(IPSEC_TOOLS).$(IPSEC_TOOLS_SUFFIX)
+IPSEC_TOOLS_DIR		:= $(BUILDDIR)/$(IPSEC_TOOLS)
+IPSEC_TOOLS_LICENSE	:= BSD
+
+# ----------------------------------------------------------------------------
+# Prepare
+# ----------------------------------------------------------------------------
+
+#
+# autoconf
+#
+IPSEC_TOOLS_CONF_TOOL	:= autoconf
+IPSEC_TOOLS_CONF_OPT	:= \
+	$(CROSS_AUTOCONF_USR) \
+	  --disable-hybrid \
+	  --without-libpam \
+	  --disable-gssapi \
+	  --with-kernel-headers=$(KERNEL_HEADERS_INCLUDE_DIR)
+
+ifdef PTXCONF_IPSEC_TOOLS_ADMINPORT
+IPSEC_TOOLS_CONF_OPT	+= --enable-adminport
+else
+IPSEC_TOOLS_CONF_OPT	+= --disable-adminport
+endif
+
+ifdef PTXCONF_IPSEC_TOOLS_NATT
+IPSEC_TOOLS_CONF_OPT	+= --enable-natt
+else
+IPSEC_TOOLS_CONF_OPT	+= --disable-natt
+endif
+
+ifdef PTXCONF_IPSEC_TOOLS_FRAG
+IPSEC_TOOLS_CONF_OPT	+= --enable-frag
+else
+IPSEC_TOOLS_CONF_OPT	+= --disable-frag
+endif
+
+ifdef PTXCONF_IPSEC_TOOLS_STATS
+IPSEC_TOOLS_CONF_OPT	+= --enable-stats
+else
+IPSEC_TOOLS_CONF_OPT	+= --disable-stats
+endif
+
+ifdef PTXCONF_IPSEC_IPV6_SUPPORT
+IPSEC_TOOLS_CONF_OPT+= --enable-ipv6
+else
+IPSEC_TOOLS_CONF_OPT+= --disable-ipv6
+endif
+
+ifndef PTXCONF_IPSEC_TOOLS_READLINE
+IPSEC_TOOLS_CONF_OPT+= --without-readline
+endif
+
+ifdef PTXCONF_IPSEC_SECCTX_DISABLE
+IPSEC_TOOLS_CONF_OPT	+= --enable-security-context=no
+endif
+ifdef PTXCONF_IPSEC_SECCTX_ENABLE
+IPSEC_TOOLS_CONF_OPT+= --enable-security-context=yes
+endif
+ifdef PTXCONF_IPSEC_SECCTX_KERNEL
+IPSEC_TOOLS_CONF_OPT+= --enable-security-context=kernel
+endif
+
+# ----------------------------------------------------------------------------
+# Target-Install
+# ----------------------------------------------------------------------------
+
+$(STATEDIR)/ipsec-tools.targetinstall:
+	@$(call targetinfo)
+
+	@$(call install_init, ipsec-tools)
+	@$(call install_fixup, ipsec-tools,PRIORITY,optional)
+	@$(call install_fixup, ipsec-tools,SECTION,base)
+	@$(call install_fixup, ipsec-tools,AUTHOR,"Bart vdr. Meulen <bartvdrmeulen@gmail.com>")
+	@$(call install_fixup, ipsec-tools,DESCRIPTION,missing)
+
+ifdef PTXCONF_IPSEC_TOOLS_SETKEY
+	@$(call install_copy, ipsec-tools, 0, 0, 0755, -, /usr/sbin/setkey)
+ifdef PTXCONF_IPSEC_TOOLS_SETKEY_CONF
+	@$(call install_alternative, ipsec-tools, 0, 0, 0600, /etc/setkey.conf)
+endif
+endif
+
+ifdef PTXCONF_IPSEC_TOOLS_RACOON
+	@$(call install_copy, ipsec-tools, 0, 0, 0755, /var/racoon)
+	@$(call install_copy, ipsec-tools, 0, 0, 0755, -, /usr/sbin/racoon)
+
+ifdef PTXCONF_IPSEC_TOOLS_RACOON_CONF
+	@$(call install_alternative, ipsec-tools, 0, 0, 0600, /etc/racoon.conf)
+endif
+
+ifneq ($(PTXCONF_IPSEC_TOOLS_RACOON_PSK_FILE), "")
+	@$(call install_alternative, ipsec-tools, 0, 0, 0400, $(PTXCONF_IPSEC_TOOLS_RACOON_PSK_FILE))
+endif
+
+ifdef PTXCONF_IPSEC_TOOLS_ADMINPORT
+	@$(call install_copy, ipsec-tools, 0, 0, 0755, -, /usr/sbin/racoonctl)
+endif
+
+ifdef IPSEC_TOOLS_PLAINRSA_GEN
+	@$(call install_copy, ipsec-tools, 0, 0, 0755, -, /usr/sbin/plainrsa-gen)
+endif
+
+endif
+	@$(call install_finish, ipsec-tools)
+
+	@$(call touch)
+
+# ----------------------------------------------------------------------------
+# Clean
+# ----------------------------------------------------------------------------
+
+#$(STATEDIR)/ipsec-tools.clean:
+#	@$(call targetinfo)
+#	@$(call clean_pkg, IPSEC_TOOLS)
+
+# vim: syntax=make
-- 
1.7.9.5


-- 
ptxdist mailing list
ptxdist@pengutronix.de