From: "Bart vdr. Meulen" <bartvdrmeulen@gmail.com>
To: ptxdist@pengutronix.de
Subject: [ptxdist] [PATCH] openswan: Add new package
Date: Mon, 28 May 2012 14:42:34 +0200 [thread overview]
Message-ID: <1338208981-8681-8-git-send-email-bartvdrmeulen@gmail.com> (raw)
From: Harro Haan <hrhaan@gmail.com>
Openswan is an IPsec implementation for Linux.
Openswan supports the Openswan KLIPS IPsec stack and the Linux NETKEY
IPsec stack (kernel configuration with CONFIG_NET_KEY required).
For more info about choosing the Kernel IPsec stack see:
www.installationwiki.org/Openswan#Choosing_the_Kernel_IPsec_Stack
Signed-off-by: Harro Haan <hrhaan@gmail.com>
---
rules/openswan.in | 35 ++++++++++++
rules/openswan.make | 156 +++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 191 insertions(+)
create mode 100755 rules/openswan.in
create mode 100755 rules/openswan.make
diff --git a/rules/openswan.in b/rules/openswan.in
new file mode 100755
index 0000000..363d4c3
--- /dev/null
+++ b/rules/openswan.in
@@ -0,0 +1,35 @@
+## SECTION=networking
+
+config OPENSWAN
+ tristate
+ prompt "openswan"
+ select LIBGMP
+ select BUSYBOX_AWK
+ select IPROUTE2
+ select IPTABLES
+ select BUSYBOX_LOGGER
+ select CROSS_DUMMY_STRIP
+ select KERNEL if OPENSWAN_KLIPS_MODULE
+ select OPENSSL if OPENSWAN_HAVE_OCF
+ help
+ Openswan is an IPsec implementation for Linux. Openswan supports the
+ Openswan KLIPS IPsec stack and the Linux NETKEY IPsec stack (kernel
+ configuration with CONFIG_NET_KEY required). For more info about
+ choosing the Kernel IPsec stack see:
+ www.installationwiki.org/Openswan#Choosing_the_Kernel_IPsec_Stack
+
+config OPENSWAN_KLIPS_MODULE
+ bool "KLIPS kernel module"
+ default n
+ depends on OPENSWAN
+ help
+ Compile and install Openswan KLIPS kernel module.
+
+config OPENSWAN_HAVE_OCF
+ bool "use OCF-Linux"
+ default n
+ depends on OPENSWAN
+ help
+ Use OCF-Linux to make use of asynchronous HW/SW crypto acceleration.
+ Patched Linux kernel required. For more info see:
+ http://ocf-linux.sourceforge.net/
diff --git a/rules/openswan.make b/rules/openswan.make
new file mode 100755
index 0000000..99b8395
--- /dev/null
+++ b/rules/openswan.make
@@ -0,0 +1,156 @@
+# -*-makefile-*-
+#
+# Copyright (C) 2010 by Harro Haan <hrhaan@gmail.com>
+#
+# See CREDITS for details about who has contributed to this project.
+#
+# For further information about the PTXdist project and license conditions
+# see the README file.
+#
+
+#
+# We provide this package
+#
+PACKAGES-$(PTXCONF_OPENSWAN) += openswan
+
+#
+# Paths and names
+#
+OPENSWAN_VERSION := 2.6.35
+OPENSWAN_MD5 := 7909a251fbbb807914545b7f42437013
+OPENSWAN := openswan-$(OPENSWAN_VERSION)
+OPENSWAN_SUFFIX := tar.gz
+OPENSWAN_URL := http://www.openswan.org/download/$(OPENSWAN).$(OPENSWAN_SUFFIX)
+OPENSWAN_SOURCE := $(SRCDIR)/$(OPENSWAN).$(OPENSWAN_SUFFIX)
+OPENSWAN_DIR := $(BUILDDIR)/$(OPENSWAN)
+OPENSWAN_LICENSE := GPLv2,BSD,RSADSI
+
+ifdef PTXCONF_OPENSWAN_KLIPS_MODULE
+$(STATEDIR)/kernel.targetinstall.post: $(STATEDIR)/openswan.targetinstall
+endif
+
+# ----------------------------------------------------------------------------
+# Prepare
+# ----------------------------------------------------------------------------
+
+$(STATEDIR)/openswan.prepare:
+ @$(call targetinfo)
+ifdef PTXCONF_OPENSWAN_HAVE_OCF
+ @( \
+ echo "#ifndef CONFIG_KLIPS_OCF"; \
+ echo "#define CONFIG_KLIPS_OCF 1"; \
+ echo "#endif"; \
+ ) >> $(OPENSWAN_DIR)/packaging/linus/config-all.h
+endif
+ @$(call touch)
+
+# ----------------------------------------------------------------------------
+# Compile
+# ----------------------------------------------------------------------------
+
+ifdef PTXCONF_OPENSWAN_HAVE_OCF
+OPENSWAN_OCF := HAVE_OCF=true HAVE_OPENSSL=true CONFIG_KLIPS_OCF=y
+else
+OPENSWAN_OCF :=
+endif
+
+OPENSWAN_MAKE_ENV = $(CROSS_ENV) \
+ CFLAGS="$(CROSS_CPPFLAGS)"
+
+# settings are based on openswan-2.6.35/CROSSCOMPILE.sh
+OPENSWAN_CROSS := \
+ KERNELSRC=$(KERNEL_DIR) \
+ DESTDIR=$(OPENSWAN_PKGDIR) \
+ INC_USRLOCAL=/usr \
+ INC_RCDEFAULT=/etc/init.d \
+ ARCH=$(PTXCONF_KERNEL_ARCH_STRING) \
+ USERCOMPILE=\"-O2 -g -DGCC_LINT -Dlinux -D__linux__\" \
+ WERROR=' ' \
+ $(OPENSWAN_OCF)
+
+$(STATEDIR)/openswan.compile:
+ @$(call targetinfo)
+ $(call compile, OPENSWAN, programs $(OPENSWAN_CROSS))
+
+ifdef PTXCONF_OPENSWAN_KLIPS_MODULE
+ @$(call compile, OPENSWAN, module $(OPENSWAN_CROSS))
+
+ $(KERNEL_PATH) $(KERNEL_ENV) $(MAKE) $(KERNEL_MAKEVARS) \
+ -C $(KERNEL_DIR) \
+ M=$(OPENSWAN_DIR)/modobj26 \
+ OPENSWANSRCDIR=$(OPENSWAN_DIR) $(OPENSWAN_OCF) \
+ modules
+endif
+ @$(call touch)
+
+# ----------------------------------------------------------------------------
+# Install
+# ----------------------------------------------------------------------------
+
+$(STATEDIR)/openswan.install:
+ @$(call targetinfo)
+ @$(call compile, OPENSWAN, install $(OPENSWAN_CROSS))
+
+ @# remove *.old files, but do not strip here by using dummy-strip.sh
+ @$(call compile, OPENSWAN, ipkg_strip $(OPENSWAN_CROSS) \
+ STRIP=$(PTXCONF_SYSROOT_CROSS)/bin/strip)
+
+ @$(call touch)
+
+# ----------------------------------------------------------------------------
+# Target-Install
+# ----------------------------------------------------------------------------
+
+$(STATEDIR)/openswan.targetinstall:
+ @$(call targetinfo)
+ifdef PTXCONF_OPENSWAN_KLIPS_MODULE
+ $(KERNEL_PATH) $(KERNEL_ENV) $(MAKE) $(KERNEL_MAKEVARS) \
+ -C $(KERNEL_DIR) \
+ M=$(OPENSWAN_DIR)/modobj26 \
+ modules_install
+endif
+
+ @$(call install_init, openswan)
+ @$(call install_fixup, openswan,PRIORITY,optional)
+ @$(call install_fixup, openswan,SECTION,base)
+ @$(call install_fixup, openswan,AUTHOR,"Harro Haan <hrhaan@gmail.com>")
+ @$(call install_fixup, openswan,DESCRIPTION,missing)
+
+ # install the startup script
+ $(call install_alternative, openswan, 0, 0, 0755, \
+ /etc/init.d/ipsec)
+
+ # install the default policies
+ $(call install_copy, openswan, 0, 0, 0775, /etc/ipsec.d/policies)
+ $(call install_alternative, openswan, 0, 0, 0755, \
+ /etc/ipsec.d/policies/block)
+ $(call install_alternative, openswan, 0, 0, 0755, \
+ /etc/ipsec.d/policies/clear)
+ $(call install_alternative, openswan, 0, 0, 0755, \
+ /etc/ipsec.d/policies/clear-or-private)
+ $(call install_alternative, openswan, 0, 0, 0755, \
+ /etc/ipsec.d/policies/private)
+ $(call install_alternative, openswan, 0, 0, 0755, \
+ /etc/ipsec.d/policies/private-or-clear)
+
+ # install the default configuration
+ $(call install_alternative, openswan, 0, 0, 0644, \
+ /etc/ipsec.conf)
+
+ # install the runtime libraries
+ $(call install_tree, openswan, 0, 0, \
+ $(OPENSWAN_PKGDIR)/usr/lib/ipsec/, \
+ /usr/lib/ipsec/)
+ $(call install_tree, openswan, 0, 0, \
+ $(OPENSWAN_PKGDIR)/usr/libexec/ipsec, \
+ /usr/libexec/ipsec)
+
+ # install the actual tool
+ $(call install_copy, openswan, 0, 0, 0755, -, \
+ /usr/sbin/ipsec)
+
+ @$(call install_finish, openswan)
+
+ @$(call touch)
+
+# vim: syntax=make
--
1.7.9.5
--
ptxdist mailing list
ptxdist@pengutronix.de
next reply other threads:[~2012-05-28 12:43 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-05-28 12:42 Bart vdr. Meulen [this message]
2012-05-30 16:04 ` Michael Olbrich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1338208981-8681-8-git-send-email-bartvdrmeulen@gmail.com \
--to=bartvdrmeulen@gmail.com \
--cc=ptxdist@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox