From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from mail-we0-f172.google.com ([74.125.82.172]) by metis.ext.pengutronix.de with esmtp (Exim 4.72) (envelope-from ) id 1SYzII-00089p-HR for ptxdist@pengutronix.de; Mon, 28 May 2012 14:43:41 +0200 Received: by werb13 with SMTP id b13so2404482wer.31 for ; Mon, 28 May 2012 05:43:25 -0700 (PDT) From: "Bart vdr. Meulen" Date: Mon, 28 May 2012 14:42:34 +0200 Message-Id: <1338208981-8681-8-git-send-email-bartvdrmeulen@gmail.com> Subject: [ptxdist] [PATCH] openswan: Add new package Reply-To: ptxdist@pengutronix.de List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: ptxdist-bounces@pengutronix.de Errors-To: ptxdist-bounces@pengutronix.de To: ptxdist@pengutronix.de From: Harro Haan Openswan is an IPsec implementation for Linux. Openswan supports the Openswan KLIPS IPsec stack and the Linux NETKEY IPsec stack (kernel configuration with CONFIG_NET_KEY required). For more info about choosing the Kernel IPsec stack see: www.installationwiki.org/Openswan#Choosing_the_Kernel_IPsec_Stack Signed-off-by: Harro Haan --- rules/openswan.in | 35 ++++++++++++ rules/openswan.make | 156 +++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 191 insertions(+) create mode 100755 rules/openswan.in create mode 100755 rules/openswan.make diff --git a/rules/openswan.in b/rules/openswan.in new file mode 100755 index 0000000..363d4c3 --- /dev/null +++ b/rules/openswan.in @@ -0,0 +1,35 @@ +## SECTION=networking + +config OPENSWAN + tristate + prompt "openswan" + select LIBGMP + select BUSYBOX_AWK + select IPROUTE2 + select IPTABLES + select BUSYBOX_LOGGER + select CROSS_DUMMY_STRIP + select KERNEL if OPENSWAN_KLIPS_MODULE + select OPENSSL if OPENSWAN_HAVE_OCF + help + Openswan is an IPsec implementation for Linux. Openswan supports the + Openswan KLIPS IPsec stack and the Linux NETKEY IPsec stack (kernel + configuration with CONFIG_NET_KEY required). For more info about + choosing the Kernel IPsec stack see: + www.installationwiki.org/Openswan#Choosing_the_Kernel_IPsec_Stack + +config OPENSWAN_KLIPS_MODULE + bool "KLIPS kernel module" + default n + depends on OPENSWAN + help + Compile and install Openswan KLIPS kernel module. + +config OPENSWAN_HAVE_OCF + bool "use OCF-Linux" + default n + depends on OPENSWAN + help + Use OCF-Linux to make use of asynchronous HW/SW crypto acceleration. + Patched Linux kernel required. For more info see: + http://ocf-linux.sourceforge.net/ diff --git a/rules/openswan.make b/rules/openswan.make new file mode 100755 index 0000000..99b8395 --- /dev/null +++ b/rules/openswan.make @@ -0,0 +1,156 @@ +# -*-makefile-*- +# +# Copyright (C) 2010 by Harro Haan +# +# See CREDITS for details about who has contributed to this project. +# +# For further information about the PTXdist project and license conditions +# see the README file. +# + +# +# We provide this package +# +PACKAGES-$(PTXCONF_OPENSWAN) += openswan + +# +# Paths and names +# +OPENSWAN_VERSION := 2.6.35 +OPENSWAN_MD5 := 7909a251fbbb807914545b7f42437013 +OPENSWAN := openswan-$(OPENSWAN_VERSION) +OPENSWAN_SUFFIX := tar.gz +OPENSWAN_URL := http://www.openswan.org/download/$(OPENSWAN).$(OPENSWAN_SUFFIX) +OPENSWAN_SOURCE := $(SRCDIR)/$(OPENSWAN).$(OPENSWAN_SUFFIX) +OPENSWAN_DIR := $(BUILDDIR)/$(OPENSWAN) +OPENSWAN_LICENSE := GPLv2,BSD,RSADSI + +ifdef PTXCONF_OPENSWAN_KLIPS_MODULE +$(STATEDIR)/kernel.targetinstall.post: $(STATEDIR)/openswan.targetinstall +endif + +# ---------------------------------------------------------------------------- +# Prepare +# ---------------------------------------------------------------------------- + +$(STATEDIR)/openswan.prepare: + @$(call targetinfo) +ifdef PTXCONF_OPENSWAN_HAVE_OCF + @( \ + echo "#ifndef CONFIG_KLIPS_OCF"; \ + echo "#define CONFIG_KLIPS_OCF 1"; \ + echo "#endif"; \ + ) >> $(OPENSWAN_DIR)/packaging/linus/config-all.h +endif + @$(call touch) + +# ---------------------------------------------------------------------------- +# Compile +# ---------------------------------------------------------------------------- + +ifdef PTXCONF_OPENSWAN_HAVE_OCF +OPENSWAN_OCF := HAVE_OCF=true HAVE_OPENSSL=true CONFIG_KLIPS_OCF=y +else +OPENSWAN_OCF := +endif + +OPENSWAN_MAKE_ENV = $(CROSS_ENV) \ + CFLAGS="$(CROSS_CPPFLAGS)" + +# settings are based on openswan-2.6.35/CROSSCOMPILE.sh +OPENSWAN_CROSS := \ + KERNELSRC=$(KERNEL_DIR) \ + DESTDIR=$(OPENSWAN_PKGDIR) \ + INC_USRLOCAL=/usr \ + INC_RCDEFAULT=/etc/init.d \ + ARCH=$(PTXCONF_KERNEL_ARCH_STRING) \ + USERCOMPILE=\"-O2 -g -DGCC_LINT -Dlinux -D__linux__\" \ + WERROR=' ' \ + $(OPENSWAN_OCF) + +$(STATEDIR)/openswan.compile: + @$(call targetinfo) + $(call compile, OPENSWAN, programs $(OPENSWAN_CROSS)) + +ifdef PTXCONF_OPENSWAN_KLIPS_MODULE + @$(call compile, OPENSWAN, module $(OPENSWAN_CROSS)) + + $(KERNEL_PATH) $(KERNEL_ENV) $(MAKE) $(KERNEL_MAKEVARS) \ + -C $(KERNEL_DIR) \ + M=$(OPENSWAN_DIR)/modobj26 \ + OPENSWANSRCDIR=$(OPENSWAN_DIR) $(OPENSWAN_OCF) \ + modules +endif + @$(call touch) + +# ---------------------------------------------------------------------------- +# Install +# ---------------------------------------------------------------------------- + +$(STATEDIR)/openswan.install: + @$(call targetinfo) + @$(call compile, OPENSWAN, install $(OPENSWAN_CROSS)) + + @# remove *.old files, but do not strip here by using dummy-strip.sh + @$(call compile, OPENSWAN, ipkg_strip $(OPENSWAN_CROSS) \ + STRIP=$(PTXCONF_SYSROOT_CROSS)/bin/strip) + + @$(call touch) + +# ---------------------------------------------------------------------------- +# Target-Install +# ---------------------------------------------------------------------------- + +$(STATEDIR)/openswan.targetinstall: + @$(call targetinfo) +ifdef PTXCONF_OPENSWAN_KLIPS_MODULE + $(KERNEL_PATH) $(KERNEL_ENV) $(MAKE) $(KERNEL_MAKEVARS) \ + -C $(KERNEL_DIR) \ + M=$(OPENSWAN_DIR)/modobj26 \ + modules_install +endif + + @$(call install_init, openswan) + @$(call install_fixup, openswan,PRIORITY,optional) + @$(call install_fixup, openswan,SECTION,base) + @$(call install_fixup, openswan,AUTHOR,"Harro Haan ") + @$(call install_fixup, openswan,DESCRIPTION,missing) + + # install the startup script + $(call install_alternative, openswan, 0, 0, 0755, \ + /etc/init.d/ipsec) + + # install the default policies + $(call install_copy, openswan, 0, 0, 0775, /etc/ipsec.d/policies) + $(call install_alternative, openswan, 0, 0, 0755, \ + /etc/ipsec.d/policies/block) + $(call install_alternative, openswan, 0, 0, 0755, \ + /etc/ipsec.d/policies/clear) + $(call install_alternative, openswan, 0, 0, 0755, \ + /etc/ipsec.d/policies/clear-or-private) + $(call install_alternative, openswan, 0, 0, 0755, \ + /etc/ipsec.d/policies/private) + $(call install_alternative, openswan, 0, 0, 0755, \ + /etc/ipsec.d/policies/private-or-clear) + + # install the default configuration + $(call install_alternative, openswan, 0, 0, 0644, \ + /etc/ipsec.conf) + + # install the runtime libraries + $(call install_tree, openswan, 0, 0, \ + $(OPENSWAN_PKGDIR)/usr/lib/ipsec/, \ + /usr/lib/ipsec/) + $(call install_tree, openswan, 0, 0, \ + $(OPENSWAN_PKGDIR)/usr/libexec/ipsec, \ + /usr/libexec/ipsec) + + # install the actual tool + $(call install_copy, openswan, 0, 0, 0755, -, \ + /usr/sbin/ipsec) + + @$(call install_finish, openswan) + + @$(call touch) + +# vim: syntax=make -- 1.7.9.5 -- ptxdist mailing list ptxdist@pengutronix.de