LOCAL_PATH := $(call my-dir)
include $(CLEAR_VARS)
+# the executables that should be installed on the final system have to be added
+# to PRODUCT_PACKAGES in
+# build/target/product/core.mk
+# possible executables are
+# starter - allows to control and configure the daemon from the command line
+# charon - the IKE daemon
+# scepclient - SCEP client
+
+# if you enable starter or scepclient (see above) uncomment the proper
+# lines here
+# strongswan_BUILD_STARTER := true
+# strongswan_BUILD_SCEPCLIENT := true
+
# this is the list of plugins that are built into libstrongswan and charon
# also these plugins are loaded by default (if not changed in strongswan.conf)
-strongswan_PLUGINS := aes des sha1 sha2 md5 fips-prf random x509 pubkey pkcs1 \
- pem xcbc hmac gmp kernel-netlink socket-default attr android
+strongswan_CHARON_PLUGINS := android-log openssl fips-prf random nonce pubkey \
+ pkcs1 pkcs8 pem xcbc hmac kernel-netlink socket-default android-dns \
+ stroke eap-identity eap-mschapv2 eap-md5 eap-gtc
+
+ifneq ($(strongswan_BUILD_SCEPCLIENT),)
+# plugins loaded by scepclient
+strongswan_SCEPCLIENT_PLUGINS := openssl curl fips-prf random pkcs1 pkcs7 pem
+endif
+
+strongswan_STARTER_PLUGINS := kernel-netlink
+
+# list of all plugins - used to enable them with the function below
+strongswan_PLUGINS := $(sort $(strongswan_CHARON_PLUGINS) \
+ $(strongswan_STARTER_PLUGINS) \
+ $(strongswan_SCEPCLIENT_PLUGINS))
-# helper macros to only add source files for plugins included in the list above
-plugin_enabled = $(findstring $(1), $(strongswan_PLUGINS))
-add_plugin = $(if $(call plugin_enabled,$(1)), \
- $(addprefix plugins/$(subst -,_,$(strip $(1))/),$(2)))
+include $(LOCAL_PATH)/Android.common.mk
# includes
-libvstr_PATH = external/strongswan-support/vstr/include
-libgmp_PATH = external/strongswan-support/gmp
+strongswan_PATH := $(LOCAL_PATH)
+libcurl_PATH := external/strongswan-support/libcurl/include
+libgmp_PATH := external/strongswan-support/gmp
+openssl_PATH := external/openssl/include
+
+# some definitions
+strongswan_DIR := "/system/bin"
+strongswan_SBINDIR := "/system/bin"
+strongswan_PIDDIR := "/data/misc/vpn"
+strongswan_PLUGINDIR := "$(strongswan_IPSEC_DIR)/ipsec"
+strongswan_CONFDIR := "/system/etc"
+strongswan_STRONGSWAN_CONF := "$(strongswan_CONFDIR)/strongswan.conf"
# CFLAGS (partially from a configure run using droid-gcc)
strongswan_CFLAGS := \
-DHAVE_ALLOCA_H \
-DHAVE_ALLOCA \
-DHAVE_CLOCK_GETTIME \
- -DHAVE_PTHREAD_COND_TIMEDWAIT_MONOTONIC \
+ -DHAVE_DLADDR \
-DHAVE_PRCTL \
-DHAVE_LINUX_UDP_H \
-DHAVE_STRUCT_SADB_X_POLICY_SADB_X_POLICY_PRIORITY \
-DHAVE_IPSEC_MODE_BEET \
-DHAVE_IPSEC_DIR_FWD \
+ -DOPENSSL_NO_ENGINE \
+ -DCONFIG_H_INCLUDED \
+ -DCAPABILITIES \
+ -DCAPABILITIES_NATIVE \
-DMONOLITHIC \
- -DUSE_VSTR \
+ -DUSE_IKEV1 \
+ -DUSE_IKEV2 \
+ -DUSE_BUILTIN_PRINTF \
+ -DDEBUG \
-DROUTING_TABLE=0 \
-DROUTING_TABLE_PRIO=220 \
- -DVERSION=\"4.4.0\" \
- -DPLUGINS='"$(strongswan_PLUGINS)"' \
- -DIPSEC_DIR=\"/system/bin\" \
- -DIPSEC_PIDDIR=\"/data/misc/vpn\" \
- -DSTRONGSWAN_CONF=\"/system/etc/strongswan.conf\" \
+ -DVERSION=\"$(strongswan_VERSION)\" \
+ -DPLUGINDIR=\"$(strongswan_PLUGINDIR)\" \
+ -DIPSEC_DIR=\"$(strongswan_DIR)\" \
+ -DIPSEC_PIDDIR=\"$(strongswan_PIDDIR)\" \
+ -DIPSEC_CONFDIR=\"$(strongswan_CONFDIR)\" \
+ -DSTRONGSWAN_CONF=\"$(strongswan_STRONGSWAN_CONF)\" \
-DDEV_RANDOM=\"/dev/random\" \
-DDEV_URANDOM=\"/dev/urandom\"
strongswan_CFLAGS += \
-DHAVE_IN6ADDR_ANY
+strongswan_BUILD := \
+ charon \
+ libcharon \
+ libstrongswan \
+ libtncif \
+ libtnccs \
+ libimcv \
+ libtpmtss
+
+ifneq ($(strongswan_BUILD_STARTER),)
+strongswan_BUILD += \
+ starter \
+ stroke \
+ ipsec
+endif
+
+ifneq ($(strongswan_BUILD_SCEPCLIENT),)
+strongswan_BUILD += \
+ scepclient
+endif
+
include $(addprefix $(LOCAL_PATH)/src/,$(addsuffix /Android.mk, \
- charon \
- libstrongswan \
- ))
+ $(sort $(strongswan_BUILD))))