###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2011 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2013 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 4.6.3
+VER = 5.1.1
THISAPP = strongswan-$(VER)
DL_FILE = $(THISAPP).tar.bz2
DL_FROM = $(URL_IPFIRE)
-DIR_APP = $(DIR_SRC)/$(THISAPP)
+DIR_APP = $(DIR_SRC)/strongswan-$(VER)
TARGET = $(DIR_INFO)/$(THISAPP)
+ifeq "$(MACHINE)" "i586"
+ CONFIGURE_OPTIONS = \
+ --enable-padlock \
+ --enable-rdrand
+else
+ CONFIGURE_OPTIONS = \
+ --disable-padlock \
+ --disable-rdrand
+endif
+
###############################################################################
# Top-level Rules
###############################################################################
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 34146e514ced1738b4f2d9e7169bbb52
+$(DL_FILE)_MD5 = e3af3d493d22286be3cd794533a8966a
install : $(TARGET)
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
- @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
-
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-4.5.3_ipfire.patch
-
- # Customize the welcome banner.
- sed -i $(DIR_APP)/src/pluto/modecfg.c \
- -e 's/^#define.*DEFAULT_UNITY_BANNER.*/#define DEFAULT_UNITY_BANNER "Welcome to IPFire - An Open Source Firewall Solution.\\n"/'
-
- cd $(DIR_APP) && ./configure --prefix="/usr" --sysconfdir="/etc" \
- --enable-cisco-quirks \
- --enable-curl \
- --enable-nat-transport
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.0.2_ipfire.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.1.1-delay-dpd.patch
+
+ cd $(DIR_APP) && [ -x "configure" ] || ./autogen.sh
+ cd $(DIR_APP) && ./configure \
+ --prefix="/usr" \
+ --sysconfdir="/etc" \
+ --enable-curl \
+ --enable-openssl \
+ --enable-xauth-eap \
+ --enable-eap-radius \
+ --enable-eap-tls \
+ --enable-eap-ttls \
+ --enable-eap-peap \
+ --enable-eap-mschapv2 \
+ --enable-eap-identity \
+ --enable-unity \
+ $(CONFIGURE_OPTIONS)
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
+ # Remove all library files we don't want or need.
+ rm -vf /usr/lib/ipsec/plugins/*.{,l}a
+
-rm -rfv /etc/rc*.d/*ipsec
cd $(DIR_SRC) && cp src/initscripts/init.d/ipsec /etc/rc.d/init.d/ipsec
rm -f /etc/ipsec.conf /etc/ipsec.secrets
ln -sf $(CONFIG_ROOT)/certs /etc/ipsec.d/certs
ln -sf $(CONFIG_ROOT)/crls /etc/ipsec.d/crls
- #@rm -rf $(DIR_APP)
+ @rm -rf $(DIR_APP)
@$(POSTBUILD)