[ipfire-2.x.git] / lfs / strongswan

###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2007-2013  IPFire Team  <info@ipfire.org>                     #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

###############################################################################
# Definitions
###############################################################################

include Config

VER        = 5.3.1

THISAPP    = strongswan-$(VER)
DL_FILE    = $(THISAPP).tar.bz2
DL_FROM    = $(URL_IPFIRE)
DIR_APP    = $(DIR_SRC)/strongswan-$(VER)
TARGET     = $(DIR_INFO)/$(THISAPP)

ifeq "$(MACHINE)" "i586"
	CONFIGURE_OPTIONS = \
		--enable-padlock
else
	CONFIGURE_OPTIONS = \
		--disable-padlock
endif

###############################################################################
# Top-level Rules
###############################################################################

objects = $(DL_FILE)

$(DL_FILE) = $(DL_FROM)/$(DL_FILE)

$(DL_FILE)_MD5 = 66f258901a3d6c271da1a0c7fb3e5013

install : $(TARGET)

check : $(patsubst %,$(DIR_CHK)/%,$(objects))

download :$(patsubst %,$(DIR_DL)/%,$(objects))

md5 : $(subst %,%_MD5,$(objects))

###############################################################################
# Downloading, checking, md5sum
###############################################################################

$(patsubst %,$(DIR_CHK)/%,$(objects)) :
	@$(CHECK)

$(patsubst %,$(DIR_DL)/%,$(objects)) :
	@$(LOAD)

$(subst %,%_MD5,$(objects)) :
	@$(MD5)

###############################################################################
# Installation Details
###############################################################################

$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
	@$(PREBUILD)
	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.3.1-build-timeattack.patch
	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-ipfire.patch

	cd $(DIR_APP) && autoreconf -vfi
	cd $(DIR_APP) && ./configure \
		--prefix="/usr" \
		--sysconfdir="/etc" \
		--enable-curl \
		--enable-dhcp \
		--enable-farp \
		--enable-openssl \
		--enable-gcrypt \
		--enable-ccm \
		--enable-ctr \
		--enable-gcm \
		--enable-xauth-eap \
		--enable-xauth-noauth \
		--enable-eap-radius \
		--enable-eap-tls \
		--enable-eap-ttls \
		--enable-eap-peap \
		--enable-eap-mschapv2 \
		--enable-eap-identity \
		$(CONFIGURE_OPTIONS)

	cd $(DIR_APP) && make $(MAKETUNING)
	cd $(DIR_APP) && make install

	# Remove all library files we don't want or need.
	rm -vf /usr/lib/ipsec/plugins/*.{,l}a

	-rm -rfv /etc/rc*.d/*ipsec
	cd $(DIR_SRC) && cp src/initscripts/init.d/ipsec /etc/rc.d/init.d/ipsec
	rm -f /etc/ipsec.conf /etc/ipsec.secrets
	ln -sf $(CONFIG_ROOT)/vpn/ipsec.conf /etc/ipsec.conf
	ln -sf $(CONFIG_ROOT)/vpn/ipsec.secrets /etc/ipsec.secrets

	rm -rf /etc/ipsec.d/{cacerts,certs,crls}
	ln -sf $(CONFIG_ROOT)/ca    /etc/ipsec.d/cacerts
	ln -sf $(CONFIG_ROOT)/certs /etc/ipsec.d/certs
	ln -sf $(CONFIG_ROOT)/crls  /etc/ipsec.d/crls

	install -v -m 644 $(DIR_SRC)/config/strongswan/charon.conf \
		/etc/strongswan.d/charon.conf

	@rm -rf $(DIR_APP)
	@$(POSTBUILD)
Commit	Line	Data
	1	###############################################################################
	2	# #
	3	# IPFire.org - A linux based firewall #
	4	# Copyright (C) 2007-2013 IPFire Team <info@ipfire.org> #
	5	# #
	6	# This program is free software: you can redistribute it and/or modify #
	7	# it under the terms of the GNU General Public License as published by #
	8	# the Free Software Foundation, either version 3 of the License, or #
	9	# (at your option) any later version. #
	10	# #
	11	# This program is distributed in the hope that it will be useful, #
	12	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	13	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	14	# GNU General Public License for more details. #
	15	# #
	16	# You should have received a copy of the GNU General Public License #
	17	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	18	# #
	19	###############################################################################
	20
	21	###############################################################################
	22	# Definitions
	23	###############################################################################
	24
	25	include Config
	26
	27	VER = 5.3.1
	28
	29	THISAPP = strongswan-$(VER)
	30	DL_FILE = $(THISAPP).tar.bz2
	31	DL_FROM = $(URL_IPFIRE)
	32	DIR_APP = $(DIR_SRC)/strongswan-$(VER)
	33	TARGET = $(DIR_INFO)/$(THISAPP)
	34
	35	ifeq "$(MACHINE)" "i586"
	36	CONFIGURE_OPTIONS = \
	37	--enable-padlock
	38	else
	39	CONFIGURE_OPTIONS = \
	40	--disable-padlock
	41	endif
	42
	43	###############################################################################
	44	# Top-level Rules
	45	###############################################################################
	46
	47	objects = $(DL_FILE)
	48
	49	$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
	50
	51	$(DL_FILE)_MD5 = 66f258901a3d6c271da1a0c7fb3e5013
	52
	53	install : $(TARGET)
	54
	55	check : $(patsubst %,$(DIR_CHK)/%,$(objects))
	56
	57	download :$(patsubst %,$(DIR_DL)/%,$(objects))
	58
	59	md5 : $(subst %,%_MD5,$(objects))
	60
	61	###############################################################################
	62	# Downloading, checking, md5sum
	63	###############################################################################
	64
	65	$(patsubst %,$(DIR_CHK)/%,$(objects)) :
	66	@$(CHECK)
	67
	68	$(patsubst %,$(DIR_DL)/%,$(objects)) :
	69	@$(LOAD)
	70
	71	$(subst %,%_MD5,$(objects)) :
	72	@$(MD5)
	73
	74	###############################################################################
	75	# Installation Details
	76	###############################################################################
	77
	78	$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
	79	@$(PREBUILD)
	80	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
	81	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.3.1-build-timeattack.patch
	82	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-ipfire.patch
	83
	84	cd $(DIR_APP) && autoreconf -vfi
	85	cd $(DIR_APP) && ./configure \
	86	--prefix="/usr" \
	87	--sysconfdir="/etc" \
	88	--enable-curl \
	89	--enable-dhcp \
	90	--enable-farp \
	91	--enable-openssl \
	92	--enable-gcrypt \
	93	--enable-ccm \
	94	--enable-ctr \
	95	--enable-gcm \
	96	--enable-xauth-eap \
	97	--enable-xauth-noauth \
	98	--enable-eap-radius \
	99	--enable-eap-tls \
	100	--enable-eap-ttls \
	101	--enable-eap-peap \
	102	--enable-eap-mschapv2 \
	103	--enable-eap-identity \
	104	$(CONFIGURE_OPTIONS)
	105
	106	cd $(DIR_APP) && make $(MAKETUNING)
	107	cd $(DIR_APP) && make install
	108
	109	# Remove all library files we don't want or need.
	110	rm -vf /usr/lib/ipsec/plugins/*.{,l}a
	111
	112	-rm -rfv /etc/rc.d/ipsec
	113	cd $(DIR_SRC) && cp src/initscripts/init.d/ipsec /etc/rc.d/init.d/ipsec
	114	rm -f /etc/ipsec.conf /etc/ipsec.secrets
	115	ln -sf $(CONFIG_ROOT)/vpn/ipsec.conf /etc/ipsec.conf
	116	ln -sf $(CONFIG_ROOT)/vpn/ipsec.secrets /etc/ipsec.secrets
	117
	118	rm -rf /etc/ipsec.d/{cacerts,certs,crls}
	119	ln -sf $(CONFIG_ROOT)/ca /etc/ipsec.d/cacerts
	120	ln -sf $(CONFIG_ROOT)/certs /etc/ipsec.d/certs
	121	ln -sf $(CONFIG_ROOT)/crls /etc/ipsec.d/crls
	122
	123	install -v -m 644 $(DIR_SRC)/config/strongswan/charon.conf \
	124	/etc/strongswan.d/charon.conf
	125
	126	@rm -rf $(DIR_APP)
	127	@$(POSTBUILD)