lfs/strongswan

   1 ###############################################################################
   2 #                                                                             #
   3 # IPFire.org - A linux based firewall                                         #
   4 # Copyright (C) 2007-2013  IPFire Team  <info@ipfire.org>                     #
   5 #                                                                             #
   6 # This program is free software: you can redistribute it and/or modify        #
   7 # it under the terms of the GNU General Public License as published by        #
   8 # the Free Software Foundation, either version 3 of the License, or           #
   9 # (at your option) any later version.                                         #
  10 #                                                                             #
  11 # This program is distributed in the hope that it will be useful,             #
  12 # but WITHOUT ANY WARRANTY; without even the implied warranty of              #
  13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
  14 # GNU General Public License for more details.                                #
  15 #                                                                             #
  16 # You should have received a copy of the GNU General Public License           #
  17 # along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
  18 #                                                                             #
  19 ###############################################################################
  20
  21 ###############################################################################
  22 # Definitions
  23 ###############################################################################
  24
  25 include Config
  26
  27 VER        = 5.3.1
  28
  29 THISAPP    = strongswan-$(VER)
  30 DL_FILE    = $(THISAPP).tar.bz2
  31 DL_FROM    = $(URL_IPFIRE)
  32 DIR_APP    = $(DIR_SRC)/strongswan-$(VER)
  33 TARGET     = $(DIR_INFO)/$(THISAPP)
  34
  35 ifeq "$(MACHINE)" "i586"
  36         CONFIGURE_OPTIONS = \
  37                 --enable-padlock
  38 else
  39         CONFIGURE_OPTIONS = \
  40                 --disable-padlock
  41 endif
  42
  43 ###############################################################################
  44 # Top-level Rules
  45 ###############################################################################
  46
  47 objects = $(DL_FILE)
  48
  49 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
  50
  51 $(DL_FILE)_MD5 = 66f258901a3d6c271da1a0c7fb3e5013
  52
  53 install : $(TARGET)
  54
  55 check : $(patsubst %,$(DIR_CHK)/%,$(objects))
  56
  57 download :$(patsubst %,$(DIR_DL)/%,$(objects))
  58
  59 md5 : $(subst %,%_MD5,$(objects))
  60
  61 ###############################################################################
  62 # Downloading, checking, md5sum
  63 ###############################################################################
  64
  65 $(patsubst %,$(DIR_CHK)/%,$(objects)) :
  66         @$(CHECK)
  67
  68 $(patsubst %,$(DIR_DL)/%,$(objects)) :
  69         @$(LOAD)
  70
  71 $(subst %,%_MD5,$(objects)) :
  72         @$(MD5)
  73
  74 ###############################################################################
  75 # Installation Details
  76 ###############################################################################
  77
  78 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
  79         @$(PREBUILD)
  80         @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
  81         cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.3.1-build-timeattack.patch
  82         cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-ipfire.patch
  83
  84         cd $(DIR_APP) && autoreconf -vfi
  85         cd $(DIR_APP) && ./configure \
  86                 --prefix="/usr" \
  87                 --sysconfdir="/etc" \
  88                 --enable-curl \
  89                 --enable-dhcp \
  90                 --enable-farp \
  91                 --enable-openssl \
  92                 --enable-gcrypt \
  93                 --enable-ccm \
  94                 --enable-ctr \
  95                 --enable-gcm \
  96                 --enable-xauth-eap \
  97                 --enable-xauth-noauth \
  98                 --enable-eap-radius \
  99                 --enable-eap-tls \
 100                 --enable-eap-ttls \
 101                 --enable-eap-peap \
 102                 --enable-eap-mschapv2 \
 103                 --enable-eap-identity \
 104                 $(CONFIGURE_OPTIONS)
 105
 106         cd $(DIR_APP) && make $(MAKETUNING)
 107         cd $(DIR_APP) && make install
 108
 109         # Remove all library files we don't want or need.
 110         rm -vf /usr/lib/ipsec/plugins/*.{,l}a
 111
 112         -rm -rfv /etc/rc*.d/*ipsec
 113         cd $(DIR_SRC) && cp src/initscripts/init.d/ipsec /etc/rc.d/init.d/ipsec
 114         rm -f /etc/ipsec.conf /etc/ipsec.secrets
 115         ln -sf $(CONFIG_ROOT)/vpn/ipsec.conf /etc/ipsec.conf
 116         ln -sf $(CONFIG_ROOT)/vpn/ipsec.secrets /etc/ipsec.secrets
 117
 118         rm -rf /etc/ipsec.d/{cacerts,certs,crls}
 119         ln -sf $(CONFIG_ROOT)/ca    /etc/ipsec.d/cacerts
 120         ln -sf $(CONFIG_ROOT)/certs /etc/ipsec.d/certs
 121         ln -sf $(CONFIG_ROOT)/crls  /etc/ipsec.d/crls
 122
 123         install -v -m 644 $(DIR_SRC)/config/strongswan/charon.conf \
 124                 /etc/strongswan.d/charon.conf
 125
 126         @rm -rf $(DIR_APP)
 127         @$(POSTBUILD)