Message ID | 20210920152831.2489077-1-martin.elshuber@theobroma-systems.com |
---|---|
State | Accepted |
Headers | show |
Series | [v2,1/2] package/strongswan: Add options to select EAP plugins | expand |
Martin, All, On 2021-09-20 17:28 +0200, Martin Elshuber spake thusly: > Add options to chose EAP plugins. > > Since the only plugin requiring libgmp is > BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2, the selection of BR2_PACKAGE_GMP > is moved down accordingly. > > Signed-off-by: Martin Elshuber <martin.elshuber@theobroma-systems.com> Applied to master with the following changes: - move BR2_PACKAGE_STRONGSWAN_EAP to legacy - extend commit log accordingly - fix check-package: package/strongswan/strongswan.mk:57: unexpected indent with tabs Thanks! Regards, Yann E. MORIN. > --- > Changes v1 -> v2: > - use conditional defaults and mark as legacy > - drop 'ifeq ($(BR2_PACKAGE_STRONGSWAN_EAP),y)' > - fix title for BR2_PACKAGE_STRONGSWAN_EAP_DYNAMIC > > Signed-off-by: Martin Elshuber <martin.elshuber@theobroma-systems.com> > --- > package/strongswan/Config.in | 89 +++++++++++++++++++++++++------- > package/strongswan/strongswan.mk | 40 +++++++------- > 2 files changed, 87 insertions(+), 42 deletions(-) > > diff --git a/package/strongswan/Config.in b/package/strongswan/Config.in > index 368cd1ecc0..8eae568b6a 100644 > --- a/package/strongswan/Config.in > +++ b/package/strongswan/Config.in > @@ -75,34 +75,83 @@ config BR2_PACKAGE_STRONGSWAN_TNCCS_DYNAMIC > > config BR2_PACKAGE_STRONGSWAN_EAP > bool "Enable EAP protocols" > - select BR2_PACKAGE_GMP > - help > - Enable various EAP protocols: > - - mschapv2 > - - tls > - - ttls > - - peap > - - sim > - - sim-file > - - aka > - - aka-3gpp2 > - - simaka-sql > - - simaka-pseudonym > - - simaka-reauth > - - identity > - - md5 > - - gtc > - - tnc > - - dynamic > - - radius > > if BR2_PACKAGE_STRONGSWAN_EAP > > +config BR2_PACKAGE_STRONGSWAN_EAP_SIM > + bool "Enable EAP-SIM" > + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy > + > +config BR2_PACKAGE_STRONGSWAN_EAP_SIM_FILE > + bool "Enable EAP-SIM file backend" > + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy > + > config BR2_PACKAGE_STRONGSWAN_EAP_SIM_PCSC > bool "Enable EAP-SIM smart card backend" > depends on !BR2_STATIC_LIBS # pcsc-lite > select BR2_PACKAGE_PCSC_LITE > > +config BR2_PACKAGE_STRONGSWAN_EAP_AKA > + bool "Enable EAP-AKA" > + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy > + > +config BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2 > + bool "Enable EAP-AKA 3GPP2 algorithms" > + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy > + select BR2_PACKAGE_GMP > + > +config BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_SQL > + bool "Enable EAP-SIM/AKA backend based on a triplet/quintuplet SQL database" > + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy > + > +config BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_PSEUDONYM > + bool "Enable EAP-SIM/AKA pseudonym storage" > + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy > + > +config BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_REAUTH > + bool "Enable EAP-SIM/AKA reauthentication data storage" > + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy > + > +config BR2_PACKAGE_STRONGSWAN_EAP_IDENTITY > + bool "Enable EAP-Identity" > + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy > + > +config BR2_PACKAGE_STRONGSWAN_EAP_MD5 > + bool "Enable EAP-MD5" > + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy > + > +config BR2_PACKAGE_STRONGSWAN_EAP_GTC > + bool "Enable EAP-GDC" > + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy > + > +config BR2_PACKAGE_STRONGSWAN_EAP_MSCHAPV2 > + bool "Enable EAP-MSCHAPv2" > + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy > + > +config BR2_PACKAGE_STRONGSWAN_EAP_PEAP > + bool "Enable EAP-PEAP" > + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy > + > +config BR2_PACKAGE_STRONGSWAN_EAP_RADIUS > + bool "Enable EAP-RADIUS" > + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy > + > +config BR2_PACKAGE_STRONGSWAN_EAP_TLS > + bool "Enable EAP-TLS" > + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy > + > +config BR2_PACKAGE_STRONGSWAN_EAP_TTLS > + bool "Enable EAP-TTLS" > + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy > + > +config BR2_PACKAGE_STRONGSWAN_EAP_DYNAMIC > + bool "Enable EAP-DYNAMIC" > + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy > + > +config BR2_PACKAGE_STRONGSWAN_EAP_TNC > + bool "Enable EAP-TNC" > + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy > + > endif > > config BR2_PACKAGE_STRONGSWAN_UNITY > diff --git a/package/strongswan/strongswan.mk b/package/strongswan/strongswan.mk > index 322abfbd7b..5fb4e6821a 100644 > --- a/package/strongswan/strongswan.mk > +++ b/package/strongswan/strongswan.mk > @@ -37,6 +37,23 @@ STRONGSWAN_CONF_OPTS += \ > --enable-vici=$(if $(BR2_PACKAGE_STRONGSWAN_VICI),yes,no) \ > --enable-swanctl=$(if $(BR2_PACKAGE_STRONGSWAN_VICI),yes,no) \ > --enable-wolfssl=$(if $(BR2_PACKAGE_STRONGSWAN_WOLFSSL),yes,no) \ > + --enable-eap-sim=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIM),yes,no) \ > + --enable-eap-sim-file=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIM_FILE),yes,no) \ > + --enable-eap-aka=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_AKA),yes,no) \ > + --enable-eap-aka-3gpp2=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2),yes,no) \ > + --enable-eap-simaka-sql=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_SQL),yes,no) \ > + --enable-eap-simaka-pseudonym=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_PSEUDONYM),yes,no) \ > + --enable-eap-simaka-reauth=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_REAUTH),yes,no) \ > + --enable-eap-identity=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_IDENTITY),yes,no) \ > + --enable-eap-md5=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_MD5),yes,no) \ > + --enable-eap-gtc=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_GTC),yes,no) \ > + --enable-eap-mschapv2=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_MSCHAPV2),yes,no) \ > + --enable-eap-tls=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_TLS),yes,no) \ > + --enable-eap-ttls=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_TTLS),yes,no) \ > + --enable-eap-peap=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_PEAP),yes,no) \ > + --enable-eap-tnc=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_TNC),yes,no) \ > + --enable-eap-dynamic=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_DYNAMIC),yes,no) \ > + --enable-eap-radius=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_RADIUS),yes,no) > --with-ipseclibdir=/usr/lib \ > --with-plugindir=/usr/lib/ipsec/plugins \ > --with-imcvdir=/usr/lib/ipsec/imcvs \ > @@ -46,32 +63,11 @@ ifeq ($(BR2_TOOLCHAIN_HAS_LIBATOMIC),y) > STRONGSWAN_CONF_ENV += LIBS='-latomic' > endif > > -ifeq ($(BR2_PACKAGE_STRONGSWAN_EAP),y) > -STRONGSWAN_CONF_OPTS += \ > - --enable-eap-sim \ > - --enable-eap-sim-file \ > - --enable-eap-aka \ > - --enable-eap-aka-3gpp2 \ > - --enable-eap-simaka-sql \ > - --enable-eap-simaka-pseudonym \ > - --enable-eap-simaka-reauth \ > - --enable-eap-identity \ > - --enable-eap-md5 \ > - --enable-eap-gtc \ > - --enable-eap-mschapv2 \ > - --enable-eap-tls \ > - --enable-eap-ttls \ > - --enable-eap-peap \ > - --enable-eap-tnc \ > - --enable-eap-dynamic \ > - --enable-eap-radius > -STRONGSWAN_DEPENDENCIES += gmp > -endif > - > STRONGSWAN_DEPENDENCIES += \ > $(if $(BR2_PACKAGE_STRONGSWAN_OPENSSL),openssl) \ > $(if $(BR2_PACKAGE_STRONGSWAN_GCRYPT),libgcrypt) \ > $(if $(BR2_PACKAGE_STRONGSWAN_GMP),gmp) \ > + $(if $(BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2),gmp) \ > $(if $(BR2_PACKAGE_STRONGSWAN_CURL),libcurl) \ > $(if $(BR2_PACKAGE_STRONGSWAN_TNCCS_11),libxml2) \ > $(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIM_PCSC),pcsc-lite) \ > -- > 2.30.2 >
diff --git a/package/strongswan/Config.in b/package/strongswan/Config.in index 368cd1ecc0..8eae568b6a 100644 --- a/package/strongswan/Config.in +++ b/package/strongswan/Config.in @@ -75,34 +75,83 @@ config BR2_PACKAGE_STRONGSWAN_TNCCS_DYNAMIC config BR2_PACKAGE_STRONGSWAN_EAP bool "Enable EAP protocols" - select BR2_PACKAGE_GMP - help - Enable various EAP protocols: - - mschapv2 - - tls - - ttls - - peap - - sim - - sim-file - - aka - - aka-3gpp2 - - simaka-sql - - simaka-pseudonym - - simaka-reauth - - identity - - md5 - - gtc - - tnc - - dynamic - - radius if BR2_PACKAGE_STRONGSWAN_EAP +config BR2_PACKAGE_STRONGSWAN_EAP_SIM + bool "Enable EAP-SIM" + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy + +config BR2_PACKAGE_STRONGSWAN_EAP_SIM_FILE + bool "Enable EAP-SIM file backend" + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy + config BR2_PACKAGE_STRONGSWAN_EAP_SIM_PCSC bool "Enable EAP-SIM smart card backend" depends on !BR2_STATIC_LIBS # pcsc-lite select BR2_PACKAGE_PCSC_LITE +config BR2_PACKAGE_STRONGSWAN_EAP_AKA + bool "Enable EAP-AKA" + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy + +config BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2 + bool "Enable EAP-AKA 3GPP2 algorithms" + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy + select BR2_PACKAGE_GMP + +config BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_SQL + bool "Enable EAP-SIM/AKA backend based on a triplet/quintuplet SQL database" + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy + +config BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_PSEUDONYM + bool "Enable EAP-SIM/AKA pseudonym storage" + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy + +config BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_REAUTH + bool "Enable EAP-SIM/AKA reauthentication data storage" + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy + +config BR2_PACKAGE_STRONGSWAN_EAP_IDENTITY + bool "Enable EAP-Identity" + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy + +config BR2_PACKAGE_STRONGSWAN_EAP_MD5 + bool "Enable EAP-MD5" + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy + +config BR2_PACKAGE_STRONGSWAN_EAP_GTC + bool "Enable EAP-GDC" + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy + +config BR2_PACKAGE_STRONGSWAN_EAP_MSCHAPV2 + bool "Enable EAP-MSCHAPv2" + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy + +config BR2_PACKAGE_STRONGSWAN_EAP_PEAP + bool "Enable EAP-PEAP" + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy + +config BR2_PACKAGE_STRONGSWAN_EAP_RADIUS + bool "Enable EAP-RADIUS" + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy + +config BR2_PACKAGE_STRONGSWAN_EAP_TLS + bool "Enable EAP-TLS" + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy + +config BR2_PACKAGE_STRONGSWAN_EAP_TTLS + bool "Enable EAP-TTLS" + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy + +config BR2_PACKAGE_STRONGSWAN_EAP_DYNAMIC + bool "Enable EAP-DYNAMIC" + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy + +config BR2_PACKAGE_STRONGSWAN_EAP_TNC + bool "Enable EAP-TNC" + default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy + endif config BR2_PACKAGE_STRONGSWAN_UNITY diff --git a/package/strongswan/strongswan.mk b/package/strongswan/strongswan.mk index 322abfbd7b..5fb4e6821a 100644 --- a/package/strongswan/strongswan.mk +++ b/package/strongswan/strongswan.mk @@ -37,6 +37,23 @@ STRONGSWAN_CONF_OPTS += \ --enable-vici=$(if $(BR2_PACKAGE_STRONGSWAN_VICI),yes,no) \ --enable-swanctl=$(if $(BR2_PACKAGE_STRONGSWAN_VICI),yes,no) \ --enable-wolfssl=$(if $(BR2_PACKAGE_STRONGSWAN_WOLFSSL),yes,no) \ + --enable-eap-sim=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIM),yes,no) \ + --enable-eap-sim-file=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIM_FILE),yes,no) \ + --enable-eap-aka=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_AKA),yes,no) \ + --enable-eap-aka-3gpp2=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2),yes,no) \ + --enable-eap-simaka-sql=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_SQL),yes,no) \ + --enable-eap-simaka-pseudonym=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_PSEUDONYM),yes,no) \ + --enable-eap-simaka-reauth=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_REAUTH),yes,no) \ + --enable-eap-identity=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_IDENTITY),yes,no) \ + --enable-eap-md5=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_MD5),yes,no) \ + --enable-eap-gtc=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_GTC),yes,no) \ + --enable-eap-mschapv2=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_MSCHAPV2),yes,no) \ + --enable-eap-tls=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_TLS),yes,no) \ + --enable-eap-ttls=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_TTLS),yes,no) \ + --enable-eap-peap=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_PEAP),yes,no) \ + --enable-eap-tnc=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_TNC),yes,no) \ + --enable-eap-dynamic=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_DYNAMIC),yes,no) \ + --enable-eap-radius=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_RADIUS),yes,no) --with-ipseclibdir=/usr/lib \ --with-plugindir=/usr/lib/ipsec/plugins \ --with-imcvdir=/usr/lib/ipsec/imcvs \ @@ -46,32 +63,11 @@ ifeq ($(BR2_TOOLCHAIN_HAS_LIBATOMIC),y) STRONGSWAN_CONF_ENV += LIBS='-latomic' endif -ifeq ($(BR2_PACKAGE_STRONGSWAN_EAP),y) -STRONGSWAN_CONF_OPTS += \ - --enable-eap-sim \ - --enable-eap-sim-file \ - --enable-eap-aka \ - --enable-eap-aka-3gpp2 \ - --enable-eap-simaka-sql \ - --enable-eap-simaka-pseudonym \ - --enable-eap-simaka-reauth \ - --enable-eap-identity \ - --enable-eap-md5 \ - --enable-eap-gtc \ - --enable-eap-mschapv2 \ - --enable-eap-tls \ - --enable-eap-ttls \ - --enable-eap-peap \ - --enable-eap-tnc \ - --enable-eap-dynamic \ - --enable-eap-radius -STRONGSWAN_DEPENDENCIES += gmp -endif - STRONGSWAN_DEPENDENCIES += \ $(if $(BR2_PACKAGE_STRONGSWAN_OPENSSL),openssl) \ $(if $(BR2_PACKAGE_STRONGSWAN_GCRYPT),libgcrypt) \ $(if $(BR2_PACKAGE_STRONGSWAN_GMP),gmp) \ + $(if $(BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2),gmp) \ $(if $(BR2_PACKAGE_STRONGSWAN_CURL),libcurl) \ $(if $(BR2_PACKAGE_STRONGSWAN_TNCCS_11),libxml2) \ $(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIM_PCSC),pcsc-lite) \