diff mbox series

[v2,1/2] package/strongswan: Add options to select EAP plugins

Message ID 20210920152831.2489077-1-martin.elshuber@theobroma-systems.com
State Accepted
Headers show
Series [v2,1/2] package/strongswan: Add options to select EAP plugins | expand

Commit Message

Martin Elshuber Sept. 20, 2021, 3:28 p.m. UTC 
Add options to chose EAP plugins.

Since the only plugin requiring libgmp is
BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2, the selection of BR2_PACKAGE_GMP
is moved down accordingly.

Signed-off-by: Martin Elshuber <martin.elshuber@theobroma-systems.com>

---
Changes v1 -> v2:
  - use conditional defaults and mark as legacy
  - drop 'ifeq ($(BR2_PACKAGE_STRONGSWAN_EAP),y)'
  - fix title for BR2_PACKAGE_STRONGSWAN_EAP_DYNAMIC

Signed-off-by: Martin Elshuber <martin.elshuber@theobroma-systems.com>
---
 package/strongswan/Config.in     | 89 +++++++++++++++++++++++++-------
 package/strongswan/strongswan.mk | 40 +++++++-------
 2 files changed, 87 insertions(+), 42 deletions(-)

Comments

Yann E. MORIN Sept. 28, 2021, 8:47 p.m. UTC | #1 
Martin, All,

On 2021-09-20 17:28 +0200, Martin Elshuber spake thusly:
> Add options to chose EAP plugins.
> 
> Since the only plugin requiring libgmp is
> BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2, the selection of BR2_PACKAGE_GMP
> is moved down accordingly.
> 
> Signed-off-by: Martin Elshuber <martin.elshuber@theobroma-systems.com>

Applied to master with the following changes:

  - move BR2_PACKAGE_STRONGSWAN_EAP to legacy
  - extend commit log accordingly
  - fix check-package:
        package/strongswan/strongswan.mk:57: unexpected indent with tabs

Thanks!

Regards,
Yann E. MORIN.

    
> ---
> Changes v1 -> v2:
>   - use conditional defaults and mark as legacy
>   - drop 'ifeq ($(BR2_PACKAGE_STRONGSWAN_EAP),y)'
>   - fix title for BR2_PACKAGE_STRONGSWAN_EAP_DYNAMIC
> 
> Signed-off-by: Martin Elshuber <martin.elshuber@theobroma-systems.com>
> ---
>  package/strongswan/Config.in     | 89 +++++++++++++++++++++++++-------
>  package/strongswan/strongswan.mk | 40 +++++++-------
>  2 files changed, 87 insertions(+), 42 deletions(-)
> 
> diff --git a/package/strongswan/Config.in b/package/strongswan/Config.in
> index 368cd1ecc0..8eae568b6a 100644
> --- a/package/strongswan/Config.in
> +++ b/package/strongswan/Config.in
> @@ -75,34 +75,83 @@ config BR2_PACKAGE_STRONGSWAN_TNCCS_DYNAMIC
>  
>  config BR2_PACKAGE_STRONGSWAN_EAP
>  	bool "Enable EAP protocols"
> -	select BR2_PACKAGE_GMP
> -	help
> -	  Enable various EAP protocols:
> -	    - mschapv2
> -	    - tls
> -	    - ttls
> -	    - peap
> -	    - sim
> -	    - sim-file
> -	    - aka
> -	    - aka-3gpp2
> -	    - simaka-sql
> -	    - simaka-pseudonym
> -	    - simaka-reauth
> -	    - identity
> -	    - md5
> -	    - gtc
> -	    - tnc
> -	    - dynamic
> -	    - radius
>  
>  if BR2_PACKAGE_STRONGSWAN_EAP
>  
> +config BR2_PACKAGE_STRONGSWAN_EAP_SIM
> +	bool "Enable EAP-SIM"
> +	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
> +
> +config BR2_PACKAGE_STRONGSWAN_EAP_SIM_FILE
> +	bool "Enable EAP-SIM file backend"
> +	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
> +
>  config BR2_PACKAGE_STRONGSWAN_EAP_SIM_PCSC
>  	bool "Enable EAP-SIM smart card backend"
>  	depends on !BR2_STATIC_LIBS # pcsc-lite
>  	select BR2_PACKAGE_PCSC_LITE
>  
> +config BR2_PACKAGE_STRONGSWAN_EAP_AKA
> +	bool "Enable EAP-AKA"
> +	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
> +
> +config BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2
> +	bool "Enable EAP-AKA 3GPP2 algorithms"
> +	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
> +	select BR2_PACKAGE_GMP
> +
> +config BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_SQL
> +	bool "Enable EAP-SIM/AKA backend based on a triplet/quintuplet SQL database"
> +	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
> +
> +config BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_PSEUDONYM
> +	bool "Enable EAP-SIM/AKA pseudonym storage"
> +	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
> +
> +config BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_REAUTH
> +	bool "Enable EAP-SIM/AKA reauthentication data storage"
> +	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
> +
> +config BR2_PACKAGE_STRONGSWAN_EAP_IDENTITY
> +	bool "Enable EAP-Identity"
> +	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
> +
> +config BR2_PACKAGE_STRONGSWAN_EAP_MD5
> +	bool "Enable EAP-MD5"
> +	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
> +
> +config BR2_PACKAGE_STRONGSWAN_EAP_GTC
> +	bool "Enable EAP-GDC"
> +	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
> +
> +config BR2_PACKAGE_STRONGSWAN_EAP_MSCHAPV2
> +	bool "Enable EAP-MSCHAPv2"
> +	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
> +
> +config BR2_PACKAGE_STRONGSWAN_EAP_PEAP
> +	bool "Enable EAP-PEAP"
> +	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
> +
> +config BR2_PACKAGE_STRONGSWAN_EAP_RADIUS
> +	bool "Enable EAP-RADIUS"
> +	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
> +
> +config BR2_PACKAGE_STRONGSWAN_EAP_TLS
> +	bool "Enable EAP-TLS"
> +	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
> +
> +config BR2_PACKAGE_STRONGSWAN_EAP_TTLS
> +	bool "Enable EAP-TTLS"
> +	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
> +
> +config BR2_PACKAGE_STRONGSWAN_EAP_DYNAMIC
> +	bool "Enable EAP-DYNAMIC"
> +	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
> +
> +config BR2_PACKAGE_STRONGSWAN_EAP_TNC
> +	bool "Enable EAP-TNC"
> +	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
> +
>  endif
>  
>  config BR2_PACKAGE_STRONGSWAN_UNITY
> diff --git a/package/strongswan/strongswan.mk b/package/strongswan/strongswan.mk
> index 322abfbd7b..5fb4e6821a 100644
> --- a/package/strongswan/strongswan.mk
> +++ b/package/strongswan/strongswan.mk
> @@ -37,6 +37,23 @@ STRONGSWAN_CONF_OPTS += \
>  	--enable-vici=$(if $(BR2_PACKAGE_STRONGSWAN_VICI),yes,no) \
>  	--enable-swanctl=$(if $(BR2_PACKAGE_STRONGSWAN_VICI),yes,no) \
>  	--enable-wolfssl=$(if $(BR2_PACKAGE_STRONGSWAN_WOLFSSL),yes,no) \
> +	--enable-eap-sim=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIM),yes,no) \
> +	--enable-eap-sim-file=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIM_FILE),yes,no) \
> +	--enable-eap-aka=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_AKA),yes,no) \
> +	--enable-eap-aka-3gpp2=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2),yes,no) \
> +	--enable-eap-simaka-sql=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_SQL),yes,no) \
> +	--enable-eap-simaka-pseudonym=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_PSEUDONYM),yes,no) \
> +	--enable-eap-simaka-reauth=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_REAUTH),yes,no) \
> +	--enable-eap-identity=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_IDENTITY),yes,no) \
> +	--enable-eap-md5=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_MD5),yes,no) \
> +	--enable-eap-gtc=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_GTC),yes,no) \
> +	--enable-eap-mschapv2=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_MSCHAPV2),yes,no) \
> +	--enable-eap-tls=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_TLS),yes,no) \
> +	--enable-eap-ttls=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_TTLS),yes,no) \
> +	--enable-eap-peap=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_PEAP),yes,no) \
> +	--enable-eap-tnc=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_TNC),yes,no) \
> +	--enable-eap-dynamic=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_DYNAMIC),yes,no) \
> +	--enable-eap-radius=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_RADIUS),yes,no)
>  	--with-ipseclibdir=/usr/lib \
>  	--with-plugindir=/usr/lib/ipsec/plugins \
>  	--with-imcvdir=/usr/lib/ipsec/imcvs \
> @@ -46,32 +63,11 @@ ifeq ($(BR2_TOOLCHAIN_HAS_LIBATOMIC),y)
>  STRONGSWAN_CONF_ENV += LIBS='-latomic'
>  endif
>  
> -ifeq ($(BR2_PACKAGE_STRONGSWAN_EAP),y)
> -STRONGSWAN_CONF_OPTS += \
> -	--enable-eap-sim \
> -	--enable-eap-sim-file \
> -	--enable-eap-aka \
> -	--enable-eap-aka-3gpp2 \
> -	--enable-eap-simaka-sql \
> -	--enable-eap-simaka-pseudonym \
> -	--enable-eap-simaka-reauth \
> -	--enable-eap-identity \
> -	--enable-eap-md5 \
> -	--enable-eap-gtc \
> -	--enable-eap-mschapv2 \
> -	--enable-eap-tls \
> -	--enable-eap-ttls \
> -	--enable-eap-peap \
> -	--enable-eap-tnc \
> -	--enable-eap-dynamic \
> -	--enable-eap-radius
> -STRONGSWAN_DEPENDENCIES += gmp
> -endif
> -
>  STRONGSWAN_DEPENDENCIES += \
>  	$(if $(BR2_PACKAGE_STRONGSWAN_OPENSSL),openssl) \
>  	$(if $(BR2_PACKAGE_STRONGSWAN_GCRYPT),libgcrypt) \
>  	$(if $(BR2_PACKAGE_STRONGSWAN_GMP),gmp) \
> +	$(if $(BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2),gmp) \
>  	$(if $(BR2_PACKAGE_STRONGSWAN_CURL),libcurl) \
>  	$(if $(BR2_PACKAGE_STRONGSWAN_TNCCS_11),libxml2) \
>  	$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIM_PCSC),pcsc-lite) \
> -- 
> 2.30.2
>
diff mbox series

Patch

diff --git a/package/strongswan/Config.in b/package/strongswan/Config.in
index 368cd1ecc0..8eae568b6a 100644
--- a/package/strongswan/Config.in
+++ b/package/strongswan/Config.in
@@ -75,34 +75,83 @@  config BR2_PACKAGE_STRONGSWAN_TNCCS_DYNAMIC
 
 config BR2_PACKAGE_STRONGSWAN_EAP
 	bool "Enable EAP protocols"
-	select BR2_PACKAGE_GMP
-	help
-	  Enable various EAP protocols:
-	    - mschapv2
-	    - tls
-	    - ttls
-	    - peap
-	    - sim
-	    - sim-file
-	    - aka
-	    - aka-3gpp2
-	    - simaka-sql
-	    - simaka-pseudonym
-	    - simaka-reauth
-	    - identity
-	    - md5
-	    - gtc
-	    - tnc
-	    - dynamic
-	    - radius
 
 if BR2_PACKAGE_STRONGSWAN_EAP
 
+config BR2_PACKAGE_STRONGSWAN_EAP_SIM
+	bool "Enable EAP-SIM"
+	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_SIM_FILE
+	bool "Enable EAP-SIM file backend"
+	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
 config BR2_PACKAGE_STRONGSWAN_EAP_SIM_PCSC
 	bool "Enable EAP-SIM smart card backend"
 	depends on !BR2_STATIC_LIBS # pcsc-lite
 	select BR2_PACKAGE_PCSC_LITE
 
+config BR2_PACKAGE_STRONGSWAN_EAP_AKA
+	bool "Enable EAP-AKA"
+	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2
+	bool "Enable EAP-AKA 3GPP2 algorithms"
+	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+	select BR2_PACKAGE_GMP
+
+config BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_SQL
+	bool "Enable EAP-SIM/AKA backend based on a triplet/quintuplet SQL database"
+	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_PSEUDONYM
+	bool "Enable EAP-SIM/AKA pseudonym storage"
+	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_REAUTH
+	bool "Enable EAP-SIM/AKA reauthentication data storage"
+	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_IDENTITY
+	bool "Enable EAP-Identity"
+	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_MD5
+	bool "Enable EAP-MD5"
+	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_GTC
+	bool "Enable EAP-GDC"
+	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_MSCHAPV2
+	bool "Enable EAP-MSCHAPv2"
+	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_PEAP
+	bool "Enable EAP-PEAP"
+	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_RADIUS
+	bool "Enable EAP-RADIUS"
+	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_TLS
+	bool "Enable EAP-TLS"
+	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_TTLS
+	bool "Enable EAP-TTLS"
+	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_DYNAMIC
+	bool "Enable EAP-DYNAMIC"
+	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
+config BR2_PACKAGE_STRONGSWAN_EAP_TNC
+	bool "Enable EAP-TNC"
+	default y if BR2_PACKAGE_STRONGSWAN_EAP # legacy
+
 endif
 
 config BR2_PACKAGE_STRONGSWAN_UNITY
diff --git a/package/strongswan/strongswan.mk b/package/strongswan/strongswan.mk
index 322abfbd7b..5fb4e6821a 100644
--- a/package/strongswan/strongswan.mk
+++ b/package/strongswan/strongswan.mk
@@ -37,6 +37,23 @@  STRONGSWAN_CONF_OPTS += \
 	--enable-vici=$(if $(BR2_PACKAGE_STRONGSWAN_VICI),yes,no) \
 	--enable-swanctl=$(if $(BR2_PACKAGE_STRONGSWAN_VICI),yes,no) \
 	--enable-wolfssl=$(if $(BR2_PACKAGE_STRONGSWAN_WOLFSSL),yes,no) \
+	--enable-eap-sim=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIM),yes,no) \
+	--enable-eap-sim-file=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIM_FILE),yes,no) \
+	--enable-eap-aka=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_AKA),yes,no) \
+	--enable-eap-aka-3gpp2=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2),yes,no) \
+	--enable-eap-simaka-sql=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_SQL),yes,no) \
+	--enable-eap-simaka-pseudonym=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_PSEUDONYM),yes,no) \
+	--enable-eap-simaka-reauth=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_REAUTH),yes,no) \
+	--enable-eap-identity=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_IDENTITY),yes,no) \
+	--enable-eap-md5=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_MD5),yes,no) \
+	--enable-eap-gtc=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_GTC),yes,no) \
+	--enable-eap-mschapv2=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_MSCHAPV2),yes,no) \
+	--enable-eap-tls=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_TLS),yes,no) \
+	--enable-eap-ttls=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_TTLS),yes,no) \
+	--enable-eap-peap=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_PEAP),yes,no) \
+	--enable-eap-tnc=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_TNC),yes,no) \
+	--enable-eap-dynamic=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_DYNAMIC),yes,no) \
+	--enable-eap-radius=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_RADIUS),yes,no)
 	--with-ipseclibdir=/usr/lib \
 	--with-plugindir=/usr/lib/ipsec/plugins \
 	--with-imcvdir=/usr/lib/ipsec/imcvs \
@@ -46,32 +63,11 @@  ifeq ($(BR2_TOOLCHAIN_HAS_LIBATOMIC),y)
 STRONGSWAN_CONF_ENV += LIBS='-latomic'
 endif
 
-ifeq ($(BR2_PACKAGE_STRONGSWAN_EAP),y)
-STRONGSWAN_CONF_OPTS += \
-	--enable-eap-sim \
-	--enable-eap-sim-file \
-	--enable-eap-aka \
-	--enable-eap-aka-3gpp2 \
-	--enable-eap-simaka-sql \
-	--enable-eap-simaka-pseudonym \
-	--enable-eap-simaka-reauth \
-	--enable-eap-identity \
-	--enable-eap-md5 \
-	--enable-eap-gtc \
-	--enable-eap-mschapv2 \
-	--enable-eap-tls \
-	--enable-eap-ttls \
-	--enable-eap-peap \
-	--enable-eap-tnc \
-	--enable-eap-dynamic \
-	--enable-eap-radius
-STRONGSWAN_DEPENDENCIES += gmp
-endif
-
 STRONGSWAN_DEPENDENCIES += \
 	$(if $(BR2_PACKAGE_STRONGSWAN_OPENSSL),openssl) \
 	$(if $(BR2_PACKAGE_STRONGSWAN_GCRYPT),libgcrypt) \
 	$(if $(BR2_PACKAGE_STRONGSWAN_GMP),gmp) \
+	$(if $(BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2),gmp) \
 	$(if $(BR2_PACKAGE_STRONGSWAN_CURL),libcurl) \
 	$(if $(BR2_PACKAGE_STRONGSWAN_TNCCS_11),libxml2) \
 	$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIM_PCSC),pcsc-lite) \