1
|
# Created by: Riaan Kruger <riaank@gmail.com>
|
2
|
# $FreeBSD: head/security/strongswan/Makefile 344214 2014-02-14 14:37:36Z decke $
|
3
|
|
4
|
PORTNAME= strongswan
|
5
|
PORTVERSION= 5.1.3
|
6
|
CATEGORIES= security
|
7
|
MASTER_SITES= http://download.strongswan.org/ \
|
8
|
http://download2.strongswan.org/
|
9
|
|
10
|
MAINTAINER= strongswan@nanoteq.com
|
11
|
COMMENT= Open Source IKEv2 IPsec-based VPN solution
|
12
|
|
13
|
LIB_DEPENDS= libexecinfo.so:${PORTSDIR}/devel/libexecinfo
|
14
|
|
15
|
USES= pkgconfig tar:bzip2
|
16
|
USE_OPENSSL= yes
|
17
|
USE_AUTOTOOLS= libtool
|
18
|
USE_GNOME= libxml2
|
19
|
USE_RC_SUBR= strongswan
|
20
|
GNU_CONFIGURE= yes
|
21
|
USE_LDCONFIG= yes
|
22
|
|
23
|
# SOmehow this is needed to cross compile
|
24
|
CFLAGS+= -I/usr/local/include -L/usr/local/include
|
25
|
|
26
|
CONFIGURE_ARGS= --enable-kernel-pfkey \
|
27
|
--enable-kernel-pfroute \
|
28
|
--disable-kernel-netlink \
|
29
|
--disable-tools \
|
30
|
--disable-scripts \
|
31
|
--disable-gmp \
|
32
|
--enable-openssl \
|
33
|
--enable-smp \
|
34
|
--enable-eap-identity \
|
35
|
--enable-eap-md5 \
|
36
|
--enable-eap-tls \
|
37
|
--enable-eap-mschapv2 \
|
38
|
--enable-eap-peap \
|
39
|
--enable-eap-ttls \
|
40
|
--enable-md4 \
|
41
|
--enable-blowfish \
|
42
|
--enable-addrblock \
|
43
|
--enable-whitelist \
|
44
|
--enable-cmd \
|
45
|
--with-group=wheel \
|
46
|
--sysconfdir=/var/etc/ipsec \
|
47
|
--with-lib-prefix=${PREFIX}
|
48
|
|
49
|
OPTIONS_DEFINE= CURL EAPAKA3GPP2 EAPDYNAMIC EAPRADIUS EAPSIMFILE IKEv1 \
|
50
|
IPSECKEY KERNELLIBIPSEC LOADTESTER LDAP MYSQL SQLITE \
|
51
|
TESTVECTOR UNBOUND XAUTH
|
52
|
OPTIONS_SUB= yes
|
53
|
CURL_DESC= Enable CURL to fetch CRL/OCSP
|
54
|
EAPAKA3GPP2_DESC= Enable EAP AKA with 3gpp2 backend
|
55
|
EAPDYNAMIC_DESC= Enable EAP dynamic proxy module
|
56
|
EAPRADIUS_DESC= Enable EAP Radius proxy authentication
|
57
|
EAPSIMFILE_DESC= Enable EAP SIM with file backend
|
58
|
IKEv1_DESC= Enable IKEv1 support
|
59
|
IPSECKEY_DESC= Enable authentication with IPSECKEY resource records with DNSSEC
|
60
|
KERNELLIBIPSEC_DESC= Enable IPSec userland backend
|
61
|
LOADTESTER_DESC= Enable load testing plugin
|
62
|
TESTVECTOR_DESC= Enable crypto test vectors
|
63
|
UNBOUND_DESC= Enable DNSSEC-enabled resolver
|
64
|
XAUTH_DESC= Enable XAuth password verification
|
65
|
|
66
|
# Extra options
|
67
|
CURL_CONFIGURE_ON= --enable-curl
|
68
|
CURL_LIB_DEPENDS= libcurl.so:${PORTSDIR}/ftp/curl
|
69
|
EAPAKA3GPP2_CONFIGURE_ON= --enable-eap-aka --enable-eap-aka-3gpp2
|
70
|
EAPAKA3GPP2_LIB_DEPENDS=libgmp.so:${PORTSDIR}/math/gmp
|
71
|
EAPDYNAMIC_CONFIGURE_ON=--enable-eap-dynamic
|
72
|
EAPRADIUS_CONFIGURE_ON= --enable-eap-radius
|
73
|
EAPSIMFILE_CONFIGURE_ON=--enable-eap-sim --enable-eap-sim-file
|
74
|
IKEv1_CONFIGURE_OFF= --disable-ikev1
|
75
|
IPSECKEY_CONFIGURE_ON= --enable-ipseckey
|
76
|
KERNELLIBIPSEC_CONFIGURE_ON= --enable-kernel-libipsec
|
77
|
LOADTESTER_CONFIGURE_ON=--enable-load-tester
|
78
|
LDAP_CONFIGURE_ON= --enable-ldap
|
79
|
LDAP_USE= USE_OPENLDAP=yes
|
80
|
MYSQL_CONFIGURE_ON= --enable-mysql
|
81
|
MYSQL_USE= USE_MYSQL=yes
|
82
|
SQLITE_CONFIGURE_ON= --enable-sqlite
|
83
|
SQLITE_LIB_DEPENDS= libsqlite3.so:${PORTSDIR}/databases/sqlite3
|
84
|
TESTVECTOR_CONFIGURE_ON=--enable-test-vectors
|
85
|
UNBOUND_CONFIGURE_ON= --enable-unbound
|
86
|
UNBOUND_LIB_DEPENDS= libunbound.so:${PORTSDIR}/dns/unbound
|
87
|
XAUTH_CONFIGURE_ON= --enable-xauth-eap --enable-xauth-generic
|
88
|
|
89
|
.include <bsd.port.options.mk>
|
90
|
|
91
|
.if ${PORT_OPTIONS:MEAPSIMFILE} || ${PORT_OPTIONS:MEAPAKA3GPP2}
|
92
|
PLIST_SUB+= SIMAKA=""
|
93
|
.else
|
94
|
PLIST_SUB+= SIMAKA="@comment "
|
95
|
.endif
|
96
|
|
97
|
.if ${PORT_OPTIONS:MMYSQL} || ${PORT_OPTIONS:MSQLITE}
|
98
|
CONFIGURE_ARGS+= --enable-attr-sql --enable-sql
|
99
|
PLIST_SUB+= SQL=""
|
100
|
.else
|
101
|
PLIST_SUB+= SQL="@comment "
|
102
|
.endif
|
103
|
|
104
|
post-install:
|
105
|
${MKDIR} ${STAGEDIR}${EXAMPLESDIR}
|
106
|
${INSTALL_DATA} ${STAGEDIR}/var/etc/ipsec/strongswan.conf ${STAGEDIR}${EXAMPLESDIR}
|
107
|
${INSTALL_DATA} ${STAGEDIR}/var/etc/ipsec/ipsec.conf ${STAGEDIR}${EXAMPLESDIR}
|
108
|
|
109
|
.include <bsd.port.mk>
|