1 # Created by: Riaan Kruger <riaank@gmail.com>
7 MASTER_SITES= http://download.strongswan.org/ \
8 http://download2.strongswan.org/
10 MAINTAINER= strongswan@nanoteq.com
11 COMMENT= Open Source IKEv2 IPsec-based VPN solution
15 USES= cpe execinfo libtool:keepla pkgconfig tar:bzip2 ssl
16 USE_RC_SUBR= strongswan
18 USE_LDCONFIG= ${PREFIX}/lib/ipsec
19 INSTALL_TARGET= install-strip
21 CONFIGURE_ARGS= --enable-kernel-pfkey \
22 --enable-kernel-pfroute \
23 --disable-kernel-netlink \
27 --enable-eap-identity \
30 --enable-eap-mschapv2 \
39 --with-lib-prefix=${PREFIX}
41 OPTIONS_DEFINE= CURL EAPAKA3GPP2 EAPDYNAMIC EAPRADIUS EAPSIMFILE GCM IKEv1 \
42 IPSECKEY KERNELLIBIPSEC LOADTESTER LDAP MYSQL PKI SCEP SMP \
43 SQLITE SWANCTL TESTVECTOR TPM UNBOUND UNITY VICI XAUTH
44 OPTIONS_DEFAULT= IKEv1 BUILTIN PKI SWANCTL VICI
45 OPTIONS_SINGLE= PRINTF_HOOKS
46 OPTIONS_SINGLE_PRINTF_HOOKS= BUILTIN LIBC VSTR
49 # Description of options
50 CURL_DESC= Enable CURL to fetch CRL/OCSP
51 EAPAKA3GPP2_DESC= Enable EAP AKA with 3gpp2 backend
52 EAPDYNAMIC_DESC= Enable EAP dynamic proxy module
53 EAPRADIUS_DESC= Enable EAP Radius proxy authentication
54 EAPSIMFILE_DESC= Enable EAP SIM with file backend
55 GCM_DESC= Enable GCM AEAD wrapper crypto plugin
56 IKEv1_DESC= Enable IKEv1 support
57 IPSECKEY_DESC= Enable authentication with IPSECKEY resource records with DNSSEC
58 KERNELLIBIPSEC_DESC= Enable IPSec userland backend
59 LOADTESTER_DESC= Enable load testing plugin
60 PKI_DESC= Enable PKI tools
61 SCEP_DESC= Enable Simple Certificate Enrollment Protocol
62 SMP_DESC= Enable XML-based management protocol (DEPRECATED)
63 SWANCTL_DESC= Install swanctl (requires VICI)
64 TESTVECTOR_DESC= Enable crypto test vectors
65 TPM_DESC= Enable TPM plugin
66 UNBOUND_DESC= Enable DNSSEC-enabled resolver
67 UNITY_DESC= Enable Cisco Unity extension plugin
68 VICI_DESC= Enable VICI management protocol
69 XAUTH_DESC= Enable XAuth password verification
70 BUILTIN_DESC= Use builtin printf hooks
71 LIBC_DESC= Use libc printf hooks
72 VSTR_DESC= Use devel/vstr printf hooks
75 CURL_CONFIGURE_ON= --enable-curl
76 CURL_LIB_DEPENDS= libcurl.so:ftp/curl
77 EAPAKA3GPP2_CONFIGURE_ON= --enable-eap-aka --enable-eap-aka-3gpp2
78 EAPAKA3GPP2_LIB_DEPENDS=libgmp.so:math/gmp
79 EAPDYNAMIC_CONFIGURE_ON=--enable-eap-dynamic
80 EAPRADIUS_CONFIGURE_ON= --enable-eap-radius
81 EAPSIMFILE_CONFIGURE_ON=--enable-eap-sim --enable-eap-sim-file
82 GCM_CONFIGURE_ON= --enable-gcm
83 IKEv1_CONFIGURE_OFF= --disable-ikev1
84 IPSECKEY_CONFIGURE_ON= --enable-ipseckey
85 KERNELLIBIPSEC_CONFIGURE_ON= --enable-kernel-libipsec
86 LOADTESTER_CONFIGURE_ON=--enable-load-tester
87 LDAP_CONFIGURE_ON= --enable-ldap
88 LDAP_USE= OPENLDAP=yes
89 MYSQL_CONFIGURE_ON= --enable-mysql
91 PKI_CONFIGURE_OFF= --disable-pki
92 SCEP_CONFIGURE_OFF= --disable-scepclient
93 SMP_LIB_DEPENDS= libxml2.so:textproc/libxml2
94 SMP_CONFIGURE_ON= --enable-smp
95 SQLITE_CONFIGURE_ON= --enable-sqlite
96 SQLITE_LIB_DEPENDS= libsqlite3.so:databases/sqlite3
97 SWANCTL_CONFIGURE_ON= --enable-swanctl
99 TESTVECTOR_CONFIGURE_ON=--enable-test-vectors
100 TPM_CONFIGURE_ON= --enable-tpm
101 UNBOUND_CONFIGURE_ON= --enable-unbound
102 UNBOUND_LIB_DEPENDS= libunbound.so:dns/unbound \
104 UNITY_CONFIGURE_ON= --enable-unity
105 VICI_CONFIGURE_ON= --enable-vici
106 XAUTH_CONFIGURE_ON= --enable-xauth-eap --enable-xauth-generic
107 BUILTIN_CONFIGURE_ON= --with-printf-hooks=builtin
108 LIBC_CONFIGURE_ON= --with-printf-hooks=glibc
109 VSTR_CONFIGURE_ON= --with-printf-hooks=vstr
110 VSTR_LIB_DEPENDS= libvstr.so:devel/vstr
112 .include <bsd.port.options.mk>
114 .if ${PORT_OPTIONS:MEAPSIMFILE} || ${PORT_OPTIONS:MEAPAKA3GPP2}
115 PLIST_SUB+= SIMAKA=""
117 PLIST_SUB+= SIMAKA="@comment "
120 .if ${PORT_OPTIONS:MMYSQL} || ${PORT_OPTIONS:MSQLITE}
121 CONFIGURE_ARGS+= --enable-attr-sql --enable-sql
124 PLIST_SUB+= SQL="@comment "
127 .if ${PORT_OPTIONS:MIKEv1} || ${PORT_OPTIONS:MXAUTH}
128 PLIST_SUB+= XAUTHGEN=""
130 PLIST_SUB+= XAUTHGEN="@comment "
134 .if ${PORT_OPTIONS:MVICI}
135 ${INSTALL_DATA} ${WRKSRC}/src/libcharon/plugins/vici/libvici.h \
136 ${STAGEDIR}${PREFIX}/include
138 .if ${PORT_OPTIONS:MSWANCTL}
139 ${MV} ${STAGEDIR}${PREFIX}/etc/swanctl/swanctl.conf \
140 ${STAGEDIR}${PREFIX}/etc/swanctl/swanctl.conf.sample
143 .include <bsd.port.mk>