| Patrick Williams | b48b7b4 | 2016-08-17 15:04:38 -0500 | [diff] [blame] | 1 | DESCRIPTION = "IPsec-Tools is a port of KAME's IPsec utilities to the \ |
| 2 | Linux-2.6 IPsec implementation." |
| 3 | HOMEPAGE = "http://ipsec-tools.sourceforge.net/" |
| 4 | SECTION = "net" |
| 5 | LICENSE = "BSD" |
| 6 | LIC_FILES_CHKSUM = "file://src/libipsec/pfkey.c;beginline=6;endline=31;md5=bc9b7ff40beff19fe6bc6aef26bd2b24" |
| 7 | |
| 8 | DEPENDS = "virtual/kernel openssl readline flex-native bison-native" |
| 9 | |
| 10 | PACKAGE_ARCH = "${MACHINE_ARCH}" |
| 11 | |
| Brad Bishop | 7f28bc5 | 2017-12-03 23:42:40 -0500 | [diff] [blame] | 12 | SRC_URI = "http://ftp.netbsd.org/pub/NetBSD/misc/ipsec-tools/0.8/ipsec-tools-${PV}.tar.bz2 \ |
| Patrick Williams | b48b7b4 | 2016-08-17 15:04:38 -0500 | [diff] [blame] | 13 | file://0002-Don-t-link-against-libfl.patch \ |
| 14 | file://configure.patch \ |
| 15 | file://0001-racoon-pfkey-avoid-potential-null-pointer-dereferenc.patch \ |
| 16 | file://racoon-check-invalid-pointers.patch \ |
| 17 | file://racoon-check-invalid-ivm.patch \ |
| 18 | file://glibc-2.20.patch \ |
| 19 | file://racoon-Resend-UPDATE-message-when-received-EINTR-message.patch \ |
| 20 | file://racoon.conf.sample \ |
| 21 | file://racoon.conf \ |
| 22 | file://racoon.service \ |
| 23 | file://fix-CVE-2015-4047.patch \ |
| Brad Bishop | 7f28bc5 | 2017-12-03 23:42:40 -0500 | [diff] [blame] | 24 | file://0001-Fix-build-with-clang.patch \ |
| Brad Bishop | 6e60e8b | 2018-02-01 10:27:11 -0500 | [diff] [blame] | 25 | file://0001-Fix-header-issues-found-with-musl-libc.patch \ |
| 26 | file://0002-cfparse-clear-memory-equal-to-size-of-array.patch \ |
| Brad Bishop | d7bf8c1 | 2018-02-25 22:55:05 -0500 | [diff] [blame] | 27 | file://fix-CVE-2016-10396.patch \ |
| Brad Bishop | 1a4b7ee | 2018-12-16 17:11:34 -0800 | [diff] [blame] | 28 | file://0001-Disable-gcc8-specific-warnings.patch \ |
| 29 | file://0001-ipsec-tools-add-openssl-1.1-support.patch \ |
| Brad Bishop | 6e60e8b | 2018-02-01 10:27:11 -0500 | [diff] [blame] | 30 | " |
| Patrick Williams | b48b7b4 | 2016-08-17 15:04:38 -0500 | [diff] [blame] | 31 | SRC_URI[md5sum] = "d53ec14a0a3ece64e09e5e34b3350b41" |
| 32 | SRC_URI[sha256sum] = "8eb6b38716e2f3a8a72f1f549c9444c2bc28d52c9536792690564c74fe722f2d" |
| 33 | |
| 34 | inherit autotools systemd |
| 35 | |
| 36 | # Options: |
| 37 | # --enable-adminport enable admin port |
| 38 | # --enable-rc5 enable RC5 encryption (patented) |
| 39 | # --enable-idea enable IDEA encryption (patented) |
| 40 | # --enable-gssapi enable GSS-API authentication |
| 41 | # --enable-hybrid enable hybrid, both mode-cfg and xauth support |
| 42 | # --enable-frag enable IKE fragmentation payload support |
| 43 | # --enable-stats enable statistics logging function |
| 44 | # --enable-dpd enable dead peer detection |
| 45 | # --enable-samode-unspec enable to use unspecified a mode of SA |
| 46 | # --disable-ipv6 disable ipv6 support |
| 47 | # --enable-natt enable NAT-Traversal (yes/no/kernel) |
| 48 | # --enable-natt-versions=list list of supported NAT-T versions delimited by coma. |
| 49 | # --with-kernel-headers=/lib/modules/<uname>/build/include |
| 50 | # where your Linux Kernel headers are installed |
| 51 | # --with-readline support readline input (yes by default) |
| 52 | # --with-flex use directiory (default: no) |
| 53 | # --with-flexlib=<LIB> specify flex library. |
| 54 | # --with-openssl=DIR specify OpenSSL directory |
| 55 | # --with-libradius=DIR specify libradius path (like/usr/pkg) |
| 56 | # --with-libpam=DIR specify libpam path (like/usr/pkg) |
| 57 | # |
| 58 | # Note: if you give it the actual kernel headers it won't build, it actually |
| 59 | # needs to point at the linux-libc-headers version of the kernel headers. |
| 60 | # |
| 61 | EXTRA_OECONF = "--with-kernel-headers=${STAGING_INCDIR} \ |
| 62 | --with-readline \ |
| 63 | --with-openssl=${STAGING_LIBDIR}/.. \ |
| 64 | --without-libradius \ |
| 65 | --disable-security-context \ |
| 66 | --enable-shared \ |
| 67 | --enable-dpd \ |
| 68 | --enable-natt=yes \ |
| 69 | --sysconfdir=${sysconfdir}/racoon \ |
| Patrick Williams | ddad1a1 | 2017-02-23 20:36:32 -0600 | [diff] [blame] | 70 | ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', '--enable-ipv6=yes', '', d)}" |
| Patrick Williams | b48b7b4 | 2016-08-17 15:04:38 -0500 | [diff] [blame] | 71 | |
| 72 | # See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530527 |
| 73 | CFLAGS += "-fno-strict-aliasing" |
| 74 | |
| 75 | PACKAGECONFIG ??= "" |
| 76 | PACKAGECONFIG[pam] = "--with-libpam,--without-libpam,libpam," |
| 77 | PACKAGECONFIG[selinux] = "--enable-security-context,--disable-security-context,libselinux," |
| 78 | |
| 79 | SYSTEMD_SERVICE_${PN} = "racoon.service" |
| 80 | |
| 81 | do_install_append() { |
| 82 | install -d ${D}${sysconfdir}/racoon |
| 83 | install -m 0644 ${WORKDIR}/racoon.conf.sample ${D}${sysconfdir}/racoon/racoon.conf |
| 84 | |
| 85 | if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then |
| 86 | install -d ${D}${systemd_unitdir}/system |
| 87 | install -m 0644 ${WORKDIR}/racoon.service ${D}${systemd_unitdir}/system |
| 88 | |
| 89 | sed -i -e 's#@SYSCONFDIR@#${sysconfdir}#g' ${D}${systemd_unitdir}/system/racoon.service |
| 90 | sed -i -e 's#@SBINDIR@#${sbindir}#g' ${D}${systemd_unitdir}/system/racoon.service |
| 91 | |
| 92 | install -d ${D}${sysconfdir}/default/ |
| 93 | install -m 0644 ${WORKDIR}/racoon.conf ${D}${sysconfdir}/default/racoon |
| 94 | fi |
| 95 | } |
| 96 | |
| 97 | FILES_${PN} += "${sysconfdir}/racoon/racoon.conf \ |
| 98 | ${sysconfdir}/default/racoon" |