| comment "strongswan needs a toolchain w/ threads, dynamic library" |
| depends on BR2_USE_MMU |
| depends on BR2_TOOLCHAIN_HAS_ATOMIC |
| depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS |
| |
| menuconfig BR2_PACKAGE_STRONGSWAN |
| bool "strongswan" |
| depends on BR2_USE_MMU # fork() |
| depends on BR2_TOOLCHAIN_HAS_THREADS |
| depends on BR2_TOOLCHAIN_HAS_ATOMIC |
| depends on !BR2_STATIC_LIBS |
| help |
| strongSwan is an OpenSource IPsec implementation for the |
| Linux operating system. It is based on the discontinued |
| FreeS/WAN project and the X.509 patch. |
| |
| The focus is on: |
| - simplicity of configuration |
| - strong encryption and authentication methods |
| - powerful IPsec policies supporting large and complex |
| VPN networks |
| |
| strongSwan provide many plugins. Only a few are presented |
| here. |
| |
| http://www.strongswan.org/ |
| |
| if BR2_PACKAGE_STRONGSWAN |
| |
| choice |
| prompt "Cryptographic backend" |
| default BR2_PACKAGE_STRONGSWAN_GMP |
| |
| config BR2_PACKAGE_STRONGSWAN_OPENSSL |
| bool "OpenSSL" |
| select BR2_PACKAGE_OPENSSL |
| |
| config BR2_PACKAGE_STRONGSWAN_GCRYPT |
| bool "libgcrypt" |
| depends on BR2_PACKAGE_LIBGPG_ERROR_ARCH_SUPPORTS # libgcrypt |
| select BR2_PACKAGE_LIBGCRYPT |
| |
| config BR2_PACKAGE_STRONGSWAN_GMP |
| bool "GNU MP (libgmp)" |
| select BR2_PACKAGE_GMP |
| |
| config BR2_PACKAGE_STRONGSWAN_WOLFSSL |
| bool "wolfssl" |
| select BR2_PACKAGE_WOLFSSL |
| |
| endchoice |
| |
| config BR2_PACKAGE_STRONGSWAN_AF_ALG |
| bool "Enable AF_ALG crypto interface to Linux Crypto API" |
| |
| config BR2_PACKAGE_STRONGSWAN_CURL |
| bool "Enable CURL fetcher plugin to fetch files via libcurl" |
| select BR2_PACKAGE_LIBCURL |
| |
| config BR2_PACKAGE_STRONGSWAN_CHARON |
| bool "Enable the IKEv1/IKEv2 keying daemon charon" |
| default y |
| |
| if BR2_PACKAGE_STRONGSWAN_CHARON |
| |
| config BR2_PACKAGE_STRONGSWAN_TNCCS_11 |
| bool "Enable TNCCS 1.1 protocol module" |
| select BR2_PACKAGE_LIBXML2 |
| |
| config BR2_PACKAGE_STRONGSWAN_TNCCS_20 |
| bool "Enable TNCCS 2.0 protocol module" |
| |
| config BR2_PACKAGE_STRONGSWAN_TNCCS_DYNAMIC |
| bool "Enable dynamic TNCCS protocol discovery module" |
| |
| config BR2_PACKAGE_STRONGSWAN_EAP |
| bool "Enable EAP protocols" |
| help |
| Enable various EAP protocols: |
| - mschapv2 |
| - tls |
| - ttls |
| - peap |
| - sim |
| - sim-file |
| - aka |
| - aka-3gpp2 |
| - simaka-sql |
| - simaka-pseudonym |
| - simaka-reauth |
| - identity |
| - md5 |
| - gtc |
| - tnc |
| - dynamic |
| - radius |
| |
| if BR2_PACKAGE_STRONGSWAN_EAP |
| |
| config BR2_PACKAGE_STRONGSWAN_EAP_SIM_PCSC |
| bool "Enable EAP-SIM smart card backend" |
| depends on !BR2_STATIC_LIBS # pcsc-lite |
| select BR2_PACKAGE_PCSC_LITE |
| |
| endif |
| |
| config BR2_PACKAGE_STRONGSWAN_UNITY |
| bool "Enables Cisco Unity extension plugin" |
| |
| config BR2_PACKAGE_STRONGSWAN_STROKE |
| bool "Enable charons stroke configuration backend" |
| default y |
| |
| config BR2_PACKAGE_STRONGSWAN_SQL |
| bool "Enable SQL database configuration backend" |
| depends on BR2_PACKAGE_SQLITE || BR2_PACKAGE_MYSQL |
| |
| endif |
| |
| config BR2_PACKAGE_STRONGSWAN_PKI |
| bool "Enable pki certificate utility" |
| default y |
| |
| config BR2_PACKAGE_STRONGSWAN_SCEP |
| bool "Enable SCEP client tool" |
| |
| config BR2_PACKAGE_STRONGSWAN_SCRIPTS |
| bool "Enable additional utilities (found in scripts directory)" |
| default y |
| depends on BR2_PACKAGE_STRONGSWAN_CHARON |
| |
| config BR2_PACKAGE_STRONGSWAN_VICI |
| bool "Enable vici/swanctl" |
| default y |
| depends on BR2_PACKAGE_STRONGSWAN_CHARON |
| |
| endif |
