blob: d53da64d788446784fb719e6f99bb428f676f1d1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
comment "strongswan needs a toolchain w/ threads"
depends on !BR2_TOOLCHAIN_HAS_THREADS
menuconfig BR2_PACKAGE_STRONGSWAN
bool "strongswan"
depends on BR2_USE_MMU # fork()
depends on BR2_TOOLCHAIN_HAS_THREADS
help
strongSwan is an OpenSource IPsec implementation for the
Linux operating system. It is based on the discontinued
FreeS/WAN project and the X.509 patch.
The focus is on:
- simplicity of configuration
- strong encryption and authentication methods
- powerful IPsec policies supporting large and complex VPN networks
strongSwan provide many plugins. Only a few are presented here.
http://www.strongswan.org/
if BR2_PACKAGE_STRONGSWAN
comment "kernel-netlink and socket-default options need a toolchain w/ IPv6"
depends on !BR2_INET_IPV6
choice
prompt "Cryptographic backend"
default BR2_PACKAGE_STRONGSWAN_GMP
config BR2_PACKAGE_STRONGSWAN_OPENSSL
bool "OpenSSL"
select BR2_PACKAGE_OPENSSL
config BR2_PACKAGE_STRONGSWAN_GCRYPT
bool "libgcrypt"
select BR2_PACKAGE_LIBGCRYPT
config BR2_PACKAGE_STRONGSWAN_GMP
bool "GNU MP (libgmp)"
select BR2_PACKAGE_GMP
endchoice
config BR2_PACKAGE_STRONGSWAN_AF_ALG
bool "Enable AF_ALG crypto interface to Linux Crypto API"
config BR2_PACKAGE_STRONGSWAN_CURL
bool "Enable CURL fetcher plugin to fetch files via libcurl"
select BR2_PACKAGE_LIBCURL
config BR2_PACKAGE_STRONGSWAN_CHARON
bool "Enable the IKEv1/IKEv2 keying daemon charon"
default y
if BR2_PACKAGE_STRONGSWAN_CHARON
config BR2_PACKAGE_STRONGSWAN_TNCCS_11
bool "Enable TNCCS 1.1 protocol module"
select BR2_PACKAGE_LIBXML2
config BR2_PACKAGE_STRONGSWAN_TNCCS_20
bool "Enable TNCCS 2.0 protocol module"
config BR2_PACKAGE_STRONGSWAN_TNCCS_DYNAMIC
bool "Enable dynamic TNCCS protocol discovery module"
config BR2_PACKAGE_STRONGSWAN_EAP
bool "Enable EAP protocols"
help
Enable various EAP protocols:
- mschapv2
- tls
- ttls
- peap
- sim
- sim-file
- aka
- aka-3gpp2
- simaka-sql
- simaka-pseudonym
- simaka-reauth
- identity
- md5
- gtc
- tnc
- dynamic
- radius
if BR2_PACKAGE_STRONGSWAN_EAP
config BR2_PACKAGE_STRONGSWAN_EAP_SIM_PCSC
bool "Enable EAP-SIM smart card backend"
select BR2_PACKAGE_PCSC_LITE
endif
config BR2_PACKAGE_STRONGSWAN_UNITY
bool "Enables Cisco Unity extension plugin"
config BR2_PACKAGE_STRONGSWAN_STROKE
bool "Enable charons stroke configuration backend"
default y
config BR2_PACKAGE_STRONGSWAN_SQL
bool "Enable SQL database configuration backend"
depends on BR2_PACKAGE_SQLITE || BR2_PACKAGE_MYSQL
endif
config BR2_PACKAGE_STRONGSWAN_TOOLS
bool "Enable additional utilities (openac, scepclient and pki)"
default y
config BR2_PACKAGE_STRONGSWAN_SCRIPTS
bool "Enable additional utilities (found in directory scripts)"
depends on BR2_PACKAGE_STRONGSWAN_CHARON || BR2_PACKAGE_STRONGSWAN_TOOLS
default y
endif
|