summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--mk/modules.mk17
-rw-r--r--package/pkgmaker3
-rw-r--r--package/strongswan/Makefile12
-rw-r--r--target/Config.in6
-rw-r--r--target/alix2d/kernel.config17
-rw-r--r--target/linux/config/Config.in.crypto35
-rw-r--r--target/linux/config/Config.in.ipsec3
7 files changed, 81 insertions, 12 deletions
diff --git a/mk/modules.mk b/mk/modules.mk
index 94bbb5e5c..c7c81c7aa 100644
--- a/mk/modules.mk
+++ b/mk/modules.mk
@@ -777,6 +777,10 @@ $(eval $(call KMOD_template,CRYPTO_MANAGER,crypto-manager,\
$(MODULES_DIR)/kernel/crypto/chainiv \
,07))
+$(eval $(call KMOD_template,CRYPTO_AUTHENC,crypto-authenc,\
+ $(MODULES_DIR)/kernel/crypto/authenc \
+,11))
+
$(eval $(call KMOD_template,CRYPTO_HMAC,crypto-hmac,\
$(MODULES_DIR)/kernel/crypto/hmac \
,11))
@@ -813,6 +817,18 @@ $(eval $(call KMOD_template,CRYPTO_TGR192,crypto-tgr192,\
$(MODULES_DIR)/kernel/crypto/tgr192 \
,11))
+$(eval $(call KMOD_template,CRYPTO_SEQIV,crypto-seqiv,\
+ $(MODULES_DIR)/kernel/crypto/seqiv \
+,5))
+
+$(eval $(call KMOD_template,CRYPTO_CTR,crypto-ctr,\
+ $(MODULES_DIR)/kernel/crypto/ctr \
+,10))
+
+$(eval $(call KMOD_template,CRYPTO_CCM,crypto-ccm,\
+ $(MODULES_DIR)/kernel/crypto/ccm \
+,10))
+
$(eval $(call KMOD_template,CRYPTO_ECB,crypto-ecb,\
$(MODULES_DIR)/kernel/crypto/ecb \
,10))
@@ -884,6 +900,7 @@ $(eval $(call KMOD_template,CRYPTO_FCRYPT,crypto-fcrypt,\
$(eval $(call KMOD_template,CRYPTO_DEFLATE,crypto-deflate,\
$(MODULES_DIR)/kernel/lib/zlib_deflate/zlib_deflate \
+ $(MODULES_DIR)/kernel/lib/zlib_inflate/zlib_inflate \
$(MODULES_DIR)/kernel/crypto/deflate \
,10))
diff --git a/package/pkgmaker b/package/pkgmaker
index 2975da22b..34bd129e6 100644
--- a/package/pkgmaker
+++ b/package/pkgmaker
@@ -336,9 +336,6 @@ done <package_sections >package_section_list
# create the Config.in.auto from the sorted list from above
cursec=""
sort -k 3 -k 1 -f package_section_list | while read name file section; do
- pbar="Pass 4: $name ..."
- print -nu2 "$pbar\r"
-
if [[ $cursec != $section ]]; then
[[ -n $cursec ]] && print "endmenu\n"
diff --git a/package/strongswan/Makefile b/package/strongswan/Makefile
index b67311e3c..88887d2b3 100644
--- a/package/strongswan/Makefile
+++ b/package/strongswan/Makefile
@@ -12,9 +12,10 @@ PKG_SECTION:= net/security
PKG_DEPENDS:= libgmp ip libpthread kmod-net-key kmod-xfrm-user
PKG_DEPENDS+= kmod-inet-ah kmod-inet-esp kmod-inet-ipcomp
PKG_DEPENDS+= kmod-inet-xfrm-mode-tunnel kmod-inet-xfrm-mode-transport
-PKG_DEPENDS+= kmod-crypto-sha1 kmod-crypto-aes kmod-crypto-md5
-PKG_DEPENDS+= kmod-crypto-des kmod-crypto-hmac
-PKG_DEPENDS+= kmod-crypto-null kmod-crypto-cbc
+PKG_DEPENDS+= kmod-crypto-sha1 kmod-crypto-sha256 kmod-crypto-md5
+PKG_DEPENDS+= kmod-crypto-null kmod-crypto-des kmod-crypto-aes
+PKG_DEPENDS+= kmod-crypto-hmac kmod-crypto-cbc kmod-crypto-authenc
+PKG_DEPENDS+= kmod-crypto-deflate
PKG_BUILDDEP+= gmp
PKG_URL:= http://strongswan.org/index.htm
PKG_SITES:= http://download.strongswan.org/
@@ -24,13 +25,16 @@ include $(TOPDIR)/mk/package.mk
$(eval $(call PKG_template,STRONGSWAN,$(PKG_NAME),$(PKG_VERSION)-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
CONFIGURE_ARGS+= --disable-tools \
- --disable-sha2
+ --disable-fips-prf \
+ --enable-kernel-pfkey \
+ --disable-xcbc
post-install:
$(INSTALL_DIR) $(IDIR_STRONGSWAN)/etc
$(INSTALL_DIR) $(IDIR_STRONGSWAN)/usr/sbin
$(INSTALL_DIR) $(IDIR_STRONGSWAN)/usr/lib
$(INSTALL_DIR) $(IDIR_STRONGSWAN)/usr/libexec/ipsec/plugins
+ touch $(IDIR_STRONGSWAN)/etc/ipsec.secrets
$(CP) $(WRKINST)/usr/libexec/ipsec/plugins/*.so \
$(IDIR_STRONGSWAN)/usr/libexec/ipsec/plugins
$(CP) $(WRKINST)/etc/* $(IDIR_STRONGSWAN)/etc
diff --git a/target/Config.in b/target/Config.in
index 9b84b3ba1..5647039dd 100644
--- a/target/Config.in
+++ b/target/Config.in
@@ -161,6 +161,9 @@ config ADK_wag54g
config ADK_shuttle
tristate
+config ADK_x86
+ tristate
+
config ADK_TARGET
string
default "alix1c" if ADK_alix1c
@@ -635,6 +638,7 @@ depends on ADK_LINUX_ALIX
config ADK_LINUX_X86_ALIX1C
bool "PC Engines Alix1C"
+ select ADK_x86
select ADK_alix1c
select ADK_KERNEL_NLS
select ADK_KERNEL_SCSI
@@ -658,6 +662,7 @@ config ADK_LINUX_X86_ALIX1C
config ADK_LINUX_X86_ALIX2D
bool "PC Engines Alix2D"
+ select ADK_x86
select ADK_alix2d
select ADK_KERNEL_NLS
select ADK_KERNEL_SCSI
@@ -681,6 +686,7 @@ config ADK_LINUX_X86_ALIX2D
config ADK_LINUX_X86_ALIX2D13
bool "PC Engines Alix2D13"
+ select ADK_x86
select ADK_alix2d13
select ADK_KERNEL_NLS
select ADK_KERNEL_SCSI
diff --git a/target/alix2d/kernel.config b/target/alix2d/kernel.config
index 9169d8037..cfe4a4653 100644
--- a/target/alix2d/kernel.config
+++ b/target/alix2d/kernel.config
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
# Linux kernel version: 2.6.34
-# Mon Jul 5 23:07:16 2010
+# Fri Jul 16 05:47:44 2010
#
# CONFIG_64BIT is not set
CONFIG_X86_32=y
@@ -1177,10 +1177,19 @@ CONFIG_CRYPTO=y
#
# Crypto core or helper
#
-# CONFIG_CRYPTO_MANAGER is not set
-# CONFIG_CRYPTO_MANAGER2 is not set
+CONFIG_CRYPTO_ALGAPI=m
+CONFIG_CRYPTO_ALGAPI2=m
+CONFIG_CRYPTO_AEAD2=m
+CONFIG_CRYPTO_BLKCIPHER2=m
+CONFIG_CRYPTO_HASH=m
+CONFIG_CRYPTO_HASH2=m
+CONFIG_CRYPTO_RNG2=m
+CONFIG_CRYPTO_PCOMP=m
+CONFIG_CRYPTO_MANAGER=m
+CONFIG_CRYPTO_MANAGER2=m
# CONFIG_CRYPTO_GF128MUL is not set
# CONFIG_CRYPTO_NULL is not set
+CONFIG_CRYPTO_WORKQUEUE=m
# CONFIG_CRYPTO_CRYPTD is not set
# CONFIG_CRYPTO_AUTHENC is not set
# CONFIG_CRYPTO_TEST is not set
@@ -1207,7 +1216,7 @@ CONFIG_CRYPTO=y
# Hash modes
#
# CONFIG_CRYPTO_HMAC is not set
-# CONFIG_CRYPTO_XCBC is not set
+CONFIG_CRYPTO_XCBC=m
# CONFIG_CRYPTO_VMAC is not set
#
diff --git a/target/linux/config/Config.in.crypto b/target/linux/config/Config.in.crypto
index cb6675468..b9d73aac2 100644
--- a/target/linux/config/Config.in.crypto
+++ b/target/linux/config/Config.in.crypto
@@ -150,6 +150,22 @@ config ADK_KPACKAGE_KMOD_CRYPTO_BLKCIPHER
select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI
help
+config ADK_KPACKAGE_KMOD_CRYPTO_AUTHENC
+ prompt "kmod-crypto-authenc.................. AuthENC (IPsec)"
+ tristate
+ select ADK_KPACKAGE_KMOD_CRYPTO_MANAGER
+ default n
+ help
+
+config ADK_KPACKAGE_KMOD_CRYPTO_SEQIV
+ prompt "kmod-crypto-seqiv.................... Sequence Number IV Generator"
+ select ADK_KPACKAGE_KMOD_CRYPTO_RNG2
+ select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI
+ tristate
+ help
+ This IV generator generates an IV based on a sequence number by
+ xoring it with a salt. This algorithm is mainly useful for CTR
+
config ADK_KPACKAGE_KMOD_CRYPTO_CBC
prompt "kmod-crypto-cbc...................... CBC support"
tristate
@@ -161,6 +177,25 @@ config ADK_KPACKAGE_KMOD_CRYPTO_CBC
CBC: Cipher Block Chaining mode
This block cipher algorithm is required for IPSec.
+config ADK_KPACKAGE_KMOD_CRYPTO_CCM
+ prompt "kmod-crypto-ccm...................... CCM support"
+ tristate
+ select ADK_KPACKAGE_KMOD_CRYPTO_MANAGER
+ select ADK_KPACKAGE_KMOD_CRYPTO_CTR
+ default n
+ help
+ Support for Counter with CBC MAC. Required for IPsec.
+
+config ADK_KPACKAGE_KMOD_CRYPTO_CTR
+ prompt "kmod-crypto-ctr...................... CTR support"
+ tristate
+ select ADK_KPACKAGE_KMOD_CRYPTO_MANAGER
+ select ADK_KPACKAGE_KMOD_CRYPTO_SEQIV
+ default n
+ help
+ CTR: Counter mode
+ This block cipher algorithm is required for IPSec.
+
config ADK_KPACKAGE_KMOD_CRYPTO_ECB
prompt "kmod-crypto-ecb...................... ECB support"
tristate
diff --git a/target/linux/config/Config.in.ipsec b/target/linux/config/Config.in.ipsec
index f1b17327a..05c5da5ba 100644
--- a/target/linux/config/Config.in.ipsec
+++ b/target/linux/config/Config.in.ipsec
@@ -1,7 +1,7 @@
menu "IPSec support"
config ADK_KPACKAGE_KMOD_NET_KEY
- prompt "kmod-net-ipsec-netkey............. PF_KEYv2 socket family"
+ prompt "kmod-net-key..................... PF_KEYv2 socket family"
tristate
default n
help
@@ -32,6 +32,7 @@ config ADK_KPACKAGE_KMOD_INET_ESP
config ADK_KPACKAGE_KMOD_INET_IPCOMP
prompt "kmod-inet-ipcomp.................. IP Payload Compression"
tristate
+ select ADK_KPACKAGE_KMOD_CRYPTO_DEFLATE
default n
help
Support for IP Payload Compression Protocol (IPComp) (RFC3173),
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-24 01:03:16 +0000