[buildroot-mgba.git] / package / strongswan / Config.in

comment "strongswan needs a toolchain w/ threads, dynamic library"
	depends on BR2_USE_MMU
	depends on BR2_TOOLCHAIN_HAS_ATOMIC
	depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS

menuconfig BR2_PACKAGE_STRONGSWAN
	bool "strongswan"
	depends on BR2_USE_MMU # fork()
	depends on BR2_TOOLCHAIN_HAS_THREADS
	depends on BR2_TOOLCHAIN_HAS_ATOMIC
	depends on !BR2_STATIC_LIBS
	help
	  strongSwan is an OpenSource IPsec implementation for the
	  Linux operating system. It is based on the discontinued
	  FreeS/WAN project and the X.509 patch.

	  The focus is on:
	   - simplicity of configuration
	   - strong encryption and authentication methods
	   - powerful IPsec policies supporting large and complex
	     VPN networks

	  strongSwan provide many plugins. Only a few are presented
	  here.

	  http://www.strongswan.org/

if BR2_PACKAGE_STRONGSWAN

choice
	prompt "Cryptographic backend"
	default BR2_PACKAGE_STRONGSWAN_GMP

config BR2_PACKAGE_STRONGSWAN_OPENSSL
	bool "OpenSSL"
	select BR2_PACKAGE_OPENSSL

config BR2_PACKAGE_STRONGSWAN_GCRYPT
	bool "libgcrypt"
	depends on BR2_PACKAGE_LIBGPG_ERROR_ARCH_SUPPORTS # libgcrypt
	select BR2_PACKAGE_LIBGCRYPT

config BR2_PACKAGE_STRONGSWAN_GMP
	bool "GNU MP (libgmp)"
	select BR2_PACKAGE_GMP

config BR2_PACKAGE_STRONGSWAN_WOLFSSL
	bool "wolfssl"
	select BR2_PACKAGE_WOLFSSL

endchoice

config BR2_PACKAGE_STRONGSWAN_AF_ALG
	bool "Enable AF_ALG crypto interface to Linux Crypto API"

config BR2_PACKAGE_STRONGSWAN_CURL
	bool "Enable CURL fetcher plugin to fetch files via libcurl"
	select BR2_PACKAGE_LIBCURL

config BR2_PACKAGE_STRONGSWAN_CHARON
	bool "Enable the IKEv1/IKEv2 keying daemon charon"
	default y

if BR2_PACKAGE_STRONGSWAN_CHARON

config BR2_PACKAGE_STRONGSWAN_TNCCS_11
	bool "Enable TNCCS 1.1 protocol module"
	select BR2_PACKAGE_LIBXML2

config BR2_PACKAGE_STRONGSWAN_TNCCS_20
	bool "Enable TNCCS 2.0 protocol module"

config BR2_PACKAGE_STRONGSWAN_TNCCS_DYNAMIC
	bool "Enable dynamic TNCCS protocol discovery module"

config BR2_PACKAGE_STRONGSWAN_SYSTIME_FIX
	bool "Enable systime-fix plugin"

config BR2_PACKAGE_STRONGSWAN_EAP
	bool "Enable EAP protocols"
	select BR2_PACKAGE_GMP
	help
	  Enable various EAP protocols:
	    - mschapv2
	    - tls
	    - ttls
	    - peap
	    - sim
	    - sim-file
	    - aka
	    - aka-3gpp2
	    - simaka-sql
	    - simaka-pseudonym
	    - simaka-reauth
	    - identity
	    - md5
	    - gtc
	    - tnc
	    - dynamic
	    - radius

if BR2_PACKAGE_STRONGSWAN_EAP

config BR2_PACKAGE_STRONGSWAN_EAP_SIM_PCSC
	bool "Enable EAP-SIM smart card backend"
	depends on !BR2_STATIC_LIBS # pcsc-lite
	select BR2_PACKAGE_PCSC_LITE

endif

config BR2_PACKAGE_STRONGSWAN_UNITY
	bool "Enables Cisco Unity extension plugin"

config BR2_PACKAGE_STRONGSWAN_STROKE
	bool "Enable charons stroke configuration backend"
	default y

config BR2_PACKAGE_STRONGSWAN_SQL
	bool "Enable SQL database configuration backend"
	depends on BR2_PACKAGE_SQLITE || BR2_PACKAGE_MYSQL

endif

config BR2_PACKAGE_STRONGSWAN_PKI
	bool "Enable pki certificate utility"
	default y

config BR2_PACKAGE_STRONGSWAN_SCEP
	bool "Enable SCEP client tool"

config BR2_PACKAGE_STRONGSWAN_SCRIPTS
	bool "Enable additional utilities (found in scripts directory)"
	default y
	depends on BR2_PACKAGE_STRONGSWAN_CHARON

config BR2_PACKAGE_STRONGSWAN_VICI
	bool "Enable vici/swanctl"
	default y
	depends on BR2_PACKAGE_STRONGSWAN_CHARON

endif
Commit	Line	Data
c42cb74b	1	comment "strongswan needs a toolchain w/ threads, dynamic library"
4db797d5	2	depends on BR2_USE_MMU
45eaede5	3	depends on BR2_TOOLCHAIN_HAS_ATOMIC
c42cb74b	4	depends on !BR2_TOOLCHAIN_HAS_THREADS \|\| BR2_STATIC_LIBS
3b38a1e6	5
89719fce JP	6	menuconfig BR2_PACKAGE_STRONGSWAN
	7	bool "strongswan"
	8	depends on BR2_USE_MMU # fork()
3b38a1e6	9	depends on BR2_TOOLCHAIN_HAS_THREADS
45eaede5	10	depends on BR2_TOOLCHAIN_HAS_ATOMIC
c42cb74b	11	depends on !BR2_STATIC_LIBS
89719fce JP	12	help
	13	strongSwan is an OpenSource IPsec implementation for the
	14	Linux operating system. It is based on the discontinued
	15	FreeS/WAN project and the X.509 patch.
	16
	17	The focus is on:
2277fdec TP	18	- simplicity of configuration
	19	- strong encryption and authentication methods
	20	- powerful IPsec policies supporting large and complex
	21	VPN networks
89719fce	22
2277fdec TP	23	strongSwan provide many plugins. Only a few are presented
2277fdec TP	24	here.
89719fce JP	25
	26	http://www.strongswan.org/
	27
	28	if BR2_PACKAGE_STRONGSWAN
	29
89719fce JP	30	choice
	31	prompt "Cryptographic backend"
	32	default BR2_PACKAGE_STRONGSWAN_GMP
	33
	34	config BR2_PACKAGE_STRONGSWAN_OPENSSL
	35	bool "OpenSSL"
	36	select BR2_PACKAGE_OPENSSL
	37
	38	config BR2_PACKAGE_STRONGSWAN_GCRYPT
	39	bool "libgcrypt"
2f89476a	40	depends on BR2_PACKAGE_LIBGPG_ERROR_ARCH_SUPPORTS # libgcrypt
89719fce JP	41	select BR2_PACKAGE_LIBGCRYPT
	42
	43	config BR2_PACKAGE_STRONGSWAN_GMP
	44	bool "GNU MP (libgmp)"
	45	select BR2_PACKAGE_GMP
	46
da912a3d FF	47	config BR2_PACKAGE_STRONGSWAN_WOLFSSL
	48	bool "wolfssl"
	49	select BR2_PACKAGE_WOLFSSL
	50
89719fce JP	51	endchoice
	52
	53	config BR2_PACKAGE_STRONGSWAN_AF_ALG
	54	bool "Enable AF_ALG crypto interface to Linux Crypto API"
	55
	56	config BR2_PACKAGE_STRONGSWAN_CURL
	57	bool "Enable CURL fetcher plugin to fetch files via libcurl"
	58	select BR2_PACKAGE_LIBCURL
	59
	60	config BR2_PACKAGE_STRONGSWAN_CHARON
	61	bool "Enable the IKEv1/IKEv2 keying daemon charon"
	62	default y
	63
	64	if BR2_PACKAGE_STRONGSWAN_CHARON
	65
	66	config BR2_PACKAGE_STRONGSWAN_TNCCS_11
	67	bool "Enable TNCCS 1.1 protocol module"
	68	select BR2_PACKAGE_LIBXML2
	69
	70	config BR2_PACKAGE_STRONGSWAN_TNCCS_20
	71	bool "Enable TNCCS 2.0 protocol module"
	72
	73	config BR2_PACKAGE_STRONGSWAN_TNCCS_DYNAMIC
	74	bool "Enable dynamic TNCCS protocol discovery module"
	75
a79cc5f0 ME	76	config BR2_PACKAGE_STRONGSWAN_SYSTIME_FIX
	77	bool "Enable systime-fix plugin"
	78
89719fce JP	79	config BR2_PACKAGE_STRONGSWAN_EAP
89719fce JP	80	bool "Enable EAP protocols"
363613a6	81	select BR2_PACKAGE_GMP
89719fce JP	82	help
	83	Enable various EAP protocols:
	84	- mschapv2
	85	- tls
	86	- ttls
	87	- peap
	88	- sim
	89	- sim-file
	90	- aka
	91	- aka-3gpp2
	92	- simaka-sql
	93	- simaka-pseudonym
	94	- simaka-reauth
	95	- identity
	96	- md5
	97	- gtc
	98	- tnc
	99	- dynamic
	100	- radius
	101
	102	if BR2_PACKAGE_STRONGSWAN_EAP
	103
	104	config BR2_PACKAGE_STRONGSWAN_EAP_SIM_PCSC
	105	bool "Enable EAP-SIM smart card backend"
665e13c8	106	depends on !BR2_STATIC_LIBS # pcsc-lite
89719fce JP	107	select BR2_PACKAGE_PCSC_LITE
	108
	109	endif
	110
	111	config BR2_PACKAGE_STRONGSWAN_UNITY
	112	bool "Enables Cisco Unity extension plugin"
	113
	114	config BR2_PACKAGE_STRONGSWAN_STROKE
	115	bool "Enable charons stroke configuration backend"
	116	default y
	117
	118	config BR2_PACKAGE_STRONGSWAN_SQL
	119	bool "Enable SQL database configuration backend"
99fd373b	120	depends on BR2_PACKAGE_SQLITE \|\| BR2_PACKAGE_MYSQL
89719fce JP	121
	122	endif
	123
3b27e6b2 GZ	124	config BR2_PACKAGE_STRONGSWAN_PKI
3b27e6b2 GZ	125	bool "Enable pki certificate utility"
89719fce JP	126	default y
89719fce JP	127
3b27e6b2 GZ	128	config BR2_PACKAGE_STRONGSWAN_SCEP
	129	bool "Enable SCEP client tool"
	130
89719fce	131	config BR2_PACKAGE_STRONGSWAN_SCRIPTS
3b27e6b2	132	bool "Enable additional utilities (found in scripts directory)"
3b27e6b2	133	default y
c44cfa2b	134	depends on BR2_PACKAGE_STRONGSWAN_CHARON
3b27e6b2 GZ	135
	136	config BR2_PACKAGE_STRONGSWAN_VICI
	137	bool "Enable vici/swanctl"
89719fce	138	default y
c44cfa2b	139	depends on BR2_PACKAGE_STRONGSWAN_CHARON
89719fce JP	140
89719fce JP	141	endif