[Buildroot] [PATCH 2/3] package/strongswan: Add options to select EAP plugins

Yann E. MORIN yann.morin.1998 at free.fr
Sat Sep 18 21:06:27 UTC 2021


Martin, All,

On 2021-09-13 16:26 +0200, Martin Elshuber spake thusly:
> Add options to chose EAP plugins.
> 
> Since the only plugin requiring libgmp is
> BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2, the selection of BR2_PACKAGE_GMP
> is moved down accordingly.
> 
> Signed-off-by: Martin Elshuber <martin.elshuber at theobroma-systems.com>
> ---
>  package/strongswan/Config.in     | 89 +++++++++++++++++++++++++-------
>  package/strongswan/strongswan.mk | 36 ++++++-------
>  2 files changed, 87 insertions(+), 38 deletions(-)
> 
> diff --git a/package/strongswan/Config.in b/package/strongswan/Config.in
> index 368cd1ecc0..77d437d7d9 100644
> --- a/package/strongswan/Config.in
> +++ b/package/strongswan/Config.in
> @@ -75,34 +75,83 @@ config BR2_PACKAGE_STRONGSWAN_TNCCS_DYNAMIC
>  
>  config BR2_PACKAGE_STRONGSWAN_EAP
>  	bool "Enable EAP protocols"

If I understand correctly, BR2_PACKAGE_STRONGSWAN_EAP no drives no
option directly, right? As such, it can be moved to legacy, and
then [...]

> -	select BR2_PACKAGE_GMP
> -	help
> -	  Enable various EAP protocols:
> -	    - mschapv2
> -	    - tls
> -	    - ttls
> -	    - peap
> -	    - sim
> -	    - sim-file
> -	    - aka
> -	    - aka-3gpp2
> -	    - simaka-sql
> -	    - simaka-pseudonym
> -	    - simaka-reauth
> -	    - identity
> -	    - md5
> -	    - gtc
> -	    - tnc
> -	    - dynamic
> -	    - radius
>  
>  if BR2_PACKAGE_STRONGSWAN_EAP
>  
> +config BR2_PACKAGE_STRONGSWAN_EAP_SIM
> +	bool "Enable EAP-SIM"
> +	default y

[...] each individual EAP option would have a conditional default:

    default y if BR2_PACKAGE_STRONGSWAN_EAP  # legacy

This would have the added benefit that, when we eventually get rid of
the legacy entry, we can also get rid of the legacy default.

[--SNIP--]
> diff --git a/package/strongswan/strongswan.mk b/package/strongswan/strongswan.mk
> index 322abfbd7b..ebfa1a11f3 100644
> --- a/package/strongswan/strongswan.mk
> +++ b/package/strongswan/strongswan.mk
> @@ -48,30 +48,30 @@ endif
>  
>  ifeq ($(BR2_PACKAGE_STRONGSWAN_EAP),y)
>  STRONGSWAN_CONF_OPTS += \
> -	--enable-eap-sim \
> -	--enable-eap-sim-file \
> -	--enable-eap-aka \
> -	--enable-eap-aka-3gpp2 \
> -	--enable-eap-simaka-sql \
> -	--enable-eap-simaka-pseudonym \
> -	--enable-eap-simaka-reauth \
> -	--enable-eap-identity \
> -	--enable-eap-md5 \
> -	--enable-eap-gtc \
> -	--enable-eap-mschapv2 \
> -	--enable-eap-tls \
> -	--enable-eap-ttls \
> -	--enable-eap-peap \
> -	--enable-eap-tnc \
> -	--enable-eap-dynamic \
> -	--enable-eap-radius
> -STRONGSWAN_DEPENDENCIES += gmp
> +	--enable-eap-sim=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIM),yes,no) \
> +	--enable-eap-sim-file=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIM_FILE),yes,no) \
> +	--enable-eap-aka=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_AKA),yes,no) \
> +	--enable-eap-aka-3gpp2=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2),yes,no) \
> +	--enable-eap-simaka-sql=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_SQL),yes,no) \
> +	--enable-eap-simaka-pseudonym=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_PSEUDONYM),yes,no) \
> +	--enable-eap-simaka-reauth=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIMAKA_REAUTH),yes,no) \
> +	--enable-eap-identity=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_IDENTITY),yes,no) \
> +	--enable-eap-md5=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_MD5),yes,no) \
> +	--enable-eap-gtc=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_GTC),yes,no) \
> +	--enable-eap-mschapv2=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_MSCHAPV2),yes,no) \
> +	--enable-eap-tls=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_TLS),yes,no) \
> +	--enable-eap-ttls=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_TTLS),yes,no) \
> +	--enable-eap-peap=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_PEAP),yes,no) \
> +	--enable-eap-tnc=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_TNC),yes,no) \
> +	--enable-eap-dynamic=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_DYNAMIC),yes,no) \
> +	--enable-eap-radius=$(if $(BR2_PACKAGE_STRONGSWAN_EAP_RADIUS),yes,no)
>  endif

And indeed, from the above list, BR2_PACKAGE_STRONGSWAN_EAP by itself no
longer means anything; setting it to 'n' does not even forces all
sub-options to 'no', but leaves them to their default value (as was the
case previously, though, so not a regression).

I think this ifeq ($(BR2_PACKAGE_STRONGSWAN_EAP),y) can be dropped
altogether, now.

Unless I missed something?

Regards,
Yann E. MORIN.

>  STRONGSWAN_DEPENDENCIES += \
>  	$(if $(BR2_PACKAGE_STRONGSWAN_OPENSSL),openssl) \
>  	$(if $(BR2_PACKAGE_STRONGSWAN_GCRYPT),libgcrypt) \
>  	$(if $(BR2_PACKAGE_STRONGSWAN_GMP),gmp) \
> +	$(if $(BR2_PACKAGE_STRONGSWAN_EAP_AKA_3GPP2),gmp) \
>  	$(if $(BR2_PACKAGE_STRONGSWAN_CURL),libcurl) \
>  	$(if $(BR2_PACKAGE_STRONGSWAN_TNCCS_11),libxml2) \
>  	$(if $(BR2_PACKAGE_STRONGSWAN_EAP_SIM_PCSC),pcsc-lite) \
> -- 
> 2.30.2
> 
> _______________________________________________
> buildroot mailing list
> buildroot at lists.buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 561 099 427 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'


More information about the buildroot mailing list