From b5700729022f51bef387d532e35168d7ebe6d4bc Mon Sep 17 00:00:00 2001 From: Nick Rosbrook Date: Tue, 10 Nov 2020 10:29:40 -0500 Subject: strongswan: do not use deprecated stroke and starter by default The swanctl and vici configuration of strongswan is preferred, as the stroke plugin used with starter is deprecated. As a reasonable default, add swanctl to PACKAGECONFIG by default, and remove stroke. When systemd is in DISTRO_FEATURES, add systemd-charon to PACKAGECONFIG, and add charon when systemd is not in DISTRO_FEATURES. While here, make sure strongswan-starter.service is only installed when charon is enabled. The current unconditional installation of strongswan-starter.service can break systems which install strongswan.service for use with swanctl. Signed-off-by: Nick Rosbrook Signed-off-by: Khem Raj --- .../recipes-support/strongswan/strongswan_5.8.4.bb | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) (limited to 'meta-networking/recipes-support') diff --git a/meta-networking/recipes-support/strongswan/strongswan_5.8.4.bb b/meta-networking/recipes-support/strongswan/strongswan_5.8.4.bb index ca645ed2c9..7f2a2b1e4a 100644 --- a/meta-networking/recipes-support/strongswan/strongswan_5.8.4.bb +++ b/meta-networking/recipes-support/strongswan/strongswan_5.8.4.bb @@ -25,7 +25,8 @@ EXTRA_OECONF = " \ EXTRA_OECONF += "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '--with-systemdsystemunitdir=${systemd_unitdir}/system/', '--without-systemdsystemunitdir', d)}" -PACKAGECONFIG ??= "charon curl gmp openssl stroke sqlite3 \ +PACKAGECONFIG ??= "curl gmp openssl sqlite3 swanctl \ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd-charon', 'charon', d)} \ ${@bb.utils.filter('DISTRO_FEATURES', 'ldap', d)} \ " PACKAGECONFIG[aesni] = "--enable-aesni,--disable-aesni,,${PN}-plugin-aesni" @@ -135,4 +136,11 @@ RDEPENDS_${PN} += "\ RPROVIDES_${PN} += "${PN}-systemd" RREPLACES_${PN} += "${PN}-systemd" RCONFLICTS_${PN} += "${PN}-systemd" -SYSTEMD_SERVICE_${PN} = "${@bb.utils.contains('PACKAGECONFIG', 'swanctl', '${BPN}.service', '', d)} ${BPN}-starter.service" + +# The deprecated legacy 'strongswan-starter' service should only be used when charon and +# stroke are enabled. When swanctl is in use, 'strongswan.service' is needed. +# See: https://wiki.strongswan.org/projects/strongswan/wiki/Charon-systemd +SYSTEMD_SERVICE_${PN} = " \ + ${@bb.utils.contains('PACKAGECONFIG', 'swanctl', '${BPN}.service', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'charon', '${BPN}-starter.service', '', d)} \ +" -- cgit 1.2.3-korg