diff options
Diffstat (limited to 'recipes-connectivity')
21 files changed, 882 insertions, 3 deletions
diff --git a/recipes-connectivity/hostapd/files/hostapd.service b/recipes-connectivity/hostapd/files/hostapd.service new file mode 100644 index 0000000..151c050 --- /dev/null +++ b/recipes-connectivity/hostapd/files/hostapd.service @@ -0,0 +1,11 @@ +[Unit] +Description=Hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator +After=network.target + +[Service] +Type=forking +PIDFile=/run/hostapd.pid +ExecStart=@SBINDIR@/hostapd @SYSCONFDIR@/hostapd.conf -P /run/hostapd.pid -B + +[Install] +WantedBy=multi-user.target diff --git a/recipes-connectivity/hostapd/hostapd_2.10.bb b/recipes-connectivity/hostapd/hostapd_2.10.bb new file mode 100644 index 0000000..04b70d9 --- /dev/null +++ b/recipes-connectivity/hostapd/hostapd_2.10.bb @@ -0,0 +1,51 @@ +SUMMARY = "User space daemon for extended IEEE 802.11 management" +HOMEPAGE = "http://w1.fi/hostapd/" +SECTION = "kernel/userland" +LICENSE = "BSD-3-Clause" +LIC_FILES_CHKSUM = "file://hostapd/README;md5=c905478466c90f1cefc0df987c40e172" + +DEPENDS = "libnl openssl" + +SRC_URI = " \ + http://w1.fi/releases/hostapd-${PV}.tar.gz \ + file://defconfig \ + file://init \ + file://hostapd.service \ +" + + +SRC_URI[sha256sum] = "206e7c799b678572c2e3d12030238784bc4a9f82323b0156b4c9466f1498915d" + +S = "${WORKDIR}/hostapd-${PV}" +B = "${WORKDIR}/hostapd-${PV}/hostapd" + +inherit update-rc.d systemd pkgconfig features_check + +CONFLICT_DISTRO_FEATURES = "openssl-no-weak-ciphers" + +INITSCRIPT_NAME = "hostapd" + +SYSTEMD_SERVICE_${PN} = "hostapd.service" +SYSTEMD_AUTO_ENABLE_${PN} = "disable" + +do_configure_append() { + install -m 0644 ${WORKDIR}/defconfig ${B}/.config +} + +do_compile() { + export CFLAGS="-MMD -O2 -Wall -g" + export EXTRA_CFLAGS="${CFLAGS}" + make V=1 +} + +do_install() { + install -d ${D}${sbindir} ${D}${sysconfdir}/init.d ${D}${systemd_unitdir}/system/ + install -m 0644 ${B}/hostapd.conf ${D}${sysconfdir} + install -m 0755 ${B}/hostapd ${D}${sbindir} + install -m 0755 ${B}/hostapd_cli ${D}${sbindir} + install -m 755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/hostapd + install -m 0644 ${WORKDIR}/hostapd.service ${D}${systemd_unitdir}/system/ + sed -i -e 's,@SBINDIR@,${sbindir},g' -e 's,@SYSCONFDIR@,${sysconfdir},g' ${D}${systemd_unitdir}/system/hostapd.service +} + +CONFFILES_${PN} += "${sysconfdir}/hostapd.conf" diff --git a/recipes-connectivity/lora/lora-basic-station-sx1303/lora-basic-station.default b/recipes-connectivity/lora/lora-basic-station-sx1303/lora-basic-station.default new file mode 100644 index 0000000..0f92640 --- /dev/null +++ b/recipes-connectivity/lora/lora-basic-station-sx1303/lora-basic-station.default @@ -0,0 +1,2 @@ +# set to "yes" or "no" to control starting on boot +ENABLED="no" diff --git a/recipes-connectivity/lora/lora-basic-station-sx1303/lora-basic-station.init b/recipes-connectivity/lora/lora-basic-station-sx1303/lora-basic-station.init new file mode 100755 index 0000000..7ebeea2 --- /dev/null +++ b/recipes-connectivity/lora/lora-basic-station-sx1303/lora-basic-station.init @@ -0,0 +1,158 @@ +#!/bin/bash + + +NAME="lora-basic-station" +ENABLED="yes" + + +[ -f /etc/default/$NAME ] && source /etc/default/$NAME + +run_dir=/var/run/lora +opt_conf_dir=/opt/lora +conf_dir=/var/config/lora +conf_file=$conf_dir/station.conf +tc_uri_file=$conf_dir/tc.uri +tc_key_file=$conf_dir/tc.key +tc_trust_file=$conf_dir/tc.trust + +pkt_fwd=$run_dir/1/station +pkt_fwd_pidfile=$run_dir/station.pid + +port1=/sys/devices/platform/mts-io/ap1 +port2=/sys/devices/platform/mts-io/ap2 + +lora_mtac_id="MTAC-LORA" +lora_1_0_hw="MTAC-LORA-1.0" +lora_1_5_h_hw="MTAC-LORA-1.5" +lora_2_1_hw="MTAC-LORA-2.1" + +lora_mtac_id="MTAC-LORA" +lora_mtac_id915="MTAC-LORA-915" +lora_mtac_id868="MTAC-LORA-868" +lora_mtac_h_id915="MTAC-LORA-H-915" +lora_mtac_h_id868="MTAC-LORA-H-868" + +lora_mtcap_id="MTCAP-LORA" +lora_mtcap_id868="MTCAP-LORA-868" +lora_mtcap_id915="MTCAP-LORA-915" + +lora_mtac_g_id="MTAC-LORA-G" +lora_mtac_g16_id868="MTAC-LORA-G16-868" +lora_mtac_g16_id915="MTAC-LORA-G16-915" +lora_mtac_g64_id868="MTAC-LORA-G64-868" +lora_mtac_g64_id915="MTAC-LORA-G64-915" + +pkt_fwd_options="" + +gps_path="/dev/gps0" + +read_lora_hw_info() { + lora_id=$(mts-io-sysfs show lora/product-id 2> /dev/null) + lora_hw=$(mts-io-sysfs show lora/hw-version 2> /dev/null) + lora_eui=$(mts-io-sysfs show lora/eui 2> /dev/null) + lora_eui_raw=${lora_eui//:/} +} + +hardware_found() { + if [[ "$lora_id" =~ "$lora_mtac_g_id" ]]; then + setup_mtcdt_2_1 + elif [[ "$lora_id" =~ "$lora_mtcap_id" ]]; then + setup_mtcap + elif [[ "$lora_id" =~ "$lora_mtac_id" ]]; then + setup_mtcdt + else + return 1 + fi + return 0 +} + +setup_mtcdt() { + ln -sf /opt/lora/station $pkt_fwd +} + +setup_mtcap() { + ln -sf /opt/lora/station $pkt_fwd +} + +setup_mtcdt_2_1() { + echo LORA-2.1 not supported + return 1 +} + +do_start() { + + mkdir -p $run_dir/1 + rm -rf $run_dir/1/* + + read_lora_hw_info + + if hardware_found; then + echo "Found $lora_id with $lora_hw hardware. Configuring" + else + echo "$0: LORA card not detected" + exit 1 + fi + + if ! [ -f $conf_file ]; then + echo "$0: $conf_file missing" + exit 1 + fi + + # + # copy conf files to the run directory + # + cp $conf_file $run_dir/1/ + cp $tc_uri_file $run_dir/1/ + cp $tc_key_file $run_dir/1/ + cp $tc_trust_file $run_dir/1/ + + sed -i.bak "s/\(.*routerid\"\s*\:\s*\"\)<.*>[^\"]*\(.*\)/\1${lora_eui_raw}\2/g" /var/run/lora/1/station.conf + + # + # start packet forwarder + # + echo -n "Starting $NAME: " + + /usr/sbin/start-stop-daemon --chdir $run_dir/1 --background --start --make-pidfile \ + --pidfile $pkt_fwd_pidfile --startas /bin/bash -- -c "exec $pkt_fwd $pkt_fwd_options" + + renice -n -20 -p $(pgrep $(basename $pkt_fwd)) + + echo "OK" +} + + +do_stop() { + echo -n "Stopping $NAME: " + start-stop-daemon --stop --quiet --oknodo --pidfile $pkt_fwd_pidfile --retry 5 + rm -f $pkt_fwd_pidfile + echo "OK" +} + + +if [ "$ENABLED" != "yes" ]; then + echo "$NAME: disabled in /etc/default" + exit +fi + + +case "$1" in + "start") + do_start + ;; + "stop") + do_stop + ;; + "restart") + ## Stop the service and regardless of whether it was + ## running or not, start it again. + do_stop + do_start + ;; + *) + ## If no parameters are given, print which are avaiable. + echo "Usage: $0 {start|stop|restart}" + exit 1 + ;; +esac + diff --git a/recipes-connectivity/lora/lora-basic-station-sx1303/mtcap3-station.conf.E00 b/recipes-connectivity/lora/lora-basic-station-sx1303/mtcap3-station.conf.E00 new file mode 100644 index 0000000..95da968 --- /dev/null +++ b/recipes-connectivity/lora/lora-basic-station-sx1303/mtcap3-station.conf.E00 @@ -0,0 +1,47 @@ +{ + "SX1301_conf": { + "chan_FSK": {"bandwidth": 125000,"datarate": 50000,"enable": true,"if": 300000,"radio": 0}, + "chan_Lora_std": {"bandwidth": 250000,"enable": true,"if": -200000,"radio": 0,"spread_factor": 7}, + "chan_multiSF_0": {"enable": true,"if": -400000,"radio": 0}, + "chan_multiSF_1": {"enable": true,"if": -200000,"radio": 0}, + "chan_multiSF_2": {"enable": true,"if": 0,"radio": 0}, + "chan_multiSF_3": {"enable": true,"if": -400000,"radio": 1}, + "chan_multiSF_4": {"enable": true,"if": -200000,"radio": 1}, + "chan_multiSF_5": {"enable": true,"if": 0,"radio": 1}, + "chan_multiSF_6": {"enable": true,"if": 200000,"radio": 1}, + "chan_multiSF_7": {"enable": true,"if": 400000,"radio": 1}, + "clksrc": 0, + "device": "/dev/spidev0.0", + "lorawan_public": true, + "pps": true, + "radio_0": {"enable": true,"freq": 868500000,"rssi_offset": -214.5,"tx_enable": true,"type": "SX1250"}, + "radio_1": {"enable": true,"freq": 867500000,"rssi_offset": -214.5,"tx_enable": false,"type": "SX1250"}, + "tx_gain_lut":[ + {"rf_power": 10, "pa_gain": 0, "pwr_idx": 12}, + {"rf_power": 11, "pa_gain": 0, "pwr_idx": 13}, + {"rf_power": 12, "pa_gain": 0, "pwr_idx": 14}, + {"rf_power": 13, "pa_gain": 0, "pwr_idx": 15}, + {"rf_power": 14, "pa_gain": 0, "pwr_idx": 16}, + {"rf_power": 16, "pa_gain": 0, "pwr_idx": 17}, + {"rf_power": 17, "pa_gain": 1, "pwr_idx": 0}, + {"rf_power": 18, "pa_gain": 1, "pwr_idx": 1}, + {"rf_power": 19, "pa_gain": 1, "pwr_idx": 2}, + {"rf_power": 21, "pa_gain": 1, "pwr_idx": 4}, + {"rf_power": 22, "pa_gain": 1, "pwr_idx": 5}, + {"rf_power": 23, "pa_gain": 1, "pwr_idx": 6}, + {"rf_power": 24, "pa_gain": 1, "pwr_idx": 7}, + {"rf_power": 25, "pa_gain": 1, "pwr_idx": 8}, + {"rf_power": 26, "pa_gain": 1, "pwr_idx": 11}, + {"rf_power": 27, "pa_gain": 1, "pwr_idx": 14} + ] + }, + "station_conf": { + "TC_TIMEOUT": "2s", + "euiprefix": "::0", + "log_file": "stderr", + "log_level": "INFO", + "log_rotate": 3, + "log_size": 100000, + "routerid": "<WILL-BE-AUTO-REPLACED-WITH-LORA-EUI>" + } +} diff --git a/recipes-connectivity/lora/lora-basic-station-sx1303/mtcap3-station.conf.U00 b/recipes-connectivity/lora/lora-basic-station-sx1303/mtcap3-station.conf.U00 new file mode 100644 index 0000000..a97fdc0 --- /dev/null +++ b/recipes-connectivity/lora/lora-basic-station-sx1303/mtcap3-station.conf.U00 @@ -0,0 +1,47 @@ +{ + "SX1301_conf": { + "chan_FSK": {"bandwidth": 125000,"datarate": 50000,"enable": false,"if": 300000,"radio": 0}, + "chan_Lora_std": {"bandwidth": 500000,"enable": true,"if": 300000,"radio": 0,"spread_factor": 8}, + "chan_multiSF_0": {"enable": true,"if": -400000,"radio": 0}, + "chan_multiSF_1": {"enable": true,"if": -200000,"radio": 0}, + "chan_multiSF_2": {"enable": true,"if": 0,"radio": 0}, + "chan_multiSF_3": {"enable": true,"if": 200000,"radio": 0}, + "chan_multiSF_4": {"enable": true,"if": -400000,"radio": 1}, + "chan_multiSF_5": {"enable": true,"if": -200000,"radio": 1}, + "chan_multiSF_6": {"enable": true,"if": 0,"radio": 1}, + "chan_multiSF_7": {"enable": true,"if": 200000,"radio": 1}, + "clksrc": 0, + "device": "/dev/spidev0.0", + "lorawan_public": true, + "pps": true, + "radio_0": {"enable": true,"freq": 902700000,"rssi_offset": -214.5,"tx_enable": true,"type": "SX1250"}, + "radio_1": {"enable": true,"freq": 903500000,"rssi_offset": -214.5,"tx_enable": false,"type": "SX1250"}, + "tx_gain_lut":[ + {"rf_power": 11, "pa_gain": 0, "pwr_idx": 14}, + {"rf_power": 12, "pa_gain": 0, "pwr_idx": 15}, + {"rf_power": 13, "pa_gain": 0, "pwr_idx": 16}, + {"rf_power": 15, "pa_gain": 0, "pwr_idx": 17}, + {"rf_power": 16, "pa_gain": 0, "pwr_idx": 18}, + {"rf_power": 17, "pa_gain": 0, "pwr_idx": 19}, + {"rf_power": 18, "pa_gain": 0, "pwr_idx": 20}, + {"rf_power": 19, "pa_gain": 1, "pwr_idx": 3}, + {"rf_power": 20, "pa_gain": 1, "pwr_idx": 4}, + {"rf_power": 21, "pa_gain": 1, "pwr_idx": 5}, + {"rf_power": 22, "pa_gain": 1, "pwr_idx": 6}, + {"rf_power": 23, "pa_gain": 1, "pwr_idx": 7}, + {"rf_power": 24, "pa_gain": 1, "pwr_idx": 8}, + {"rf_power": 25, "pa_gain": 1, "pwr_idx": 10}, + {"rf_power": 26, "pa_gain": 1, "pwr_idx": 12}, + {"rf_power": 27, "pa_gain": 1, "pwr_idx": 15} + ] + }, + "station_conf": { + "TC_TIMEOUT": "2s", + "euiprefix": "::0", + "log_file": "stderr", + "log_level": "INFO", + "log_rotate": 3, + "log_size": 100000, + "routerid": "<WILL-BE-AUTO-REPLACED-WITH-LORA-EUI>" + } +} diff --git a/recipes-connectivity/lora/lora-basic-station-sx1303/mtcdt-station.conf.E00 b/recipes-connectivity/lora/lora-basic-station-sx1303/mtcdt-station.conf.E00 new file mode 100644 index 0000000..95da968 --- /dev/null +++ b/recipes-connectivity/lora/lora-basic-station-sx1303/mtcdt-station.conf.E00 @@ -0,0 +1,47 @@ +{ + "SX1301_conf": { + "chan_FSK": {"bandwidth": 125000,"datarate": 50000,"enable": true,"if": 300000,"radio": 0}, + "chan_Lora_std": {"bandwidth": 250000,"enable": true,"if": -200000,"radio": 0,"spread_factor": 7}, + "chan_multiSF_0": {"enable": true,"if": -400000,"radio": 0}, + "chan_multiSF_1": {"enable": true,"if": -200000,"radio": 0}, + "chan_multiSF_2": {"enable": true,"if": 0,"radio": 0}, + "chan_multiSF_3": {"enable": true,"if": -400000,"radio": 1}, + "chan_multiSF_4": {"enable": true,"if": -200000,"radio": 1}, + "chan_multiSF_5": {"enable": true,"if": 0,"radio": 1}, + "chan_multiSF_6": {"enable": true,"if": 200000,"radio": 1}, + "chan_multiSF_7": {"enable": true,"if": 400000,"radio": 1}, + "clksrc": 0, + "device": "/dev/spidev0.0", + "lorawan_public": true, + "pps": true, + "radio_0": {"enable": true,"freq": 868500000,"rssi_offset": -214.5,"tx_enable": true,"type": "SX1250"}, + "radio_1": {"enable": true,"freq": 867500000,"rssi_offset": -214.5,"tx_enable": false,"type": "SX1250"}, + "tx_gain_lut":[ + {"rf_power": 10, "pa_gain": 0, "pwr_idx": 12}, + {"rf_power": 11, "pa_gain": 0, "pwr_idx": 13}, + {"rf_power": 12, "pa_gain": 0, "pwr_idx": 14}, + {"rf_power": 13, "pa_gain": 0, "pwr_idx": 15}, + {"rf_power": 14, "pa_gain": 0, "pwr_idx": 16}, + {"rf_power": 16, "pa_gain": 0, "pwr_idx": 17}, + {"rf_power": 17, "pa_gain": 1, "pwr_idx": 0}, + {"rf_power": 18, "pa_gain": 1, "pwr_idx": 1}, + {"rf_power": 19, "pa_gain": 1, "pwr_idx": 2}, + {"rf_power": 21, "pa_gain": 1, "pwr_idx": 4}, + {"rf_power": 22, "pa_gain": 1, "pwr_idx": 5}, + {"rf_power": 23, "pa_gain": 1, "pwr_idx": 6}, + {"rf_power": 24, "pa_gain": 1, "pwr_idx": 7}, + {"rf_power": 25, "pa_gain": 1, "pwr_idx": 8}, + {"rf_power": 26, "pa_gain": 1, "pwr_idx": 11}, + {"rf_power": 27, "pa_gain": 1, "pwr_idx": 14} + ] + }, + "station_conf": { + "TC_TIMEOUT": "2s", + "euiprefix": "::0", + "log_file": "stderr", + "log_level": "INFO", + "log_rotate": 3, + "log_size": 100000, + "routerid": "<WILL-BE-AUTO-REPLACED-WITH-LORA-EUI>" + } +} diff --git a/recipes-connectivity/lora/lora-basic-station-sx1303/mtcdt-station.conf.U00 b/recipes-connectivity/lora/lora-basic-station-sx1303/mtcdt-station.conf.U00 new file mode 100644 index 0000000..a97fdc0 --- /dev/null +++ b/recipes-connectivity/lora/lora-basic-station-sx1303/mtcdt-station.conf.U00 @@ -0,0 +1,47 @@ +{ + "SX1301_conf": { + "chan_FSK": {"bandwidth": 125000,"datarate": 50000,"enable": false,"if": 300000,"radio": 0}, + "chan_Lora_std": {"bandwidth": 500000,"enable": true,"if": 300000,"radio": 0,"spread_factor": 8}, + "chan_multiSF_0": {"enable": true,"if": -400000,"radio": 0}, + "chan_multiSF_1": {"enable": true,"if": -200000,"radio": 0}, + "chan_multiSF_2": {"enable": true,"if": 0,"radio": 0}, + "chan_multiSF_3": {"enable": true,"if": 200000,"radio": 0}, + "chan_multiSF_4": {"enable": true,"if": -400000,"radio": 1}, + "chan_multiSF_5": {"enable": true,"if": -200000,"radio": 1}, + "chan_multiSF_6": {"enable": true,"if": 0,"radio": 1}, + "chan_multiSF_7": {"enable": true,"if": 200000,"radio": 1}, + "clksrc": 0, + "device": "/dev/spidev0.0", + "lorawan_public": true, + "pps": true, + "radio_0": {"enable": true,"freq": 902700000,"rssi_offset": -214.5,"tx_enable": true,"type": "SX1250"}, + "radio_1": {"enable": true,"freq": 903500000,"rssi_offset": -214.5,"tx_enable": false,"type": "SX1250"}, + "tx_gain_lut":[ + {"rf_power": 11, "pa_gain": 0, "pwr_idx": 14}, + {"rf_power": 12, "pa_gain": 0, "pwr_idx": 15}, + {"rf_power": 13, "pa_gain": 0, "pwr_idx": 16}, + {"rf_power": 15, "pa_gain": 0, "pwr_idx": 17}, + {"rf_power": 16, "pa_gain": 0, "pwr_idx": 18}, + {"rf_power": 17, "pa_gain": 0, "pwr_idx": 19}, + {"rf_power": 18, "pa_gain": 0, "pwr_idx": 20}, + {"rf_power": 19, "pa_gain": 1, "pwr_idx": 3}, + {"rf_power": 20, "pa_gain": 1, "pwr_idx": 4}, + {"rf_power": 21, "pa_gain": 1, "pwr_idx": 5}, + {"rf_power": 22, "pa_gain": 1, "pwr_idx": 6}, + {"rf_power": 23, "pa_gain": 1, "pwr_idx": 7}, + {"rf_power": 24, "pa_gain": 1, "pwr_idx": 8}, + {"rf_power": 25, "pa_gain": 1, "pwr_idx": 10}, + {"rf_power": 26, "pa_gain": 1, "pwr_idx": 12}, + {"rf_power": 27, "pa_gain": 1, "pwr_idx": 15} + ] + }, + "station_conf": { + "TC_TIMEOUT": "2s", + "euiprefix": "::0", + "log_file": "stderr", + "log_level": "INFO", + "log_rotate": 3, + "log_size": 100000, + "routerid": "<WILL-BE-AUTO-REPLACED-WITH-LORA-EUI>" + } +} diff --git a/recipes-connectivity/lora/lora-basic-station-sx1303/setup.gmk b/recipes-connectivity/lora/lora-basic-station-sx1303/setup.gmk new file mode 100644 index 0000000..72450ee --- /dev/null +++ b/recipes-connectivity/lora/lora-basic-station-sx1303/setup.gmk @@ -0,0 +1,91 @@ +# -*- makefile -*- + +# Top dir of s2core +# - override accordingly in makefile including this setup.gmk + +platform ?= mlinux +variant ?= sx1303 + + +ARCH ?= +CROSS_COMPILE ?= +export + +# TOOLPREFIX=${CROSS_COMPILE} + + +BD=build-${platform}-${variant} + +# -- Architecture specific +CFG.arm-linux-gnueabihf = mlinux +# CFG.x86_64-linux-gnu = linux + +# -- Variant specific +# testsim runs libloragw inside master process +# testms uses a master slave model +#CFG.testsim = logini_lvl=DEBUG selftests tlsdebug lgwsim ral_lgw +#CFG.testms = logini_lvl=DEBUG selftests tlsdebug lgwsim ral_master_slave +#CFG.testfs = logini_lvl=DEBUG selftests tlsdebug lgwsim ral_lgw +#CFG.testpin = logini_lvl=INFO tlsdebug ral_lgw testpin +#CFG.std = logini_lvl=INFO tlsdebug ral_lgw +#CFG.stdn = logini_lvl=INFO tlsdebug ral_master_slave +#CFG.debug = logini_lvl=DEBUG selftests tlsdebug ral_lgw +#CFG.debugn = logini_lvl=DEBUG selftests tlsdebug ral_master_slave + +# -- Platform specific +CFG.linux = linux lgw1 no_leds +CFG.rpi = linux lgw1 no_leds +CFG.kerlink = linux lgw1 no_leds +CFG.mlinux = linux no_leds ral_lgw prod sx1302 lgw1 usegpsd + +SD.default = src-linux + +SD = $(or ${SD.${platform}}, ${SD.default}) + +UTILS.linux = mtuns + +UTILS = $(or ${UTILS.${platform}}, ${UTILS.default}) + +PERSO.default = +PERSO = $(or ${PERSO.${platform}}, ${PERSO.default}) +PERSOH = $(if ${PERSO},perso.h,) + +# Paths to dependencies +MBEDLIBS = -lmbedtls -lmbedx509 -lmbedcrypto + +# -lm: Needed for lgw which uses pow/ceil +ifneq (minihub,$(platform)) +SYSLIBS = -lm +endif + +CFLAGS.linux.testsim = -g -O0 --coverage +CFLAGS.linux.testms = -g -O0 --coverage +CFLAGS.linux.testfs = -g -O0 --coverage +CFLAGS.linux.testpin = -g -O3 +CFLAGS.linux.std = -g -O3 +CFLAGS.mlinux.std = -g -O3 + +LIBS.mlinux = -lloragw ${MBEDLIBS} -lrt -lm -lpthread -lgps +LIBS.linux = -llgw ${MBEDLIBS} -lpthread +LIBS.rpi = -llgw ${MBEDLIBS} -lpthread +LIBS.kerlink = -llgw ${MBEDLIBS} -lrt -lpthread + +xCFG = ${CFG.${ARCH}} ${CFG.${platform}} ${CFG.${variant}} ${CFG.${platform}.${variant}} +xCFLAGS = ${CFLAGS.${ARCH}} ${CFLAGS.${platform}} ${CFLAGS.${variant}} ${CFLAGS.${platform}.${variant}} +xINCS = ${INCS.${ARCH}} ${INCS.${platform}} ${INCS.${variant}} +xLDFLAGS = ${LDFLAGS.${ARCH}} ${LDFLAGS.${platform}} ${LDFLAGS.${variant}} +xLIBS = ${LIBS.${ARCH}} ${LIBS.${platform}} ${LIBS.${variant}} +xFILES = ${FILES.${ARCH}} ${FILES.${platform}} ${FILES.${variant}} +xOCFLAGS = ${OCFLAGS.${ARCH}} ${OCFLAGS.${platform}} ${OCFLAGS.${variant}} + +DEFS = -DCFG_platform_${platform} -DCFG_platform=\"${platform}\" -DCFG_variant_${variant} -DCFG_variant=\"${variant}\" +DEFS += -DCFG_bdate='"$(shell date -u '+%Y-%m-%d %H:%M:%S')"' +DEFS += -DCFG_version='"$(shell if [ -f ${TD}/VERSION.txt ]; then cat ${TD}/VERSION.txt; else git describe --tag; fi)(${platform}/${variant})"' +DEFS += -DCFG_commit='"$(shell if git rev-parse --git-dir >/dev/null 2>&1; then git rev-parse --short HEAD; else echo -; fi)"' +DEFS += ${xCFG:%=-DCFG_%} +INCS = ${VPATH:%=-I%} -I ${TD}/${BD}/include ${xINCS} +CFLAGS += -std=gnu11 ${INCS} ${DEFS} ${xCFLAGS} ${MORECFLAGS} +LDFLAGS += -L ${TD}/${BD}/lib ${xLDFLAGS} +LIBS = ${xLIBS} ${SYSLIBS} +FILES = ${xFILES} +OCFLAGS = ${xOCFLAGS} diff --git a/recipes-connectivity/lora/lora-basic-station-sx1303/tc.uri b/recipes-connectivity/lora/lora-basic-station-sx1303/tc.uri new file mode 100644 index 0000000..62ad13e --- /dev/null +++ b/recipes-connectivity/lora/lora-basic-station-sx1303/tc.uri @@ -0,0 +1 @@ +wss://127.0.0.1:9002 diff --git a/recipes-connectivity/lora/lora-basic-station-sx1303_2.0.6-11.bb b/recipes-connectivity/lora/lora-basic-station-sx1303_2.0.6-11.bb new file mode 100644 index 0000000..4e48df3 --- /dev/null +++ b/recipes-connectivity/lora/lora-basic-station-sx1303_2.0.6-11.bb @@ -0,0 +1,73 @@ +DESCRIPTION = "LoRa Basic Station" +HOMEPAGE = "https://github.com/lorabasics/basicstation" +PRIORITY = "optional" +SECTION = "console/utils" +# Semtech license is a modified BSD-style license +LICENSE = "Proprietary" +LIC_FILES_CHKSUM = "file://LICENSE;md5=26699ffb0048fefa02c871c2485867ee" +DEPENDS = "lora-gateway-sx1303 logrotate lora-logging mbedtls gpsd" +RDEPENDS_${PN} += "bash" +PR = "r4" + +# SRCREV = "9bf824154731cbe78366cbffa1b0c6bd0354b66f" +SRCREV = "${PV}" + +SRC_URI = "git://github.com/MultiTechSystems/basicstation.git;protocol=https;branch=master; \ + file://setup.gmk \ + file://lora-basic-station.init \ + file://lora-basic-station.default \ + file://tc.uri \ + file://mtcap3-station.conf.E00 \ + file://mtcap3-station.conf.U00 \ + file://mtcdt-station.conf.E00 \ + file://mtcdt-station.conf.U00 \ +" + +S = "${WORKDIR}/git" +B = "${S}" + +LORA_DIR = "/opt/lora" + +export LGW_PATH = "${STAGING_LIBDIR}/lora" +export LGW_INC = "${STAGING_INCDIR}/lora" + +CFLAGS += "-isystem =/usr/include/gps -DNODEBUG -I${STAGING_INCDIR} -I${WORKDIR}/git/libtools -I${STAGING_INCDIR}/lora -I${STAGING_INCDIR}/lora/lgw-sx1303 -I${WORKDIR}/git/deps -Iinc -I. -std=gnu11 -L${WORKDIR}/git/libtools -L${STAGING_LIBDIR}/lora/lgw-sx1303/lgw/ -L${STAGING_LIBDIR}/lora" + +do_compile() { + cp ${WORKDIR}/setup.gmk ${S}/setup.gmk + oe_runmake +} + +do_install() { + install -d ${D}${LORA_DIR} + install -m 755 ${S}/build-mlinux-sx1303/bin/station ${D}${LORA_DIR}/station-sx1303 +} + +do_install_append_mtcdt() { + install -d ${D}${LORA_DIR} + install -m 755 ${WORKDIR}/mtcdt-station.conf.E00 ${D}${LORA_DIR}/station-sx1303.conf + install -m 755 ${WORKDIR}/mtcdt-station.conf.E00 ${D}${LORA_DIR}/station-sx1303.conf.E00 + install -m 755 ${WORKDIR}/mtcdt-station.conf.U00 ${D}${LORA_DIR}/station-sx1303.conf.U00 +} + +do_install_append_mtcpmhs() { + install -d ${D}${LORA_DIR} + install -m 755 ${WORKDIR}/mtcdt-station.conf.E00 ${D}${LORA_DIR}/station-sx1303.conf + install -m 755 ${WORKDIR}/mtcdt-station.conf.E00 ${D}${LORA_DIR}/station-sx1303.conf.E00 + install -m 755 ${WORKDIR}/mtcdt-station.conf.U00 ${D}${LORA_DIR}/station-sx1303.conf.U00 +} + +do_install_append_mtcap3() { + install -d ${D}${LORA_DIR} + install -m 755 ${WORKDIR}/mtcap3-station.conf.E00 ${D}${LORA_DIR}/station-sx1303.conf + install -m 755 ${WORKDIR}/mtcap3-station.conf.E00 ${D}${LORA_DIR}/station-sx1303.conf.E00 + install -m 755 ${WORKDIR}/mtcap3-station.conf.U00 ${D}${LORA_DIR}/station-sx1303.conf.U00 +} + + +FILES_${PN} += "${LORA_DIR}" + +# disable this on purpose for dev purposes +do_rm_work() { + echo "skipping" +} diff --git a/recipes-connectivity/lora/lora-basic-station_2.0.5-3.bb b/recipes-connectivity/lora/lora-basic-station_2.0.6-11.bb index 7568330..7568330 100644 --- a/recipes-connectivity/lora/lora-basic-station_2.0.5-3.bb +++ b/recipes-connectivity/lora/lora-basic-station_2.0.6-11.bb diff --git a/recipes-connectivity/lora/lora-gateway-sx1303_2.0.39.bb b/recipes-connectivity/lora/lora-gateway-sx1303_2.0.42.bb index 68a6322..68a6322 100644 --- a/recipes-connectivity/lora/lora-gateway-sx1303_2.0.39.bb +++ b/recipes-connectivity/lora/lora-gateway-sx1303_2.0.42.bb diff --git a/recipes-connectivity/lora/lora-gateway_5.0.21.bb b/recipes-connectivity/lora/lora-gateway_5.0.22.bb index d3af872..d3af872 100644 --- a/recipes-connectivity/lora/lora-gateway_5.0.21.bb +++ b/recipes-connectivity/lora/lora-gateway_5.0.22.bb diff --git a/recipes-connectivity/lora/lora-network-server_2.6.2.bb b/recipes-connectivity/lora/lora-network-server_2.6.12.bb index de3b950..de3b950 100644 --- a/recipes-connectivity/lora/lora-network-server_2.6.2.bb +++ b/recipes-connectivity/lora/lora-network-server_2.6.12.bb diff --git a/recipes-connectivity/lora/lora-packet-forwarder/lora-packet-forwarder.init b/recipes-connectivity/lora/lora-packet-forwarder/lora-packet-forwarder.init index 092e0a5..6aaf26f 100755 --- a/recipes-connectivity/lora/lora-packet-forwarder/lora-packet-forwarder.init +++ b/recipes-connectivity/lora/lora-packet-forwarder/lora-packet-forwarder.init @@ -203,9 +203,9 @@ setup_mtcap3() { setup_mtcdt() { if [ -d $port1 ] && [[ $(cat $port1/hw-version) = $lora_hw ]]; then - ln -sf /dev/spidev32766.2 /dev/spidev0.0 + ln -sf /dev/spidev0.2 /dev/spidev0.0 elif [ -d $port2 ] && [[ $(cat $port2/hw-version) = $lora_hw ]]; then - ln -sf /dev/spidev32765.2 /dev/spidev0.0 + ln -sf /dev/spidev1.2 /dev/spidev0.0 fi if [ "$lora_hw" = "$lora_1_0_hw" ] && [[ ! "$lora_id" =~ .*-SPI ]]; then diff --git a/recipes-connectivity/openssh/openssh/CVE-2021-28041.patch b/recipes-connectivity/openssh/openssh/CVE-2021-28041.patch new file mode 100644 index 0000000..9fd7e93 --- /dev/null +++ b/recipes-connectivity/openssh/openssh/CVE-2021-28041.patch @@ -0,0 +1,20 @@ +Description: fix double-free memory corruption in ssh-agent +Author: Marc Deslauriers <marc.deslauriers@canonical.com> +Origin: minimal fix for https://github.com/openssh/openssh-portable/commit/e04fd6dde16de1cdc5a4d9946397ff60d96568db + +Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com> + +CVE: CVE-2021-28041 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_8.2p1-4ubuntu0.3.debian.tar.xz] +Comment: No change in any hunk + +--- a/ssh-agent.c ++++ b/ssh-agent.c +@@ -496,6 +496,7 @@ process_add_identity(SocketEntry *e) + goto err; + } + free(ext_name); ++ ext_name = NULL; + break; + default: + error("%s: Unknown constraint %d", __func__, ctype); diff --git a/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch b/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch new file mode 100644 index 0000000..bda896f --- /dev/null +++ b/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch @@ -0,0 +1,52 @@ +From a6414400ec94a17871081f7df24f910a6ee01b8b Mon Sep 17 00:00:00 2001 +From: Ali Abdallah <aabdallah@suse.de> +Date: Wed, 24 Nov 2021 13:33:39 +0100 +Subject: [PATCH] CVE-2021-41617 fix + +backport of the following two upstream commits + +f3cbe43e28fe71427d41cfe3a17125b972710455 +bf944e3794eff5413f2df1ef37cddf96918c6bde + +CVE-2021-41617 failed to correctly initialise supplemental groups +when executing an AuthorizedKeysCommand or AuthorizedPrincipalsCommand, +where a AuthorizedKeysCommandUser or AuthorizedPrincipalsCommandUser +directive has been set to run the command as a different user. Instead +these commands would inherit the groups that sshd(8) was started with. +--- + auth.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +CVE: CVE-2021-41617 +Upstream-Status: Backport [https://bugzilla.suse.com/attachment.cgi?id=854015] +Comment: No change in any hunk +Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com> + +diff --git a/auth.c b/auth.c +index 163038f..a47b267 100644 +--- a/auth.c ++++ b/auth.c +@@ -52,6 +52,7 @@ + #include <limits.h> + #include <netdb.h> + #include <time.h> ++#include <grp.h> + + #include "xmalloc.h" + #include "match.h" +@@ -851,6 +852,13 @@ subprocess(const char *tag, struct passwd *pw, const char *command, + } + closefrom(STDERR_FILENO + 1); + ++ if (geteuid() == 0 && ++ initgroups(pw->pw_name, pw->pw_gid) == -1) { ++ error("%s: initgroups(%s, %u): %s", tag, ++ pw->pw_name, (u_int)pw->pw_gid, strerror(errno)); ++ _exit(1); ++ } ++ + /* Don't use permanently_set_uid() here to avoid fatal() */ + if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) { + error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid, +-- +2.26.2 diff --git a/recipes-connectivity/openssh/openssh_8.4p1.bb b/recipes-connectivity/openssh/openssh_8.4p1.bb index a65ab70..0cadaf9 100644 --- a/recipes-connectivity/openssh/openssh_8.4p1.bb +++ b/recipes-connectivity/openssh/openssh_8.4p1.bb @@ -27,13 +27,40 @@ SRC_URI = "https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.ta file://sshd_check_keys \ file://add-test-support-for-busybox.patch \ file://0f90440ca70abab947acbd77795e9f130967956c.patch \ + file://CVE-2021-28041.patch \ + file://CVE-2021-41617.patch \ " SRC_URI[sha256sum] = "5a01d22e407eb1c05ba8a8f7c654d388a13e9f226e4ed33bd38748dafa1d2b24" +# This CVE is specific to OpenSSH with the pam opie which we don't build/use here +CVE_CHECK_WHITELIST += "CVE-2007-2768" + # This CVE is specific to OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 # and when running in a Kerberos environment. As such it is not relevant to OpenEmbedded CVE_CHECK_WHITELIST += "CVE-2014-9278" +# CVE-2008-3844 was reported in OpenSSH on Red Hat Enterprise Linux and +# certain packages may have been compromised. This CVE is not applicable +# as our source is OpenBSD. https://securitytracker.com/id?1020730 +# https://www.securityfocus.com/bid/30794 +CVE_CHECK_WHITELIST += "CVE-2008-3844" + +# openssh-ssh1 is provided for compatibility with old devices that +# cannot be upgraded to modern protocols. Thus they may not provide security +# support for this package because doing so would prevent access to equipment. +# The upstream OpenSSH developers see this as an important +# security feature and do not intend to 'fix' it. +# https://security-tracker.debian.org/tracker/CVE-2016-20012 +# https://ubuntu.com/security/CVE-2016-20012 +CVE_CHECK_WHITELIST += "CVE-2016-20012" + +# As per debian, the issue is fixed by a feature called "agent restriction" in openssh 8.9 +# Urgency is unimportant as per debian, Hence this CVE is whitelisting. +# https://security-tracker.debian.org/tracker/CVE-2021-36368 +# https://bugzilla.mindrot.org/show_bug.cgi?id=3316#c2 +# https://docs.ssh-mitm.at/trivialauth.html +CVE_CHECK_WHITELIST += "CVE-2021-36368" + PAM_SRC_URI = "file://sshd" inherit manpages useradd update-rc.d update-alternatives systemd diff --git a/recipes-connectivity/strongswan/strongswan_%.bbappend b/recipes-connectivity/strongswan/strongswan_%.bbappend index c68b45e..3286caa 100644 --- a/recipes-connectivity/strongswan/strongswan_%.bbappend +++ b/recipes-connectivity/strongswan/strongswan_%.bbappend @@ -1,3 +1,19 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" +FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:${THISDIR}/files:" + +PR.=".mts2" PACKAGECONFIG_remove = "sqlite3" + +PACKAGECONFIG_append = "stroke" + +do_install_append() { + install -d ${D}${sysconfdir}/ ${D}${sysconfdir}/ipsec.d/ + ln -sf /var/run/ipsec/ipsec.conf ${D}${sysconfdir}/ipsec.conf + ln -sf /var/run/ipsec/ipsec.secrets ${D}${sysconfdir}/ipsec.secrets + rm -rf ${D}${sysconfdir}/ipsec.d/cacerts + ln -sf /var/run/ipsec/cacerts ${D}${sysconfdir}/ipsec.d/cacerts + rm -rf ${D}${sysconfdir}/ipsec.d/certs + ln -sf /var/run/ipsec/certs ${D}${sysconfdir}/ipsec.d/certs + rm -rf ${D}${sysconfdir}/ipsec.d/private + ln -sf /var/run/ipsec/private ${D}${sysconfdir}/ipsec.d/private +} diff --git a/recipes-connectivity/strongswan/strongswan_5.9.8.bb b/recipes-connectivity/strongswan/strongswan_5.9.8.bb new file mode 100644 index 0000000..9025f68 --- /dev/null +++ b/recipes-connectivity/strongswan/strongswan_5.9.8.bb @@ -0,0 +1,189 @@ +DESCRIPTION = "strongSwan is an OpenSource IPsec implementation for the \ +Linux operating system." +SUMMARY = "strongSwan is an OpenSource IPsec implementation" +HOMEPAGE = "http://www.strongswan.org" +SECTION = "net" +LICENSE = "GPL-2.0" +LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" +DEPENDS = "flex-native flex bison-native" +DEPENDS_append = "${@bb.utils.contains('DISTRO_FEATURES', 'tpm2', ' tpm2-tss', '', d)}" + +SRC_URI = "http://download.strongswan.org/strongswan-${PV}.tar.bz2 \ + " + +SRC_URI[sha256sum] = "d3303a43c0bd7b75a12b64855e8edcb53696f06190364f26d1533bde1f2e453c" + +UPSTREAM_CHECK_REGEX = "strongswan-(?P<pver>\d+(\.\d+)+)\.tar" + +EXTRA_OECONF = " \ + --without-lib-prefix \ + --with-dev-headers=${includedir}/strongswan \ +" + +EXTRA_OECONF += "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '--with-systemdsystemunitdir=${systemd_unitdir}/system/', '--without-systemdsystemunitdir', d)}" + +PACKAGECONFIG ?= "curl gmp openssl sqlite3 swanctl curve25519 \ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd-charon', 'charon', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'tpm2', 'tpm2', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'ima', 'tnc-imc imc-hcd imc-os imc-scanner imc-attestation', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'ima', 'tnc-imv imv-hcd imv-os imv-scanner imv-attestation', '', d)} \ +" + +PACKAGECONFIG[aesni] = "--enable-aesni,--disable-aesni,,${PN}-plugin-aesni" +PACKAGECONFIG[bfd] = "--enable-bfd-backtraces,--disable-bfd-backtraces,binutils" +PACKAGECONFIG[charon] = "--enable-charon,--disable-charon," +PACKAGECONFIG[curl] = "--enable-curl,--disable-curl,curl,${PN}-plugin-curl" +PACKAGECONFIG[eap-identity] = "--enable-eap-identity,--disable-eap-identity,,${PN}-plugin-eap-identity" +PACKAGECONFIG[eap-mschapv2] = "--enable-eap-mschapv2,--disable-eap-mschapv2,,${PN}-plugin-eap-mschapv2" +PACKAGECONFIG[gmp] = "--enable-gmp,--disable-gmp,gmp,${PN}-plugin-gmp" +PACKAGECONFIG[ldap] = "--enable-ldap,--disable-ldap,openldap,${PN}-plugin-ldap" +PACKAGECONFIG[mysql] = "--enable-mysql,--disable-mysql,mysql5,${PN}-plugin-mysql" +PACKAGECONFIG[openssl] = "--enable-openssl,--disable-openssl,openssl,${PN}-plugin-openssl" +PACKAGECONFIG[soup] = "--enable-soup,--disable-soup,libsoup-2.4,${PN}-plugin-soup" +PACKAGECONFIG[sqlite3] = "--enable-sqlite,--disable-sqlite,sqlite3,${PN}-plugin-sqlite" +PACKAGECONFIG[stroke] = "--enable-stroke,--disable-stroke,,${PN}-plugin-stroke" +PACKAGECONFIG[swanctl] = "--enable-swanctl,--disable-swanctl,,libgcc" +PACKAGECONFIG[curve25519] = "--enable-curve25519,--disable-curve25519,, ${PN}-plugin-curve25519" + +# requires swanctl +PACKAGECONFIG[systemd-charon] = "--enable-systemd,--disable-systemd,systemd," + +# tpm needs meta-tpm layer +PACKAGECONFIG[tpm2] = "--enable-tpm,--disable-tpm,,${PN}-plugin-tpm" + + +# integraty configuration needs meta-integraty +#imc +PACKAGECONFIG[tnc-imc] = "--enable-tnc-imc,--disable-tnc-imc,, ${PN}-plugin-tnc-imc ${PN}-plugin-tnc-tnccs" +PACKAGECONFIG[imc-test] = "--enable-imc-test,--disable-imc-test,," +PACKAGECONFIG[imc-scanner] = "--enable-imc-scanner,--disable-imc-scanner,," +PACKAGECONFIG[imc-os] = "--enable-imc-os,--disable-imc-os,," +PACKAGECONFIG[imc-attestation] = "--enable-imc-attestation,--disable-imc-attestation,," +PACKAGECONFIG[imc-swima] = "--enable-imc-swima, --disable-imc-swima, json-c," +PACKAGECONFIG[imc-hcd] = "--enable-imc-hcd, --disable-imc-hcd,," + +#imv set +PACKAGECONFIG[tnc-imv] = "--enable-tnc-imv,--disable-tnc-imv,, ${PN}-plugin-tnc-imv ${PN}-plugin-tnc-tnccs" +PACKAGECONFIG[imv-test] = "--enable-imv-test,--disable-imv-test,," +PACKAGECONFIG[imv-scanner] = "--enable-imv-scanner,--disable-imv-scanner,," +PACKAGECONFIG[imv-os] = "--enable-imv-os,--disable-imv-os,," +PACKAGECONFIG[imv-attestation] = "--enable-imv-attestation,--disable-imv-attestation,," +PACKAGECONFIG[imv-swima] = "--enable-imv-swima, --disable-imv-swima, json-c," +PACKAGECONFIG[imv-hcd] = "--enable-imv-hcd, --disable-imv-hcd,," + +PACKAGECONFIG[tnc-ifmap] = "--enable-tnc-ifmap,--disable-tnc-ifmap, libxml2, ${PN}-plugin-tnc-ifmap" +PACKAGECONFIG[tnc-pdp] = "--enable-tnc-pdp,--disable-tnc-pdp,, ${PN}-plugin-tnc-pdp" + +PACKAGECONFIG[tnccs-11] = "--enable-tnccs-11,--disable-tnccs-11,libxml2, ${PN}-plugin-tnccs-11" +PACKAGECONFIG[tnccs-20] = "--enable-tnccs-20,--disable-tnccs-20,, ${PN}-plugin-tnccs-20" +PACKAGECONFIG[tnccs-dynamic] = "--enable-tnccs-dynamic,--disable-tnccs-dynamic,,${PN}-plugin-tnccs-dynamic" + +inherit autotools systemd pkgconfig + +RRECOMMENDS_${PN} = "kernel-module-ah4 \ + kernel-module-esp4 \ + kernel-module-xfrm-user \ + " + +FILES_${PN} += "${libdir}/ipsec/lib*${SOLIBS}" +FILES_${PN}-dbg += "${bindir}/.debug ${sbindir}/.debug ${libdir}/ipsec/.debug ${libexecdir}/ipsec/.debug" +FILES_${PN}-dev += "${libdir}/ipsec/lib*${SOLIBSDEV} ${libdir}/ipsec/*.la ${libdir}/ipsec/include/config.h" +FILES_${PN}-staticdev += "${libdir}/ipsec/*.a" + +CONFFILES_${PN} = "${sysconfdir}/*.conf ${sysconfdir}/ipsec.d/*.conf ${sysconfdir}/strongswan.d/*.conf" + +PACKAGES += "${PN}-plugins" +ALLOW_EMPTY_${PN}-plugins = "1" + +PACKAGE_BEFORE_PN = "${PN}-imcvs ${PN}-imcvs-dbg" +ALLOW_EMPTY_${PN}-imcvs = "1" + +FILES_${PN}-imcvs = "${libdir}/ipsec/imcvs/*.so" +FILES_${PN}-imcvs-dbg += "${libdir}/ipsec/imcvs/.debug" + +PACKAGES_DYNAMIC += "^${PN}-plugin-.*$" +NOAUTOPACKAGEDEBUG = "1" + +python split_strongswan_plugins () { + sysconfdir = d.expand('${sysconfdir}/strongswan.d/charon') + libdir = d.expand('${libdir}/ipsec/plugins') + dbglibdir = os.path.join(libdir, '.debug') + + def add_plugin_conf(f, pkg, file_regex, output_pattern, modulename): + dvar = d.getVar('PKGD') + oldfiles = d.getVar('CONFFILES_' + pkg) + newfile = '/' + os.path.relpath(f, dvar) + + if not oldfiles: + d.setVar('CONFFILES_' + pkg, newfile) + else: + d.setVar('CONFFILES_' + pkg, oldfiles + " " + newfile) + + split_packages = do_split_packages(d, libdir, r'libstrongswan-(.*)\.so', '${PN}-plugin-%s', 'strongSwan %s plugin', prepend=True) + do_split_packages(d, sysconfdir, r'(.*)\.conf', '${PN}-plugin-%s', 'strongSwan %s plugin', prepend=True, hook=add_plugin_conf) + + split_dbg_packages = do_split_packages(d, dbglibdir, r'libstrongswan-(.*)\.so', '${PN}-plugin-%s-dbg', 'strongSwan %s plugin - Debugging files', prepend=True, extra_depends='${PN}-dbg') + split_dev_packages = do_split_packages(d, libdir, r'libstrongswan-(.*)\.la', '${PN}-plugin-%s-dev', 'strongSwan %s plugin - Development files', prepend=True, extra_depends='${PN}-dev') + split_staticdev_packages = do_split_packages(d, libdir, r'libstrongswan-(.*)\.a', '${PN}-plugin-%s-staticdev', 'strongSwan %s plugin - Development files (Static Libraries)', prepend=True, extra_depends='${PN}-staticdev') + + if split_packages: + pn = d.getVar('PN') + d.setVar('RRECOMMENDS_' + pn + '-plugins', ' '.join(split_packages)) + d.appendVar('RRECOMMENDS_' + pn + '-dbg', ' ' + ' '.join(split_dbg_packages)) + d.appendVar('RRECOMMENDS_' + pn + '-dev', ' ' + ' '.join(split_dev_packages)) + d.appendVar('RRECOMMENDS_' + pn + '-staticdev', ' ' + ' '.join(split_staticdev_packages)) +} + +PACKAGESPLITFUNCS_prepend = "split_strongswan_plugins " + +# Install some default plugins based on default strongSwan ./configure options +# See https://wiki.strongswan.org/projects/strongswan/wiki/Pluginlist +RDEPENDS_${PN} += "\ + ${PN}-plugin-aes \ + ${PN}-plugin-attr \ + ${PN}-plugin-cmac \ + ${PN}-plugin-constraints \ + ${PN}-plugin-des \ + ${PN}-plugin-dnskey \ + ${PN}-plugin-drbg \ + ${PN}-plugin-fips-prf \ + ${PN}-plugin-gcm \ + ${PN}-plugin-hmac \ + ${PN}-plugin-kdf \ + ${PN}-plugin-kernel-netlink \ + ${PN}-plugin-md5 \ + ${PN}-plugin-mgf1 \ + ${PN}-plugin-nonce \ + ${PN}-plugin-pem \ + ${PN}-plugin-pgp \ + ${PN}-plugin-pkcs1 \ + ${PN}-plugin-pkcs7 \ + ${PN}-plugin-pkcs8 \ + ${PN}-plugin-pkcs12 \ + ${PN}-plugin-pubkey \ + ${PN}-plugin-random \ + ${PN}-plugin-rc2 \ + ${PN}-plugin-resolve \ + ${PN}-plugin-revocation \ + ${PN}-plugin-sha1 \ + ${PN}-plugin-sha2 \ + ${PN}-plugin-socket-default \ + ${PN}-plugin-sshkey \ + ${PN}-plugin-updown \ + ${PN}-plugin-vici \ + ${PN}-plugin-x509 \ + ${PN}-plugin-xauth-generic \ + ${PN}-plugin-xcbc \ + " + +RPROVIDES_${PN} += "${PN}-systemd" +RREPLACES_${PN} += "${PN}-systemd" +RCONFLICTS_${PN} += "${PN}-systemd" + +# The deprecated legacy 'strongswan-starter' service should only be used when charon and +# stroke are enabled. When swanctl is in use, 'strongswan.service' is needed. +# See: https://wiki.strongswan.org/projects/strongswan/wiki/Charon-systemd +SYSTEMD_SERVICE_${PN} = " \ + ${@bb.utils.contains('PACKAGECONFIG', 'swanctl', '${BPN}.service', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'charon', '${BPN}-starter.service', '', d)} \ +" |