From 64f370cabe63bd2520d4d4a967c78e2e1de87b31 Mon Sep 17 00:00:00 2001 From: Tarvi Pillessaar Date: Sun, 22 Oct 2023 10:36:10 +0300 Subject: [PATCH] strongswan: add eap-dynamic plugin This plugin acts as a proxy that dynamically selects an EAP method that is supported/preferred by the client. If the original EAP method initiated by the plugin is rejected with an EAP-NAK message, it will select a different method that is supported/requested by the client. For example it is possible to configure eap-tls as preferred authentication method for your connection while still allow eap-mschapv2. Signed-off-by: Tarvi Pillessaar --- net/strongswan/Makefile | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/net/strongswan/Makefile b/net/strongswan/Makefile index c106257bf..d175b4c4b 100644 --- a/net/strongswan/Makefile +++ b/net/strongswan/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=strongswan PKG_VERSION:=5.9.11 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/ @@ -41,6 +41,7 @@ PKG_MOD_AVAILABLE:= \ dnskey \ drbg \ duplicheck \ + eap-dynamic \ eap-identity \ eap-md5 \ eap-mschapv2 \ @@ -183,6 +184,7 @@ $(call Package/strongswan/Default) +strongswan-mod-dnskey \ +strongswan-mod-drbg \ +strongswan-mod-duplicheck \ + +strongswan-mod-eap-dynamic \ +strongswan-mod-eap-identity \ +strongswan-mod-eap-md5 \ +strongswan-mod-eap-mschapv2 \ @@ -681,6 +683,7 @@ $(eval $(call BuildPlugin,dhcp,DHCP based attribute provider,)) $(eval $(call BuildPlugin,dnskey,DNS RR key decoding,)) $(eval $(call BuildPlugin,drbg,Deterministic random bit generator,,)) $(eval $(call BuildPlugin,duplicheck,advanced duplicate checking,)) +$(eval $(call BuildPlugin,eap-dynamic,EAP dynamic selector,)) $(eval $(call BuildPlugin,eap-identity,EAP identity helper,)) $(eval $(call BuildPlugin,eap-md5,EAP MD5 (CHAP) EAP auth,)) $(eval $(call BuildPlugin,eap-mschapv2,EAP MS-CHAPv2 EAP auth,+strongswan-mod-md4 +strongswan-mod-des))