pool/NetworkManager-strongswan
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
18 Commits 1 Branch 0 Tags 107 KiB
Standard ML 100%
3d2c2d9083
Go to file
Dominique Leuenberger 3d2c2d9083 Accepting request 606377 from GNOME:Next 
- Update to version 1.4.4:
  + Fixed paths when building without libnm-glib.
  + Fixed proposal tooltips.
  + Updated translations.
- Pass --without-libnm-glib, no longer build deprecated libnm-glib
  support, following this, drop pkgconfig(NetworkManager),
  pkgconfig(libnm-glib), pkgconfig(libnm-glib-vpn),
  pkgconfig(libnm-gtk) and pkgconfig(libnm-util) BuildRequires.
- Add pkgconfig(libnm) BuildRequires.
- Add explicit --with-charon=%%{_libexecdir}/ipsec/charon-nm to
  configure.
- Drop unneeded NetworkManager-gnome Requires from gnome
  sub-package, it is no longer of use for us.

OBS-URL: https://build.opensuse.org/request/show/606377
OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/NetworkManager-strongswan?expand=0&rev=28
2018-05-14 11:01:47 +00:00
.gitattributes Accepting request 53752 from home:BinLi:branches:GNOME:Factory 2010-12-06 13:44:14 +00:00
.gitignore Accepting request 53752 from home:BinLi:branches:GNOME:Factory 2010-12-06 13:44:14 +00:00
NetworkManager-strongswan-1.4.4.tar.bz2 Accepting request 606377 from GNOME:Next 2018-05-14 11:01:47 +00:00
NetworkManager-strongswan.changes Accepting request 606377 from GNOME:Next 2018-05-14 11:01:47 +00:00
NetworkManager-strongswan.spec Accepting request 606377 from GNOME:Next 2018-05-14 11:01:47 +00:00
README Accepting request 53752 from home:BinLi:branches:GNOME:Factory 2010-12-06 13:44:14 +00:00

README 

NetworkManager allows configuration and control of VPN daemons through
a plugin interface.
We provide such a plugin for NetworkManager to configure road warrior
clients for the most common setups.

NetworkManager uses DBUS to communicate with a plugin loaded by the
IKEv2 charon daemon.

The plugin uses a certificate for gateway authentication and supports
EAP and RSA authentication for client authentication.
PSK is not supported, as it is considered insecure if the secrets are
not strong enough.

You can use any password based EAP method supported by strongSwan
(MD5/GTC/MSCHAPv2) or private key authentication. Private keys are
either stored in a file or accessed through your ready-to-use ssh-agent.
You'll need a certificate matching that key.
Starting with strongSwan 4.4.2 / NetworkManager-strongswan 1.2.0,
private keys and certificates on a smartcard can be used.

If you configure the gateway certificate directly on the clients, there
are no requirements to the certificate. If you deploy CA certificates
(supported in 4.3.1+), the gateway certificate will need a subjectAltName
including the Hostname of the gateway (the same you enter in the clients
configuration). Starting with version 4.3.5, you can also use preinstalled
root CA certificates of your distribution, using the --with-nm-ca-dir
configure option. Just don't specify any gateway/CA certificate to use
preinstalled root certificates.
CA certificates on a smartcard are automatically used.