- Updated to strongSwan 4.6.1 release:

Changes in 4.6.1: - Because of changing checksums before and after installation which caused the integrity tests to fail we avoided directly linking libsimaka, libtls and libtnccs to those libcharon plugins which make use of these dynamiclibraries. Instead we linked the libraries to the charon daemon. Unfortunately Ubuntu 11.10 activated the --as-needed ld option which discards explicit links to dynamic libraries that are not actually used by the charon daemon itself, thus causing failures during the loading of the plugins which depend on these libraries for resolving external symbols. - Therefore our approach of computing integrity checksums for plugins had to be changed radically by moving the hash generation from the compilation to the post-installation phase. Changes in 4.6.0: - The new libstrongswan certexpire plugin collects expiration information of all used certificates and exports them to CSV files. It either directly exports them or uses cron style scheduling for batch exports. - Starter passes unresolved hostnames to charon, allowing it to do name resolution not before the connection attempt. This is especially useful with connections between hosts using dynamic IP addresses. Thanks to Mirko Parthey for the initial patch. - The android plugin can now be used without the Android frontend patch and provides DNS server registration and logging to logcat. - Pluto and starter (plus stroke and whack) have been ported to Android. - Support for ECDSA private and public key operations has been added to the pkcs11 plugin. The plugin now also provides DH and ECDH via PKCS#11 and can use tokens as random number generators (RNG). By default only private key operations are enabled, more advanced features have to be enabled by their option in strongswan.conf. This also applies to public OBS-URL: https://build.opensuse.org/package/show/network:vpn/strongswan?expand=0&rev=39
2012-02-15 13:32:28 +00:00 · 2012-02-15 13:32:28 +00:00 · 1a4d59ebd1
commit 1a4d59ebd1
parent fbee949c81
9 changed files with 75 additions and 24 deletions
--- a/strongswan-4.5.3.tar.bz2
+++ b/strongswan-4.5.3.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a59fa0d9820fb06a3c848f4537b9256d2067265ad10e1b007b79f3b16279f1ff
-size 3299522
--- a/strongswan-4.5.3.tar.bz2.sig
+++ b/strongswan-4.5.3.tar.bz2.sig
@ -1,14 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.11 (GNU/Linux)
-
-iQGcBAABAgAGBQJOOFNGAAoJEN9CwXCzTbp37JUL/jmWmoYQ4qcSQtCfyLbW761a
-8HvTeoAB+gE8srcOCdnSy/i+ebVp4My3VwwivQwCHWHcbC29RjZsytRxsItqN3UR
-4LCEMQ9PA6oIHl7EPumc24RfcWd4TBrlxyk/TeOYOyT0GAjvPF+w0T73pEBMQHGF
-qHQXziblGfB9pxxyVJpvPq7yW+wS7nIj+8B7evitC5TimW5D3rGN1eav+da16ynl
-RJuGtRlxKTy/dnC+WzbJtyxGITcnl2lPao3SilazKDx55OEMboxSTfX3x0QZ2Y2z
-jIV3UzmTh7ZTqOpGrxhMr8lPiuB9w9PWCzfno0WB99suzo7IQtjyfYRifa0A/b3S
-Wtp4OLdBwgStnlQdXhk2INhBSMVH3FRGZOwzr7Eb2SLK2v0BDYn3/rPSZMd2bivO
-zRQeYE9LfuUpJT2BTB69YsAg3pvU55g2mU7GD8cojkxcT60HHKl4ykzwR0dTJjyK
-CwV6JYoWDGkZqwrRfwJrf9o6Xlk4KdyyQGRRm/8hqg==
-=7D0s
-----END PGP SIGNATURE-----
--- a/strongswan-4.6.1-fmt-warnings.patch
+++ b/strongswan-4.6.1-fmt-warnings.patch
@ -1,14 +1,14 @@
 --- src/checksum/checksum_builder.c
-+++ src/checksum/checksum_builder.c	2011/09/08 15:45:10
+++ src/checksum/checksum_builder.c	2012/02/15 13:08:35
@@ -64,9 +64,9 @@ static void build_checksum(char *path, c
 			fprintf(stderr, "dlopen failed: %s\n", dlerror());
 		}
 	}
-	printf("\t{\"%-20s%7u, 0x%08x, %6u, 0x%08x},\n",
-+	printf("\t{\"%-20s%7zu, 0x%08x, %6zu, 0x%08x},\n",
+-	printf("\t{\"%-25s%7u, 0x%08x, %6u, 0x%08x},\n",
+	printf("\t{\"%-25s%7zu, 0x%08x, %6zu, 0x%08x},\n",
 		   name, fsize, fsum, ssize, ssum);
-	fprintf(stderr, "\"%-20s%7u / 0x%08x       %6u / 0x%08x\n",
-+	fprintf(stderr, "\"%-20s%7zu / 0x%08x       %6zu / 0x%08x\n",
+-	fprintf(stderr, "\"%-25s%7u / 0x%08x       %6u / 0x%08x\n",
+	fprintf(stderr, "\"%-25s%7zu / 0x%08x       %6zu / 0x%08x\n",
 			name, fsize, fsum, ssize, ssum);
 }
 
--- a/strongswan-4.6.1-glib.patch
+++ b/strongswan-4.6.1-glib.patch
--- a/strongswan-4.6.1-rpmlintrc
+++ b/strongswan-4.6.1-rpmlintrc
--- a/strongswan-4.6.1.tar.bz2
+++ b/strongswan-4.6.1.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3d6dcdb3ce46dab51783b98c9bb54ebc931ff80941a0507d3cf3e3ac813eb439
+size 3400215
--- a/strongswan-4.6.1.tar.bz2.sig
+++ b/strongswan-4.6.1.tar.bz2.sig
@ -0,0 +1,14 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.11 (GNU/Linux)
+
+iQGcBAABAgAGBQJOu2a7AAoJEN9CwXCzTbp381oL/39DrG28cCvChlGKLRCK1LaF
+CpCGR/rKSWy71kkCHpGuDZgr+TXN5NzWV+vyj8CZubPg/lgiDyeNTwDG7O1qE5ZD
+C9MDKWq4B8MHpHaPw2royqscRIs7lF4P4wil1F/vDftHzFWfBRp5+jOjMInlc0oP
+rF+mqqGXdMVbSac0QmIC+MJbR4Di7+66SskPvsLeL7/HIC27zVG32j4uLTzevKfu
+pgCQwUzqAE8A3VOPrjjP9pAYMto68hZoSIEOODEXF/VMHt7qOIjHDdpQYVDH9N9K
+ZXMYIMDmJq8KAQbZGGjpMvv50pwG73RE+JbX0+3B5JD2rTQND1XpiC2+PWk53LSd
+3EXx+RaufjC0YgaON3vDusGfa6v/KW2gU7EOumdTDNZi2iNijVLCN91WV9BwrgLV
+T8j7P2lhoHN/ihsjSpq7+vTy+DGWgToA35IgC5kfBG75aZR35ho/dKFST15kMv35
+DnPbK7yEpHHyfYTblFej4mm6j+X8vbEPsJZpRtZq+A==
+=Fip2
+-----END PGP SIGNATURE-----
--- a/strongswan.changes
+++ b/strongswan.changes
@ -1,3 +1,50 @@
+-------------------------------------------------------------------
+Wed Feb 15 13:31:40 UTC 2012 - mt@suse.com
+
+- Updated to strongSwan 4.6.1 release:
+  Changes in 4.6.1:
+  - Because of changing checksums before and after installation which caused
+    the integrity tests to fail we avoided directly linking libsimaka,
+    libtls and libtnccs to those libcharon plugins which make use of these
+    dynamiclibraries.
+    Instead we linked the libraries to the charon daemon. Unfortunately
+    Ubuntu 11.10 activated the --as-needed ld option which discards explicit
+    links to dynamic libraries that are not actually used by the charon
+    daemon itself, thus causing failures during the loading of the plugins
+    which depend on these libraries for resolving external symbols.
+  - Therefore our approach of computing  integrity checksums for plugins had
+    to be changed radically by moving the hash generation from the
+    compilation to the post-installation phase.
+  Changes in 4.6.0:
+  - The new libstrongswan certexpire plugin collects expiration information
+    of all used certificates and exports them to CSV files. It either
+    directly exports them or uses cron style scheduling for batch exports.
+  - Starter passes unresolved hostnames to charon, allowing it to do name
+    resolution not before the connection attempt. This is especially useful
+    with connections between hosts using dynamic IP addresses.
+    Thanks to Mirko Parthey for the initial patch.
+  - The android plugin can now be used without the Android frontend patch
+    and provides DNS server registration and logging to logcat.
+  - Pluto and starter (plus stroke and whack) have been ported to Android.
+  - Support for ECDSA private and public key operations has been added to
+    the pkcs11 plugin.  The plugin now also provides DH and ECDH via PKCS#11
+    and can use tokens as random number generators (RNG).  By default only
+    private key operations are enabled, more advanced features have to be
+    enabled by their option in strongswan.conf.  This also applies to public
+    key operations (even for keys not stored on the token) which were
+    enabled by default before.
+  - The libstrongswan plugin system now supports detailed plugin
+    dependencies. Many plugins have been extended to export its capabilities
+    and requirements. This allows the plugin loader to resolve plugin
+    loading order automatically, and in future releases, to dynamically load
+    the required features on demand.
+    Existing third party plugins are source (but not binary) compatible if
+    they properly initialize the new get_features() plugin function to NULL.
+  - The tnc-ifmap plugin implements a TNC IF-MAP 2.0 client which can
+    deliver metadata about IKE_SAs via a SOAP interface to a MAP server.
+    The tnc-ifmap plugin requires the Apache Axis2/C library.
+- Merged patches, changed strongswan-doc to be a noarch package.
+
 -------------------------------------------------------------------
 Mon Feb  6 10:27:00 UTC 2012 - aj@suse.de

--- a/strongswan.spec
+++ b/strongswan.spec
@ -18,7 +18,7 @@


 Name:           strongswan
-Version:        4.5.3
+Version:        4.6.1
 Release:        0
 %define         upstream_version   %{version}
 %define         strongswan_docdir  %{_docdir}/%{name}
@ -108,6 +108,7 @@ Authors:
    and others

 %package doc
+BuildArch:      noarch
 Summary:        OpenSource IPsec-based VPN Solution

 %description doc
@ -317,7 +318,7 @@ cat << EOT > ${RPM_BUILD_ROOT}%{_sysconfdir}/ipsec.secrets
 #
 EOT
 #
-rm -f $RPM_BUILD_ROOT%{strongswan_libdir}/lib{charon,hydra,strongswan}.so
+rm -f $RPM_BUILD_ROOT%{strongswan_libdir}/lib{charon,hydra,strongswan,simaka}.so
 find  $RPM_BUILD_ROOT%{strongswan_libdir} \
      -name "*.a" -o -name "*.la" | xargs -r rm -f
 #
@ -440,6 +441,8 @@ fi
 %{strongswan_libdir}/libhydra.so.0.0.0
 %{strongswan_libdir}/libcharon.so.0
 %{strongswan_libdir}/libcharon.so.0.0.0
+%{strongswan_libdir}/libsimaka.so.0
+%{strongswan_libdir}/libsimaka.so.0.0.0
 %{strongswan_libdir}/libstrongswan.so.0
 %{strongswan_libdir}/libstrongswan.so.0.0.0
 %dir %{strongswan_plugins}
@ -475,6 +478,7 @@ fi
 %{strongswan_plugins}/libstrongswan-ha.so
 %{strongswan_plugins}/libstrongswan-hmac.so
 %{strongswan_plugins}/libstrongswan-kernel-netlink.so
+%{strongswan_plugins}/libstrongswan-kernel-netlink.so
 %{strongswan_plugins}/libstrongswan-ldap.so
 %{strongswan_plugins}/libstrongswan-md4.so
 %{strongswan_plugins}/libstrongswan-md5.so