diff --git a/strongswan-5.1.1.tar.bz2 b/strongswan-5.1.1.tar.bz2 deleted file mode 100644 index d7310ed..0000000 --- a/strongswan-5.1.1.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:fbf2a668221fc4a36a34bdeac2dfeda25b96f572d551df022585177953622406 -size 3673200 diff --git a/strongswan-5.1.1.tar.bz2.sig b/strongswan-5.1.1.tar.bz2.sig deleted file mode 100644 index 2e0fafe..0000000 --- a/strongswan-5.1.1.tar.bz2.sig +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.11 (GNU/Linux) - -iQGcBAABAgAGBQJSc1ufAAoJEN9CwXCzTbp3Y48L/RW112f7JryXe4dTekfzBehN -9n5ycczrK8xEc6RqLbD7WI6Av97fJd/FDLAieSE3FTk2znAbf0iFXuBb7ORhOr4H -IywXex9uXgJtDI9WBVCbL/PPBYk/JiBWeviJv5ESji0oc+Uvtx5y2xShx3YwaZCt -38peoT2EKPmaj98OIDslfDK0q9n55puKdM0NPewtPLVOfcfhBTh5XvwI/qdZhqRH -7hG4QHsFeY3t5sy5/XllEDXckx9vWmogchxRltoGPUfjxJb7X3empsCK8o3gbWcf -mX887cROOxXpPHzxj887orCwu+vmSlDRJXhHaTbYbhYdOnpo0o/R/HGwdO4Bv4PY -7yrpbz9DnpYw1XPZqd2ed4wgQMCWCuFmPFuJZBxQ2lza7QxDeC6EIc+dhT5AC7GI -XTqU3jw3kfm+b7N0MWmMkU5iL5cgNiR23v4D8U697ruoR6Qx310xe473Yh7ZhzoV -gJ6Z1jvc6d82ywsxo04hhv/yT7LeLyFmg+vyAAmbtg== -=040C ------END PGP SIGNATURE----- diff --git a/strongswan-5.1.1-rpmlintrc b/strongswan-5.1.3-rpmlintrc similarity index 100% rename from strongswan-5.1.1-rpmlintrc rename to strongswan-5.1.3-rpmlintrc diff --git a/strongswan-5.1.3.tar.bz2 b/strongswan-5.1.3.tar.bz2 new file mode 100644 index 0000000..b52ba2d --- /dev/null +++ b/strongswan-5.1.3.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:84e46d5ce801e1b874e2bfba8d21dbd78b432e23b7fb1f4f2d637359e7a183a8 +size 3807212 diff --git a/strongswan-5.1.3.tar.bz2.sig b/strongswan-5.1.3.tar.bz2.sig new file mode 100644 index 0000000..7884d97 --- /dev/null +++ b/strongswan-5.1.3.tar.bz2.sig @@ -0,0 +1,14 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.11 (GNU/Linux) + +iQGcBAABAgAGBQJTS9jUAAoJEN9CwXCzTbp3E3cMAJuQv7IsG5XDNQB/Wcb66hLQ +2DSZN2zXRI2Ku5ONXDqnzCzyGRO84SOsGVzX9AQTHactr29B0n9rZxSCKZrm+ZRX +lMKu6UNsS+jSKhXkXfmDSilFnM7ap7tAlFUuH/7uz8LcG34643W5BOJH0oMq7Rx3 +WN/7/TbrYf1aE0s3C8tcJXc5OghkvAfsE0jBPWhwT7dwi5eczluPMyYYdGxg8zNP +LdBdoHTfnFRnMcL18SGwUYl09hj2YkZMoo+2Qt4I6WNy3yIINRIQluPSl2f91HHG +VXyzGLpC3W63WYxXhPmjdmkpaT9+kulF6WVhgt3i6VMOv6nSNitHs5/X0W6N5xuX +BhPmJRFmT0Oej3MJVxSKqUy89Ny3DyRmai5bERAFe+FOt9HN1UWqpK+qYFI+YQw/ +dMS9kviW2UhSq4BM9F9F+QrL66Bz0gc5+jXolm971FII62cV4i6n9U6veGPY9qkg ++Jcn6XpKOe2JXLsIeIMQgc0GitIaEHq/zdST/pn2Gw== +=NZ/K +-----END PGP SIGNATURE----- diff --git a/strongswan.changes b/strongswan.changes index 4b12546..1a825fd 100644 --- a/strongswan.changes +++ b/strongswan.changes @@ -1,3 +1,75 @@ +------------------------------------------------------------------- +Mon Apr 14 23:36:07 UTC 2014 - mt@suse.de + +- Updated to strongSwan 5.1.3 providing the following changes: + - Fixed an authentication bypass vulnerability triggered by rekeying + an unestablished IKEv2 SA while it gets actively initiated. This + allowed an attacker to trick a peer's IKE_SA state to established, + without the need to provide any valid authentication credentials. + (CVE-2014-2338, bnc#870572). + - The acert plugin evaluates X.509 Attribute Certificates. Group + membership information encoded as strings can be used to fulfill + authorization checks defined with the rightgroups option. + Attribute Certificates can be loaded locally or get exchanged in + IKEv2 certificate payloads. + - The pki command gained support to generate X.509 Attribute + Certificates using the --acert subcommand, while the --print + command supports the ac type. The openac utility has been removed + in favor of the new pki functionality. + - The libtls TLS 1.2 implementation as used by EAP-(T)TLS and other + protocols has been extended by AEAD mode support, currently limited + to AES-GCM. + - Fixed an issue where CRL/OCSP trustchain validation broke enforcing + CA constraints + - Limited OCSP signing to specific certificates to improve performance + - authKeyIdentifier is not added to self-signed certificates anymore + - Fixed the comparison of IKE configs if only the cipher suites were + different + +------------------------------------------------------------------- +Wed Apr 2 05:53:21 UTC 2014 - mt@suse.de + +- Updated to strongSwan 5.1.2 providing the following changes: + - A new default configuration file layout is introduced. The new + default strongswan.conf file mainly includes config snippets from + the strongswan.d and strongswan.d/charon directories (the latter + containing snippets for all plugins). The snippets, with commented + defaults, are automatically generated and installed, if they don't + exist yet. Also installed in $prefix/share/strongswan/templates so + existing files can be compared to the current defaults. + - As an alternative to the non-extensible charon.load setting, the + plugins to load in charon (and optionally other applications) can + now be determined via the charon.plugins.<name>.load setting for + each plugin (enabled in the new default strongswan.conf file via the + charon.load_modular option). The load setting optionally takes a + numeric priority value that allows reordering the plugins (otherwise + the default plugin order is preserved). + - All strongswan.conf settings that were formerly defined in library + specific "global" sections are now application specific (e.g. + settings for plugins in libstrongswan.plugins can now be set only + for charon in charon.plugins). The old options are still supported, + which now allows to define defaults for all applications in the + libstrongswan section. + - The ntru libstrongswan plugin supports NTRUEncrypt as a post-quantum + computer IKE key exchange mechanism. The implementation is based on + the ntru-crypto library from the NTRUOpenSourceProject. + The supported security strengths are ntru112, ntru128, ntru192, and + ntru256. Since the private DH group IDs 1030..1033 have been + assigned, the strongSwan Vendor ID must be sent in order to use NTRU + (charon.send_vendor_id = yes). + - Defined a TPMRA remote attestation workitem and added support for it + to the Attestation IMV. + - Compatibility issues between IPComp (compress=yes) and + leftfirewall=yes as well as multiple subnets in left|rightsubnet + have been fixed. + - When enabling its "session" strongswan.conf option, the xauth-pam + plugin opens and closes a PAM session for each established IKE_SA. + Patch courtesy of Andrea Bonomi. + - The strongSwan unit testing framework has been rewritten without the + "check" dependency for improved flexibility and portability. It now + properly supports multi-threaded and memory leak testing and brings + a bunch of new test cases. + ------------------------------------------------------------------- Fri Nov 1 12:28:39 UTC 2013 - mt@suse.de diff --git a/strongswan.spec b/strongswan.spec index 6f6a34f..50c6f26 100644 --- a/strongswan.spec +++ b/strongswan.spec @@ -1,7 +1,7 @@ # # spec file for package strongswan # -# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,12 +17,15 @@ Name: strongswan -Version: 5.1.1 +Version: 5.1.3 Release: 0 -%define upstream_version %{version} -%define strongswan_docdir %{_docdir}/%{name} -%define strongswan_libdir %{_libdir}/ipsec -%define strongswan_plugins %{strongswan_libdir}/plugins +%define upstream_version %{version} +%define strongswan_docdir %{_docdir}/%{name} +%define strongswan_libdir %{_libdir}/ipsec +%define strongswan_configs %{_sysconfdir}/strongswan.d +%define strongswan_datadir %{_datadir}/strongswan +%define strongswan_plugins %{strongswan_libdir}/plugins +%define strongswan_templates %{strongswan_datadir}/templates %if 0 %bcond_without tests %else @@ -244,7 +247,7 @@ sed -e 's|@libexecdir@|%_libexecdir|g' \ > strongswan.init %build -CFLAGS="$RPM_OPT_FLAGS -W -Wall -Wno-pointer-sign -Wno-strict-aliasing" +CFLAGS="$RPM_OPT_FLAGS -W -Wall -Wno-pointer-sign -Wno-strict-aliasing -Wno-unused-parameter" export RPM_OPT_FLAGS CFLAGS #libtoolize --force #autoreconf @@ -434,7 +437,6 @@ fi %{_libexecdir}/ipsec/_updown_espmark %{_libexecdir}/ipsec/conftest %{_libexecdir}/ipsec/duplicheck -%{_libexecdir}/ipsec/openac %{_libexecdir}/ipsec/pool %{_libexecdir}/ipsec/pt-tls-client %{_libexecdir}/ipsec/scepclient @@ -459,13 +461,105 @@ fi %{strongswan_docdir}/ChangeLog %{_mandir}/man8/_updown.8* %{_mandir}/man8/_updown_espmark.8* -%{_mandir}/man8/openac.8* %{_mandir}/man8/scepclient.8* %files libs0 %defattr(-,root,root) %config(noreplace) %attr(600,root,root) %{_sysconfdir}/strongswan.conf -%dir %{_libexecdir}/ipsec +%dir %{strongswan_configs} +%dir %{strongswan_configs}/charon +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-logging.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/imcv.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/pool.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/starter.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/tnc.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/tools.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/addrblock.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/aes.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/af-alg.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/agent.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/attr.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/attr-sql.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/blowfish.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/ccm.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/certexpire.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/cmac.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/constraints.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/coupling.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/ctr.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/curl.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/des.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/dhcp.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/dnskey.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/duplicheck.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-aka-3gpp2.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-aka.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-dynamic.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-gtc.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-identity.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-md5.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-mschapv2.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-peap.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-radius.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-simaka-pseudonym.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-simaka-reauth.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-simaka-sql.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-sim.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-sim-file.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-sim-pcsc.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-tls.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-tnc.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-ttls.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/farp.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/fips-prf.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/gcm.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/gcrypt.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/gmp.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/ha.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/hmac.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/kernel-netlink.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/ldap.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/led.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/md4.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/md5.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/nonce.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/openssl.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/pem.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/pgp.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/pkcs11.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/pkcs12.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/pkcs1.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/pkcs7.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/pkcs8.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/pubkey.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/radattr.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/random.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/rc2.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/resolve.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/revocation.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/sha1.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/sha2.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/smp.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/socket-default.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/soup.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/sql.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/sshkey.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/stroke.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/tnccs-11.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/tnccs-20.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/tnccs-dynamic.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/tnc-imc.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/tnc-imv.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/tnc-pdp.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/tnc-tnccs.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/unity.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/updown.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/x509.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/xauth-eap.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/xauth-generic.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/xauth-pam.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/xcbc.conf %dir %{strongswan_libdir} %{strongswan_libdir}/libchecksum.so %{strongswan_libdir}/libcharon.so.* @@ -569,6 +663,109 @@ fi %{strongswan_plugins}/libstrongswan-xauth-pam.so %{strongswan_plugins}/libstrongswan-xcbc.so %dir %ghost %{_localstatedir}/run/strongswan +%dir %{strongswan_datadir} +%dir %{strongswan_templates} +%dir %{strongswan_templates}/config +%dir %{strongswan_templates}/config/plugins +%dir %{strongswan_templates}/config/strongswan.d +%dir %{strongswan_templates}/database +%dir %{strongswan_templates}/database/imv +%dir %{strongswan_templates}/database/sql +%{strongswan_templates}/config/strongswan.conf +%{strongswan_templates}/config/plugins/addrblock.conf +%{strongswan_templates}/config/plugins/aes.conf +%{strongswan_templates}/config/plugins/af-alg.conf +%{strongswan_templates}/config/plugins/agent.conf +%{strongswan_templates}/config/plugins/attr-sql.conf +%{strongswan_templates}/config/plugins/attr.conf +%{strongswan_templates}/config/plugins/blowfish.conf +%{strongswan_templates}/config/plugins/ccm.conf +%{strongswan_templates}/config/plugins/certexpire.conf +%{strongswan_templates}/config/plugins/cmac.conf +%{strongswan_templates}/config/plugins/constraints.conf +%{strongswan_templates}/config/plugins/coupling.conf +%{strongswan_templates}/config/plugins/ctr.conf +%{strongswan_templates}/config/plugins/curl.conf +%{strongswan_templates}/config/plugins/des.conf +%{strongswan_templates}/config/plugins/dhcp.conf +%{strongswan_templates}/config/plugins/dnskey.conf +%{strongswan_templates}/config/plugins/duplicheck.conf +%{strongswan_templates}/config/plugins/eap-aka-3gpp2.conf +%{strongswan_templates}/config/plugins/eap-aka.conf +%{strongswan_templates}/config/plugins/eap-dynamic.conf +%{strongswan_templates}/config/plugins/eap-gtc.conf +%{strongswan_templates}/config/plugins/eap-identity.conf +%{strongswan_templates}/config/plugins/eap-md5.conf +%{strongswan_templates}/config/plugins/eap-mschapv2.conf +%{strongswan_templates}/config/plugins/eap-peap.conf +%{strongswan_templates}/config/plugins/eap-radius.conf +%{strongswan_templates}/config/plugins/eap-sim-file.conf +%{strongswan_templates}/config/plugins/eap-sim-pcsc.conf +%{strongswan_templates}/config/plugins/eap-sim.conf +%{strongswan_templates}/config/plugins/eap-simaka-pseudonym.conf +%{strongswan_templates}/config/plugins/eap-simaka-reauth.conf +%{strongswan_templates}/config/plugins/eap-simaka-sql.conf +%{strongswan_templates}/config/plugins/eap-tls.conf +%{strongswan_templates}/config/plugins/eap-tnc.conf +%{strongswan_templates}/config/plugins/eap-ttls.conf +%{strongswan_templates}/config/plugins/farp.conf +%{strongswan_templates}/config/plugins/fips-prf.conf +%{strongswan_templates}/config/plugins/gcm.conf +%{strongswan_templates}/config/plugins/gcrypt.conf +%{strongswan_templates}/config/plugins/gmp.conf +%{strongswan_templates}/config/plugins/ha.conf +%{strongswan_templates}/config/plugins/hmac.conf +%{strongswan_templates}/config/plugins/kernel-netlink.conf +%{strongswan_templates}/config/plugins/ldap.conf +%{strongswan_templates}/config/plugins/led.conf +%{strongswan_templates}/config/plugins/md4.conf +%{strongswan_templates}/config/plugins/md5.conf +%{strongswan_templates}/config/plugins/nonce.conf +%{strongswan_templates}/config/plugins/openssl.conf +%{strongswan_templates}/config/plugins/pem.conf +%{strongswan_templates}/config/plugins/pgp.conf +%{strongswan_templates}/config/plugins/pkcs1.conf +%{strongswan_templates}/config/plugins/pkcs11.conf +%{strongswan_templates}/config/plugins/pkcs12.conf +%{strongswan_templates}/config/plugins/pkcs7.conf +%{strongswan_templates}/config/plugins/pkcs8.conf +%{strongswan_templates}/config/plugins/pubkey.conf +%{strongswan_templates}/config/plugins/radattr.conf +%{strongswan_templates}/config/plugins/random.conf +%{strongswan_templates}/config/plugins/rc2.conf +%{strongswan_templates}/config/plugins/resolve.conf +%{strongswan_templates}/config/plugins/revocation.conf +%{strongswan_templates}/config/plugins/sha1.conf +%{strongswan_templates}/config/plugins/sha2.conf +%{strongswan_templates}/config/plugins/smp.conf +%{strongswan_templates}/config/plugins/socket-default.conf +%{strongswan_templates}/config/plugins/soup.conf +%{strongswan_templates}/config/plugins/sql.conf +%{strongswan_templates}/config/plugins/sshkey.conf +%{strongswan_templates}/config/plugins/stroke.conf +%{strongswan_templates}/config/plugins/tnc-imc.conf +%{strongswan_templates}/config/plugins/tnc-imv.conf +%{strongswan_templates}/config/plugins/tnc-pdp.conf +%{strongswan_templates}/config/plugins/tnc-tnccs.conf +%{strongswan_templates}/config/plugins/tnccs-11.conf +%{strongswan_templates}/config/plugins/tnccs-20.conf +%{strongswan_templates}/config/plugins/tnccs-dynamic.conf +%{strongswan_templates}/config/plugins/unity.conf +%{strongswan_templates}/config/plugins/updown.conf +%{strongswan_templates}/config/plugins/x509.conf +%{strongswan_templates}/config/plugins/xauth-eap.conf +%{strongswan_templates}/config/plugins/xauth-generic.conf +%{strongswan_templates}/config/plugins/xauth-pam.conf +%{strongswan_templates}/config/plugins/xcbc.conf +%{strongswan_templates}/config/strongswan.d/charon-logging.conf +%{strongswan_templates}/config/strongswan.d/charon.conf +%{strongswan_templates}/config/strongswan.d/imcv.conf +%{strongswan_templates}/config/strongswan.d/pool.conf +%{strongswan_templates}/config/strongswan.d/starter.conf +%{strongswan_templates}/config/strongswan.d/tnc.conf +%{strongswan_templates}/config/strongswan.d/tools.conf +%{strongswan_templates}/database/imv/data.sql +%{strongswan_templates}/database/imv/tables.sql %if %{with nm} @@ -583,22 +780,47 @@ fi %files mysql %defattr(-,root,root) +%dir %{strongswan_libdir} %dir %{strongswan_plugins} %{strongswan_plugins}/libstrongswan-mysql.so +%dir %{strongswan_configs} +%dir %{strongswan_configs}/charon +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/mysql.conf +%dir %{strongswan_datadir} +%dir %{strongswan_templates} +%dir %{strongswan_templates}/config +%dir %{strongswan_templates}/config/plugins +%dir %{strongswan_templates}/database +%dir %{strongswan_templates}/database/sql +%{strongswan_templates}/config/plugins/mysql.conf +%{strongswan_templates}/database/sql/mysql.sql %endif %if %{with sqlite} %files sqlite %defattr(-,root,root) +%dir %{strongswan_libdir} %dir %{strongswan_plugins} %{strongswan_plugins}/libstrongswan-sqlite.so +%dir %{strongswan_configs} +%dir %{strongswan_configs}/charon +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/sqlite.conf +%dir %{strongswan_datadir} +%dir %{strongswan_templates} +%dir %{strongswan_templates}/config +%dir %{strongswan_templates}/config/plugins +%dir %{strongswan_templates}/database +%dir %{strongswan_templates}/database/sql +%{strongswan_templates}/config/plugins/sqlite.conf +%{strongswan_templates}/database/sql/sqlite.sql %endif %if %{with tests} %files tests %defattr(-,root,root) +%dir %{strongswan_libdir} %dir %{strongswan_plugins} %{strongswan_plugins}/libstrongswan-load-tester.so %{strongswan_plugins}/libstrongswan-test-vectors.so