diff --git a/strongswan-5.1.1.tar.bz2 b/strongswan-5.1.1.tar.bz2
deleted file mode 100644
index d7310ed..0000000
--- a/strongswan-5.1.1.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:fbf2a668221fc4a36a34bdeac2dfeda25b96f572d551df022585177953622406
-size 3673200
diff --git a/strongswan-5.1.1.tar.bz2.sig b/strongswan-5.1.1.tar.bz2.sig
deleted file mode 100644
index 2e0fafe..0000000
--- a/strongswan-5.1.1.tar.bz2.sig
+++ /dev/null
@@ -1,14 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.11 (GNU/Linux)
-
-iQGcBAABAgAGBQJSc1ufAAoJEN9CwXCzTbp3Y48L/RW112f7JryXe4dTekfzBehN
-9n5ycczrK8xEc6RqLbD7WI6Av97fJd/FDLAieSE3FTk2znAbf0iFXuBb7ORhOr4H
-IywXex9uXgJtDI9WBVCbL/PPBYk/JiBWeviJv5ESji0oc+Uvtx5y2xShx3YwaZCt
-38peoT2EKPmaj98OIDslfDK0q9n55puKdM0NPewtPLVOfcfhBTh5XvwI/qdZhqRH
-7hG4QHsFeY3t5sy5/XllEDXckx9vWmogchxRltoGPUfjxJb7X3empsCK8o3gbWcf
-mX887cROOxXpPHzxj887orCwu+vmSlDRJXhHaTbYbhYdOnpo0o/R/HGwdO4Bv4PY
-7yrpbz9DnpYw1XPZqd2ed4wgQMCWCuFmPFuJZBxQ2lza7QxDeC6EIc+dhT5AC7GI
-XTqU3jw3kfm+b7N0MWmMkU5iL5cgNiR23v4D8U697ruoR6Qx310xe473Yh7ZhzoV
-gJ6Z1jvc6d82ywsxo04hhv/yT7LeLyFmg+vyAAmbtg==
-=040C
------END PGP SIGNATURE-----
diff --git a/strongswan-5.1.1-rpmlintrc b/strongswan-5.1.3-rpmlintrc
similarity index 100%
rename from strongswan-5.1.1-rpmlintrc
rename to strongswan-5.1.3-rpmlintrc
diff --git a/strongswan-5.1.3.tar.bz2 b/strongswan-5.1.3.tar.bz2
new file mode 100644
index 0000000..b52ba2d
--- /dev/null
+++ b/strongswan-5.1.3.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:84e46d5ce801e1b874e2bfba8d21dbd78b432e23b7fb1f4f2d637359e7a183a8
+size 3807212
diff --git a/strongswan-5.1.3.tar.bz2.sig b/strongswan-5.1.3.tar.bz2.sig
new file mode 100644
index 0000000..7884d97
--- /dev/null
+++ b/strongswan-5.1.3.tar.bz2.sig
@@ -0,0 +1,14 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.11 (GNU/Linux)
+
+iQGcBAABAgAGBQJTS9jUAAoJEN9CwXCzTbp3E3cMAJuQv7IsG5XDNQB/Wcb66hLQ
+2DSZN2zXRI2Ku5ONXDqnzCzyGRO84SOsGVzX9AQTHactr29B0n9rZxSCKZrm+ZRX
+lMKu6UNsS+jSKhXkXfmDSilFnM7ap7tAlFUuH/7uz8LcG34643W5BOJH0oMq7Rx3
+WN/7/TbrYf1aE0s3C8tcJXc5OghkvAfsE0jBPWhwT7dwi5eczluPMyYYdGxg8zNP
+LdBdoHTfnFRnMcL18SGwUYl09hj2YkZMoo+2Qt4I6WNy3yIINRIQluPSl2f91HHG
+VXyzGLpC3W63WYxXhPmjdmkpaT9+kulF6WVhgt3i6VMOv6nSNitHs5/X0W6N5xuX
+BhPmJRFmT0Oej3MJVxSKqUy89Ny3DyRmai5bERAFe+FOt9HN1UWqpK+qYFI+YQw/
+dMS9kviW2UhSq4BM9F9F+QrL66Bz0gc5+jXolm971FII62cV4i6n9U6veGPY9qkg
++Jcn6XpKOe2JXLsIeIMQgc0GitIaEHq/zdST/pn2Gw==
+=NZ/K
+-----END PGP SIGNATURE-----
diff --git a/strongswan.changes b/strongswan.changes
index 4b12546..1a825fd 100644
--- a/strongswan.changes
+++ b/strongswan.changes
@@ -1,3 +1,75 @@
+-------------------------------------------------------------------
+Mon Apr 14 23:36:07 UTC 2014 - mt@suse.de
+
+- Updated to strongSwan 5.1.3 providing the following changes:
+  - Fixed an authentication bypass vulnerability triggered by rekeying
+    an unestablished IKEv2 SA while it gets actively initiated. This
+    allowed an attacker to trick a peer's IKE_SA state to established,
+    without the need to provide any valid authentication credentials.
+    (CVE-2014-2338, bnc#870572).
+  - The acert plugin evaluates X.509 Attribute Certificates. Group
+    membership information encoded as strings can be used to fulfill
+    authorization checks defined with the rightgroups option.
+    Attribute Certificates can be loaded locally or get exchanged in
+    IKEv2 certificate payloads.
+  - The pki command gained support to generate X.509 Attribute
+    Certificates using the --acert subcommand, while the --print
+    command supports the ac type. The openac utility has been removed
+    in favor of the new pki functionality.
+  - The libtls TLS 1.2 implementation as used by EAP-(T)TLS and other
+    protocols has been extended by AEAD mode support, currently limited
+    to AES-GCM.
+  - Fixed an issue where CRL/OCSP trustchain validation broke enforcing
+    CA constraints
+  - Limited OCSP signing to specific certificates to improve performance
+  - authKeyIdentifier is not added to self-signed certificates anymore
+  - Fixed the comparison of IKE configs if only the cipher suites were
+    different
+
+-------------------------------------------------------------------
+Wed Apr  2 05:53:21 UTC 2014 - mt@suse.de
+
+- Updated to strongSwan 5.1.2 providing the following changes:
+  - A new default configuration file layout is introduced. The new
+    default strongswan.conf file mainly includes config snippets from
+    the strongswan.d and strongswan.d/charon directories (the latter
+    containing snippets for all plugins). The snippets, with commented
+    defaults, are automatically generated and installed, if they don't
+    exist yet. Also installed in $prefix/share/strongswan/templates so
+    existing files can be compared to the current defaults.
+  - As an alternative to the non-extensible charon.load setting, the
+    plugins to load in charon (and optionally other applications) can
+    now be determined via the charon.plugins.<name>.load setting for
+    each plugin (enabled in the new default strongswan.conf file via the
+    charon.load_modular option). The load setting optionally takes a
+    numeric priority value that allows reordering the plugins (otherwise
+    the default plugin order is preserved).
+  - All strongswan.conf settings that were formerly defined in library
+    specific "global" sections are now application specific (e.g.
+    settings for plugins in libstrongswan.plugins can now be set only
+    for charon in charon.plugins). The old options are still supported,
+    which now allows to define defaults for all applications in the
+    libstrongswan section.
+  - The ntru libstrongswan plugin supports NTRUEncrypt as a post-quantum
+    computer IKE key exchange mechanism. The implementation is based on
+    the ntru-crypto library from the NTRUOpenSourceProject.
+    The supported security strengths are ntru112, ntru128, ntru192, and
+    ntru256. Since the private DH group IDs 1030..1033 have been
+    assigned, the strongSwan Vendor ID must be sent in order to use NTRU
+    (charon.send_vendor_id = yes).
+  - Defined a TPMRA remote attestation workitem and added support for it
+    to the Attestation IMV.
+  - Compatibility issues between IPComp (compress=yes) and
+    leftfirewall=yes as well as multiple subnets in left|rightsubnet
+    have been fixed.
+  - When enabling its "session" strongswan.conf option, the xauth-pam
+    plugin opens and closes a PAM session for each established IKE_SA.
+    Patch courtesy of Andrea Bonomi.
+  - The strongSwan unit testing framework has been rewritten without the
+    "check" dependency for improved flexibility and portability. It now
+    properly supports multi-threaded and memory leak testing and brings
+    a bunch of new test cases.
+
 -------------------------------------------------------------------
 Fri Nov  1 12:28:39 UTC 2013 - mt@suse.de
 
diff --git a/strongswan.spec b/strongswan.spec
index 6f6a34f..50c6f26 100644
--- a/strongswan.spec
+++ b/strongswan.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package strongswan
 #
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,12 +17,15 @@
 
 
 Name:           strongswan
-Version:        5.1.1
+Version:        5.1.3
 Release:        0
-%define         upstream_version   %{version}
-%define         strongswan_docdir  %{_docdir}/%{name}
-%define         strongswan_libdir  %{_libdir}/ipsec
-%define         strongswan_plugins %{strongswan_libdir}/plugins
+%define         upstream_version     %{version}
+%define         strongswan_docdir    %{_docdir}/%{name}
+%define         strongswan_libdir    %{_libdir}/ipsec
+%define         strongswan_configs   %{_sysconfdir}/strongswan.d
+%define         strongswan_datadir   %{_datadir}/strongswan
+%define         strongswan_plugins   %{strongswan_libdir}/plugins
+%define         strongswan_templates %{strongswan_datadir}/templates
 %if 0
 %bcond_without  tests
 %else
@@ -244,7 +247,7 @@ sed -e 's|@libexecdir@|%_libexecdir|g'    \
      > strongswan.init
 
 %build
-CFLAGS="$RPM_OPT_FLAGS -W -Wall -Wno-pointer-sign -Wno-strict-aliasing"
+CFLAGS="$RPM_OPT_FLAGS -W -Wall -Wno-pointer-sign -Wno-strict-aliasing -Wno-unused-parameter"
 export RPM_OPT_FLAGS CFLAGS
 #libtoolize --force
 #autoreconf
@@ -434,7 +437,6 @@ fi
 %{_libexecdir}/ipsec/_updown_espmark
 %{_libexecdir}/ipsec/conftest
 %{_libexecdir}/ipsec/duplicheck
-%{_libexecdir}/ipsec/openac
 %{_libexecdir}/ipsec/pool
 %{_libexecdir}/ipsec/pt-tls-client
 %{_libexecdir}/ipsec/scepclient
@@ -459,13 +461,105 @@ fi
 %{strongswan_docdir}/ChangeLog
 %{_mandir}/man8/_updown.8*
 %{_mandir}/man8/_updown_espmark.8*
-%{_mandir}/man8/openac.8*
 %{_mandir}/man8/scepclient.8*
 
 %files libs0
 %defattr(-,root,root)
 %config(noreplace) %attr(600,root,root) %{_sysconfdir}/strongswan.conf
-%dir %{_libexecdir}/ipsec
+%dir %{strongswan_configs}
+%dir %{strongswan_configs}/charon
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-logging.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/imcv.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/pool.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/starter.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/tnc.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/tools.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/addrblock.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/aes.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/af-alg.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/agent.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/attr.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/attr-sql.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/blowfish.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/ccm.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/certexpire.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/cmac.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/constraints.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/coupling.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/ctr.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/curl.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/des.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/dhcp.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/dnskey.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/duplicheck.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-aka-3gpp2.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-aka.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-dynamic.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-gtc.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-identity.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-md5.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-mschapv2.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-peap.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-radius.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-simaka-pseudonym.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-simaka-reauth.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-simaka-sql.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-sim.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-sim-file.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-sim-pcsc.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-tls.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-tnc.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/eap-ttls.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/farp.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/fips-prf.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/gcm.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/gcrypt.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/gmp.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/ha.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/hmac.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/kernel-netlink.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/ldap.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/led.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/md4.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/md5.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/nonce.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/openssl.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/pem.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/pgp.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/pkcs11.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/pkcs12.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/pkcs1.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/pkcs7.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/pkcs8.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/pubkey.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/radattr.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/random.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/rc2.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/resolve.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/revocation.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/sha1.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/sha2.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/smp.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/socket-default.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/soup.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/sql.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/sshkey.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/stroke.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/tnccs-11.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/tnccs-20.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/tnccs-dynamic.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/tnc-imc.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/tnc-imv.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/tnc-pdp.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/tnc-tnccs.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/unity.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/updown.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/x509.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/xauth-eap.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/xauth-generic.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/xauth-pam.conf
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/xcbc.conf
 %dir %{strongswan_libdir}
 %{strongswan_libdir}/libchecksum.so
 %{strongswan_libdir}/libcharon.so.*
@@ -569,6 +663,109 @@ fi
 %{strongswan_plugins}/libstrongswan-xauth-pam.so
 %{strongswan_plugins}/libstrongswan-xcbc.so
 %dir %ghost %{_localstatedir}/run/strongswan
+%dir %{strongswan_datadir}
+%dir %{strongswan_templates}
+%dir %{strongswan_templates}/config
+%dir %{strongswan_templates}/config/plugins
+%dir %{strongswan_templates}/config/strongswan.d
+%dir %{strongswan_templates}/database
+%dir %{strongswan_templates}/database/imv
+%dir %{strongswan_templates}/database/sql
+%{strongswan_templates}/config/strongswan.conf
+%{strongswan_templates}/config/plugins/addrblock.conf
+%{strongswan_templates}/config/plugins/aes.conf
+%{strongswan_templates}/config/plugins/af-alg.conf
+%{strongswan_templates}/config/plugins/agent.conf
+%{strongswan_templates}/config/plugins/attr-sql.conf
+%{strongswan_templates}/config/plugins/attr.conf
+%{strongswan_templates}/config/plugins/blowfish.conf
+%{strongswan_templates}/config/plugins/ccm.conf
+%{strongswan_templates}/config/plugins/certexpire.conf
+%{strongswan_templates}/config/plugins/cmac.conf
+%{strongswan_templates}/config/plugins/constraints.conf
+%{strongswan_templates}/config/plugins/coupling.conf
+%{strongswan_templates}/config/plugins/ctr.conf
+%{strongswan_templates}/config/plugins/curl.conf
+%{strongswan_templates}/config/plugins/des.conf
+%{strongswan_templates}/config/plugins/dhcp.conf
+%{strongswan_templates}/config/plugins/dnskey.conf
+%{strongswan_templates}/config/plugins/duplicheck.conf
+%{strongswan_templates}/config/plugins/eap-aka-3gpp2.conf
+%{strongswan_templates}/config/plugins/eap-aka.conf
+%{strongswan_templates}/config/plugins/eap-dynamic.conf
+%{strongswan_templates}/config/plugins/eap-gtc.conf
+%{strongswan_templates}/config/plugins/eap-identity.conf
+%{strongswan_templates}/config/plugins/eap-md5.conf
+%{strongswan_templates}/config/plugins/eap-mschapv2.conf
+%{strongswan_templates}/config/plugins/eap-peap.conf
+%{strongswan_templates}/config/plugins/eap-radius.conf
+%{strongswan_templates}/config/plugins/eap-sim-file.conf
+%{strongswan_templates}/config/plugins/eap-sim-pcsc.conf
+%{strongswan_templates}/config/plugins/eap-sim.conf
+%{strongswan_templates}/config/plugins/eap-simaka-pseudonym.conf
+%{strongswan_templates}/config/plugins/eap-simaka-reauth.conf
+%{strongswan_templates}/config/plugins/eap-simaka-sql.conf
+%{strongswan_templates}/config/plugins/eap-tls.conf
+%{strongswan_templates}/config/plugins/eap-tnc.conf
+%{strongswan_templates}/config/plugins/eap-ttls.conf
+%{strongswan_templates}/config/plugins/farp.conf
+%{strongswan_templates}/config/plugins/fips-prf.conf
+%{strongswan_templates}/config/plugins/gcm.conf
+%{strongswan_templates}/config/plugins/gcrypt.conf
+%{strongswan_templates}/config/plugins/gmp.conf
+%{strongswan_templates}/config/plugins/ha.conf
+%{strongswan_templates}/config/plugins/hmac.conf
+%{strongswan_templates}/config/plugins/kernel-netlink.conf
+%{strongswan_templates}/config/plugins/ldap.conf
+%{strongswan_templates}/config/plugins/led.conf
+%{strongswan_templates}/config/plugins/md4.conf
+%{strongswan_templates}/config/plugins/md5.conf
+%{strongswan_templates}/config/plugins/nonce.conf
+%{strongswan_templates}/config/plugins/openssl.conf
+%{strongswan_templates}/config/plugins/pem.conf
+%{strongswan_templates}/config/plugins/pgp.conf
+%{strongswan_templates}/config/plugins/pkcs1.conf
+%{strongswan_templates}/config/plugins/pkcs11.conf
+%{strongswan_templates}/config/plugins/pkcs12.conf
+%{strongswan_templates}/config/plugins/pkcs7.conf
+%{strongswan_templates}/config/plugins/pkcs8.conf
+%{strongswan_templates}/config/plugins/pubkey.conf
+%{strongswan_templates}/config/plugins/radattr.conf
+%{strongswan_templates}/config/plugins/random.conf
+%{strongswan_templates}/config/plugins/rc2.conf
+%{strongswan_templates}/config/plugins/resolve.conf
+%{strongswan_templates}/config/plugins/revocation.conf
+%{strongswan_templates}/config/plugins/sha1.conf
+%{strongswan_templates}/config/plugins/sha2.conf
+%{strongswan_templates}/config/plugins/smp.conf
+%{strongswan_templates}/config/plugins/socket-default.conf
+%{strongswan_templates}/config/plugins/soup.conf
+%{strongswan_templates}/config/plugins/sql.conf
+%{strongswan_templates}/config/plugins/sshkey.conf
+%{strongswan_templates}/config/plugins/stroke.conf
+%{strongswan_templates}/config/plugins/tnc-imc.conf
+%{strongswan_templates}/config/plugins/tnc-imv.conf
+%{strongswan_templates}/config/plugins/tnc-pdp.conf
+%{strongswan_templates}/config/plugins/tnc-tnccs.conf
+%{strongswan_templates}/config/plugins/tnccs-11.conf
+%{strongswan_templates}/config/plugins/tnccs-20.conf
+%{strongswan_templates}/config/plugins/tnccs-dynamic.conf
+%{strongswan_templates}/config/plugins/unity.conf
+%{strongswan_templates}/config/plugins/updown.conf
+%{strongswan_templates}/config/plugins/x509.conf
+%{strongswan_templates}/config/plugins/xauth-eap.conf
+%{strongswan_templates}/config/plugins/xauth-generic.conf
+%{strongswan_templates}/config/plugins/xauth-pam.conf
+%{strongswan_templates}/config/plugins/xcbc.conf
+%{strongswan_templates}/config/strongswan.d/charon-logging.conf
+%{strongswan_templates}/config/strongswan.d/charon.conf
+%{strongswan_templates}/config/strongswan.d/imcv.conf
+%{strongswan_templates}/config/strongswan.d/pool.conf
+%{strongswan_templates}/config/strongswan.d/starter.conf
+%{strongswan_templates}/config/strongswan.d/tnc.conf
+%{strongswan_templates}/config/strongswan.d/tools.conf
+%{strongswan_templates}/database/imv/data.sql
+%{strongswan_templates}/database/imv/tables.sql
 
 %if %{with nm}
 
@@ -583,22 +780,47 @@ fi
 
 %files mysql
 %defattr(-,root,root)
+%dir %{strongswan_libdir}
 %dir %{strongswan_plugins}
 %{strongswan_plugins}/libstrongswan-mysql.so
+%dir %{strongswan_configs}
+%dir %{strongswan_configs}/charon
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/mysql.conf
+%dir %{strongswan_datadir}
+%dir %{strongswan_templates}
+%dir %{strongswan_templates}/config
+%dir %{strongswan_templates}/config/plugins
+%dir %{strongswan_templates}/database
+%dir %{strongswan_templates}/database/sql
+%{strongswan_templates}/config/plugins/mysql.conf
+%{strongswan_templates}/database/sql/mysql.sql
 %endif
 
 %if %{with sqlite}
 
 %files sqlite
 %defattr(-,root,root)
+%dir %{strongswan_libdir}
 %dir %{strongswan_plugins}
 %{strongswan_plugins}/libstrongswan-sqlite.so
+%dir %{strongswan_configs}
+%dir %{strongswan_configs}/charon
+%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/sqlite.conf
+%dir %{strongswan_datadir}
+%dir %{strongswan_templates}
+%dir %{strongswan_templates}/config
+%dir %{strongswan_templates}/config/plugins
+%dir %{strongswan_templates}/database
+%dir %{strongswan_templates}/database/sql
+%{strongswan_templates}/config/plugins/sqlite.conf
+%{strongswan_templates}/database/sql/sqlite.sql
 %endif
 
 %if %{with tests}
 
 %files tests
 %defattr(-,root,root)
+%dir %{strongswan_libdir}
 %dir %{strongswan_plugins}
 %{strongswan_plugins}/libstrongswan-load-tester.so
 %{strongswan_plugins}/libstrongswan-test-vectors.so