SHA256
1
0
forked from pool/strongswan

- Updated to strongSwan 4.6.1 release:

Changes in 4.6.1:
  - Because of changing checksums before and after installation which caused
    the integrity tests to fail we avoided directly linking libsimaka,
    libtls and libtnccs to those libcharon plugins which make use of these
    dynamiclibraries.
    Instead we linked the libraries to the charon daemon. Unfortunately
    Ubuntu 11.10 activated the --as-needed ld option which discards explicit
    links to dynamic libraries that are not actually used by the charon
    daemon itself, thus causing failures during the loading of the plugins
    which depend on these libraries for resolving external symbols.
  - Therefore our approach of computing  integrity checksums for plugins had
    to be changed radically by moving the hash generation from the
    compilation to the post-installation phase.
  Changes in 4.6.0:
  - The new libstrongswan certexpire plugin collects expiration information
    of all used certificates and exports them to CSV files. It either
    directly exports them or uses cron style scheduling for batch exports.
  - Starter passes unresolved hostnames to charon, allowing it to do name
    resolution not before the connection attempt. This is especially useful
    with connections between hosts using dynamic IP addresses.
    Thanks to Mirko Parthey for the initial patch.
  - The android plugin can now be used without the Android frontend patch
    and provides DNS server registration and logging to logcat.
  - Pluto and starter (plus stroke and whack) have been ported to Android.
  - Support for ECDSA private and public key operations has been added to
    the pkcs11 plugin.  The plugin now also provides DH and ECDH via PKCS#11
    and can use tokens as random number generators (RNG).  By default only
    private key operations are enabled, more advanced features have to be
    enabled by their option in strongswan.conf.  This also applies to public

OBS-URL: https://build.opensuse.org/package/show/network:vpn/strongswan?expand=0&rev=39
This commit is contained in:
Marius Tomaschewski 2012-02-15 13:32:28 +00:00 committed by Git OBS Bridge
parent fbee949c81
commit 1a4d59ebd1
9 changed files with 75 additions and 24 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:a59fa0d9820fb06a3c848f4537b9256d2067265ad10e1b007b79f3b16279f1ff
size 3299522

View File

@ -1,14 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQGcBAABAgAGBQJOOFNGAAoJEN9CwXCzTbp37JUL/jmWmoYQ4qcSQtCfyLbW761a
8HvTeoAB+gE8srcOCdnSy/i+ebVp4My3VwwivQwCHWHcbC29RjZsytRxsItqN3UR
4LCEMQ9PA6oIHl7EPumc24RfcWd4TBrlxyk/TeOYOyT0GAjvPF+w0T73pEBMQHGF
qHQXziblGfB9pxxyVJpvPq7yW+wS7nIj+8B7evitC5TimW5D3rGN1eav+da16ynl
RJuGtRlxKTy/dnC+WzbJtyxGITcnl2lPao3SilazKDx55OEMboxSTfX3x0QZ2Y2z
jIV3UzmTh7ZTqOpGrxhMr8lPiuB9w9PWCzfno0WB99suzo7IQtjyfYRifa0A/b3S
Wtp4OLdBwgStnlQdXhk2INhBSMVH3FRGZOwzr7Eb2SLK2v0BDYn3/rPSZMd2bivO
zRQeYE9LfuUpJT2BTB69YsAg3pvU55g2mU7GD8cojkxcT60HHKl4ykzwR0dTJjyK
CwV6JYoWDGkZqwrRfwJrf9o6Xlk4KdyyQGRRm/8hqg==
=7D0s
-----END PGP SIGNATURE-----

View File

@ -1,14 +1,14 @@
--- src/checksum/checksum_builder.c
+++ src/checksum/checksum_builder.c 2011/09/08 15:45:10
+++ src/checksum/checksum_builder.c 2012/02/15 13:08:35
@@ -64,9 +64,9 @@ static void build_checksum(char *path, c
fprintf(stderr, "dlopen failed: %s\n", dlerror());
}
}
- printf("\t{\"%-20s%7u, 0x%08x, %6u, 0x%08x},\n",
+ printf("\t{\"%-20s%7zu, 0x%08x, %6zu, 0x%08x},\n",
- printf("\t{\"%-25s%7u, 0x%08x, %6u, 0x%08x},\n",
+ printf("\t{\"%-25s%7zu, 0x%08x, %6zu, 0x%08x},\n",
name, fsize, fsum, ssize, ssum);
- fprintf(stderr, "\"%-20s%7u / 0x%08x %6u / 0x%08x\n",
+ fprintf(stderr, "\"%-20s%7zu / 0x%08x %6zu / 0x%08x\n",
- fprintf(stderr, "\"%-25s%7u / 0x%08x %6u / 0x%08x\n",
+ fprintf(stderr, "\"%-25s%7zu / 0x%08x %6zu / 0x%08x\n",
name, fsize, fsum, ssize, ssum);
}

3
strongswan-4.6.1.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:3d6dcdb3ce46dab51783b98c9bb54ebc931ff80941a0507d3cf3e3ac813eb439
size 3400215

View File

@ -0,0 +1,14 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQGcBAABAgAGBQJOu2a7AAoJEN9CwXCzTbp381oL/39DrG28cCvChlGKLRCK1LaF
CpCGR/rKSWy71kkCHpGuDZgr+TXN5NzWV+vyj8CZubPg/lgiDyeNTwDG7O1qE5ZD
C9MDKWq4B8MHpHaPw2royqscRIs7lF4P4wil1F/vDftHzFWfBRp5+jOjMInlc0oP
rF+mqqGXdMVbSac0QmIC+MJbR4Di7+66SskPvsLeL7/HIC27zVG32j4uLTzevKfu
pgCQwUzqAE8A3VOPrjjP9pAYMto68hZoSIEOODEXF/VMHt7qOIjHDdpQYVDH9N9K
ZXMYIMDmJq8KAQbZGGjpMvv50pwG73RE+JbX0+3B5JD2rTQND1XpiC2+PWk53LSd
3EXx+RaufjC0YgaON3vDusGfa6v/KW2gU7EOumdTDNZi2iNijVLCN91WV9BwrgLV
T8j7P2lhoHN/ihsjSpq7+vTy+DGWgToA35IgC5kfBG75aZR35ho/dKFST15kMv35
DnPbK7yEpHHyfYTblFej4mm6j+X8vbEPsJZpRtZq+A==
=Fip2
-----END PGP SIGNATURE-----

View File

@ -1,3 +1,50 @@
-------------------------------------------------------------------
Wed Feb 15 13:31:40 UTC 2012 - mt@suse.com
- Updated to strongSwan 4.6.1 release:
Changes in 4.6.1:
- Because of changing checksums before and after installation which caused
the integrity tests to fail we avoided directly linking libsimaka,
libtls and libtnccs to those libcharon plugins which make use of these
dynamiclibraries.
Instead we linked the libraries to the charon daemon. Unfortunately
Ubuntu 11.10 activated the --as-needed ld option which discards explicit
links to dynamic libraries that are not actually used by the charon
daemon itself, thus causing failures during the loading of the plugins
which depend on these libraries for resolving external symbols.
- Therefore our approach of computing integrity checksums for plugins had
to be changed radically by moving the hash generation from the
compilation to the post-installation phase.
Changes in 4.6.0:
- The new libstrongswan certexpire plugin collects expiration information
of all used certificates and exports them to CSV files. It either
directly exports them or uses cron style scheduling for batch exports.
- Starter passes unresolved hostnames to charon, allowing it to do name
resolution not before the connection attempt. This is especially useful
with connections between hosts using dynamic IP addresses.
Thanks to Mirko Parthey for the initial patch.
- The android plugin can now be used without the Android frontend patch
and provides DNS server registration and logging to logcat.
- Pluto and starter (plus stroke and whack) have been ported to Android.
- Support for ECDSA private and public key operations has been added to
the pkcs11 plugin. The plugin now also provides DH and ECDH via PKCS#11
and can use tokens as random number generators (RNG). By default only
private key operations are enabled, more advanced features have to be
enabled by their option in strongswan.conf. This also applies to public
key operations (even for keys not stored on the token) which were
enabled by default before.
- The libstrongswan plugin system now supports detailed plugin
dependencies. Many plugins have been extended to export its capabilities
and requirements. This allows the plugin loader to resolve plugin
loading order automatically, and in future releases, to dynamically load
the required features on demand.
Existing third party plugins are source (but not binary) compatible if
they properly initialize the new get_features() plugin function to NULL.
- The tnc-ifmap plugin implements a TNC IF-MAP 2.0 client which can
deliver metadata about IKE_SAs via a SOAP interface to a MAP server.
The tnc-ifmap plugin requires the Apache Axis2/C library.
- Merged patches, changed strongswan-doc to be a noarch package.
-------------------------------------------------------------------
Mon Feb 6 10:27:00 UTC 2012 - aj@suse.de

View File

@ -18,7 +18,7 @@
Name: strongswan
Version: 4.5.3
Version: 4.6.1
Release: 0
%define upstream_version %{version}
%define strongswan_docdir %{_docdir}/%{name}
@ -108,6 +108,7 @@ Authors:
and others
%package doc
BuildArch: noarch
Summary: OpenSource IPsec-based VPN Solution
%description doc
@ -317,7 +318,7 @@ cat << EOT > ${RPM_BUILD_ROOT}%{_sysconfdir}/ipsec.secrets
#
EOT
#
rm -f $RPM_BUILD_ROOT%{strongswan_libdir}/lib{charon,hydra,strongswan}.so
rm -f $RPM_BUILD_ROOT%{strongswan_libdir}/lib{charon,hydra,strongswan,simaka}.so
find $RPM_BUILD_ROOT%{strongswan_libdir} \
-name "*.a" -o -name "*.la" | xargs -r rm -f
#
@ -440,6 +441,8 @@ fi
%{strongswan_libdir}/libhydra.so.0.0.0
%{strongswan_libdir}/libcharon.so.0
%{strongswan_libdir}/libcharon.so.0.0.0
%{strongswan_libdir}/libsimaka.so.0
%{strongswan_libdir}/libsimaka.so.0.0.0
%{strongswan_libdir}/libstrongswan.so.0
%{strongswan_libdir}/libstrongswan.so.0.0.0
%dir %{strongswan_plugins}
@ -475,6 +478,7 @@ fi
%{strongswan_plugins}/libstrongswan-ha.so
%{strongswan_plugins}/libstrongswan-hmac.so
%{strongswan_plugins}/libstrongswan-kernel-netlink.so
%{strongswan_plugins}/libstrongswan-kernel-netlink.so
%{strongswan_plugins}/libstrongswan-ldap.so
%{strongswan_plugins}/libstrongswan-md4.so
%{strongswan_plugins}/libstrongswan-md5.so