From 3a50c4dfde0fa4ff4e835aaa72138c9e69f70d6e30d07b40afaa606988e30f65 Mon Sep 17 00:00:00 2001 From: OBS User unknown Date: Tue, 19 Feb 2008 13:17:02 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/strongswan?expand=0&rev=2 --- strongswan-4.1.11.tar.bz2 | 3 +++ strongswan-4.1.11.tar.bz2.sig | 9 +++++++ strongswan-4.1.9.tar.bz2 | 3 --- strongswan-4.1.9.tar.bz2.sig | 9 ------- strongswan.changes | 19 ++++++++++++++ strongswan.init.in | 2 +- strongswan.spec | 44 ++++++++++++++++++++++----------- strongswan_ipsec_script_msg.dif | 20 --------------- strongswan_path.dif | 24 ------------------ 9 files changed, 62 insertions(+), 71 deletions(-) create mode 100644 strongswan-4.1.11.tar.bz2 create mode 100644 strongswan-4.1.11.tar.bz2.sig delete mode 100644 strongswan-4.1.9.tar.bz2 delete mode 100644 strongswan-4.1.9.tar.bz2.sig delete mode 100644 strongswan_ipsec_script_msg.dif delete mode 100644 strongswan_path.dif diff --git a/strongswan-4.1.11.tar.bz2 b/strongswan-4.1.11.tar.bz2 new file mode 100644 index 0000000..a351fb1 --- /dev/null +++ b/strongswan-4.1.11.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:9d2761b780fd8b11eafce63dc44336ece6941405dae819bd03e62a5f6b2f82fb +size 2234335 diff --git a/strongswan-4.1.11.tar.bz2.sig b/strongswan-4.1.11.tar.bz2.sig new file mode 100644 index 0000000..07d8a67 --- /dev/null +++ b/strongswan-4.1.11.tar.bz2.sig @@ -0,0 +1,9 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.6 (GNU/Linux) + +iQCVAwUAR7TA89YbDnNAmVNZAQJS6wQAil7xDrAGwYgFOaDpv4h6tF53TnQBepLK +FhEnxtPNmk5YAwhu8t3qsHIOERzctKt8vwh0fnNZTKP3GeKWl+7f4zYOlQPKEW+S +ltsE9dfLBjNDPlToTJHKre6i+u9l+scndf8087vinzsgnqK/JXyGKQ58cAts0ytV +JbBe/WhlOiA= +=t33J +-----END PGP SIGNATURE----- diff --git a/strongswan-4.1.9.tar.bz2 b/strongswan-4.1.9.tar.bz2 deleted file mode 100644 index bed7c93..0000000 --- a/strongswan-4.1.9.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:37ea5119dc54cb150d444302f82f84854a15d35e45a817e3a29be86b7d750587 -size 2176339 diff --git a/strongswan-4.1.9.tar.bz2.sig b/strongswan-4.1.9.tar.bz2.sig deleted file mode 100644 index a09f8e6..0000000 --- a/strongswan-4.1.9.tar.bz2.sig +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.6 (GNU/Linux) - -iQCVAwUAR1Wm+dYbDnNAmVNZAQIvkAQAolk4x+wmuJEIBHQ+24S2v2fOJoZKud6L -Fl8cqH2GPe4yYZkuaJ+djgK+GslBfY8qyqXKC49SUkwWtA/yMKkItwDNv2RwhXdQ -jzjAI1Ad8nCck3XFkIYg9gxL/p2caooRqu6PUr0qfTpVl1lKMW0tHVssavUnCWJv -NcjWTSUihl0= -=GC6L ------END PGP SIGNATURE----- diff --git a/strongswan.changes b/strongswan.changes index 90cabe5..02c1f1d 100644 --- a/strongswan.changes +++ b/strongswan.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Tue Feb 19 11:44:03 CET 2008 - mt@suse.de + +- Updated to 4.1.11 maintenance release, providing following fixes: + * IKE rekeying in NAT situations did not inherit the NAT conditions + to the rekeyed IKE_SA so that the UDP encapsulation was lost with + the next CHILD_SA rekeying. + * Wrong type definition of the next_payload variable in id_payload.c + caused an INVALID_SYNTAX error on PowerPC platforms. + * Implemented IKEv2 EAP-SIM server and client test modules that use + triplets stored in a file. For details on the configuration see + the scenario 'ikev2/rw-eap-sim-rsa'. +- The 4.1.10 final version, declared upstream as "Fully tested support + of IPv6 IPsec tunnel connections", fixes ordering error in oscp cache, + IPv6 defaults of the nexthop parameter, adds support for new EAP + modules [disabled in this build] and obsoletes our strongswan_path + and strongswan_ipsec_script_msg patches. +- Removed a sed call from init script. + ------------------------------------------------------------------- Sat Dec 8 13:03:42 CET 2007 - mt@suse.de diff --git a/strongswan.init.in b/strongswan.init.in index 94c535f..c6ac6ad 100644 --- a/strongswan.init.in +++ b/strongswan.init.in @@ -208,7 +208,7 @@ rc_reset case "$1" in start) - $IPSEC_CMD start 2>&1 | sed -e "s/ -- .*//g" + $IPSEC_CMD start 2>&1 rc_status -v1 ;; stop) diff --git a/strongswan.spec b/strongswan.spec index a02ccef..9bc91d2 100644 --- a/strongswan.spec +++ b/strongswan.spec @@ -1,7 +1,7 @@ # -# spec file for package strongswan (Version 4.1.9) +# spec file for package strongswan (Version 4.1.11) # -# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine # package are under the same license as the package itself. # @@ -10,11 +10,12 @@ # norootforbuild + Name: strongswan -%define upstream_version 4.1.9 +%define upstream_version 4.1.11 %define strongswan_docdir %{_docdir}/%{name} -Version: 4.1.9 -Release: 6 +Version: 4.1.11 +Release: 1 License: GPL v2 or later Group: Productivity/Networking/Security Summary: StrongSwan -- OpenSource IPsec-based VPN Solution @@ -28,9 +29,7 @@ AutoReqProv: on Source0: http://download.strongswan.org/strongswan-%{upstream_version}.tar.bz2 Source1: http://download.strongswan.org/strongswan-%{upstream_version}.tar.bz2.sig Source2: %{name}.init.in -Patch1: %{name}_path.dif -Patch2: %{name}_ipsec_script_msg.dif -Patch3: %{name}_modprobe_syslog.dif +Patch1: %{name}_modprobe_syslog.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: bison flex gmp-devel gperf pkg-config %if 0%{?suse_version} >= 1030 @@ -49,9 +48,11 @@ StrongSwan is an OpenSource IPsec-based VPN Solution for Linux * runs both on Linux 2.4 (KLIPS IPsec) and Linux 2.6 (NETKEY IPsec) kernels -* supports both the IKEv1 and IKEv2 (RFC 4306) key exchange +* implements both the IKEv1 and IKEv2 (RFC 4306) key exchange protocols +* NEW: Fully tested support of IPv6 IPsec tunnel connections + * Dynamical IP address and interface update with IKEv2 MOBIKE (RFC 4555) @@ -123,8 +124,6 @@ Authors: %prep %setup -q -n %{name}-%{upstream_version} %patch1 -p0 -%patch2 -p0 -%patch3 -p0 sed -e 's|@libexecdir@|%_libexecdir|g' \ < $RPM_SOURCE_DIR/strongswan.init.in \ > strongswan.init @@ -251,8 +250,25 @@ fi %{_mandir}/man8/pluto.8* %{_mandir}/man8/scepclient.8* %{_mandir}/man8/starter.8* + %changelog -* Sat Dec 08 2007 - mt@suse.de +* Tue Feb 19 2008 mt@suse.de +- Updated to 4.1.11 maintenance release, providing following fixes: + * IKE rekeying in NAT situations did not inherit the NAT conditions + to the rekeyed IKE_SA so that the UDP encapsulation was lost with + the next CHILD_SA rekeying. + * Wrong type definition of the next_payload variable in id_payload.c + caused an INVALID_SYNTAX error on PowerPC platforms. + * Implemented IKEv2 EAP-SIM server and client test modules that use + triplets stored in a file. For details on the configuration see + the scenario 'ikev2/rw-eap-sim-rsa'. +- The 4.1.10 final version, declared upstream as "Fully tested support + of IPv6 IPsec tunnel connections", fixes ordering error in oscp cache, + IPv6 defaults of the nexthop parameter, adds support for new EAP + modules [disabled in this build] and obsoletes our strongswan_path + and strongswan_ipsec_script_msg patches. +- Removed a sed call from init script. +* Sat Dec 08 2007 mt@suse.de - Updated to 4.1.9 final, including all our patches. - Changed init script to use ipsec cmd using LSB codes now. - Added strongswan_path.dif setting a PATH in scripts (updown). @@ -260,9 +276,9 @@ fi ipsec script messages. - Added strongswan_modprobe_syslog.dif redirecting modprobe output to syslog. -* Mon Nov 26 2007 - mt@suse.de +* Mon Nov 26 2007 mt@suse.de - Renamed charon plugins to avoid rpm conflicts with existing libraries (libstroke). Patch: strongswan-libconflicts.dif - Added init script. Template file: strongswan.init.in -* Thu Nov 22 2007 - mt@suse.de +* Thu Nov 22 2007 mt@suse.de - Initial, unfinished package diff --git a/strongswan_ipsec_script_msg.dif b/strongswan_ipsec_script_msg.dif deleted file mode 100644 index edaea8d..0000000 --- a/strongswan_ipsec_script_msg.dif +++ /dev/null @@ -1,20 +0,0 @@ ---- src/ipsec/ipsec.in -+++ src/ipsec/ipsec.in 2007/12/06 09:21:17 -@@ -166,7 +166,7 @@ reload) - echo "Reloading strongSwan IPsec configuration..." >&2 - kill -s USR1 `cat $IPSEC_STARTER_PID` 2>/dev/null && rc=0 - else -- echo "ipsec starter is not running" >&2 -+ echo "Reloading strongSwan IPsec: starter is not running" >&2 - fi - exit "$rc" - ;; -@@ -285,7 +285,7 @@ stop) - fi - fi - else -- echo "ipsec starter is not running" >&2 -+ echo "Stopping strongSwan IPsec: starter is not running" >&2 - fi - exit 0 - ;; diff --git a/strongswan_path.dif b/strongswan_path.dif deleted file mode 100644 index 62410fb..0000000 --- a/strongswan_path.dif +++ /dev/null @@ -1,24 +0,0 @@ ---- src/ipsec/ipsec.in -+++ src/ipsec/ipsec.in 2007/12/05 08:15:29 -@@ -16,6 +16,9 @@ - # - # RCSID $Id: ipsec.in 3370 2007-11-29 18:27:04Z andreas $ - -+PATH="/sbin:/bin:/usr/sbin:/usr/bin" -+export PATH -+ - # name and version of the ipsec implementation - IPSEC_NAME="@IPSEC_NAME@" - IPSEC_VERSION="U@IPSEC_VERSION@/K`uname -r`" ---- src/_updown/_updown.in -+++ src/_updown/_updown.in 2007/12/05 08:15:29 -@@ -118,6 +118,9 @@ - # restricted on the peer side. - # - -+PATH="/sbin:/bin:/usr/sbin:/usr/bin" -+export PATH -+ - # uncomment to log VPN connections - VPN_LOGGING=1 - #