rpm/strongswan
SHA256
1
0
Fork 0
forked from pool/strongswan
Code Pull Requests Activity

Compare commits

merge into: rpm:factory
Branches Tags
rpm:factory
pool:factory
pool:devel
...
pull from: pool:factory
Branches Tags
pool:factory
pool:devel
rpm:factory

4 Commits
factory ... factory

Author SHA256 Message Date
Ana Guerrero
3bf0600596 Accepting request 1226518 from network:vpn 
- rename -hmac subpackage to -fips because it isn't providing
  the hmac files, it provides the configuration drop in to
  enforce fips mode.

OBS-URL: https://build.opensuse.org/request/show/1226518
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/strongswan?expand=0&rev=97
 2024-11-27 21:05:20 +00:00
OBS User unknown
ef46e72ebe [info=da8f2965e2b2460d9eb4f7b25c3be52f7b60a42ab5b9bab48c984206a964d52e] 
OBS-URL: https://build.opensuse.org/package/show/network:vpn/strongswan?expand=0&rev=167
 2024-11-26 12:59:57 +00:00
Jan Engelhardt
8c0cb384be [info=47ab1ca7708f6b09cc99afa33d7ec92c5e02aff2338545eedb72b0511ac25478] 
OBS-URL: https://build.opensuse.org/package/show/network:vpn/strongswan?expand=0&rev=166
 2024-11-26 12:58:42 +00:00
Jan Engelhardt
cf0313df27 - rename -hmac subpackage to -fips because it isn't providing 
the hmac files, it provides the configuration drop in to
  enforce fips mode.

- Removes deprecated SysV support
- Added prf-plus-modularization.patch that outsources the IKE
- move file %{_datadir}/dbus-1/system.d/nm-strongswan-service.conf
  to strongswan-nm subpackage, as it is needed for the
  NetworkManager plugin that uses strongswan-nm, not
- Removed unused requires and macro calls(bsc#1083261)
    improved oracle are not compatible with the earlier
    (wasn't the case since 5.0.0) and packets that have the flag
    also checked against IKEv2 signature schemes. If such
    constraints are used for certificate chain validation in
    transport mode connections coming over the same NAT device for
    Windows 7 IKEv2 clients, which announces its services over the
  * For the vici plugin a Python Egg has been added to allow
    Python applications to control or monitor the IKE daemon using
  * EAP server methods now can fulfill public key constraints,
- Fix build in factory
- Fix systemd unit dir
  from glibc
    IDr payload anymore.
  * Consistent logging of IKE and CHILD SAs at the audit (AUD) level.
  caused an INVALID_SYNTAX error on PowerPC platforms.
- Initial, unfinished package

OBS-URL: https://build.opensuse.org/package/show/network:vpn/strongswan?expand=0&rev=165
 2024-11-26 12:56:29 +00:00
4 changed files with 42 additions and 26 deletions
Show Stats Expand all files Collapse all files

4
_scmsync.obsinfo Normal file
View File

@ -0,0 +1,4 @@
mtime: 1732622190
commit: da8f2965e2b2460d9eb4f7b25c3be52f7b60a42ab5b9bab48c984206a964d52e
url: https://src.opensuse.org/jengelh/strongswan
revision: master

3
build.specials.obscpio Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:3ac4a036b66b71eed02d98e29f3a851b75b360034bc3c1e118a8a01d49357497
size 256

7
strongswan.changes
View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Tue Nov 26 12:02:16 UTC 2024 - Dirk Müller <dmueller@suse.com>
- rename -hmac subpackage to -fips because it isn't providing
the hmac files, it provides the configuration drop in to
enforce fips mode.
-------------------------------------------------------------------
Thu Jun 20 12:10:36 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>

8
strongswan.spec
View File

@ -145,13 +145,15 @@ StrongSwan is an IPsec-based VPN solution for Linux.
This package provides the strongswan library and plugins.
%package hmac
%package fips
Summary: Config file to disable non FIPS-140-2 algos in strongSwan
Group: Productivity/Networking/Security
Requires: strongswan-ipsec = %{version}
Requires: strongswan-libs0 = %{version}
Provides: strongswan-hmac = %{version}-%{release}
Obsoletes: strongswan-hmac < %{version}-%{release}
%description hmac
%description fips
The package provides a config file disabling alternative algorithm
implementation when FIPS-140-2 compliant operation mode is enabled.
@ -446,7 +448,7 @@ fi
%if %{with fipscheck}
%files hmac
%files fips
%dir %{strongswan_configs}
%dir %{strongswan_configs}/charon
%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/zzz_fips-enforce.conf