Package: strongswan-nm Version: 5.4.0-3 Severity: minor Tags: patch Hi,
When no certificate is specified in a network-manager's strongswan vpn connection, charon-nm looks for CAs in a directory set at compile-time, nm-ca-dir. This, however, by default makes it look for certificates in /usr/share/ca-certificates instead of the expected dir, /etc/ssl/certs. Attached patch makes charon-nm default to using /etc/ssl/certs. Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net
From c3c8ac9a2bbbf60d4cbcbb60668ce5c1c41c6997 Mon Sep 17 00:00:00 2001 From: Raphael Geissert <geiss...@debian.org> Date: Mon, 22 Aug 2016 14:20:26 +0200 Subject: [PATCH] make charon-nm use /etc/ssl/certs when no endpoint cert or CA is specified --- debian/rules | 1 + 1 file changed, 1 insertion(+) diff --git a/debian/rules b/debian/rules index f1c30b1..571bd37 100755 --- a/debian/rules +++ b/debian/rules @@ -48,6 +48,7 @@ ifeq ($(DEB_BUILD_ARCH_OS),linux) # only enable network-manager and capabilities dropping on linux hosts # some plugins are linux-only too CONFIGUREARGS += --enable-nm \ + --with-nm-ca-dir=/etc/ssl/certs \ --with-capabilities=libcap \ --enable-farp \ --enable-dhcp \ -- 1.7.10.4