Hello community,
here is the log from the commit of package strongswan for openSUSE:Factory
checked in at Tue Jun 28 11:25:18 CEST 2011.
--------
--- strongswan/strongswan.changes 2010-11-22 10:12:07.000000000 +0100
+++ /mounts/work_src_done/STABLE/strongswan/strongswan.changes 2011-05-29
16:37:57.000000000 +0200
@@ -1,0 +2,58 @@
+Sun May 29 16:37:00 UTC 2011 - jcnen...@googlemail.com
+
+- Updated to strongSwan 4.5.2 release, changes overview since 4.5.1:
+ * The whitelist plugin for the IKEv2 daemon maintains an in-memory identity
+ whitelist. Any connection attempt of peers not whitelisted will get
rejected.
+ The 'ipsec whitelist' utility provides a simple command line frontend for
+ whitelist administration.
+ * The duplicheck plugin provides a specialized form of duplicate checking,
+ doing a liveness check on the old SA and optionally notify a third party
+ application about detected duplicates.
+ * The coupling plugin permanently couples two or more devices by limiting
+ authentication to previously used certificates.
+ * In the case that the peer config and child config don't have the same name
+ (usually in SQL database defined connections), ipsec up|route <peer config>
+ starts|routes all associated child configs and ipsec up|route <child
config>
+ only starts|routes the specific child config.
+ * fixed the encoding and parsing of X.509 certificate policy statements
(CPS).
+ * Duncan Salerno contributed the eap-sim-pcsc plugin implementing a
+ pcsc-lite based SIM card backend.
+ * The eap-peap plugin implements the EAP PEAP protocol. Interoperates
+ successfully with a FreeRADIUS server and Windows 7 Agile VPN clients.
+ * The IKEv2 daemon charon rereads strongswan.conf on SIGHUP and instructs
+ all plugins to reload. Currently only the eap-radius and the attr plugins
+ support configuration reloading.
+ * Added userland support to the IKEv2 daemon for Extended Sequence Numbers
+ support coming with Linux 2.6.39. To enable ESN on a connection, add
+ the 'esn' keyword to the proposal. The default proposal uses 32-bit
sequence
+ numbers only ('noesn'), and the same value is used if no ESN mode is
+ specified. To negotiate ESN support with the peer, include both, e.g.
+ esp=aes128-sha1-esn-noesn.
+ * In addition to ESN, Linux 2.6.39 gained support for replay windows larger
+ than 32 packets. The new global strongswan.conf option
'charon.replay_window'
+ configures the size of the replay window, in packets.
+
+-------------------------------------------------------------------
+Mon Mar 14 10:59:32 UTC 2011 - m...@suse.de
+
+- Updated to strongSwan 4.5.1 release, changes overview since 4.5.0:
+ * Implements RFC 5793 Posture Broker Protocol (BP)
+ * Re-implemented TNCCS 1.1 protocol
+ * Allows to store IKE and ESP proposals in an SQL database
+ * Allows to store CRL and OCSP cert points in an SQL database
+ * New 'include' statement in strongswan.conf allows recursions
+ * Modifications of strongswan.conf parser, cause syntax attr plugin
+ syntax changes.
+ * ipsec listalgs now appends the plugin registering an algo
+ * Adds support for Traffic Flow Confidentiality with Linux 2.6.38
+ * New af-alg plugin allows to use new primitives in 2.6.38 crypto api
+ and removes the need for additional userland implementations.
+ * IKEv2 daemon supports the INITIAL_CONTACT notify
+ * conftest conformance testing framework
+ * new constraints plugin provides advanced X.509 constraint checking
+ * left/rightauth ipsec.conf keywords accept minimum strengths
+ * basic support for delta CRLs
+ See the NEWS file or http://download.strongswan.org/CHANGES4.txt
+ for a detailed description of the changes.
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
strongswan-4.4.0-rpmlintrc
strongswan-4.5.0-rpmlintrc
strongswan-4.5.0.tar.bz2
strongswan-4.5.0.tar.bz2.sig
New:
----
_service
_service:download_url:strongswan-4.5.2.tar.bz2
_service:download_url:strongswan-4.5.2.tar.bz2.sig
strongswan-4.5.2-rpmlintrc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ strongswan.spec ++++++
--- /var/tmp/diff_new_pack.YtzpYH/_old 2011-06-28 11:13:12.000000000 +0200
+++ /var/tmp/diff_new_pack.YtzpYH/_new 2011-06-28 11:13:12.000000000 +0200
@@ -1,7 +1,7 @@
#
-# spec file for package strongswan (Version 4.5.0)
+# spec file for package strongswan
#
-# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -19,7 +19,7 @@
Name: strongswan
-%define upstream_version 4.5.0
+%define upstream_version 4.5.2
%define strongswan_docdir %{_docdir}/%{name}
%define strongswan_plugins %{_libexecdir}/ipsec/plugins
%define with_mysql 1
@@ -27,8 +27,8 @@
%define with_gcrypt 0%{suse_version} >= 1110
%define with_nm 0%{suse_version} >= 1110
%define with_tests 0
-Version: 4.5.0
-Release: 2
+Version: 4.5.2
+Release: 1
License: GPLv2+
Group: Productivity/Networking/Security
Summary: OpenSource IPsec-based VPN Solution
@@ -419,14 +419,11 @@
%{_mandir}/man3/anyaddr.3*
%{_mandir}/man3/atoaddr.3*
%{_mandir}/man3/atoasr.3*
-%{_mandir}/man3/atosa.3*
%{_mandir}/man3/atoul.3*
%{_mandir}/man3/goodmask.3*
%{_mandir}/man3/initaddr.3*
%{_mandir}/man3/initsubnet.3*
-%{_mandir}/man3/keyblobtoid.3*
%{_mandir}/man3/portof.3*
-%{_mandir}/man3/prng.3*
%{_mandir}/man3/rangetosubnet.3*
%{_mandir}/man3/sameaddr.3*
%{_mandir}/man3/subnetof.3*
@@ -434,13 +431,11 @@
%{_mandir}/man3/ttodata.3*
%{_mandir}/man3/ttosa.3*
%{_mandir}/man3/ttoul.3*
-%{_mandir}/man8/_copyright.8*
%{_mandir}/man8/_updown.8*
%{_mandir}/man8/_updown_espmark.8*
%{_mandir}/man8/openac.8*
%{_mandir}/man8/pluto.8*
%{_mandir}/man8/scepclient.8*
-%{_mandir}/man8/starter.8*
%files libs0
%defattr(-,root,root)
@@ -461,6 +456,7 @@
%{strongswan_plugins}/libstrongswan-attr.so
%{strongswan_plugins}/libstrongswan-attr-sql.so
%{strongswan_plugins}/libstrongswan-blowfish.so
+%{strongswan_plugins}/libstrongswan-constraints.so
%{strongswan_plugins}/libstrongswan-curl.so
%{strongswan_plugins}/libstrongswan-des.so
%{strongswan_plugins}/libstrongswan-dhcp.so
++++++ _service ++++++
<services>
<service name="download_url"><param
name="path">/strongswan-4.5.2.tar.bz2.sig</param><param
name="host">download.strongswan.org</param></service>
<service name="download_url"><param
name="path">/strongswan-4.5.2.tar.bz2</param><param
name="host">download.strongswan.org</param></service></services>++++++
strongswan-4.4.0-rpmlintrc -> strongswan-4.5.2-rpmlintrc ++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
