Bug#814927: [Pkg-swan-devel] Bug#814927: strongSwan misses ChaCha/POLY support

2018-08-22 Thread StarBrilliant 
On Tue, 16 Feb 2016 17:15:46 +0100, Alessandro Guido
 wrote:
>
> strongSwan supports the ChaCha20/Poly1305 algorithm since version 5.3.3.
> Such algo is supposedly faster than AES on machines w/o hardware
> acceleration.
> I suggest to include --enable-chapoly [1] when running the configure script.

I just checked the sid and experimental repo, still not fixed.

This patch has been submitted for over 2 years, and is actually working.
I recommend merging the patch now.

Benefit for the fix: strongSwan has a certain problem that does not
warn you if you configure ChaCha20Poly1305 with this plugin missing,
but stops working with weird errors if any client tries to negotiate
this cipher, making system administrators puzzled troubleshooting this
problem. By merging the patch can we solve the problem.


Best regards,
StarBrilliant

Bug#814927: [Pkg-swan-devel] Bug#814927: strongSwan misses ChaCha/POLY support

2018-01-23 Thread Stefan Tatschner 
On Sun, 23 Apr 2017 15:17:28 -0700 Gerald Turner  wrote:
> Control: tags -1 + patch
> 
> ---
>  debian/control | 1 +
>  debian/libstrongswan-extra-plugins.install | 3 +++
>  debian/rules   | 1 +
>  3 files changed, 5 insertions(+)

Gentle ping for this bug + patch. :)

Bug#814927: [Pkg-swan-devel] Bug#814927: strongSwan misses ChaCha/POLY support

2017-04-23 Thread Gerald Turner 
Control: tags -1 + patch

---
 debian/control | 1 +
 debian/libstrongswan-extra-plugins.install | 3 +++
 debian/rules   | 1 +
 3 files changed, 5 insertions(+)

diff --git a/debian/control b/debian/control
index a7d84fd7..ac9324c1 100644
--- a/debian/control
+++ b/debian/control
@@ -143,6 +143,7 @@ Description: strongSwan utility and crypto library (extra 
plugins)
   - bliss (Bimodal Lattice Signature Scheme (BLISS) post-quantum computer
 signature scheme)
   - ccm (CCM cipher mode wrapper)
+  - chapoly (ChaCha20/Poly1305 AEAD implementation)
   - cmac (CMAC cipher mode wrapper)
   - ctr (CTR cipher mode wrapper)
   - curl (libcurl based HTTP/FTP fetcher)
diff --git a/debian/libstrongswan-extra-plugins.install 
b/debian/libstrongswan-extra-plugins.install
index 6bd32976..591b3c1d 100644
--- a/debian/libstrongswan-extra-plugins.install
+++ b/debian/libstrongswan-extra-plugins.install
@@ -1,6 +1,7 @@
 # libstrongswan plugins
 usr/lib/ipsec/plugins/libstrongswan-bliss.so
 usr/lib/ipsec/plugins/libstrongswan-ccm.so
+usr/lib/ipsec/plugins/libstrongswan-chapoly.so
 usr/lib/ipsec/plugins/libstrongswan-cmac.so
 usr/lib/ipsec/plugins/libstrongswan-ctr.so
 usr/lib/ipsec/plugins/libstrongswan-curl.so
@@ -16,6 +17,7 @@ usr/lib/ipsec/plugins/libstrongswan-unbound.so
 # default configuration files
 usr/share/strongswan/templates/config/plugins/bliss.conf
 usr/share/strongswan/templates/config/plugins/ccm.conf
+usr/share/strongswan/templates/config/plugins/chapoly.conf
 usr/share/strongswan/templates/config/plugins/cmac.conf
 usr/share/strongswan/templates/config/plugins/ctr.conf
 usr/share/strongswan/templates/config/plugins/curl.conf
@@ -32,6 +34,7 @@ usr/share/strongswan/templates/database/sql/mysql.sql
 usr/share/strongswan/templates/database/sql/sqlite.sql
 etc/strongswan.d/charon/bliss.conf
 etc/strongswan.d/charon/ccm.conf
+etc/strongswan.d/charon/chapoly.conf
 etc/strongswan.d/charon/cmac.conf
 etc/strongswan.d/charon/ctr.conf
 etc/strongswan.d/charon/curl.conf
diff --git a/debian/rules b/debian/rules
index d99b21c6..ec0860e8 100755
--- a/debian/rules
+++ b/debian/rules
@@ -10,6 +10,7 @@ CONFIGUREARGS := --libdir=/usr/lib --libexecdir=/usr/lib \
--enable-bliss \
--enable-ccm \
--enable-certexpire \
+   --enable-chapoly \
--enable-cmd \
--enable-ctr \
--enable-curl \
-- 
Gerald Turner Encrypted mail preferred!
OpenPGP: 4096R / CA89 B27A 30FA 66C5 1B80  3858 EC94 2276 FDB8 716D


signature.asc
Description: PGP signature