aboutsummaryrefslogtreecommitdiff
path: root/net/strongswan
Commit message (Collapse)AuthorAge
...
* strongswan: rename -utils to -ipsecStijn Tintel2017-08-07
| | | | | | | Since the strongswan-utils package now only contains the aging ipsec utility, rename it to strongswan-ipsec. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* strongswan: split scepclient into separate packageStijn Tintel2017-08-07
| | | | | | | | | | | | We currently include the SCEP client in strongswan-utils, which is a dependency of the strongswan-default meta-package. As it's generally not recommended to generate keys on embedded devices due to lack of entropy, move the SCEP client to a separate package, and only depend on it in the strongswan-full meta-package. While at it, add scepclient.conf to the package. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* strongswan: split PKI tool into separate packageStijn Tintel2017-08-07
| | | | | | | | | | | | We currently include the PKI tool in strongswan-utils, which is a dependency of the strongswan-default meta-package. As it's generally not recommended to generate keys on embedded devices due to lack of entropy, move the PKI tool to a separate package, and only depend on it in the strongswan-full meta-package. While at it, add pki.conf to the package. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* strongswan: fix typoStijn Tintel2017-05-30
| | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* strongswan: add curve25519 pluginStijn Tintel2017-05-30
| | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* strongswan: bump to 5.5.3Stijn Tintel2017-05-30
| | | | | | Fixes CVE-2017-9022, CVE-2017-9023. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* strongswan: bump to 5.5.2Stijn Tintel2017-04-26
| | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* Merge pull request #3585 from dedeckeh/strongswan_uciStijn Tintel2017-03-09
|\ | | | | strongswan: UCI support
| * strongswan: uci config supportHans Dedecker2017-01-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support to configure strongswan via uci. uci support is based on the following sections -ipsec : Global config items belonging in the strongswan.conf file -remote : Defines the remote peer(s) -tunnel : Defines the IPSec connections in tunnel mode -transport : Defines the IPSec connections in transport mode -crypto_proposal : Defines the different crypto proposals Signed-off-by: Pierre Lebleu <pme.lebleu@gmail.com> Signed-off-by: Gino Peeters <peeters.gino@gmail.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* | strongswan: enable IKEv2 Mediation ExtensionStijn Tintel2017-01-30
|/ | | | | | Closes #3905. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* strongswan: Fix compile error due to __kernel_nlink_t being re-definedHans Dedecker2016-11-09
| | | | | | | | | Patch 101-musl-fixes defines __kernel_nlink_t as void; but using a pre-3.6.11 kernel on an arm cortex defines __kernel_nlink_t as unsigned short using uclibc Fix the compile issue by not redefining __kernel_nlink_t Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* Merge pull request #3039 from dedeckeh/strongswan-muslStijn Tintel2016-11-02
|\ | | | | strongswan: Include musl.h after _GNU_SOURCE define
| * strongswan: Include musl.h after _GNU_SOURCE defineHans Dedecker2016-11-02
| | | | | | | | | | | | | | | | | | | | | | musl.h was included before _GNU_SOURCE in 101-musl-fixes patch leading to compilation issue on gcc (RTLD_DEFAULT not being defined in dlfcn.h due to __USE_GNU not being set). As described in the feature test macro man page feature macro can be defined in the source code but need to be defined before including any headers. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* | strongswan: take over maintainershipStijn Tintel2016-10-31
| | | | | | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* | strongswan: bump to 5.5.1Stijn Tintel2016-10-31
| | | | | | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* | strongswan: preserve /etc/strongswan.d during upgradeStijn Tintel2016-10-31
|/ | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* strongswan: bump to 5.5.0 (#2976)Stijn Tintel2016-07-18
| | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* strongswan: bump to 5.4.0Stijn Tintel2016-07-06
| | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* strongswan: add forecast pluginStijn Tintel2016-07-06
| | | | | | Closes #1868. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* strongswan: fix alignment in connmark pluginStijn Tintel2016-07-06
| | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* strongswan: run sleep with integer argumentStijn Tintel2016-07-06
| | | | | | | | | | | | The default busybox config used by OpenWrt does not enable floating point number support for the sleep applet. This can cause an error when stopping or restarting strongswan: sleep: invalid number '0.1' Replace the float with an integer to fix this. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* net: Fix typos (found by codespell)Stefan Weil2016-04-10
| | | | Signed-off-by: Stefan Weil <sw@weilnetz.de>
* strongswan: bump to 5.3.5Steven Barth2016-01-20
| | | | Signed-off-by: Steven Barth <steven@midlink.org>
* strongswan: preserve /etc/ipsec.d during upgradeStijn Tintel2016-01-19
| | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* strongswan: add upstream patch for bug in 5.3.4Stijn Tintel2015-11-28
| | | | | | | | | See https://wiki.strongswan.org/issues/1213 Removed the changes to charon-xpc.c because they didn't apply and are only used on OS X anyway. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* strongswan: update to 5.3.4Steven Barth2015-11-23
| | | | | | Fixes CVE-2015-8023 Signed-off-by: Steven Barth <steven@midlink.org>
* strongswan: gmpdh plugin, package and strongswan-isakmp metapackagebrainsucker-na2015-11-19
| | | | | | | | gmpdh plugin implements DH Groups (same as normal GMP plugin), but links to GMP statically and is stripped of all RSA based stuff. Binary size for plugin is ~20kbytes with no dependency on libgmp (200+ kbytes after squash), easilly fitting into flash space restricted devices. strongswan-isakmp metapackage defines a minimal set of strongswan plugins (including gmpdh) for ISAKMP / IKEv1 PSK tunnels. Will fit even 4mb routers (like tplink wr841n) with disabled IPv6 support and packages (so its a trade - IPv6 or ipsec tunnels). Signed-of-by: Mikalai Miadzvedz <brainsucker.na@gmail.com>
* strongswan: bump to 5.3.3Steven Barth2015-09-07
| | | | Signed-off-by: Steven Barth <steven@midlink.org>
* strongswan: make kmod-ipsec6 dependency conditionalMarcin Jurkowski2015-09-01
| | | | | | | | Makes kmod-ipsec6 requirement dependent on IPv6 support for packages. This allows to disable unnecessary IPv6 kernel modules, saving considerable amount of space. Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
* strongswan: add a couple more pluginsDirk Feytons2015-08-27
| | | | Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
* strongswan: dont overwrite ipsec.conf and ipsec.user during upgradeUlrich Weber2015-08-25
| | | | Signed-off-by: Ulrich Weber <uw@ocedo.com>
* strongswan: split out libtls.so as a separate package.Yousong Zhou2015-08-20
| | | | | | | | When only strongswan-minimal is selected, libtls.so will not be built yet package strongswan will still try to copy the file causing build failure. Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* strongswan: Added strongswan-mod-eap-tlsAdam Lebsack2015-07-20
| | | | Signed-off-by: Adam Lebsack <alebsack@gmail.com>
* strongswan: add more exceptions to musl-fixesSteven Barth2015-06-23
| | | | Signed-off-by: Steven Barth <steven@midlink.org>
* strongswan: refresh musl compatibility fixesSteven Barth2015-06-22
| | | | Signed-off-by: Steven Barth <steven@midlink.org>
* strongswan: fix musl builds, reenable lost modulesSteven Barth2015-06-19
| | | | Signed-off-by: Steven Barth <steven@midlink.org>
* strongswan: bump to 5.3.2Steven Barth2015-06-08
| | | | Signed-off-by: Steven Barth <steven@midlink.org>
* strongswan: update to 5.3.1, cleanup broken modulesSteven Barth2015-06-08
| | | | Signed-off-by: Steven Barth <steven@midlink.org>
* strongswan: add missing dependencySteven Barth2015-04-07
| | | | Signed-off-by: Steven Barth <steven@midlink.org>
* strongswan: bump to 5.3.0Steven Barth2015-04-06
| | | | Signed-off-by: Steven Barth <steven@midlink.org>
* strongswan: fix IKEv1 supportSteven Barth2015-03-09
| | | | Signed-off-by: Steven Barth <steven@midlink.org>
* strongswan: bump to 5.2.2Steven Barth2015-01-11
| | | | Signed-off-by: Steven Barth <steven@midlink.org>
* strongswan: correctly install plugin include configsSteven Barth2014-12-04
| | | | Signed-off-by: Steven Barth <steven@midlink.org>
* strongswan: update to 5.2.1Steven Barth2014-10-20
| | | | Signed-off-by: Steven Barth <steven@midlink.org>
* strongswan: import, update, adoptSteven Barth2014-08-17
Signed-off-by: Steven Barth <steven@midlink.org>
Powered by cgit, Themed by Ted Yin.