Package: libreswan / 4.14-1.1

Metadata

Package Version Patches format
libreswan 4.14-1.1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
0001 do not use git version.patch | (download)

packaging/utils/setlibreswanversion | 2 1 1 - 0 !
1 file changed, 1 insertion( ), 1 deletion(-)

 do not use git version

0002 debian pam.d pluto.patch | (download)

configs/pam.d/pluto | 27 11 16 - 0 !
1 file changed, 11 insertions( ), 16 deletions(-)

 debian-pam.d-pluto

0004 ikev1 policy defaults to drop.patch | (download)

configs/d.ipsec.conf/ikev1-policy.xml | 7 4 3 - 0 !
include/ipsecconf/keywords.h | 2 1 1 - 0 !
lib/libipsecconf/confread.c | 1 1 0 - 0 !
programs/pluto/server.c | 5 0 5 - 0 !
4 files changed, 6 insertions( ), 9 deletions(-)

 ikev1-policy defaults to drop

IKEv2 has been available for 16 years (RFC 4306 was published December
2005).  At some point, we should be discouraging IKEv1 adoption.

To the extent that a user needs IKEv1, they can manually add
ikev1-policy=accept to /etc/ipsec.conf.

0004 Include features.h to enable NSPR workaround for 854.patch | (download)

include/ike_alg.h | 1 1 0 - 0 !
include/lswnss.h | 1 1 0 - 0 !
include/test_buffer.h | 1 1 0 - 0 !
include/x509.h | 1 1 0 - 0 !
lib/libswan/ike_alg_aes.c | 1 1 0 - 0 !
lib/libswan/ike_alg_encrypt_chacha20_poly1305.c | 1 1 0 - 0 !
lib/libswan/ike_alg_sha2.c | 1 1 0 - 0 !
lib/libswan/lswnss.c | 1 1 0 - 0 !
lib/libswan/pubkey_der_to_pubkey_content.c | 1 1 0 - 0 !
lib/libswan/pubkey_ecdsa.c | 1 1 0 - 0 !
lib/libswan/pubkey_rsa.c | 1 1 0 - 0 !
lib/libswan/rnd.c | 1 1 0 - 0 !
lib/libswan/secret_pubkey_stuff_to_pubkey_der.c | 1 1 0 - 0 !
programs/cavp/test_gcm.c | 1 1 0 - 0 !
programs/pluto/ikev2_eap.c | 1 1 0 - 0 !
programs/pluto/root_certs.c | 1 1 0 - 0 !
16 files changed, 16 insertions( )

 include features.h to enable nspr workaround for #854472 on  mipsel

The upstream fix was only to enable the right linkage on mipsel when
either __GLIBC__ or __UCLIBC__ were defined as preprocessor
directives.  However, __GLIBC__ isn't defined unless <features.h> has
been read, which was not the case in the files modified here.

0006 fix trivial orthography.patch | (download)

configs/d.ipsec.conf/ipsec-max-bytes.xml | 2 1 1 - 0 !
programs/pluto/kernel_xfrm.c | 2 1 1 - 0 !
testing/libvirt/freebsd/transmogrify.sh | 2 1 1 - 0 !
3 files changed, 3 insertions( ), 3 deletions(-)

 fix trivial orthography