Matches start-on-boot behaviour of current strongswan.service.
Signed-off-by: Chris Patterson <pattersonc@ainfosec.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Fixes strongswan configure script for systemd >= 209,
where it merged libsystemd-journal and libsystemd-daemon
into libsystemd.
Signed-off-by: Chris Patterson <pattersonc@ainfosec.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* removed two patches which were already integrated in 5.2.0:
strongswan-4.3.3-5.1.1_asn1_unwrap.patch
strongswan-5.0.0-5.1.2_reject_child_sa.patch
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
strongSwan before 5.1.2 allows remote attackers to cause a denial of
service (NULL pointer dereference and IKE daemon crash) via a crafted
ID_DER_ASN1_DN ID payload.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2891
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass
authentication by rekeying an IKE_SA during (1) initiation or (2)
re-authentication, which triggers the IKE_SA state to be set to
established.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2338
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
* Add a patch to fix the function parameter.
* Add PACKAGECONFIG for optional packages instead of explicitly
disable, and set sqlite and curl as default.
* Remove the split package strongswan-plugins.
* Add configure option --without-lib-prefix so it doesn't
search for libraries in includedir and libdir to avoid QA error.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
