Daiki Ueno
2329760e6b
Fix auto=ondemand connection initialization with TCP
...
Resolves: RHEL-51880
Signed-off-by: Daiki Ueno <dueno@redhat.com>
2024-08-06 11:06:10 +09:00
Daiki Ueno
021b38cdf6
Re-introduce libreswan-4.6-ikev1-policy-defaults-to-drop.patch
...
The patch was included in c9s but omitted when syncronized to Fedora.
Now that this is the default behavior in Libreswan 5, we want to keep
the patch to avoid any regressions.
Resolves: RHEL-52935
Signed-off-by: Daiki Ueno <dueno@redhat.com>
2024-08-06 09:46:06 +09:00
Paul Wouters
a65932fd0e
Add libreswan-4.15-ipsec_import.patch
...
Related: RHEL-32481
2024-06-28 06:41:10 +09:00
Paul Wouters
32be2a6df3
- Update libreswan to 4.15 for CVE-2024-3652
...
- Resolves rhbz#2274448 CVE-2024-3652 libreswan: IKEv1 default AH/ESP
responder can crash and restart
- Allow "ipsec import" to try importing PKCS#12 non-interactively if
there is no password
Resolves: RHEL-32481
2024-06-28 06:41:02 +09:00
Paul Wouters
38ded79037
- Update to 4.14 for CVE-2024-2357
...
* Security, see https://libreswan.org/security/CVE-2024-2357
* x509: unpack IPv6 general names based on length
* pluto: TFC padding was not set for AEAD algorithms
* Include now fixed ipcheck
* Exclude hunkcheck broken on s390x
* Remove obsoleted patch capng patch
Related: RHEL-32481
2024-06-28 06:40:57 +09:00
Paul Wouters
9bd683c343
Convert to %autorelease and %autochangelog
...
[skip changelog]
Related: RHEL-32481
2024-06-28 06:40:53 +09:00
Paul Wouters
707d65c3e1
new sources for 4.13
...
Related: RHEL-32481
2024-06-28 06:40:40 +09:00
Troy Dawson
651a14b04a
Bump release for June 2024 mass rebuild
2024-06-24 08:58:02 -07:00
Fedora Release Engineering
4b310aa3b1
Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
2024-01-25 03:22:55 +00:00
Fedora Release Engineering
cae5d5397d
Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
2024-01-21 05:11:44 +00:00
Paul Wouters
d609d0e8ad
- Update libcap-ng patch, fix email addresses in changelog
2023-09-08 12:45:22 -04:00
Paul Wouters
9051f09a66
- Patch for handling libcap-ng return values and fix capng_apply() call
2023-09-06 09:10:17 -04:00
Paul Wouters
4abe9188eb
- Remove ipsec show and ipsec verify
...
These commands are outdated, not very useful and cause a python
dependency that's big for some smaller deployments (eg openshift)
2023-09-05 17:18:14 -04:00
Daiki Ueno
131d137825
Migrate License field to SPDX license identifier
...
Signed-off-by: Daiki Ueno <dueno@redhat.com>
2023-08-24 10:29:22 +09:00
Paul Wouters
67117b266a
- Update to 4.12 for CVE-2023-38710, CVE-2023-38711 and CVE-2023-38712
...
- Resolves: rhbz#2230225 libreswan-4.12 is available
2023-08-11 11:43:31 -04:00
Fedora Release Engineering
b3b4abc436
Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2023-07-20 11:56:51 +00:00
Paul Wouters
24737740dd
- Update to 4.11 for CVE-2023-30570
2023-05-04 10:44:38 -04:00
Paul Wouters
75627dbc99
add missing ikev2 vectors to sources
2023-02-28 21:37:54 -05:00
Paul Wouters
1de005450e
- Update to 4.10 for CVE-2023-23009
2023-02-28 21:29:21 -05:00
Fedora Release Engineering
02d01d8ef9
Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2023-01-19 17:19:12 +00:00
Paul Wouters
2b2374e75d
bump release
2023-01-10 13:58:10 -05:00
Paul Wouters
2865ae8e8c
update for new GPG key location
...
This new keyfile also no longer uses SHA1, though it is the same
base key as before.
2023-01-10 13:55:54 -05:00
Paul Wouters
74667615e4
cleanup old obsoleted patches
2023-01-10 13:50:11 -05:00
Paul Wouters
3ee4c1aee5
re-add the ike test vectors to sources
2022-10-13 20:30:28 -04:00
Paul Wouters
6b164e4601
- Update to 4.9 (maxbytes/maxpackets support, raw ECDSA support, misc fixes)
2022-10-13 20:23:35 -04:00
Paul Wouters
025ee05fb3
use 'new' %make_build and %make_install macros
2022-08-25 20:45:28 -04:00
Fedora Release Engineering
4d953fe693
Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2022-07-21 18:50:58 +00:00
Paul Wouters
4aab45b406
re-add LIBRESWAN-GPG-KEY.txt
2022-05-24 18:29:53 -04:00
Paul Wouters
fe733530df
- Updated to 4.7 (EAPTLS support, bugfixes)
2022-05-24 18:11:40 -04:00
Fedora Release Engineering
a75a38e0d1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2022-01-20 17:07:57 +00:00
Paul Wouters
1290d06104
- Re-enable USE_DNSSEC again with patch to resolve header conflicts
2022-01-13 16:53:11 -05:00
Paul Wouters
a47e3c9245
- Resolves: CVE-2022-23094
...
- Resolves: rhbz#2039604 libreswan-4.6 is available
- Add gpg key and signature check for build
- Temporarilly disable USE_DNSSEC in rawhide while we figure out openssl vs nss include clash
2022-01-11 22:43:31 -05:00
Paul Wouters
30bf23be45
update sources
2021-08-26 13:31:47 +03:00
Paul Wouters
6b9dd6c883
- Resolves rhbz#1996250 libreswan-4.5 is available
2021-08-26 12:10:55 +03:00
Paul Wouters
685ec15ac1
add Requires: for logrotate
2021-08-02 20:58:31 -04:00
Paul Wouters
3a50017748
- Resolves rhbz#1989198 libreswan should depend on procps-ng or pidof
2021-08-02 20:44:07 -04:00
Fedora Release Engineering
b36d311589
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-07-22 12:15:21 +00:00
Paul Wouters
7c4b294887
handle properly rpm sysctl config
...
Move sysctl config to correct %{_sysctldir}.
Apply sysctl config on install.
See https://docs.fedoraproject.org/en-US/packaging-guidelines/#_binfmt_d_sysctl_d_and_tmpfiles_d
2021-06-06 21:22:20 -04:00
Paul Wouters
0f00fff4b5
disable some testing tools that throw warnings on arm
2021-05-12 22:09:19 -04:00
Paul Wouters
8d7f98d414
add libreswan-4.4-ipcheck.patch to fixup some types for gcc.
2021-05-12 21:48:56 -04:00
Paul Wouters
73f45e85a5
- Resolves: rhbz#1952602 libreswan-4.4 is available
2021-05-12 17:00:47 -04:00
Zbigniew Jędrzejewski-Szmek
1f0b00f3c3
Rebuilt for updated systemd-rpm-macros
...
See https://pagure.io/fesco/issue/2583 .
2021-03-02 16:13:33 +01:00
Paul Wouters
59cde94ccc
- update to 4.3 (minor bugfix release)
2021-02-21 12:09:31 -05:00
Paul Wouters
fdf40a922f
- Updated to 4.2
2021-02-02 20:53:35 -05:00
Fedora Release Engineering
534953ce2e
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-01-26 17:53:38 +00:00
Paul Wouters
7f24ffd5dc
- Resolves: rhbz#1867580 pluto process frequently dumps core
...
(disable USE_NSS_KDF until nss fixes have propagated)
2020-12-19 20:01:58 -05:00
Adam Williamson
d84dd699b8
Rebuild for ldns soname bump
2020-12-19 09:27:06 -08:00
Adam Williamson
efc202e0cd
Revert to 4.1-3 state to rebuild for ldns soname bump
2020-12-19 09:23:16 -08:00
Adam Williamson
14dc4ee423
Rebuild for ldns soname bump
2020-12-19 09:01:19 -08:00
Paul Wouters
644402b247
re-add test vectors to sources file :/
2020-12-17 13:52:08 -05:00