This bug was fixed in the package strongswan - 5.6.2-2ubuntu1 --------------- strongswan (5.6.2-2ubuntu1) cosmic; urgency=medium * Merge with Debian unstable, closes LP: #1773814 and LP: #1772705. Remaining changes: + Clean up d/strongswan-starter.postinst: section about runlevel changes + Clean up d/strongswan-starter.postinst: Removed entire section on opportunistic encryption disabling - this was never in strongSwan and won't be see upstream issue #2160. + d/rules: Removed patching ipsec.conf on build (not using the debconf-managed config.) + d/ipsec.secrets.proto: Removed ipsec.secrets.inc reference (was used for debconf-managed include of private key). + Mass enablement of extra plugins and features to allow a user to use strongswan for a variety of extra use cases without having to rebuild. - d/control: Add required additional build-deps - d/control: Mention addtionally enabled plugins - d/rules: Enable features at configure stage - d/libbstrongswan-extra-plugins.install: Add plugins (so, lib, conf) - d/libstrongswan.install: Add plugins (so, conf) + d/strongswan-starter.install: Install pool feature, which is useful since we have attr-sql plugin enabled as well using it. + Add plugin kernel-libipsec to allow the use of strongswan in containers via this userspace implementation (please do note that this is still considered experimental by upstream). - d/libcharon-extra-plugins.install: Add kernel-libipsec components - d/control: List kernel-libipsec plugin at extra plugins description - d/p/dont-load-kernel-libipsec-plugin-by-default.patch: As upstream recommends to not load kernel-libipsec by default. + Relocate tnc plugin - debian/libcharon-extra-plugins.install: Drop tnc from extra plugins - Add new subpackage for TNC in d/strongswan-tnc-* and d/control + d/libstrongswan.install: Reorder conf and .so alphabetically + d/libstrongswan.install: Add kernel-netlink configuration files + Complete the disabling of libfast; This was partially accepted in Debian, it is no more packaging medcli and medsrv, but still builds and mentions it. - d/rules: Add --disable-fast to avoid build time and dependencies - d/control: Remove medcli, medsrv from package description + d/control: Mention mgf1 plugin which is in libstrongswan now + Add now built (since 5.5.1) libraries libtpmtss and nttfft to libstrongswan-extra-plugins (no deps from default plugins). + d/control, d/libcharon-{extras,standard}-plugins.install: Move charon plugins for the most common use cases from extra-plugins into a new standard-plugins package. This will allow those use cases without pulling in too much more plugins (a bit like the tnc package). Recommend that package from strongswan-libcharon. * Dropped Changes (no more needed after 18.04) + Add rm_conffile for /etc/init.d/ipsec (transition from precies had missed that, droppable after 18.04) + d/control: bump breaks/replaces from libstrongswan-extra-plugins to libstrongswan as we dropped relocating ccm and test-vectors. (droppable >18.04). + d/control: add breaks/replace from libstrongswan to libstrongswan-extra-plugins for the move of mgf1 to libstrongswan. (droppable >18.04). + d/control: bump breaks/replaces for the move of the updown plugin (Missed Changelog entry on last merge) + d/control: fix dependencies of strongswan-libcharon due to the move the updown plugin (droppable >18.04). * Added Changes: + d/usr.sbin.charon-systemd: allow to contact mysql for sql and attr-sql plugins (LP: #1766240) + d/usr.sbin.charon-systemd: allow systemd notifications (LP: #1765652) strongswan (5.6.2-2) unstable; urgency=medium * charon-nm: Fix building list of DNS/MDNS servers with libnm * d/control: drop b-d on n-m-dev and make libnm-dev linux-any (closes: #895434) * d/compat bumped to 10 * d/rules: drop parallel and autoreconf from dh, done with compat 10 -- Christian Ehrhardt