strongswan 5.9.5-2ubuntu2 source package in Ubuntu
Changelog
strongswan (5.9.5-2ubuntu2) jammy; urgency=medium * d/p/lp1964977-fix-ipsec-pki-segfault.patch: Fix "ipsec pki" segmentation fault; don't access OpenSSL objects inside atexit() handlers. (LP: #1964977) -- Sergio Durigan Junior <email address hidden> Fri, 18 Mar 2022 14:24:34 -0400
Upload details
- Uploaded by:
- Sergio Durigan Junior
- Uploaded to:
- Jammy
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- net
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Jammy | release | main | net |
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
strongswan_5.9.5.orig.tar.bz2 | 4.5 MiB | 983e4ef4a4c6c9d69f5fe6707c7fe0b2b9a9291943bbf4e008faab6bf91c0bdd |
strongswan_5.9.5.orig.tar.bz2.asc | 659 bytes | 0421035baa56dbdd04ca969777463e0469804202d2848e151d94844415b36a5d |
strongswan_5.9.5-2ubuntu2.debian.tar.xz | 126.2 KiB | 6817bff7f60aec0d9e284e1e9d581803396c709c735fa1ff371f3b2e189de50d |
strongswan_5.9.5-2ubuntu2.dsc | 3.6 KiB | d28c61400c6ccecff132d82ab3b46ce4734b6f63b344542d17dc998604322a4e |
Available diffs
Binary packages built by this source
- charon-cmd: standalone IPsec client
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package contains the charon-cmd command, which can be used as a client to
connect to a remote IKE daemon.
- charon-cmd-dbgsym: No summary available for charon-cmd-dbgsym in ubuntu kinetic.
No description available for charon-cmd-dbgsym in ubuntu kinetic.
- charon-systemd: strongSwan IPsec client, systemd support
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package contains the charon-systemd files.
- charon-systemd-dbgsym: debug symbols for charon-systemd
- libcharon-extauth-plugins: strongSwan charon library (extended authentication plugins)
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides extended authentication plugins for the charon library:
- eap-mschapv2 (EAP-MSCHAPv2 protocol handler using passwords/NT hashes)
Used for client side to connect to some VPN concentrators configured for
Windows 7+ and modern OSX/iOS using IKEv2 (identify with public key,
authenticate with MSCHAPv2).
- xauth-generic (Generic XAuth backend that provides passwords from
ipsec.secrets and other credential sets)
Used for the client side to connect to VPN concentrators configured for
Android and older OSX/iOS using IKEv1 and XAUTH (identify with public key,
authenticate with XAUTH password).
.
These are the "not always, but still more commonly used" plugins, for further
needs even more plugins can be found in the package libcharon-extra-plugins.
- libcharon-extauth-plugins-dbgsym: debug symbols for libcharon-extauth-plugins
- libcharon-extra-plugins: strongSwan charon library (extra plugins)
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides extra plugins for the charon library:
- addrblock (Narrow traffic selectors to RFC 3779 address blocks in X.509
certificates)
- certexpire (Export expiration dates of used certificates)
- eap-aka (Generic EAP-AKA protocol handler using different backends)
- eap-gtc (EAP-GTC protocol handler authenticating with XAuth backends)
- eap-identity (EAP-Identity identity exchange algorithm, to use with other
EAP protocols)
- eap-md5 (EAP-MD5 protocol handler using passwords)
- eap-radius (EAP server proxy plugin forwarding EAP conversations to a
RADIUS server)
- eap-tls (EAP-TLS protocol handler, to authenticate with certificates in
EAP)
- eap-tnc (EAP-TNC protocol handler, Trusted Network Connect in a TLS tunnel)
- eap-ttls (EAP-TTLS protocol handler, wraps other EAP methods securely)
- error-notify (Notification about errors via UNIX socket)
- ha (High-Availability clustering)
- kernel-libipsec (Userspace IPsec Backend with TUN devices)
- led (Let Linux LED subsystem LEDs blink on IKE activity)
- lookip (Virtual IP lookup facility using a UNIX socket)
- tnc (Trusted Network Connect)
- unity (Cisco Unity extensions for IKEv1)
- xauth-eap (XAuth backend that uses EAP methods to verify passwords)
- xauth-pam (XAuth backend that uses PAM modules to verify passwords)
- eap-dynamic (EAP proxy plugin that dynamically selects an EAP method
requested/supported by the client (since 5.0.1))
- eap-peap (EAP-PEAP protocol handler, wraps other EAP methods securely)
- libcharon-extra-plugins-dbgsym: debug symbols for libcharon-extra-plugins
- libstrongswan: No summary available for libstrongswan in ubuntu kinetic.
No description available for libstrongswan in ubuntu kinetic.
- libstrongswan-dbgsym: No summary available for libstrongswan-dbgsym in ubuntu kinetic.
No description available for libstrongswan-
dbgsym in ubuntu kinetic.
- libstrongswan-extra-plugins: strongSwan utility and crypto library (extra plugins)
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides extra plugins for the strongSwan utility and
cryptographic library.
.
Included plugins are:
- af-alg [linux] (AF_ALG Linux crypto API interface, provides
ciphers/hashers/ hmac/xcbc)
- ccm (CCM cipher mode wrapper)
- cmac (CMAC cipher mode wrapper)
- ctr (CTR cipher mode wrapper)
- curl (libcurl based HTTP/FTP fetcher)
- curve25519 (support for Diffie-Hellman group 31 using Curve25519 and
support for the Ed25519 digital signature algorithm for IKEv2)
- gcrypt (Crypto backend based on libgcrypt, provides
RSA/DH/ciphers/ hashers/ rng)
- ldap (LDAP fetching plugin based on libldap)
- ntru (key exchanged based on post-quantum computer NTRU)
- padlock (VIA padlock crypto backend, provides AES128/SHA1)
- pkcs11 (PKCS#11 smartcard backend)
- rdrand (High quality / high performance random source using the Intel
rdrand instruction found on Ivy Bridge processors)
- test-vectors (Set of test vectors for various algorithms)
.
Also included is the libtpmtss library adding support for TPM plugin
(https://wiki.strongswa n.org/projects/ strongswan/ wiki/TpmPlugin)
- libstrongswan-extra-plugins-dbgsym: debug symbols for libstrongswan-extra-plugins
- libstrongswan-standard-plugins: strongSwan utility and crypto library (standard plugins)
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides some common plugins for the strongSwan utility and
cryptograhic library.
.
Included plugins are:
- agent (RSA/ECDSA private key backend connecting to SSH-Agent)
- gcm (GCM cipher mode wrapper)
- openssl (Crypto backend based on OpenSSL, provides
RSA/ECDSA/DH/ ECDH/ciphers/ hashers/ HMAC/X. 509/CRL/ RNG)
- libstrongswan-standard-plugins-dbgsym: No summary available for libstrongswan-standard-plugins-dbgsym in ubuntu kinetic.
No description available for libstrongswan-
standard- plugins- dbgsym in ubuntu kinetic.
- strongswan: No summary available for strongswan in ubuntu kinetic.
No description available for strongswan in ubuntu kinetic.
- strongswan-charon: strongSwan Internet Key Exchange daemon
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
charon is an IPsec IKEv2 daemon which can act as an initiator or a responder.
It is written from scratch using a fully multi-threaded design and a modular
architecture. Various plugins can provide additional functionality.
- strongswan-charon-dbgsym: No summary available for strongswan-charon-dbgsym in ubuntu kinetic.
No description available for strongswan-
charon- dbgsym in ubuntu kinetic.
- strongswan-libcharon: No summary available for strongswan-libcharon in ubuntu kinetic.
No description available for strongswan-
libcharon in ubuntu kinetic.
- strongswan-libcharon-dbgsym: No summary available for strongswan-libcharon-dbgsym in ubuntu kinetic.
No description available for strongswan-
libcharon- dbgsym in ubuntu kinetic.
- strongswan-nm: strongSwan plugin to interact with NetworkManager
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This plugin provides an interface which allows NetworkManager to configure
and control the IKEv2 daemon directly through D-Bus. It is designed to work
in conjunction with the network-manager- strongswan package, providing
a simple graphical frontend to configure IPsec based VPNs.
- strongswan-nm-dbgsym: No summary available for strongswan-nm-dbgsym in ubuntu kinetic.
No description available for strongswan-
nm-dbgsym in ubuntu kinetic.
- strongswan-pki: strongSwan IPsec client, pki command
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package contains the pki tool which allows on to run a simple public key
infrastructure.
- strongswan-pki-dbgsym: debug symbols for strongswan-pki
- strongswan-scepclient: strongSwan IPsec client, SCEP client
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package contains the SCEP client, an implementation of the Cisco System's
Simple Certificate Enrollment Protocol (SCEP).
- strongswan-scepclient-dbgsym: No summary available for strongswan-scepclient-dbgsym in ubuntu kinetic.
No description available for strongswan-
scepclient- dbgsym in ubuntu kinetic.
- strongswan-starter: No summary available for strongswan-starter in ubuntu kinetic.
No description available for strongswan-starter in ubuntu kinetic.
- strongswan-starter-dbgsym: No summary available for strongswan-starter-dbgsym in ubuntu kinetic.
No description available for strongswan-
starter- dbgsym in ubuntu kinetic.
- strongswan-swanctl: strongSwan IPsec client, swanctl command
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package contains the swanctl interface, used to configure a running
charon daemon
- strongswan-swanctl-dbgsym: debug symbols for strongswan-swanctl