aboutsummaryrefslogtreecommitdiffstats
path: root/main/strongswan
Commit message (Collapse)AuthorAgeFilesLines
* don't prefix GPL version number with a dashSören Tempel2015-10-031-1/+1
| | | | | This conforms to wiki documentation regarding package creation: http://wiki.alpinelinux.org/wiki/Creating_an_Alpine_package#license
* main/strongswan: upgrade to 5.3.3author Timo Teräs timo.teras@iki.fi 1442826138 +03002015-09-2136-2777/+175
| | | | remove upstreamed patches; rebase the rest
* Do not delete *.la files manuallyBartłomiej Piotrowski2015-09-101-2/+0
| | | | | Since abuild v2.22.0, these are removed automatically unless 'libtool' option has been specified.
* main/strongswan: minor update to patchesTimo Teräs2015-08-064-70/+128
| | | | | - take the multiple CA fixes from upstream git branch - add more child_sa states that can be monitored
* main/strongswan: bump pkgrelTimo Teräs2015-08-011-1/+1
|
* main/strongswan: additional fixesTimo Teräs2015-08-015-1/+201
| | | | | | - python is needed to prepare config file templates, ref #4484 - three cherry-picks from upstream git master and merge pending branches - add patch to fix connection authentication when multiple CAs are allowed
* main/strongswan: cherry-pick fix from upstreamTimo Teräs2015-07-292-1/+35
|
* main/strongswan: cherry-pick upstream fixesTimo Teräs2015-07-2833-193/+1872
| | | | | | also fixes a minor memory leak in patch 1001 (the offending hunk is now just deleted, as other upstream commits fixed the issue it tried to address)
* main/strongswan: fix invalid read in internal printfTimo Teräs2015-07-262-1/+26
|
* main/strongswan: add priorization for ikev1 messagesTimo Teräs2015-07-172-1/+30
|
* main/strongswan: add missing patchesTimo Teräs2015-07-173-0/+565
|
* amin/strongswan: upstream patch for applying limits to initiated connectionsTimo Teräs2015-07-175-79/+96
|
* main/strongswan: cherry-pick netlink buffer size fixes from upstreamTimo Teräs2015-07-168-21/+119
| | | | | and rename the patches so that we have groups for upstream cherry-picks, patches we want to upstream, and locally carried patches.
* main/strongswan: ikev1 grekeyTimo Teräs2015-07-132-1/+512
| | | | | interoperability fix to work with Alpine patched ipsec-tools (will probably be removed after a migration period)
* main/strongswan: rebuild against openssl 1.0.2cBartłomiej Piotrowski2015-07-031-1/+1
|
* main/strongswan: security upgrade to 5.3.2 (CVE-2015-4171)Timo Teräs2015-06-112-46/+6
| | | | | This also removes the GRE key patch -- it was incomplete and does not fully fix the issues.
* main/strongswan: don't set gre ports for SPDsTimo Teräs2015-06-052-1/+41
| | | | | workaround for certain dmvpn issues due to not supporting grekey handling in charon.
* main/strongswan: add patches for quagga/nrhpd supportTimo Teräs2015-06-045-1/+968
|
* main/strongswan: security upgrade to 5.3.1 (CVE-2015-3991)Timo Teräs2015-06-041-10/+12
|
* main/strongswan: run as non-rootTimo Teräs2015-05-014-7/+57
| | | | | | | | | | | | Make charon use 'ipsec' user and group, and enable the libcap support as few capabilities need to be retained for configuring IPsec SAs in to kernel. This also introduces charon.initd which starts charon daemon only and uses swanctl for configuration. It is a little bit more light weight than running the 'starter' which seems to be deprecated. Also the config format is completely different, but more flexible and extensive.
* main/*: replace all sbin/runscript with sbin/openrc-runNatanael Copa2015-04-282-5/+5
|
* main/strongswan: upgrade to 5.3.0Timo Teräs2015-04-071-4/+4
|
* main/strongswan: security upgrade to 5.2.2 (CVE-2014-9221)Timo Teräs2015-01-301-5/+5
|
* main/strongswan: enable EAP TLSNatanael Copa2015-01-011-1/+2
|
* main/strongswan: linux-headers build fixNatanael Copa2015-01-011-1/+1
|
* main/strongswan: enable vici and swanctlTimo Teräs2014-08-201-1/+3
|
* main/strongswan: upgrade to 5.2.0Timo Teräs2014-08-061-6/+4
|
* main/strongswan: security upgrade to 5.1.3Timo Teräs2014-04-152-33/+5
| | | | fixes CVE-2014-2338 along with multiple bug fixes
* main/strongswan: define _GNU_SOURCENatanael Copa2014-02-241-3/+5
| | | | | | | | We need define _GNU_SOURCE for strndup and others. It has been fixed upstream. see http://wiki.strongswan.org/issues/516 But rather than apply the patches we simply add _GNU_SOURCE to CFLAGS for now.
* main/strongswan: fix from upstream for a segfaultNatanael Copa2014-02-172-1/+29
| | | | http://wiki.strongswan.org/issues/452
* main/strongswan: moved from testingNatanael Copa2014-02-052-0/+126