Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | don't prefix GPL version number with a dash | Sören Tempel | 2015-10-03 | 1 | -1/+1 |
| | | | | | This conforms to wiki documentation regarding package creation: http://wiki.alpinelinux.org/wiki/Creating_an_Alpine_package#license | ||||
* | main/strongswan: upgrade to 5.3.3 | author Timo Teräs timo.teras@iki.fi 1442826138 +0300 | 2015-09-21 | 36 | -2777/+175 |
| | | | | remove upstreamed patches; rebase the rest | ||||
* | Do not delete *.la files manually | Bartłomiej Piotrowski | 2015-09-10 | 1 | -2/+0 |
| | | | | | Since abuild v2.22.0, these are removed automatically unless 'libtool' option has been specified. | ||||
* | main/strongswan: minor update to patches | Timo Teräs | 2015-08-06 | 4 | -70/+128 |
| | | | | | - take the multiple CA fixes from upstream git branch - add more child_sa states that can be monitored | ||||
* | main/strongswan: bump pkgrel | Timo Teräs | 2015-08-01 | 1 | -1/+1 |
| | |||||
* | main/strongswan: additional fixes | Timo Teräs | 2015-08-01 | 5 | -1/+201 |
| | | | | | | - python is needed to prepare config file templates, ref #4484 - three cherry-picks from upstream git master and merge pending branches - add patch to fix connection authentication when multiple CAs are allowed | ||||
* | main/strongswan: cherry-pick fix from upstream | Timo Teräs | 2015-07-29 | 2 | -1/+35 |
| | |||||
* | main/strongswan: cherry-pick upstream fixes | Timo Teräs | 2015-07-28 | 33 | -193/+1872 |
| | | | | | | also fixes a minor memory leak in patch 1001 (the offending hunk is now just deleted, as other upstream commits fixed the issue it tried to address) | ||||
* | main/strongswan: fix invalid read in internal printf | Timo Teräs | 2015-07-26 | 2 | -1/+26 |
| | |||||
* | main/strongswan: add priorization for ikev1 messages | Timo Teräs | 2015-07-17 | 2 | -1/+30 |
| | |||||
* | main/strongswan: add missing patches | Timo Teräs | 2015-07-17 | 3 | -0/+565 |
| | |||||
* | amin/strongswan: upstream patch for applying limits to initiated connections | Timo Teräs | 2015-07-17 | 5 | -79/+96 |
| | |||||
* | main/strongswan: cherry-pick netlink buffer size fixes from upstream | Timo Teräs | 2015-07-16 | 8 | -21/+119 |
| | | | | | and rename the patches so that we have groups for upstream cherry-picks, patches we want to upstream, and locally carried patches. | ||||
* | main/strongswan: ikev1 grekey | Timo Teräs | 2015-07-13 | 2 | -1/+512 |
| | | | | | interoperability fix to work with Alpine patched ipsec-tools (will probably be removed after a migration period) | ||||
* | main/strongswan: rebuild against openssl 1.0.2c | Bartłomiej Piotrowski | 2015-07-03 | 1 | -1/+1 |
| | |||||
* | main/strongswan: security upgrade to 5.3.2 (CVE-2015-4171) | Timo Teräs | 2015-06-11 | 2 | -46/+6 |
| | | | | | This also removes the GRE key patch -- it was incomplete and does not fully fix the issues. | ||||
* | main/strongswan: don't set gre ports for SPDs | Timo Teräs | 2015-06-05 | 2 | -1/+41 |
| | | | | | workaround for certain dmvpn issues due to not supporting grekey handling in charon. | ||||
* | main/strongswan: add patches for quagga/nrhpd support | Timo Teräs | 2015-06-04 | 5 | -1/+968 |
| | |||||
* | main/strongswan: security upgrade to 5.3.1 (CVE-2015-3991) | Timo Teräs | 2015-06-04 | 1 | -10/+12 |
| | |||||
* | main/strongswan: run as non-root | Timo Teräs | 2015-05-01 | 4 | -7/+57 |
| | | | | | | | | | | | | Make charon use 'ipsec' user and group, and enable the libcap support as few capabilities need to be retained for configuring IPsec SAs in to kernel. This also introduces charon.initd which starts charon daemon only and uses swanctl for configuration. It is a little bit more light weight than running the 'starter' which seems to be deprecated. Also the config format is completely different, but more flexible and extensive. | ||||
* | main/*: replace all sbin/runscript with sbin/openrc-run | Natanael Copa | 2015-04-28 | 2 | -5/+5 |
| | |||||
* | main/strongswan: upgrade to 5.3.0 | Timo Teräs | 2015-04-07 | 1 | -4/+4 |
| | |||||
* | main/strongswan: security upgrade to 5.2.2 (CVE-2014-9221) | Timo Teräs | 2015-01-30 | 1 | -5/+5 |
| | |||||
* | main/strongswan: enable EAP TLS | Natanael Copa | 2015-01-01 | 1 | -1/+2 |
| | |||||
* | main/strongswan: linux-headers build fix | Natanael Copa | 2015-01-01 | 1 | -1/+1 |
| | |||||
* | main/strongswan: enable vici and swanctl | Timo Teräs | 2014-08-20 | 1 | -1/+3 |
| | |||||
* | main/strongswan: upgrade to 5.2.0 | Timo Teräs | 2014-08-06 | 1 | -6/+4 |
| | |||||
* | main/strongswan: security upgrade to 5.1.3 | Timo Teräs | 2014-04-15 | 2 | -33/+5 |
| | | | | fixes CVE-2014-2338 along with multiple bug fixes | ||||
* | main/strongswan: define _GNU_SOURCE | Natanael Copa | 2014-02-24 | 1 | -3/+5 |
| | | | | | | | | We need define _GNU_SOURCE for strndup and others. It has been fixed upstream. see http://wiki.strongswan.org/issues/516 But rather than apply the patches we simply add _GNU_SOURCE to CFLAGS for now. | ||||
* | main/strongswan: fix from upstream for a segfault | Natanael Copa | 2014-02-17 | 2 | -1/+29 |
| | | | | http://wiki.strongswan.org/issues/452 | ||||
* | main/strongswan: moved from testing | Natanael Copa | 2014-02-05 | 2 | -0/+126 |