summaryrefslogtreecommitdiffstats
path: root/meta-networking/recipes-support/strongswan/files
Commit message (Collapse)AuthorAgeFilesLines
* strongswan: upgrade 5.9.6 -> 5.9.7Yi Zhao2022-08-061-31/+0
| | | | | | | | | | | | | | | ChangeLog: https://github.com/strongswan/strongswan/releases/tag/5.9.7 * Drop backport patch 0001-enum-Fix-compiler-warning.patch. * Update RDEPENDS to fix strongswan startup failures: plugin 'mgf1': failed to load - mgf1_plugin_create not found and no plugin file available plugin 'fips-prf': failed to load - fips_prf_plugin_create not found and no plugin file available plugin 'kdf': failed to load - kdf_plugin_create not found and no plugin file available plugin 'drbg': failed to load - drbg_plugin_create not found and no plugin file available Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* strongswan: upgrade 5.9.5 -> 5.9.6Yi Zhao2022-07-022-92/+31
| | | | | | | | | | | | | * Drop backport patch 0001-openssl-Don-t-unload-providers.patch * Backport a patch to fix the build error: src/libstrongswan/utils/enum.c: In function 'enum_flags_to_string': src/libstrongswan/utils/enum.c:100:9: error: format not a string literal and no format arguments [-Werror=format-security] 100 | if (snprintf(buf, len, e->names[0]) >= len) | ^~ Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* strongswan: 5.9.4 -> 5.9.5Yi Zhao2022-03-303-121/+92
| | | | | | | | | | | | | | | | | | | * Backport a patch to fix the segfault with swanctl: $ /usr/sbin/charon-systemd & $ /usr/sbin/swanctl --load-all --noprompt no files found matching '/etc/swanctl/conf.d/*.conf' no authorities found, 0 unloaded no pools found, 0 unloaded no connections found, 0 unloaded Segmentation fault * Drop fix-funtion-parameter.patch and 0001-memory.h-Include-stdint.h-for-uintptr_t.patch as the issues have been fixed upstream. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* strongswan: upgrade 5.8.4 -> 5.9.1zangrc2020-11-231-34/+0
| | | | | | | | 0001-Remove-obsolete-setting-regarding-the-Standard-Outpu.patch Removed since this is included in 5.9.1 Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* strongswan: Remove obsolete setting regarding the Standard OutputMingli Yu2020-09-231-0/+34
| | | | | | | | | | | | The Standard output type "syslog" is obsolete, causing a warning since systemd version 246 [1]. Please consider using "journal" or "journal+console" [1] https://github.com/systemd/systemd/blob/master/NEWS#L202 Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* strongswan: Fix do_patch fuzzKhem Raj2019-09-071-5/+3
| | | | | | | | | | | | Refresh the patch to apply cleanly Fixes Applying patch 0001-memory.h-Include-stdint.h-for-uintptr_t.patch patching file src/libstrongswan/utils/utils/memory.h Hunk #1 succeeded at 26 with fuzz 2 (offset 4 lines). Signed-off-by: Khem Raj <raj.khem@gmail.com>
* strongswan: upgrade 5.6.2 -> 5.6.3Yi Zhao2018-07-031-1/+1
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* strongswan: refresh patchesArmin Kuster2018-04-132-20/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | WARNING: Some of the context lines in patches were ignored. This can lead to incorrectly applied patches. The context lines in the patches can be updated with devtool: devtool modify <recipe> devtool finish --force-patch-refresh <recipe> <layer_path> Then the updated patches and the source tree (in devtool's workspace) should be reviewed to make sure the patches apply in the correct place and don't introduce duplicate lines (which can, and does happen when some of the context is ignored). Further information: http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.html https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450 Details: checking file src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c Hunk #1 succeeded at 192 (offset 50 lines). Hunk #2 succeeded at 255 with fuzz 1 (offset 58 lines). checking file src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h Hunk #1 succeeded at 43 (offset -1 lines). checking file src/libstrongswan/plugins/openssl/openssl_plugin.c Hunk #1 succeeded at 609 (offset 221 lines). Signed-off-by: Armin Kuster <akuster808@gmail.com>
* strongswan: 5.5.3 -> 5.6.2Huang Qiyu2018-04-091-3/+3
| | | | | | | | 1.Upgrade strongswan from 5.5.3 to 5.6.2. 2.Modify fix-funtion-parameter.patch, since the data has been changed. Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* strongswan: Include stdint.h for uintptr_tKhem Raj2017-09-081-0/+26
| | | | | | Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* strongswan: delete obsolete patchesOleksandr Kravchuk2017-01-192-91/+0
| | | | | Signed-off-by: Oleksandr Kravchuk <oleksandr.kravchuk@pelagicore.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* strongswan: install strongswan-swanctl systemd service by default.Chris Patterson2016-01-051-0/+22
| | | | | | | | Matches start-on-boot behaviour of current strongswan.service. Signed-off-by: Chris Patterson <pattersonc@ainfosec.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* strongswan: add configure patch fix for systemdChris Patterson2016-01-051-0/+69
| | | | | | | | | | Fixes strongswan configure script for systemd >= 209, where it merged libsystemd-journal and libsystemd-daemon into libsystemd. Signed-off-by: Chris Patterson <pattersonc@ainfosec.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* strongswan: uprev to version 5.2.0Jackie Huang2014-08-212-64/+0
| | | | | | | | | * removed two patches which were already integrated in 5.2.0: strongswan-4.3.3-5.1.1_asn1_unwrap.patch strongswan-5.0.0-5.1.2_reject_child_sa.patch Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* strongswan: Security Advisory - strongswan - CVE-2014-2891Yue Tao2014-08-051-0/+28
| | | | | | | | | | | | strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2891 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* strongswan: Security Advisory - strongswan - CVE-2014-2338Yue Tao2014-05-091-0/+36
| | | | | | | | | | | | | IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2338 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* strongswan: update verion to 5.1.1Jackie Huang2014-03-141-0/+98
* Add a patch to fix the function parameter. * Add PACKAGECONFIG for optional packages instead of explicitly disable, and set sqlite and curl as default. * Remove the split package strongswan-plugins. * Add configure option --without-lib-prefix so it doesn't search for libraries in includedir and libdir to avoid QA error. Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>