summaryrefslogtreecommitdiffstats
path: root/meta-networking/recipes-support/strongswan
Commit message (Collapse)AuthorAgeFilesLines
* strongswan: add ${PN}-plugin-curve25519 to RDEPENDSMingli Yu2018-02-051-0/+1
| | | | | | | | | | | | | | | | * The default DH group curve25519 depends on an optional plugin ${PN}-plugin-curve25519, add it to RDEPENDS to avoid below error: root@test:~# ipsec up host-lan initiating IKE_SA host-lan[1] to 192.168.7.2 configured DH group CURVE_25519 not supported tried to checkin and delete nonexisting IKE_SA establishing connection 'host-lan' failed Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* strongswan: Include stdint.h for uintptr_tKhem Raj2017-09-082-2/+29
| | | | | | Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* strongswan: 5.5.1 -> 5.5.3fan.xin2017-06-281-2/+2
| | | | | | Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* strongswan: Split pluginsDavid Vincent2017-04-271-13/+88
| | | | | | | | | | | | | | | | | strongSwan offers a plugin mechanism therefore it should not be mandatory to install all of them when installing the package. Each plugin is now a self-contained package with the library and its configuration. To remain compatible with the current configuration, a default set of plugins has been selected as RDEPENDS of the main package. This default list is based on the default strongSwan list minus some plugins enabled via PACKAGECONFIG (see https://wiki.strongswan.org/projects/strongswan/PluginList). Signed-off-by: David Vincent <freesilicon@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* Make use of the new bb.utils.filter() functionPeter Kjellerstedt2017-03-071-1/+1
| | | | | Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* strongswan: update to 5.5.1Oleksandr Kravchuk2017-01-191-2/+2
| | | | | Signed-off-by: Oleksandr Kravchuk <oleksandr.kravchuk@pelagicore.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* strongswan: delete obsolete patchesOleksandr Kravchuk2017-01-192-91/+0
| | | | | Signed-off-by: Oleksandr Kravchuk <oleksandr.kravchuk@pelagicore.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* strongswan: 5.3.2 -> 5.5.0Wang Xin2016-09-121-4/+2
| | | | | | | | Upgrade strongswan from 5.3.2 to 5.5.0. Signed-off-by: Wang Xin <wangxin2015.fnst@cn.fujitsu.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* meta-networking: use bb.utils.contains() instead of base_contains()Ross Burton2016-05-051-2/+2
| | | | | | | | | base_contains() is a compatibility wrapper and may warn in the future, so replace all instances with bb.utils.contains(). Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* strongswan: install strongswan-swanctl systemd service by default.Chris Patterson2016-01-052-0/+23
| | | | | | | | Matches start-on-boot behaviour of current strongswan.service. Signed-off-by: Chris Patterson <pattersonc@ainfosec.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* strongswan: add configure patch fix for systemdChris Patterson2016-01-052-0/+70
| | | | | | | | | | Fixes strongswan configure script for systemd >= 209, where it merged libsystemd-journal and libsystemd-daemon into libsystemd. Signed-off-by: Chris Patterson <pattersonc@ainfosec.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* strongswan: add additional PACKAGECONFIG flagsChris Patterson2016-01-051-7/+17
| | | | | | | | | | | | | - Add aesni, charon, gmp, openssl, scep, stroke, swanctl, and systemd-charon. - Organize the packageconfig list alphabetically. - Update the default PACKAGECONFIG to match current defaults. - If swanctl is enabled, use strongswan-swanctl.service instead of strongswan.service. Signed-off-by: Chris Patterson <pattersonc@ainfosec.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* strongswan: upgrade to 5.3.2Roy Li2015-08-061-2/+2
| | | | | | | | 5.3.2 includes the fixes for CVE-2015-3991 and CVE-2015-4171 Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* meta-networking: standardize SECTION valuesJoe MacDonald2015-06-051-1/+1
| | | | | | | SECTION has been used inconsistently throughout the recipes in this layer. Convert them to all use the same convention. Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* strongswan: upgrade to 5.3.0Roy Li2015-05-131-2/+2
| | | | | Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* strongswan: update package to 5.2.1Armin Kuster2014-12-091-2/+2
| | | | | | | see https://wiki.strongswan.org/projects/strongswan/wiki/Changelog52 Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* strongswan: uprev to version 5.2.0Jackie Huang2014-08-213-68/+2
| | | | | | | | | * removed two patches which were already integrated in 5.2.0: strongswan-4.3.3-5.1.1_asn1_unwrap.patch strongswan-5.0.0-5.1.2_reject_child_sa.patch Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* strongswan: Security Advisory - strongswan - CVE-2014-2891Yue Tao2014-08-052-0/+29
| | | | | | | | | | | | strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2891 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* recipes: add missing pkgconfig class inheritsRichard Purdie2014-06-211-1/+1
| | | | | | | | * These recipes all use pkg-config in some way but were missing dependencies on the tool, this patch adds them. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* strongswan: Security Advisory - strongswan - CVE-2014-2338Yue Tao2014-05-092-0/+37
| | | | | | | | | | | | | IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2338 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* strongswan: update verion to 5.1.1Jackie Huang2014-03-143-36/+143
| | | | | | | | | | | | * Add a patch to fix the function parameter. * Add PACKAGECONFIG for optional packages instead of explicitly disable, and set sqlite and curl as default. * Remove the split package strongswan-plugins. * Add configure option --without-lib-prefix so it doesn't search for libraries in includedir and libdir to avoid QA error. Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* strongswan: move to meta-networkingPaul Eggleton2013-04-291-0/+36
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-06-19 21:01:11 +0000