strongswan 5.1.2-0ubuntu2 source package in Ubuntu
Changelog
strongswan (5.1.2-0ubuntu2) trusty; urgency=medium * SECURITY UPDATE: remote authentication bypass - debian/patches/CVE-2014-2338.patch: reject CREATE_CHILD_SA exchange on unestablished IKE_SAs in src/libcharon/sa/ikev2/task_manager_v2.c. - CVE-2014-2338 -- Marc Deslauriers <email address hidden> Mon, 14 Apr 2014 11:24:34 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Trusty
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- net
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Trusty | release | main | net |
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
strongswan_5.1.2.orig.tar.bz2 | 3.6 MiB | fb4c3066461dade176408840edbc9d830255f4816b0991baebbbedee501fddd6 |
strongswan_5.1.2-0ubuntu2.debian.tar.gz | 158.6 KiB | 777410a054e3e198b82a5e4bdc2e7a38745008d1e2cda50f6d8a198067a85c7a |
strongswan_5.1.2-0ubuntu2.dsc | 7.3 KiB | 3870a37ebe50ec43222a51f1ccd4eb70470be3d0a2900cacafefd819ac0a2c5c |
Available diffs
Binary packages built by this source
- libstrongswan: strongSwan utility and crypto library
StrongSwan is an IPsec-based VPN solution for the Linux kernel. It uses the
native IPsec stack and runs on any recent 2.6 kernel (no patching required).
It supports both IKEv1 and the newer IKEv2 protocols.
.
This package provides the underlying library of charon and other strongSwan
components. It is built in a modular way and is extendable through various
plugins.
- strongswan: IPsec VPN solution metapackage
The strongSwan VPN suite is based on the IPsec stack in standard Linux
kernels. It supports both the IKEv1 and IKEv2 protocols.
.
This metapackage installs the packages required to maintain IKEv1 and IKEv2
connections via ipsec.conf or ipsec.secrets.
- strongswan-dbg: strongSwan library and binaries - debugging symbols
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the symbols needed for debugging of strongswan.
- strongswan-ike: strongSwan Internet Key Exchange (v2) daemon
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
Charon is an IPsec IKEv2 daemon. It is
written from scratch using a fully multi-threaded design and a modular
architecture. Various plugins provide additional functionality.
- strongswan-ikev1: No summary available for strongswan-ikev1 in ubuntu utopic.
No description available for strongswan-ikev1 in ubuntu utopic.
- strongswan-ikev2: strongswan IKEv2 daemon, transitional package
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package used to install the charon daemon, implementing the IKEv2
protocol. It has been replaced the strongswan-ike package.
- strongswan-nm: strongSwan charon for interaction with NetworkManager
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This plugin provides special charon deamon which interfaces with NetworkManager
to configure and control the IKEv2 daemon directly through D-Bus. It is
designed to work in conjunction with the network-manager- strongswan package,
providing a simple graphical frontend to configure IPsec based VPNs.
- strongswan-plugin-af-alg: strongSwan plugin for AF_ALG Linux crypto API interface
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the AF_ALG Linux crypto API interface plugin for
strongSwan. It provides ciphers/hashers/ hmac/xcbc.
- strongswan-plugin-agent: No summary available for strongswan-plugin-agent in ubuntu utopic.
No description available for strongswan-
plugin- agent in ubuntu utopic.
- strongswan-plugin-attr-sql: strongSwan plugin for providing IKE attributes from databases
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for providing IKE attributes read
from a database to peers.
- strongswan-plugin-certexpire: strongSwan plugin for exporting expiration dates of certificates
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the plugin for exporting expiration dates of used
certificates for strongSwan.
- strongswan-plugin-coupling: No summary available for strongswan-plugin-coupling in ubuntu utopic.
No description available for strongswan-
plugin- coupling in ubuntu utopic.
- strongswan-plugin-curl: strongSwan plugin for the libcurl based HTTP/FTP fetcher
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the libcurl based HTTP/FTP fetcher plugin for strongSwan.
- strongswan-plugin-dhcp: strongSwan plugin for forwarding DHCP request to a server
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for allowing the forwarding of DHCP
requests for virtual IP addresses to a DHCP server.
- strongswan-plugin-dnscert: strongSwan plugin for authentication via CERT RRs
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for authentication via CERT RRs
protected by DNSSEC.
- strongswan-plugin-dnskey: strongSwan plugin for parsing RFC 4034 public keys
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the plugin for parsing RFC 4034 public keys for
strongSwan.
- strongswan-plugin-duplicheck: strongSwan plugin for duplicheck functionality
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for the duplicheck functionality.
.
The duplicheck plugin provides an advanced but very specialized peer identity
duplicate checking. It works independent from the ipsec.conf uniqueids feature.
.
More information may be found at:
http://wiki.strongswan .org/projects/ strongswan/ wiki/Duplicheck
- strongswan-plugin-eap-aka: No summary available for strongswan-plugin-eap-aka in ubuntu utopic.
No description available for strongswan-
plugin- eap-aka in ubuntu utopic.
- strongswan-plugin-eap-aka-3gpp2: strongSwan plugin for the 3GPP2-based EAP-AKA backend
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for the EAP-AKA backend
implementing the standard 3GPP2 algorithm in software.
- strongswan-plugin-eap-dynamic: No summary available for strongswan-plugin-eap-dynamic in ubuntu utopic.
No description available for strongswan-
plugin- eap-dynamic in ubuntu utopic.
- strongswan-plugin-eap-gtc: strongSwan plugin for EAP-GTC protocol handler
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for EAP-GTC protocol handling while
authenticating with XAuth backends.
- strongswan-plugin-eap-md5: strongSwan plugin for EAP-MD5 protocol handler
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for EAP-MD5 protocol handling using
passwords.
- strongswan-plugin-eap-mschapv2: strongSwan plugin for EAP-MSCHAPv2 protocol handler
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for EAP-MSCHAPv2 protocol handling
using passwords/NT hashes.
- strongswan-plugin-eap-peap: strongSwan plugin for EAP-PEAP protocol handler
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for EAP-PEAP protocol handling,
which wraps other EAP methods securely.
- strongswan-plugin-eap-radius: No summary available for strongswan-plugin-eap-radius in ubuntu utopic.
No description available for strongswan-
plugin- eap-radius in ubuntu utopic.
- strongswan-plugin-eap-sim: strongSwan plugin for generic EAP-SIM protocol handling
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for generic EAP-SIM protocol
handling using different backends.
- strongswan-plugin-eap-sim-file: No summary available for strongswan-plugin-eap-sim-file in ubuntu utopic.
No description available for strongswan-
plugin- eap-sim- file in ubuntu utopic.
- strongswan-plugin-eap-sim-pcsc: strongSwan plugin for EAP-SIM credentials on smartcards
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for the EAP-SIM backend based on a
PC/SC smartcard reader.
- strongswan-plugin-eap-simaka-pseudonym: No summary available for strongswan-plugin-eap-simaka-pseudonym in ubuntu utopic.
No description available for strongswan-
plugin- eap-simaka- pseudonym in ubuntu utopic.
- strongswan-plugin-eap-simaka-reauth: strongSwan plugin for the EAP-SIM/AKA reauthentication database
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for the EAP-SIM/AKA in-memory
reauthentication identity database.
- strongswan-plugin-eap-simaka-sql: strongSwan plugin for SQL-based EAP-SIM/AKA backend reading
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for the EAP-SIM/AKA backend reading
triplets/quintuplets from a SQL database.
- strongswan-plugin-eap-tls: strongSwan plugin for the EAP-TLS protocol handler
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for EAP-TLS protocol handling, to
authenticate with certificates in EAP.
- strongswan-plugin-eap-tnc: strongSwan plugin for the EAP-TNC protocol handler
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for EAP-TNC protocol handling,
Trusted Network Connect in a TLS tunnel.
- strongswan-plugin-eap-ttls: strongSwan plugin for the EAP-TTLS protocol handler
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for EAP-TTLS protocol handling,
which wraps other EAP methods securely.
- strongswan-plugin-error-notify: strongSwan plugin for error notifications
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the plugin for error notifications, via UNIX socket, for
strongSwan.
- strongswan-plugin-farp: strongSwan plugin for faking ARP responses
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for faking ARP responses for
requests to a virtual IP address assigned to a peer.
- strongswan-plugin-fips-prf: strongSwan plugin for PRF specified by FIPS
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for the special
pseudo-random- function (PRF) specified by FIPS, used by EAP-SIM/AKA algorithms.
- strongswan-plugin-gcrypt: No summary available for strongswan-plugin-gcrypt in ubuntu utopic.
No description available for strongswan-
plugin- gcrypt in ubuntu utopic.
- strongswan-plugin-gmp: No summary available for strongswan-plugin-gmp in ubuntu utopic.
No description available for strongswan-
plugin- gmp in ubuntu utopic.
- strongswan-plugin-ipseckey: No summary available for strongswan-plugin-ipseckey in ubuntu utopic.
No description available for strongswan-
plugin- ipseckey in ubuntu utopic.
- strongswan-plugin-kernel-libipsec: strongSwan plugin for a IPsec backend that entirely in userland
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin which provides an IPsec backend
that works entirely in userland, using TUN devices and strongSwan's own IPsec
implementation libipsec. This is useful for when there is no kernel support for
IPsec.
- strongswan-plugin-ldap: No summary available for strongswan-plugin-ldap in ubuntu utopic.
No description available for strongswan-
plugin- ldap in ubuntu utopic.
- strongswan-plugin-led: No summary available for strongswan-plugin-led in ubuntu utopic.
No description available for strongswan-
plugin- led in ubuntu utopic.
- strongswan-plugin-load-tester: strongSwan plugin for load testing
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the load testing plugin for strongSwan.
.
WARNING: Never enable the load-testing plugin on production systems. It
provides preconfigured credentials and allows an attacker to authenticate as
any user.
- strongswan-plugin-lookip: strongSwan plugin for lookip interface
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin which provides an interface to
query information about tunnels via the peer's virtual IP address.
- strongswan-plugin-mysql: strongSwan plugin for MySQL
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the MySQL database backend plugin for strongSwan.
- strongswan-plugin-ntru: No summary available for strongswan-plugin-ntru in ubuntu utopic.
No description available for strongswan-
plugin- ntru in ubuntu utopic.
- strongswan-plugin-openssl: No summary available for strongswan-plugin-openssl in ubuntu utopic.
No description available for strongswan-
plugin- openssl in ubuntu utopic.
- strongswan-plugin-pgp: strongSwan plugin for PGP encoding/decoding routines
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for PGP encoding/decoding routines.
- strongswan-plugin-pkcs11: strongSwan plugin for PKCS#11 smartcard backend
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the PKCS#11 smartcard backend for strongSwan.
- strongswan-plugin-pubkey: strongSwan plugin for raw public keys
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for handling raw public keys as
trusted certificates.
- strongswan-plugin-radattr: No summary available for strongswan-plugin-radattr in ubuntu utopic.
No description available for strongswan-
plugin- radattr in ubuntu utopic.
- strongswan-plugin-soup: No summary available for strongswan-plugin-soup in ubuntu utopic.
No description available for strongswan-
plugin- soup in ubuntu utopic.
- strongswan-plugin-sql: strongSwan plugin for SQL configuration and credentials
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the SQL configuration and credentials engine plugin for
strongSwan. Using either SQLite or MySQL.
- strongswan-plugin-sqlite: No summary available for strongswan-plugin-sqlite in ubuntu utopic.
No description available for strongswan-
plugin- sqlite in ubuntu utopic.
- strongswan-plugin-sshkey: strongSwan plugin for SSH key decoding routines
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for SSH key decoding routines.
- strongswan-plugin-systime-fix: No summary available for strongswan-plugin-systime-fix in ubuntu utopic.
No description available for strongswan-
plugin- systime- fix in ubuntu utopic.
- strongswan-plugin-unbound: No summary available for strongswan-plugin-unbound in ubuntu utopic.
No description available for strongswan-
plugin- unbound in ubuntu utopic.
- strongswan-plugin-unity: strongSwan plugin for IKEv1 Cisco Unity Extensions
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the Unity plugin for strongSwan. It provides support for
parts of the IKEv1 Cisco Unity Extensions.
- strongswan-plugin-whitelist: No summary available for strongswan-plugin-whitelist in ubuntu utopic.
No description available for strongswan-
plugin- whitelist in ubuntu utopic.
- strongswan-plugin-xauth-eap: strongSwan plugin for XAuth backend using EAP methods
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for the XAuth backend that uses
EAP methods to verify passwords.
- strongswan-plugin-xauth-generic: No summary available for strongswan-plugin-xauth-generic in ubuntu utopic.
No description available for strongswan-
plugin- xauth-generic in ubuntu utopic.
- strongswan-plugin-xauth-noauth: strongSwan plugin for the generic XAuth backend
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the strongSwan plugin for the XAuth backend that does no
authentication.
- strongswan-plugin-xauth-pam: No summary available for strongswan-plugin-xauth-pam in ubuntu utopic.
No description available for strongswan-
plugin- xauth-pam in ubuntu utopic.
- strongswan-pt-tls-client: strongSwan TLS-based Posture Transport (PT) protocol client
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the TLS-based Posture Transport (PT) protocol client for
strongSwan. The PT-TLS protocol carries the Network Endpoint Assessment (NEA)
message exchange under the protection of a Transport Layer Security (TLS)
secured tunnel.
- strongswan-starter: No summary available for strongswan-starter in ubuntu utopic.
No description available for strongswan-starter in ubuntu utopic.
- strongswan-tnc-base: strongSwan Trusted Network Connect's (TNC) - base files
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the base files for strongSwan's Trusted Network
Connect's (TNC) functionality.
.
strongSwan's IMC/IMV dynamic libraries can be used by any third party TNC
client/server implementation possessing a standard IF-IMC/IMV interface.
- strongswan-tnc-client: strongSwan Trusted Network Connect's (TNC) - client files
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the client functionality for strongSwan's Trusted Network
Connect's (TNC) features.
.
It includes the OS, scanner, test, SWID, and attestation IMCs.
- strongswan-tnc-ifmap: strongSwan plugin for Trusted Network Connect's (TNC) IF-MAP client
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides Trusted Network Connect's (TNC) IF-MAP 2.0 client.
- strongswan-tnc-pdp: No summary available for strongswan-tnc-pdp in ubuntu utopic.
No description available for strongswan-tnc-pdp in ubuntu utopic.
- strongswan-tnc-server: strongSwan Trusted Network Connect's (TNC) - server files
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the server functionality for strongSwan's Trusted Network
Connect's (TNC) features.