strongswan 5.8.2-1ubuntu3 source package in Ubuntu
Changelog
strongswan (5.8.2-1ubuntu3) focal; urgency=medium * Reverting part of 5.8.2-1ubuntu2 changes to remove BLISS again as there is a potential local side-channel attack on strongSwan's BLISS implementation (https://eprint.iacr.org/2017/505). (LP: #1866765) -- Christian Ehrhardt <email address hidden> Tue, 10 Mar 2020 07:56:56 +0100
Upload details
- Uploaded by:
- Christian Ehrhardt
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- net
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Focal | release | main | net |
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
strongswan_5.8.2.orig.tar.bz2 | 4.3 MiB | 86900ddbe7337c923dadf2c8339ae8ed2b9158e3691745884d08ae534677430e |
strongswan_5.8.2-1ubuntu3.debian.tar.xz | 123.7 KiB | aa795de0a46ad31cfdb01b2ab65dbf1d839ef87da9d1f4d0c75e8ea9db106cba |
strongswan_5.8.2-1ubuntu3.dsc | 3.8 KiB | d9eef6669f02fad2d17a47f0909d9310eb9e8f3941c55b2d07e4b1cbbe8632f7 |
Available diffs
Binary packages built by this source
- charon-cmd: No summary available for charon-cmd in ubuntu groovy.
No description available for charon-cmd in ubuntu groovy.
- charon-cmd-dbgsym: No summary available for charon-cmd-dbgsym in ubuntu groovy.
No description available for charon-cmd-dbgsym in ubuntu groovy.
- charon-systemd: No summary available for charon-systemd in ubuntu groovy.
No description available for charon-systemd in ubuntu groovy.
- charon-systemd-dbgsym: debug symbols for charon-systemd
- libcharon-extauth-plugins: strongSwan charon library (extended authentication plugins)
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides extended authentication plugins for the charon library:
- eap-mschapv2 (EAP-MSCHAPv2 protocol handler using passwords/NT hashes)
Used for client side to connect to some VPN concentrators configured for
Windows 7+ and modern OSX/iOS using IKEv2 (identify with public key,
authenticate with MSCHAPv2).
- xauth-generic (Generic XAuth backend that provides passwords from
ipsec.secrets and other credential sets)
Used for the client side to connect to VPN concentrators configured for
Android and older OSX/iOS using IKEv1 and XAUTH (identify with public key,
authenticate with XAUTH password).
.
These are the "not always, but still more commonly used" plugins, for further
needs even more plugins can be found in the package libcharon-extra-plugins.
- libcharon-extauth-plugins-dbgsym: debug symbols for libcharon-extauth-plugins
- libcharon-extra-plugins: No summary available for libcharon-extra-plugins in ubuntu groovy.
No description available for libcharon-
extra-plugins in ubuntu groovy.
- libcharon-extra-plugins-dbgsym: debug symbols for libcharon-extra-plugins
- libcharon-standard-plugins: No summary available for libcharon-standard-plugins in ubuntu groovy.
No description available for libcharon-
standard- plugins in ubuntu groovy.
- libstrongswan: strongSwan utility and crypto library
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides the underlying libraries of charon and other strongSwan
components. It is built in a modular way and is extendable through various
plugins.
.
Some default (as specified by the strongSwan projet) plugins are included.
For libstrongswan (cryptographic backends, URI fetchers and database layers):
- aes (AES-128/192/256 cipher software implementation)
- constraints (X.509 certificate advanced constraint checking)
- dnskey (Parse RFC 4034 public keys)
- drbg (NIST SP-800-90A Deterministic Random Bit Generator)
- fips-prf (PRF specified by FIPS, used by EAP-SIM/AKA algorithms)
- gmp (RSA/DH crypto backend based on libgmp)
- hmac (HMAC wrapper using various hashers)
- md5 (MD5 hasher software implementation)
- mgf1 (Mask Generation Functions based on the SHA-1, SHA-256 and SHA-512)
- nonce (Default nonce generation plugin)
- pem (PEM encoding/decoding routines)
- pgp (PGP encoding/decoding routines)
- pkcs1 (PKCS#1 encoding/decoding routines)
- pkcs8 (PKCS#8 decoding routines)
- pkcs12 (PKCS#12 decoding routines)
- pubkey (Wrapper to handle raw public keys as trusted certificates)
- random (RNG reading from /dev/[u]random)
- rc2 (RC2 cipher software implementation)
- revocation (X.509 CRL/OCSP revocation checking)
- sha1 (SHA1 hasher software implementation)
- sha2 (SHA256/SHA384/ SHA512 hasher software implementation)
- sshkey (SSH key decoding routines)
- x509 (Advanced X.509 plugin for parsing/generating X.509 certificates/CRLs
and OCSP messages)
- xcbc (XCBC wrapper using various ciphers)
- attr (Provides IKE attributes configured in strongswan.conf)
- kernel-netlink [linux] (IPsec/Networking kernel interface using Linux
Netlink)
- kernel-pfkey [kfreebsd] (IPsec kernel interface using PF_KEY)
- kernel-pfroute [kfreebsd] (Networking kernel interface using PF_ROUTE)
- resolve (Writes name servers received via IKE to a resolv.conf file or
installs them via resolvconf(8))
- libstrongswan-dbgsym: No summary available for libstrongswan-dbgsym in ubuntu groovy.
No description available for libstrongswan-
dbgsym in ubuntu groovy.
- libstrongswan-extra-plugins: strongSwan utility and crypto library (extra plugins)
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides extra plugins for the strongSwan utility and
cryptographic library.
.
Included plugins are:
- af-alg [linux] (AF_ALG Linux crypto API interface, provides
ciphers/hashers/ hmac/xcbc)
- ccm (CCM cipher mode wrapper)
- cmac (CMAC cipher mode wrapper)
- ctr (CTR cipher mode wrapper)
- curl (libcurl based HTTP/FTP fetcher)
- curve25519 (support for Diffie-Hellman group 31 using Curve25519 and
support for the Ed25519 digital signature algorithm for IKEv2)
- gcrypt (Crypto backend based on libgcrypt, provides
RSA/DH/ciphers/ hashers/ rng)
- ldap (LDAP fetching plugin based on libldap)
- ntru (key exchanged based on post-quantum computer NTRU)
- padlock (VIA padlock crypto backend, provides AES128/SHA1)
- pkcs11 (PKCS#11 smartcard backend)
- rdrand (High quality / high performance random source using the Intel
rdrand instruction found on Ivy Bridge processors)
- test-vectors (Set of test vectors for various algorithms)
.
Also included is the libtpmtss library adding support for TPM plugin
(https://wiki.strongswa n.org/projects/ strongswan/ wiki/TpmPlugin)
- libstrongswan-extra-plugins-dbgsym: debug symbols for libstrongswan-extra-plugins
- libstrongswan-standard-plugins: strongSwan utility and crypto library (standard plugins)
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package provides some common plugins for the strongSwan utility and
cryptograhic library.
.
Included plugins are:
- agent (RSA/ECDSA private key backend connecting to SSH-Agent)
- gcm (GCM cipher mode wrapper)
- openssl (Crypto backend based on OpenSSL, provides
RSA/ECDSA/DH/ ECDH/ciphers/ hashers/ HMAC/X. 509/CRL/ RNG)
- libstrongswan-standard-plugins-dbgsym: debug symbols for libstrongswan-standard-plugins
- strongswan: No summary available for strongswan in ubuntu groovy.
No description available for strongswan in ubuntu groovy.
- strongswan-charon: No summary available for strongswan-charon in ubuntu groovy.
No description available for strongswan-charon in ubuntu groovy.
- strongswan-charon-dbgsym: debug symbols for strongswan-charon
- strongswan-libcharon: No summary available for strongswan-libcharon in ubuntu groovy.
No description available for strongswan-
libcharon in ubuntu groovy.
- strongswan-libcharon-dbgsym: debug symbols for strongswan-libcharon
- strongswan-nm: No summary available for strongswan-nm in ubuntu groovy.
No description available for strongswan-nm in ubuntu groovy.
- strongswan-nm-dbgsym: debug symbols for strongswan-nm
- strongswan-pki: strongSwan IPsec client, pki command
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package contains the pki tool which allows on to run a simple public key
infrastructure.
- strongswan-pki-dbgsym: debug symbols for strongswan-pki
- strongswan-scepclient: No summary available for strongswan-scepclient in ubuntu groovy.
No description available for strongswan-
scepclient in ubuntu groovy.
- strongswan-scepclient-dbgsym: No summary available for strongswan-scepclient-dbgsym in ubuntu groovy.
No description available for strongswan-
scepclient- dbgsym in ubuntu groovy.
- strongswan-starter: No summary available for strongswan-starter in ubuntu groovy.
No description available for strongswan-starter in ubuntu groovy.
- strongswan-starter-dbgsym: No summary available for strongswan-starter-dbgsym in ubuntu groovy.
No description available for strongswan-
starter- dbgsym in ubuntu groovy.
- strongswan-swanctl: strongSwan IPsec client, swanctl command
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
.
This package contains the swanctl interface, used to configure a running
charon daemon
- strongswan-swanctl-dbgsym: debug symbols for strongswan-swanctl
- strongswan-tnc-base: No summary available for strongswan-tnc-base in ubuntu groovy.
No description available for strongswan-tnc-base in ubuntu groovy.
- strongswan-tnc-client: No summary available for strongswan-tnc-client in ubuntu groovy.
No description available for strongswan-
tnc-client in ubuntu groovy.
- strongswan-tnc-ifmap: transitional package
This is a transitional package. It can safely be removed.
- strongswan-tnc-pdp: No summary available for strongswan-tnc-pdp in ubuntu groovy.
No description available for strongswan-tnc-pdp in ubuntu groovy.
- strongswan-tnc-server: No summary available for strongswan-tnc-server in ubuntu groovy.
No description available for strongswan-
tnc-server in ubuntu groovy.