pkgsrc-WIP-changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
libreswan-5: update to v5.3 (July 3, 2025)
Module Name: pkgsrc-wip
Committed By: Andrew Cagney <andrew.cagney%gmail.com@localhost>
Pushed By: cagney
Date: Tue Jul 8 13:04:32 2025 +0000
Changeset: db29ebd67c11763a73db6890c3d12a8f21b1e8fe
Modified Files:
libreswan-5/Makefile
libreswan-5/distinfo
Log Message:
libreswan-5: update to v5.3 (July 3, 2025)
* PKIX (Public Key Infrastructure X.509)
- moved cURL and LDAP CRL download code out of pluto [Andrew]
- replaced CRL thread with libevent [Andrew]
- fixed `ipsec checkcrls` [Andrew]
- when configured, use cURL to download LDAP CRLs [Andrew]
- verify using NSS's IPsec profile aka certificateUsageIPsec [Andrew]
- only verify using certificateUsageSSL{Client,Server} when USE_NSS_TLS_SECURITY_PROFILE [Andrew]
* IKEv2:
- fix PEXPECT when deleting crossed IKE SA [Andrew, Ilya Maximets #2101, Ondrej Moris #2123]
* IKEv1:
- fix CISCO's split support (requires cisco-split=yes) [Andrew, Amirreza #2230 Erikas #633]
- share-lease=yes|no (default yes) to share XAUTH/ModeCfg lease IP on multiple connections [Paul]
* initsystem:
- remove unused _stackmanager [Tuomo #2080]
- on BSD, default to syslog(LOG_NOTICE) and not pluto.log [Andrew #2295 #2298]
* config:
- merge `addconn` (`ipsec.conf`) and `whack` connection option parsers [Andrew]
- change `whack` to use same connection defaults as `ipsec.conf` [Andrew]
- support `ipsec addconn --name connname left=1.2.3.4 right=5.6.7.8` (experimental) [Andrew #2138]
- drop undocumented `ipsec readwriteconf --rootdir` option [Andrew, #2152]
- obsoleted virtual_private= and plutostderrlog= keywords [Tuomo]
- warn when END-option= has no END [Andrew #663]
- nflog= made an alias to nflog-group= [Andrew]
- recognize ah=... as phase2=ah phase2alg=... [Andrew #712]
* ipsec pluto:
- make `ipsec.conf`'s `config setup` and pluto options consistent [Andrew]
- fix `--config file1 --config file2` [Andrew]
* ipsec connectionstatus:
- support `ipsec connectionstatus '"labeled"[1][2]'` [Andrew #1308]
* testing:
- eliminated all pyOpenSSL dependencies [Andrew]
- review PKIX test coverage [Andrew]
- upgrade Fedora test domain to f42
* building:
- build with curl 8.14.1 [Andrew, Vincent #2319]
To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=db29ebd67c11763a73db6890c3d12a8f21b1e8fe
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
diffstat:
libreswan-5/Makefile | 2 +-
libreswan-5/distinfo | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diffs:
diff --git a/libreswan-5/Makefile b/libreswan-5/Makefile
index dc8add68dd..30f4a53a6f 100644
--- a/libreswan-5/Makefile
+++ b/libreswan-5/Makefile
@@ -15,7 +15,7 @@
#
# libreswan: 5.0 5.0nb1 ...
-DISTNAME= libreswan-5.2
+DISTNAME= libreswan-5.3
MASTER_SITES= https://download.libreswan.org/
CATEGORIES= security
diff --git a/libreswan-5/distinfo b/libreswan-5/distinfo
index ff42f354ce..51478434c7 100644
--- a/libreswan-5/distinfo
+++ b/libreswan-5/distinfo
@@ -1,5 +1,5 @@
$NetBSD$
-BLAKE2s (libreswan-5.2.tar.gz) = ecb889c97a18b2f5acb945c11e73993720dd3682fa2c59a2e56901feb0f8c2ac
-SHA512 (libreswan-5.2.tar.gz) = 5c87edc879914158ba9c4c2a0edcd6fac0787b16d3c6a50c268cbd675c51cdec94e509031bc226680c0d40bd3375d73007cae5ee0588c136292e3f34cb759694
-Size (libreswan-5.2.tar.gz) = 4132199 bytes
+BLAKE2s (libreswan-5.3.tar.gz) = cd9f92dee9065c73d4579cc17ac39e3f524552633e14f169037ee73fad9daef9
+SHA512 (libreswan-5.3.tar.gz) = 338fb82a9969da8fa78f64ec9eda0e3dcd216d6b8333a6f966ba839e31d3eb5fdd94613f0fff934be16ff8d84f6f4265c8b35f37c642569e042f65a58038ba0d
+Size (libreswan-5.3.tar.gz) = 4220520 bytes
Home |
Main Index |
Thread Index |
Old Index