[Pkg-swan-devel] Bug#739641: Bug#739641: Include build option --enable-kernel-libipsec for userland IPSec
Tony Zhou
tonytzhou at gmail.com
Tue Feb 25 05:12:29 UTC 2014
Interestingly, when I tried to compile the source code of
wheezy-backports branch, the strongswan daemon is NOT reading my
settings in /etc/strongswan.conf, even when I specified --prefix=/usr
and --sysconfdir=/etc in configure...
On 2/21/2014 2:12 PM, C.J. Adams-Collier KF7BMP wrote:
> I've confirmed that the package builds with these two changes:
>
> cjac at foxtrot:/usr/src/deb$ diff -u strongswan-5.1.1/debian/libstrongswan.install strongswan-5.1.1-cjac/debian/libstrongswan.install
> --- strongswan-5.1.1/debian/libstrongswan.install 2014-02-04 05:04:50.000000000 -0800
> +++ strongswan-5.1.1-cjac/debian/libstrongswan.install 2014-02-21 10:56:41.680283978 -0800
> @@ -6,6 +6,7 @@
> usr/lib/ipsec/libradius.so*
> usr/lib/ipsec/libtls.so*
> usr/lib/ipsec/libpttls.so*
> +usr/lib/ipsec/libipsec.so*
> usr/lib/ipsec/plugins/libstrongswan-gmp.so
> usr/lib/ipsec/plugins/libstrongswan-openssl.so
> usr/lib/ipsec/plugins/libstrongswan-x509.so
> cjac at foxtrot:/usr/src/deb$ diff -u strongswan-5.1.1/debian/rules strongswan-5.1.1-cjac/debian/rules
> --- strongswan-5.1.1/debian/rules 2014-02-04 05:04:50.000000000 -0800
> +++ strongswan-5.1.1-cjac/debian/rules 2014-02-21 10:46:11.152366245 -0800
> @@ -21,6 +21,7 @@
> --enable-lookip \
> --enable-error-notify \
> --enable-unity \
> + --enable-kernel-libipsec \
> --disable-blowfish --disable-des # BSD-Young license
> #--with-user=strongswan --with-group=nogroup
> # --enable-kernel-pfkey --enable-kernel-klips \
>
>
> On Thu, 2014-02-20 at 15:41 -0500, Tony Zhou wrote:
>> Package: strongswan
>> Version: 5.1.1-1~bpo70+1
>> Severity: wishlist
>>
>> Dear Maintainer,
>>
>> Would you kindly please include the build option
>> '--enable-kernel-libipsec' for future strongswan packages? The
>> description to this
>> parameter could be found here on Strongswan wiki:
>> http://wiki.strongswan.org/projects/strongswan/wiki/Kernel-libipsec,
>> which says
>> this plugin provides a userland IPSec implementation using TUN devices.
>> It is particularly useful for virtualized servers like OpenVZ
>> which does not have kernel modules loaded for IPSec.
>>
>> Thanks,
>> TZ
>>
>> -- System Information:
>> Debian Release: 7.4
>> APT prefers stable-updates
>> APT policy: (500, 'stable-updates'), (500, 'stable')
>> Architecture: i386 (i686)
>>
>> Kernel: Linux 3.2.0-042stab084.3 (SMP w/2 CPU cores)
>> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored:
>> LC_ALL set to en_US.UTF-8)
>> Shell: /bin/sh linked to /bin/dash
>>
>> _______________________________________________
>> Pkg-swan-devel mailing list
>> Pkg-swan-devel at lists.alioth.debian.org
>> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-swan-devel
More information about the Pkg-swan-devel
mailing list