[Pkg-swan-devel] [strongswan] 05/07: include curve25519 plugin.

Gerald Turner gturner at unzane.com
Fri Jun 23 19:20:13 UTC 2017 

Hello Yves-Alexis, today I got around to git-rebasing my own gbp repo
with alioth's (first time using git-rebase, I love it!), and I noticed
your commits 6ddc3ca3 ("include curve25519...") and 021aa5ad ("install
libtpmtss...") were different than what I had done - should't curve25519
be placed in libstrongswan-extra-plugins instead of libcharon-extra-
plugins?  Conversely, while perhaps libtpmtss should have it's own
package, I arbitrarily put it in libcharon-extra-plugins, whereas you
put it in libstrongswan-extra-plugins.  My limited understanding of the
distinction between libcharon and libstrongswan is that libstrongswan
contains plugins for algorithms (like curve25519), URI fetchers and
database layers, whereas libcharon contains plugins for kernel IPsec
implementation glue, daemon glue (stroke/vici), authentication
(EAP-xyz), and network tools (dhcp, farp, updown, etc).

I guess it doesn't matter, works either way, but which is correct?


On Fri, May 19 2017, Yves-Alexis Perez wrote:
> This is an automated email from the git hooks/post-receive script.
>
> corsac pushed a commit to branch master
> in repository strongswan.
>
> commit 6ddc3ca382a67e8d413543d79dbb04728883d94a
> Author: Yves-Alexis Perez <corsac at corsac.net>
> Date:   Sat Apr 1 17:13:14 2017 +0200
>
>     include curve25519 plugin.
> ---
>  debian/changelog                       | 2 ++
>  debian/control                         | 2 ++
>  debian/libcharon-extra-plugins.install | 3 +++
>  3 files changed, 7 insertions(+)
>
> diff --git a/debian/changelog b/debian/changelog
> index 96c3cfb..3bed30c 100644
> --- a/debian/changelog
> +++ b/debian/changelog
> @@ -2,6 +2,8 @@ strongswan (5.5.2-1) UNRELEASED; urgency=medium
>
>    * New upstream release.
>    * debian/patches/03_systemd-service refreshed.
> +  * debian/libcharon-extra-plugins.install:
> +    - include curve25519 plugin.
>
>   -- Yves-Alexis Perez <corsac at debian.org>  Sat, 01 Apr 2017 16:26:52 +0200
>
> diff --git a/debian/control b/debian/control
> index 391d615..ed378d8 100644
> --- a/debian/control
> +++ b/debian/control
> @@ -163,6 +163,8 @@ Description: strongSwan charon library (extra plugins)
>    - addrblock (Narrow traffic selectors to RFC 3779 address blocks in X.509
>      certificates)
>    - certexpire (Export expiration dates of used certificates)
> +  - curve25519 (support for Diffie-Hellman group 31 using Curve25519 and
> +    support for the Ed25519 digital signature algorithm for IKEv2)
>    - eap-aka (Generic EAP-AKA protocol handler using different backends)
>    - eap-gtc (EAP-GTC protocol handler authenticating with XAuth backends)
>    - eap-identity (EAP-Identity identity exchange algorithm, to use with other
> diff --git a/debian/libcharon-extra-plugins.install b/debian/libcharon-extra-plugins.install
> index 7b0bd2b..7cdab1b 100644
> --- a/debian/libcharon-extra-plugins.install
> +++ b/debian/libcharon-extra-plugins.install
> @@ -1,6 +1,7 @@
>  # libcharon plugins
>  usr/lib/ipsec/plugins/libstrongswan-addrblock.so
>  usr/lib/ipsec/plugins/libstrongswan-certexpire.so
> +usr/lib/ipsec/plugins/libstrongswan-curve25519.so
>  usr/lib/ipsec/plugins/libstrongswan-eap*.so
>  usr/lib/ipsec/plugins/libstrongswan-error-notify.so
>  usr/lib/ipsec/plugins/libstrongswan-ha.so
> @@ -14,6 +15,7 @@ usr/lib/ipsec/plugins/libstrongswan-xauth-*.so
>  # standard configuration files
>  usr/share/strongswan/templates/config/plugins/addrblock.conf
>  usr/share/strongswan/templates/config/plugins/certexpire.conf
> +usr/share/strongswan/templates/config/plugins/curve25519.conf
>  usr/share/strongswan/templates/config/plugins/eap-*.conf
>  usr/share/strongswan/templates/config/plugins/error-notify.conf
>  usr/share/strongswan/templates/config/plugins/ha.conf
> @@ -28,6 +30,7 @@ usr/share/strongswan/templates/config/strongswan.d/tnc.conf
>  etc/strongswan.d/tnc.conf
>  etc/strongswan.d/charon/addrblock.conf
>  etc/strongswan.d/charon/certexpire.conf
> +etc/strongswan.d/charon/curve25519.conf
>  etc/strongswan.d/charon/eap-*.conf
>  etc/strongswan.d/charon/error-notify.conf
>  etc/strongswan.d/charon/ha.conf

-- 
Gerald Turner <gturner at unzane.com>        Encrypted mail preferred!
OpenPGP: 4096R / CA89 B27A 30FA 66C5 1B80  3858 EC94 2276 FDB8 716D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 962 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-swan-devel/attachments/20170623/995a29d6/attachment.sig>

More information about the Pkg-swan-devel mailing list