[Pkg-swan-devel] Handling of openssl and crypto libstrongswan plugins in 6.0.0+

[Yves-Alexis Perez]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hey there,

in strongSwan 6.0.0 it seems that the openssl plugins now handles by default
various cryptographic algorithms previously handled by specific plugins.

See https://github.com/strongswan/strongswan/releases/tag/6.0.0 and
especially:

> The openssl plugin is now enabled by default, while the following crypto
plugins are no longer enabled by default: aes, curve25519, des, fips-prf, gmp,
hmac, md5, pkcs12, rc2, sha1, sha2.

In Debian we have aes, gmp, hmac, md5, mgf1, pkcs12, rc2, sha1, sha2 plugins
directly in the libstrongswan package while openssl is in the libstrongswan-
standard-plugins (all of them are built).

I'm wondering about the migration path for Debian: should we follow upstream
and:
- - move openssl plugin to the libstrongswan package
- - stop building/providing the various cipher-specific plugins

Ubuntu maintainer added for information. Afair Ubuntu has a policy of one
package per plugin so maybe there's not much needed there.

Regards,
- -- 
Yves-Alexis
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAmec8AoACgkQ3rYcyPpX
RFtjRgf9E8iuc/CMDLJGV+O9GFoJhWJrnsLyEolfvLJJbL32l3k2oqk4+YDR6PFv
+Bxa6uE3+c5PgucCAVOwJuEIXWfi4iT89bUeU8ZmzPPWi0XnGYykCuD137GUR9ES
7EIqS/F/WoZjXS5/hwN/A97LcRNU6dYE1T93qeKCLvvloXfu9B/16ab4j+pZ0bvF
Hjd/zgWWX+ZFdNT6Jr3AmWPcjW6Y2ByHcQFCgM5ZWjhsAKSVK1PGLMgUUFUoPAKf
zCzPJSurLqBOIkLSBpKBgXB98O+4txZeuflBg3AJqmxXRsi9s8nx9txmqVscf2gH
x8/31cVSOmoXUhG3YAkQW7WykEzW9w==
=lnEK
-----END PGP SIGNATURE-----