Accepted freeswan 1.98b-1 (i386 source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 02 Jul 2002 12:25:36 +0200
Source: freeswan
Binary: kernel-patch-freeswan freeswan kernel-patch-freeswan-ext
Architecture: source all i386
Version: 1.98b-1
Distribution: unstable
Urgency: low
Maintainer: Rene Mayrhofer <rmayr@debian.org>
Changed-By: Rene Mayrhofer <rmayr@debian.org>
Description:
freeswan - IPSEC utilities for FreeSWan
kernel-patch-freeswan - IPSEC kernel support for FreeSwan
kernel-patch-freeswan-ext - IPSEC kernel support for FreeSwan + modular extensions
Closes: 136799 136803 137282 140059 140992 141024 141024 141293 142747 143310 148742
Changes:
freeswan (1.98b-1) unstable; urgency=low
.
* Corrected debian/rules so that the new ext patches work again.
.
I don't know why my upload of 1.96-2 did not get into unstable, I uploaded
twice. Maybe I did something wrong with the main -> non-US transition. This
was the changelog text:
* Moved from non-US to main.
* Now the source package generates two different kernel-patch-freeswan
packages: One with and one without the ext patches (which add AES
among other ciphers). This made some restructuring of debian/rules
necessary, but there are no changes that should affect the generated
packages in any way (not getting in the way of the freeze).
Thanks to Kyle McMartin for doing a lot of fore-work.
.
This somehow deals with the following bug (please use the non-ext
kernel-patch package if there are problems with the ext package). This is
also good for the freeze since kernel-patch-freeswan is now again back
to upstream state and therefore stable.
BTW: This bug can easily be avoided by either enabling the aes or the
aes-opt module (and not both).
Closes: #137282: freeswan kernel patch doesn't compile with AES configured
The restructuring should also deal with this one:
Closes: #141024: build problem
.
* Fixed mkx509cert.sh. I am keeping this script just for one reason
(and not integrating it directly into the postinst): it will get used by
some other scripts that are about to come. Therefore I did not want to
have this code directly in the postinst script.
Closes: #136803: mkx509cert is fubar
Closes: #140059: Certificates not generated properly by install
* Completed the transition to the new capabilities of the X509 patch: now
the X509 key file (when created in PEM format or taken from an existing
key) is copied to /etc/ipsec.d/private/<hostname<Key>.pem and this
filename is put into /etc/ipsec.secrets. Therefore this file does not
need to be touched anymore manually when using X509 certificates.
Also fixed a small bug - thanks to Robert Bihlmeyer for discovering and
sending a patch.
Closes: #143310: generating a non-self-signed keypair (cert req) is broken
Since fswcert is now no longer needed (there is no need to extract the RSA
key from the PEM file anymore, pluto can now deal with this directly), it
is not included in the upstream X509 patch. The references in README.x509
also say that this tool is optional and that it can be downloaded from the
given webpage.
Closes: #141293: fswcert not present
* Changed the default keylength for created RSA keys. Now it is 2048 bit,
conforming with the recommendation by upstream.
Closes: #136799: RSA keys should default to 2048 bits
* Really distribute the example configurations for the ext patches.
Closes: #142747: README.Debian mentions non existant documentation
.
Angus Lees offered to be a co-maintainer of freeswan and I am happy about
that - expect bugs to be fixed quicker when two maintainers are working on
freeswan. Therefore put him into the uploaders field. He already sent me a
packaged version of 1.98b, which I have (hopefully) integrated into this
upload. His changelog entries were:
* New upstream version (closes: #148742).
* Updated the X.509 patch.
* Updated the crypto extensions patch.
* Add notify_delete patch from Mathieu Lafon (closes: #140992)
(required a trivial change to work with crypto extensions patch).
* Replace `pwd` with $(CURDIR) and remove "sh -c" braindeadness from
debian/rules.
* After perusing all the awk scripts, I declare that we are no longer
dependent on gawk. Dependencies and (broken) debian/rules munging
removed. Bug reports welcome :) (closes: #141024)
* Make install-kernel-patch-freeswan debian/rules target depend on
"build", so it triggers patching. Really should be moved into a
separate "patch" target or something.
* Set KLIPSLINK=cp rather than try and munge Makefile directly.
Files:
c78aeca089b49522f8362fabcdf43ecc 704 main optional freeswan_1.98b-1.dsc
12c6544009423aef10c490898a2dc556 2441410 main optional freeswan_1.98b.orig.tar.gz
04c883f88c4e4d6b3937fb8c0b319c78 406451 main optional freeswan_1.98b-1.diff.gz
878480ee34ed57b430b741d2049b192c 706478 main optional kernel-patch-freeswan_1.98b-1_all.deb
8af6dd0e2fc13949fb959ca723f9a0d1 856152 main optional kernel-patch-freeswan-ext_1.98b-1_all.deb
fe7d9356bcfe84eb2e0631d304ab410c 1288702 main optional freeswan_1.98b-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iEYEARECAAYFAj1OSJ8ACgkQq7SPDcPCS96gMwCdF0dq3CHLEfU2KCJPd/zBBAEN
Fh4AnRJk0Y+TUGIMPoVNZOo9svWgYUaR
=mFYp
-----END PGP SIGNATURE-----
Accepted:
freeswan_1.98b-1.diff.gz
to pool/main/f/freeswan/freeswan_1.98b-1.diff.gz
freeswan_1.98b-1.dsc
to pool/main/f/freeswan/freeswan_1.98b-1.dsc
freeswan_1.98b-1_i386.deb
to pool/main/f/freeswan/freeswan_1.98b-1_i386.deb
freeswan_1.98b.orig.tar.gz
to pool/main/f/freeswan/freeswan_1.98b.orig.tar.gz
kernel-patch-freeswan-ext_1.98b-1_all.deb
to pool/main/f/freeswan/kernel-patch-freeswan-ext_1.98b-1_all.deb
kernel-patch-freeswan_1.98b-1_all.deb
to pool/main/f/freeswan/kernel-patch-freeswan_1.98b-1_all.deb
Reply to: