From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Cc: Adolf Belka <adolf.belka@ipfire.org>
Subject: [PATCH] strongswan: Update to version 6.0.2
Date: Mon, 21 Jul 2025 23:26:00 +0200 [thread overview]
Message-ID: <20250721212601.3400729-12-adolf.belka@ipfire.org> (raw)
In-Reply-To: <20250721212601.3400729-1-adolf.belka@ipfire.org>
- Update from version 6.0.1 to 6.0.2
- Update of rootfile
- Changelog
6.0.2
- Support for per-CPU SAs (RFC 9611) has been added (Linux 6.13+).
- Basic support for AGGFRAG mode (RFC 9347) has been added (Linux 6.14+).
- POSIX regular expressions can be used to match remote identities.
- Switching configs based on EAP-Identities is supported. Setting
`remote.eap_id` now always initiates an EAP-Identity exchange.
- On Linux, sequence numbers from acquires are used when installing SAs. This
allows handling narrowing properly.
- During rekeying, the narrowed traffic selectors are now proposed instead of
the configured ones.
- The default AH/ESP proposals contain all supported key exchange methods plus
`none` to make PFS optional and accept proposals of older peers.
- GRO for ESP in enabled for NAT-T UDP sockets, which can improve performance
if the esp4|6_offload modules are loaded.
- charon-nm sets the VPN connection as persistent, preventing NetworkManager
from tearing down the connection if the network connectivity changes.
- ML-KEM is supported via OpenSSL 3.5+.
- The wolfssl plugin is now compatible to wolfSSL's FIPS module.
- The libsoup plugin has been migrated to libsoup 3, libsoup 2 is not supported
anymore.
- The long defunct uci plugin has been removed.
- Log messages by watcher_t are now logged in a separate log group (`wch`).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
config/rootfiles/common/strongswan | 2 ++
lfs/strongswan | 4 ++--
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/config/rootfiles/common/strongswan b/config/rootfiles/common/strongswan
index cd446d1e9..48f4fdf43 100644
--- a/config/rootfiles/common/strongswan
+++ b/config/rootfiles/common/strongswan
@@ -62,6 +62,7 @@ etc/strongswan.d/charon/xauth-eap.conf
etc/strongswan.d/charon/xauth-generic.conf
etc/strongswan.d/charon/xauth-noauth.conf
etc/strongswan.d/charon/xcbc.conf
+etc/strongswan.d/iptfs.conf
etc/strongswan.d/pki.conf
etc/strongswan.d/starter.conf
etc/strongswan.d/swanctl.conf
@@ -241,6 +242,7 @@ usr/sbin/swanctl
#usr/share/strongswan/templates/config/strongswan.d
#usr/share/strongswan/templates/config/strongswan.d/charon-logging.conf
#usr/share/strongswan/templates/config/strongswan.d/charon.conf
+#usr/share/strongswan/templates/config/strongswan.d/iptfs.conf
#usr/share/strongswan/templates/config/strongswan.d/pki.conf
#usr/share/strongswan/templates/config/strongswan.d/starter.conf
#usr/share/strongswan/templates/config/strongswan.d/swanctl.conf
diff --git a/lfs/strongswan b/lfs/strongswan
index 921dbe5e0..7075ab7ef 100644
--- a/lfs/strongswan
+++ b/lfs/strongswan
@@ -24,7 +24,7 @@
include Config
-VER = 6.0.1
+VER = 6.0.2
THISAPP = strongswan-$(VER)
DL_FILE = $(THISAPP).tar.bz2
@@ -43,7 +43,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 5c751073412ce25dd06400043b8daaa9751052b7f686c46ef7b6fc8e8e4f622dd58e30b1eed634a75174a8032a1ece2c24bf5809689152927539c12e2d25edbf
+$(DL_FILE)_BLAKE2 = 3cfc248831832a9b75da549fcaf490a4a0c33e2f680e04a02d04a035c05215ae0236f1fdcdb4a00b71b5a08d07626e8028959045aff1b77827c21fe7e1fb13ad
install : $(TARGET)
--
2.50.1
next prev parent reply other threads:[~2025-07-21 21:26 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-21 21:25 [PATCH] automake: Update to version 1.18.1 Adolf Belka
2025-07-21 21:25 ` [PATCH] core 197: Ship automake Adolf Belka
2025-07-21 21:25 ` [PATCH] core 197: Ship curl Adolf Belka
2025-07-21 21:25 ` [PATCH] core 197: Ship e2fsprogs Adolf Belka
2025-07-21 21:25 ` [PATCH] core 197: Ship gettext Adolf Belka
2025-07-21 21:25 ` [PATCH] core 197: Ship strongswan Adolf Belka
2025-07-21 21:25 ` [PATCH] curl: Update to version 8.15.0 Adolf Belka
2025-07-21 21:25 ` [PATCH] e2fsprogs: Update to version 1.47.3 Adolf Belka
2025-07-21 21:25 ` [PATCH] gettext: Update to version 0.26 Adolf Belka
2025-07-21 21:25 ` [PATCH] git: Update to version 2.50.1 Adolf Belka
2025-07-21 21:25 ` [PATCH] gnutls: Update to version 3.8.10 Adolf Belka
2025-07-21 21:26 ` Adolf Belka [this message]
2025-07-21 21:26 ` [PATCH] tshark: Update to version 4.4.8 Adolf Belka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250721212601.3400729-12-adolf.belka@ipfire.org \
--to=adolf.belka@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox