~paelzer/ubuntu/+source/strongswan:lp-1863749-re-add-ntru-focal

Branch merges

Propose for merging

Merged into ubuntu/+source/strongswan:ubuntu/focal-devel at revision 5b55f7edc42ce76a8a221ab1b2d18f4954cac4c9

Andreas Hasenack: Approve on 2020-03-11

Canonical Server: Pending requested 2020-03-10

git-ubuntu developers: Pending requested 2020-03-10

Diff: 83 lines (+8/-9)

4 files modified

debian/changelog (+8/-0)
debian/control (+0/-3)
debian/libstrongswan-extra-plugins.install (+0/-5)
debian/rules (+0/-1)

api

Merged into ubuntu/+source/strongswan:ubuntu/focal-devel at revision 77ed247e564c59a1f67371b7e6955cc69c81fa5a

Robie Basak: Approve on 2020-03-05

Canonical Server: Pending requested 2020-03-04

git-ubuntu developers: Pending requested 2020-03-04

Diff: 110 lines (+24/-0)

4 files modified

debian/changelog (+10/-0)
debian/control (+4/-0)
debian/libstrongswan-extra-plugins.install (+8/-0)
debian/rules (+2/-0)

api

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

5b55f7e... by Christian Ehrhardt  on 2020-03-10

changelog: remove BLISS again as there is a local side-channel attack (LP: #1866765)

Signed-off-by: Christian Ehrhardt <email address hidden>

87f0398... by Christian Ehrhardt  on 2020-03-10

Revert "d/control: d/rules: d/libstrongswan-extra-plugins.install: re-add BLISS (Bimodal Lattice Signature Scheme post-quantum computer signature scheme) plugin (LP: #1863749)"

This reverts commit 06e44b4491fd6345c2587854547a1437e75cf868.

2eac1c3... by Christian Ehrhardt  on 2020-03-10

Revert "d/control: d/libstrongswan-extra-plugins.install: re-add nttfft (Number Theoretic Transform via the FFT algorithm) which is required by BLISS"

This reverts commit 64ad36deccb0bb3af6e87bf3675e2cd6a427e927.

3205dcf... by Christian Ehrhardt  on 2020-03-04

Import patches-unapplied version 5.8.2-1ubuntu2 to ubuntu/focal-proposed

Imported using git-ubuntu import.

Changelog parent: 3ae86f5c7dba1b5f952d74a742dae08757971506

New changelog entries:
  * re-add post-quantum computer signature scheme (BLISS) and encryption
    algorithm (NTRU) as well as the dependent nttfft library (LP: #1863749)
    - d/control: mention plugins in package description
    - d/rules: enable ntru and bliss at build time
    - d/libstrongswan-extra-plugins.install: ship config and shared objects

3ae86f5... by Christian Ehrhardt  on 2020-02-05

Import patches-unapplied version 5.8.2-1ubuntu1 to ubuntu/focal-proposed

Imported using git-ubuntu import.

Changelog parent: b129282b9d004ab7d4b1e11c6e5d3d7b78f05e09

New changelog entries:
  * Merge with Debian unstable (LP: #1861971). Remaining changes:
    - d/control: Transition from strongswan-tnc-* being in extra packages
      to libcharon-extra-plugins (drop after 20.04)
    - d/control: Transition from former Ubuntu only libcharon-standard-plugins
      to common libcharon-extauth-plugins (drop after 20.04)
    - d/control: strongswan-starter hard-depends on strongswan-charon,
      therefore bump the dependency from Recommends to Depends. At the same
      time avoid a circular dependency by dropping
      strongswan-charon->strongswan-starter from Depends to Recommends as the
      binaries can work without the services but not vice versa.
  * Added Changes
    - d/control: build-depend on libiptc-dev to avoid FTBFS (LP: #1861975)
      This is needed due to changes in regard to Debian bug 947176 and 939243
      and can later be dropped again.

b129282... by Yves-Alexis Perez on 2020-01-01

Import patches-unapplied version 5.8.2-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: a23893f9842cf2341b983b20c5baa525c070feb4

New changelog entries:
  [ Jean-Michel Vourgère ]
  * README.Debian: Fixed typo
  [ Yves-Alexis Perez ]
  * d/control: replace iptables-dev b-dep by libip{4,6}tc-dev (Closes: #946148)
  * d/watch: use uscan special strings
  * New upstream version 5.8.2
  * d/control: update dh compat level to 12
  * strongswan-nm: update path for dbus service file
  * install DRBG plugin to libstrongswan
  * d/control: add ${misc:Pre-Depends} to strongswan-starter

a23893f... by Yves-Alexis Perez on 2019-10-18

Import patches-unapplied version 5.8.1-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 4bffc83d3daaa72c645894a8641bb5542a0c6fdd

New changelog entries:
  * d/rules: disable http and stream tests under CI
  * New upstream version 5.8.1

4bffc83... by Yves-Alexis Perez on 2019-10-05

Import patches-unapplied version 5.8.0-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 847fa18d97d70bdb38e522a2e6d7707d34e91df5

New changelog entries:
  [ Christian Ehrhardt ]
  * d/control: Mention mgf1 plugin which is in libstrongswan now
  * Complete the disabling of libfast
  * Clean up d/strongswan-starter.postinst: section about runlevel changes
  * Clean up d/strongswan-starter.postinst: opportunistic encryption
  * Enable kernel-libipsec for use of strongswan in containers
  * d/control, d/libcharon-{extras,extauth}-plugins.install: Add
    extauth-plugins package (Recommends)
  * apparmor: d/usr.lib.ipsec.charon: sync notify rule from charon-systemd
  * apparmor: fix apparmor denies reading the own FDs (LP: 1786250)
  * apparmor: d/usr.sbin.charon-systemd: allow CLUSTERIP for ha plugin
    (LP: 1773956)
  * apparmor: d/usr.lib.ipsec.stroke: executables need to be able to read map
    and execute themselves
  * apparmor: d/usr.lib.ipsec.lookip: executables need to be able to read map
    and execute themselves
  * apparmor: d/usr.sbin.swanctl: add apparmor rule for af-alg plugin
    (LP: 1807962)
  * d/control: libtpmtss is actually packaged in libstrongswan-extra-plugins
  [ Ryan Harper ]
  * Remove code related to unused debconf managed config
  [ Yves-Alexis Perez ]
  * ship xfrmi only on Linux, fix FTBFS on kfreebsd
  * d/libcharon-extra-plugins.install: drop plugins disabled in Debian
  * d/control: update standards version to 4.4.1
  * d/strongswan-starter.templates: drop runlevel_changes
  * let dh_installinit handle update-rc.d calls
  * d/salsa-ci.yml: add a salsa pipeline config
  * d/rules: drop dbgsym migration
  * strongswan-starter: update line number in lintian override

847fa18... by Yves-Alexis Perez on 2019-08-26

Import patches-unapplied version 5.8.0-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 919af4ece1aa359b213881434d110af6be942161

New changelog entries:
  [ Christian Ehrhardt ]
  * Fix fails in debian CI (Closes: #926479)
  [ Simon Deziel ]
  * d/usr.lib.ipsec.charon, d/usr.sbin.charon-systemd: add CAP_SETPCAP to
    apparmor to allow dropping caps
  * d/usr.sbin.swanctl: add attach_disconnected to work inside containers
  * d/usr.sbin.charon-systemd: allow accessing the binary
  * d/usr.sbin.swanctl: allow reading own binary
  [ Yves-Alexis Perez ]
  * New upstream version 5.8.0
  * d/control: update standards version to 4.4.0
  * use debhelper-compat b-d for dh compat level
  * d/control: bump dh compat level to 11
  * d/rules: drop systemd addon, useless in compat 11
  * strongswan-libcharon: install xfrmi binary
  * d/patches refreshed for new upstream release
  * handle renaming of systemd service files
  * d/control: remove obsolete breaks/replaces

919af4e... by Yves-Alexis Perez on 2019-01-02

Import patches-unapplied version 5.7.2-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: ea0122a943d87dc2bbf11e5e555d306d8f3a0047

New changelog entries:
  * d/control: remove Rene from Uploaders, thanks!
  * d/copyright: fix typos
  * d/watch: use HTTPS protocol
  * d/control: update standards version to 4.2.1
  * drop unused debconf template
  * use a clean export for upstream signing key
  * d/copyright update
  * New upstream version 5.7.2
  * d/copyright updated
  * d/control: update standards version to 4.3.0
  * d/libstrongswan.dirs: drop lintian overrides dir
  * d/u/signing-key.asc: strip signatures from upstream signing key
  * d/patches: import patches in gbp pq