New changelog entries:
* re-add post-quantum computer signature scheme (BLISS) and encryption
algorithm (NTRU) as well as the dependent nttfft library (LP: #1863749)
- d/control: mention plugins in package description
- d/rules: enable ntru and bliss at build time
- d/libstrongswan-extra-plugins.install: ship config and shared objects
New changelog entries:
* Merge with Debian unstable (LP: #1861971). Remaining changes:
- d/control: Transition from strongswan-tnc-* being in extra packages
to libcharon-extra-plugins (drop after 20.04)
- d/control: Transition from former Ubuntu only libcharon-standard-plugins
to common libcharon-extauth-plugins (drop after 20.04)
- d/control: strongswan-starter hard-depends on strongswan-charon,
therefore bump the dependency from Recommends to Depends. At the same
time avoid a circular dependency by dropping
strongswan-charon->strongswan-starter from Depends to Recommends as the
binaries can work without the services but not vice versa.
* Added Changes
- d/control: build-depend on libiptc-dev to avoid FTBFS (LP: #1861975)
This is needed due to changes in regard to Debian bug 947176 and 939243
and can later be dropped again.
New changelog entries:
[ Christian Ehrhardt ]
* d/control: Mention mgf1 plugin which is in libstrongswan now
* Complete the disabling of libfast
* Clean up d/strongswan-starter.postinst: section about runlevel changes
* Clean up d/strongswan-starter.postinst: opportunistic encryption
* Enable kernel-libipsec for use of strongswan in containers
* d/control, d/libcharon-{extras,extauth}-plugins.install: Add
extauth-plugins package (Recommends)
* apparmor: d/usr.lib.ipsec.charon: sync notify rule from charon-systemd
* apparmor: fix apparmor denies reading the own FDs (LP: 1786250)
* apparmor: d/usr.sbin.charon-systemd: allow CLUSTERIP for ha plugin
(LP: 1773956)
* apparmor: d/usr.lib.ipsec.stroke: executables need to be able to read map
and execute themselves
* apparmor: d/usr.lib.ipsec.lookip: executables need to be able to read map
and execute themselves
* apparmor: d/usr.sbin.swanctl: add apparmor rule for af-alg plugin
(LP: 1807962)
* d/control: libtpmtss is actually packaged in libstrongswan-extra-plugins
[ Ryan Harper ]
* Remove code related to unused debconf managed config
[ Yves-Alexis Perez ]
* ship xfrmi only on Linux, fix FTBFS on kfreebsd
* d/libcharon-extra-plugins.install: drop plugins disabled in Debian
* d/control: update standards version to 4.4.1
* d/strongswan-starter.templates: drop runlevel_changes
* let dh_installinit handle update-rc.d calls
* d/salsa-ci.yml: add a salsa pipeline config
* d/rules: drop dbgsym migration
* strongswan-starter: update line number in lintian override
New changelog entries:
[ Christian Ehrhardt ]
* Fix fails in debian CI (Closes: #926479)
[ Simon Deziel ]
* d/usr.lib.ipsec.charon, d/usr.sbin.charon-systemd: add CAP_SETPCAP to
apparmor to allow dropping caps
* d/usr.sbin.swanctl: add attach_disconnected to work inside containers
* d/usr.sbin.charon-systemd: allow accessing the binary
* d/usr.sbin.swanctl: allow reading own binary
[ Yves-Alexis Perez ]
* New upstream version 5.8.0
* d/control: update standards version to 4.4.0
* use debhelper-compat b-d for dh compat level
* d/control: bump dh compat level to 11
* d/rules: drop systemd addon, useless in compat 11
* strongswan-libcharon: install xfrmi binary
* d/patches refreshed for new upstream release
* handle renaming of systemd service files
* d/control: remove obsolete breaks/replaces
New changelog entries:
* d/control: remove Rene from Uploaders, thanks!
* d/copyright: fix typos
* d/watch: use HTTPS protocol
* d/control: update standards version to 4.2.1
* drop unused debconf template
* use a clean export for upstream signing key
* d/copyright update
* New upstream version 5.7.2
* d/copyright updated
* d/control: update standards version to 4.3.0
* d/libstrongswan.dirs: drop lintian overrides dir
* d/u/signing-key.asc: strip signatures from upstream signing key
* d/patches: import patches in gbp pq