-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Fri, 02 Jul 2002 12:25:36 +0200 Source: freeswan Binary: kernel-patch-freeswan freeswan kernel-patch-freeswan-ext Architecture: source all i386 Version: 1.98b-1 Distribution: unstable Urgency: low Maintainer: Rene Mayrhofer <rmayr@debian.org> Changed-By: Rene Mayrhofer <rmayr@debian.org> Description: freeswan - IPSEC utilities for FreeSWan kernel-patch-freeswan - IPSEC kernel support for FreeSwan kernel-patch-freeswan-ext - IPSEC kernel support for FreeSwan + modular extensions Closes: 136799 136803 137282 140059 140992 141024 141024 141293 142747 143310 148742 Changes: freeswan (1.98b-1) unstable; urgency=low . * Corrected debian/rules so that the new ext patches work again. . I don't know why my upload of 1.96-2 did not get into unstable, I uploaded twice. Maybe I did something wrong with the main -> non-US transition. This was the changelog text: * Moved from non-US to main. * Now the source package generates two different kernel-patch-freeswan packages: One with and one without the ext patches (which add AES among other ciphers). This made some restructuring of debian/rules necessary, but there are no changes that should affect the generated packages in any way (not getting in the way of the freeze). Thanks to Kyle McMartin for doing a lot of fore-work. . This somehow deals with the following bug (please use the non-ext kernel-patch package if there are problems with the ext package). This is also good for the freeze since kernel-patch-freeswan is now again back to upstream state and therefore stable. BTW: This bug can easily be avoided by either enabling the aes or the aes-opt module (and not both). Closes: #137282: freeswan kernel patch doesn't compile with AES configured The restructuring should also deal with this one: Closes: #141024: build problem . * Fixed mkx509cert.sh. I am keeping this script just for one reason (and not integrating it directly into the postinst): it will get used by some other scripts that are about to come. Therefore I did not want to have this code directly in the postinst script. Closes: #136803: mkx509cert is fubar Closes: #140059: Certificates not generated properly by install * Completed the transition to the new capabilities of the X509 patch: now the X509 key file (when created in PEM format or taken from an existing key) is copied to /etc/ipsec.d/private/<hostname<Key>.pem and this filename is put into /etc/ipsec.secrets. Therefore this file does not need to be touched anymore manually when using X509 certificates. Also fixed a small bug - thanks to Robert Bihlmeyer for discovering and sending a patch. Closes: #143310: generating a non-self-signed keypair (cert req) is broken Since fswcert is now no longer needed (there is no need to extract the RSA key from the PEM file anymore, pluto can now deal with this directly), it is not included in the upstream X509 patch. The references in README.x509 also say that this tool is optional and that it can be downloaded from the given webpage. Closes: #141293: fswcert not present * Changed the default keylength for created RSA keys. Now it is 2048 bit, conforming with the recommendation by upstream. Closes: #136799: RSA keys should default to 2048 bits * Really distribute the example configurations for the ext patches. Closes: #142747: README.Debian mentions non existant documentation . Angus Lees offered to be a co-maintainer of freeswan and I am happy about that - expect bugs to be fixed quicker when two maintainers are working on freeswan. Therefore put him into the uploaders field. He already sent me a packaged version of 1.98b, which I have (hopefully) integrated into this upload. His changelog entries were: * New upstream version (closes: #148742). * Updated the X.509 patch. * Updated the crypto extensions patch. * Add notify_delete patch from Mathieu Lafon (closes: #140992) (required a trivial change to work with crypto extensions patch). * Replace `pwd` with $(CURDIR) and remove "sh -c" braindeadness from debian/rules. * After perusing all the awk scripts, I declare that we are no longer dependent on gawk. Dependencies and (broken) debian/rules munging removed. Bug reports welcome :) (closes: #141024) * Make install-kernel-patch-freeswan debian/rules target depend on "build", so it triggers patching. Really should be moved into a separate "patch" target or something. * Set KLIPSLINK=cp rather than try and munge Makefile directly. Files: c78aeca089b49522f8362fabcdf43ecc 704 main optional freeswan_1.98b-1.dsc 12c6544009423aef10c490898a2dc556 2441410 main optional freeswan_1.98b.orig.tar.gz 04c883f88c4e4d6b3937fb8c0b319c78 406451 main optional freeswan_1.98b-1.diff.gz 878480ee34ed57b430b741d2049b192c 706478 main optional kernel-patch-freeswan_1.98b-1_all.deb 8af6dd0e2fc13949fb959ca723f9a0d1 856152 main optional kernel-patch-freeswan-ext_1.98b-1_all.deb fe7d9356bcfe84eb2e0631d304ab410c 1288702 main optional freeswan_1.98b-1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iEYEARECAAYFAj1OSJ8ACgkQq7SPDcPCS96gMwCdF0dq3CHLEfU2KCJPd/zBBAEN Fh4AnRJk0Y+TUGIMPoVNZOo9svWgYUaR =mFYp -----END PGP SIGNATURE----- Accepted: freeswan_1.98b-1.diff.gz to pool/main/f/freeswan/freeswan_1.98b-1.diff.gz freeswan_1.98b-1.dsc to pool/main/f/freeswan/freeswan_1.98b-1.dsc freeswan_1.98b-1_i386.deb to pool/main/f/freeswan/freeswan_1.98b-1_i386.deb freeswan_1.98b.orig.tar.gz to pool/main/f/freeswan/freeswan_1.98b.orig.tar.gz kernel-patch-freeswan-ext_1.98b-1_all.deb to pool/main/f/freeswan/kernel-patch-freeswan-ext_1.98b-1_all.deb kernel-patch-freeswan_1.98b-1_all.deb to pool/main/f/freeswan/kernel-patch-freeswan_1.98b-1_all.deb -- To UNSUBSCRIBE, email to debian-devel-changes-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
