]> git.ipfire.org Git - ipfire-2.x.git/commit
projects / ipfire-2.x.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fd0e08f) | patch
strongswan: Update to version 5.9.3
authorAdolf Belka <adolf.belka@ipfire.org>
Tue, 24 Aug 2021 21:29:04 +0000 (23:29 +0200)
committerArne Fitzenreiter <arne_f@ipfire.org>
Fri, 10 Sep 2021 16:57:06 +0000 (16:57 +0000)
commita41e24d4145a6163eb8f1ad5ba81a88162a532df
tree43e575cf3e19e194859d78d4889cbe458840f086tree | snapshot
parentfd0e08feb9510bd248034d24cad00e9d04da707ccommit | diff
strongswan: Update to version 5.9.3

- Update from 5.9.2 to 5.9.3
- Update of rootfile not required
- Changelog
   strongswan-5.9.3
    - Added AES_ECB, SHA-3 and SHAKE-256 support to wolfssl plugin.
    - Added AES_CCM and SHA-3 signature support to openssl plugin.
    - The x509 and openssl plugins now consider the authorityKeyIdentifier, if
      available, before verifying signatures, which avoids unnecessary signature
      verifications after a CA key rollover if both certificates are loaded.
    - The pkcs11 plugin better handles optional attributes like CKA_TRUSTED, which
      previously depended on a version check.
    - charon-nm now supports using SANs as client identities, not only full DNs.
    - charon-tkm now handles IKE encryption.
    - A MOBIKE update is sent again if a a change in the NAT mappings is detected
      but the endpoints stay the same.
    - Converted most of the test case scenarios to the vici interface

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
lfs/strongswan diff | blob | blame | history
IPFire 2.x development tree