strongswan: Disable obviously broken crypto

Blowfish and RC2 are very broken and nowhere in use at all.
To avoid that these get used by accident, we just delete the
internal modules that implement it.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/strongswan/strongswan.nm b/strongswan/strongswan.nm
index 40aa0747e64d23afd4d6cecb927372cef02cd67d..a2a48eb2799f36ccdf12e3e9736ca1eca5f85427 100644 (file)
--- a/strongswan/strongswan.nm
+++ b/strongswan/strongswan.nm
@@ -5,7 +5,7 @@
 
 name       = strongswan
 version    = 5.5.3
-release    = 1
+release    = 2
 
 groups     = Networking/VPN
 url        = http://www.strongswan.org/
@@ -63,6 +63,8 @@ build
                --enable-eap-peap \
                --enable-eap-mschapv2 \
                --enable-eap-identity \
+               --disable-blowfish \
+               --disable-rc2 \
                --with-capabilities=libcap \
                --enable-unbound \
                --enable-systemd