Overview

File openswan.changes of Package openswan

-------------------------------------------------------------------
Fri Sep  5 10:36:30 CEST 2008 - mt@suse.de

- Updated from openswan-2.4.7 to 2.6.16, a new version series. It
  adopts to the actual NETKEY code in the linux kernel, provides
  many fixes and implements new features, as IKEv2 / IPv6 support.
  Review the CHANGES file for all details.
- Dropped obsolete patches and hooks, adopted other patches and
  the spec file.

-------------------------------------------------------------------
Mon Sep 10 15:26:56 CEST 2007 - mt@suse.de

- Moved html and man3 documentation into openswan-doc
- Added a Short-Description LSB tag and $remote_fs start
  requirement to the init script (openswan_40_rcscript.dif)
- Added stop_on_removal/restart_on_update to rpm pre/postun 
- Cleaned up installation of the documentation as well as
  another problems mentioned by rpmlint.

-------------------------------------------------------------------
Thu Jun 21 17:25:11 CEST 2007 - adrian@suse.de

- fix changelog entry order

-------------------------------------------------------------------
Fri Mar 23 13:50:14 CET 2007 - mt@suse.de

- Bug #234042: Changed back internal nhelpers option default to
  use number of CPU-1 crypto worker. Added fallback to perform
  inline calculations in main process, when all worker are busy.
  Obsolete patch file: openswan_16_nhelpers_default.dif
  New patch file name: openswan_16_crypto_inline_fallback.dif

-------------------------------------------------------------------
Fri Mar 16 19:58:00 CET 2007 - mt@suse.de

- Bug #234042: Applied proposed patch fixing bogus crypto helper
  management code. The number of crypto helpers (nhelpers option)
  has to be set at least to number of tunnels/2 + 1 to take effect.
  New patch file: openswan_15_crypto_helper_fix.dif
- Bug #234042: Applied fix to display correct crypto helper number
  in debug output of the pluto_do_crypto_op function. Changed the
  default of the nhelpers option to 0 (instead of number of CPU-1).
  This disables the crypto helpers by default (inline calculation).
  New patch file: openswan_16_nhelpers_default.dif

-------------------------------------------------------------------
Fri Jan 19 11:08:15 CET 2007 - mt@suse.de

- Updated to openswan-2.4.7, providing interop fix for Sonicwall
  and many other fixes and cleanups, see CHANGES file.
- Adopted patches, removed obsolete patches:
  openswan_35_quiet-insmod.dif, openswan_37_aes_insmod.dif

-------------------------------------------------------------------
Thu Jan 18 16:41:02 CET 2007 - mt@suse.de

- Minimal patch fixing strncat calls and casts breaking strict
  aliasing rules as mentioned by the compiler, Bug #233586

-------------------------------------------------------------------
Wed Aug 30 14:47:36 CEST 2006 - mt@suse.de

- updated to openswan-2.4.6, adopted patches. Now, the default
  ipsec.conf file contains "nhelpers=0" to avoid "failed to find
  any available worker" problems -- see also Bug #186061.

-------------------------------------------------------------------
Thu Mar 16 12:31:28 CET 2006 - mt@suse.de

- Bug #148385, fixed further documentation inconsistence
  pointed out by Martin Mrazik.

-------------------------------------------------------------------
Thu Mar  9 03:08:30 CET 2006 - mt@suse.de

- Bug #148385, fixed "ipsec auto" parameter in html docs
  (different file, same bug).

-------------------------------------------------------------------
Wed Feb  8 12:31:31 CET 2006 - mt@suse.de

- Bug #148385, fixed "ipsec auto" parameter in html docs.

-------------------------------------------------------------------
Wed Jan 25 21:39:07 CET 2006 - mls@suse.de

- converted neededforbuild to BuildRequires

-------------------------------------------------------------------
Sat Jan 14 18:44:48 CET 2006 - kukuk@suse.de

- Add gmp-devel to nfb

-------------------------------------------------------------------
Mon Dec 19 15:12:53 CET 2005 - ro@suse.de

- remove unpackaged symlinks 

-------------------------------------------------------------------
Fri Nov 18 18:06:32 CET 2005 - mt@suse.de

- Updated to openswan-2.4.4 fixing 3DES and aggressive mode
  related deny of service (VU#226364, 273756/NISCC/ISAKMP)
  as well as other issues. Bug #134158.
- Fixed link generation regex (openswan_08_doc-man2html.dif)
- Removed man2html source - not used any more to generate docs.

-------------------------------------------------------------------
Thu Oct 27 15:47:00 CEST 2005 - mt@suse.de

- Updated to openswan-2.4.0 (final). It does not provide any
  relevant changes in the source code (klips natt info only).
- Fixed Bug #116413 generation/installation of the html docs.

-------------------------------------------------------------------
Wed Sep  7 11:59:31 CEST 2005 - mt@suse.de

- Updated to openswan-2.4.0rc5 adding fix to dead peer
  detection cleanup and updown script. Adopted patches.
- Fixed return codes for "rcipsec status".

-------------------------------------------------------------------
Fri Aug 26 19:14:29 CEST 2005 - mt@suse.de

- Updated to openswan 2.4.0rc4 adding minor fixes
- Added workaround "plutowait=yes" setting to avoid failures of a
  first connect attempt in case where all crypto helpers was busy
  with setup of an other tunnel (Bug #412 on openswan.org).
  new patch file: openswan_42_plutowait-yes.dif

-------------------------------------------------------------------
Tue Aug 23 12:53:31 CEST 2005 - mt@suse.de

- Updated to openswan 2.4.0rc3 fixing a pluto crash when used
  with multiple L2TP/IPsec clients in transport mode behind NAT

-------------------------------------------------------------------
Fri Aug 19 15:11:39 CEST 2005 - mt@suse.de

- Updated to openswan 2.4.0rc1; obsoletetes patches:
  openswan_05_checkv199.dif, openswan_11_yyerror.dif,
  openswan_13_system.dif, openswan_20_noslave.dif,
  openswan_21_sigmask.dif, openswan_25_noxauth.dif,
  openswan_30_newhostkey.dif, openswan_36_ipsec_look.dif
- Applied diverse fixes for signed issues from cvs head:
  new patch file: openswan_11_gcc4cvshead.dif

-------------------------------------------------------------------
Tue Aug 16 11:18:30 CEST 2005 - mt@suse.de

- added dummy states if aggressive mode is disabled to
  avoid build dependend state numbering (from CVS head)

-------------------------------------------------------------------
Wed Aug  3 14:33:09 CEST 2005 - mt@suse.de

- improved aggressive mode patch openswan_24_noaggressive.dif
- merged updown patches 32 and 33 into openswan_32_updown-nexthop.dif,
  added skiping to add a route in some host to host tunnel cases
- renamed 36_sourceip-mask patch to openswan_33_updown-srcmask.dif
- renamed 12_gcc4sign patch to openswan_12_socklen.dif, improved
- renamed 13_gcc4warn patch to openswan_13_system.dif, improved
- added checks to ipsec look command to avoid "no such file" errors.
  new patch file: openswan_36_ipsec_look.dif
- workaround to load aes-$arch crypto module if not aliased (x86_64)
  new patch file: openswan_37_aes_insmod.dif

-------------------------------------------------------------------
Mon Jul  4 17:12:50 CEST 2005 - mt@suse.de

- Bug #66215: patch for updown script to solve SNAT/MASQUERADE
  problems with recent kernels, using netmask of the remote (peer)
  network instead of /32 for source address.
  New patch file: openswan_36_sourceip-mask.dif

-------------------------------------------------------------------
Mon Jul  4 15:09:05 CEST 2005 - mt@suse.de

- removed most of the GCC4 patch (openswan_12_gcc4sign.dif)
  because it breaks at least the asn1 decoding (pem parsing).

-------------------------------------------------------------------
Thu Jun 30 15:35:04 CEST 2005 - mt@suse.de

- added openswan_24_noaggressive.dif and openswan_25_noxauth.dif
  patches fixing dependencies to USE_AGGRESSIVE USE_XAUTH flags
- disabled AGGRESSIVE and XAUTH in openswan_00_features.dif
- added a openswan prefix to several source files

-------------------------------------------------------------------
Sat May  7 03:04:59 CEST 2005 - mt@suse.de

- added openswan_13_gcc4warn.dif patch, fixing diverse unused
  system() return codes mentioned by gcc4 in code using -Werror

-------------------------------------------------------------------
Sat May  7 02:00:06 CEST 2005 - mt@suse.de

- fixed GCC4 patch

-------------------------------------------------------------------
Sat May  7 00:59:25 CEST 2005 - mt@suse.de

- started to update to openswan-2.3.1
- adopted patches to match new sources
- renamed all patches to contain a number for
  manual applying and end with a .dif suffix

-------------------------------------------------------------------
Wed May  4 14:10:35 CEST 2005 - yxu@suse.de

- fixed for GCC4 

-------------------------------------------------------------------
Mon Mar 21 17:20:44 CET 2005 - mt@suse.de

- Bug #73863: added patch for _updown script to skip using nexthop
  (via parameter for ip route) if it is not reachable through any
  directly connected network (but via default route only).
  new patch file: openswan-updown-nexthop-not-local.dif

-------------------------------------------------------------------
Fri Jan 14 14:27:47 CET 2005 - ro@suse.de

- use sigprocmask instead of sigsetmask in invokepluto 

-------------------------------------------------------------------
Sun Sep 26 17:56:55 CEST 2004 - garloff@suse.de

- Fix initscript exit codes and messages. [#42604]

-------------------------------------------------------------------
Sat Sep 18 23:30:17 CEST 2004 - garloff@suse.de

- Update to openswan-2.2.0: Fixes for SA Selectors on 2.6.
- Add README.SUSE [#44368].

-------------------------------------------------------------------
Mon Sep  6 12:02:46 CEST 2004 - garloff@suse.de

- Update to openswan-2.2.0dr4: NAT-T & X.509 security fixes
- Drop openswan-dont-try-espinudp-on-ipv6.diff (integrated upstream)
- Drop openswan-natt.diff (integrated upstream)

-------------------------------------------------------------------
Sun Aug 29 02:02:40 CEST 2004 - garloff@suse.de

- Drop notification message.

-------------------------------------------------------------------
Thu Aug 19 10:54:44 CEST 2004 - garloff@suse.de

- Fix _realsetup script.

-------------------------------------------------------------------
Mon Aug 16 16:29:38 CEST 2004 - garloff@suse.de

- Fix noklips patch (but leave it disabled)
- NAT-T patch: The last message could have been wrongly be sent via
  the established tunnel.

-------------------------------------------------------------------
Fri Aug 13 17:50:54 CEST 2004 - garloff@suse.de

- Initial creation of openswan-2.2.0dr3
- Reuse many of the freeswan2 patches
openSUSE Build Service is sponsored by
Places