diff mbox series

strongswan: Update to version 6.0.2

Message ID 20250721212601.3400729-12-adolf.belka@ipfire.org
State Staged
Commit 6502d48b6bc8c442331112669afe892a38b02691
Headers
Series strongswan: Update to version 6.0.2 |

Commit Message

Adolf Belka 21 Jul 2025, 9:26 p.m. UTC 
- Update from version 6.0.1 to 6.0.2
- Update of rootfile
- Changelog
    6.0.2
	- Support for per-CPU SAs (RFC 9611) has been added (Linux 6.13+).
	- Basic support for AGGFRAG mode (RFC 9347) has been added (Linux 6.14+).
	- POSIX regular expressions can be used to match remote identities.
	- Switching configs based on EAP-Identities is supported. Setting
	  `remote.eap_id` now always initiates an EAP-Identity exchange.
	- On Linux, sequence numbers from acquires are used when installing SAs. This
	  allows handling narrowing properly.
	- During rekeying, the narrowed traffic selectors are now proposed instead of
	  the configured ones.
	- The default AH/ESP proposals contain all supported key exchange methods plus
	  `none` to make PFS optional and accept proposals of older peers.
	- GRO for ESP in enabled for NAT-T UDP sockets, which can improve performance
	  if the esp4|6_offload modules are loaded.
	- charon-nm sets the VPN connection as persistent, preventing NetworkManager
	  from tearing down the connection if the network connectivity changes.
	- ML-KEM is supported via OpenSSL 3.5+.
	- The wolfssl plugin is now compatible to wolfSSL's FIPS module.
	- The libsoup plugin has been migrated to libsoup 3, libsoup 2 is not supported
	  anymore.
	- The long defunct uci plugin has been removed.
	- Log messages by watcher_t are now logged in a separate log group (`wch`).

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
 config/rootfiles/common/strongswan | 2 ++
 lfs/strongswan                     | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)
diff mbox series

Patch

diff --git a/config/rootfiles/common/strongswan b/config/rootfiles/common/strongswan
index cd446d1e9..48f4fdf43 100644
--- a/config/rootfiles/common/strongswan
+++ b/config/rootfiles/common/strongswan
@@ -62,6 +62,7 @@  etc/strongswan.d/charon/xauth-eap.conf
 etc/strongswan.d/charon/xauth-generic.conf
 etc/strongswan.d/charon/xauth-noauth.conf
 etc/strongswan.d/charon/xcbc.conf
+etc/strongswan.d/iptfs.conf
 etc/strongswan.d/pki.conf
 etc/strongswan.d/starter.conf
 etc/strongswan.d/swanctl.conf
@@ -241,6 +242,7 @@  usr/sbin/swanctl
 #usr/share/strongswan/templates/config/strongswan.d
 #usr/share/strongswan/templates/config/strongswan.d/charon-logging.conf
 #usr/share/strongswan/templates/config/strongswan.d/charon.conf
+#usr/share/strongswan/templates/config/strongswan.d/iptfs.conf
 #usr/share/strongswan/templates/config/strongswan.d/pki.conf
 #usr/share/strongswan/templates/config/strongswan.d/starter.conf
 #usr/share/strongswan/templates/config/strongswan.d/swanctl.conf
diff --git a/lfs/strongswan b/lfs/strongswan
index 921dbe5e0..7075ab7ef 100644
--- a/lfs/strongswan
+++ b/lfs/strongswan
@@ -24,7 +24,7 @@ 
 
 include Config
 
-VER        = 6.0.1
+VER        = 6.0.2
 
 THISAPP    = strongswan-$(VER)
 DL_FILE    = $(THISAPP).tar.bz2
@@ -43,7 +43,7 @@  objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 5c751073412ce25dd06400043b8daaa9751052b7f686c46ef7b6fc8e8e4f622dd58e30b1eed634a75174a8032a1ece2c24bf5809689152927539c12e2d25edbf
+$(DL_FILE)_BLAKE2 = 3cfc248831832a9b75da549fcaf490a4a0c33e2f680e04a02d04a035c05215ae0236f1fdcdb4a00b71b5a08d07626e8028959045aff1b77827c21fe7e1fb13ad
 
 install : $(TARGET)