- New upstream release.

- Don't disable internal crypto plugins, pluto expects to find them in
  some cases.
- Enable integrity checking.

2 files changed, 17 insertions, 3 deletions

diff --git a/debian/changelog b/debian/changelog
index ad23eba11..997d2ac95 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,19 @@
+strongswan (4.3.4-1) unstable; urgency=low
+
+  * New upstream release.
+  * This release supports integrity checking of libraries, which is
+    now enabled at build-time and can be enabled at run-time using 
+        libstrongswan {
+          integrity_test = yes
+        }
+    in /etc/strongswan.conf.
+  * Don't disable internal crypto libraries for pluto. They might be
+    required when working with older ipsec.conf files.
+  * charon now supports "include" directives in ipsec.secrets for
+    compatibility with how the maintainer script includes RSA private keys.
+
+ -- Rene Mayrhofer <rene@mayrhofer.eu.org>  Wed, 21 Oct 2009 11:14:56 +0000
+
 strongswan (4.3.2-1) unstable; urgency=HIGH
 
   Urgency high because of security issue and FTBFS.
diff --git a/debian/rules b/debian/rules
index aaf03f971..8b9219a8e 100755
--- a/debian/rules
+++ b/debian/rules
@@ -20,9 +20,7 @@ CONFIGUREARGS := --prefix=/usr --sysconfdir=/etc --localstatedir=/var \
 		--enable-openssl --enable-agent \
 		--enable-eap-radius --enable-eap-identity --enable-eap-md5 \
 		--enable-eap-gtc --enable-eap-aka --enable-eap-mschapv2 \
-		--enable-sql \
-		--disable-aes --disable-des --disable-fips-prf --disable-gmp \
-		--disable-md5 --disable-sha1 --disable-sha2 \
+		--enable-sql --enable-integrity-test \
 		--enable-nm
 	# Could enable --enable-nat-transport, but this is actually insecure,
 	# so don't!