diff options
Diffstat (limited to 'debian/control')
| -rw-r--r-- | debian/control | 280 |
1 files changed, 280 insertions, 0 deletions
diff --git a/debian/control b/debian/control new file mode 100644 index 000000000..79f2603a9 --- /dev/null +++ b/debian/control @@ -0,0 +1,280 @@ +Source: strongswan +Section: net +Priority: optional +Maintainer: strongSwan Maintainers <pkg-swan-devel@lists.alioth.debian.org> +Uploaders: Rene Mayrhofer <rmayr@debian.org>, + Yves-Alexis Perez <corsac@debian.org>, + Romain Francoise <rfrancoise@debian.org> +Standards-Version: 3.9.5 +Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-swan/strongswan.git;a=summary +Vcs-Git: git://anonscm.debian.org/pkg-swan/strongswan.git +Build-Depends: debhelper (>= 9), dpkg-dev (>= 1.16.2), libtool, libgmp3-dev, + libssl-dev (>= 0.9.8), libcurl4-openssl-dev | libcurl3-dev | libcurl2-dev, + libldap2-dev, libpam0g-dev, libkrb5-dev, bison, flex, bzip2, po-debconf, + hardening-wrapper, libfcgi-dev, clearsilver-dev, + libxml2-dev, libsqlite3-dev, network-manager-dev (>= 0.7) [linux-any], + libnm-glib-vpn-dev (>= 0.7) [linux-any], libnm-util-dev (>= 0.7) [linux-any], + gperf, libcap-dev [linux-any], dh-autoreconf +Homepage: http://www.strongswan.org + +Package: strongswan +Architecture: all +Depends: ${misc:Depends}, strongswan-charon, strongswan-starter +Description: IPsec VPN solution metapackage + The strongSwan VPN suite uses the native IPsec stack in the standard Linux + kernel. It supports both the IKEv1 and IKEv2 protocols. + . + This metapackage installs the packages required to maintain IKEv1 and IKEv2 + connections via ipsec.conf or ipsec.secrets. + +Package: libstrongswan +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Conflicts: strongswan (<< 4.2.12-1) +Breaks: strongswan-ikev2 (<< 4.6.4) +Replaces: strongswan-ikev2 (<< 4.6.4) +Recommends: libstrongswan-standard-plugins +Suggests: libstrongswan-extra-plugins +Description: strongSwan utility and crypto library + The strongSwan VPN suite uses the native IPsec stack in the standard + Linux kernel. It supports both the IKEv1 and IKEv2 protocols. + . + This package provides the underlying libraries of charon and other strongSwan + components. It is built in a modular way and is extendable through various + plugins. + . + Some default (as specified by the strongSwan projet) plugins are included. + For libstrongswan (cryptographic backends, URI fetchers and database layers): + - aes (AES-128/192/256 cipher software implementation) + - constraints (X.509 certificate advanced constraint checking) + - dnskey (Parse RFC 4034 public keys) + - fips-prf (PRF specified by FIPS, used by EAP-SIM/AKA algorithms) + - gmp (RSA/DH crypto backend based on libgmp) + - hmac (HMAC wrapper using various hashers) + - md5 (MD5 hasher software implementation) + - nonce (Default nonce generation plugin) + - pem (PEM encoding/decoding routines) + - pgp (PGP encoding/decoding routines) + - pkcs1 (PKCS#1 encoding/decoding routines) + - pkcs8 (PKCS#8 decoding routines) + - pkcs12 (PKCS#12 decoding routines) + - pubkey (Wrapper to handle raw public keys as trusted certificates) + - random (RNG reading from /dev/[u]random) + - rc2 (RC2 cipher software implementation) + - revocation (X.509 CRL/OCSP revocation checking) + - sha1 (SHA1 hasher software implementation) + - sha2 (SHA256/SHA384/SHA512 hasher software implementation) + - sshkey (SSH key decoding routines) + - x509 (Advanced X.509 plugin for parsing/generating X.509 certificates/CRLs + and OCSP messages) + - xcbc (XCBC wrapper using various ciphers) + For libhydra (IKE daemon plugins): + - attr (Provides IKE attributes configured in strongswan.conf) + - kernel-netlink [linux] (IPsec/Networking kernel interface using Linux + Netlink) + - kernel-pfkey [kfreebsd] (IPsec kernel interface using PF_KEY) + - kernel-pfroute [kfreebsd] (Networking kernel interface using PF_ROUTE) + - resolve (Writes name servers received via IKE to a resolv.conf file or + installs them via resolvconf(8)) + +Package: libstrongswan-standard-plugins +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, libstrongswan (= ${binary:Version}) +Breaks: libstrongswan (<= 5.1.1-1), strongswan-ike (<= 5.1.1-1) +Replaces: libstrongswan (<= 5.1.1-1),strongswan-ike (<= 5.1.1-1) +Description: strongSwan utility and crypto library (standard plugins) + The strongSwan VPN suite uses the native IPsec stack in the standard + Linux kernel. It supports both the IKEv1 and IKEv2 protocols. + . + This package provides some common plugins for the strongSwan utility and + cryptograhic library. + . + Included plugins are: + - agent (RSA/ECDSA private key backend connecting to SSH-Agent) + - gcm (GCM cipher mode wrapper) + - openssl (Crypto backend based on OpenSSL, provides + RSA/ECDSA/DH/ECDH/ciphers/hashers/HMAC/X.509/CRL/RNG) + +Package: libstrongswan-extra-plugins +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, libstrongswan (= ${binary:Version}) +Breaks: libstrongswan (<= 5.1.1-1), strongswan-ike (<= 5.1.1-1) +Replaces: libstrongswan (<= 5.1.1-1),strongswan-ike (<= 5.1.1-1) +Description: strongSwan utility and crypto library (extra plugins) + The strongSwan VPN suite uses the native IPsec stack in the standard + Linux kernel. It supports both the IKEv1 and IKEv2 protocols. + . + This package provides extra plugins for the strongSwan utility and + cryptograhic library. + . + Included plugins are: + - af-alg [linux] (AF_ALG Linux crypto API interface, provides + ciphers/hashers/hmac/xcbc) + - ccm (CCM cipher mode wrapper) + - cmac (CMAC cipher mode wrapper) + - ctr (CTR cipher mode wrapper) + - curl (libcurl based HTTP/FTP fetcher) + - gcrypt (Crypto backend based on libgcrypt, provides + RSA/DH/ciphers/hashers/rng) + - ldap (LDAP fetching plugin based on libldap) + - padlock (VIA padlock crypto backend, provides AES128/SHA1) + - pkcs11 (PKCS#11 smartcard backend) + - rdrand (High quality / high performance random source using the Intel + rdrand instruction found on Ivy Bridge processors) + - test-vectors (Set of test vectors for various algorithms) + +Package: libcharon-extra-plugins +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, libstrongswan (= ${binary:Version}) +Breaks: libstrongswan (<= 5.1.1-1), strongswan-ike (<= 5.1.1-1) +Replaces: libstrongswan (<= 5.1.1-1),strongswan-ike (<= 5.1.1-1) +Description: strongSwan charon library (extra plugins) + The strongSwan VPN suite uses the native IPsec stack in the standard + Linux kernel. It supports both the IKEv1 and IKEv2 protocols. + . + This package provides extra plugins for the charon library: + - addrblock (Narrow traffic selectors to RFC 3779 address blocks in X.509 + certificates) + - certexpire (Export expiration dates of used certificates) + - eap-aka (Generic EAP-AKA protocol handler using different backends) + - eap-gtc (EAP-GTC protocol handler authenticating with XAuth backends) + - eap-identity (EAP-Identity identity exchange algorithm, to use with other + EAP protocols) + - eap-md5 (EAP-MD5 protocol handler using passwords) + - eap-mschapv2 (EAP-MSCHAPv2 protocol handler using passwords/NT hashes) + - eap-radius (EAP server proxy plugin forwarding EAP conversations to a + RADIUS server) + - eap-tls (EAP-TLS protocol handler, to authenticate with certificates in + EAP) + - eap-tnc (EAP-TNC protocol handler, Trusted Network Connect in a TLS tunnel) + - eap-ttls (EAP-TTLS protocol handler, wraps other EAP methods securely) + - error-notify (Notification about errors via UNIX socket) + - ha (High-Availability clustering) + - led (Let Linux LED subsystem LEDs blink on IKE activity) + - lookip (Virtual IP lookup facility using a UNIX socket) + - medcli (Web interface based mediation client interface) + - medsrv (Web interface based mediation server interface) + - tnc (Trusted Network Connect) + - unity (Cisco Unity extensions for IKEv1) + - xauth-eap (XAuth backend that uses EAP methods to verify passwords) + - xauth-generic (Generic XAuth backend that provides passwords from + ipsec.secrets and other credential sets) + - xauth-pam (XAuth backend that uses PAM modules to verify passwords) + +Package: strongswan-dbg +Architecture: any +Section: debug +Priority: extra +Depends: ${misc:Depends}, strongswan, libstrongswan (= ${binary:Version}) +Description: strongSwan library and binaries - debugging symbols + The strongSwan VPN suite uses the native IPsec stack in the standard + Linux kernel. It supports both the IKEv1 and IKEv2 protocols. + . + This package provides the symbols needed for debugging of strongSwan. + +Package: strongswan-starter +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, libstrongswan (= + ${binary:Version}), adduser +Recommends: strongswan-charon +Conflicts: strongswan (<< 4.2.12-1), openswan +Description: strongSwan daemon starter and configuration file parser + The strongSwan VPN suite uses the native IPsec stack in the standard + Linux kernel. It supports both the IKEv1 and IKEv2 protocols. + . + The starter and the associated "ipsec" script control the charon daemon from + the command line. It parses ipsec.conf and loads the configurations to the + daemon. + +Package: strongswan-libcharon +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, libstrongswan (= ${binary:Version}) +Suggests: libcharon-extra-plugins +Breaks: libstrongswan (<= 5.1.1-1) +Replaces: strongswan-ike, libstrongswan (<= 5.1.1-1) +Description: strongSwan charon library + The strongSwan VPN suite uses the native IPsec stack in the standard + Linux kernel. It supports both the IKEv1 and IKEv2 protocols. + . + This package contains the charon library, used by IKE client like + strongswan-charon, strongswan-charon-cmd or strongswan-nm + +Package: strongswan-charon +Architecture: any +Pre-Depends: debconf | debconf-2.0 +Depends: ${shlibs:Depends}, ${misc:Depends}, + libstrongswan (= ${binary:Version}), strongswan-starter, iproute [linux-any] +Provides: ike-server +Breaks: libstrongswan (<= 5.1.1-1), strongswan-ike (<= 5.1.1-1) +Replaces: strongswan-ikev1, strongswan-ikev2, libstrongswan (<= 5.1.1-1), strongswan-ike (<= 5.1.1-1) +Description: strongSwan Internet Key Exchange daemon + The strongSwan VPN suite uses the native IPsec stack in the standard + Linux kernel. It supports both the IKEv1 and IKEv2 protocols. + . + charon is an IPsec IKEv2 daemon which can act as an initiator or a responder. + It is written from scratch using a fully multi-threaded design and a modular + architecture. Various plugins can provide additional functionality. + +Package: strongswan-ike +Architecture: all +Section: oldlibs +Priority: extra +Depends: ${shlibs:Depends}, ${misc:Depends}, strongswan-charon +Description: strongSwan Internet Key Exchange daemon (transitional package) + The strongSwan VPN suite uses the native IPsec stack in the standard + Linux kernel. It supports both the IKEv1 and IKEv2 protocols. + . + This package used to install version 5 of the charon daemon and has been + replaced by the strongswan-charon package. This package can be safely removed + once it's installed. + +Package: strongswan-nm +Architecture: linux-any +Depends: ${shlibs:Depends}, ${misc:Depends} +Recommends: network-manager-strongswan +Description: strongSwan plugin to interact with NetworkManager + The strongSwan VPN suite uses the native IPsec stack in the standard + Linux kernel. It supports both the IKEv1 and IKEv2 protocols. + . + This plugin provides an interface which allows NetworkManager to configure + and control the IKEv2 daemon directly through D-Bus. It is designed to work + in conjunction with the network-manager-strongswan package, providing + a simple graphical frontend to configure IPsec based VPNs. + +Package: strongswan-ikev1 +Architecture: all +Depends: ${misc:Depends}, strongswan-ike +Section: oldlibs +Priority: extra +Description: strongSwan IKEv1 daemon, transitional package + The strongSwan VPN suite uses the native IPsec stack in the standard + Linux kernel. It supports both the IKEv1 and IKEv2 protocols. + . + This package used to install the pluto daemon, implementing the IKEv1 + protocol. It has been replaced by charon in the strongswan-ike package, so + this package can be safely removed once it's installed. + +Package: strongswan-ikev2 +Architecture: all +Depends: ${misc:Depends}, strongswan-ike +Section: oldlibs +Priority: extra +Description: strongSwan IKEv2 daemon, transitional package + The strongSwan VPN suite uses the native IPsec stack in the standard + Linux kernel. It supports both the IKEv1 and IKEv2 protocols. + . + This package used to install the charon daemon, implementing the IKEv2 + protocol. It has been replaced the strongswan-ike package, so it can be safely + removed. + +Package: charon-cmd +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, libstrongswan (= ${binary:Version}) +Breaks: strongswan-ike (<= 5.1.1-1) +Replaces: strongswan-ike (<= 5.1.1-1) +Description: standalone IPsec client + The strongSwan VPN suite uses the native IPsec stack in the standard + Linux kernel. It supports both the IKEv1 and IKEv2 protocols. + . + This package contains the charon-cmd command, which can be used as a client to + connect to a remote IKE daemon. |