openswan-2.6.32-37.el6.x86_64.rpm


Advertisement

Description

openswan - IPSEC implementation with IKEv1 and IKEv2 keying protocols

Property Value
Distribution CentOS 6
Repository CentOS x86_64
Package filename openswan-2.6.32-37.el6.x86_64.rpm
Package name openswan
Package version 2.6.32
Package release 37.el6
Package architecture x86_64
Package type rpm
Category System Environment/Daemons
Homepage http://www.openswan.org/
License GPLv2+
Maintainer -
Download size 907.66 KB
Installed size 2.62 MB
Openswan is a free implementation of IPsec & IKE for Linux.  IPsec is
the Internet Protocol Security and uses strong cryptography to provide
both authentication and encryption services.  These services allow you
to build secure tunnels through untrusted networks.  Everything passing
through the untrusted net is encrypted by the ipsec gateway machine and
decrypted by the gateway at the other end of the tunnel.  The resulting
tunnel is a virtual private network or VPN.
This package contains the daemons and userland tools for setting up
Openswan. It supports the NETKEY/XFRM IPsec kernel stack that exists
in the default Linux kernel.
Openswan 2.6.x also supports IKEv2 (RFC4306)

Alternatives

Package Version Architecture Repository
openswan-2.6.32-37.el6.lux.1.x86_64.rpm 2.6.32 x86_64 Lux
openswan-2.6.32-37.el6.i686.rpm 2.6.32 i686 CentOS
openswan - - -

Requires

Name Value
/sbin/chkconfig -
/sbin/service -
/usr/bin/perl -
bash -
chkconfig -
coreutils -
curl -
initscripts -
libc.so.6(GLIBC_2.7)(64bit) -
libcap-ng.so.0()(64bit) -
libcrypt.so.1()(64bit) -
libcrypt.so.1(GLIBC_2.2.5)(64bit) -
libcurl.so.4()(64bit) -
libfipscheck.so.1()(64bit) -
libgmp.so.3()(64bit) -
liblber-2.4.so.2()(64bit) -
libldap-2.4.so.2()(64bit) -
libnspr4.so()(64bit) -
libnss3.so()(64bit) -
libnss3.so(NSS_3.12.3)(64bit) -
libnss3.so(NSS_3.2)(64bit) -
libnss3.so(NSS_3.3)(64bit) -
libnss3.so(NSS_3.4)(64bit) -
libnss3.so(NSS_3.5)(64bit) -
libplc4.so()(64bit) -
libpthread.so.0()(64bit) -
libpthread.so.0(GLIBC_2.2.5)(64bit) -
libpthread.so.0(GLIBC_2.3.2)(64bit) -
libpthread.so.0(GLIBC_2.3.4)(64bit) -
libresolv.so.2()(64bit) -
libresolv.so.2(GLIBC_2.2.5)(64bit) -
libselinux.so.1()(64bit) -
openldap -
perl(Getopt::Long) -
rtld(GNU_HASH) -

Provides

Name Value
config(openswan) = 2.6.32-37.el6
ipsec-userland = 2.6.32-37.el6
openswan = 2.6.32-37.el6
openswan(x86-64) = 2.6.32-37.el6

Download

Type URL
Mirror mirror.centos.org
Binary Package openswan-2.6.32-37.el6.x86_64.rpm
Source Package openswan-2.6.32-37.el6.src.rpm

Install Howto

Install openswan rpm package:

# yum install openswan

Files

Path
/etc/ipsec.conf
/etc/ipsec.secrets
/etc/ipsec.d/
/etc/ipsec.d/policies/block
/etc/ipsec.d/policies/clear
/etc/ipsec.d/policies/clear-or-private
/etc/ipsec.d/policies/private
/etc/ipsec.d/policies/private-or-clear
/etc/prelink.conf.d/openswan-fips.conf
/etc/rc.d/init.d/ipsec
/usr/libexec/ipsec/._copyright.hmac
/usr/libexec/ipsec/._include.hmac
/usr/libexec/ipsec/._keycensor.hmac
/usr/libexec/ipsec/._pluto_adns.hmac
/usr/libexec/ipsec/._plutoload.hmac
/usr/libexec/ipsec/._plutorun.hmac
/usr/libexec/ipsec/._realsetup.hmac
/usr/libexec/ipsec/._secretcensor.hmac
/usr/libexec/ipsec/._startklips.hmac
/usr/libexec/ipsec/._startnetkey.hmac
/usr/libexec/ipsec/._updown.hmac
/usr/libexec/ipsec/._updown.klips.hmac
/usr/libexec/ipsec/._updown.mast.hmac
/usr/libexec/ipsec/._updown.netkey.hmac
/usr/libexec/ipsec/.addconn.hmac
/usr/libexec/ipsec/.auto.hmac
/usr/libexec/ipsec/.barf.hmac
/usr/libexec/ipsec/.eroute.hmac
/usr/libexec/ipsec/.ikeping.hmac
/usr/libexec/ipsec/.klipsdebug.hmac
/usr/libexec/ipsec/.look.hmac
/usr/libexec/ipsec/.newhostkey.hmac
/usr/libexec/ipsec/.pf_key.hmac
/usr/libexec/ipsec/.pluto.hmac
/usr/libexec/ipsec/.ranbits.hmac
/usr/libexec/ipsec/.rsasigkey.hmac
/usr/libexec/ipsec/.secrets.hmac
/usr/libexec/ipsec/.setup.hmac
/usr/libexec/ipsec/.showdefaults.hmac
/usr/libexec/ipsec/.showhostkey.hmac
/usr/libexec/ipsec/.showpolicy.hmac
/usr/libexec/ipsec/.spi.hmac
/usr/libexec/ipsec/.spigrp.hmac
/usr/libexec/ipsec/.tncfg.hmac
/usr/libexec/ipsec/.verify.hmac
/usr/libexec/ipsec/.whack.hmac
/usr/libexec/ipsec/_copyright
/usr/libexec/ipsec/_include
/usr/libexec/ipsec/_keycensor
/usr/libexec/ipsec/_pluto_adns
/usr/libexec/ipsec/_plutoload
/usr/libexec/ipsec/_plutorun
/usr/libexec/ipsec/_realsetup
/usr/libexec/ipsec/_secretcensor
/usr/libexec/ipsec/_startklips
/usr/libexec/ipsec/_startnetkey
/usr/libexec/ipsec/_updown
/usr/libexec/ipsec/_updown.klips
/usr/libexec/ipsec/_updown.mast
/usr/libexec/ipsec/_updown.netkey
/usr/libexec/ipsec/addconn
/usr/libexec/ipsec/auto
/usr/libexec/ipsec/barf
/usr/libexec/ipsec/eroute
/usr/libexec/ipsec/ikeping
/usr/libexec/ipsec/klipsdebug
/usr/libexec/ipsec/look
/usr/libexec/ipsec/newhostkey
/usr/libexec/ipsec/pf_key
/usr/libexec/ipsec/pluto
/usr/libexec/ipsec/ranbits
/usr/libexec/ipsec/rsasigkey
/usr/libexec/ipsec/secrets
/usr/libexec/ipsec/setup
/usr/libexec/ipsec/showdefaults
/usr/libexec/ipsec/showhostkey
/usr/libexec/ipsec/showpolicy
/usr/libexec/ipsec/spi
/usr/libexec/ipsec/spigrp
/usr/libexec/ipsec/tncfg
/usr/libexec/ipsec/verify
/usr/libexec/ipsec/whack
/usr/sbin/.ipsec.hmac
/usr/sbin/ipsec
/usr/share/doc/openswan-2.6.32/BUGS
/usr/share/doc/openswan-2.6.32/CHANGES
/usr/share/doc/openswan-2.6.32/COPYING
/usr/share/doc/openswan-2.6.32/CREDITS
/usr/share/doc/openswan-2.6.32/LICENSE
/usr/share/doc/openswan-2.6.32/README
/usr/share/man/man5/ipsec.conf.5.gz
/usr/share/man/man5/ipsec.secrets.5.gz
/usr/share/man/man5/ipsec_eroute.5.gz
/usr/share/man/man5/ipsec_ipsec.conf.5.gz
/usr/share/man/man5/ipsec_ipsec.secrets.5.gz
/usr/share/man/man5/ipsec_klipsdebug.5.gz
/usr/share/man/man5/ipsec_pf_key.5.gz
/usr/share/man/man5/ipsec_spi.5.gz
/usr/share/man/man5/ipsec_spigrp.5.gz
/usr/share/man/man5/ipsec_tncfg.5.gz
/usr/share/man/man5/ipsec_trap_count.5.gz
/usr/share/man/man5/ipsec_trap_sendcount.5.gz
/usr/share/man/man5/ipsec_version.5.gz
/usr/share/man/man5/pf_key.5.gz
/usr/share/man/man8/ipsec.8.gz
/usr/share/man/man8/ipsec__confread.8.gz
/usr/share/man/man8/ipsec__copyright.8.gz
/usr/share/man/man8/ipsec__include.8.gz
/usr/share/man/man8/ipsec__keycensor.8.gz
/usr/share/man/man8/ipsec__plutoload.8.gz
/usr/share/man/man8/ipsec__plutorun.8.gz
/usr/share/man/man8/ipsec__realsetup.8.gz
/usr/share/man/man8/ipsec__secretcensor.8.gz
/usr/share/man/man8/ipsec__startklips.8.gz
/usr/share/man/man8/ipsec__startnetkey.8.gz
/usr/share/man/man8/ipsec__updown.8.gz
/usr/share/man/man8/ipsec__updown.bsdkame.8.gz
/usr/share/man/man8/ipsec__updown.klips.8.gz
/usr/share/man/man8/ipsec__updown.mast.8.gz
/usr/share/man/man8/ipsec__updown.netkey.8.gz
/usr/share/man/man8/ipsec_addconn.8.gz
/usr/share/man/man8/ipsec_auto.8.gz
/usr/share/man/man8/ipsec_barf.8.gz
/usr/share/man/man8/ipsec_eroute.8.gz
/usr/share/man/man8/ipsec_ikeping.8.gz
/usr/share/man/man8/ipsec_ipsec.8.gz
/usr/share/man/man8/ipsec_klipsdebug.8.gz
/usr/share/man/man8/ipsec_livetest.8.gz
/usr/share/man/man8/ipsec_look.8.gz
/usr/share/man/man8/ipsec_lwdnsq.8.gz
/usr/share/man/man8/ipsec_mailkey.8.gz
/usr/share/man/man8/ipsec_manual.8.gz
/usr/share/man/man8/ipsec_newhostkey.8.gz
/usr/share/man/man8/ipsec_pf_key.8.gz
/usr/share/man/man8/ipsec_pluto.8.gz
/usr/share/man/man8/ipsec_policy.8.gz
/usr/share/man/man8/ipsec_ranbits.8.gz
/usr/share/man/man8/ipsec_readwriteconf.8.gz
/usr/share/man/man8/ipsec_rsasigkey.8.gz
/usr/share/man/man8/ipsec_secrets.8.gz
/usr/share/man/man8/ipsec_setup.8.gz
/usr/share/man/man8/ipsec_showdefaults.8.gz
/usr/share/man/man8/ipsec_showhostkey.8.gz
/usr/share/man/man8/ipsec_showpolicy.8.gz
/usr/share/man/man8/ipsec_spi.8.gz
/usr/share/man/man8/ipsec_spigrp.8.gz
/usr/share/man/man8/ipsec_tncfg.8.gz
/usr/share/man/man8/ipsec_verify.8.gz
/usr/share/man/man8/ipsec_whack.8.gz
/var/run/pluto/

Changelog

2014-09-17 - Paul Wouters <pwouters@redhat.com> - 2.6.32-37
- Resolves: rhbz#1114683 configuring a non-standard AH / ESP algorithm [aes_gcm/aes_ccm/cast]
2014-08-20 - Paul Wouters <pwouters@redhat.com> - 2.6.32-36
- Resolves: rhbz#1114683 configuring a non-standard AH / ESP algorithm [updated2]
2014-08-19 - Paul Wouters <pwouters@redhat.com> - 2.6.32-35
- Resolves: rhbz#1114683 configuring a non-standard AH / ESP algorithm [updated]
- Resolves: rhbz#993124 ikev2 delete - work around to unbreak -fstack-protector [updated]
2014-08-14 - Paul Wouters <pwouters@redhat.com> - 2.6.32-34
- Resolves: rhbz#993124 ikev2 delete - Fix msgid handling and retransmit logic
2014-08-08 - Paul Wouters <pwouters@redhat.com> - 2.6.32-33
- Resolves: rhbz#739949 Updated patch to fixup src/dst bug in netlink_shunt_eroute
2014-08-01 - Paul Wouters <pwouters@redhat.com> - 2.6.32-32
- Resolves: rhbz#1092913 create nss db before startup if not there
- Resolves: rhbz#1098473 ipsec newhostkey returns 0 even if it fails (and enforce min 2192 RSA key size)
- Resolves: rhbz#1114683 configuring a non-standard ESP algorithm (like CAST) cause a restart of pluto
- Resolves: rhbz#1126066 dcookie code enabled with force_busy=yes uses bad pointer causing restart
2014-06-25 - Paul Wouters <pwouters@redhat.com> - 2.6.32-31
- Resolves: rhbz#1088656 pluto doesn't bring up sourceip route when peer restarts
- Resolves: rhbz#1070356 openswan breaks NAT-T draft clients
- Resolves: rhbz#1041576 (pluto cannot write to directories not owned by root)
- Resolves: rhbz#1025687 service ipsec stop shows errors about unloading used modules
- Resolves: rhbz#1092913 The default nss database created by ipsec can not be used
- Resolves: rhbz#1105179 ipsec_auto --ready doesn't work properly
- Resolves: rhbz#1002708 rightid=%fromcert does not use the ID from the offered peer certificate
- Resolves: rhbz#908478  Openswan is sending DPD and/or NAT-T keep alive messages when the IPsec SA is active
- Resolves: rhbz#970349  ikev2 pending SA and rekey issues
- Resolves: rhbz#970279  ikev2=insist allows an ikev1 proposal when acting as responder
- Resolves: rhbz#988106  strict checking of phase2alg= parameters allows mismatched policy
- Resolves: rhbz#1019746 ipsec ikeping does not recognize --exchangenum parameter
- Resolves: rhbz#1018327 ipsec.conf man page lacks example for AES-GCM configuration
- Resolves: rhbz#730975  Openswan doesn't work with ike=modp1536 option
- Resolves: rhbz#1021961 pluto abort when using SHA2_{384,512} IKE encryption algorithm
- Resolves: rhbz#739949  Openswan net-to-net not work with unencrypted connection on specific port
- Resolves: rhbz#993124  ikev2 delete payloads are not delivered to peer
- Resolves: rhbz#834397  ikev2 crashes when firing up a few conns at once
- Resolves: rhbz#1099871  Missing man-page ipsec_whack
2014-02-10 - Paul Wouters <pwouters@redhat.com> - 2.6.32-27.1
- Resolves: CVE-2013-6466 (rhbz#1050340)
2013-10-17 - Paul Wouters <pwouters@redhat.com> - 2.6.32-27
- Resolves: rhbz#1020322 openswan cannot start if FIPS misconfigured
2013-10-09 - Paul Wouters <pwouters@redhat.com> - 2.6.32-26
- Resolves: rhbz#1017371  Verification of openswan package fails

See Also

Package Description
openswan-doc-2.6.32-37.el6.x86_64.rpm Full documentation of Openswan IPSEC implementation
openwsman-client-2.2.3-11.el6.i686.rpm Openwsman Client libraries
openwsman-client-2.2.3-11.el6.x86_64.rpm Openwsman Client libraries
openwsman-perl-2.2.3-11.el6.x86_64.rpm Perl bindings for openwsman client API
openwsman-python-2.2.3-11.el6.x86_64.rpm Python bindings for openwsman client API
openwsman-ruby-2.2.3-11.el6.x86_64.rpm Ruby bindings for openwsman client API
openwsman-server-2.2.3-11.el6.i686.rpm Openwsman Server and service libraries
openwsman-server-2.2.3-11.el6.x86_64.rpm Openwsman Server and service libraries
oprofile-0.9.9-21.el6.x86_64.rpm System wide profiler
oprofile-devel-0.9.9-21.el6.i686.rpm Header files and libraries for developing apps which will use oprofile
oprofile-devel-0.9.9-21.el6.x86_64.rpm Header files and libraries for developing apps which will use oprofile
oprofile-gui-0.9.9-21.el6.x86_64.rpm GUI for oprofile
oprofile-jit-0.9.9-21.el6.i686.rpm Libraries required for profiling Java and other JITed code
oprofile-jit-0.9.9-21.el6.x86_64.rpm Libraries required for profiling Java and other JITed code
orca-2.28.2-1.el6.x86_64.rpm Assistive technology for people with visual impairments
Advertisement
Advertisement