libcharon-extra-plugins_5.3.5-1ubuntu3.8_amd64.deb


Advertisement

Description

libcharon-extra-plugins - strongSwan charon library (extra plugins)

Property Value
Distribution Ubuntu 16.04 LTS (Xenial Xerus)
Repository Ubuntu Updates Main amd64
Package filename libcharon-extra-plugins_5.3.5-1ubuntu3.8_amd64.deb
Package name libcharon-extra-plugins
Package version 5.3.5
Package release 1ubuntu3.8
Package architecture amd64
Package type deb
Category net
Homepage http://www.strongswan.org
License -
Maintainer Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Download size 1.36 MB
Installed size 6.16 MB
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
This package provides extra plugins for the charon library:
- addrblock (Narrow traffic selectors to RFC 3779 address blocks in X.509
certificates)
- dhcp (Forwarding of DHCP requests for virtual IPs to DHCP server)
- certexpire (Export expiration dates of used certificates)
- eap-aka (Generic EAP-AKA protocol handler using different backends)
- eap-gtc (EAP-GTC protocol handler authenticating with XAuth backends)
- eap-identity (EAP-Identity identity exchange algorithm, to use with other
EAP protocols)
- eap-md5 (EAP-MD5 protocol handler using passwords)
- eap-mschapv2 (EAP-MSCHAPv2 protocol handler using passwords/NT hashes)
- eap-radius (EAP server proxy plugin forwarding EAP conversations to a
RADIUS server)
- eap-tls (EAP-TLS protocol handler, to authenticate with certificates in
EAP)
- eap-tnc (EAP-TNC protocol handler, Trusted Network Connect in a TLS tunnel)
- eap-ttls (EAP-TTLS protocol handler, wraps other EAP methods securely)
- error-notify (Notification about errors via UNIX socket)
- farp (fake ARP responses for requests to virtual IP address)
- kernel-libipsec (Userspace IPsec Backend with TUN devices)
- led (Let Linux LED subsystem LEDs blink on IKE activity)
- lookip (Virtual IP lookup facility using a UNIX socket)
- tnc (Trusted Network Connect)
- unity (Cisco Unity extensions for IKEv1)
- xauth-eap (XAuth backend that uses EAP methods to verify passwords)
- xauth-generic (Generic XAuth backend that provides passwords from
ipsec.secrets and other credential sets)
- xauth-pam (XAuth backend that uses PAM modules to verify passwords)
- strongswan-plugin-eap-aka-3gpp2 (EAP-AKA backend implementing standard 3GPP2 algorithm in software)
- strongswan-plugin-eap-dynamic (EAP proxy plugin that dynamically selects an EAP method requested/supported by the client (since 5.0.1))
- strongswan-plugin-eap-peap (EAP-PEAP protocol handler, wraps other EAP methods securely)
- strongswan-plugin-eap-sim (Generic EAP-SIM protocol handler using different backends)
- strongswan-plugin-eap-sim-file (EAP-SIM backend reading triplets from a file)
- strongswan-plugin-eap-sim-pcsc (EAP-SIM backend based on a PC/SC smartcard reader)
- strongswan-plugin-eap-simaka-pseudonym (EAP-SIM/AKA in-memory pseudonym identity database)
- strongswan-plugin-eap-simaka-reauth (EAP-SIM/AKA in-memory reauthentication identity database)
- strongswan-plugin-eap-simaka-sql (EAP-SIM/AKA backend reading triplets/quintuplets from a SQL database)
- strongswan-plugin-xauth-noauth (XAuth backend that does not do any authentication (since 5.0.3))

Alternatives

Package Version Architecture Repository
libcharon-extra-plugins_5.3.5-1ubuntu3.8_i386.deb 5.3.5 i386 Ubuntu Updates Main
libcharon-extra-plugins_5.3.5-1ubuntu3_i386.deb 5.3.5 i386 Ubuntu Main
libcharon-extra-plugins_5.3.5-1ubuntu3_amd64.deb 5.3.5 amd64 Ubuntu Main
libcharon-extra-plugins - - -

Requires

Name Value
libc6 >= 2.14
libgmp10 -
libpam0g >= 0.99.7.1
libpcsclite1 >= 1.3.0
libstrongswan = 5.3.5-1ubuntu3.8
strongswan-tnc-base -

Replaces

Name Value
libstrongswan << 5.3.5-1ubuntu1~
strongswan-ike <= 5.1.1-1
strongswan-plugin-certexpire << 5.3.5-1ubuntu1~
strongswan-plugin-dhcp << 5.3.5-1ubuntu1~
strongswan-plugin-eap-aka << 5.3.5-1ubuntu1~
strongswan-plugin-eap-aka-3gpp2 << 5.3.5-1ubuntu1~
strongswan-plugin-eap-dynamic << 5.3.5-1ubuntu1~
strongswan-plugin-eap-gtc << 5.3.5-1ubuntu1~
strongswan-plugin-eap-md5 << 5.3.5-1ubuntu1~
strongswan-plugin-eap-mschapv2 << 5.3.5-1ubuntu1~
strongswan-plugin-eap-peap << 5.3.5-1ubuntu1~
strongswan-plugin-eap-radius << 5.3.5-1ubuntu1~
strongswan-plugin-eap-sim << 5.3.5-1ubuntu1~
strongswan-plugin-eap-sim-file << 5.3.5-1ubuntu1~
strongswan-plugin-eap-sim-pcsc << 5.3.5-1ubuntu1~
strongswan-plugin-eap-simaka-pseudonym << 5.3.5-1ubuntu1~
strongswan-plugin-eap-simaka-reauth << 5.3.5-1ubuntu1~
strongswan-plugin-eap-simaka-sql << 5.3.5-1ubuntu1~
strongswan-plugin-eap-tls << 5.3.5-1ubuntu1~
strongswan-plugin-eap-tnc << 5.3.5-1ubuntu1~
strongswan-plugin-eap-ttls << 5.3.5-1ubuntu1~
strongswan-plugin-error-notify << 5.3.5-1ubuntu1~
strongswan-plugin-farp << 5.3.5-1ubuntu1~
strongswan-plugin-kernel-libipsec << 5.3.5-1ubuntu1~
strongswan-plugin-led << 5.3.5-1ubuntu1~
strongswan-plugin-lookip << 5.3.5-1ubuntu1~
strongswan-plugin-unity << 5.3.5-1ubuntu1~
strongswan-plugin-xauth-eap << 5.3.5-1ubuntu1~
strongswan-plugin-xauth-generic << 5.3.5-1ubuntu1~
strongswan-plugin-xauth-noauth << 5.3.5-1ubuntu1~
strongswan-plugin-xauth-pam << 5.3.5-1ubuntu1~

Download

Type URL
Mirror archive.ubuntu.com
Binary Package libcharon-extra-plugins_5.3.5-1ubuntu3.8_amd64.deb
Source Package strongswan

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install libcharon-extra-plugins deb package:
    # sudo apt-get install libcharon-extra-plugins

Files

Path
/etc/apparmor.d/usr.lib.ipsec.lookip
/etc/strongswan.d/charon/addrblock.conf
/etc/strongswan.d/charon/certexpire.conf
/etc/strongswan.d/charon/dhcp.conf
/etc/strongswan.d/charon/eap-aka-3gpp2.conf
/etc/strongswan.d/charon/eap-aka.conf
/etc/strongswan.d/charon/eap-dynamic.conf
/etc/strongswan.d/charon/eap-gtc.conf
/etc/strongswan.d/charon/eap-identity.conf
/etc/strongswan.d/charon/eap-md5.conf
/etc/strongswan.d/charon/eap-mschapv2.conf
/etc/strongswan.d/charon/eap-peap.conf
/etc/strongswan.d/charon/eap-radius.conf
/etc/strongswan.d/charon/eap-sim-file.conf
/etc/strongswan.d/charon/eap-sim-pcsc.conf
/etc/strongswan.d/charon/eap-sim.conf
/etc/strongswan.d/charon/eap-simaka-pseudonym.conf
/etc/strongswan.d/charon/eap-simaka-reauth.conf
/etc/strongswan.d/charon/eap-simaka-sql.conf
/etc/strongswan.d/charon/eap-tls.conf
/etc/strongswan.d/charon/eap-tnc.conf
/etc/strongswan.d/charon/eap-ttls.conf
/etc/strongswan.d/charon/error-notify.conf
/etc/strongswan.d/charon/farp.conf
/etc/strongswan.d/charon/kernel-libipsec.conf
/etc/strongswan.d/charon/led.conf
/etc/strongswan.d/charon/lookip.conf
/etc/strongswan.d/charon/unity.conf
/etc/strongswan.d/charon/xauth-eap.conf
/etc/strongswan.d/charon/xauth-generic.conf
/etc/strongswan.d/charon/xauth-noauth.conf
/etc/strongswan.d/charon/xauth-pam.conf
/usr/lib/ipsec/error-notify
/usr/lib/ipsec/libipsec.so
/usr/lib/ipsec/libipsec.so.0
/usr/lib/ipsec/libipsec.so.0.0.0
/usr/lib/ipsec/libpttls.so
/usr/lib/ipsec/libpttls.so.0
/usr/lib/ipsec/libpttls.so.0.0.0
/usr/lib/ipsec/libradius.so
/usr/lib/ipsec/libradius.so.0
/usr/lib/ipsec/libradius.so.0.0.0
/usr/lib/ipsec/libsimaka.so
/usr/lib/ipsec/libsimaka.so.0
/usr/lib/ipsec/libsimaka.so.0.0.0
/usr/lib/ipsec/libtls.so
/usr/lib/ipsec/libtls.so.0
/usr/lib/ipsec/libtls.so.0.0.0
/usr/lib/ipsec/lookip
/usr/lib/ipsec/pt-tls-client
/usr/lib/ipsec/plugins/libstrongswan-addrblock.so
/usr/lib/ipsec/plugins/libstrongswan-certexpire.so
/usr/lib/ipsec/plugins/libstrongswan-dhcp.so
/usr/lib/ipsec/plugins/libstrongswan-eap-aka-3gpp2.so
/usr/lib/ipsec/plugins/libstrongswan-eap-aka.so
/usr/lib/ipsec/plugins/libstrongswan-eap-dynamic.so
/usr/lib/ipsec/plugins/libstrongswan-eap-gtc.so
/usr/lib/ipsec/plugins/libstrongswan-eap-identity.so
/usr/lib/ipsec/plugins/libstrongswan-eap-md5.so
/usr/lib/ipsec/plugins/libstrongswan-eap-mschapv2.so
/usr/lib/ipsec/plugins/libstrongswan-eap-peap.so
/usr/lib/ipsec/plugins/libstrongswan-eap-radius.so
/usr/lib/ipsec/plugins/libstrongswan-eap-sim-file.so
/usr/lib/ipsec/plugins/libstrongswan-eap-sim-pcsc.so
/usr/lib/ipsec/plugins/libstrongswan-eap-sim.so
/usr/lib/ipsec/plugins/libstrongswan-eap-simaka-pseudonym.so
/usr/lib/ipsec/plugins/libstrongswan-eap-simaka-reauth.so
/usr/lib/ipsec/plugins/libstrongswan-eap-simaka-sql.so
/usr/lib/ipsec/plugins/libstrongswan-eap-tls.so
/usr/lib/ipsec/plugins/libstrongswan-eap-tnc.so
/usr/lib/ipsec/plugins/libstrongswan-eap-ttls.so
/usr/lib/ipsec/plugins/libstrongswan-error-notify.so
/usr/lib/ipsec/plugins/libstrongswan-farp.so
/usr/lib/ipsec/plugins/libstrongswan-kernel-libipsec.so
/usr/lib/ipsec/plugins/libstrongswan-led.so
/usr/lib/ipsec/plugins/libstrongswan-lookip.so
/usr/lib/ipsec/plugins/libstrongswan-unity.so
/usr/lib/ipsec/plugins/libstrongswan-xauth-eap.so
/usr/lib/ipsec/plugins/libstrongswan-xauth-generic.so
/usr/lib/ipsec/plugins/libstrongswan-xauth-noauth.so
/usr/lib/ipsec/plugins/libstrongswan-xauth-pam.so
/usr/share/doc/libcharon-extra-plugins/NEWS.Debian.gz
/usr/share/doc/libcharon-extra-plugins/changelog.Debian.gz
/usr/share/doc/libcharon-extra-plugins/copyright
/usr/share/strongswan/templates/config/plugins/addrblock.conf
/usr/share/strongswan/templates/config/plugins/certexpire.conf
/usr/share/strongswan/templates/config/plugins/dhcp.conf
/usr/share/strongswan/templates/config/plugins/eap-aka-3gpp2.conf
/usr/share/strongswan/templates/config/plugins/eap-aka.conf
/usr/share/strongswan/templates/config/plugins/eap-dynamic.conf
/usr/share/strongswan/templates/config/plugins/eap-gtc.conf
/usr/share/strongswan/templates/config/plugins/eap-identity.conf
/usr/share/strongswan/templates/config/plugins/eap-md5.conf
/usr/share/strongswan/templates/config/plugins/eap-mschapv2.conf
/usr/share/strongswan/templates/config/plugins/eap-peap.conf
/usr/share/strongswan/templates/config/plugins/eap-radius.conf
/usr/share/strongswan/templates/config/plugins/eap-sim-file.conf
/usr/share/strongswan/templates/config/plugins/eap-sim-pcsc.conf
/usr/share/strongswan/templates/config/plugins/eap-sim.conf
/usr/share/strongswan/templates/config/plugins/eap-simaka-pseudonym.conf
/usr/share/strongswan/templates/config/plugins/eap-simaka-reauth.conf
/usr/share/strongswan/templates/config/plugins/eap-simaka-sql.conf
/usr/share/strongswan/templates/config/plugins/eap-tls.conf
/usr/share/strongswan/templates/config/plugins/eap-tnc.conf
/usr/share/strongswan/templates/config/plugins/eap-ttls.conf
/usr/share/strongswan/templates/config/plugins/error-notify.conf
/usr/share/strongswan/templates/config/plugins/farp.conf
/usr/share/strongswan/templates/config/plugins/kernel-libipsec.conf
/usr/share/strongswan/templates/config/plugins/led.conf
/usr/share/strongswan/templates/config/plugins/lookip.conf
/usr/share/strongswan/templates/config/plugins/unity.conf
/usr/share/strongswan/templates/config/plugins/xauth-eap.conf
/usr/share/strongswan/templates/config/plugins/xauth-generic.conf
/usr/share/strongswan/templates/config/plugins/xauth-noauth.conf
/usr/share/strongswan/templates/config/plugins/xauth-pam.conf

Changelog

2018-09-26 - Marc Deslauriers <marc.deslauriers@ubuntu.com>
strongswan (5.3.5-1ubuntu3.8) xenial-security; urgency=medium
* SECURITY UPDATE: Insufficient input validation in gmp plugin
- debian/patches/strongswan-4.4.0-5.7.0_gmp-pkcs1-overflow.patch: fix
buffer overflow with very small RSA keys in
src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c.
- CVE-2018-17540
2018-09-18 - Marc Deslauriers <marc.deslauriers@ubuntu.com>
strongswan (5.3.5-1ubuntu3.7) xenial-security; urgency=medium
* SECURITY UPDATE: Insufficient input validation in gmp plugin
- debian/patches/strongswan-5.3.1-5.6.0_gmp-pkcs1-verify.patch: don't
parse PKCS1 v1.5 RSA signatures to verify them in
src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c,
src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c.
- CVE-2018-16151
- CVE-2018-16152
* SECURITY UPDATE: remote denial of service
- debian/patches/strongswan-5.0.1-5.4.0_skeyseed_init.patch: properly
initialize variable in src/libcharon/sa/ikev2/keymat_v2.c.
- CVE-2018-10811
* SECURITY UPDATE: DoS in stroke plugin
- debian/patches/strongswan-5.1.2-5.6.2_stroke_msg_len.patch: ensure a
minimum message length in
src/libcharon/plugins/stroke/stroke_socket.c.
- CVE-2018-5388
2017-12-18 - Christian Ehrhardt <christian.ehrhardt@canonical.com>
strongswan (5.3.5-1ubuntu3.5) xenial; urgency=medium
* d/p/ikev1-First-do-PSK-lookups-lp1734207.patch ensure evaluation
with resolvable hostnames selects the right PSK (LP: #1734207).
2017-08-15 - Leonidas S. Barbosa <leo.barbosa@canonical.com>
strongswan (5.3.5-1ubuntu3.4) xenial-security; urgency=medium
* SECURITY UPDATE: Fix RSA signature verification
- debian/patches/CVE-2017-11185.patch: does some
verifications in order to avoid null-point dereference
in src/libstrongswan/gmp/gmp_rsa_public_key.c
- CVE-2017-11185
2017-05-24 - Marc Deslauriers <marc.deslauriers@ubuntu.com>
strongswan (5.3.5-1ubuntu3.3) xenial-security; urgency=medium
* SECURITY UPDATE: Insufficient Input Validation in gmp Plugin
- debian/patches/CVE-2017-9022.patch: make sure the modulus is odd and
the exponent not zero in
src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c.
- CVE-2017-9022
* SECURITY UPDATE: Incorrect Handling of CHOICE types in ASN.1 parser and
x509 plugin
- debian/patches/CVE-2017-9023.patch: fix CHOICE parsing in
src/libstrongswan/asn1/asn1_parser.*,
src/libstrongswan/plugins/x509/x509_cert.c.
- CVE-2017-9023
2017-05-03 - Christian Ehrhardt <christian.ehrhardt@canonical.com>
strongswan (5.3.5-1ubuntu3.2) xenial; urgency=medium
* d/p/ikev2-Only-add-NAT-D-notifies-to-DPDs-as-initiator.patch: fix issue
related to DPD vs iOS10 (LP: #1687711)
2017-02-07 - Christian Ehrhardt <christian.ehrhardt@canonical.com>
strongswan (5.3.5-1ubuntu3.1) xenial; urgency=medium
* fix strongswan ipsec status issue with apparmor (LP: #1587886)
2016-04-05 - Robie Basak <robie.basak@ubuntu.com>
strongswan (5.3.5-1ubuntu3) xenial; urgency=medium
* Rebuild against libmysqlclient20.
2016-02-22 - Iain Lane <iain@orangesquash.org.uk>
strongswan (5.3.5-1ubuntu2) xenial; urgency=medium
* debian/tests/plugins: rdrand may or may not be loaded, depending on the
cpu features.

See Also

Package Description
libcib-dev_1.1.14-2ubuntu1.6_amd64.deb cluster resource manager CIB library development
libcib4_1.1.14-2ubuntu1.6_amd64.deb cluster resource manager CIB library
libcilkrts5_5.4.0-6ubuntu1~16.04.11_amd64.deb Intel Cilk Plus language extensions (runtime)
libclamav-dev_0.101.4+dfsg-0ubuntu0.16.04.1_amd64.deb anti-virus utility for Unix - development files
libclamav7_0.100.3+dfsg-0ubuntu0.16.04.1_amd64.deb anti-virus utility for Unix - library
libclamav9_0.101.4+dfsg-0ubuntu0.16.04.1_amd64.deb anti-virus utility for Unix - library
libclang-common-4.0-dev_4.0-1ubuntu1~16.04.2_amd64.deb clang library - Common development package
libclang1-4.0_4.0-1ubuntu1~16.04.2_amd64.deb C interface to the clang library
libclang1-5.0_5.0-3~16.04.1_amd64.deb C interface to the clang library
libclang1-6.0_6.0-1ubuntu2~16.04.1_amd64.deb C interface to the clang library
libclick-0.4-0_0.4.43+16.04.20170613-0ubuntu1_amd64.deb run-time Click package management library
libclick-0.4-dev_0.4.43+16.04.20170613-0ubuntu1_amd64.deb development files for Click package management library
libcmap-dev_2.3.5-3ubuntu2.3_amd64.deb cluster engine CMAP library development
libcmap4_2.3.5-3ubuntu2.3_amd64.deb cluster engine CMAP library
libcomerr2_1.42.13-1ubuntu1.1_amd64.deb common error description library
Advertisement
Advertisement