|
|
|
|
[COPY] --- SDE-COPYRIGHT-NOTE-BEGIN ---
|
|
|
|
|
[COPY] This copyright note is auto-generated by ./scripts/Create-CopyPatch.
|
|
|
|
|
[COPY]
|
|
|
|
|
[COPY] Filename: package/.../strongswan/strongswan.desc
|
|
|
|
|
[COPY] Copyright (C) 2006 - 2007 The OpenSDE Project
|
|
|
|
|
[COPY] Copyright (C) 2004 - 2006 The T2 SDE Project
|
|
|
|
|
[COPY]
|
|
|
|
|
[COPY] More information can be found in the files COPYING and README.
|
|
|
|
|
[COPY]
|
|
|
|
|
[COPY] This program is free software; you can redistribute it and/or modify
|
|
|
|
|
[COPY] it under the terms of the GNU General Public License as published by
|
|
|
|
|
[COPY] the Free Software Foundation; version 2 of the License. A copy of the
|
|
|
|
|
[COPY] GNU General Public License can be found in the file COPYING.
|
|
|
|
|
[COPY] --- SDE-COPYRIGHT-NOTE-END ---
|
|
|
|
|
|
|
|
|
|
[I] An IPsec implementation for Linux
|
|
|
|
|
|
|
|
|
|
[T] strongSwan is an OpenSource IPsec implementation for the Linux operating
|
|
|
|
|
[T] system.
|
|
|
|
|
[T] It is based on the discontinued FreeS/WAN project and the X.509 patch which
|
|
|
|
|
[T] we developped over the last three years. In order to have a stable IPsec
|
|
|
|
|
[T] platform to base our future extensions of the X.509 capability on, we
|
|
|
|
|
[T] decided to lauch the strongSwan project.
|
|
|
|
|
[T]
|
|
|
|
|
[T] The focus is on
|
|
|
|
|
[T] - simplicity of configuration
|
|
|
|
|
[T] - strong encryption and authentication methods
|
|
|
|
|
[T] - powerful IPsec policies supporting large and complex VPN networks
|
|
|
|
|
[T]
|
|
|
|
|
[T] strongSwan features includes:
|
|
|
|
|
[T] - both on Linux 2.4 (KLIPS) and Linux 2.6 (native IPsec) kernels.
|
|
|
|
|
[T] - Fast connection startup and periodic update using ipsec starter
|
|
|
|
|
[T] - Automatic insertion and deletion of IPsec policy based firewall rules
|
|
|
|
|
[T] - strong 3DES, AES, Serpent, Twofish, or Blowfish encryption
|
|
|
|
|
[T] - NAT-Traversal (RFC 3947) and support of virtual IPs and IKE Mode Config
|
|
|
|
|
[T] - Dead Peer Detection (DPD, RFC 3706) takes care of dangling tunnels
|
|
|
|
|
[T] - Authentication based on X.509 certificates or preshared keys
|
|
|
|
|
[T] - Authentication based on X.509 certificates or preshared keys
|
|
|
|
|
[T] - Generation of a default self-signed certificate during first strongSwan startup
|
|
|
|
|
[T] - Retrieval and local caching of Certificate Revocation Lists via HTTP or LDAP
|
|
|
|
|
[T] - Full support of the Online Certificate Status Protocol (OCSP, RCF 2560)
|
|
|
|
|
[T] - CA management (OCSP and CRL URIs, default LDAP server)
|
|
|
|
|
[T] - Powerful IPsec policies based on wildcards or intermediate CAs
|
|
|
|
|
[T] - Group policies based on X.509 attribute certificates ( RFC 3281)
|
|
|
|
|
[T] - Optional storage of RSA private keys and certificates on a smartcard
|
|
|
|
|
[T] - Smartcard access via standardized PKCS #11 interface
|
|
|
|
|
[T] - PKCS #11 proxy function offering RSA decryption services via whack
|
|
|
|
|
|
|
|
|
|
[U] http://www.strongswan.org/
|
|
|
|
|
|
|
|
|
|
[A] Andreas Steffen <andreas.steffen@zhwin.ch>
|
|
|
|
|
[M] Christian Wiese <jeru@ixplanet.org>
|
|
|
|
|
|
|
|
|
|
[C] extra/security
|
|
|
|
|
|
|
|
|
|
[L] GPL
|
|
|
|
|
|
|
|
|
|
[S] Stable
|
|
|
|
|
[V] 2.8.3
|
|
|
|
|
[P] X -----5---9 200.500
|
|
|
|
|
|
|
|
|
|
[D] 4016879581 strongswan-2.8.3.tar.bz2 http://download.strongswan.org/
|
