openswan is dead and libreswan was forked from it to continue its development. There are likely several security vulnerabilities that are unfixed in our package. Other distros have already made the switch. We should also make the switch or drop it if we aren't going to maintain the package.
A new version of openswan has been pushed to Cauldron.
Thanks, but that's not what's needed. See the bug title and Comment 0.
But you also said that "openswan is dead", which it isn't and so I thought an update would be a good thing.
Getting libreswan to work is a bit more difficult since it requires fipscheck which doesn't compile because FIPS is disabled in our openssl.
Are you sure it isn't dead? Maybe our package just wasn't up to date. Either way, libreswan is the way forward.
libreswan has been imported to Cauldron.
Please test it. I have no idea if it works.
Had to hack the spec file a little after importing it from Fedora to get it to build. Disabled fipscheck as well.
When this package has been tested and validated to work as expected, I will Obsolete openswan.
Openswan is obsoleted already. I just didn't read the spec file thoroughly.
That works. I don't use it and certainly can't test it, but if there's an issue with it I'm sure someone will let us know.
(In reply to David Walser from comment #7)
> That works. I don't use it and certainly can't test it, but if there's an
> issue with it I'm sure someone will let us know.
Should I close this report?
Sophie says we still have openswan. It looks like openswan-doc wasn't obsoleted.
Fixed in libreswan 3.27-4.
OK to close now?
Thanks. Nice work.