NetworkManager VPN support for L2TP
NetworkManager-l2tp provides VPN support to NetworkManager for L2TP.
- Developed at GNOME:Factory
- Sources inherited from project openSUSE:Factory
-
5
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Backports:SLE-15-SP4:FactoryCandidates/NetworkManager-l2tp && cd $_
- Create Badge
Refresh
Refresh
Source Files
Filename | Size | Changed |
---|---|---|
NetworkManager-l2tp-1.20.10.tar.xz | 0000488244 477 KB | |
NetworkManager-l2tp.changes | 0000013177 12.9 KB | |
NetworkManager-l2tp.spec | 0000003571 3.49 KB |
Revision 15 (latest revision is 16)
Ana Guerrero (anag+factory)
accepted
request 1130773
from
Dominique Leuenberger (dimstar)
(revision 15)
- Rename gnome subpackage to NetworkManager-applet-l2tp to more accurately reflect its usage - Add missing supplements: - NM and xl2tpd - NMA subpackage: Main package and NMA - Configure runstatedir to %_rundir - Update to version 1.20.8: + Fix padding of PPP Options dialog. + Undo PTP peer & ext GW routing prevention workaround first introduced with NetworkManager-l2tp 1.8.4 as workaround no longer works with NetworkManager 1.36. The actual fix should be done in NetworkManager. + Add support for Manual IPv4 configuration options: Address, Netmask and Gateway. + Remove deprecated OpenSSL 3 related code. + Load L2TP kernel modules if NM_L2TP_MODPROBE env variable set. - Update to version 1.20.6: + Fix for Libreswan 4.9 and later detection. + Fix for ipsec-psk-flags setting not being saved. + Add getenv NM_L2TP_XL2TPD_MAX_RETRIES to allow setting the xl2tpd max retries value. + Increase IPsec and L2TP daemon wait timeouts for potentially better debugging. + Updated translations. - Changes from version 1.20.4: + Security fix - properly detect that strongswan CHILD_SA connection has been established. + Fix for libreswan "cannot route template policy" error. - Update to version 1.20.2: + Gtk4 version of the editor plugin is now available (for use with Control Center of GNOME 42 or later). + Updated translations. - Add pkgconfig(gtk4) and pkgconfig(libnma-gtk4) BuildRequires and pass --with-gtk4=yes to configure, build the gtk4 version. - Pass --enable-lto=yes to configure, build using LTO support. - Add optional libxml2-tools BuildRequires, build runs xml-stripblanks preprocessing if available. - Update to version 1.20.0: + Support for kl2tpd from Katalix's go-l2tp project added. + Support for Multilink PPP added. + L2TP ephemeral source port checkbox added. + Honors $CHARONDEBUG and $PLUTODEBUG even without --debug + intltool for i18n builds no longer required. + deprecated libnm-glib/libnm-util code removed. + Updated translations. - Update dependencies for NetworkManager >= 1.20.0 - Remove redundant intltool build dependency. - Replace recommends strongswan with (strongswan or libreswan) - Update to version 1.8.6: + Fix for make check warning that prevented RPMs from being built. - Changes from version 1.8.2: + Update strings for new dialog design in gnome-shell. e.g use "Password" instead of "Password:". + Use /usr/share/metainfo for AppData files. + Move D-Bus policy file to /usr/share/dbus-1/system.d/. + Add --with-nm-ipsec-nss-dir configure switch for Libreswan NSS database location with default value of /var/lib/ipsec/nss. + Do not add broken route to VPN gateway IP address. + Add back import/export capability. + Fix for user certificate password flags for connection editor. + Fixes for user certificate support. + Provide --enable-libreswan-dh2 configure switch for older versions of Libreswan or those built with USE_DH2. + KDE plasma-nm compatibility for "Gateway ID". + Updated translations. - Update default PPPD_PLUGIN_DIR to %{_libdir}/pppd/2.4.8. - Use --enable-libreswan-dh2 configure switch. - D-Bus policy file location is now /usr/share/dbus-1/system.d. - AppData file location is now /usr/share/metainfo. - Set the path for the VPN service name file correctly to %_vpnservicedir (provided by macros.NetworkManager). - No longer recommend -lang: supplements are in use - Update to version 1.8.0: + User and machine TLS certificate support. + New dependency on OpenSSL's libcrypto (>= 1.1.0). + New dependency on Network Security Services (NSS) libraries. + Routines to auto detect the TLS certificate and private key file formats by looking at the file contents and not the file extension, also determines if the files are encrypted with a password, which includes testing if the password is the empty string or NULL. + Routines to import certificates and privates keys into a Libreswan NSS database. + Grey out the auth type selection for user authentication if EAP-TLS pppd patch (i.e. https://www.nikhef.nl/~janjust/ppp/) was not detected, e.g. with openSUSE. + Updated translations. - Added BuildRequires for openssl-devel and pkgconfig(nss) - Update to version 1.2.14: + Changed Legacy Proposal button to Prevalent Algorithms button. + Prevalent Algorithms button populates Phase 1 and 2 Algorithm text entry boxes with a merge of Windows 10 and macOS/iOS/iPadOS L2TP clients' IKEv1 proposals. + Added use IKEv2 key exchange option. + Improved debugging output for Libreswan and strongSwan. Libreswan debugging can now be cutomized by setting the PLUTODEBUG environment variable. strongSwan debugging can now be cutomized by setting the CHARONDEBUG environment variable. + Gray out "IPsec Settings..." button if neither Libreswan nor strongSwan are found. + Updated translations. - Update to version 1.2.12: + Added Legacy Proposal button. + Added extra IPsec configuration options. + renamed Gateway ID to Remote ID. + Use /etc/ipsec.d/ipsec.nm-l2tp.secrets instead of /etc/ipsec.d/nm-l2tp-ipsec-UUID.secrets. + PSK is now Base64 encoded. + Legacy KDE Plasma-nm user certificate support. + libnm-glib compatibility (NetworkManager < 1.0) is disabled by default. + Updated translations. - Changes from version 1.2.10: + Point version 1.2.10 appdata image URIs to nm-1-2 github branch. + Corrected force UDP encapsulation toggle button behavior. - URL and Source0 changes as a consequence of upstream GitHub project being renamed from network-manager-l2tp to NetworkManager-l2tp. - Use upstream provided xz tarball instead of GitHub generated gz tarball. - autoreconf no longer required as a result of upstream provided xz tarball. - Delete any transient nm-l2rp-ipsec-+.secrets files previously generated by versions <= 1.2.10 in %pre section. - Delete transient ipsec.nm-l2tp.secrets files in %postun section. - remove redundant --without-libnm-glib configure switch which is now the default. - Package missing COPYING file. - Use autosetup and make_build macros. - Following changes in NetworkManager: pass without-libnm-glib to configure, no longer build deprecated libnm-glib support. - Following the above changes: Drop no longer needed pkgconfig(NetworkManager), pkgconfig(libnm-glib), pkgconfig(libnm-glib-vpn), pkgconfig(libnm-gtk) and pkgconfig(libnm-util) BuildRequires. - Drop explicit autoconf, automake, gettext and grep BuildRequires: libtool BuildRequires is sufficent. - Drop unnneeded NetworkManager-applet Requires from gnome sub-package, it is not longer of use for us. - Modernize spec-file by calling spec-cleaner - Update to version 1.2.8: + Updated translations. + Stops strongSwan service when a connection cannot be established. - Changes from version 1.2.6: + Prefer building against stable libsecret API. + If L2TP port 1701 is already in use, no longer writes "leftprotoport=udp/l2tp" (which is equivalent to "leftprotoport=udp/1701") to the ipsec config file. This was done to ensures L2TP is encapsulated in IPsec. - Changes from version 1.2.4: + Split libnm-vpn-plugin-pptp.so into a GTK-free core plugin usable by nmcli and a UI plugin for nm-applet and gnome components. - Changes from version 1.2.2: + runtime test for strongwan or libreswan no longer performed if IPsec tickbox not ticked. - Changes from version 1.2.0: + NetworkManager 1.1.x and 1.2.0 support - Replace pkgconfig(libsecret-unstable) for pkgconfig(libsecret-1) BuildRequires following upstreams changes. - Introduce GTK-free VPN plugin library to base package. - Update to version 1.0.8: + Updated translations. + Stops strongSwan service when a connection cannot be established. + sets phase 1 (ike) and phase 2 (esp) ciphers for strongswan to the same as those used in version 1.0.4 - Changes from version 1.0.6: + If L2TP port 1701 is already in use, no longer writes "leftprotoport=udp/l2tp" (which is equivalent to "leftprotoport=udp/1701") to the ipsec config file. This was done to ensures L2TP is encapsulated in IPsec. + Uses UUID instead of PID for run-time generated filenames + No longer temporarily replaces system /etc/ipsec.secrets file + IPsec rekeying is now possible because the following file remains for the lifetime of the VPN connection : /etc/ipsec.d/nm-l2tp-ipsec-UUID.secrets + Following line is appended to /etc/ipsec.secrets if the include line is missing: include /etc/ipsec.d/+.secrets + Removed IPsec Group Name from user interface + Added IPsec Phase 1 (ike) & Phase 2 (esp) to user interface. + New timeout code for IPsec connection up script. - Changes from version 1.0.4: + xl2tpd-1.3.7 compatibility fix for unrecognized option 'lock'. + /usr/sbin/ipsec runtime IPsec stack detection improved so that Openswan is rejected and not treated the same as openSwan. + Explictly check strongSwan connection has been established. - Changes from version 1.0.2: + runtime test for strongwan or libreswan no longer performed if IPsec tickbox not ticked. - Changes from version 1.0.0: + auth-dialog ported to libnm-gtk's NMAVpnPasswordDialog. + migrated from deprecated libgnome-keyring to libsecret. + Requires strongSwan or Libreswan for IPsec support, no longer works with Openswan. + Added MTU and MRU setting to PPP settings dialog box. + IPsec Group Name is now optional in IPsec dialog box. - Drop icon install: as there is no icon file in the source anymore, nor is there a .desktop file that can make use of the icon. - Drop --disable-more-warnings from configure line: no longer needed. - Added %%check section. - Replaced Requires strongswan with weaker Recommends strongswan. - Replaced plus characters to recommended asterisk characters in changes file. - Update to version 0.9.8.7: + ipsec: missing curly braces led to always false return. + Updated translations. - Update to version 0.9.8.6: + Bugfix: (security) don't start l2tp if IPsec enabled, but failed to start. + Bugfix: typo in nm-l2tp-service.name. + noccp pppd option added. + Minor locales fixes. + Require new versions of gtk+ and glib. - Initial package, version 0.9.8: + Builds against the GNOME 3.8 versions of GLib and Gtk+. + Fix undefuned NM_L2TP_LOCALEDIR. + License file added. + Minor localization fixes. (forwarded request 1130475 from gmbr3)
Comments 0