[Swan] CentOS 5 Migrate to Libreswan 3.0-1 from Openswan - include statement not working
Tom Robinson
tom.robinson at motec.com.au
Thu Oct 29 01:47:56 UTC 2015
On 29/10/15 10:37, Paul Wouters wrote:
> You can change the spec and disable DNSSEC so you don't need unbound,
> but you might still need a newer NSS version. The one from rhel6 is good enough and should be a drop in upgrade (when rebuilding on rhel5)
Thanks Paul.
RHEL 6 uses:
nss-3.19.1-3
Where as RHEL 5 uses:
nss-3.19.1-1
Not sure if the '-3' Release is so different. Changelogs show that since the rebase to 3.19.1 there
are two bug fixes in the CentOS 6 version:
* Sat Jun 13 2015 Kai Engert <kaie at redhat.com> - 3.19.1-3
- Additional NULL initialization.
* Fri Jun 12 2015 Kai Engert <kaie at redhat.com> - 3.19.1-2
- Updated the patch to keep old cipher suite order
- Resolves: Bug 1224449
I ran a quick rpm -Uvh on the CentOS 6 versions on my CentOS 5 install but it depends on many
missing libraries (including rpmlib):
# rpm -Uvh --nosignature nss-3.19.1-3.el6_6.i686.rpm
error: Failed dependencies:
libfreebl3.so is needed by nss-3.19.1-3.el6_6.i686
libnssdbm3.so is needed by nss-3.19.1-3.el6_6.i686
libnssutil3.so is needed by nss-3.19.1-3.el6_6.i686
libnssutil3.so(NSSUTIL_3.12) is needed by nss-3.19.1-3.el6_6.i686
libnssutil3.so(NSSUTIL_3.12.3) is needed by nss-3.19.1-3.el6_6.i686
libnssutil3.so(NSSUTIL_3.12.5) is needed by nss-3.19.1-3.el6_6.i686
libnssutil3.so(NSSUTIL_3.13) is needed by nss-3.19.1-3.el6_6.i686
libnssutil3.so(NSSUTIL_3.14) is needed by nss-3.19.1-3.el6_6.i686
libnssutil3.so(NSSUTIL_3.15) is needed by nss-3.19.1-3.el6_6.i686
libnssutil3.so(NSSUTIL_3.17.1) is needed by nss-3.19.1-3.el6_6.i686
libsoftokn3.so is needed by nss-3.19.1-3.el6_6.i686
nss-softokn(x86-32) >= 3.14.3-22 is needed by nss-3.19.1-3.el6_6.i686
nss-system-init is needed by nss-3.19.1-3.el6_6.i686
nss-util >= 3.19.1 is needed by nss-3.19.1-3.el6_6.i686
rpmlib(FileDigests) <= 4.6.0-1 is needed by nss-3.19.1-3.el6_6.i686
rpmlib(PayloadIsXz) <= 5.2-1 is needed by nss-3.19.1-3.el6_6.i686
curl < 7.19.7-26.el6 conflicts with nss-3.19.1-3.el6_6.i686
libnssutil3.so is needed by (installed) pkinit-nss-0.7.6-1.el5.i386
libnssutil3.so is needed by (installed) hmaccalc-0.9.6-4.el5.i386
libnssutil3.so is needed by (installed) pam_pkcs11-0.5.3-26.el5.i386
libnssutil3.so is needed by (installed) rpm-libs-4.4.2.3-36.el5_11.i386
libnssutil3.so is needed by (installed) rpm-4.4.2.3-36.el5_11.i386
libnssutil3.so is needed by (installed) rpm-python-4.4.2.3-36.el5_11.i386
libnssutil3.so is needed by (installed) nss-tools-3.19.1-1.el5_11.i386
libnssutil3.so is needed by (installed) libreswan-3.0-1.i386
libnssutil3.so(NSSUTIL_3.12) is needed by (installed) nss-tools-3.19.1-1.el5_11.i386
libnssutil3.so(NSSUTIL_3.12.7) is needed by (installed) nss-tools-3.19.1-1.el5_11.i386
libnssutil3.so(NSSUTIL_3.15) is needed by (installed) nss-tools-3.19.1-1.el5_11.i386
nss = 3.19.1-1.el5_11 is needed by (installed) nss-tools-3.19.1-1.el5_11.i386
I guess there's a little more work involved with getting that installed so I'll run with the stock
CentOS 5 nss for now.
>
> The bogus signature is probably my personal signature instead of the libreswan signature.
>
> I'll try and put up a new version for rhel5 with all related packages
>
Thanks again, Paul.
--
Tom Robinson
IT Manager/System Administrator
MoTeC Pty Ltd
121 Merrindale Drive
Croydon South
3136 Victoria
Australia
T: +61 3 9761 5050
F: +61 3 9761 5051
E: tom.robinson at motec.com.au
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20151029/bb679449/attachment-0001.sig>
More information about the Swan
mailing list