<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> <pkgmetadata> <maintainer> <email>patrick@gentoo.org</email> <name>Patrick Lauer</name> </maintainer> <maintainer> <email>gurligebis@gentoo.org</email> <name>Bjarke Istrup Pedersen</name> </maintainer> <longdescription lang="en"> StrongSwan is direct descendant of the discontinued FreeS/WAN project. As an IPsec based VPN solution which is focused on security and ease of use, it fully implements the IKEv1/IKEv2 protocols, MOBIKE, NAT-Traversal via UDP encapsulation (incl. port floating) and Dead Peer Detection. It also fully supports the Linux 2.6 IPsec stack, IPv6, certificates/keys on Smartcards and virtual IP address pools. </longdescription> <use> <flag name="constraints"> Enable advanced X.509 constraint checking plugin. </flag> <flag name="dhcp"> Enable server support for querying virtual IP addresses for clients from a DHCP server. (IKEv2 only) </flag> <flag name="eap"> Enable support for the different EAP modules that is supported. </flag> <flag name="farp"> Enable faking of ARP responses for virtual IP addresses assigned to clients. (IKEv2 only) </flag> <flag name="gcrypt"> Enable <pkg>dev-libs/libgcrypt</pkg> plugin which provides 3DES, AES, Blowfish, Camellia, CAST, DES, Serpent and Twofish ciphers along with MD4, MD5 and SHA1/2 hash algorithms, RSA and DH groups 1,2,5,14-18 and 22-24(4.4+). Also includes a software random number generator. </flag> <flag name="non-root"> Force IKEv1/IKEv2 daemons to normal user privileges. This might impose some restrictions mainly to the IKEv1 daemon. Disable only if you really require superuser privileges. </flag> <flag name="openssl"> Enable <pkg>dev-libs/openssl</pkg> plugin which is required for Elliptic Curve Cryptography (DH groups 19-21,25,26) and ECDSA. Also provides 3DES, AES, Blowfish, Camellia, CAST, DES, IDEA and RC5 ciphers along with MD2, MD4, MD5 and SHA1/2 hash algorithms, RSA and DH groups 1,2,5,14-18 and 22-24(4.4+) <pkg>dev-libs/openssl</pkg> has to be compiled with USE="-bindist". </flag> <flag name="pkcs11"> Enable pkcs11 support. </flag> <flag name="strongswan_plugins_led"> Enable support for the led plugin. </flag> <flag name="strongswan_plugins_lookip"> Enable support for the lookip plugin. </flag> <flag name="strongswan_plugins_systime-fix"> Enable support for the systime-fix plugin. </flag> <flag name="strongswan_plugins_unity"> Enable support for the unity plugin. </flag> <flag name="strongswan_plugins_vici"> Enable support for the vici plugin. </flag> <flag name="strongswan_plugins_blowfish"> Enable support for the blowfish plugin. </flag> <flag name="strongswan_plugins_ccm"> Enable support for the ccm plugin. </flag> <flag name="strongswan_plugins_ctr"> Enable support for the ctr plugin. </flag> <flag name="strongswan_plugins_gcm"> Enable support for the gcm plugin. </flag> <flag name="strongswan_plugins_ha"> Enable support for the ha plugin. </flag> <flag name="strongswan_plugins_ipseckey"> Enable support for the ipseckey plugin. </flag> <flag name="strongswan_plugins_ntru"> Enable support for the ntru plugin. </flag> <flag name="strongswan_plugins_padlock"> Enable support for the padlock plugin. </flag> <flag name="strongswan_plugins_rdrand"> Enable support for the rdrand plugin. </flag> <flag name="strongswan_plugins_unbound"> Enable support for the unbound plugin. </flag> <flag name="strongswan_plugins_whitelist"> Enable support for the whitelist plugin. </flag> </use> <upstream> <remote-id type="cpe">cpe:/a:strongswan:strongswan</remote-id> </upstream> </pkgmetadata>