OSDN -- 开发和下载开源软件
简体中文翻译状态 translation status for zh

RSS
Download List

项目描述

strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.

系统要求

System requirement is not defined
Information regarding Project Releases and Project Resources. Note that the information here is a quote from Freecode.com page, and the downloads themselves may not be hosted on OSDN.

2013-02-12 22:42
5.0.2

StrongSwan 受信任网络连接功能支持 IETF 标准 PA 与跨国公司的所有属性和新的 OS IMC/IMV 对使用这些属性来传输 Linux 或者 Android 操作系统信息。通过支持 PKCS #7 证书容器和遗留的 NAT 遍历协议改进了与 Windows XP 的互操作性。测试框架已经从用户模式 Linux 迁移到 KVM,使它更快和更可靠。
标签: Major feature enhancements
The strongSwan Trusted Network Connect functionality supports all IETF Standard PA-TNC attributes and a new OS IMC/IMV pair using these attributes to transfer Linux or Android operating system information. Interoperability with Windows XP has been improved by supporting PKCS#7 certificate containers and legacy NAT traversal protocols. The test framework has been migrated from User Mode Linux to KVM, making it faster and more robust.

2012-10-05 07:29
5.0.1

现在,leftsourceip 选项接受一个逗号分隔的 %config6%config4 组合或固定的 IP 地址,从响应方请求。同样,rightsourceip 选项接受多个显式指定或被引用的已命名的地址池。基于 TPM 的远程认证已扩展来验证所做的 Linux 完整性测量体系结构 (IMA) 的完成测量。引用达 10'000 Linux 系统文件的哈希值存储在 SQLite 数据库中。
标签: Minor feature enhancements
The leftsourceip option now accepts a comma separated combination of %config4, %config6, or fixed IP addresses to request from the responder. Likewise, the rightsourceip option accepts multiple explicitly specified or referenced named address pools. TPM-based remote attestation has been extended to verify the complete measurements done by the Linux Integrity Measurement Architecture (IMA). Reference hash values of up to 10'000 Linux system files are stored in an SQLite database.

2012-07-03 06:17
5.0.0

IKEv1 协议是从零开始重新实现由扩展成功 IKEv2 代码。卡戎键控守护进程现在支持两种协议,允许老 IKEv1 冥王星守护进程将被删除。已添加支持的 IKEv1 进取和混合模式。
标签: major release
The IKEv1 protocol was re-implemented from scratch by extending the successful IKEv2 code. The charon keying daemon now supports both protocols, which allowed the old IKEv1 pluto daemon to be removed. Support for the IKEv1 Aggressive and Hybrid Modes has been added.

2012-05-03 06:45
4.6.3

扩展的 EAP 半径接口允许一个强制使用的 RFC4478 重复身份验证的会话超时属性和行为后半径动态授权扩展 (RFC 5176)。目前支持是断开连接的请求和 CoA 消息包含会话超时。跨国公司 pdp 插件实现 RADIUS 服务器界面允许 strongSwan 跨国公司服务器作为策略决策点。
标签: Minor feature enhancements
An extended EAP-RADIUS interfaces allows one to enforce Session-Timeout attributes using RFC4478 repeated authentication, and acts upon RADIUS Dynamic Authorization extensions (RFC 5176). Currently supported are disconnect requests and CoA messages containing a Session-Timeout. The tnc-pdp plugin implements a RADIUS server interface allowing a strongSwan TNC server to act as a Policy Decision Point.

2012-02-21 20:19
4.6.2

实施了受信任计算组认证平台信任服务 (PTS) 协议。基于 TPM 的远程认证的 Linux IMA (完整性测量体系结构) 现在是可能的。测量参考值将自动存储在 SQLite 数据库中。RADIUS 记帐界面提供了支持的编码的 PKCS #8 私人密钥。
标签: major new features
The Trusted Computing Group Attestation Platform Trust Service (PTS) protocol was implemented. TPM-based remote attestation of Linux IMA (Integrity Measurement Architecture) is now possible. Measurement reference values are automatically stored in a SQLite database. A RADIUS accounting interface was provided along with support for PKCS#8 encoded private keys.

Project Resources

Project Page 下载: Bugtracker 下载: bzip2 下载: 变更日志 下载: Demo 首页 下载: TGZ