Package: strongswan Version: 4.2.4-3 Severity: normal strongswan 4.1.10-1 and earlier were compiled with libcurl support, and were able to update cached crls if so configured. 4.2.4-3 does not have libcurl support, and connections fail if crls are expired:
002 "localnets" #1: crl update is overdue since Aug 25 07:18:28 UTC 2008 002 "localnets" #1: fetch failed: warning: not compiled with libcurl support 002 "localnets" #1: fetch failed: warning: not compiled with libcurl support 002 "localnets" #1: fetch failed: warning: not compiled with libcurl support 002 "localnets" #1: fetch failed: warning: not compiled with libcurl support 002 "localnets" #1: X.509 certificate rejected 003 "localnets" #1: no RSA public key known for 'XXX' 217 "localnets" #1: STATE_MAIN_I3: INVALID_KEY_INFORMATION 002 "localnets" #1: sending encrypted notification INVALID_KEY_INFORMATION to XXX.XXX.XXX.XXX:4500 003 "localnets" #1: ignoring Delete SA payload: ISAKMP SA not established 031 "localnets" #1: max number of retransmissions (2) reached STATE_MAIN_I3. Possible authentication failure: no acceptable response to our first encrypted message 000 "localnets" #1: starting keying attempt 2 of at most 3, but releasing whack -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages strongswan depends on: ii bind9-host [host] 1:9.5.0.dfsg.P2-1 Version of 'host' bundled with BIN ii bsdmainutils 6.1.10 collection of more utilities from ii dbus 1.2.1-3 simple interprocess messaging syst ii debconf [debconf-2.0] 1.5.22 Debian configuration management sy ii debianutils 2.30 Miscellaneous utilities specific t ii iproute 20080725-2 networking and traffic control too ii ipsec-tools 1:0.7-2.1 IPsec tools for Linux ii libc6 2.7-13 GNU C Library: Shared libraries ii libfcgi0ldbl 2.4.0-7 Shared library of FastCGI ii libgmp3c2 2:4.2.2+dfsg-3 Multiprecision arithmetic library ii libldap-2.4-2 2.4.10-3 OpenLDAP libraries ii libssl0.9.8 0.9.8g-13 SSL shared libraries ii libxml2 2.6.32.dfsg-3 GNOME XML library ii openssl 0.9.8g-13 Secure Socket Layer (SSL) binary a ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime strongswan recommends no packages. Versions of packages strongswan suggests: ii curl 7.18.2-5 Get a file from an HTTP, HTTPS or -- debconf-show failed -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
