Version 4.2.2

  • Plugins for libstrongswan and charon can optionally be loaded according
    to a configuration in strongswan.conf. Most components provide a
    "load = " option followed by a space separated list of plugins to load.
    This allows e.g. the fallback from a hardware crypto accelerator to
    to software-based crypto plugins.
  • Charons SQL plugin has been extended by a virtual IP address pool.
    Configurations with a rightsourceip=%poolname setting query a SQLite or
    MySQL database for leases. The "ipsec pool" command helps in administrating
    the pool database. See ipsec pool --help for the available options
  • The Authenticated Encryption Algorithms AES-CCM-8/12/16 and AES-GCM-8/12/16
    for ESP are now supported starting with the Linux 2.6.25 kernel. The
    syntax is e.g. esp=aes128ccm12 or esp=aes256gcm16.