From 0ae42b48afb02702140943d04105a991f730c52d Mon Sep 17 00:00:00 2001
From: Avesh Agarwal <avagarwa@redhat.com>
Date: Thu, 22 May 2014 19:52:13 -0400
Subject: [PATCH] New upstream developer release 5.2.0dr4

- Attestation IMV/IMC supports IMA-NG measurement format now
- Aikgen tool to generate an Attestation Identity Key bound
  to a TPM
- PT-EAP transport protocol (RFC 7171) for TNC
- vici plugin provides IKE Configuration Interface for charon
- Enabled support for acert for checking X509 attribute certificate
- Updated patches
- Updated spec file with minor cleanups
---
 .gitignore                     |   3 +
 libstrongswan-973315.patch     |  94 +++++++++----------
 libstrongswan-plugin.patch     |   8 +-
 sources                        |   4 +-
 strongswan-5.1.1-selinux.patch |  18 ++--
 strongswan.spec                | 160 +++++----------------------------
 6 files changed, 87 insertions(+), 200 deletions(-)

diff --git a/.gitignore b/.gitignore
index 10cad65..af8a309 100644
--- a/.gitignore
+++ b/.gitignore
@@ -10,3 +10,6 @@
 /strongswan-5.1.2.tar.bz2
 /strongswan-5.1.3rc1.tar.bz2
 /strongswan-5.1.3.tar.bz2
+/strongswan-5.2.0dr4.tar.bz2
+/strongswan-5.2.0dr4.tar.bz2.md5
+/strongswan-5.2.0dr4.tar.bz2.sig
diff --git a/libstrongswan-973315.patch b/libstrongswan-973315.patch
index 20710b3..95ef320 100644
--- a/libstrongswan-973315.patch
+++ b/libstrongswan-973315.patch
@@ -1,18 +1,18 @@
-diff -urNp strongswan-5.1.1-patched/src/libstrongswan/Makefile.am strongswan-5.1.1-current/src/libstrongswan/Makefile.am
---- strongswan-5.1.1-patched/src/libstrongswan/Makefile.am	2013-11-01 13:12:06.038927154 -0400
-+++ strongswan-5.1.1-current/src/libstrongswan/Makefile.am	2013-12-02 15:22:56.501380158 -0500
-@@ -102,6 +102,8 @@ AM_CFLAGS = \
- AM_LDFLAGS = \
- 	-no-undefined
+diff -urNp strongswan-5.2.0dr4-patched/src/libstrongswan/Makefile.am strongswan-5.2.0dr4-current/src/libstrongswan/Makefile.am
+--- strongswan-5.2.0dr4-patched/src/libstrongswan/Makefile.am	2014-05-22 19:40:16.439463522 -0400
++++ strongswan-5.2.0dr4-current/src/libstrongswan/Makefile.am	2014-05-22 19:41:28.339459127 -0400
+@@ -106,7 +106,7 @@ AM_CFLAGS = \
+ 	@COVERAGE_CFLAGS@
  
-+AM_LDFLAGS = -rdynamic
-+
- if USE_LEAK_DETECTIVE
-   AM_CPPFLAGS += -DLEAK_DETECTIVE
-   libstrongswan_la_SOURCES += utils/leak_detective.c
-diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/cmac/Makefile.am strongswan-5.1.1-current/src/libstrongswan/plugins/cmac/Makefile.am
---- strongswan-5.1.1-patched/src/libstrongswan/plugins/cmac/Makefile.am	2013-11-01 13:12:06.045927153 -0400
-+++ strongswan-5.1.1-current/src/libstrongswan/plugins/cmac/Makefile.am	2013-12-02 15:22:56.502380158 -0500
+ AM_LDFLAGS = \
+-	-no-undefined
++	-no-undefined -rdynamic
+ 
+ AM_YFLAGS = -v -d
+ 
+diff -urNp strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/cmac/Makefile.am strongswan-5.2.0dr4-current/src/libstrongswan/plugins/cmac/Makefile.am
+--- strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/cmac/Makefile.am	2014-05-22 19:40:17.048463484 -0400
++++ strongswan-5.2.0dr4-current/src/libstrongswan/plugins/cmac/Makefile.am	2014-05-22 19:41:01.490460655 -0400
 @@ -13,4 +13,5 @@ endif
  libstrongswan_cmac_la_SOURCES = \
  	cmac_plugin.h cmac_plugin.c cmac.h cmac.c
@@ -21,9 +21,9 @@ diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/cmac/Makefile.am s
 +libstrongswan_cmac_la_LDFLAGS = -no-undefined -module -avoid-version
 +libstrongswan_cmac_la_LIBADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
 \ No newline at end of file
-diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/constraints/Makefile.am strongswan-5.1.1-current/src/libstrongswan/plugins/constraints/Makefile.am
---- strongswan-5.1.1-patched/src/libstrongswan/plugins/constraints/Makefile.am	2013-11-01 13:12:06.054927153 -0400
-+++ strongswan-5.1.1-current/src/libstrongswan/plugins/constraints/Makefile.am	2013-12-02 15:22:56.526380158 -0500
+diff -urNp strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/constraints/Makefile.am strongswan-5.2.0dr4-current/src/libstrongswan/plugins/constraints/Makefile.am
+--- strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/constraints/Makefile.am	2014-05-22 19:40:17.255463471 -0400
++++ strongswan-5.2.0dr4-current/src/libstrongswan/plugins/constraints/Makefile.am	2014-05-22 19:41:01.490460655 -0400
 @@ -14,4 +14,5 @@ libstrongswan_constraints_la_SOURCES = \
  	constraints_plugin.h constraints_plugin.c \
  	constraints_validator.h constraints_validator.c
@@ -31,9 +31,9 @@ diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/constraints/Makefi
 -libstrongswan_constraints_la_LDFLAGS = -module -avoid-version
 +libstrongswan_constraints_la_LDFLAGS = -no-undefined -module -avoid-version
 +libstrongswan_constraints_la_LIBADD =  $(top_builddir)/src/libstrongswan/libstrongswan.la
-diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/hmac/Makefile.am strongswan-5.1.1-current/src/libstrongswan/plugins/hmac/Makefile.am
---- strongswan-5.1.1-patched/src/libstrongswan/plugins/hmac/Makefile.am	2013-11-01 13:12:06.051927153 -0400
-+++ strongswan-5.1.1-current/src/libstrongswan/plugins/hmac/Makefile.am	2013-12-02 15:22:56.526380158 -0500
+diff -urNp strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/hmac/Makefile.am strongswan-5.2.0dr4-current/src/libstrongswan/plugins/hmac/Makefile.am
+--- strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/hmac/Makefile.am	2014-05-22 19:40:17.205463474 -0400
++++ strongswan-5.2.0dr4-current/src/libstrongswan/plugins/hmac/Makefile.am	2014-05-22 19:41:01.491460666 -0400
 @@ -13,4 +13,5 @@ endif
  libstrongswan_hmac_la_SOURCES = \
  	hmac_plugin.h hmac_plugin.c hmac.h hmac.c
@@ -41,9 +41,9 @@ diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/hmac/Makefile.am s
 -libstrongswan_hmac_la_LDFLAGS = -module -avoid-version
 +libstrongswan_hmac_la_LDFLAGS = -no-undefined -module -avoid-version
 +libstrongswan_hmac_la_LIBADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
-diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/nonce/Makefile.am strongswan-5.1.1-current/src/libstrongswan/plugins/nonce/Makefile.am
---- strongswan-5.1.1-patched/src/libstrongswan/plugins/nonce/Makefile.am	2013-11-01 13:12:06.053927153 -0400
-+++ strongswan-5.1.1-current/src/libstrongswan/plugins/nonce/Makefile.am	2013-12-02 15:22:56.527380158 -0500
+diff -urNp strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/nonce/Makefile.am strongswan-5.2.0dr4-current/src/libstrongswan/plugins/nonce/Makefile.am
+--- strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/nonce/Makefile.am	2014-05-22 19:40:17.252463471 -0400
++++ strongswan-5.2.0dr4-current/src/libstrongswan/plugins/nonce/Makefile.am	2014-05-22 19:41:01.491460666 -0400
 @@ -14,4 +14,5 @@ libstrongswan_nonce_la_SOURCES = \
  	nonce_plugin.h nonce_plugin.c \
  	nonce_nonceg.c nonce_nonceg.h
@@ -51,9 +51,9 @@ diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/nonce/Makefile.am
 -libstrongswan_nonce_la_LDFLAGS = -module -avoid-version
 +libstrongswan_nonce_la_LDFLAGS = -no-undefined -module -avoid-version
 +libstrongswan_nonce_la_LIBADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
-diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/openssl/Makefile.am strongswan-5.1.1-current/src/libstrongswan/plugins/openssl/Makefile.am
---- strongswan-5.1.1-patched/src/libstrongswan/plugins/openssl/Makefile.am	2013-11-01 13:12:06.050927153 -0400
-+++ strongswan-5.1.1-current/src/libstrongswan/plugins/openssl/Makefile.am	2013-12-02 15:22:56.527380158 -0500
+diff -urNp strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/openssl/Makefile.am strongswan-5.2.0dr4-current/src/libstrongswan/plugins/openssl/Makefile.am
+--- strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/openssl/Makefile.am	2014-05-22 19:40:17.160463477 -0400
++++ strongswan-5.2.0dr4-current/src/libstrongswan/plugins/openssl/Makefile.am	2014-05-22 19:41:01.491460666 -0400
 @@ -31,5 +31,6 @@ libstrongswan_openssl_la_SOURCES = \
  	openssl_hmac.c openssl_hmac.h \
  	openssl_gcm.c openssl_gcm.h
@@ -63,9 +63,9 @@ diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/openssl/Makefile.a
 +libstrongswan_openssl_la_LDFLAGS = -no-undefined -module -avoid-version
 +libstrongswan_openssl_la_LIBADD  = -lcrypto \
 +	$(top_builddir)/src/libstrongswan/libstrongswan.la
-diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/pem/Makefile.am strongswan-5.1.1-current/src/libstrongswan/plugins/pem/Makefile.am
---- strongswan-5.1.1-patched/src/libstrongswan/plugins/pem/Makefile.am	2013-11-01 13:12:06.045927153 -0400
-+++ strongswan-5.1.1-current/src/libstrongswan/plugins/pem/Makefile.am	2013-12-02 15:22:56.527380158 -0500
+diff -urNp strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/pem/Makefile.am strongswan-5.2.0dr4-current/src/libstrongswan/plugins/pem/Makefile.am
+--- strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/pem/Makefile.am	2014-05-22 19:40:17.073463482 -0400
++++ strongswan-5.2.0dr4-current/src/libstrongswan/plugins/pem/Makefile.am	2014-05-22 19:41:01.492460676 -0400
 @@ -15,4 +15,5 @@ libstrongswan_pem_la_SOURCES = \
  	pem_builder.c pem_builder.h \
  	pem_encoder.c pem_encoder.h
@@ -73,9 +73,9 @@ diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/pem/Makefile.am st
 -libstrongswan_pem_la_LDFLAGS = -module -avoid-version
 +libstrongswan_pem_la_LDFLAGS = -no-undefined -module -avoid-version
 +libstrongswan_pem_la_LIBADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
-diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/pgp/Makefile.am strongswan-5.1.1-current/src/libstrongswan/plugins/pgp/Makefile.am
---- strongswan-5.1.1-patched/src/libstrongswan/plugins/pgp/Makefile.am	2013-11-01 13:12:06.047927153 -0400
-+++ strongswan-5.1.1-current/src/libstrongswan/plugins/pgp/Makefile.am	2013-12-02 15:22:56.528380158 -0500
+diff -urNp strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/pgp/Makefile.am strongswan-5.2.0dr4-current/src/libstrongswan/plugins/pgp/Makefile.am
+--- strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/pgp/Makefile.am	2014-05-22 19:40:17.109463480 -0400
++++ strongswan-5.2.0dr4-current/src/libstrongswan/plugins/pgp/Makefile.am	2014-05-22 19:41:01.492460676 -0400
 @@ -17,4 +17,5 @@ libstrongswan_pgp_la_SOURCES = \
  	pgp_encoder.h pgp_encoder.c \
  	pgp_builder.h pgp_builder.c
@@ -83,9 +83,9 @@ diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/pgp/Makefile.am st
 -libstrongswan_pgp_la_LDFLAGS = -module -avoid-version
 +libstrongswan_pgp_la_LDFLAGS = -no-undefined -module -avoid-version
 +libstrongswan_pgp_la_LIBADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
-diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/random/Makefile.am strongswan-5.1.1-current/src/libstrongswan/plugins/random/Makefile.am
---- strongswan-5.1.1-patched/src/libstrongswan/plugins/random/Makefile.am	2013-11-01 13:12:06.043927154 -0400
-+++ strongswan-5.1.1-current/src/libstrongswan/plugins/random/Makefile.am	2013-12-02 15:22:56.528380158 -0500
+diff -urNp strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/random/Makefile.am strongswan-5.2.0dr4-current/src/libstrongswan/plugins/random/Makefile.am
+--- strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/random/Makefile.am	2014-05-22 19:40:16.967463489 -0400
++++ strongswan-5.2.0dr4-current/src/libstrongswan/plugins/random/Makefile.am	2014-05-22 19:41:01.492460676 -0400
 @@ -16,4 +16,5 @@ libstrongswan_random_la_SOURCES = \
  	random_plugin.h random_plugin.c \
  	random_rng.c random_rng.h
@@ -93,9 +93,9 @@ diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/random/Makefile.am
 -libstrongswan_random_la_LDFLAGS = -module -avoid-version
 +libstrongswan_random_la_LDFLAGS = -no-undefined -module -avoid-version
 +libstrongswan_random_la_LIBADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
-diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/revocation/Makefile.am strongswan-5.1.1-current/src/libstrongswan/plugins/revocation/Makefile.am
---- strongswan-5.1.1-patched/src/libstrongswan/plugins/revocation/Makefile.am	2013-11-01 13:12:06.058927153 -0400
-+++ strongswan-5.1.1-current/src/libstrongswan/plugins/revocation/Makefile.am	2013-12-02 15:22:56.528380158 -0500
+diff -urNp strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/revocation/Makefile.am strongswan-5.2.0dr4-current/src/libstrongswan/plugins/revocation/Makefile.am
+--- strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/revocation/Makefile.am	2014-05-22 19:40:17.315463467 -0400
++++ strongswan-5.2.0dr4-current/src/libstrongswan/plugins/revocation/Makefile.am	2014-05-22 19:41:01.493460692 -0400
 @@ -14,4 +14,5 @@ libstrongswan_revocation_la_SOURCES = \
  	revocation_plugin.h revocation_plugin.c \
  	revocation_validator.h revocation_validator.c
@@ -103,9 +103,9 @@ diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/revocation/Makefil
 -libstrongswan_revocation_la_LDFLAGS = -module -avoid-version
 +libstrongswan_revocation_la_LDFLAGS = -no-undefined -module -avoid-version
 +libstrongswan_revocation_la_LIBADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
-diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/sqlite/Makefile.am strongswan-5.1.1-current/src/libstrongswan/plugins/sqlite/Makefile.am
---- strongswan-5.1.1-patched/src/libstrongswan/plugins/sqlite/Makefile.am	2013-11-01 13:12:06.051927153 -0400
-+++ strongswan-5.1.1-current/src/libstrongswan/plugins/sqlite/Makefile.am	2013-12-02 15:22:56.547380158 -0500
+diff -urNp strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/sqlite/Makefile.am strongswan-5.2.0dr4-current/src/libstrongswan/plugins/sqlite/Makefile.am
+--- strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/sqlite/Makefile.am	2014-05-22 19:40:17.201463474 -0400
++++ strongswan-5.2.0dr4-current/src/libstrongswan/plugins/sqlite/Makefile.am	2014-05-22 19:41:01.493460692 -0400
 @@ -14,5 +14,6 @@ libstrongswan_sqlite_la_SOURCES = \
  	sqlite_plugin.h sqlite_plugin.c \
  	sqlite_database.h sqlite_database.c
@@ -115,9 +115,9 @@ diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/sqlite/Makefile.am
 +libstrongswan_sqlite_la_LDFLAGS = -no-undefined -module -avoid-version
 +libstrongswan_sqlite_la_LIBADD  = -lsqlite3 \
 +	$(top_builddir)/src/libstrongswan/libstrongswan.la
-diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/x509/Makefile.am strongswan-5.1.1-current/src/libstrongswan/plugins/x509/Makefile.am
---- strongswan-5.1.1-patched/src/libstrongswan/plugins/x509/Makefile.am	2013-11-01 13:12:06.056927153 -0400
-+++ strongswan-5.1.1-current/src/libstrongswan/plugins/x509/Makefile.am	2013-12-02 15:22:56.548380158 -0500
+diff -urNp strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/x509/Makefile.am strongswan-5.2.0dr4-current/src/libstrongswan/plugins/x509/Makefile.am
+--- strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/x509/Makefile.am	2014-05-22 19:40:17.278463470 -0400
++++ strongswan-5.2.0dr4-current/src/libstrongswan/plugins/x509/Makefile.am	2014-05-22 19:41:01.494460705 -0400
 @@ -19,4 +19,5 @@ libstrongswan_x509_la_SOURCES = \
  	x509_ocsp_request.h x509_ocsp_request.c \
  	x509_ocsp_response.h x509_ocsp_response.c
@@ -125,9 +125,9 @@ diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/x509/Makefile.am s
 -libstrongswan_x509_la_LDFLAGS = -module -avoid-version
 +libstrongswan_x509_la_LDFLAGS = -no-undefined -module -avoid-version
 +libstrongswan_x509_la_LIBADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
-diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/xcbc/Makefile.am strongswan-5.1.1-current/src/libstrongswan/plugins/xcbc/Makefile.am
---- strongswan-5.1.1-patched/src/libstrongswan/plugins/xcbc/Makefile.am	2013-11-01 13:12:06.059927153 -0400
-+++ strongswan-5.1.1-current/src/libstrongswan/plugins/xcbc/Makefile.am	2013-12-02 15:22:56.561380158 -0500
+diff -urNp strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/xcbc/Makefile.am strongswan-5.2.0dr4-current/src/libstrongswan/plugins/xcbc/Makefile.am
+--- strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/xcbc/Makefile.am	2014-05-22 19:40:17.336463466 -0400
++++ strongswan-5.2.0dr4-current/src/libstrongswan/plugins/xcbc/Makefile.am	2014-05-22 19:41:01.494460705 -0400
 @@ -13,4 +13,5 @@ endif
  libstrongswan_xcbc_la_SOURCES = \
  	xcbc_plugin.h xcbc_plugin.c xcbc.h xcbc.c
diff --git a/libstrongswan-plugin.patch b/libstrongswan-plugin.patch
index f204a1e..346ea5c 100644
--- a/libstrongswan-plugin.patch
+++ b/libstrongswan-plugin.patch
@@ -1,7 +1,7 @@
-diff -urNp strongswan-5.1.1-patched/src/libstrongswan/plugins/plugin_loader.c strongswan-5.1.1-current/src/libstrongswan/plugins/plugin_loader.c
---- strongswan-5.1.1-patched/src/libstrongswan/plugins/plugin_loader.c	2013-11-01 13:12:06.046927153 -0400
-+++ strongswan-5.1.1-current/src/libstrongswan/plugins/plugin_loader.c	2013-11-01 13:16:59.680916657 -0400
-@@ -353,7 +353,7 @@ static plugin_entry_t *load_plugin(priva
+diff -urNp strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/plugin_loader.c strongswan-5.2.0dr4-current/src/libstrongswan/plugins/plugin_loader.c
+--- strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/plugin_loader.c	2014-05-22 16:14:28.740324392 -0400
++++ strongswan-5.2.0dr4-current/src/libstrongswan/plugins/plugin_loader.c	2014-05-22 16:15:20.172305012 -0400
+@@ -354,7 +354,7 @@ static plugin_entry_t *load_plugin(priva
  			return NULL;
  		}
  	}
diff --git a/sources b/sources
index 6c691d4..f8cf90a 100644
--- a/sources
+++ b/sources
@@ -1 +1,3 @@
-1d1c108775242743cd8699215b2918c3  strongswan-5.1.3.tar.bz2
+c5cbf5c4e35682b8fc58ef9d923448a0  strongswan-5.2.0dr4.tar.bz2
+dc37501f9ba6e336e3b8d4f0ce1fbccc  strongswan-5.2.0dr4.tar.bz2.md5
+3b0eba39198074b68c6b67e60d970cc4  strongswan-5.2.0dr4.tar.bz2.sig
diff --git a/strongswan-5.1.1-selinux.patch b/strongswan-5.1.1-selinux.patch
index e599099..05f2407 100644
--- a/strongswan-5.1.1-selinux.patch
+++ b/strongswan-5.1.1-selinux.patch
@@ -1,8 +1,7 @@
-diff --git a/src/charon/charon.c b/src/charon/charon.c
-index 089ac45..b644977 100644
---- a/src/charon/charon.c
-+++ b/src/charon/charon.c
-@@ -226,7 +226,7 @@ static bool check_pidfile()
+diff -urNp strongswan-5.2.0dr4-patched/src/charon/charon.c strongswan-5.2.0dr4-current/src/charon/charon.c
+--- strongswan-5.2.0dr4-patched/src/charon/charon.c	2014-05-22 16:14:28.761324384 -0400
++++ strongswan-5.2.0dr4-current/src/charon/charon.c	2014-05-22 16:19:00.239224819 -0400
+@@ -229,7 +229,7 @@ static bool check_pidfile()
  	}
  
  	/* create new pidfile */
@@ -11,11 +10,10 @@ index 089ac45..b644977 100644
  	if (pidfile)
  	{
  		ignore_result(fchown(fileno(pidfile),
-diff --git a/src/libstrongswan/plugins/random/random_plugin.c b/src/libstrongswan/plugins/random/random_plugin.c
-index 1f10792..c79e87a 100644
---- a/src/libstrongswan/plugins/random/random_plugin.c
-+++ b/src/libstrongswan/plugins/random/random_plugin.c
-@@ -83,7 +83,7 @@ bool random_plugin_get_strong_equals_true()
+diff -urNp strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/random/random_plugin.c strongswan-5.2.0dr4-current/src/libstrongswan/plugins/random/random_plugin.c
+--- strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/random/random_plugin.c	2014-05-22 16:14:28.738324392 -0400
++++ strongswan-5.2.0dr4-current/src/libstrongswan/plugins/random/random_plugin.c	2014-05-22 16:19:00.239224819 -0400
+@@ -83,7 +83,7 @@ bool random_plugin_get_strong_equals_tru
   */
  static bool open_dev(char *file, int *fd)
  {
diff --git a/strongswan.spec b/strongswan.spec
index 6bc870f..08f50cd 100644
--- a/strongswan.spec
+++ b/strongswan.spec
@@ -1,9 +1,9 @@
 %global _hardened_build 1
 
 Name:           strongswan
-Version:        5.1.3
-Release: 1%{?dist}
-Summary:        An OpenSource IPsec-based VPN Solution
+Version:        5.2.0dr4
+Release:        1%{?dist}
+Summary:        An OpenSource IPsec-based VPN and TNC solution
 Group:          System Environment/Daemons
 License:        GPLv2+
 URL:            http://www.strongswan.org/
@@ -129,7 +129,9 @@ autoreconf
     --enable-eap-radius \
     --enable-curl \
     --enable-eap-identity \
-    --enable-cmd
+    --enable-cmd \
+    --enable-acert \
+    --enable-aikgen
 make %{?_smp_mflags}
 
 %install
@@ -252,6 +254,7 @@ fi
 %{_libdir}/%{name}/plugins/lib%{name}-dhcp.so
 %{_libdir}/%{name}/plugins/lib%{name}-curl.so
 %{_libdir}/%{name}/plugins/lib%{name}-eap-identity.so
+%{_libdir}/%{name}/plugins/lib%{name}-acert.so
 %dir %{_libexecdir}/%{name}
 %{_libexecdir}/%{name}/_copyright
 %{_libexecdir}/%{name}/_updown
@@ -263,7 +266,7 @@ fi
 %{_libexecdir}/%{name}/_imv_policy
 %{_libexecdir}/%{name}/imv_policy_manager
 %{_libexecdir}/%{name}/pki
-#%{_bindir}/%{name}-pki
+%{_libexecdir}/%{name}/aikgen
 %{_sbindir}/charon-cmd
 %{_sbindir}/%{name}
 %{_mandir}/man1/%{name}_pki*.1.gz
@@ -275,139 +278,9 @@ fi
 %{_mandir}/man8/%{name}__updown_espmark.8.gz
 %{_mandir}/man8/%{name}_scepclient.8.gz
 %{_mandir}/man8/%{name}_charon-cmd.8.gz
-%{_sysconfdir}/%{name}/%{name}.d/attest.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon-logging.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/aes.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/attr.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/cmac.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/constraints.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/curl.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/des.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/dhcp.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/dnskey.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/eap-gtc.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/eap-identity.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/eap-md5.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/eap-mschapv2.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/eap-peap.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/eap-radius.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/eap-tls.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/eap-tnc.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/eap-ttls.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/farp.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/fips-prf.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/gmp.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/hmac.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/kernel-netlink.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/md4.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/md5.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/nonce.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/openssl.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/pem.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/pgp.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/pkcs1.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/pkcs12.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/pkcs7.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/pkcs8.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/pubkey.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/random.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/rc2.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/resolve.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/revocation.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/sha1.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/sha2.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/socket-default.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/sqlite.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/sshkey.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/stroke.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/tnc-ifmap.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/tnc-imc.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/tnc-imv.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/tnc-pdp.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/tnc-tnccs.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/tnccs-11.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/tnccs-20.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/tnccs-dynamic.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/updown.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/x509.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/xauth-eap.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/xauth-generic.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/xauth-pam.conf
-%{_sysconfdir}/%{name}/%{name}.d/charon/xcbc.conf
-%{_sysconfdir}/%{name}/%{name}.d/imcv.conf
-%{_sysconfdir}/%{name}/%{name}.d/pacman.conf
-%{_sysconfdir}/%{name}/%{name}.d/starter.conf
-%{_sysconfdir}/%{name}/%{name}.d/tnc.conf
-%{_sysconfdir}/%{name}/%{name}.d/tools.conf
-%{_datadir}/%{name}/templates/config/plugins/aes.conf
-%{_datadir}/%{name}/templates/config/plugins/attr.conf
-%{_datadir}/%{name}/templates/config/plugins/cmac.conf
-%{_datadir}/%{name}/templates/config/plugins/constraints.conf
-%{_datadir}/%{name}/templates/config/plugins/curl.conf
-%{_datadir}/%{name}/templates/config/plugins/des.conf
-%{_datadir}/%{name}/templates/config/plugins/dhcp.conf
-%{_datadir}/%{name}/templates/config/plugins/dnskey.conf
-%{_datadir}/%{name}/templates/config/plugins/eap-gtc.conf
-%{_datadir}/%{name}/templates/config/plugins/eap-identity.conf
-%{_datadir}/%{name}/templates/config/plugins/eap-md5.conf
-%{_datadir}/%{name}/templates/config/plugins/eap-mschapv2.conf
-%{_datadir}/%{name}/templates/config/plugins/eap-peap.conf
-%{_datadir}/%{name}/templates/config/plugins/eap-radius.conf
-%{_datadir}/%{name}/templates/config/plugins/eap-tls.conf
-%{_datadir}/%{name}/templates/config/plugins/eap-tnc.conf
-%{_datadir}/%{name}/templates/config/plugins/eap-ttls.conf
-%{_datadir}/%{name}/templates/config/plugins/farp.conf
-%{_datadir}/%{name}/templates/config/plugins/fips-prf.conf
-%{_datadir}/%{name}/templates/config/plugins/gmp.conf
-%{_datadir}/%{name}/templates/config/plugins/hmac.conf
-%{_datadir}/%{name}/templates/config/plugins/kernel-netlink.conf
-%{_datadir}/%{name}/templates/config/plugins/md4.conf
-%{_datadir}/%{name}/templates/config/plugins/md5.conf
-%{_datadir}/%{name}/templates/config/plugins/nonce.conf
-%{_datadir}/%{name}/templates/config/plugins/openssl.conf
-%{_datadir}/%{name}/templates/config/plugins/pem.conf
-%{_datadir}/%{name}/templates/config/plugins/pgp.conf
-%{_datadir}/%{name}/templates/config/plugins/pkcs1.conf
-%{_datadir}/%{name}/templates/config/plugins/pkcs12.conf
-%{_datadir}/%{name}/templates/config/plugins/pkcs7.conf
-%{_datadir}/%{name}/templates/config/plugins/pkcs8.conf
-%{_datadir}/%{name}/templates/config/plugins/pubkey.conf
-%{_datadir}/%{name}/templates/config/plugins/random.conf
-%{_datadir}/%{name}/templates/config/plugins/rc2.conf
-%{_datadir}/%{name}/templates/config/plugins/resolve.conf
-%{_datadir}/%{name}/templates/config/plugins/revocation.conf
-%{_datadir}/%{name}/templates/config/plugins/sha1.conf
-%{_datadir}/%{name}/templates/config/plugins/sha2.conf
-%{_datadir}/%{name}/templates/config/plugins/socket-default.conf
-%{_datadir}/%{name}/templates/config/plugins/sqlite.conf
-%{_datadir}/%{name}/templates/config/plugins/sshkey.conf
-%{_datadir}/%{name}/templates/config/plugins/stroke.conf
-%{_datadir}/%{name}/templates/config/plugins/tnc-ifmap.conf
-%{_datadir}/%{name}/templates/config/plugins/tnc-imc.conf
-%{_datadir}/%{name}/templates/config/plugins/tnc-imv.conf
-%{_datadir}/%{name}/templates/config/plugins/tnc-pdp.conf
-%{_datadir}/%{name}/templates/config/plugins/tnc-tnccs.conf
-%{_datadir}/%{name}/templates/config/plugins/tnccs-11.conf
-%{_datadir}/%{name}/templates/config/plugins/tnccs-20.conf
-%{_datadir}/%{name}/templates/config/plugins/tnccs-dynamic.conf
-%{_datadir}/%{name}/templates/config/plugins/updown.conf
-%{_datadir}/%{name}/templates/config/plugins/x509.conf
-%{_datadir}/%{name}/templates/config/plugins/xauth-eap.conf
-%{_datadir}/%{name}/templates/config/plugins/xauth-generic.conf
-%{_datadir}/%{name}/templates/config/plugins/xauth-pam.conf
-%{_datadir}/%{name}/templates/config/plugins/xcbc.conf
-%{_datadir}/%{name}/templates/config/%{name}.conf
-%{_datadir}/%{name}/templates/config/%{name}.d/attest.conf
-%{_datadir}/%{name}/templates/config/%{name}.d/charon-logging.conf
-%{_datadir}/%{name}/templates/config/%{name}.d/charon.conf
-%{_datadir}/%{name}/templates/config/%{name}.d/imcv.conf
-%{_datadir}/%{name}/templates/config/%{name}.d/pacman.conf
-%{_datadir}/%{name}/templates/config/%{name}.d/starter.conf
-%{_datadir}/%{name}/templates/config/%{name}.d/tnc.conf
-%{_datadir}/%{name}/templates/config/%{name}.d/tools.conf
-%{_datadir}/%{name}/templates/database/imv/data.sql
-%{_datadir}/%{name}/templates/database/imv/tables.sql
+%{_sysconfdir}/%{name}/%{name}.d/
+%{_datadir}/%{name}/templates/config/
+%{_datadir}/%{name}/templates/database/
 
 %files tnc-imcvs
 %dir %{_libdir}/%{name}
@@ -459,6 +332,17 @@ fi
 %endif
 
 %changelog
+* Thu May 22 2014 Avesh Agarwal <avagarwa@redhat.com> - 5.2.0dr4-1
+- New upstream developer release 5.2.0dr4
+- Attestation IMV/IMC supports IMA-NG measurement format now
+- Aikgen tool to generate an Attestation Identity Key bound
+  to a TPM
+- PT-EAP transport protocol (RFC 7171) for TNC
+- vici plugin provides IKE Configuration Interface for charon
+- Enabled support for acert for checking X509 attribute certificate
+- Updated patches
+- Updated spec file with minor cleanups
+
 * Tue Apr 15 2014 Pavel Šimerda <psimerda@redhat.com> - 5.1.3-1
 - new version 5.1.3