From 80bb1ce4b24ec07b78ef2896b467e1e60dc06e91 Mon Sep 17 00:00:00 2001
From: Avesh Agarwal <avagarwa@redhat.com>
Date: Wed, 7 Aug 2013 16:04:59 -0400
Subject: [PATCH] rhbz#981429: New upstream release

- Fixes CVE-2013-5018: rhbz#991216, rhbz#991215
- Fixes rhbz#991859 failed to build in rawhide
- Updated local patches and removed which are not needed
- Fixed errors around charon-nm
- Added plugins libstrongswan-pkcs12.so, libstrongswan-rc2.so,
  libstrongswan-sshkey.so
- Added utility imv_policy_manager
---
 .gitignore                                    |   1 +
 libimcv-attestatiom-imv-crash.patch           |  27 --
 libstrongswan-plugin.patch                    |  10 +-
 libstrongswan-settings-debug.patch            |  12 +-
 sources                                       |   2 +-
 ...-scepclient-to-strongswan-scepclient.patch |  25 --
 ...ge-ipsec-updown-to-strongswan-updown.patch |  25 --
 strongswan-init.patch                         | 257 +++++++++---------
 strongswan-pts-ecp-disable.patch              |   6 +-
 ...40cac68f83c77d981368a4c041eb620310ed.patch |  26 --
 strongswan.spec                               |  29 +-
 11 files changed, 160 insertions(+), 260 deletions(-)
 delete mode 100644 libimcv-attestatiom-imv-crash.patch
 delete mode 100644 strongswan-Change-ipsec-scepclient-to-strongswan-scepclient.patch
 delete mode 100644 strongswan-Change-ipsec-updown-to-strongswan-updown.patch
 delete mode 100644 strongswan.git-71d740cac68f83c77d981368a4c041eb620310ed.patch

diff --git a/.gitignore b/.gitignore
index d316010..ee1d37e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,3 +4,4 @@
 /strongswan-5.0.2.tar.bz2
 /strongswan-5.0.3.tar.bz2
 /strongswan-5.0.4.tar.bz2
+/strongswan-5.1.0.tar.bz2
diff --git a/libimcv-attestatiom-imv-crash.patch b/libimcv-attestatiom-imv-crash.patch
deleted file mode 100644
index 825ce81..0000000
--- a/libimcv-attestatiom-imv-crash.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-diff -urNp strongswan-5.0.4-patched/src/libpts/plugins/imv_attestation/imv_attestation.c strongswan-5.0.4-current/src/libpts/plugins/imv_attestation/imv_attestation.c
---- strongswan-5.0.4-patched/src/libpts/plugins/imv_attestation/imv_attestation.c	2013-05-01 15:50:51.331560749 -0400
-+++ strongswan-5.0.4-current/src/libpts/plugins/imv_attestation/imv_attestation.c	2013-06-28 11:10:30.703893643 -0400
-@@ -90,11 +90,6 @@ TNC_Result TNC_IMV_Initialize(TNC_IMVID
- 		DBG1(DBG_IMV, "IMV \"%s\" has already been initialized", imv_name);
- 		return TNC_RESULT_ALREADY_INITIALIZED;
- 	}
--	if (!pts_meas_algo_probe(&supported_algorithms) ||
--		!pts_dh_group_probe(&supported_dh_groups))
--	{
--		return TNC_RESULT_FATAL;
--	}
- 	imv_attestation = imv_agent_create(imv_name, msg_types, countof(msg_types),
- 									   imv_id, actual_version);
- 	if (!imv_attestation)
-@@ -104,6 +99,11 @@ TNC_Result TNC_IMV_Initialize(TNC_IMVID
- 
- 	libpts_init();
- 
-+	if (!pts_meas_algo_probe(&supported_algorithms) ||
-+		!pts_dh_group_probe(&supported_dh_groups))
-+	{
-+		return TNC_RESULT_FATAL;
-+	}
- 	if (min_version > TNC_IFIMV_VERSION_1 || max_version < TNC_IFIMV_VERSION_1)
- 	{
- 		DBG1(DBG_IMV, "no common IF-IMV version");
diff --git a/libstrongswan-plugin.patch b/libstrongswan-plugin.patch
index 0f4dc32..ce0951d 100644
--- a/libstrongswan-plugin.patch
+++ b/libstrongswan-plugin.patch
@@ -1,8 +1,8 @@
-diff -urNp strongswan-5.0.4-patched/src/libstrongswan/plugins/plugin_loader.c strongswan-5.0.4-current/src/libstrongswan/plugins/plugin_loader.c
---- strongswan-5.0.4-patched/src/libstrongswan/plugins/plugin_loader.c	2013-05-01 15:50:51.375560719 -0400
-+++ strongswan-5.0.4-current/src/libstrongswan/plugins/plugin_loader.c	2013-05-22 16:30:24.121091911 -0400
-@@ -267,7 +267,7 @@ static bool load_plugin(private_plugin_l
- 			return FALSE;
+diff -urNp strongswan-5.1.0-patched/src/libstrongswan/plugins/plugin_loader.c strongswan-5.1.0-current/src/libstrongswan/plugins/plugin_loader.c
+--- strongswan-5.1.0-patched/src/libstrongswan/plugins/plugin_loader.c	2013-08-06 17:16:36.266031511 -0400
++++ strongswan-5.1.0-current/src/libstrongswan/plugins/plugin_loader.c	2013-08-06 17:49:15.703354848 -0400
+@@ -353,7 +353,7 @@ static plugin_entry_t *load_plugin(priva
+ 			return NULL;
  		}
  	}
 -	handle = dlopen(file, RTLD_LAZY);
diff --git a/libstrongswan-settings-debug.patch b/libstrongswan-settings-debug.patch
index f7cb93f..66bca56 100644
--- a/libstrongswan-settings-debug.patch
+++ b/libstrongswan-settings-debug.patch
@@ -1,7 +1,7 @@
-diff -urNp strongswan-5.0.4-patched/src/libstrongswan/utils/settings.c strongswan-5.0.4-current/src/libstrongswan/utils/settings.c
---- strongswan-5.0.4-patched/src/libstrongswan/utils/settings.c	2013-05-01 15:50:51.337560745 -0400
-+++ strongswan-5.0.4-current/src/libstrongswan/utils/settings.c	2013-06-18 13:13:27.801428152 -0400
-@@ -940,7 +940,7 @@ static bool parse_file(linked_list_t *co
+diff -urNp strongswan-5.1.0-patched/src/libstrongswan/utils/settings.c strongswan-5.1.0-current/src/libstrongswan/utils/settings.c
+--- strongswan-5.1.0-patched/src/libstrongswan/utils/settings.c	2013-08-06 17:16:36.244031484 -0400
++++ strongswan-5.1.0-current/src/libstrongswan/utils/settings.c	2013-08-06 17:52:43.272606717 -0400
+@@ -960,7 +960,7 @@ static bool parse_file(linked_list_t *co
  	{
  		if (errno == ENOENT)
  		{
@@ -10,7 +10,7 @@ diff -urNp strongswan-5.0.4-patched/src/libstrongswan/utils/settings.c strongswa
  			return TRUE;
  		}
  		DBG1(DBG_LIB, "failed to stat '%s': %s", file, strerror(errno));
-@@ -1003,7 +1003,7 @@ static bool parse_files(linked_list_t *c
+@@ -1023,7 +1023,7 @@ static bool parse_files(linked_list_t *c
  
  	if (!strlen(pattern))
  	{
@@ -19,7 +19,7 @@ diff -urNp strongswan-5.0.4-patched/src/libstrongswan/utils/settings.c strongswa
  		return TRUE;
  	}
  
-@@ -1035,7 +1035,7 @@ static bool parse_files(linked_list_t *c
+@@ -1055,7 +1055,7 @@ static bool parse_files(linked_list_t *c
  		status = glob(pat, GLOB_ERR, NULL, &buf);
  		if (status == GLOB_NOMATCH)
  		{
diff --git a/sources b/sources
index c5e1904..388cdfe 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-0ab0397b44b197febfd0f89148344035  strongswan-5.0.4.tar.bz2
+c1cd0a3ba9960f590cae28c8470800e8  strongswan-5.1.0.tar.bz2
diff --git a/strongswan-Change-ipsec-scepclient-to-strongswan-scepclient.patch b/strongswan-Change-ipsec-scepclient-to-strongswan-scepclient.patch
deleted file mode 100644
index ca4e05e..0000000
--- a/strongswan-Change-ipsec-scepclient-to-strongswan-scepclient.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From c282e8fa3c55a9d0046a3119d7b2a3fe07d83c37 Mon Sep 17 00:00:00 2001
-From: Jamie Nguyen <j@jamielinux.com>
-Date: Mon, 15 Jul 2013 22:31:34 +0100
-Subject: [PATCH] Change 'ipsec scepclient' to 'strongswan scepclent'
-
----
- src/starter/starter.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/starter/starter.c b/src/starter/starter.c
-index 917e52d..868b224 100644
---- a/src/starter/starter.c
-+++ b/src/starter/starter.c
-@@ -293,7 +293,7 @@ static void generate_selfcert()
- #endif
- 		setegid(gid);
- 		seteuid(uid);
--		ignore_result(system("ipsec scepclient --out pkcs1 --out cert-self --quiet"));
-+		ignore_result(system("strongswan scepclient --out pkcs1 --out cert-self --quiet"));
- 		seteuid(0);
- 		setegid(0);
- 
--- 
-1.8.3.1
-
diff --git a/strongswan-Change-ipsec-updown-to-strongswan-updown.patch b/strongswan-Change-ipsec-updown-to-strongswan-updown.patch
deleted file mode 100644
index 2f62d39..0000000
--- a/strongswan-Change-ipsec-updown-to-strongswan-updown.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From daa81c04068956ff34fb0efb72956401969a8d9b Mon Sep 17 00:00:00 2001
-From: Jamie Nguyen <j@jamielinux.com>
-Date: Mon, 15 Jul 2013 13:42:14 +0100
-Subject: [PATCH] Change 'ipsec _updown' to 'strongswan _updown'
-
----
- src/starter/confread.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/starter/confread.c b/src/starter/confread.c
-index f0f05b0..ffd44c0 100644
---- a/src/starter/confread.c
-+++ b/src/starter/confread.c
-@@ -38,7 +38,7 @@
- static const char ike_defaults[] = "aes128-sha1-modp2048,3des-sha1-modp1536";
- static const char esp_defaults[] = "aes128-sha1,3des-sha1";
- 
--static const char firewall_defaults[] = "ipsec _updown iptables";
-+static const char firewall_defaults[] = "strongswan _updown iptables";
- 
- static bool daemon_exists(char *daemon, char *path)
- {
--- 
-1.8.3.1
-
diff --git a/strongswan-init.patch b/strongswan-init.patch
index 89317f8..ccd653a 100644
--- a/strongswan-init.patch
+++ b/strongswan-init.patch
@@ -1,130 +1,7 @@
-Index: strongswan-5.0.0/init/Makefile.am
-===================================================================
---- strongswan-5.0.0.orig/init/Makefile.am
-+++ strongswan-5.0.0/init/Makefile.am
-@@ -1,5 +1,5 @@
- 
--SUBDIRS =
-+SUBDIRS = sysvinit
- 
- if HAVE_SYSTEMD
-   SUBDIRS += systemd
-Index: strongswan-5.0.0/init/sysvinit/Makefile.am
-===================================================================
---- /dev/null
-+++ strongswan-5.0.0/init/sysvinit/Makefile.am
-@@ -0,0 +1 @@
-+noinst_DATA = strongswan
-Index: strongswan-5.0.0/init/sysvinit/strongswan.in
-===================================================================
---- /dev/null
-+++ strongswan-5.0.0/init/sysvinit/strongswan.in
-@@ -0,0 +1,100 @@
-+#!/bin/sh
-+#
-+# strongswan   An implementation of key management system for IPsec
-+#
-+# chkconfig:   - 48 52
-+# description: Starts or stops the Strongswan daemon.
-+
-+### BEGIN INIT INFO
-+# Provides: ipsec
-+# Required-Start: $network $remote_fs $syslog $named
-+# Required-Stop: $syslog $remote_fs
-+# Default-Start:
-+# Default-Stop: 0 1 6
-+# Short-Description: Start Strongswan daemons at boot time
-+### END INIT INFO
-+
-+# Source function library.
-+. /etc/rc.d/init.d/functions
-+
-+exec="@sbindir@/@ipsec_script@"
-+prog="strongswan"
-+status_prog="starter"
-+config="/etc/strongswan/strongswan.conf"
-+
-+lockfile=/var/lock/subsys/$prog
-+
-+start() {
-+    [ -x $exec ] || exit 5
-+    [ -f $config ] || exit 6
-+    echo -n $"Starting $prog: "
-+    daemon $exec start
-+    retval=$?
-+    echo
-+    [ $retval -eq 0 ] && touch $lockfile
-+    return $retval
-+}
-+
-+stop() {
-+    echo -n $"Stopping $prog: "
-+    $exec stop
-+    retval=$?
-+    echo
-+    [ $retval -eq 0 ] && rm -f $lockfile
-+    return $retval
-+}
-+
-+restart() {
-+    stop
-+    start
-+}
-+
-+reload() {
-+    restart
-+}
-+
-+force_reload() {
-+    restart
-+}
-+
-+_status() {
-+    # run checks to determine if the service is running or use generic status
-+    status $status_prog
-+}
-+
-+_status_q() {
-+    _status >/dev/null 2>&1
-+}
-+
-+
-+case "$1" in
-+    start)
-+        _status_q && exit 0
-+        $1
-+        ;;
-+    stop)
-+        _status_q || exit 0
-+        $1
-+        ;;
-+    restart)
-+        $1
-+        ;;
-+    reload)
-+        _status_q || exit 7
-+        $1
-+        ;;
-+    force-reload)
-+        force_reload
-+        ;;
-+    status)
-+        _status
-+        ;;
-+    condrestart|try-restart)
-+        _status_q || exit 0
-+        restart
-+        ;;
-+    *)
-+        echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
-+        exit 2
-+esac
-+exit $?
-Index: strongswan-5.0.0/configure.in
-===================================================================
---- strongswan-5.0.0.orig/configure.in
-+++ strongswan-5.0.0/configure.in
-@@ -1082,6 +1082,8 @@ AC_OUTPUT(
+diff -urNp strongswan-5.1.0-patched/configure.ac strongswan-5.1.0-current/configure.ac
+--- strongswan-5.1.0-patched/configure.ac	2013-08-06 17:16:36.279031528 -0400
++++ strongswan-5.1.0-current/configure.ac	2013-08-06 17:35:01.750380445 -0400
+@@ -1311,6 +1311,8 @@ AC_CONFIG_FILES([
  	man/Makefile
  	init/Makefile
  	init/systemd/Makefile
@@ -133,10 +10,24 @@ Index: strongswan-5.0.0/configure.in
  	src/Makefile
  	src/include/Makefile
  	src/libstrongswan/Makefile
-Index: strongswan-5.0.0/init/sysvinit/strongswan
-===================================================================
---- /dev/null
-+++ strongswan-5.0.0/init/sysvinit/strongswan
+diff -urNp strongswan-5.1.0-patched/init/Makefile.am strongswan-5.1.0-current/init/Makefile.am
+--- strongswan-5.1.0-patched/init/Makefile.am	2013-08-06 17:16:36.279031528 -0400
++++ strongswan-5.1.0-current/init/Makefile.am	2013-08-06 17:36:19.905472912 -0400
+@@ -1,5 +1,5 @@
+ 
+-SUBDIRS =
++SUBDIRS = sysvinit
+ 
+ if HAVE_SYSTEMD
+   SUBDIRS += systemd
+diff -urNp strongswan-5.1.0-patched/init/sysvinit/Makefile.am strongswan-5.1.0-current/init/sysvinit/Makefile.am
+--- strongswan-5.1.0-patched/init/sysvinit/Makefile.am	1969-12-31 19:00:00.000000000 -0500
++++ strongswan-5.1.0-current/init/sysvinit/Makefile.am	2013-07-31 15:56:21.919959000 -0400
+@@ -0,0 +1 @@
++noinst_DATA = strongswan
+diff -urNp strongswan-5.1.0-patched/init/sysvinit/strongswan strongswan-5.1.0-current/init/sysvinit/strongswan
+--- strongswan-5.1.0-patched/init/sysvinit/strongswan	1969-12-31 19:00:00.000000000 -0500
++++ strongswan-5.1.0-current/init/sysvinit/strongswan	2013-07-31 15:56:21.920958000 -0400
 @@ -0,0 +1,100 @@
 +#!/bin/sh
 +#
@@ -238,3 +129,107 @@ Index: strongswan-5.0.0/init/sysvinit/strongswan
 +        exit 2
 +esac
 +exit $?
+diff -urNp strongswan-5.1.0-patched/init/sysvinit/strongswan.in strongswan-5.1.0-current/init/sysvinit/strongswan.in
+--- strongswan-5.1.0-patched/init/sysvinit/strongswan.in	1969-12-31 19:00:00.000000000 -0500
++++ strongswan-5.1.0-current/init/sysvinit/strongswan.in	2013-07-31 15:56:21.919959000 -0400
+@@ -0,0 +1,100 @@
++#!/bin/sh
++#
++# strongswan   An implementation of key management system for IPsec
++#
++# chkconfig:   - 48 52
++# description: Starts or stops the Strongswan daemon.
++
++### BEGIN INIT INFO
++# Provides: ipsec
++# Required-Start: $network $remote_fs $syslog $named
++# Required-Stop: $syslog $remote_fs
++# Default-Start:
++# Default-Stop: 0 1 6
++# Short-Description: Start Strongswan daemons at boot time
++### END INIT INFO
++
++# Source function library.
++. /etc/rc.d/init.d/functions
++
++exec="@sbindir@/@ipsec_script@"
++prog="strongswan"
++status_prog="starter"
++config="/etc/strongswan/strongswan.conf"
++
++lockfile=/var/lock/subsys/$prog
++
++start() {
++    [ -x $exec ] || exit 5
++    [ -f $config ] || exit 6
++    echo -n $"Starting $prog: "
++    daemon $exec start
++    retval=$?
++    echo
++    [ $retval -eq 0 ] && touch $lockfile
++    return $retval
++}
++
++stop() {
++    echo -n $"Stopping $prog: "
++    $exec stop
++    retval=$?
++    echo
++    [ $retval -eq 0 ] && rm -f $lockfile
++    return $retval
++}
++
++restart() {
++    stop
++    start
++}
++
++reload() {
++    restart
++}
++
++force_reload() {
++    restart
++}
++
++_status() {
++    # run checks to determine if the service is running or use generic status
++    status $status_prog
++}
++
++_status_q() {
++    _status >/dev/null 2>&1
++}
++
++
++case "$1" in
++    start)
++        _status_q && exit 0
++        $1
++        ;;
++    stop)
++        _status_q || exit 0
++        $1
++        ;;
++    restart)
++        $1
++        ;;
++    reload)
++        _status_q || exit 7
++        $1
++        ;;
++    force-reload)
++        force_reload
++        ;;
++    status)
++        _status
++        ;;
++    condrestart|try-restart)
++        _status_q || exit 0
++        restart
++        ;;
++    *)
++        echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
++        exit 2
++esac
++exit $?
diff --git a/strongswan-pts-ecp-disable.patch b/strongswan-pts-ecp-disable.patch
index 6cd3ff4..59054eb 100644
--- a/strongswan-pts-ecp-disable.patch
+++ b/strongswan-pts-ecp-disable.patch
@@ -1,6 +1,6 @@
-diff -urNp strongswan-5.0.4-patched/src/libpts/pts/pts_dh_group.c strongswan-5.0.4-current/src/libpts/pts/pts_dh_group.c
---- strongswan-5.0.4-patched/src/libpts/pts/pts_dh_group.c	2013-05-01 15:50:51.332560748 -0400
-+++ strongswan-5.0.4-current/src/libpts/pts/pts_dh_group.c	2013-05-01 15:57:53.545271367 -0400
+diff -urNp strongswan-5.1.0-patched/src/libpts/pts/pts_dh_group.c strongswan-5.1.0-current/src/libpts/pts/pts_dh_group.c
+--- strongswan-5.1.0-patched/src/libpts/pts/pts_dh_group.c	2013-08-06 17:16:36.238031476 -0400
++++ strongswan-5.1.0-current/src/libpts/pts/pts_dh_group.c	2013-08-06 17:44:48.005036651 -0400
 @@ -74,6 +74,16 @@ bool pts_dh_group_probe(pts_dh_group_t *
  	{
  		DBG1(DBG_PTS, format2, "mandatory", diffie_hellman_group_names,
diff --git a/strongswan.git-71d740cac68f83c77d981368a4c041eb620310ed.patch b/strongswan.git-71d740cac68f83c77d981368a4c041eb620310ed.patch
deleted file mode 100644
index d58cc00..0000000
--- a/strongswan.git-71d740cac68f83c77d981368a4c041eb620310ed.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From 71d740cac68f83c77d981368a4c041eb620310ed Mon Sep 17 00:00:00 2001
-From: Andreas Steffen <andreas.steffen@strongswan.org>
-Date: Fri, 24 May 2013 12:56:21 +0200
-Subject: [PATCH] Make plugins in standalone libimcv configurable
-
----
- src/libimcv/imcv.c |    3 ++-
- 1 files changed, 2 insertions(+), 1 deletions(-)
-
-diff --git a/src/libimcv/imcv.c b/src/libimcv/imcv.c
-index 6cee0ad..f9ecf79 100644
---- a/src/libimcv/imcv.c
-+++ b/src/libimcv/imcv.c
-@@ -118,7 +118,8 @@ bool libimcv_init(void)
- 		openlog("imcv", 0, LOG_DAEMON);
- 
- 		if (!lib->plugins->load(lib->plugins, NULL,
--							"sha1 sha2 random nonce gmp pubkey x509"))
-+				lib->settings->get_str(lib->settings, "libimcv.load",
-+					"random nonce gmp pubkey x509")))
- 		{
- 			library_deinit();
- 			return FALSE;
--- 
-1.7.4.1
-
diff --git a/strongswan.spec b/strongswan.spec
index 1ffc703..0e9aa4c 100644
--- a/strongswan.spec
+++ b/strongswan.spec
@@ -8,8 +8,8 @@
 %endif
 
 Name:           strongswan
-Version:        5.0.4
-Release:        5%{?dist}
+Version:        5.1.0
+Release:        1%{?dist}
 Summary:        An OpenSource IPsec-based VPN Solution
 Group:          System Environment/Daemons
 License:        GPLv2+
@@ -19,10 +19,6 @@ Patch0:         strongswan-init.patch
 Patch1:         strongswan-pts-ecp-disable.patch
 Patch2:         libstrongswan-plugin.patch
 Patch3:         libstrongswan-settings-debug.patch
-Patch4:         strongswan.git-71d740cac68f83c77d981368a4c041eb620310ed.patch
-Patch5:         libimcv-attestatiom-imv-crash.patch
-Patch6:         strongswan-Change-ipsec-updown-to-strongswan-updown.patch
-Patch7:         strongswan-Change-ipsec-scepclient-to-strongswan-scepclient.patch
 
 BuildRequires:  gmp-devel
 BuildRequires:  libcurl-devel
@@ -36,7 +32,7 @@ BuildRequires:  libxml2-devel
 BuildRequires:  NetworkManager-devel
 BuildRequires:  NetworkManager-glib-devel
 Obsoletes:      %{name}-NetworkManager < 0:5.0.4-5
-Provides:       %{name}-NetworkManager = 0:%{version}-%{release}
+Provides:       %{name}-charon-nm = 0:%{version}-%{release}
 %else
 Obsoletes:      %{name}-NetworkManager < 0:5.0.0-3.git20120619
 %endif
@@ -83,10 +79,6 @@ implementation possessing a standard IF-IMC/IMV interface.
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
-%patch4 -p1
-%patch5 -p1
-%patch6 -p1
-%patch7 -p1
 
 echo "For migration from 4.6 to 5.0 see http://wiki.strongswan.org/projects/strongswan/wiki/CharonPlutoIKEv1" > README.Fedora
 
@@ -229,6 +221,9 @@ fi
 %{_libdir}/%{name}/plugins/lib%{name}-pgp.so
 %{_libdir}/%{name}/plugins/lib%{name}-pkcs1.so
 %{_libdir}/%{name}/plugins/lib%{name}-pkcs8.so
+%{_libdir}/%{name}/plugins/lib%{name}-pkcs12.so
+%{_libdir}/%{name}/plugins/lib%{name}-rc2.so
+%{_libdir}/%{name}/plugins/lib%{name}-sshkey.so
 %{_libdir}/%{name}/plugins/lib%{name}-pubkey.so
 %{_libdir}/%{name}/plugins/lib%{name}-random.so
 %{_libdir}/%{name}/plugins/lib%{name}-resolve.so
@@ -263,6 +258,8 @@ fi
 %{_libexecdir}/%{name}/scepclient
 %{_libexecdir}/%{name}/starter
 %{_libexecdir}/%{name}/stroke
+%{_libexecdir}/%{name}/_imv_policy
+%{_libexecdir}/%{name}/imv_policy_manager
 %{_sbindir}/%{name}
 %{_mandir}/man5/%{name}.conf.5.gz
 %{_mandir}/man5/%{name}_ipsec.conf.5.gz
@@ -315,6 +312,16 @@ fi
 
 
 %changelog
+* Wed Aug 7 2013 Avesh Agarwal <avagarwa@redhat.com> - 5.1.0-1
+- rhbz#981429: New upstream release
+- Fixes CVE-2013-5018: rhbz#991216, rhbz#991215
+- Fixes rhbz#991859 failed to build in rawhide
+- Updated local patches and removed which are not needed
+- Fixed errors around charon-nm
+- Added plugins libstrongswan-pkcs12.so, libstrongswan-rc2.so,
+  libstrongswan-sshkey.so
+- Added utility imv_policy_manager
+
 * Thu Jul 25 2013 Jamie Nguyen <jamielinux@fedoraproject.org> - 5.0.4-5
 - rename strongswan-NetworkManager to strongswan-charon-nm
 - fix enable_nm macro