Version 5.8.3¶

This will be the next minor release, see Roadmap for updates on the release date.

Version 5.8.2¶

• Identity-based CA constraints, which enforce that the certificate chain of the remote peer contains a CA certificate
  with a specific identity, are supported via vici/swanctl.conf. This is similar to the existing CA constraints but
  doesn't require that the CA certificate is locally installed, for instance, intermediate CA certificates received from
  the peers. Wildcard identity matching (e.g. ..., OU=Research, CN=*) could also be used for the latter but requires
  trust in the intermediate CAs to only issue certificates with legitimate subject DNs (e.g. the "Sales" CA must not
  issue certificates with OU=Research). With the new constraint that's not necessary as long as a path length basic
  constraint (--pathlen for pki --issue) prevents intermediate CAs from issuing further intermediate CAs.

• Intermediate CA certificates may now be sent in hash-and-URL encoding by configuring a base URL for the
  parent CA (#3234, swanctl/rw-hash-and-url-multi-level).

• Implemented NIST SP-800-90A Deterministic Random Bit Generator (DRBG) based on AES-CTR and SHA2-HMAC
  modes. Currently used by the gmp and ntru plugins.

• Random nonces sent in an OCSP requests are now expected in the corresponding OCSP responses.

• The kernel-netlink plugin now ignores deprecated IPv6 addresses for MOBIKE. Whether temporary or
  permanent IPv6 addresses are included now depends on the charon.prefer_temporary_addrs setting (#3192).

• Extended Sequence Numbers (ESN) are configured via PF_KEY if supported by the kernel.

• The PF_KEY socket's receive buffer in the kernel-pfkey plugin is now cleared before sending requests, as many
  of the messages sent by the kernel are sent as broadcasts to all PF_KEY sockets. This is an issue if an external
  tool is used to manage SAs/policies unrelated to IPsec (#3225).

• The vici plugin now uses unique section names for CHILD_SAs in child-updown events (7c74ce9190).

• For individually deleted CHILD_SAs (in particular for IKEv1) the vici child-updown event now includes more
  information about the CHILD_SAs such as traffic statistics (#3198).

• Custom loggers are correctly re-registered if log levels are changed via stroke loglevel (#3182).

• Avoid lockups during startup on low entropy systems when using OpenSSL 1.1.1 (095a2c2eac).

• Instead of failing later when setting a key, creating HMACs via openssl plugin now fails instantly if the underlying
  hash algorithm isn't supported (e.g. MD5 in FIPS-mode) so fallbacks to other plugins work properly (#3284).

• Exponents of RSA keys read from TPM 2.0 via SAPI are correctly converted (8ee1242f1438).

• Routing table IDs > 255 are supported for custom routes on Linux.

• To avoid races, the check for hardware offloading support in the kernel-netlink plugin is performed during
  initialization of the plugin (a605452c03).

• The D-Bus config file for charon-nm is now installed in $(datadir)/dbus-1/system.d instead of
  $(sysconfdir)/dbus-1/system.d, which is intended for sysadmin overrides.

• INVALID_MAJOR_VERSION notifies are now correctly sent in messages of the same exchange type and with the same
  message ID as the request.

• IKEv2 SAs are now immediately destroyed when sending or receiving INVALID_SYNTAX notifies in authenticated
  messages.

• For developers working from the repository the configure script now aborts if GNU gperf is not found.