strongSwan

h1. Version 5.3.0

* Added support for IKEv2 make-before-break reauthentication. By using a global

  CHILD_SA reqid allocation mechanism, charon supports overlapping CHILD_SAs.

  This allows the use of make-before-break instead of the previously supported

  break-before-make reauthentication, avoiding connectivity gaps during that

  procedure. As the new mechanism may fail with peers not supporting it (such

  as any previous strongSwan release) it must be explicitly enabled using

  the _charon.make_before_break_ [[strongswan.conf]] option.

* Support for _Signature Authentication in IKEv2_ ("RFC 7427":http://tools.ietf.org/html/rfc7427) has been added.

  This allows the use of stronger hash algorithms for public key authentication.

  By default, signature schemes are chosen based on the strength of the

  signature key, but specific hash algorithms may be configured in leftauth.

* Key types and hash algorithms specified in _rightauth_ are now also checked

  against IKEv2 signature schemes.  If such constraints are used for certificate

  chain validation in existing configurations, in particular with peers that

  don't support RFC 7427, it may be necessary to disable this feature with the

  _charon.signature_authentication_constraints_ setting, because the signature

  scheme used in classic IKEv2 public key authentication may not be strong

  enough.

* The new [[connmark|connmark plugin]] allows a host to bind conntrack flows to a specific

  CHILD_SA by applying and restoring the SA mark to conntrack entries. This

  allows a peer to handle multiple transport mode connections coming over the

  same NAT device for client-initiated flows (a common use case is to protect

  L2TP/IPsec).  See {{tc(ikev2/host2host-transport-connmark)}} for an example.

* The [[forecast|forecast plugin]] can forward broadcast and multicast messages between

  connected clients and a LAN. For CHILD_SA using unique marks, it sets up

  the required Netfilter rules and uses a multicast/broadcast listener that

  forwards such messages to all connected clients. This plugin is designed for

  Windows 7 IKEv2 clients, which announce their services over the tunnel if the

  negotiated IPsec policy allows it. See {{tc(ikev2/forecast)}} for an example.

* For the [[vici|vici plugin]] a Python Egg has been added to allow Python applications

  to control or monitor the IKE daemon using the VICI interface, similar to the

  existing ruby gem. The Python library has been contributed by Björn Schuberg.

* EAP server methods now can fulfill public key constraints, such as _rightcert_

  or _rightca_. Additionally, public key and signature constraints can be

  specified for EAP methods in the _rightauth_ keyword. Currently the EAP-TLS and

  EAP-TTLS methods provide verification details to constraints checking.

* Upgrade of the [[bliss|BLISS post-quantum signature algorithm]] to the improved BLISS-B

  variant. Can be used in conjunction with the SHA256, SHA384 and SHA512 hash

  algorithms with SHA512 being the default.

* The IF-IMV 1.4 interface now makes the IP address of the TNC access requestor

  as seen by the TNC server available to all IMVs. This information can be

  forwarded to policy enforcement points (e.g. firewalls or routers).

* The new mutual tnccs-20 plugin parameter activates mutual TNC measurements

  in PB-TNC half-duplex mode between two endpoints over either a PT-EAP or

  PT-TLS transport medium.

* SPIs in IKEv1 DELETE payloads are now compared to those of the current IKE SA.

  This is required for interoperability with OpenBSD's _isakmpd_, which always uses the

  latest IKE SA to delete other expired SAs.

* The _files_ plugin provides a simple fetcher for @file://@ URIs (commit:1735d80f38).

* Fixed CRL verification for PKIs that don't use SHA-1 hashes of the public key

  as subjectKeyIdentifier or authorityKeyIdentifier (commit:6133770db4).

* Route priorities are now considered when doing manual route lookups (commit:6b57790270).

* Policies are now removed from the kernel before IPsec SAs, to avoid acquires

  for untrapped policies (commit:46188b0eb0).