Changelog for 4.5.x¶

Version 4.5.3¶

• Our private libraries (e.g. libstrongswan) are not installed directly in
  prefix/lib anymore. Instead a subdirectory is used (prefix/lib/ipsec/ by
  default). The plugins directory is also moved from libexec/ipsec/ to that
  directory.

• The dynamic IMC/IMV libraries were moved from the plugins directory to
  a new imcvs directory in the prefix/lib/ipsec/ subdirectory.

• Job priorities were introduced to prevent thread starvation caused by too
  many threads handling blocking operations (such as CRL fetching).

• Two new strongswan.conf options allow to fine-tune performance on IKEv2
  gateways by dropping IKE_SA_INIT requests on high load.

• IKEv2 charon daemon supports PASS and DROP shunt policies
  preventing traffic to go through IPsec connections. Installation of the
  shunt policies either via the XFRM netfilter or PFKEYv2 IPsec kernel
  interfaces.

• The history of policies installed in the kernel is now tracked so that e.g.
  trap policies are correctly updated when reauthenticated SAs are terminated.

• IMC/IMV Scanner pair implementing the RFC 5792 PA-TNC (IF-M) protocol.
  Using "netstat -l" the IMC scans open listening ports on the TNC client
  and sends a port list to the IMV which based on a port policy decides if
  the client is admitted to the network.
  (--enable-imc-scanner/--enable-imv-scanner).

• IMC/IMV Test pair implementing the RFC 5792 PA-TNC (IF-M) protocol.
  (--enable-imc-test/--enable-imv-test).

• The IKEv2 close action does not use the same value as the ipsec.conf dpdaction
  setting, but the value defined by its own closeaction keyword. The action
  is triggered if the remote peer closes a CHILD_SA unexpectedly.

Version 4.5.2¶

• The whitelist plugin for the IKEv2 daemon maintains an in-memory identity
  whitelist. Any connection attempt of peers not whitelisted will get rejected.
  The 'ipsec whitelist' utility provides a simple command line frontend for
  whitelist administration.

• The duplicheck plugin provides a specialized form of duplicate checking,
  doing a liveness check on the old SA and optionally notify a third party
  application about detected duplicates.

• The coupling plugin permanently couples two or more devices by limiting
  authentication to previously used certificates.

• In the case that the peer config and child config don't have the same name
  (usually in SQL database defined connections), ipsec up|route <peer config>
  starts|routes all associated child configs and ipsec up|route <child config>
  only starts|routes the specific child config.

• fixed the encoding and parsing of X.509 certificate policy statements (CPS).

• Duncan Salerno contributed the eap-sim-pcsc plugin implementing a
  pcsc-lite based SIM card backend.

• The eap-peap plugin implements the EAP PEAP protocol. Interoperates
  successfully with a FreeRADIUS server and Windows 7 Agile VPN clients.

• The IKEv2 daemon charon rereads strongswan.conf on SIGHUP and instructs
  all plugins to reload. Currently only the eap-radius and the attr plugins
  support configuration reloading.

• Added userland support to the IKEv2 daemon for Extended Sequence Numbers
  support coming with Linux 2.6.39. To enable ESN on a connection, add
  the 'esn' keyword to the proposal. The default proposal uses 32-bit sequence
  numbers only ('noesn'), and the same value is used if no ESN mode is
  specified. To negotiate ESN support with the peer, include both, e.g.
  esp=aes128-sha1-esn-noesn.

• In addition to ESN, Linux 2.6.39 gained support for replay windows larger
  than 32 packets. The new global strongswan.conf option 'charon.replay_window'
  configures the size of the replay window, in packets.

Version 4.5.1¶

• Sansar Choinyambuu implemented the RFC 5793 Posture Broker Protocol (BP)
  compatible with Trusted Network Connect (TNC). The TNCCS 2.0 protocol
  requires the tnccs_20, tnc_imc and tnc_imv plugins but does not depend
  on the libtnc library. Any available IMV/IMC pairs conforming to the
  Trusted Computing Group's TNC-IF-IMV/IMC 1.2 interface specification
  can be loaded via /etc/tnc_config.

• Re-implemented the TNCCS 1.1 protocol by using the tnc_imc and tnc_imv
  in place of the external libtnc library.

• The tnccs_dynamic plugin loaded on a TNC server in addition to the
  tnccs_11 and tnccs_20 plugins, dynamically detects the IF-TNCCS
  protocol version used by a TNC client and invokes an instance of
  the corresponding protocol stack.

• IKE and ESP proposals can now be stored in an SQL database using a
  new proposals table. The start_action field in the child_configs
  tables allows the automatic starting or routing of connections stored
  in an SQL database.

• The new certificate_authorities and certificate_distribution_points
  tables make it possible to store CRL and OCSP Certificate Distribution
  points in an SQL database.

• The new 'include' statement allows to recursively include other files in
  strongswan.conf. Existing sections and values are thereby extended and
  replaced, respectively.

• Due to the changes in the parser for strongswan.conf, the configuration
  syntax for the attr plugin has changed. Previously, it was possible to
  specify multiple values of a specific attribute type by adding multiple
  key/value pairs with the same key (e.g. dns) to the plugins.attr section.
  Because values with the same key now replace previously defined values
  this is not possible anymore. As an alternative, multiple values can be
  specified by separating them with a comma (e.g. dns = 1.2.3.4, 2.3.4.5).

• ipsec listalgs now appends (set in square brackets) to each crypto
  algorithm listed the plugin that registered the function.

• Traffic Flow Confidentiality padding supported with Linux 2.6.38 can be used
  by the IKEv2 daemon. The ipsec.conf 'tfc' keyword pads all packets to a given
  boundary, the special value '%mtu' pads all packets to the path MTU.

• The new af-alg plugin can use various crypto primitives of the Linux Crypto
  API using the AF_ALG interface introduced with 2.6.38. This removes the need
  for additional userland implementations of symmetric cipher, hash, hmac and
  xcbc algorithms.

• The IKEv2 daemon supports the INITIAL_CONTACT notify as initiator and
  responder. The notify is sent when initiating configurations with a unique
  policy, set in ipsec.conf via the global 'uniqueids' option.

• The conftest conformance testing framework enables the IKEv2 stack to perform
  many tests using a distinct tool and configuration frontend. Various hooks
  can alter reserved bits, flags, add custom notifies and proposals, reorder
  or drop messages and much more. It is enabled using the --enable-conftest
  ./configure switch.

• The new libstrongswan constraints plugin provides advanced X.509 constraint
  checking. In addition to X.509 pathLen constraints, the plugin checks for
  nameConstraints and certificatePolicies, including policyMappings and
  policyConstraints. The x509 certificate plugin and the pki tool have been
  enhanced to support these extensions. The new left/rightcertpolicy ipsec.conf
  connection keywords take OIDs a peer certificate must have.

• The left/rightauth ipsec.conf keywords accept values with a minimum strength
  for trustchain public keys in bits, such as rsa-2048 or ecdsa-256.

• The revocation and x509 libstrongswan plugins and the pki tool gained basic
  support for delta CRLs.

Version 4.5.0¶

• IMPORTANT: the default keyexchange mode 'ike' is changing with release 4.5
  from 'ikev1' to 'ikev2', thus commemorating the five year anniversary of the
  IKEv2 RFC 4306 and its mature successor RFC 5996. The time has definitively
  come for IKEv1 to go into retirement and to cede its place to the much more
  robust, powerful and versatile IKEv2 protocol!
  If you still like to use the old IKEv1 protocol then you must explicitly
  define keyexchange=ikev1.

• Added new ctr, ccm and gcm plugins providing Counter, Counter with CBC-MAC
  and Galois/Counter Modes based on existing CBC implementations. These
  new plugins bring support for AES and Camellia Counter and CCM algorithms
  and the AES GCM algorithms for use in IKEv2. A list of all supported
  algorithms can be found here.

• The new pkcs11 plugin brings full Smartcard support to the IKEv2 daemon and
  the ipsec pki utility using one or more PKCS#11 libraries. It currently supports
  RSA private and public key operations and loads X.509 certificates from
  tokens.

• Implemented a general purpose TLS stack based on crypto and credential
  primitives of libstrongswan. libtls supports TLS versions 1.0, 1.1 and 1.2,
  ECDHE-ECDSA/RSA, DHE-RSA and RSA key exchange algorithms and RSA/ECDSA based
  client authentication.

• Based on libtls, the eap-tls plugin brings certificate based EAP
  authentication for client and server. It is compatible to Windows 7 IKEv2
  Smartcard authentication and the OpenSSL based FreeRADIUS EAP-TLS backend.

  Example with FreeRADIUS AAA server, Example with a strongSwan gateway doing EAP-TLS only authentication

• EAP-TTLS uses strong EAP-TLS authentication for the server and
  potentially weak password-based client authentication (EAP-MD5, etc.)
  over a secure TLS tunnel.

  Example with FreeRADIUS AAA server, Example with a strongSwan gateway doing EAP-TLS only authentication

• Implemented the TNCCS 1.1 Trusted Network Connect protocol using the
  libtnc library on the strongSwan client and server side via the tnccs_11
  plugin and optionally connecting to a TNC@FHH-enhanced FreeRADIUS AAA server.
  Depending on the resulting TNC Recommendation, strongSwan clients are granted
  access to a network behind a strongSwan gateway (allow), are put into a
  remediation zone (isolate) or are blocked (none), respectively.

  Example with TNC@FHH-enhanced FreeRADIUS AAA server, Example with a strongSwan gateway doing EAP-TLS only authentication

  Group membership attributes are used to assign clients either to the
    'rw-allow' or 'rw-isolate' subnets, respectively. As an alternative
    non-complying clients can be blocked from access.

  {{tc(ikev2/rw-eap-tnc-radius-block, Example with TNC@FHH-enhanced FreeRADIUS AAA server)}},
    {{tc(ikev2/rw-eap-tnc-block, Example with a strongSwan gateway doing EAP-TLS only authentication)}}

  Any number of Integrity Measurement Collector/Verifier pairs can be
    attached via the tnc-imc and tnc-imv charon plugins.

• The RADIUS plugin eap-radius now supports multiple RADIUS servers for
  redundant setups. Servers are selected by a defined priority, server load and
  availability.

• Applets for Maemo 5 (Nokia) allow to easily configure and control IKEv2
  based VPN connections with EAP authentication on supported devices.

• The simple led plugin controls hardware LEDs through the Linux LED subsystem.
  It currently shows activity of the IKE daemon and is a good example how to
  implement a simple event listener.

• The IKEv1 daemon pluto now uses the same kernel interfaces as the IKEv2
  daemon charon. As a result of this, pluto now supports xfrm marks which
  were introduced in charon with 4.4.1.

• Improved MOBIKE behavior in several corner cases, for instance, if the
  initial responder moves to a different address.

• Fixed left-/rightnexthop option, which was broken since 4.4.0.

• Fixed a bug not releasing a virtual IP address to a pool if the XAUTH
  identity was different from the IKE identity.

• Fixed the alignment of ModeConfig messages on 4-byte boundaries in the
  case where the attributes are not a multiple of 4 bytes (e.g. Cisco's
  UNITY_BANNER).

• Fixed the interoperability of the socket_raw and socket_default
  charon plugins.

• Added man page for strongswan.conf.