Changelog for 4.5.x

Version 4.5.3

  • Our private libraries (e.g. libstrongswan) are not installed directly in
    prefix/lib anymore. Instead a subdirectory is used (prefix/lib/ipsec/ by
    default). The plugins directory is also moved from libexec/ipsec/ to that
  • The dynamic IMC/IMV libraries were moved from the plugins directory to
    a new imcvs directory in the prefix/lib/ipsec/ subdirectory.
  • Job priorities were introduced to prevent thread starvation caused by too
    many threads handling blocking operations (such as CRL fetching).
  • IKEv2 charon daemon supports PASS and DROP shunt policies
    preventing traffic to go through IPsec connections. Installation of the
    shunt policies either via the XFRM netfilter or PFKEYv2 IPsec kernel
  • The history of policies installed in the kernel is now tracked so that e.g.
    trap policies are correctly updated when reauthenticated SAs are terminated.
  • IMC/IMV Scanner pair implementing the RFC 5792 PA-TNC (IF-M) protocol.
    Using "netstat -l" the IMC scans open listening ports on the TNC client
    and sends a port list to the IMV which based on a port policy decides if
    the client is admitted to the network.
  • IMC/IMV Test pair implementing the RFC 5792 PA-TNC (IF-M) protocol.
  • The IKEv2 close action does not use the same value as the ipsec.conf dpdaction
    setting, but the value defined by its own closeaction keyword. The action
    is triggered if the remote peer closes a CHILD_SA unexpectedly.

Version 4.5.2

  • The whitelist plugin for the IKEv2 daemon maintains an in-memory identity
    whitelist. Any connection attempt of peers not whitelisted will get rejected.
    The 'ipsec whitelist' utility provides a simple command line frontend for
    whitelist administration.
  • The duplicheck plugin provides a specialized form of duplicate checking,
    doing a liveness check on the old SA and optionally notify a third party
    application about detected duplicates.
  • The coupling plugin permanently couples two or more devices by limiting
    authentication to previously used certificates.
  • In the case that the peer config and child config don't have the same name
    (usually in SQL database defined connections), ipsec up|route <peer config>
    starts|routes all associated child configs and ipsec up|route <child config>
    only starts|routes the specific child config.
  • fixed the encoding and parsing of X.509 certificate policy statements (CPS).
  • Duncan Salerno contributed the eap-sim-pcsc plugin implementing a
    pcsc-lite based SIM card backend.
  • The eap-peap plugin implements the EAP PEAP protocol. Interoperates
    successfully with a FreeRADIUS server and Windows 7 Agile VPN clients.
  • The IKEv2 daemon charon rereads strongswan.conf on SIGHUP and instructs
    all plugins to reload. Currently only the eap-radius and the attr plugins
    support configuration reloading.
  • Added userland support to the IKEv2 daemon for Extended Sequence Numbers
    support coming with Linux 2.6.39. To enable ESN on a connection, add
    the 'esn' keyword to the proposal. The default proposal uses 32-bit sequence
    numbers only ('noesn'), and the same value is used if no ESN mode is
    specified. To negotiate ESN support with the peer, include both, e.g.
  • In addition to ESN, Linux 2.6.39 gained support for replay windows larger
    than 32 packets. The new global strongswan.conf option 'charon.replay_window'
    configures the size of the replay window, in packets.

Version 4.5.1

  • Sansar Choinyambuu implemented the RFC 5793 Posture Broker Protocol (BP)
    compatible with Trusted Network Connect (TNC). The TNCCS 2.0 protocol
    requires the tnccs_20, tnc_imc and tnc_imv plugins but does not depend
    on the libtnc library. Any available IMV/IMC pairs conforming to the
    Trusted Computing Group's TNC-IF-IMV/IMC 1.2 interface specification
    can be loaded via /etc/tnc_config.
  • Re-implemented the TNCCS 1.1 protocol by using the tnc_imc and tnc_imv
    in place of the external libtnc library.
  • The tnccs_dynamic plugin loaded on a TNC server in addition to the
    tnccs_11 and tnccs_20 plugins, dynamically detects the IF-TNCCS
    protocol version used by a TNC client and invokes an instance of
    the corresponding protocol stack.
  • IKE and ESP proposals can now be stored in an SQL database using a
    new proposals table. The start_action field in the child_configs
    tables allows the automatic starting or routing of connections stored
    in an SQL database.
  • The new certificate_authorities and certificate_distribution_points
    tables make it possible to store CRL and OCSP Certificate Distribution
    points in an SQL database.
  • The new 'include' statement allows to recursively include other files in
    strongswan.conf. Existing sections and values are thereby extended and
    replaced, respectively.
  • Due to the changes in the parser for strongswan.conf, the configuration
    syntax for the attr plugin has changed. Previously, it was possible to
    specify multiple values of a specific attribute type by adding multiple
    key/value pairs with the same key (e.g. dns) to the plugins.attr section.
    Because values with the same key now replace previously defined values
    this is not possible anymore. As an alternative, multiple values can be
    specified by separating them with a comma (e.g. dns =,
  • ipsec listalgs now appends (set in square brackets) to each crypto
    algorithm listed the plugin that registered the function.
  • Traffic Flow Confidentiality padding supported with Linux 2.6.38 can be used
    by the IKEv2 daemon. The ipsec.conf 'tfc' keyword pads all packets to a given
    boundary, the special value '%mtu' pads all packets to the path MTU.
  • The new af-alg plugin can use various crypto primitives of the Linux Crypto
    API using the AF_ALG interface introduced with 2.6.38. This removes the need
    for additional userland implementations of symmetric cipher, hash, hmac and
    xcbc algorithms.
  • The IKEv2 daemon supports the INITIAL_CONTACT notify as initiator and
    responder. The notify is sent when initiating configurations with a unique
    policy, set in ipsec.conf via the global 'uniqueids' option.
  • The conftest conformance testing framework enables the IKEv2 stack to perform
    many tests using a distinct tool and configuration frontend. Various hooks
    can alter reserved bits, flags, add custom notifies and proposals, reorder
    or drop messages and much more. It is enabled using the --enable-conftest
    ./configure switch.
  • The new libstrongswan constraints plugin provides advanced X.509 constraint
    checking. In addition to X.509 pathLen constraints, the plugin checks for
    nameConstraints and certificatePolicies, including policyMappings and
    policyConstraints. The x509 certificate plugin and the pki tool have been
    enhanced to support these extensions. The new left/rightcertpolicy ipsec.conf
    connection keywords take OIDs a peer certificate must have.
  • The left/rightauth ipsec.conf keywords accept values with a minimum strength
    for trustchain public keys in bits, such as rsa-2048 or ecdsa-256.
  • The revocation and x509 libstrongswan plugins and the pki tool gained basic
    support for delta CRLs.

Version 4.5.0

  • IMPORTANT: the default keyexchange mode 'ike' is changing with release 4.5
    from 'ikev1' to 'ikev2', thus commemorating the five year anniversary of the
    IKEv2 RFC 4306 and its mature successor RFC 5996. The time has definitively
    come for IKEv1 to go into retirement and to cede its place to the much more
    robust, powerful and versatile IKEv2 protocol!
    If you still like to use the old IKEv1 protocol then you must explicitly
    define keyexchange=ikev1.
  • Added new ctr, ccm and gcm plugins providing Counter, Counter with CBC-MAC
    and Galois/Counter Modes based on existing CBC implementations. These
    new plugins bring support for AES and Camellia Counter and CCM algorithms
    and the AES GCM algorithms for use in IKEv2. A list of all supported
    algorithms can be found here.
  • The new pkcs11 plugin brings full Smartcard support to the IKEv2 daemon and
    the ipsec pki utility using one or more PKCS#11 libraries. It currently supports
    RSA private and public key operations and loads X.509 certificates from
  • Implemented a general purpose TLS stack based on crypto and credential
    primitives of libstrongswan. libtls supports TLS versions 1.0, 1.1 and 1.2,
    ECDHE-ECDSA/RSA, DHE-RSA and RSA key exchange algorithms and RSA/ECDSA based
    client authentication.
  • The RADIUS plugin eap-radius now supports multiple RADIUS servers for
    redundant setups. Servers are selected by a defined priority, server load and
  • Applets for Maemo 5 (Nokia) allow to easily configure and control IKEv2
    based VPN connections with EAP authentication on supported devices.
  • The simple led plugin controls hardware LEDs through the Linux LED subsystem.
    It currently shows activity of the IKE daemon and is a good example how to
    implement a simple event listener.
  • The IKEv1 daemon pluto now uses the same kernel interfaces as the IKEv2
    daemon charon. As a result of this, pluto now supports xfrm marks which
    were introduced in charon with 4.4.1.
  • Improved MOBIKE behavior in several corner cases, for instance, if the
    initial responder moves to a different address.
  • Fixed left-/rightnexthop option, which was broken since 4.4.0.
  • Fixed a bug not releasing a virtual IP address to a pool if the XAUTH
    identity was different from the IKE identity.
  • Fixed the alignment of ModeConfig messages on 4-byte boundaries in the
    case where the attributes are not a multiple of 4 bytes (e.g. Cisco's
  • Fixed the interoperability of the socket_raw and socket_default
    charon plugins.