Changelog for 5.2.x¶
- Fixed a denial-of-service vulnerability triggered by an IKEv2 Key Exchange
payload that contains the Diffie-Hellman group 1025. This identifier was
used internally for DH groups with custom generator and prime. Because
these arguments are missing when creating DH objects based on the KE payload
an invalid pointer dereference occurred. This allowed an attacker to crash
the IKE daemon with a single IKE_SA_INIT message containing such a KE
payload. The vulnerability has been registered as CVE-2014-9221.
Please refer to our blog for details.
- The left/rightid options in ipsec.conf, or any other identity in strongSwan,
now accept prefixes to enforce an explicit type, such as email: or fqdn:.
Note that no conversion is done for the remaining string, refer to the
conn section reference (or the ipsec.conf(5) man page) for details.
- The post-quantum Bimodal Lattice Signature Scheme (BLISS) can be used as
an IKEv2 public key authentication method. The pki tool offers full support
for the generation of BLISS key pairs and certificates.
- Fixed mapping of integrity algorithms negotiated for AH via IKEv1. This could
cause interoperability issues when connecting to older versions of charon (#771).
- Support to configure IP address pools as ranges (<from IP>-<to IP>) in
ipsec.conf and swanctl.conf has been added.
- The first and last addresses in subnet based pools are now skipped properly and
the pools' sizes are adjusted accordingly. Which is also the case if pools are
configured with an offset, e.g. 192.168.0.100/24, which reduces the number of
available addresses from 254 to 155 and assignment now starts at .100 not .101,
that is, .100-.254 are assignable to clients.
- Many uses of select(2) have been replaced by call to poll(2), which avoids problems
with more than 1024 open file descriptors (see #757).
- Only payloads with payload types defined for the currently handled IKE version are now parsed,
all other payloads are ignored (see mailing list).
- On Windows ALE layer WFP rules are introduced to accept tunnel mode packets in
stateful packet filtering if default-drop policies are used (e61841a211).
- The new --pkcs12 command for pki provides basic support for PKCS#12
containers, namely listing and exporting credentials.
- Correctly configure replay window size on FreeBSD and Mac OS X (d21b01462e).
- Accept IPComp proposals with 4 octet long CPI values (4141f01671).
- The source code for the user interface of the native Mac OS X application is now
open source and part of our repository (55e7a0cafb).
- The new charon-systemd IKE daemon implements an IKE daemon tailored
for use with systemd. It avoids the dependency on ipsec starter and
uses swanctl as configuration backend, building a simple and
lightweight solution. Native systemd journal logging is supported.
- Support for the new IKEv2 Fragmentation mechanism as defined by
RFC 7383 has been added, which avoids IP fragmentation of
IKEv2 UDP datagrams exceeding the network's MTU size. This feature is
activated by setting fragmentation=yes in ipsec.conf and optionally
setting the maximum IP packet size with the charon.fragment_size
parameter in strongswan.conf.
- Support of the TCG TNC IF-M Attribute Segmentation specification proposal,
which allows to transfer potentially huge attributes amounting to several
megabytes of measurement data like the TCG/SWID Tag [ID] Inventory
or IETF/Installed Packages attributes via the PA-TNC, PB-TNC and
either PT-EAP or PT-TLS NEA protocol stack. By default segmented attributes
are just reconstructed on the receiving side from the individual segments
with the exeception of the three attribute types mentioned above which can
be parsed and processed incrementally as the segments arrive one-by-one.
A commented example can be found under PT-EAP-SWID.
- For the vici plugin a ruby gem has been added to allow ruby applications
to control or monitor the IKE daemon. The vici documentation has been
updated to include a description of the available operations and some simple
examples using both the libvici C interface and the ruby gem (see README.md).
- The new ext-auth plugin calls an external script to implement custom IKE_SA
authorization logic, courtesy of Vyronas Tsingaras.
- Paths to the ipsec.conf and ipsec.conf configuration files may be configured
via strongswan.conf. The path to strongswan.conf may be passed via the
STRONGSWAN_CONFenvironment variable. Patches courtesy of Shea Levy.
- Support for IKEv1 fragmentation has been extended to Windows XP/7 clients,
courtesy of Volker Rümelin.
- A static interval for interim RADIUS accounting updates can be configured for
the eap-radius plugin. It's overridden by any interval the RADIUS server returns
in the Access-Accept message, but it can be useful if RADIUS is only used for accounting.
- Fixed re-authentication when using IKEv1 Mode Config in push mode (cb98380fe9e4).
- Handle Quick Mode DELETES during a Quick Mode rekeying (cd9bba508bba).
- Fixed some Cisco Unity corner cases (rekeying and situations where no split-include attributes
are received), one fix didn't made it into this release though (#737).
- Fixed some IKEv1 interoperability issues (e.g. with proposal numbering and IPComp), see #661.
- Fixed a crash during reauthentication with multiple authentication rounds caused by the
incorrect use of
Also added a comment regarding the used of that function (see c641974de001).
- The kernel-pfkey plugin now reports packet counts (25fcbab6789c).
- If available the kernel-pfroute plugin uses RTM_IFANNOUNCE/IFAN_DEPARTURE events to
delete cached interfaces (see f80093e2ee65).
- The kernel-netlink plugin can set MTU and MSS on installed routes via settings in
strongswan.conf (these are global and affect all SAs).
- The kernel-netlink plugin optionally installs protocol and ports on transport mode
SAs (90e6675a657c) to enforce policies for inbound traffic. Enabling this prevents the use
of a single IPsec SA by more than one traffic selectors though.
- TESTS_SUITES_EXCLUDE option added to unit test runner.
- Added the source:testing/scripts/build-strongswan script to (relatively) quickly (re-)build
strongSwan in the testing environment.
- strongSwan has been ported to the Windows platform. Using a MinGW toolchain,
many parts of the strongSwan codebase run natively on Windows 7 / 2008 R2 and
charon-svc implements a Windows IKE service based on libcharon, the kernel-iph
and kernel-wfp plugins act as networking and IPsec backend on the Windows platform.
socket-win provides a native IKE socket implementation, while winhttp fetches
CRL and OCSP information using the WinHTTP API.
- The new vici plugin provides a Versatile IKE Configuration Interface for
charon. Using the stable IPC interface, external applications can configure,
control and monitor the IKE daemon. Instead of scripting the ipsec tool
and generating ipsec.conf, third party applications can use the new interface
for more control and better reliability.
- Built upon the libvici client library, swanctl implements the first user of
the VICI interface. Together with a swanctl.conf configuration file,
connections can be defined, loaded and managed. swanctl provides a portable,
complete IKE configuration and control interface for the command line.
- The SWID IMV implements a JSON-based REST API which allows the exchange
of SWID tags and Software IDs with the strongTNC policy manager.
- The SWID IMC can extract all installed packages from the
rpm(Fedora, RedHat, etc.), or
pacman(Arch Linux, Manjaro, etc.)
package managers, respectively, using the swidGenerator which generates
SWID tags according to the new ISO/IEC 19770-2:2014 standard.
- All IMVs now share the access requestor ID, device ID and product info
of an access requestor via a common imv_session object.
- The Attestation IMC/IMV pair supports the IMA-NG measurement format
introduced with the Linux 3.13 kernel.
- The aikgen tool generates an Attestation Identity Key bound to a TPM.
- Implemented the PT-EAP transport protocol (RFC 7171) for Trusted Network
- The ipsec.conf replay_window option defines connection specific IPsec replay
windows. Original patch courtesy of Zheng Zhong and Christophe Gouault from 6Wind.
- The custom parser for strongswan.conf has been replaced with one based on flex/bison.
It adds support for quoted strings (with escape sequences), unlimited includes, more
relaxed newline handling, better syntax error reporting, and a distinction between
empty and unset values (key="" vs. key=).
- The parser for ipsec.conf in starter has been rewritten. It allows overriding options
in all included sections (also=) not only in %default, options defined in included sections
can also be cleared again. Other improvements, like quoted strings, unlimited includes,
and better whitespace/comment handling have been implemented as well.
- Support for late IKEv1 connection switching based on the XAuth username has been added.
- Added support to parse SSH public keys from files configured in left|rightsigkey.
- RDNs in Distinguished Names parsed from strings must now either be separated by a comma
or a slash, not both. If the DN starts with a slash (or whitespace and a slash) slashes
will be assumed as separator, commas otherwise.
- Scalability of half-open IKE_SA and log level checks have been improved (502eeb7f76d2).
- Added a workaround for Sonicwall boxes that send ID/HASH payloads unencrypted during
IKEv1 Main Mode (c4c9d291d2aa).
- If private algorithm identifiers are used, rekeying is fixed by migrating extensions/conditions
to the new IKE_SA during rekeying (094963d1b160).
- Support for IPComp was added to the kernel-pfkey plugin (FreeBSD, Mac OS X, Linux),
patch courtesy of Francois ten Krooden (6afa7761a540).
- Passthrough policies are installed with strictly higher priorities than IPsec policies, which
was not always the case previously, depending on the traffic selectors.
- The kernel-netlink plugin now follows RFC 6724 when selecting IPv6 source addresses (#543).
- stroke and starter now use the <daemon>.plugins.stroke.socket option to determine the socket
to communicate with the daemon. A
--daemonoption has been added to stroke.
- The --disable-tools ./configure option has been replaced with the --disable-pki and
handle_vips()hook has been added similar to
assign_vips(), but for clients
handling virtual IPs and other configuration attributes (31f26960761c).