Changelog for 5.4.x

Version 5.4.0

  • Support for IKEv2 redirection (RFC 5685) has been added. Plugins may
    implement the redirect_provider_t interface (source:src/libcharon/sa/redirect_provider.h)
    to decide if and when to redirect connecting clients. It is also possible to
    redirect established IKE_SAs based on different selectors via vici/swanctl.
    Unless disabled in strongswan.conf the charon daemon will follow redirect
    requests received from servers.
  • The ike: prefix enables the explicit configuration of signature scheme
    constraints against IKEv2 authentication in rightauth, which allows the use
    of different signature schemes for trustchain verification and authentication.
    Configuration of such constraints via vici/swanctl is now also possible.
  • The initiator of an IKEv2 make-before-break reauthentication now suspends
    online certificate revocation checks (OCSP, CRLs) until the new IKE_SA and all
    CHILD_SAs are established. This is required if the checks are done over the
    CHILD_SA established with the new IKE_SA. This is not possible until the
    initiator installs this SA and that only happens after the authentication is
    completed successfully. So we suspend the checks during the reauthentication
    and do them afterwards, if they fail the IKE_SA is closed. This change has no
    effect on the behavior during the authentication of the initial IKE_SA.
  • For the vici plugin a Vici:Session Perl CPAN module has been added to allow
    Perl applications to control and/or monitor the IKE daemon using the VICI
    interface, similar to the existing Python egg or Ruby gem.
  • Traffic selectors with port ranges can now be configured in the Linux kernel:
    e.g. remote_ts =[tcp/20-23] and local_ts = dynamic[tcp/32768-65535].
    The port range must map to a port mask, though, since the kernel does not
    support arbitrary ranges.
  • The vici plugin allows the configuration of IPv4 and IPv6 address ranges
    in local and remote traffic selectors. Since both the Linux kernel and
    iptables cannot handle arbitrary ranges, address ranges are mapped to the
    next larger CIDR subnet by the kernel-netlink and updown plugins, respectively.
  • Implemented IKEv1 IPv4/IPv6 address subnet and range identities that can be
    used as owners of shared secrets.
  • The new p-cscf plugin can request P-CSCF server addresses from an ePDG via
    IKEv2 (RFC 7651). Addresses of the same families as that of requested virtual
    IPs are requested if enabled in strongswan.conf for a particular connection.
    The plugin currently writes received addresses to the log.
  • The default proposals now use a security strength of 128 bit. The default DH group
    for IKE is now either ecp256 or modp3072, depending on whether the openssl plugin
    is loaded or not. The default ESP proposal is aes128-sha256, which requires HMAC-SHA2-256
    support with 128 bit truncation, which the Linux kernel correctly implements since 2.6.33.
    But there are reports that other implementations might still not do so (#1353).
  • DH groups are now listed for CHILD_SAs in ipsec statusall. Note that for IKEv2 the
    first CHILD_SA is created without a separate DH exchange (the key material is derived
    from the IKE keys). Therefore any DH group will only be listed after the first rekeying
    of such a CHILD_SA. For CHILD_SAs created with a separate CREATE_CHILD_SA exchange
    and for IKEv1 a DH group will always be listed if PFS is used.
  • IKE SPIs are now printed in network byte order in log messages and status output.
  • Start actions configured via vici are reversed when configs are unloaded, unchanged
    child configs are not affected by this anymore. Any IKE_SA that ends up without CHILD_SAs
    after that is now closed.
  • Asynchronous initiation and termination is supported via vici by specifying a timeout of -1.
  • To distinguish child configs with the same name associated with different
    connection entries the name of the connection may be sent in the initiate/install
    vici commands using the ike parameter.
  • The vici plugin and swanctl now support authentication with raw public keys. Also,
    the commands used to manage and list certificates/keys have been extended.
  • Multiple authentication rounds sent via vici may now be ordered by the optional round
    parameter instead of by the order of the local/remote* sections in the request (required for
    the Perl bindings that don't use ordered dictionaries).
  • The vici plugin and swanctl are now enabled by default.
  • CHILD_SAs of IKEv1 SAs might now optionally (charon.delete_rekeyed in strongswan.conf)
    be deleted immediately after they got successfully rekeyed instead of waiting for the hard
    timeout, which could be problematic if traffic based limits are used.
  • The charon.reuse_ikesa option is now always enabled for IKEv1 (commit:24ab8530e5).
  • IPv6 virtual IPs are now correctly sent for IKEv1 (commit:91d80298f9). The incorrect encoding is
    still accepted but the new encoding might cause problems for older strongSwan clients.
  • No NAT keepalives are sent if a host has lost connectivity (i.e. no local address is found to
    reach the peer).
  • In the log threads may optionally be identified by their actual thread ID instead of a simple
    incremented value starting from 1 (--enable-log-thread-ids).
  • libhydra has been removed, all plugins and the kernel interface have been integrated
    into libcharon.