Major Release


8 issues   (8 closed — 0 open)

Version 5.9.0

  • We prefer AEAD algorithms for ESP and therefore put AES-GCM in a default AEAD proposal in front
    of the previous default proposal.
  • Changes related to the NM frontend and backend (charon-nm):
    • Password entry for private keys in the frontend has been fixed, in the backend, cached credentials
      are now also cleared when the connection is terminated (#3428).
    • The AppStream metadata installed by the frontend has been migrated from appdata to
      metainfo (73b60338dc).
    • The height of the frontend has been reduced by using tabs for options/proposals (#3448).
    • DPD and close action are now set to restart in the backend (#3300).
    • The backend supports custom remote traffic selectors via remote-ts option (separated by ;).
      There is currently no GUI support, so configuration has to be done manually via nmcli or
      config file.
  • If a connection fails after getting redirected, we now restart connecting to the original host, not the
    one redirected to.
  • The pkcs11 plugin falls back to hashing data for PKCS#1 v1.5 RSA signatures in software if the
    smartcard/library doesn't support signature mechanisms with hashing (e.g. CKM_SHA256_RSA_PKCS).
  • The owner/group of the log file opened by the file logger (e.g. via charon.filelog) is now set so the
    daemon can reopen it if the config is reloaded and it doesn't run as root.
  • The wolfssl plugin (when used with wolfSSL 4.4.0+) supports x448 Diffie-Hellman and Ed448 keys.
  • For peers that don't send the EAP_ONLY_AUTHENTICATION notify but still expect to use EAP-only
    authentication, the charon.force_eap_only_authentication option can be enabled to force this type
    of authentication even on non-compliant peers.
  • DH groups are properly handled during migration of CHILD_SA-creating tasks when reestablishing (may
    have caused DH groups in the proposal sent during IKE_AUTH).
  • The vici plugin stores all CA certificates in one location, which avoids issues with unloading authority
    sections or clearing all credentials (GH#172).
  • When unloading a vici connection with start_action=start, any related IKE_SAs without children are now
    terminated (including those in CONNECTING state).
  • The hashtable implementation has been changed so it maintains insertion order (the old implementation,
    including the get_match() method and a new feature to sort keys, has been migrated to the hashlist_t
    class). This was mainly done so the vici plugin can store its connections in a hashtable, which makes
    managing high numbers of connections faster.
  • The default maximum size for vici messages (512 KiB) can now be changed via VICI_MESSAGE_SIZE_MAX
    compile option.
  • IPv6 virtual IPs are now always enumerated, ignoring the charon.prefer_temporary_addrs setting, which
    should fix route installation if the latter is enabled.
  • The version as obtained from the Git repository (via git describe) on which a build is based can now be
    used in executables (--enable-git-version). Tarballs include a text file with that information cached.
  • Connectivity with the Android client got a lot more stable on Android 6+ where the system aggressively
    suspends apps when the device is idle (Doze mode). We now use a custom scheduler that uses Android's
    AlarmManager, which allows waking up the app even if the system put it to sleep. It does require adding
    the app to the system's battery optimization whitelist, which is requested from the user automatically if
    necessary. With this, NAT keepalives and rekeyings are now scheduled accurately, with little changes to the
    battery usage (#3364).
    There are some related changes that could be useful outside of the Android client:
    • It's possible to use other clocks than CLOCK_MONOTONIC (e.g. CLOCK_BOOTTIME) via TIME_CLOCK_ID
      compile option if clock_gettime() is available and pthread_condattr_setclock() supports that
      clock (Android's bionic C library e.g. only supports CLOCK_MONOTONIC and CLOCK_REALTIME while the
      kernel would support CLOCK_BOOTTIME via clock_gettime()).
    • When using a clock that includes time spent suspended, the new charon.keep_alive_dpd_margin option
      may be used to trigger a DPD instead of a NAT keepalive if too much time has passed.
    • Another option (charon.check_current_path) allows forcing a DPD exchange to check if the current path
      still works whenever changes to interfaces/addresses are detected.
Issues by