forked from pool/strongswan
Accepting request 406438 from home:dkosovic:branches:network:vpn
NetowrkManager-l2tp-1.0.4 is broken with strongswan-5.2.2. The 'ipsec up {connection-name}' command never connects and goes into an infinite loop of failing and trying to re-connect.
NetowrkManager-l2tp works fine with earlier and later versions of strongswan, just not with strongswan-5.2.2.
OBS-URL: https://build.opensuse.org/request/show/406438
OBS-URL: https://build.opensuse.org/package/show/network:vpn/strongswan?expand=0&rev=97
This commit is contained in:
Git OBS Bridge
@@ -1,3 +1,148 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Jul 4 12:00:00 UTC 2016 - doug@uq.edu.au
|
||||
|
||||
- Updated to strongSwan 5.3.5 providing the following changes:
|
||||
Changes in version 5.3.5:
|
||||
* Properly handle potential EINTR errors in sigwaitinfo(2) calls
|
||||
that replaced sigwait(3) calls with 5.3.4.
|
||||
* RADIUS retransmission timeouts are now configurable, courtesy
|
||||
of Thom Troy.
|
||||
Changes in version 5.3.4:
|
||||
* Fixed an authentication bypass vulnerability in the
|
||||
eap-mschapv2 plugin that was caused by insufficient
|
||||
verification of the internal state when handling MSCHAPv2
|
||||
Success messages received by the client. This vulnerability
|
||||
has been registered as CVE-2015-8023.
|
||||
* The sha3 plugin implements the SHA3 Keccak-F1600 hash
|
||||
algorithm family. Within the strongSwan framework SHA3 is
|
||||
currently used for BLISS signatures only because the OIDs for
|
||||
other signature algorithms haven't been defined yet. Also the
|
||||
use of SHA3 for IKEv2 has not been standardized yet.
|
||||
Changes in version 5.3.3:
|
||||
* Added support for the ChaCha20/Poly1305 AEAD cipher specified
|
||||
in RFC 7539 and RFC 7634 using the chacha20poly1305 ike/esp
|
||||
proposal keyword. The new chapoly plugin implements the
|
||||
cipher, if possible SSE-accelerated on x86/x64 architectures.
|
||||
It is usable both in IKEv2 and the strongSwan libipsec ESP
|
||||
backend. On Linux 4.2 or newer the kernel-netlink plugin can
|
||||
configure the cipher for ESP SAs.
|
||||
* The vici interface now supports the configuration of auxiliary
|
||||
certification authority information as CRL and OCSP URIs.
|
||||
* In the bliss plugin the c_indices derivation using a SHA-512
|
||||
based random oracle has been fixed, generalized and
|
||||
standardized by employing the MGF1 mask generation function
|
||||
with SHA-512. As a consequence BLISS signatures unsing the
|
||||
improved oracle are not compatible with the earlier
|
||||
implementation.
|
||||
* Support for auto=route with right=%any for transport mode
|
||||
connections has been added (the ikev2/trap-any scenario
|
||||
provides examples).
|
||||
* The starter daemon does not flush IPsec policies and SAs
|
||||
anymore when it is stopped. Already existing duplicate
|
||||
policies are now overwritten by the IKE daemon when it
|
||||
installs its policies.
|
||||
* Init limits (like charon.init_limit_half_open) can now
|
||||
optionally be enforced when initiating SAs via VICI. For this,
|
||||
IKE_SAs initiated by the daemon are now also counted as half
|
||||
open SAs, which, as a side-effect, fixes the status output
|
||||
while connecting (e.g. in ipsec status).
|
||||
* Symmetric configuration of EAP methods in left|rightauth is
|
||||
now possible when mutual EAP-only authentication is used
|
||||
(previously, the client had to configure rightauth=eap or
|
||||
rightauth=any, which prevented it from using this same config
|
||||
as responder).
|
||||
* The initiator flag in the IKEv2 header is compared again
|
||||
(wasn't the case since 5.0.0) and packets that have the flag
|
||||
set incorrectly are again ignored.
|
||||
* Implemented a demo Hardcopy Device IMC/IMV pair based on the
|
||||
"Hardcopy Device Health Assessment Trusted Network Connect
|
||||
Binding" (HCD-TNC) document drafted by the IEEE Printer
|
||||
Working Group (PWG).
|
||||
* Fixed IF-M segmentation which failed in the presence of
|
||||
multiple small attributes in front of a huge attribute to be
|
||||
segmented.
|
||||
Changes in version 5.3.2:
|
||||
* Fixed a vulnerability that allowed rogue servers with a valid
|
||||
certificate accepted by the client to trick it into disclosing
|
||||
its username and even password (if the client accepts
|
||||
EAP-GTC). This was caused because constraints against the
|
||||
responder's authentication were enforced too late. This
|
||||
vulnerability has been registered as CVE-2015-4171.
|
||||
Changes in version 5.3.1:
|
||||
* Fixed a denial-of-service and potential remote code execution
|
||||
vulnerability triggered by IKEv1/IKEv2 messages that contain
|
||||
payloads for the respective other IKE version. Such payload
|
||||
are treated specially since 5.2.2 but because they were still
|
||||
identified by their original payload type they were used as
|
||||
such in some places causing invalid function pointer
|
||||
dereferences. The vulnerability has been registered as
|
||||
CVE-2015-3991.
|
||||
* The new aesni plugin provides CBC, CTR, XCBC, CMAC, CCM and
|
||||
GCM crypto primitives for AES-128/192/256. The plugin requires
|
||||
AES-NI and PCLMULQDQ instructions and works on both x86 and
|
||||
x64 architectures. It provides superior crypto performance in
|
||||
userland without any external libraries.
|
||||
Changes in version 5.3.0:
|
||||
* Added support for IKEv2 make-before-break reauthentication. By
|
||||
using a global CHILD_SA reqid allocation mechanism, charon
|
||||
supports overlapping CHILD_SAs. This allows the use of
|
||||
make-before-break instead of the previously supported
|
||||
break-before-make reauthentication, avoiding connectivity gaps
|
||||
during that procedure. As the new mechanism may fail with peers
|
||||
not supporting it (such as any previous strongSwan release) it
|
||||
must be explicitly enabled using the charon.make_before_break
|
||||
strongswan.conf option.
|
||||
* Support for "Signature Authentication in IKEv2" (RFC 7427) has
|
||||
been added. This allows the use of stronger hash algorithms
|
||||
for public key authentication. By default, signature schemes
|
||||
are chosen based on the strength of the signature key, but
|
||||
specific hash algorithms may be configured in leftauth.
|
||||
* Key types and hash algorithms specified in rightauth are now
|
||||
also checked against IKEv2 signature schemes. If such
|
||||
constraints are used for certificate chain validation in
|
||||
existing configurations, in particular with peers that don't
|
||||
support RFC 7427, it may be necessary to disable this feature
|
||||
with the charon.signature_authentication_constraints setting,
|
||||
because the signature scheme used in classic IKEv2 public key
|
||||
authentication may not be strong enough.
|
||||
* The new connmark plugin allows a host to bind conntrack flows
|
||||
to a specific CHILD_SA by applying and restoring the SA mark
|
||||
to conntrack entries. This allows a peer to handle multiple
|
||||
transport mode connections coming over the same NAT device for
|
||||
client-initiated flows. A common use case is to protect
|
||||
L2TP/IPsec, as supported by some systems.
|
||||
* The forecast plugin can forward broadcast and multicast
|
||||
messages between connected clients and a LAN. For CHILD_SA
|
||||
using unique marks, it sets up the required Netfilter rules
|
||||
and uses a multicast/broadcast listener that forwards such
|
||||
messages to all connected clients. This plugin is designed for
|
||||
Windows 7 IKEv2 clients, which announces its services over the
|
||||
tunnel if the negotiated IPsec policy allows it.
|
||||
* For the vici plugin a Python Egg has been added to allow
|
||||
Python applications to control or monitor the IKE daemon using
|
||||
the VICI interface, similar to the existing ruby gem. The
|
||||
Python library has been contributed by Björn Schuberg.
|
||||
* EAP server methods now can fulfill public key constraints,
|
||||
such as rightcert or rightca. Additionally, public key and
|
||||
signature constraints can be specified for EAP methods in the
|
||||
rightauth keyword. Currently the EAP-TLS and EAP-TTLS methods
|
||||
provide verification details to constraints checking.
|
||||
* Upgrade of the BLISS post-quantum signature algorithm to the
|
||||
improved BLISS-B variant. Can be used in conjunction with the
|
||||
SHA256, SHA384 and SHA512 hash algorithms with SHA512 being
|
||||
the default.
|
||||
* The IF-IMV 1.4 interface now makes the IP address of the TNC
|
||||
access requestor as seen by the TNC server available to all
|
||||
IMVs. This information can be forwarded to policy enforcement
|
||||
points (e.g. firewalls or routers).
|
||||
* The new mutual tnccs-20 plugin parameter activates mutual TNC
|
||||
measurements in PB-TNC half-duplex mode between two endpoints
|
||||
over either a PT-EAP or PT-TLS transport medium.
|
||||
- Adjusted file lists and removed obsolete patches
|
||||
[- 0005-strongswan-5.2.2-5.3.0_unknown_payload.patch,
|
||||
- 0006-strongswan-5.1.0-5.3.1_enforce_remote_auth.patch,
|
||||
- 0007-strongswan-4.4.0-5.3.3_eap_mschapv2_state.patch]
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Nov 13 10:25:59 UTC 2015 - mt@suse.de
|
||||
|
||||
|
||||
Reference in New Issue
Block a user