forked from pool/strongswan
Marius Tomaschewski
ee9ed2353d
OBS-URL: https://build.opensuse.org/package/show/network:vpn/strongswan?expand=0&rev=76
1197 lines
64 KiB
Plaintext
1197 lines
64 KiB
Plaintext
-------------------------------------------------------------------
|
|
Fri Sep 26 16:02:09 UTC 2014 - mt@suse.de
|
|
|
|
- Re-enabled gcrypt plugin and reverted to not enforce fips again
|
|
as this breaks gcrypt and openssl plugins when the fips pattern
|
|
option is not installed (fate#316931,bnc#856322).
|
|
[- fips-disablegcrypt.patch]
|
|
- Added empty strongswan-hmac package supposed to provide fips hmac
|
|
files and enforce fips compliant operation later (bnc#856322).
|
|
- Cleaned up conditional build flags in the rpm spec file.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jul 3 13:39:45 UTC 2014 - meissner@suse.com
|
|
|
|
- disable gcrypt plugin by default, so it will only use openssl
|
|
fate#316931 [+strongswan-fips-disablegcrypt.patch]
|
|
- enable fips mode 2
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jun 20 17:38:07 UTC 2014 - crrodriguez@opensuse.org
|
|
|
|
- Fix build in factory
|
|
* Do not include var/run directories in package
|
|
* Move runtime data to /run and provide tmpfiles.d snippet
|
|
* Add proper systemd macros to rpm scriptlets.
|
|
* Do not buildRequire library package libnl1, it is not used.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Apr 14 23:36:07 UTC 2014 - mt@suse.de
|
|
|
|
- Updated to strongSwan 5.1.3 providing the following changes:
|
|
- Fixed an authentication bypass vulnerability triggered by rekeying
|
|
an unestablished IKEv2 SA while it gets actively initiated. This
|
|
allowed an attacker to trick a peer's IKE_SA state to established,
|
|
without the need to provide any valid authentication credentials.
|
|
(CVE-2014-2338, bnc#870572).
|
|
- The acert plugin evaluates X.509 Attribute Certificates. Group
|
|
membership information encoded as strings can be used to fulfill
|
|
authorization checks defined with the rightgroups option.
|
|
Attribute Certificates can be loaded locally or get exchanged in
|
|
IKEv2 certificate payloads.
|
|
- The pki command gained support to generate X.509 Attribute
|
|
Certificates using the --acert subcommand, while the --print
|
|
command supports the ac type. The openac utility has been removed
|
|
in favor of the new pki functionality.
|
|
- The libtls TLS 1.2 implementation as used by EAP-(T)TLS and other
|
|
protocols has been extended by AEAD mode support, currently limited
|
|
to AES-GCM.
|
|
- Fixed an issue where CRL/OCSP trustchain validation broke enforcing
|
|
CA constraints
|
|
- Limited OCSP signing to specific certificates to improve performance
|
|
- authKeyIdentifier is not added to self-signed certificates anymore
|
|
- Fixed the comparison of IKE configs if only the cipher suites were
|
|
different
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 2 05:53:21 UTC 2014 - mt@suse.de
|
|
|
|
- Updated to strongSwan 5.1.2 providing the following changes:
|
|
- A new default configuration file layout is introduced. The new
|
|
default strongswan.conf file mainly includes config snippets from
|
|
the strongswan.d and strongswan.d/charon directories (the latter
|
|
containing snippets for all plugins). The snippets, with commented
|
|
defaults, are automatically generated and installed, if they don't
|
|
exist yet. Also installed in $prefix/share/strongswan/templates so
|
|
existing files can be compared to the current defaults.
|
|
- As an alternative to the non-extensible charon.load setting, the
|
|
plugins to load in charon (and optionally other applications) can
|
|
now be determined via the charon.plugins.<name>.load setting for
|
|
each plugin (enabled in the new default strongswan.conf file via the
|
|
charon.load_modular option). The load setting optionally takes a
|
|
numeric priority value that allows reordering the plugins (otherwise
|
|
the default plugin order is preserved).
|
|
- All strongswan.conf settings that were formerly defined in library
|
|
specific "global" sections are now application specific (e.g.
|
|
settings for plugins in libstrongswan.plugins can now be set only
|
|
for charon in charon.plugins). The old options are still supported,
|
|
which now allows to define defaults for all applications in the
|
|
libstrongswan section.
|
|
- The ntru libstrongswan plugin supports NTRUEncrypt as a post-quantum
|
|
computer IKE key exchange mechanism. The implementation is based on
|
|
the ntru-crypto library from the NTRUOpenSourceProject.
|
|
The supported security strengths are ntru112, ntru128, ntru192, and
|
|
ntru256. Since the private DH group IDs 1030..1033 have been
|
|
assigned, the strongSwan Vendor ID must be sent in order to use NTRU
|
|
(charon.send_vendor_id = yes).
|
|
- Defined a TPMRA remote attestation workitem and added support for it
|
|
to the Attestation IMV.
|
|
- Compatibility issues between IPComp (compress=yes) and
|
|
leftfirewall=yes as well as multiple subnets in left|rightsubnet
|
|
have been fixed.
|
|
- When enabling its "session" strongswan.conf option, the xauth-pam
|
|
plugin opens and closes a PAM session for each established IKE_SA.
|
|
Patch courtesy of Andrea Bonomi.
|
|
- The strongSwan unit testing framework has been rewritten without the
|
|
"check" dependency for improved flexibility and portability. It now
|
|
properly supports multi-threaded and memory leak testing and brings
|
|
a bunch of new test cases.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Nov 1 12:28:39 UTC 2013 - mt@suse.de
|
|
|
|
- Updated to strongSwan 5.1.1 minor release addressing two security
|
|
fixes (bnc#847506,CVE-2013-6075, bnc#847509,CVE-2013-6076):
|
|
- Fixed a denial-of-service vulnerability and potential authorization
|
|
bypass triggered by a crafted ID_DER_ASN1_DN ID payload. The cause
|
|
is an insufficient length check when comparing such identities. The
|
|
vulnerability has been registered as CVE-2013-6075.
|
|
- Fixed a denial-of-service vulnerability triggered by a crafted IKEv1
|
|
fragmentation payload. The cause is a NULL pointer dereference. The
|
|
vulnerability has been registered as CVE-2013-6076.
|
|
- The lean stand-alone pt-tls-client can set up a RFC 6876 PT-TLS
|
|
session with a strongSwan policy enforcement point which uses the
|
|
tnc-pdp charon plugin.
|
|
- The new TCG TNC SWID IMC/IMV pair supports targeted SWID requests
|
|
for either full SWID Tag or concise SWID Tag ID inventories.
|
|
- The XAuth backend in eap-radius now supports multiple XAuth
|
|
exchanges for different credential types and display messages.
|
|
All user input gets concatenated and verified with a single
|
|
User-Password RADIUS attribute on the AAA. With an AAA supporting
|
|
it, one for example can implement Password+Token authentication with
|
|
proper dialogs on iOS and OS X clients. - charon supports IKEv1 Mode
|
|
Config exchange in push mode. The ipsec.conf modeconfig=push option
|
|
enables it for both client and server, the same way as pluto used it.
|
|
- Using the "ah" ipsec.conf keyword on both IKEv1 and IKEv2
|
|
connections, charon can negotiate and install Security Associations
|
|
integrity-protected by the Authentication Header protocol. Supported
|
|
are plain AH(+IPComp) SAs only, but not the deprecated RFC2401 style
|
|
ESP+AH bundles.
|
|
- The generation of initialization vectors for IKE and ESP (when using
|
|
libipsec) is now modularized and IVs for e.g. AES-GCM are now correctly
|
|
allocated sequentially, while other algorithms like AES-CBC still
|
|
use random IVs.
|
|
- The left and right options in ipsec.conf can take multiple address
|
|
ranges and subnets. This allows connection matching against a larger
|
|
set of addresses, for example to use a different connection for clients
|
|
connecting from a internal network.
|
|
- For all those who have a queasy feeling about the NIST elliptic curve
|
|
set, the Brainpool curves introduced for use with IKE by RFC 6932 might
|
|
be a more trustworthy alternative.
|
|
- The kernel-libipsec userland IPsec backend now supports usage
|
|
statistics, volume based rekeying and accepts ESPv3 style TFC padded
|
|
packets.
|
|
- With two new strongswan.conf options fwmarks can be used to implement
|
|
host-to-host tunnels with kernel-libipsec.
|
|
- load-tester supports transport mode connections and more complex
|
|
traffic selectors, including such using unique ports for each tunnel.
|
|
- The new dnscert plugin provides support for authentication via CERT
|
|
RRs that are protected via DNSSEC. The plugin was created by Ruslan
|
|
N. Marchenko.
|
|
- The eap-radius plugin supports forwarding of several Cisco Unity
|
|
specific RADIUS attributes in corresponding configuration payloads.
|
|
- Database transactions are now abstracted and implemented by the two
|
|
backends. If you use MySQL make sure all tables use the InnoDB engine.
|
|
- libstrongswan now can provide an experimental custom implementation
|
|
of the printf family functions based on klibc if neither Vstr nor
|
|
glibc style printf hooks are available. This can avoid the Vstr
|
|
dependency on some systems at the cost of slower and less complete
|
|
printf functions.
|
|
- Adjusted file lists: this version installs the pki utility and manuals
|
|
in common /usr directories and additional ipsec/pt-tls-client helper.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Aug 5 13:48:11 UTC 2013 - mt@suse.de
|
|
|
|
- Updated to strongSwan 5.1.0 release (bnc#833278, CVE-2013-5018):
|
|
- Fixed a denial-of-service vulnerability triggered by specific XAuth
|
|
usernames and EAP identities (since 5.0.3), and PEM files (since
|
|
4.1.11). The crash was caused by insufficient error handling in the
|
|
is_asn1() function. The vulnerability has been registered as
|
|
CVE-2013-5018.
|
|
- The new charon-cmd command line IKE client can establish road
|
|
warrior connections using IKEv1 or IKEv2 with different
|
|
authentication profiles. It does not depend on any configuration
|
|
files and can be configured using a few simple command line options.
|
|
- The kernel-pfroute networking backend has been greatly improved.
|
|
It now can install virtual IPs on TUN devices on OS X and FreeBSD,
|
|
allowing these systems to act as a client in common road warrior
|
|
scenarios.
|
|
- The new kernel-libipsec plugin uses TUN devices and libipsec to
|
|
provide IPsec processing in userland on Linux, FreeBSD and Mac OS X.
|
|
- The eap-radius plugin can now serve as an XAuth backend called
|
|
xauth-radius, directly verifying XAuth credentials using RADIUS
|
|
User-Name/User-Password attributes. This is more efficient than the
|
|
existing xauth-eap+eap-radius combination, and allows RADIUS servers
|
|
without EAP support to act as AAA backend for IKEv1.
|
|
- The new osx-attr plugin installs configuration attributes (currently
|
|
DNS servers) via SystemConfiguration on Mac OS X. The keychain
|
|
plugin provides certificates from the OS X keychain service.
|
|
- The sshkey plugin parses SSH public keys, which, together with the
|
|
--agent option for charon-cmd, allows the use of ssh-agent for
|
|
authentication. To configure SSH keys in ipsec.conf the
|
|
left|rightrsasigkey options are replaced with left|rightsigkey,
|
|
which now take public keys in one of three formats: SSH (RFC 4253,
|
|
ssh: prefix), DNSKEY (RFC 3110, dns: prefix), and PKCS#1 (the
|
|
default, no prefix).
|
|
- Extraction of certificates and private keys from PKCS#12 files is
|
|
now provided by the new pkcs12 plugin or the openssl plugin.
|
|
charon-cmd (--p12) as well as charon (via P12 token in
|
|
ipsec.secrets) can make use of this.
|
|
- IKEv2 can now negotiate transport mode and IPComp in NAT situations.
|
|
- IKEv2 exchange initiators now properly close an established IKE or
|
|
CHILD_SA on error conditions using an additional exchange, keeping
|
|
state in sync between peers.
|
|
- Using a SQL database interface a Trusted Network Connect (TNC)
|
|
Policy Manager can generate specific measurement workitems for an
|
|
arbitrary number of Integrity Measurement Verifiers (IMVs) based on
|
|
the history of the VPN user and/or device.
|
|
- Several core classes in libstrongswan are now tested with unit
|
|
tests. These can be enabled with --enable-unit-tests and run with
|
|
'make check'.
|
|
Coverage reports can be generated with --enable-coverage and 'make
|
|
coverage' (this disables any optimization, so it should not be
|
|
enabled when building production releases).
|
|
- The leak-detective developer tool has been greatly improved. It
|
|
works much faster/stabler with multiple threads, does not use
|
|
deprecated malloc hooks anymore and has been ported to OS X.
|
|
- chunk_hash() is now based on SipHash-2-4 with a random key. This
|
|
provides better distribution and prevents hash flooding attacks
|
|
when used with hashtables.
|
|
- All default plugins implement the get_features() method to define
|
|
features and their dependencies. The plugin loader has been
|
|
improved, so that plugins in a custom load statement can be ordered
|
|
freely or to express preferences without being affected by
|
|
dependencies between plugin features.
|
|
- A centralized thread can take care for watching multiple file
|
|
descriptors concurrently. This removes the need for a dedicated
|
|
listener threads in various plugins. The number of "reserved"
|
|
threads for such tasks has been reduced to about five, depending on
|
|
the plugin configuration.
|
|
- Plugins that can be controlled by a UNIX socket IPC mechanism gained
|
|
network transparency. Third party applications querying these
|
|
plugins now can use TCP connections from a different host.
|
|
- libipsec now supports AES-GCM.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 30 12:48:44 UTC 2013 - mt@suse.de
|
|
|
|
- Updated to strongSwan 5.0.4 release (bnc#815236, CVE-2013-2944):
|
|
- Fixed a security vulnerability in the openssl plugin which was
|
|
reported by Kevin Wojtysiak. The vulnerability has been registered
|
|
as CVE-2013-2944. Before the fix, if the openssl plugin's ECDSA
|
|
signature verification was used, due to a misinterpretation of the
|
|
error code returned by the OpenSSL ECDSA_verify() function, an empty
|
|
or zeroed signature was accepted as a legitimate one. Refer to our
|
|
blog for details.
|
|
- The handling of a couple of other non-security relevant OpenSSL
|
|
return codes was fixed as well.
|
|
- The tnc_ifmap plugin now publishes virtual IPv4 and IPv6 addresses
|
|
via its TCG TNC IF-MAP 2.1 interface.
|
|
- The charon.initiator_only strongswan.conf option causes charon to
|
|
ignore IKE initiation requests.
|
|
- The openssl plugin can now use the openssl-fips library.
|
|
The version 5.0.3 provides new ipseckey plugin, enabling authentication
|
|
based on trustworthy public keys stored as IPSECKEY resource records in
|
|
the DNS and protected by DNSSEC and new openssl plugin using the AES-NI
|
|
accelerated version of AES-GCM if the hardware supports it.
|
|
See http://wiki.strongswan.org/projects/strongswan/wiki/Changelog50
|
|
for a list of all changes since the 5.0.1 release.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 29 19:13:40 CET 2012 - sbrabec@suse.cz
|
|
|
|
- Verify GPG signature.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Nov 16 04:02:32 UTC 2012 - crrodriguez@opensuse.org
|
|
|
|
- Fix systemd unit dir
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 31 15:25:16 UTC 2012 - mt@suse.de
|
|
|
|
- Updated to strongSwan 5.0.1 release. Changes digest:
|
|
- Introduced the sending of the standard IETF Assessment Result
|
|
PA-TNC attribute by all strongSwan Integrity Measurement Verifiers.
|
|
- Extended PTS Attestation IMC/IMV pair to provide full evidence of
|
|
the Linux IMA measurement process. All pertinent file information
|
|
of a Linux OS can be collected and stored in an SQL database.
|
|
- The PA-TNC and PB-TNC protocols can now process huge data payloads.
|
|
- The xauth-pam backend can authenticate IKEv1 XAuth and Hybrid
|
|
authenticated clients against any PAM service.
|
|
- The new unity plugin brings support for some parts of the IKEv1
|
|
Cisco Unity Extensions.
|
|
- The kernel-netlink plugin supports the new strongswan.conf option
|
|
charon.install_virtual_ip_on.
|
|
- Job handling in controller_t was fixed, which occasionally caused
|
|
crashes on ipsec up/down.
|
|
- Fixed transmission EAP-MSCHAPv2 user name if it contains a domain
|
|
part.
|
|
Changes digest from strongSwan 5.0.0 version:
|
|
* The charon IKE daemon gained experimental support for the IKEv1
|
|
protocol. Pluto has been removed from the 5.x series.
|
|
* The NetworkManager charon plugin of previous releases is now
|
|
provided by a separate executable (charon-nm) and it should work
|
|
again with NM 0.9.
|
|
* scepclient was updated and it now works fine with Windows Server
|
|
2008 R2.
|
|
For full list of the changes, please read the NEWS file shipped
|
|
in the strongswan-doc package or online:
|
|
http://wiki.strongswan.org/projects/strongswan/wiki/Changelog50
|
|
- Adopted spec file, enabled several plugins, e.g.: ccm, certexpire,
|
|
coupling, ctr, duplicheck, eap-dynamic, eap-peap, eap-tls, eap-tnc,
|
|
eap-ttls, gcm, nonce, radattr, tnc, tnccs, unity, xauth-eap and pam.
|
|
- Changed to install strongswan.service with alias to ipsec.service
|
|
instead of the /etc/init.d/ipsec init script on openSUSE > 12.2.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Sep 7 08:36:57 UTC 2012 - mt@suse.de
|
|
|
|
- Applied upstream patch adjusting an internal thread id causing
|
|
charon keying daemon start failure (bnc#779038,strongswan#198):
|
|
openssl: Ensure the thread ID is never zero
|
|
This might otherwise cause problems because OpenSSL tries to
|
|
lock mutexes recursively if it assumes the lock is held by a
|
|
different thread e.g. during FIPS initialization.
|
|
See http://wiki.strongswan.org/issues/198 for more informations.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu May 31 16:08:43 UTC 2012 - mt@suse.com
|
|
|
|
- Updated to strongSwan 4.6.4 release:
|
|
- Fixed a security vulnerability in the gmp plugin. If this
|
|
plugin was used for RSA signature verification an empty or
|
|
zeroed signature was handled as a legitimate one
|
|
(bnc#761325, CVE-2012-2388).
|
|
- Fixed several issues with reauthentication and address updates.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu May 10 09:15:38 UTC 2012 - mt@suse.com
|
|
|
|
- Updated to strongSwan 4.6.3 release:
|
|
- The tnc-pdp plugin implements a RADIUS server interface allowing
|
|
a strongSwan TNC server to act as a Policy Decision Point.
|
|
- The eap-radius authentication backend enforces Session-Timeout
|
|
attributes using RFC4478 repeated authentication and acts upon
|
|
RADIUS Dynamic Authorization extensions, RFC 5176. Currently
|
|
supported are disconnect requests and CoA messages containing
|
|
a Session-Timeout.
|
|
- The eap-radius plugin can forward arbitrary RADIUS attributes
|
|
from and to clients using custom IKEv2 notify payloads. The new
|
|
radattr plugin reads attributes to include from files and prints
|
|
received attributes to the console.
|
|
- Added support for untruncated MD5 and SHA1 HMACs in ESP as used
|
|
in RFC 4595.
|
|
- The cmac plugin implements the AES-CMAC-96 and AES-CMAC-PRF-128
|
|
algorithms as defined in RFC 4494 and RFC 4615, respectively.
|
|
- The resolve plugin automatically installs nameservers via
|
|
resolvconf(8), if it is installed, instead of modifying
|
|
/etc/resolv.conf directly.
|
|
- The IKEv2 charon daemon supports now raw RSA public keys in RFC
|
|
3110 DNSKEY and PKCS#1 file format.
|
|
- The farp plugin sends ARP responses for any tunneled address,
|
|
not only virtual IPs.
|
|
- Charon resolves hosts again during additional keying tries.
|
|
- Fixed switching back to original address pair during MOBIKE.
|
|
- When resending IKE_SA_INIT with a COOKIE charon reuses the previous
|
|
DH value, as specified in RFC 5996.
|
|
This has an effect on the lifecycle of diffie_hellman_t, see
|
|
source:src/libcharon/sa/keymat.h#39 for details.
|
|
- COOKIEs are now kept enabled a bit longer to avoid certain race
|
|
conditions the commit message to 1b7debcc has some details.
|
|
- The new stroke user-creds command allows to set username/password
|
|
for a connection.
|
|
- strongswan.conf option added to set identifier for syslog(3) logging.
|
|
- Added a workaround for null-terminated XAuth secrets (as sent by
|
|
Android 4).
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Mar 3 00:10:34 UTC 2012 - tabraham@novell.com
|
|
|
|
- Updated to strongSwan 4.6.2 release:
|
|
Changes in 4.6.2:
|
|
- Upgraded the TCG IF-IMC and IF-IMV C API to the upcoming version 1.3
|
|
which supports IF-TNCCS 2.0 long message types, the exclusive flags
|
|
and multiple IMC/IMV IDs. Both the TNC Client and Server as well as
|
|
the "Test", "Scanner", and "Attestation" IMC/IMV pairs were updated.
|
|
- Fully implemented the "TCG Attestation PTS Protocol: Binding to IF-M"
|
|
standard (TLV-based messages only). TPM-based remote attestation of
|
|
Linux IMA (Integrity Measurement Architecture) possible. Measurement
|
|
reference values are automatically stored in an SQLite database.
|
|
- The EAP-RADIUS authentication backend supports RADIUS accounting. It sends
|
|
start/stop messages containing Username, Framed-IP and Input/Output-Octets
|
|
attributes and has been tested against FreeRADIUS and Microsoft NPS.
|
|
- Added support for PKCS#8 encoded private keys via the libstrongswan
|
|
pkcs8 plugin. This is the default format used by some OpenSSL tools since
|
|
version 1.0.0 (e.g. openssl req with -keyout).
|
|
- Added session resumption support to the strongSwan TLS stack.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Feb 15 13:31:40 UTC 2012 - mt@suse.com
|
|
|
|
- Updated to strongSwan 4.6.1 release:
|
|
Changes in 4.6.1:
|
|
- Because of changing checksums before and after installation which caused
|
|
the integrity tests to fail we avoided directly linking libsimaka,
|
|
libtls and libtnccs to those libcharon plugins which make use of these
|
|
dynamiclibraries.
|
|
Instead we linked the libraries to the charon daemon. Unfortunately
|
|
Ubuntu 11.10 activated the --as-needed ld option which discards explicit
|
|
links to dynamic libraries that are not actually used by the charon
|
|
daemon itself, thus causing failures during the loading of the plugins
|
|
which depend on these libraries for resolving external symbols.
|
|
- Therefore our approach of computing integrity checksums for plugins had
|
|
to be changed radically by moving the hash generation from the
|
|
compilation to the post-installation phase.
|
|
Changes in 4.6.0:
|
|
- The new libstrongswan certexpire plugin collects expiration information
|
|
of all used certificates and exports them to CSV files. It either
|
|
directly exports them or uses cron style scheduling for batch exports.
|
|
- Starter passes unresolved hostnames to charon, allowing it to do name
|
|
resolution not before the connection attempt. This is especially useful
|
|
with connections between hosts using dynamic IP addresses.
|
|
Thanks to Mirko Parthey for the initial patch.
|
|
- The android plugin can now be used without the Android frontend patch
|
|
and provides DNS server registration and logging to logcat.
|
|
- Pluto and starter (plus stroke and whack) have been ported to Android.
|
|
- Support for ECDSA private and public key operations has been added to
|
|
the pkcs11 plugin. The plugin now also provides DH and ECDH via PKCS#11
|
|
and can use tokens as random number generators (RNG). By default only
|
|
private key operations are enabled, more advanced features have to be
|
|
enabled by their option in strongswan.conf. This also applies to public
|
|
key operations (even for keys not stored on the token) which were
|
|
enabled by default before.
|
|
- The libstrongswan plugin system now supports detailed plugin
|
|
dependencies. Many plugins have been extended to export its capabilities
|
|
and requirements. This allows the plugin loader to resolve plugin
|
|
loading order automatically, and in future releases, to dynamically load
|
|
the required features on demand.
|
|
Existing third party plugins are source (but not binary) compatible if
|
|
they properly initialize the new get_features() plugin function to NULL.
|
|
- The tnc-ifmap plugin implements a TNC IF-MAP 2.0 client which can
|
|
deliver metadata about IKE_SAs via a SOAP interface to a MAP server.
|
|
The tnc-ifmap plugin requires the Apache Axis2/C library.
|
|
- Merged patches, changed strongswan-doc to be a noarch package.
|
|
- Fixed rpmlint runlevel & fsf warnings, updated rpmlintrc
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Feb 6 10:27:00 UTC 2012 - aj@suse.de
|
|
|
|
- Only glib.h can be included, fix compilation.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 21 10:31:49 UTC 2011 - coolo@suse.com
|
|
|
|
- remove call to suse_update_config (very old work around)
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 12 09:26:51 UTC 2011 - coolo@suse.com
|
|
|
|
- remove _service file, too fragile
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 12 08:24:36 UTC 2011 - mt@suse.com
|
|
|
|
- Fixed version in last changelog entry
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Sep 8 16:06:46 UTC 2011 - mt@suse.com
|
|
|
|
- Updated to strongSwan 4.5.3 release, changes overview since 4.5.2:
|
|
* Our private libraries (e.g. libstrongswan) are not installed directly in
|
|
prefix/lib anymore. Instead a subdirectory is used (prefix/lib/ipsec/ by
|
|
default). The plugins directory is also moved from libexec/ipsec/ to that
|
|
directory.
|
|
* The dynamic IMC/IMV libraries were moved from the plugins directory to
|
|
a new imcvs directory in the prefix/lib/ipsec/ subdirectory.
|
|
* Job priorities were introduced to prevent thread starvation caused by too
|
|
many threads handling blocking operations (such as CRL fetching).
|
|
* Two new strongswan.conf options allow to fine-tune performance on IKEv2
|
|
gateways by dropping IKE_SA_INIT requests on high load.
|
|
* IKEv2 charon daemon supports PASS and DROP shunt policies
|
|
preventing traffic to go through IPsec connections. Installation of the
|
|
shunt policies either via the XFRM netfilter or PFKEYv2 IPsec kernel
|
|
interfaces.
|
|
* The history of policies installed in the kernel is now tracked so that e.g.
|
|
trap policies are correctly updated when reauthenticated SAs are terminated.
|
|
* IMC/IMV Scanner pair implementing the RFC 5792 PA-TNC (IF-M) protocol.
|
|
Using "netstat -l" the IMC scans open listening ports on the TNC client
|
|
and sends a port list to the IMV which based on a port policy decides if
|
|
the client is admitted to the network.
|
|
* IMC/IMV Test pair implementing the RFC 5792 PA-TNC (IF-M) protocol.
|
|
* The IKEv2 close action does not use the same value as the ipsec.conf dpdaction
|
|
setting, but the value defined by its own closeaction keyword. The action
|
|
is triggered if the remote peer closes a CHILD_SA unexpectedly.
|
|
- Fixed some fmt warnings in libchecksum, adopted paths in the spec file
|
|
|
|
-------------------------------------------------------------------
|
|
Sun May 29 16:37:00 UTC 2011 - jcnengel@googlemail.com
|
|
|
|
- Updated to strongSwan 4.5.2 release, changes overview since 4.5.1:
|
|
* The whitelist plugin for the IKEv2 daemon maintains an in-memory identity
|
|
whitelist. Any connection attempt of peers not whitelisted will get rejected.
|
|
The 'ipsec whitelist' utility provides a simple command line frontend for
|
|
whitelist administration.
|
|
* The duplicheck plugin provides a specialized form of duplicate checking,
|
|
doing a liveness check on the old SA and optionally notify a third party
|
|
application about detected duplicates.
|
|
* The coupling plugin permanently couples two or more devices by limiting
|
|
authentication to previously used certificates.
|
|
* In the case that the peer config and child config don't have the same name
|
|
(usually in SQL database defined connections), ipsec up|route <peer config>
|
|
starts|routes all associated child configs and ipsec up|route <child config>
|
|
only starts|routes the specific child config.
|
|
* fixed the encoding and parsing of X.509 certificate policy statements (CPS).
|
|
* Duncan Salerno contributed the eap-sim-pcsc plugin implementing a
|
|
pcsc-lite based SIM card backend.
|
|
* The eap-peap plugin implements the EAP PEAP protocol. Interoperates
|
|
successfully with a FreeRADIUS server and Windows 7 Agile VPN clients.
|
|
* The IKEv2 daemon charon rereads strongswan.conf on SIGHUP and instructs
|
|
all plugins to reload. Currently only the eap-radius and the attr plugins
|
|
support configuration reloading.
|
|
* Added userland support to the IKEv2 daemon for Extended Sequence Numbers
|
|
support coming with Linux 2.6.39. To enable ESN on a connection, add
|
|
the 'esn' keyword to the proposal. The default proposal uses 32-bit sequence
|
|
numbers only ('noesn'), and the same value is used if no ESN mode is
|
|
specified. To negotiate ESN support with the peer, include both, e.g.
|
|
esp=aes128-sha1-esn-noesn.
|
|
* In addition to ESN, Linux 2.6.39 gained support for replay windows larger
|
|
than 32 packets. The new global strongswan.conf option 'charon.replay_window'
|
|
configures the size of the replay window, in packets.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Mar 14 10:59:32 UTC 2011 - mt@suse.de
|
|
|
|
- Updated to strongSwan 4.5.1 release, changes overview since 4.5.0:
|
|
* Implements RFC 5793 Posture Broker Protocol (BP)
|
|
* Re-implemented TNCCS 1.1 protocol
|
|
* Allows to store IKE and ESP proposals in an SQL database
|
|
* Allows to store CRL and OCSP cert points in an SQL database
|
|
* New 'include' statement in strongswan.conf allows recursions
|
|
* Modifications of strongswan.conf parser, cause syntax attr plugin
|
|
syntax changes.
|
|
* ipsec listalgs now appends the plugin registering an algo
|
|
* Adds support for Traffic Flow Confidentiality with Linux 2.6.38
|
|
* New af-alg plugin allows to use new primitives in 2.6.38 crypto api
|
|
and removes the need for additional userland implementations.
|
|
* IKEv2 daemon supports the INITIAL_CONTACT notify
|
|
* conftest conformance testing framework
|
|
* new constraints plugin provides advanced X.509 constraint checking
|
|
* left/rightauth ipsec.conf keywords accept minimum strengths
|
|
* basic support for delta CRLs
|
|
See the NEWS file or http://download.strongswan.org/CHANGES4.txt
|
|
for a detailed description of the changes.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Nov 22 09:05:30 UTC 2010 - mt@suse.de
|
|
|
|
- Cleaned up spec file; use with_mysql,sqlite,gcrypt,nm flags
|
|
- Disabled tests sub-package with load-tester and test-vectors
|
|
plugins by default using a with_tests flag (causes load error
|
|
in "ipsec pki" when enabled but the package is not installed).
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Nov 16 12:01:46 UTC 2010 - mt@suse.de
|
|
|
|
- Updated to strongSwan 4.5.0 release, changes since 4.4.1 are:
|
|
* IMPORTANT: the default keyexchange mode 'ike' is changing with
|
|
release 4.5 from 'ikev1' to 'ikev2', thus commemorating the five
|
|
year anniversary of the IKEv2 RFC 4306 and its mature successor
|
|
RFC 5996. The time has definitively come for IKEv1 to go into
|
|
retirement and to cede its place to the much more robust, powerful
|
|
and versatile IKEv2 protocol!
|
|
* Added new ctr, ccm and gcm plugins providing Counter, Counter
|
|
with CBC-MAC and Galois/Counter Modes based on existing CBC
|
|
implementations. These new plugins bring support for AES and
|
|
Camellia Counter and CCM algorithms and the AES GCM algorithms
|
|
for use in IKEv2.
|
|
* The new pkcs11 plugin brings full Smartcard support to the IKEv2
|
|
daemon and the pki utility using one or more PKCS#11 libraries. It
|
|
currently supports RSA private and public key operations and loads
|
|
X.509 certificates from tokens.
|
|
* Implemented a general purpose TLS stack based on crypto and
|
|
credential primitives of libstrongswan. libtls supports TLS
|
|
versions 1.0, 1.1 and 1.2, ECDHE-ECDSA/RSA, DHE-RSA and RSA key
|
|
exchange algorithms and RSA/ECDSA based client authentication.
|
|
* Based on libtls, the eap-tls plugin brings certificate based EAP
|
|
authentication for client and server. It is compatible to Windows
|
|
7 IKEv2 Smartcard authentication and the OpenSSL based FreeRADIUS
|
|
EAP-TLS backend.
|
|
* Implemented the TNCCS 1.1 Trusted Network Connect protocol using
|
|
the libtnc library on the strongSwan client and server side via
|
|
the tnccs_11 plugin and optionally connecting to a TNC@FHH-enhanced
|
|
FreeRADIUS AAA server. Depending on the resulting TNC Recommendation,
|
|
strongSwan clients are granted access to a network behind a
|
|
strongSwan gateway (allow), are put into a remediation zone (isolate)
|
|
or are blocked (none), respectively.
|
|
Any number of Integrity Measurement Collector/Verifier pairs can be
|
|
attached via the tnc-imc and tnc-imv charon plugins.
|
|
* The IKEv1 daemon pluto now uses the same kernel interfaces as the
|
|
IKEv2 daemon charon. As a result of this, pluto now supports xfrm
|
|
marks which were introduced in charon with 4.4.1.
|
|
* The RADIUS plugin eap-radius now supports multiple RADIUS servers
|
|
for redundant setups. Servers are selected by a defined priority,
|
|
server load and availability.
|
|
* The simple led plugin controls hardware LEDs through the Linux LED
|
|
subsystem. It currently shows activity of the IKE daemon and is a
|
|
good example how to implement a simple event listener.
|
|
* Improved MOBIKE behavior in several corner cases, for instance,
|
|
if the initial responder moves to a different address.
|
|
* Fixed left-/rightnexthop option, which was broken since 4.4.0.
|
|
* Fixed a bug not releasing a virtual IP address to a pool if the
|
|
XAUTH identity was different from the IKE identity.
|
|
* Fixed the alignment of ModeConfig messages on 4-byte boundaries
|
|
in the case where the attributes are not a multiple of 4 bytes
|
|
(e.g. Cisco's UNITY_BANNER).
|
|
* Fixed the interoperability of the socket_raw and socket_default
|
|
charon plugins.
|
|
* Added man page for strongswan.conf
|
|
- Adopted spec file, removed obsolete error range patch.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Aug 10 11:43:38 UTC 2010 - mt@suse.de
|
|
|
|
- Updated to strongSwan 4.4.1 release, changes since 4.4.0 are:
|
|
* Support of xfrm marks in IPsec SAs and IPsec policies introduced
|
|
with the Linux 2.6.34 kernel.
|
|
For details see the example scenarios ikev2/nat-two-rw-mark,
|
|
ikev2/rw-nat-mark-in-out and ikev2/net2net-psk-dscp.
|
|
* The PLUTO_MARK_IN and PLUTO_ESP_ENC environment variables can be
|
|
used in a user-specific updown script to set marks on inbound ESP
|
|
or ESP_IN_UDP packets.
|
|
* The openssl plugin now supports X.509 certificate and CRL functions.
|
|
* OCSP/CRL checking in IKEv2 has been moved to the revocation plugin,
|
|
enabled by default.
|
|
Plase update manual load directives in strongswan.conf.
|
|
* RFC3779 ipAddrBlock constraint checking has been moved to the
|
|
addrblock plugin, disabled by default. Enable it and update manual
|
|
load directives in strongswan.conf, if required.
|
|
* The pki utility supports CRL generation using the --signcrl command.
|
|
* The ipsec pki --self, --issue and --req commands now support output
|
|
in PEM format using the --outform pem option.
|
|
* The major refactoring of the IKEv1 Mode Config functionality now
|
|
allows the transport and handling of any Mode Config attribute.
|
|
* The RADIUS proxy plugin eap-radius now supports multiple servers.
|
|
Configured servers are chosen randomly, with the option to prefer
|
|
a specific server. Non-responding servers are degraded by the
|
|
selection process.
|
|
* The ipsec pool tool manages arbitrary configuration attributes
|
|
stored in an SQL database. ipsec pool --help gives the details.
|
|
* The new eap-simaka-sql plugin acts as a backend for EAP-SIM and
|
|
EAP-AKA, reading triplets/quintuplets from an SQL database.
|
|
* The High Availability plugin now supports a HA enabled in-memory
|
|
address pool and Node reintegration without IKE_SA rekeying. The
|
|
latter allows clients without IKE_SA rekeying support to keep
|
|
connected during reintegration. Additionally, many other issues
|
|
have been fixed in the ha plugin.
|
|
* Fixed a potential remote code execution vulnerability resulting
|
|
from the misuse of snprintf(). The vulnerability is exploitable
|
|
by unauthenticated users.
|
|
- Removed obsolete snprintf security fix, adopted spec file
|
|
- Enabled the eap-sim,eap-sim-file,eap-simaka-sql,eap-simaka-reauth,
|
|
eap-simaka-pseudonym,eap-aka-3gpp2,md4,blowfish,addrblock plugins.
|
|
- Enabled the mysql, sqlite, load-tester and test-vectors plugins,
|
|
that are packaged into separate mysql,sqlite,tests sub packages.
|
|
- Disabled sqlite plugin on SLE-10 -- sqlite3 lib is too old there.
|
|
- Applied patch by Jiri Bohac fixing error-type range in parsing of
|
|
NOTIFY payloads (RFC 4306, section 3.10.1).
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jul 2 15:40:17 UTC 2010 - mt@suse.de
|
|
|
|
- Applied upstream patch fixing snprintf flaws in the strongSwan
|
|
IKE daemons exploitable by unauthenticated attackers using a
|
|
crafted certificate or identification payload (bnc#615915).
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jul 2 14:16:18 UTC 2010 - mt@suse.de
|
|
|
|
- Added README.SUSE to source list in the spec file.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri May 14 19:19:04 UTC 2010 - mt@suse.de
|
|
|
|
- Updated to strongSwan 4.4.0 release, changes since 4.3.6 are:
|
|
* The IKEv2 High Availability plugin has been integrated. It
|
|
provides load sharing and failover capabilities in a cluster of
|
|
currently two nodes, based on an extend ClusterIP kernel module.
|
|
More information is available at
|
|
http://wiki.strongswan.org/projects/strongswan/wiki/HighAvailability.
|
|
The development of the High Availability functionality was sponsored
|
|
by secunet Security Networks AG.
|
|
* Added IKEv1 and IKEv2 configuration support for the AES-GMAC
|
|
authentication-only ESP cipher. Our aes_gmac kernel patch or a Linux
|
|
2.6.34 kernel is required to make AES-GMAC available via the XFRM
|
|
kernel interface.
|
|
* Added support for Diffie-Hellman groups 22, 23 and 24 to the gmp,
|
|
gcrypt and openssl plugins, usable by both pluto and charon. The new
|
|
proposal keywords are modp1024s160, modp2048s224 and modp2048s256.
|
|
Thanks to Joy Latten from IBM for her contribution.
|
|
* The IKEv1 pluto daemon supports RAM-based virtual IP pools using
|
|
the rightsourceip directive with a subnet from which addresses
|
|
are allocated.
|
|
* The ipsec pki --gen and --pub commands now allow the output of
|
|
private and public keys in PEM format using the --outform pem
|
|
command line option.
|
|
* The new DHCP plugin queries virtual IP addresses for clients from
|
|
a DHCP server using broadcasts, or a defined server using the
|
|
charon.plugins.dhcp.server strongswan.conf option. DNS/WINS server
|
|
information is additionally served to clients if the DHCP server
|
|
provides such information. The plugin is used in ipsec.conf
|
|
configurations having rightsourceip set to %dhcp.
|
|
* A new plugin called farp fakes ARP responses for virtual IP
|
|
addresses handed out to clients from the IKEv2 daemon charon. The
|
|
plugin lets a road-warrior act as a client on the local LAN if it
|
|
uses a virtual IP from the responders subnet, e.g. acquired using
|
|
the DHCP plugin.
|
|
* The existing IKEv2 socket implementations have been migrated to
|
|
the socket-default and the socket-raw plugins. The new
|
|
socket-dynamic plugin binds sockets dynamically to ports configured
|
|
via the left-/rightikeport ipsec.conf connection parameters.
|
|
* The android charon plugin stores received DNS server information
|
|
as "net.dns" system properties, as used by the Android platform.
|
|
- Splitted package into strongswan-ipsec, that install the traditional
|
|
ipsec service starter scripts, -ikev1 and -ikev2 installing daemons
|
|
and -libs0, that contains the library and plugins.
|
|
- Enabled dhcp, farp, ha, socket-dynamic, agent, eap and sql plugins.
|
|
- Enabled NetworkManager nm plugin in a separate strongswan-nm package.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 2 21:42:10 CET 2010 - mt@suse.de
|
|
|
|
- Updated to strongSwan 4.3.6 release, changes since 4.3.4 are:
|
|
* The IKEv2 daemon supports RFC 3779 IP address block constraints
|
|
carried as a critical X.509v3 extension in the peer certificate.
|
|
* The ipsec pool --add|del dns|nbns command manages DNS and NBNS
|
|
name server entries that are sent via the IKEv1 Mode Config or
|
|
IKEv2 Configuration Payload to remote clients.
|
|
* The Camellia cipher can be used as an IKEv1 encryption algorithm.
|
|
* The IKEv1 and IKEV2 daemons now check certificate path length
|
|
constraints.
|
|
* The new ipsec.conf conn option "inactivity" closes a CHILD_SA if
|
|
no traffic was sent or received within the given interval. To close
|
|
the complete IKE_SA if its only CHILD_SA was inactive, set the
|
|
global strongswan.conf option "charon.inactivity_close_ike" to yes.
|
|
* More detailed IKEv2 EAP payload information in debug output
|
|
* IKEv2 EAP-SIM and EAP-AKA share joint libsimaka library
|
|
* Added required userland changes for proper SHA256 and SHA384/512
|
|
in ESP that will be introduced with Linux 2.6.33.
|
|
The "sha256"/"sha2_256" keyword now configures the kernel with 128
|
|
bit truncation, not the non-standard 96 bit truncation used by
|
|
previous releases. To use the old 96 bit truncation scheme, the new
|
|
"sha256_96" proposal keyword has been introduced.
|
|
* Fixed IPComp in tunnel mode, stripping out the duplicated outer
|
|
header. This change makes IPcomp tunnel mode connections
|
|
incompatible with previous releases; disable compression on such
|
|
tunnels.
|
|
* Fixed BEET mode connections on recent kernels by installing SAs
|
|
with appropriate traffic selectors, based on a patch by Michael
|
|
Rossberg.
|
|
* Using extensions (such as BEET mode) and crypto algorithms (such
|
|
as twofish, serpent, sha256_96) allocated in the private use space
|
|
now require that we know its meaning, i.e. we are talking to
|
|
strongSwan. Use the new "charon.send_vendor_id" option in
|
|
strongswan.conf to let the remote peer know this is the case.
|
|
* Experimental support for draft-eronen-ipsec-ikev2-eap-auth, where
|
|
the responder omits public key authentication in favor of a mutual
|
|
authentication method. To enable EAP-only authentication, set
|
|
rightauth=eap on the responder to rely only on the MSK constructed
|
|
AUTH payload. This not-yet standardized extension requires the
|
|
strongSwan vendor ID introduced above.
|
|
* The IKEv1 daemon ignores the Juniper SRX notification type 40001,
|
|
thus allowing interoperability.
|
|
* The IKEv1 pluto daemon can now use SQL-based address pools to
|
|
deal out virtual IP addresses as a Mode Config server. The pool
|
|
capability has been migrated from charon's sql plugin to a new
|
|
attr-sql plugin which is loaded by libstrongswan and which can be
|
|
used by both daemons either with a SQLite or MySQL database and the
|
|
corresponding plugin.
|
|
* Plugin names have been streamlined: EAP plugins now have a dash
|
|
after eap (e.g. eap-sim), as it is used with the --enable-eap-sim
|
|
./configure option.
|
|
Plugin configuration sections in strongswan.conf now use the same
|
|
name as the plugin itself (i.e. with a dash). Make sure to update
|
|
"load" directives and the affected plugin sections in existing
|
|
strongswan.conf files.
|
|
* The private/public key parsing and encoding has been split up
|
|
into separate pkcs1, pgp, pem and dnskey plugins. The public key
|
|
implementation plugins gmp, gcrypt and openssl can all make use
|
|
of them.
|
|
* The EAP-AKA plugin can use different backends for USIM/quintuplet
|
|
calculations, very similar to the EAP-SIM plugin. The existing 3GPP2
|
|
software implementation has been migrated to a separate plugin.
|
|
* The IKEv2 daemon charon gained basic PGP support. It can use
|
|
locally installed peer certificates and can issue signatures based
|
|
on RSA private keys.
|
|
* The new 'ipsec pki' tool provides a set of commands to maintain a
|
|
public key infrastructure. It currently supports operations to
|
|
create RSA and ECDSA private/public keys, calculate fingerprints and
|
|
issue or verify certificates.
|
|
* Charon uses a monotonic time source for statistics and job
|
|
queueing, behaving correctly if the system time changes (e.g. when
|
|
using NTP).
|
|
* In addition to time based rekeying, charon supports IPsec SA
|
|
lifetimes based on processed volume or number of packets.
|
|
They new ipsec.conf paramaters 'lifetime' (an alias to 'keylife'),
|
|
'lifebytes' and 'lifepackets' handle SA timeouts, while the
|
|
parameters 'margintime' (an alias to rekeymargin), 'marginbytes'
|
|
and 'marginpackets' trigger the rekeying before a SA expires.
|
|
The existing parameter 'rekeyfuzz' affects all margins.
|
|
* If no CA/Gateway certificate is specified in the NetworkManager
|
|
plugin, charon uses a set of trusted root certificates preinstalled
|
|
by distributions. The directory containing CA certificates can be
|
|
specified using the --with-nm-ca-dir=path configure option.
|
|
* Fixed the encoding of the Email relative distinguished name in
|
|
left|rightid statements.
|
|
* Fixed the broken parsing of PKCS#7 wrapped certificates by the
|
|
pluto daemon.
|
|
* Fixed smartcard-based authentication in the pluto daemon which
|
|
was broken by the ECDSA support introduced with the 4.3.2 release.
|
|
* A patch contributed by Heiko Hund fixes mixed IPv6 in IPv4 and
|
|
vice versa tunnels established with the IKEv1 pluto daemon.
|
|
* The pluto daemon now uses the libstrongswan x509 plugin for
|
|
certificates and CRls and the struct id type was replaced by
|
|
identification_t used by charon and the libstrongswan library.
|
|
- Removed obsolete load_secrets patches, refreshed modprobe patch.
|
|
- Corrected a time_t cast reported by rpmlint (timer.c:51)
|
|
- Disabled libtoolize call and the gcrypt plugin on SLE 10.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Sep 4 12:56:59 CEST 2009 - mt@suse.de
|
|
|
|
- Fixed open failure debug message in load_secrets
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Sep 3 23:44:37 CEST 2009 - mt@suse.de
|
|
|
|
- Applied patch fixing locking in ipsec.secrets inclusion.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Aug 31 16:06:13 CEST 2009 - mt@suse.de
|
|
|
|
- Updated to strongSwan 4.3.4 release:
|
|
* IKEv2 charon daemon ported to FreeBSD and Mac OS X. Installation
|
|
details can be found on wiki.strongswan.org.
|
|
* ipsec statusall shows the number of bytes transmitted and received
|
|
over ESP connections configured by the IKEv2 charon daemon.
|
|
* The IKEv2 charon daemon supports include files in ipsec.secrets.
|
|
- Removed obsolete ipsec.secrets include patch (bnc#524799)
|
|
and patch to avoid libchecksum version.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Aug 7 11:44:30 CEST 2009 - mt@suse.de
|
|
|
|
- Applied patch implementing ipsec.secrets "include" directive
|
|
support in charon (http://wiki.strongswan.org/issues/show/82,
|
|
bnc#524799).
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jul 27 13:40:57 CEST 2009 - mt@suse.de
|
|
|
|
- Updated to strongSwan 4.3.3 release:
|
|
* The configuration option --enable-integrity-test plus the
|
|
strongswan.conf option libstrongswan.integrity_test = yes
|
|
activate integrity tests of the IKE daemons charon and pluto,
|
|
libstrongswan and all loaded plugins. Thus dynamic library
|
|
misconfigurations and non-malicious file manipulations can be
|
|
reliably detected.
|
|
* The new default setting libstrongswan.ecp_x_coordinate_only=yes
|
|
allows IKEv1 interoperability with MS Windows using the ECP DH
|
|
groups 19 and 20.
|
|
* The IKEv1 pluto daemon now supports the AES-CCM and AES-GCM ESP
|
|
authenticated encryption algorithms.
|
|
* The IKEv1 pluto daemon now supports V4 OpenPGP keys.
|
|
* The RDN parser vulnerability discovered by Orange Labs research
|
|
team was not completely fixed in version 4.3.2. Some more
|
|
modifications had to be applied to the asn1_length() function to
|
|
make it robust.
|
|
- Enabled --enable-integrity-test configure option (new feature).
|
|
- Removed patch to avoid plugin versions (accepted by upstream)
|
|
and added patch to avoid version for new libchecksum library.
|
|
- Added -Wno-pointer-sign -Wno-strict-aliasing CFLAGS in the spec.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jun 10 11:04:44 CEST 2009 - mt@suse.de
|
|
|
|
- Updated to strongSwan 4.3.2 release, that fixes two asn1 parser
|
|
DoS vulnerabilities and provides several new features, e.g.:
|
|
* The new gcrypt plugin provides symmetric cipher, hasher, RNG,
|
|
Diffie-Hellman and RSA crypto primitives using the LGPL licensed
|
|
GNU gcrypt library.
|
|
* libstrongswan features an integrated crypto selftest framework
|
|
for registered algorithms. The test-vector plugin provides a first
|
|
set of test vectors and allows pluto and charon to rely on tested
|
|
crypto algorithms.
|
|
* pluto can now use all libstrongswan plugins with the exception
|
|
of x509 and xcbc. Thanks to the openssl plugin, the ECP Diffie-
|
|
Hellman groups 19, 20, 21, 25, and 26 as well as ECDSA-256,
|
|
ECDSA-384, and ECDSA-521 authentication can be used with IKEv1.
|
|
* Applying their fuzzing tool, the Orange Labs vulnerability
|
|
research team found another two DoS vulnerabilities, one in the
|
|
rather old ASN.1 parser of Relative Distinguished Names (RDNs)
|
|
and a second one in the conversion of ASN.1 UTCTIME and
|
|
GENERALIZEDTIME strings to a time_t value.
|
|
* The nm plugin now passes DNS/NBNS server information to
|
|
NetworkManager, allowing a gateway administrator to set DNS/NBNS
|
|
configuration on clients dynamically.
|
|
* The nm plugin also accepts CA certificates for gateway
|
|
authentication. If a CA certificate is configured, strongSwan uses
|
|
the entered gateway address as its idenitity, requiring the gateways
|
|
certificate to contain the same as subjectAltName.
|
|
This allows a gateway administrator to deploy the same
|
|
certificates to Windows 7 and NetworkManager clients.
|
|
* The command ipsec purgeike deletes IKEv2 SAs that don't have a
|
|
CHILD SA.
|
|
The command ipsec down <conn>{n} deletes CHILD SA instance n of
|
|
connection <conn> whereas ipsec down <conn>{*} deletes all CHILD
|
|
SA instances.
|
|
The command ipsec down <conn>[n] deletes IKE SA instance n of
|
|
connection <conn> plus dependent CHILD SAs whereas ipsec down
|
|
<conn>[*] deletes all IKE SA instances of connection <conn>.
|
|
* Fixed a regression introduced in 4.3.0 where EAP authentication
|
|
calculated the AUTH payload incorrectly. Further, the EAP-MSCHAPv2
|
|
MSK key derivation has been updated to be compatible with the
|
|
Windows 7 Release Candidate.
|
|
* Refactored installation of triggering policies. Routed policies
|
|
are handled outside of IKE_SAs to keep them installed in any case.
|
|
A tunnel gets established only once, even if initiation is delayed
|
|
due network outages.
|
|
* Improved the handling of multiple acquire signals triggered by
|
|
the kernel.
|
|
* Fixed two DoS vulnerabilities in the charon daemon that were
|
|
discovered by fuzzing techniques:
|
|
1) Sending a malformed IKE_SA_INIT request leaved an incomplete
|
|
state which caused a null pointer dereference if a subsequent
|
|
CREATE_CHILD_SA request was sent.
|
|
2) Sending an IKE_AUTH request with either a missing TSi or TSr
|
|
payload caused a null pointer derefence because the checks for
|
|
TSi and TSr were interchanged.
|
|
The IKEv2 fuzzer used was developped by the Orange Labs
|
|
vulnerability research team. The tool was initially written
|
|
by Gabriel Campana and is now maintained by Laurent Butti.
|
|
* Added support for AES counter mode in ESP in IKEv2 using the
|
|
proposal keywords aes128ctr, aes192ctr and aes256ctr.
|
|
* Further progress in refactoring pluto: Use of the curl and ldap
|
|
plugins for fetching crls and OCSP. Use of the random plugin to
|
|
get keying material from /dev/random or /dev/urandom. Use of the
|
|
openssl plugin as an alternative to the aes, des, sha1, sha2, and
|
|
md5 plugins. The blowfish, twofish, and serpent encryption plugins
|
|
are now optional and are not enabled by default.
|
|
- Enabled new gcrypt plugin
|
|
- Adopted spec file and modprobe to syslog patch
|
|
- Removed obsolete getline glibc collision patch
|
|
- Added patch to avoid library version for plugins (rpmlint).
|
|
- Replaced update-dns-server patch with a --with-resolv-conf.
|
|
- Removed restart_on_update from spec file (see bnc#450390).
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jun 8 00:21:13 CEST 2009 - ro@suse.de
|
|
|
|
- rename getline to my_getline to avoid collision with function
|
|
from glibc
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 2 09:56:16 CEST 2009 - mt@suse.de
|
|
|
|
- Applied fix for a Denial-of-Service vulnerability where receiving
|
|
a malformed IKE_SA_INIT request leaves an incomplete state which
|
|
causes a crash of the IKEv2 charon while dereferencing a NULL
|
|
pointer if a subsequent CREATE_CHILD_SA is received (bnc#507742).
|
|
- Applied fix for a Denial-of-Service vulnerability where receiving
|
|
a malformed IKE_AUTH request with either a missing TSi or TSr
|
|
traffic selector payload causes a crash of the IKEv2 charon while
|
|
dereferencing a NULL pointer because the NULL pointer checks of
|
|
TSi and TSr before destruction were erroneously swapped
|
|
(bnc#507742).
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 31 11:19:03 CEST 2009 - mt@suse.de
|
|
|
|
- Updated to strongSwan 4.2.14 release that fixes a grave DPD
|
|
denial of service vulnerability registered as CVE-2009-0790,
|
|
that had been slumbering in the code for many years:
|
|
* A vulnerability in the Dead Peer Detection (RFC 3706) code
|
|
was found by Gerd v. Egidy <gerd.von.egidy@intra2net.com> of
|
|
Intra2net AG affecting all Openswan and strongSwan releases.
|
|
A malicious (or expired ISAKMP) R_U_THERE or R_U_THERE_ACK
|
|
Dead Peer Detection packet can cause the pluto IKE daemon to
|
|
crash and restart. No authentication or encryption is required
|
|
to trigger this bug. One spoofed UDP packet can cause the pluto
|
|
IKE daemon to restart and be unresponsive for a few seconds
|
|
while restarting. This DPD null state vulnerability has been
|
|
officially registered as CVE-2009-0790 and is fixed by this
|
|
release.
|
|
* The new server-side EAP RADIUS plugin (--enable-eap-radius)
|
|
relays EAP messages to and from a RADIUS server. Succesfully
|
|
tested with with a freeradius server using EAP-MD5 and EAP-SIM.
|
|
* ASN.1 to time_t conversion caused a time wrap-around for dates
|
|
after Jan 18 03:14:07 UTC 2038 on 32-bit platforms.
|
|
As a workaround such dates are set to the maximum representable
|
|
time, i.e. Jan 19 03:14:07 UTC 2038.
|
|
* Distinguished Names containing wildcards (*) are not sent in the
|
|
IDr payload anymore.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Oct 20 09:27:06 CEST 2008 - mt@suse.de
|
|
|
|
- Updated to 4.2.8 release:
|
|
* IKEv2 charon daemon supports authentication based on raw public
|
|
keys stored in the SQL database backend. The ipsec listpubkeys
|
|
command lists the available raw public keys via the stroke
|
|
interface.
|
|
* Several MOBIKE improvements: Detect changes in NAT mappings in
|
|
DPD exchanges, handle events if kernel detects NAT mapping changes
|
|
in UDP-encapsulated ESP packets (requires kernel patch), reuse old
|
|
addesses in MOBIKE updates as long as possible and other fixes.
|
|
* Fixed a bug in addr_in_subnet() which caused insertion of wrong
|
|
source routes for destination subnets having netwmasks not being a
|
|
multiple of 8 bits. Thanks go to Wolfgang Steudel, TU Ilmenau for
|
|
reporting this bug.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Oct 14 16:29:59 CEST 2008 - mt@suse.de
|
|
|
|
- Applied fix for addr_in_subnet() extracted from strongswan-4.2.8
|
|
which caused insertion of wrong source routes for destination
|
|
subnets having netwmasks not being a multiple of 8 bits.
|
|
Thanks go to Wolfgang Steudel, TU Ilmenau for reporting this bug.
|
|
(bnc#435200)
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Oct 10 08:08:35 CEST 2008 - mt@suse.de
|
|
|
|
- Applied fix for a Denial-of-Service vulnerability where an
|
|
IKE_SA_INIT message with a KE payload containing zeroes only can
|
|
cause a crash of the IKEv2 charon daemon due to a NULL pointer
|
|
returned by the mpz_export() function of the GNU Multi Precision
|
|
(GMP) library. Thanks go to Mu Dynamics Research Labs for making
|
|
us aware of this problem. (bnc#435194)
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Aug 28 14:31:49 CEST 2008 - mt@suse.de
|
|
|
|
- Fixed to use --enable-curl instead of --enable-http as before
|
|
- Enabled the OpenSSL crypto plugin in the spec file.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Aug 28 09:48:14 CEST 2008 - mt@suse.de
|
|
|
|
- Updated to 4.2.6 release, fixing bugs and offering a lot of new
|
|
features comparing to the last version provided by this package.
|
|
Most important are:
|
|
* A NetworkManager plugin allows GUI-based configuration of
|
|
road-warrior clients in a simple way. It features X509 based
|
|
gateway authentication and EAP client authentication, tunnel
|
|
setup/teardown and storing passwords in the Gnome Keyring.
|
|
* A new EAP-GTC plugin implements draft-sheffer-ikev2-gtc-00.txt
|
|
and allows username/password authentication against any PAM
|
|
service on the gateway. The new EAP method interacts nicely with
|
|
the NetworkManager plugin and allows client authentication against
|
|
e.g. LDAP.
|
|
* Improved support for the EAP-Identity method. The new ipsec.conf
|
|
eap_identity parameter defines an additional identity to pass to
|
|
the server in EAP authentication.
|
|
* Fixed two multithreading deadlocks occurring when starting up
|
|
several hundred tunnels concurrently.
|
|
* Fixed the --enable-integrity-test configure option which
|
|
computes a SHA-1 checksum over the libstrongswan library.
|
|
* Consistent logging of IKE and CHILD SAs at the audit (AUD) level.
|
|
* Improved the performance of the SQL-based virtual IP address pool
|
|
by introducing an additional addresses table. The leases table
|
|
storing only history information has become optional and can be
|
|
disabled by setting charon.plugins.sql.lease_history = no in
|
|
strongswan.conf.
|
|
* The XFRM_STATE_AF_UNSPEC flag added to xfrm.h allows IPv4-over-IPv6
|
|
and IPv6-over-IPv4 tunnels with the 2.6.26 and later Linux kernels.
|
|
* management of different virtual IP pools for different network
|
|
interfaces have become possible.
|
|
* fixed a bug which prevented the assignment of more than 256
|
|
virtual IP addresses from a pool managed by an sql database.
|
|
* fixed a bug which did not delete own IPCOMP SAs in the kernel.
|
|
* The openssl plugin supports the elliptic curve Diffie-Hellman
|
|
groups 19, 20, 21, 25, and 26 and ECDSA authentication using
|
|
elliptic curve X.509 certificates.
|
|
* Fixed a bug in stroke which caused multiple charon threads to
|
|
close the file descriptors during packet transfers over the stroke
|
|
socket.
|
|
* ESP sequence numbers are now migrated in IPsec SA updates handled
|
|
by MOBIKE. Works only with Linux kernels >= 2.6.17.
|
|
* Fixed a number of minor bugs that where discovered during the 4th
|
|
IKEv2 interoperability workshop in San Antonio, TX.
|
|
* Plugins for libstrongswan and charon can optionally be loaded
|
|
according to a configuration in strongswan.conf. Most components
|
|
provide a "load = " option followed by a space separated list of
|
|
plugins to load. This allows e.g. the fallback from a hardware
|
|
crypto accelerator to to software-based crypto plugins.
|
|
* Charons SQL plugin has been extended by a virtual IP address pool.
|
|
Configurations with a rightsourceip=%poolname setting query a
|
|
SQLite or MySQL database for leases. The "ipsec pool" command helps
|
|
in administrating the pool database. See ipsec pool --help for the
|
|
available options
|
|
* The Authenticated Encryption Algorithms AES-CCM-8/12/16 and
|
|
AES-GCM-8/12/16 for ESP are now supported starting with the Linux
|
|
2.6.25 kernel. The syntax is e.g. esp=aes128ccm12 or esp=aes256gcm16.
|
|
- Added patch disabling direct modifications of resolv.conf; has to
|
|
be replaced by a netconfig call.
|
|
- Added patch adding a missed file name argument in printf call in the
|
|
scripts/thread_analysis.c file -- resulting binary is not installed.
|
|
- Removed obsolete patches crash_badcfg_reload and old-caps-version.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jun 30 22:40:31 CEST 2008 - mt@suse.de
|
|
|
|
- Added fix that explicitly enables version 1 linux capabilities
|
|
on version 2 systems to aviod that the charon and pluto daemons
|
|
exit because of failed capset call (bnc#404989).
|
|
|
|
-------------------------------------------------------------------
|
|
Mon May 19 16:17:16 CEST 2008 - mt@suse.de
|
|
|
|
- Applied fix (strongswan_crash_badcfg_reload.dif) to avoid
|
|
a crash after reloading with bad config (bnc#392062).
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 23 14:28:41 CEST 2008 - mt@suse.de
|
|
|
|
- Updated to 4.2.1 release. A lot of code refactoring in the 4.2
|
|
release provides much more modularity and therefore much more
|
|
extensiblity and offers the following new features:
|
|
* libstrongswan has been modularized to attach crypto algorithms,
|
|
credential implementations (secret and private keys, certificates)
|
|
and http/ldap fetchers dynamically through plugins.
|
|
* A relational database API that uses pluggable database providers
|
|
was added to libstrongswan including plugins for MySQL and SQLite.
|
|
* The IKEv2 keying charon daemon has become more extensible. Generic
|
|
plugins can provide arbitrary interfaces to credential stores and
|
|
connection management interfaces. Also any EAP method can be added.
|
|
* The authentication and credential framework in charon has been
|
|
heavily refactored to support modular credential providers, proper
|
|
CERTREQ/CERT payload exchanges and extensible authorization rules.
|
|
* Support for "Hash and URL" encoded certificate payloads has been
|
|
implemented in the IKEv2 daemon charon.
|
|
* The IKEv2 daemon charon now supports the "uniqueids" option to
|
|
close multiple IKE_SAs with the same peer.
|
|
* The crypto factory in libstrongswan additionally supports random
|
|
number generators. Plugins may provide other sources of randomness.
|
|
* Extended the credential framework by a caching option to allow
|
|
plugins persistent caching of fetched credentials.
|
|
* The new trust chain verification introduced in 4.2.0 has been
|
|
parallelized. Threads fetching CRL or OCSP information no longer
|
|
block other threads.
|
|
* A new IKEv2 configuration attribute framework has been introduced
|
|
allowing plugins to provide virtual IP addresses, and in the future,
|
|
other configuration attribute services (e.g. DNS/WINS servers).
|
|
* The stroke plugin has been extended to provide virtual IP addresses
|
|
from a simple pool defined in ipsec.conf.
|
|
* Fixed compilation on uClibc and a couple of other minor bugs.
|
|
* The IKEv1 pluto daemon now supports the ESP encryption algorithm
|
|
CAMELLIA with key lengths of 128, 192, and 256 bits, as well as the
|
|
authentication algorithm AES_XCBC_MAC.
|
|
- Applied a small patch defining _GNU_SOURCE for struct in6_pktinfo
|
|
and adding inclusion of limits.h for PATH_MAX availability.
|
|
- Added rpmlintrc file and a libtoolize call to the spec file.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Feb 19 11:44:03 CET 2008 - mt@suse.de
|
|
|
|
- Updated to 4.1.11 maintenance release, providing following fixes:
|
|
* IKE rekeying in NAT situations did not inherit the NAT conditions
|
|
to the rekeyed IKE_SA so that the UDP encapsulation was lost with
|
|
the next CHILD_SA rekeying.
|
|
* Wrong type definition of the next_payload variable in id_payload.c
|
|
caused an INVALID_SYNTAX error on PowerPC platforms.
|
|
* Implemented IKEv2 EAP-SIM server and client test modules that use
|
|
triplets stored in a file. For details on the configuration see
|
|
the scenario 'ikev2/rw-eap-sim-rsa'.
|
|
- The 4.1.10 final version, declared upstream as "Fully tested support
|
|
of IPv6 IPsec tunnel connections", fixes ordering error in oscp cache,
|
|
IPv6 defaults of the nexthop parameter, adds support for new EAP
|
|
modules [disabled in this build] and obsoletes our strongswan_path
|
|
and strongswan_ipsec_script_msg patches.
|
|
- Removed a sed call from init script.
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Dec 8 13:03:42 CET 2007 - mt@suse.de
|
|
|
|
- Updated to 4.1.9 final, including all our patches.
|
|
- Changed init script to use ipsec cmd using LSB codes now.
|
|
- Added strongswan_path.dif setting a PATH in scripts (updown).
|
|
- Added strongswan_ipsec_script_msg.dif for consistent look of
|
|
ipsec script messages.
|
|
- Added strongswan_modprobe_syslog.dif redirecting modprobe
|
|
output to syslog.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Nov 26 10:19:40 CET 2007 - mt@suse.de
|
|
|
|
- Renamed charon plugins to avoid rpm conflicts with existing
|
|
libraries (libstroke). Patch: strongswan-libconflicts.dif
|
|
- Added init script. Template file: strongswan.init.in
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 22 10:25:56 CET 2007 - mt@suse.de
|
|
|
|
- Initial, unfinished package
|
|
|