13 months agoike-sa: Expose task_manager_t::adopt_child_tasks()
Tobias Brunner [Tue, 20 Nov 2018 09:48:01 +0000 (10:48 +0100)]
ike-sa: Expose task_manager_t::adopt_child_tasks()

13 months agocharon-cmd: Register atexit() handler for libcharon_deinit twice
Tobias Brunner [Thu, 6 Dec 2018 14:01:52 +0000 (15:01 +0100)]
charon-cmd: Register atexit() handler for libcharon_deinit twice

Similar to cbe9e575eef5, this avoids issues with libraries that are
pulled in via plugins and register their own atexit() handlers.

13 months agoikev2: Don't recreate IKE_SA if deletion fails after make-before-break reauth
Tobias Brunner [Wed, 5 Dec 2018 11:24:55 +0000 (12:24 +0100)]
ikev2: Don't recreate IKE_SA if deletion fails after make-before-break reauth

Fixes: 745714307256 ("During reauthentication reestablish IKE_SA even if deleting the old one fails.")
Fixes #2847.

13 months agoikev2: Ignore COOKIE notifies we already received
Tobias Brunner [Wed, 28 Nov 2018 14:52:27 +0000 (15:52 +0100)]
ikev2: Ignore COOKIE notifies we already received

This could be due to a delayed response to an IKE_SA_INIT retransmit.

Fixes #2837.

13 months agoha: Add auth method for HA IKEv1 key derivation
Thomas Egerer [Thu, 22 Nov 2018 17:08:51 +0000 (18:08 +0100)]
ha: Add auth method for HA IKEv1 key derivation

Signed-off-by: Thomas Egerer <>
13 months agoMerge branch 'ha-pool-offset'
Tobias Brunner [Fri, 7 Dec 2018 09:16:21 +0000 (10:16 +0100)]
Merge branch 'ha-pool-offset'

Ensure an even distribution of a pool's addresses among all segments.

Fixes #2828.

13 months agoha: Divide virtual IPs evenly among all segments
Tobias Brunner [Tue, 20 Nov 2018 15:40:21 +0000 (16:40 +0100)]
ha: Divide virtual IPs evenly among all segments

13 months agoha: Add getter for the number of segments
Tobias Brunner [Tue, 20 Nov 2018 15:39:04 +0000 (16:39 +0100)]
ha: Add getter for the number of segments

13 months agoha: Improve distribution of pool addresses over segments
Tobias Brunner [Tue, 20 Nov 2018 11:50:05 +0000 (12:50 +0100)]
ha: Improve distribution of pool addresses over segments

This is particularly important for higher number of segments, but even
with small numbers there is a significant difference.  For instance,
with 4 segments the fourth segment had no IPs assigned with the old
code, no matter how large the pool, because none of the eight bits used
for the segment check hashed/mapped to it.

13 months agokernel-pfkey: Read reqid directly from acquire if possible
Tobias Brunner [Mon, 22 Oct 2018 08:12:25 +0000 (10:12 +0200)]
kernel-pfkey: Read reqid directly from acquire if possible

Upcoming versions of FreeBSD will include an SADB_X_EXT_SA2 extension in
acquires that contains the reqid set on the matching policy.  This allows
handling acquires even when no policies are installed (e.g. to work with
FreeBSD's implementation of VTI interfaces, which manage policies

13 months agoikev2: Only set STAT_INBOUND for valid and expected messages
Tobias Brunner [Mon, 19 Nov 2018 09:18:27 +0000 (10:18 +0100)]
ikev2: Only set STAT_INBOUND for valid and expected messages

13 months agoscepclient: Don't use a block-scope buffer for the default DN
Tobias Brunner [Fri, 30 Nov 2018 09:28:50 +0000 (10:28 +0100)]
scepclient: Don't use a block-scope buffer for the default DN

The correct behavior will depend on the compiler.

Fixes #2843.

13 months agoMerge branch 'openssl-25519/448'
Tobias Brunner [Fri, 30 Nov 2018 15:45:47 +0000 (16:45 +0100)]
Merge branch 'openssl-25519/448'

Adds support for X25519/448 and Ed25519/448 via OpenSSL 1.1.1.

13 months agotravis: Don't run sonarcloud in forked repositories
Tobias Brunner [Fri, 23 Nov 2018 08:37:07 +0000 (09:37 +0100)]
travis: Don't run sonarcloud in forked repositories

13 months agotravis: Use the latest OpenSSL release for unit tests
Tobias Brunner [Thu, 22 Nov 2018 14:38:49 +0000 (15:38 +0100)]
travis: Use the latest OpenSSL release for unit tests

But also run the unit tests against the 1.0 version installed with
Ubuntu 16.04.

13 months agotravis: Only use GCC for crypto plugin tests
Tobias Brunner [Thu, 22 Nov 2018 17:30:46 +0000 (18:30 +0100)]
travis: Only use GCC for crypto plugin tests

They are already build-tested with Clang via "all" and others.

13 months agounit-tests: Add test suite for Ed448
Tobias Brunner [Fri, 16 Nov 2018 10:44:17 +0000 (11:44 +0100)]
unit-tests: Add test suite for Ed448

Same issue with signature malleability as with Ed25519 and apparently
OpenSSL doesn't even explicitly verify that the most significant 10 bits
are all zero.

13 months agounit-tests: Add fingerprint test vectors for Ed25519
Tobias Brunner [Fri, 30 Nov 2018 14:34:32 +0000 (15:34 +0100)]
unit-tests: Add fingerprint test vectors for Ed25519

13 months agocurve25519: Prevent Ed25519 signature malleability
Tobias Brunner [Fri, 16 Nov 2018 14:48:56 +0000 (15:48 +0100)]
curve25519: Prevent Ed25519 signature malleability

As per RFC 8032, section 5.1.7 (and section 8.4) we have to make sure s, which
is the scalar in the second half of the signature value, is smaller than L.
Without that check, L can be added to most signatures at least once to create
another valid signature for the same public key and message.

This could be problematic if, for instance, a blacklist is based on hashes
of certificates.  A new certificate could be created with a different
signature (without knowing the signature key) by simply adding L to s.

Currently, both OpenSSL 1.1.1 and Botan 2.8.0 are vulnerable to this, which is
why the unit test currently only warns about it.

13 months agoopenssl: Use separate DRBG for RNG_STRONG and RNG_TRUE with OpenSSL 1.1.1
Tobias Brunner [Fri, 16 Nov 2018 10:11:27 +0000 (11:11 +0100)]
openssl: Use separate DRBG for RNG_STRONG and RNG_TRUE with OpenSSL 1.1.1

OpenSSL 1.1.1 introduces DRGBs and provides two sources (same security
profile etc. but separate internal state), which allows us to use one for
RNG_WEAK (e.g. for nonces that are directly publicly visible) and the other
for stronger random data like keys.

13 months agoleak-detective: Whitelist functions added in OpenSSL 1.1.1
Tobias Brunner [Fri, 16 Nov 2018 09:57:50 +0000 (10:57 +0100)]
leak-detective: Whitelist functions added in OpenSSL 1.1.1

13 months agoopenssl: Add support for Ed25519/Ed448
Tobias Brunner [Thu, 15 Nov 2018 14:54:05 +0000 (15:54 +0100)]
openssl: Add support for Ed25519/Ed448

13 months agodh-speed: Add curve448 keyword
Tobias Brunner [Thu, 15 Nov 2018 10:25:06 +0000 (11:25 +0100)]
dh-speed: Add curve448 keyword

13 months agotest-vectors: Add vector for X448
Tobias Brunner [Thu, 15 Nov 2018 10:24:53 +0000 (11:24 +0100)]
test-vectors: Add vector for X448

13 months agoopenssl: Add support for X25519 and X448
Tobias Brunner [Thu, 15 Nov 2018 09:20:45 +0000 (10:20 +0100)]
openssl: Add support for X25519 and X448

While X25519 was already added with 1.1.0a, its use would be a lot more
complicated, as the helpers like EVP_PKEY_new_raw_public_key() were only
added in 1.1.1, which also added X448.

14 months agobypass-lan: Compare interface for unchanged policies
Tobias Brunner [Thu, 8 Nov 2018 11:02:04 +0000 (12:02 +0100)]
bypass-lan: Compare interface for unchanged policies

In case a subnet is moved from one interface to another the policies can
remain as is but the route has to change.  This currently doesn't happen
automatically and there is no option to update the policy or route so
removing and reinstalling the policies is the only option.

Fixes #2820.

14 months agochild-delete: Don't send delete for expired CHILD_SAs that were already rekeyed
Tobias Brunner [Tue, 6 Nov 2018 11:13:35 +0000 (12:13 +0100)]
child-delete: Don't send delete for expired CHILD_SAs that were already rekeyed

The peer might not have seen the CREATE_CHILD_SA response yet, receiving a
DELETE for the SA could then trigger it to abort the rekeying, causing
the deletion of the newly established SA (it can't know whether the
DELETE was sent due to an expire or because the user manually deleted
it).  We just treat this SA as if we received a DELETE for it.  This is
not an ideal situation anyway, as it causes some traffic to get dropped,
so it should usually be avoided by setting appropriate soft and hard limits.

References #2815.

14 months agokernel-netlink: Update SA selector if it contains changed IP address(es)
Tobias Brunner [Wed, 31 Oct 2018 14:43:46 +0000 (15:43 +0100)]
kernel-netlink: Update SA selector if it contains changed IP address(es)

14 months agoAvoid inclusion of unistd.h in generated lexers
Tobias Brunner [Mon, 22 Oct 2018 08:38:53 +0000 (10:38 +0200)]
Avoid inclusion of unistd.h in generated lexers

Because the file is not available on all platforms the inclusion comes
after the user options in order to disable including it.  But that means
the inclusion also follows after the defined scanner states, which are
generated as simple #defines to numbers.  If the included unistd.h e.g.
uses variables in function definitions with the same names this could
result in compilation errors.

Interactive mode has to be disabled too as it relies on isatty() from
unistd.h.  Since we don't use the scanners interactively, this is not a
problem and might even make the scanners a bit faster.

Fixes #2806.

14 months agoMerge branch 'travis-xenial'
Tobias Brunner [Wed, 21 Nov 2018 13:40:00 +0000 (14:40 +0100)]
Merge branch 'travis-xenial'

Run builds on Travis on Ubuntu Xenial (16.04) images.

14 months agotravis: Use ccache for MinGW builds
Tobias Brunner [Tue, 13 Nov 2018 17:59:38 +0000 (18:59 +0100)]
travis: Use ccache for MinGW builds

14 months agotravis: Use manual matrix expansion to improve overall run time
Tobias Brunner [Tue, 13 Nov 2018 17:31:21 +0000 (18:31 +0100)]
travis: Use manual matrix expansion to improve overall run time

The sonarcloud build runs a long time now (the win32/64 builds are also
a lot slower on xenial), which increases the overall time a build takes
because we can't run these before regular matrix jobs run.  So we do a
manual matrix expansion to control the order of jobs (slower first).
This also removes the TEST=default build with GCC as that's basically
what TEST=dist does (except for forcing the printf implementation)

14 months agotravis: Simplify explicitly included jobs
Tobias Brunner [Tue, 13 Nov 2018 15:46:10 +0000 (16:46 +0100)]
travis: Simplify explicitly included jobs

The first value for the compiler array (gcc) is inherited.

14 months agotravis: Start with sonarcloud job first
Tobias Brunner [Tue, 13 Nov 2018 15:42:44 +0000 (16:42 +0100)]
travis: Start with sonarcloud job first

Also change the condition, the environment variable is apparently still
around when the decision to run it is made.

14 months agotravis: Use two threads to analyze C code with SonarQube
Tobias Brunner [Tue, 13 Nov 2018 11:08:43 +0000 (12:08 +0100)]
travis: Use two threads to analyze C code with SonarQube

On Nov 12, the scanner was updated and now takes a lot more time (about
3 times as much).  Using two threads reduces it a bit (by about 25%).
Using even more threads doesn't help or even increases the time again.

14 months agoFix make distcheck if systemd is installed
Tobias Brunner [Fri, 9 Nov 2018 15:48:40 +0000 (16:48 +0100)]
Fix make distcheck if systemd is installed

The automatically determined path for systemd units is an absolute system
path that doesn't respect $(prefix).  That's a problem for make distcheck,
which is usually ran as regular user and it's not expected to have any
impact on the system (it does a local install in a subdir).  To avoid
these issues we override the configure flags used by make distcheck and
set the path to one relative to the specified prefix.

14 months agoDoxyfile: Remove obsolete XML options
Tobias Brunner [Fri, 9 Nov 2018 15:13:46 +0000 (16:13 +0100)]
Doxyfile: Remove obsolete XML options

14 months agogcrypt: Don't use thread callbacks for newer versions of libgcrypt
Tobias Brunner [Fri, 9 Nov 2018 15:04:54 +0000 (16:04 +0100)]
gcrypt: Don't use thread callbacks for newer versions of libgcrypt

According to gcrypt.h these callbacks are not used anymore since
version 1.6 and with clang these actually cause deprecation warnings
that let the build on travis (-Werror) fail.

14 months agotravis: Don't build TSS2 as root
Tobias Brunner [Fri, 9 Nov 2018 15:14:23 +0000 (16:14 +0100)]
travis: Don't build TSS2 as root

This might prevent ccache from overwriting files in later builds.

14 months agotravis: Add sleep in after_failure
Tobias Brunner [Tue, 13 Nov 2018 14:48:30 +0000 (15:48 +0100)]
travis: Add sleep in after_failure

This makes sure we get the complete output, which isn't always the case
otherwise (there is an unresolved bug for this in the Travis issue tracker).

14 months agotravis: Build on Ubuntu Xenial (16.04)
Tobias Brunner [Fri, 9 Nov 2018 14:24:29 +0000 (15:24 +0100)]
travis: Build on Ubuntu Xenial (16.04)

14 months agoMerge branch 'testing-stretch'
Tobias Brunner [Wed, 21 Nov 2018 13:34:57 +0000 (14:34 +0100)]
Merge branch 'testing-stretch'

Use Debian stretch as base image for the testing environment.

14 months agotesting: Switch to Debian stretch base images
Tobias Brunner [Wed, 21 Nov 2018 13:22:47 +0000 (14:22 +0100)]
testing: Switch to Debian stretch base images

14 months agotesting: Install a package via apt-get to get a second SWIMA software event
Tobias Brunner [Fri, 5 Oct 2018 16:14:31 +0000 (18:14 +0200)]
testing: Install a package via apt-get to get a second SWIMA software event

This installs tmux and its two dependencies libevent-2.0-5 and libutempter0.
For the tnc/tnccs-20-ev-pt-tls test scenario older, apparently replaced
versions of these packages are entered to the collector.db database, so that
dummy SWID tags for these packages can be requested via SWIMA.

14 months agotesting: Add additional memory to alice
Tobias Brunner [Fri, 5 Oct 2018 16:56:09 +0000 (18:56 +0200)]
testing: Add additional memory to alice

strongTNC seems to require a lot more memory than we assign by default,
not sure this increase is enough.

14 months agotesting: Generate some UTF-8 locales
Tobias Brunner [Fri, 5 Oct 2018 15:44:55 +0000 (17:44 +0200)]
testing: Generate some UTF-8 locales

14 months agotesting: Disable systemd's NTP service
Tobias Brunner [Tue, 2 Oct 2018 10:38:04 +0000 (12:38 +0200)]
testing: Disable systemd's NTP service

This produces a lot of useless traffic as no NTP servers are reachable (or
even resolvable via winnetou).

14 months agotesting: Allow enabling only timestamps without verbose command output
Tobias Brunner [Mon, 1 Oct 2018 17:25:52 +0000 (19:25 +0200)]
testing: Allow enabling only timestamps without verbose command output

-t enables only the timestamps, -v additionally logs command output
(includes -t).

14 months agotesting: Show config files of FreeRADIUS 3.0 in test results
Tobias Brunner [Thu, 27 Sep 2018 13:39:33 +0000 (15:39 +0200)]
testing: Show config files of FreeRADIUS 3.0 in test results

14 months agotesting: Config changes for FreeRADIUS 3.0
Tobias Brunner [Tue, 25 Sep 2018 15:08:32 +0000 (17:08 +0200)]
testing: Config changes for FreeRADIUS 3.0

Also includes some changes for jessie's version of FreeRADIUS 2 (was
previously a custom version).

Besides the move to a subdir the config files were adapted for 3.0.

The rlm_sim_files module was removed with FreeRADIUS 3 and Debian's
package of FreeRADIUS 2 does not ship it, so we now replicate it using
the files module (via users file, which is actually a symlink to
mods-config/files/authorize in the default installation of FreeRADIUS 3).
Another approach was tried using rlm_passwd, however, that module does
not read binary/hex data, only printable strings, which would require
changing the triplets.
For 2.x a hack in the site config is necessary to make the attributes
available to the EAP-SIM module.

14 months agotesting: Use freeradius instead of the removed radiusd to start FreeRADIUS
Tobias Brunner [Thu, 20 Sep 2018 14:35:22 +0000 (16:35 +0200)]
testing: Use freeradius instead of the removed radiusd to start FreeRADIUS

14 months agotesting: Remove unused/inexistent DSA key from sshd config
Tobias Brunner [Thu, 20 Sep 2018 14:16:49 +0000 (16:16 +0200)]
testing: Remove unused/inexistent DSA key from sshd config

14 months agotesting: Only run DHCPv4 by setting an listening interface explicitly
Tobias Brunner [Thu, 20 Sep 2018 14:02:37 +0000 (16:02 +0200)]
testing: Only run DHCPv4 by setting an listening interface explicitly

Debian stretch's init script for isc-dhcp-server uses the INTERFACESv4|6
variables to decide whether to start the v4 and/or v6 DHCP server.

If they are not empty, the daemon is started for the respective version,
however, if both are empty (the default), to listen on all interfaces, the
daemon is started for both versions.  The latter would require a subnet
config for IPv6 as the daemon otherwise exits, letting the init script fail,
while keeping the successfully started v4 version running, which, in turn,
can't be stopped anymore with the init script because it thinks the daemon
is not running.

So it's not possible with this init script to start DHCPv4 on all interfaces
without having to configure and run DHCPv6 also.

14 months agotesting: Remove unused dhcpd config on moon
Tobias Brunner [Thu, 20 Sep 2018 13:54:55 +0000 (15:54 +0200)]
testing: Remove unused dhcpd config on moon

14 months agotesting: Accept ping6 output with IP address after hostname
Tobias Brunner [Tue, 18 Sep 2018 15:26:26 +0000 (17:26 +0200)]
testing: Accept ping6 output with IP address after hostname

Newer versions of ping6 add the IP address after the FQDN in the output.

14 months agotesting: Install traceroute utility in base image
Tobias Brunner [Tue, 18 Sep 2018 15:17:27 +0000 (17:17 +0200)]
testing: Install traceroute utility in base image

It seems this was previously installed automatically.

14 months agotesting: Only attempt to copy patches if there are any
Tobias Brunner [Tue, 18 Sep 2018 13:13:23 +0000 (15:13 +0200)]
testing: Only attempt to copy patches if there are any

14 months agotesting: Remove TNC@FHH dependencies and scenarios that rely on them
Tobias Brunner [Fri, 14 Sep 2018 12:41:36 +0000 (14:41 +0200)]
testing: Remove TNC@FHH dependencies and scenarios that rely on them

While we could continue to use FreeRADIUS 2.x that branch is officially EOL.
So instead of investing time and effort in updating/migrating the patches to
FreeRADIUS 3.x (the module changed quite significantly as it relies solely on
the naeap library in that release), for a protocol that is superseded anyway,
we just remove these scenarios and the dependencies.  Actually, the
complete rlm_eap_tnc module will be removed with FreeRADIUS 4.0.

14 months agolibimcv: Add Debian 9.5 and 9.6 to IMV database
Tobias Brunner [Fri, 28 Sep 2018 08:45:59 +0000 (10:45 +0200)]
libimcv: Add Debian 9.5 and 9.6 to IMV database

14 months agotesting: Remove Apache config hacks for Debian wheezy
Tobias Brunner [Mon, 1 Oct 2018 15:50:40 +0000 (17:50 +0200)]
testing: Remove Apache config hacks for Debian wheezy

14 months agotesting: Support build with Debian stretch base image
Tobias Brunner [Fri, 14 Sep 2018 11:43:51 +0000 (13:43 +0200)]
testing: Support build with Debian stretch base image

Remove support for wheezy.

14 months agocharon-systemd: Don't use atexit() to deinitialize the daemon
Tobias Brunner [Fri, 28 Sep 2018 17:55:52 +0000 (19:55 +0200)]
charon-systemd: Don't use atexit() to deinitialize the daemon

This is because OpenSSL 1.1 started to use atexit()-handlers of its own
to clean up.  Since the plugin is loaded and initialized after libcharon,
OpenSSL's cleanup functions ran before the daemon was properly
deinitialized (i.e. worker threads were still running and OpenSSL might
still be used during the deinit).  So several of OpenSSL's internal
structures were already destroyed when libcharon_deinit() was eventually
called via our own atexit()-handler.

The observed behavior was that the daemon couldn't be terminated properly
anymore for some test scenarios (only three TNC scenarios were affected
actually).  When the daemon tried to send the DELETE for the established
IKE_SA during its termination it got stuck in OpenSSL's RNG_WEAK
implementation (used to allocate random padding), which apparently tries
to acquire an rwlock that was already destroyed.  The main thread then
just busy-waited indefinitely on the lock, i.e. until systemd killed
it eventually after a rather long timeout.

We'll probably have to apply similar changes to other apps/scripts that
load plugins and currently use atexit() to clean up.  Although some
scripts (e.g. dh_speed or hash_burn) are not affected because they
register the deinitialization after loading the plugins.

14 months agoikev1: Ensure DPD_ACK is sent in time
Afschin Hormozdiary [Wed, 10 Oct 2018 08:01:05 +0000 (10:01 +0200)]
ikev1: Ensure DPD_ACK is sent in time

If a lot of QUICK_MODE tasks are queued and the other side
sends a DPD request, there is a good chance for timeouts.

Observed this in cases where other side is quite slow in responding
QUICK_MODE requests (e.g. Cisco ASA v8.x) and about 100 CHILD_SAs
are to be spawned.

Closes strongswan/strongswan#115.

14 months agopt-tls-client: Fixed man page
Andreas Steffen [Tue, 20 Nov 2018 08:53:18 +0000 (09:53 +0100)]
pt-tls-client: Fixed man page

14 months agoconftest: Sanity check for proposal number modifier
Tobias Brunner [Mon, 12 Nov 2018 16:15:26 +0000 (17:15 +0100)]
conftest: Sanity check for proposal number modifier

14 months agobotan: Initialize p and q before calling calculate_pq()
Tobias Brunner [Mon, 12 Nov 2018 15:55:52 +0000 (16:55 +0100)]
botan: Initialize p and q before calling calculate_pq()

14 months agoRemove useless break statements
Tobias Brunner [Mon, 12 Nov 2018 15:08:07 +0000 (16:08 +0100)]
Remove useless break statements

14 months agoVersion bump to 5.7.2dr3 5.7.2dr3
Andreas Steffen [Mon, 12 Nov 2018 15:24:53 +0000 (16:24 +0100)]
Version bump to 5.7.2dr3

14 months agotesting: Added botan/net2net-pkcs12 scenario
Andreas Steffen [Mon, 12 Nov 2018 12:51:01 +0000 (13:51 +0100)]
testing: Added botan/net2net-pkcs12 scenario

14 months agotesting: Migrated openssl-ikev2/net2net-pkcs12 scenario to swanctl
Andreas Steffen [Mon, 12 Nov 2018 12:46:16 +0000 (13:46 +0100)]
testing: Migrated openssl-ikev2/net2net-pkcs12 scenario to swanctl

14 months agotesting: Removed openssl-ikev2/rw-eap-tls-only scenario
Andreas Steffen [Mon, 12 Nov 2018 11:41:11 +0000 (12:41 +0100)]
testing: Removed openssl-ikev2/rw-eap-tls-only scenario

14 months agotesting: Removed openssl-ikev2/net2net-pgp-v3 scenario
Andreas Steffen [Mon, 12 Nov 2018 11:35:37 +0000 (12:35 +0100)]
testing: Removed openssl-ikev2/net2net-pgp-v3 scenario

14 months agotesting: migrated openssl-ikev2/critical-extension to swanctl
Andreas Steffen [Mon, 12 Nov 2018 10:50:05 +0000 (11:50 +0100)]
testing: migrated openssl-ikev2/critical-extension to swanctl

14 months agotesting: Migrated openssl/rw-cert scenario to swanctl
Andreas Steffen [Fri, 9 Nov 2018 20:45:12 +0000 (21:45 +0100)]
testing: Migrated openssl/rw-cert scenario to swanctl

14 months agotesting: Migrated openssl-ikev2/ecdsa-pkcs8 scenario to swanctl
Andreas Steffen [Fri, 9 Nov 2018 15:38:33 +0000 (16:38 +0100)]
testing: Migrated openssl-ikev2/ecdsa-pkcs8 scenario to swanctl

14 months agotesting: Migrated openssl brainpool scenarios to swanctl
Andreas Steffen [Fri, 9 Nov 2018 14:00:26 +0000 (15:00 +0100)]
testing: Migrated openssl brainpool scenarios to swanctl

14 months agotesting: Migrated openssl alg-ecp-low scenarios to swanctl
Andreas Steffen [Fri, 9 Nov 2018 11:42:14 +0000 (12:42 +0100)]
testing: Migrated openssl alg-ecp-low scenarios to swanctl

14 months agotesting: Migrated openssl alg-ecp-high scenarios
Andreas Steffen [Fri, 9 Nov 2018 10:52:59 +0000 (11:52 +0100)]
testing: Migrated openssl alg-ecp-high scenarios

14 months agotesting: Migrated openssl alg-camellia scenarios to swanctl
Andreas Steffen [Fri, 9 Nov 2018 09:02:26 +0000 (10:02 +0100)]
testing: Migrated openssl alg-camellia scenarios to swanctl

14 months agotesting: Removed openssl alg-aes-gcm and alg-blowfish scenarios
Andreas Steffen [Thu, 8 Nov 2018 20:28:19 +0000 (21:28 +0100)]
testing: Removed openssl alg-aes-gcm and alg-blowfish scenarios

14 months agotesting: Removed openssl suite B scenarios
Andreas Steffen [Thu, 8 Nov 2018 20:23:10 +0000 (21:23 +0100)]
testing: Removed openssl suite B scenarios

14 months agotesting: Moved openssl ecdsa-certs scenarios to swanctl
Andreas Steffen [Thu, 8 Nov 2018 20:16:32 +0000 (21:16 +0100)]
testing: Moved openssl ecdsa-certs scenarios to swanctl

14 months agoleak-detective: Use hashtable to cache ignored/whitelisted backtraces
Tobias Brunner [Fri, 5 Oct 2018 09:23:36 +0000 (11:23 +0200)]
leak-detective: Use hashtable to cache ignored/whitelisted backtraces

Checking for whitelisted functions in every backtrace is not very
efficient.  And because OpenSSL 1.1 does no proper cleanup anymore until
the process is terminated there are now a lot more "leaks" to ignore.
For instance, in the openssl-ikev2/rw-cert scenario, just starting and
stopping the daemon (test vectors are checked) now causes 3594 whitelisted
leaks compared to the 849 before.  This prolonged the shutdown of the
daemon on each guest in every scenario, amounting to multiple seconds of
additional runtime for every affected scenario.  But even with this
patch there is still some overhead, compared to running the scenarios on

14 months agoleak-detective: Whitelist additional OpenSSL functions used by libcurl
Tobias Brunner [Fri, 14 Sep 2018 15:13:09 +0000 (17:13 +0200)]
leak-detective: Whitelist additional OpenSSL functions used by libcurl

14 months agoscripts: Include botan in and
Tobias Brunner [Wed, 31 Oct 2018 14:10:23 +0000 (15:10 +0100)]
scripts: Include botan in and

Also, using sudo is not necessary in

14 months agoopenssl: Fix some const issues with OpenSSL 1.1.0
Tobias Brunner [Tue, 30 Oct 2018 16:15:49 +0000 (17:15 +0100)]
openssl: Fix some const issues with OpenSSL 1.1.0

14 months agoopenssl: Don't use functions deprecated with OpenSSL 1.1.0
Tobias Brunner [Tue, 30 Oct 2018 15:55:32 +0000 (16:55 +0100)]
openssl: Don't use functions deprecated with OpenSSL 1.1.0

14 months agoVersion bump to 5.7.2dr2 5.7.2dr2
Andreas Steffen [Wed, 31 Oct 2018 13:22:03 +0000 (14:22 +0100)]
Version bump to 5.7.2dr2

14 months agobotan: SHA-3 support
Andreas Steffen [Tue, 30 Oct 2018 15:03:05 +0000 (16:03 +0100)]
botan: SHA-3 support

14 months agoUse Botan 2.8.0 for tests
Tobias Brunner [Mon, 1 Oct 2018 15:24:58 +0000 (17:24 +0200)]
Use Botan 2.8.0 for tests

14 months agotesting: Use AES-GCM for SSH connections
Tobias Brunner [Tue, 18 Sep 2018 14:49:49 +0000 (16:49 +0200)]
testing: Use AES-GCM for SSH connections

RC4, which was previously used for performance reasons, is not supported
anymore with newer versions of SSH (stretch still supports it, but it
requires explicit configuration on the guests when they act as clients
too - the version in Ubuntu 18.04 apparently doesn't support it anymore
at all).

AES-GCM should actually be faster (at least for larger amounts of data and
in particular with hardware acceleration).

14 months agotesting: Avoid unnecessary rebuilds of components built from Git repos
Tobias Brunner [Fri, 14 Sep 2018 15:19:55 +0000 (17:19 +0200)]
testing: Avoid unnecessary rebuilds of components built from Git repos

Installing apparently changes the timestamp on the repo dir triggering make
to checkout and build the whole thing again.

14 months agotesting: Disable predictable network interface names assigned by systemd/udev
Tobias Brunner [Fri, 14 Sep 2018 14:28:03 +0000 (16:28 +0200)]
testing: Disable predictable network interface names assigned by systemd/udev

14 months agotesting: Remove unused custom OIDs from openssl.cnf files
Tobias Brunner [Fri, 14 Sep 2018 14:08:13 +0000 (16:08 +0200)]
testing: Remove unused custom OIDs from openssl.cnf files

ClientAuthentication is known in OpenSSL 1.1 and the redefinition, therefore,
causes an error.  These two OIDs are not used anyway in these config

14 months agotesting: Fixed evaluation in swanctl/rw-cert-pss scenario
Andreas Steffen [Sat, 27 Oct 2018 06:47:57 +0000 (08:47 +0200)]
testing: Fixed evaluation in swanctl/rw-cert-pss scenario

14 months agoVersion bump to 5.7.2dr1 5.7.2dr1
Andreas Steffen [Fri, 26 Oct 2018 16:47:48 +0000 (18:47 +0200)]
Version bump to 5.7.2dr1

14 months agotesting: Added botan/net2net-ed25519 scenario
Andreas Steffen [Fri, 26 Oct 2018 16:46:59 +0000 (18:46 +0200)]
testing: Added botan/net2net-ed25519 scenario

14 months agoNEWS: Add some recent changes
Tobias Brunner [Fri, 26 Oct 2018 13:24:51 +0000 (15:24 +0200)]
NEWS: Add some recent changes

15 months agodhcp: Ignore DHCP OFFER messages without assigned address
Tobias Brunner [Tue, 16 Oct 2018 10:07:05 +0000 (12:07 +0200)]
dhcp: Ignore DHCP OFFER messages without assigned address

FreeRADIUS seems to respond that way if it can't allocate an address to
the client.

15 months agovici: Properly handle absence of peer ID on mediation connections
Tobias Brunner [Thu, 11 Oct 2018 12:19:20 +0000 (14:19 +0200)]
vici: Properly handle absence of peer ID on mediation connections

Fixes #2794.