strongswan.git
3 years agoinit: Make sure basic networking is up in systemd unit
Tobias Brunner [Fri, 13 Nov 2015 09:20:11 +0000 (10:20 +0100)]
init: Make sure basic networking is up in systemd unit

Connections with auto=route might otherwise not work.

References #1188.

4 years agovici: Attribute certificates are not trusted
Tobias Brunner [Tue, 10 Nov 2015 14:24:07 +0000 (15:24 +0100)]
vici: Attribute certificates are not trusted

4 years agovici: Properly add CRLs to the credential set
Tobias Brunner [Tue, 10 Nov 2015 14:20:16 +0000 (15:20 +0100)]
vici: Properly add CRLs to the credential set

add_crl() ensures that old CLRs are not stored in the credential set.

4 years agomode-config: Reassign migrated virtual IP if client requests %any
Tobias Brunner [Tue, 13 Oct 2015 10:10:42 +0000 (12:10 +0200)]
mode-config: Reassign migrated virtual IP if client requests %any

If we mistakenly detect a new IKE_SA as a reauthentication the client
won't request the previous virtual IP, but since we already migrated
it we already triggered the assign_vips() hook, so we should reassign
the migrated virtual IP.

Fixes #1152.

4 years agorevocation: Allow CRLs to be encoded in PEM format
Tobias Brunner [Wed, 11 Nov 2015 13:26:00 +0000 (14:26 +0100)]
revocation: Allow CRLs to be encoded in PEM format

Since the textual representation for a CRL is now standardized
in RFC 7468 one could argue that we should accept that too, even
though RFC 5280 explicitly demands CRLs fetched via HTTP/FTP to
be in DER format.  But in particular for file URIs enforcing that
seems inconvenient.

Fixes #1203.

4 years agocurl: Be less strict when considering status codes as errors
Tobias Brunner [Wed, 11 Nov 2015 14:20:00 +0000 (15:20 +0100)]
curl: Be less strict when considering status codes as errors

For file:// URIs the code is 0 on success. We now do the same libcurl
would do with CURLOPT_FAILONERROR enabled.

Fixes #1203.

4 years agoeap-radius: Compare address family when handing out virtual IPs
Tobias Brunner [Tue, 10 Nov 2015 08:42:23 +0000 (09:42 +0100)]
eap-radius: Compare address family when handing out virtual IPs

This also ensures that the actually released virtual IP is removed from
the list of claimed IPs.

Fixes #1199.

4 years agoMerge branch 'eap-mschapv2-eap-identity'
Tobias Brunner [Thu, 12 Nov 2015 13:22:28 +0000 (14:22 +0100)]
Merge branch 'eap-mschapv2-eap-identity'

This replaces the EAP-Identity with the EAP-MSCHAPv2 username, which
ensures the client is known with an authenticated identity.  Previously
a client with a valid username could use a different identity (e.g. the
name of a different user) in the EAP-Identity exchange.  Since we use
the EAP-Identity for uniqueness checks etc. this could be problematic.
The EAP-MSCHAPv2 username is now explicitly logged if it is different
from the EAP-Identity (or IKE identity).

Fixes #1182.

4 years agoeap-mschapv2: Report username if different from EAP-Identity (or IKE identity)
Tobias Brunner [Thu, 5 Nov 2015 13:07:49 +0000 (14:07 +0100)]
eap-mschapv2: Report username if different from EAP-Identity (or IKE identity)

4 years agoeap-mschapv2: Provide EAP-MSCHAPv2 username as EAP-Identity
Tobias Brunner [Wed, 28 Oct 2015 16:44:48 +0000 (17:44 +0100)]
eap-mschapv2: Provide EAP-MSCHAPv2 username as EAP-Identity

4 years agoauth-cfg: Prefer merged rules over existing ones when moving them
Tobias Brunner [Wed, 28 Oct 2015 17:53:15 +0000 (18:53 +0100)]
auth-cfg: Prefer merged rules over existing ones when moving them

This is particularly important for single valued rules (e.g.
identities).  When copying values this is already handled correctly
by the enumerator and add().

4 years agoandroid: Add some (older) unit tests
Tobias Brunner [Wed, 11 Nov 2015 18:35:33 +0000 (19:35 +0100)]
android: Add some (older) unit tests

4 years agoandroid: Properly handle shorter types in BufferedByteWriter
Tobias Brunner [Wed, 11 Nov 2015 18:30:04 +0000 (19:30 +0100)]
android: Properly handle shorter types in BufferedByteWriter

In Java all integer types are signed, when a negative integer is casted
to a larger type (e.g. int to long) then due to sign extension the upper
bytes are not 0.  So writing that value to a byte array does not produce
the expected result.  By overloading the putX() methods we make sure to
upcast the values correctly.

4 years agoandroid: Migrate to the Gradle build system
Tobias Brunner [Thu, 22 Oct 2015 15:18:14 +0000 (17:18 +0200)]
android: Migrate to the Gradle build system

This uses a manual way to trigger the NDK build (the default with
on-the-fly Android.mk files does not work for us).

4 years agoandroid: Provide a fallback for sigwaitinfo()
Tobias Brunner [Wed, 11 Nov 2015 15:54:47 +0000 (16:54 +0100)]
android: Provide a fallback for sigwaitinfo()

4 years agoandroid: Replace AndroidConfigLocal.h with a header in utils/compat
Tobias Brunner [Wed, 11 Nov 2015 15:51:16 +0000 (16:51 +0100)]
android: Replace AndroidConfigLocal.h with a header in utils/compat

4 years agoandroid: Fix build after updating Linux headers
Tobias Brunner [Fri, 23 Oct 2015 14:55:39 +0000 (16:55 +0200)]
android: Fix build after updating Linux headers

Since we don't use the kernel-netlink plugin anymore and the headers
in the NDK are reasonably recent, we don't need this anymore (at least
when building the app).

Fixes #1172.

4 years agoMerge branch 'tkm-spi-label'
Tobias Brunner [Wed, 11 Nov 2015 14:42:34 +0000 (15:42 +0100)]
Merge branch 'tkm-spi-label'

Adds the charon-tkm.spi_label and charon-tkm.spi_mask options to encode
a specific value/label in otherwise randomly generated IKE SPIs.

4 years agocharon-tkm: Register SPI generator callback
Adrian-Ken Rueegsegger [Mon, 9 Nov 2015 18:27:50 +0000 (19:27 +0100)]
charon-tkm: Register SPI generator callback

Set get_spi callback of IKE SA manager to TKM-specific implementation.

4 years agocharon-tkm: Implement SPI generator
Adrian-Ken Rueegsegger [Mon, 9 Nov 2015 18:25:34 +0000 (19:25 +0100)]
charon-tkm: Implement SPI generator

The get_spi callback returns a random SPI with a label encoded according
to the spi_label and spi_mask parameters read from the strongswan.conf.

4 years agosettings: Add settings_value_as_uint64() helper function
Tobias Brunner [Mon, 9 Nov 2015 18:27:20 +0000 (19:27 +0100)]
settings: Add settings_value_as_uint64() helper function

4 years agoike-sa-manager: Allow plugins to provide IKE SPIs via a callback
Tobias Brunner [Mon, 9 Nov 2015 14:55:41 +0000 (15:55 +0100)]
ike-sa-manager: Allow plugins to provide IKE SPIs via a callback

Plugins must depend on `libcharon-sa-managers` to ensure the manager
exists.

4 years agolibcharon: Publish IKE_SA/CHILD_SA managers as custom plugin feature
Tobias Brunner [Mon, 9 Nov 2015 14:54:48 +0000 (15:54 +0100)]
libcharon: Publish IKE_SA/CHILD_SA managers as custom plugin feature

4 years agoikev1: Also use message hashes for Quick Mode for the early retransmission check
Tobias Brunner [Mon, 9 Nov 2015 16:07:25 +0000 (17:07 +0100)]
ikev1: Also use message hashes for Quick Mode for the early retransmission check

We already did so during Phase 1 but because all three Quick Mode
message have the same message ID we occasionally dropped the third
message as retransmit, so we do it there too.  For INFORMATIONAL
and TRANSACTION exchanges we don't expect more than one inbound message
with the same message ID so we still use them there.

Fixes #1198.

4 years agotesting: Check for leases in swanctl/ip-pool scenario
Andreas Steffen [Wed, 11 Nov 2015 07:43:43 +0000 (08:43 +0100)]
testing: Check for leases in swanctl/ip-pool scenario

4 years agoVersion bump to 5.3.4dr3 5.3.4dr3
Andreas Steffen [Tue, 10 Nov 2015 10:48:32 +0000 (11:48 +0100)]
Version bump to 5.3.4dr3

4 years agotesting: Fixed some more timing issues
Andreas Steffen [Mon, 9 Nov 2015 17:48:30 +0000 (18:48 +0100)]
testing: Fixed some more timing issues

4 years agokernel-netlink: Allow IPsec policies to replace shunt policies
Tobias Brunner [Mon, 5 Oct 2015 12:36:29 +0000 (14:36 +0200)]
kernel-netlink: Allow IPsec policies to replace shunt policies

Shunt policies don't have a reqid set, so we allow unequal reqids in
this particular case (i.e. if one of the reqids is 0).

4 years agokernel-pfkey: Make absolutely sure we always delete the right policy cache entry
Tobias Brunner [Wed, 16 Sep 2015 15:04:21 +0000 (17:04 +0200)]
kernel-pfkey: Make absolutely sure we always delete the right policy cache entry

4 years agokernel-netlink: Make absolutely sure we always delete the right policy cache entry
Tobias Brunner [Wed, 16 Sep 2015 15:01:00 +0000 (17:01 +0200)]
kernel-netlink: Make absolutely sure we always delete the right policy cache entry

4 years agokernel-interface: Pass the same data to del_policy() that was passed to add_policy()
Tobias Brunner [Wed, 16 Sep 2015 14:44:09 +0000 (16:44 +0200)]
kernel-interface: Pass the same data to del_policy() that was passed to add_policy()

The additional data can be helpful to identify the exact policy to
delete.

4 years agokernel-netlink: Remove the unused policy_history flag
Tobias Brunner [Wed, 16 Sep 2015 13:05:10 +0000 (15:05 +0200)]
kernel-netlink: Remove the unused policy_history flag

This was used with pluto, which had its own policy tracking.

4 years agokernel-interface: Return bool for kernel interface registration
Thomas Egerer [Tue, 6 Oct 2015 09:02:45 +0000 (11:02 +0200)]
kernel-interface: Return bool for kernel interface registration

If the (un)registering of a kernel interface (net or ipsec) fails, the
plugin loader will never know, since the appropriate functions always
returns TRUE.  By making the (un)register functions return a boolean
value, the loader can detect a failure during initializing the kernel
interface and abort charon startup if desired.

4 years agotrap-manager: Also clean up remote address in error cases
Tobias Brunner [Tue, 10 Nov 2015 13:00:11 +0000 (14:00 +0100)]
trap-manager: Also clean up remote address in error cases

Fixes #1201.

4 years agotraffic-selector: Don't end printf'ed list of traffic selectors with a space
Tobias Brunner [Wed, 7 Oct 2015 14:25:05 +0000 (16:25 +0200)]
traffic-selector: Don't end printf'ed list of traffic selectors with a space

4 years agoswanctl: Add option to query leases with --get-pools
Tobias Brunner [Mon, 19 Oct 2015 13:42:57 +0000 (15:42 +0200)]
swanctl: Add option to query leases with --get-pools

4 years agovici: Add option to query leases of pools
Tobias Brunner [Mon, 19 Oct 2015 13:35:51 +0000 (15:35 +0200)]
vici: Add option to query leases of pools

We could later perhaps add filter parameters similar to those of the
`ipsec leases` command (pool name/virtual IP).

4 years agoswanctl: List virtual IPs in --list-sas
Tobias Brunner [Mon, 19 Oct 2015 14:07:39 +0000 (16:07 +0200)]
swanctl: List virtual IPs in --list-sas

4 years agovici: Return local and remote virtual IPs when listing SAs
Tobias Brunner [Mon, 19 Oct 2015 14:05:47 +0000 (16:05 +0200)]
vici: Return local and remote virtual IPs when listing SAs

4 years agosocket-dynamic: Refactor setting source address when sending messages
Tobias Brunner [Tue, 3 Nov 2015 14:35:16 +0000 (15:35 +0100)]
socket-dynamic: Refactor setting source address when sending messages

Basically the same change as the one for the socket-default plugin.

4 years agosocket-default: Refactor setting source address when sending messages
Tobias Brunner [Mon, 2 Nov 2015 15:22:38 +0000 (16:22 +0100)]
socket-default: Refactor setting source address when sending messages

This ensures we don't pass data (via msg_control) defined in a different
scope to sendmsg().  Actually, some compilers (e.g. GCC 5.2.1) might
optimize the memcpy() call away causing the packets not to get sent from
the intended source address.

It also makes the code clearer than with all these ifdefs.

Fixes #1171.

4 years agosocket-default: Refactor retrieval of destination address of received packets
Tobias Brunner [Mon, 2 Nov 2015 15:16:56 +0000 (16:16 +0100)]
socket-default: Refactor retrieval of destination address of received packets

This makes the code a bit clearer than with the interleaved ifdefs.

4 years agoMerge branch 'medsrv-js-css'
Tobias Brunner [Mon, 9 Nov 2015 15:37:02 +0000 (16:37 +0100)]
Merge branch 'medsrv-js-css'

Removes the outdated version of MooTools and actually all
JavaScript code as that stuff can now be done with CSS directly.

Fixes #1190.

4 years agomedsrv: Replace remaining JavaScript code with CSS
Tobias Brunner [Wed, 4 Nov 2015 13:47:40 +0000 (14:47 +0100)]
medsrv: Replace remaining JavaScript code with CSS

4 years agomedsrv: Replace the JavaScript focus() calls with HTML5's autofocus
Tobias Brunner [Wed, 4 Nov 2015 13:30:18 +0000 (14:30 +0100)]
medsrv: Replace the JavaScript focus() calls with HTML5's autofocus

4 years agoconftest: Add configuration option to report milliseconds in file logger
Tobias Brunner [Mon, 9 Nov 2015 11:44:29 +0000 (12:44 +0100)]
conftest: Add configuration option to report milliseconds in file logger

4 years agofile-logger: Add option to print milliseconds within the current second after timestamp
Tobias Brunner [Mon, 9 Nov 2015 11:30:26 +0000 (12:30 +0100)]
file-logger: Add option to print milliseconds within the current second after timestamp

For this to look right time_format should end with %S or %T.

Closes strongswan/strongswan#18.

4 years agoike-natd: Create fake NAT-D payloads in a more static way
Tobias Brunner [Fri, 25 Sep 2015 17:24:44 +0000 (19:24 +0200)]
ike-natd: Create fake NAT-D payloads in a more static way

In some scenarios an IKE_SA might get restarted multiple times (e.g.
due to retransmits and delayed INVALID_KE_PAYLOAD notifies) so that
two IKE_SA_INIT messages might be sent that only differ in the
previously randomly generated NAT_DETECTION_SOURCE_IP payload.
This could cause an authentication failure on the responder if the two
peers don't use the same IKE_SA_INIT message in their InitiatorSignedOctets.

While the payload is generated in a reproducible way it will still change
when the daemon is restarted, which should make detecting the payloads
as fake a bit harder (compared to e.g. just using 0.0.0.0:0 as address).

Fixes #1131.

4 years agotesting: Added Debian 7.9 to IMV database 5.3.4dr2
Andreas Steffen [Sat, 7 Nov 2015 12:13:49 +0000 (13:13 +0100)]
testing: Added Debian 7.9 to IMV database

4 years agotesting: Reduce runtime of all tests that use SQLite databases by storing them in...
Tobias Brunner [Fri, 6 Nov 2015 16:27:45 +0000 (17:27 +0100)]
testing: Reduce runtime of all tests that use SQLite databases by storing them in ramfs

4 years agotesting: tnc/tnccs-20-hcd-eap scenario does not use SWID IMV/strongTNC
Tobias Brunner [Fri, 6 Nov 2015 17:27:30 +0000 (18:27 +0100)]
testing: tnc/tnccs-20-hcd-eap scenario does not use SWID IMV/strongTNC

4 years agotesting: Add test config to create and remove a directory for DBs stored in ramfs
Tobias Brunner [Fri, 6 Nov 2015 16:26:42 +0000 (17:26 +0100)]
testing: Add test config to create and remove a directory for DBs stored in ramfs

4 years agotesting: Improve runtime of TNC tests by storing the SQLite DB in ramfs
Tobias Brunner [Fri, 6 Nov 2015 15:00:29 +0000 (16:00 +0100)]
testing: Improve runtime of TNC tests by storing the SQLite DB in ramfs

This saves about 50%-70% of the time needed for scenarios that use a DB.

4 years agotesting: Fix test constraints in ikev2/rw-ntru-bliss scenario
Tobias Brunner [Fri, 6 Nov 2015 16:21:11 +0000 (17:21 +0100)]
testing: Fix test constraints in ikev2/rw-ntru-bliss scenario

Changed with a88d958933ef ("Explicitly mention SHA2 algorithm in BLISS
OIDs and signature schemes").

4 years agotesting: Use sha3 plugin in ikev2/rw-cert scenario
Andreas Steffen [Fri, 6 Nov 2015 15:22:57 +0000 (16:22 +0100)]
testing: Use sha3 plugin in ikev2/rw-cert scenario

4 years agomediation: Reschedule initiate mediation job if SA is not yet found
Tobias Brunner [Fri, 6 Nov 2015 13:45:57 +0000 (14:45 +0100)]
mediation: Reschedule initiate mediation job if SA is not yet found

If the job gets queued for a newly created IKE_SA it might not yet be
checked in when the job is running, reschedule the job in that case.

This should fix the two p2pnat test scenarios, which occasionally
failed because one of the peers did not initiate the connection to
the mediation server.

4 years agotesting: Report the actual strongSwan and kernel versions
Tobias Brunner [Fri, 6 Nov 2015 10:28:34 +0000 (11:28 +0100)]
testing: Report the actual strongSwan and kernel versions

4 years agotesting: Record strongSwan version when building from tarball
Tobias Brunner [Fri, 6 Nov 2015 10:19:40 +0000 (11:19 +0100)]
testing: Record strongSwan version when building from tarball

4 years agotesting: Record strongSwan version when building from source tree
Tobias Brunner [Fri, 6 Nov 2015 10:19:22 +0000 (11:19 +0100)]
testing: Record strongSwan version when building from source tree

4 years agotesting: Report time required for all scenarios on test overview page
Tobias Brunner [Thu, 5 Nov 2015 14:20:46 +0000 (15:20 +0100)]
testing: Report time required for all scenarios on test overview page

4 years agoike-sa-manager: Signal entries that we don't actually check out
Tobias Brunner [Thu, 5 Nov 2015 17:52:27 +0000 (18:52 +0100)]
ike-sa-manager: Signal entries that we don't actually check out

In some cases we call wait_for_entry() but don't actually check out the
entry afterwards (e.g. because it doesn't match certain criteria).  So
there won't be a call to checkin() for such entries causing waiting
threads to get signaled.  Instead, such threads would be blocked until
another thread properly checks out/in the entry (or does a blocking
enumeration).

4 years agoike-sa-manager: Signal waiting threads after check out/in for uniqueness check
Tobias Brunner [Fri, 6 Nov 2015 08:18:44 +0000 (09:18 +0100)]
ike-sa-manager: Signal waiting threads after check out/in for uniqueness check

Fixes 758b1caa0e75 ("ikev1: Prevent deadlock when checking for duplicate IKEv1 SAs")

4 years agotesting: Remove old SWID tags when building from repository
Tobias Brunner [Thu, 5 Nov 2015 16:04:29 +0000 (17:04 +0100)]
testing: Remove old SWID tags when building from repository

This fixes the TNC-PDP scenarios.

4 years agotesting: Don't log anything to the console if auth.log or daemon.log do not exist
Tobias Brunner [Thu, 5 Nov 2015 14:10:26 +0000 (15:10 +0100)]
testing: Don't log anything to the console if auth.log or daemon.log do not exist

4 years agotesting: Simplify fetching of swanctl --list-* output
Tobias Brunner [Thu, 5 Nov 2015 14:07:57 +0000 (15:07 +0100)]
testing: Simplify fetching of swanctl --list-* output

4 years agotesting: Don't run redundant crypto tests in sql/rw-cert scenario
Tobias Brunner [Thu, 5 Nov 2015 14:05:44 +0000 (15:05 +0100)]
testing: Don't run redundant crypto tests in sql/rw-cert scenario

They run in all other rw-cert scenarios but in the SQL version there is
no change in the loaded crypto plugins.

4 years agotesting: Fix CRL URIs in ipv6/net2net-ip4-in-ip6-ikev* scenarios
Tobias Brunner [Thu, 5 Nov 2015 14:04:39 +0000 (15:04 +0100)]
testing: Fix CRL URIs in ipv6/net2net-ip4-in-ip6-ikev* scenarios

4 years agotesting: Speed up OCSP scenarios
Tobias Brunner [Thu, 5 Nov 2015 14:03:06 +0000 (15:03 +0100)]
testing: Speed up OCSP scenarios

Don't make clients wait for the TCP connections to timeout by dropping
packets.  By rejecting them the OCSP requests fail immediately.

4 years agotesting: Speed up ifdown calls in ikev2/mobike scenarios
Tobias Brunner [Thu, 5 Nov 2015 13:59:34 +0000 (14:59 +0100)]
testing: Speed up ifdown calls in ikev2/mobike scenarios

ifdown calls bind's rndc, which tries to access TCP port 953 on lo.
If these packets are dropped by the firewall we have to wait for the TCP
connections to time out, which takes quite a while.

4 years agotesting: Avoid delays with ping by using -W and -i options
Tobias Brunner [Thu, 5 Nov 2015 13:57:07 +0000 (14:57 +0100)]
testing: Avoid delays with ping by using -W and -i options

With -W we reduce timeouts when we don't expect a response.  With -i the
interval between pings is reduced (mostly in case of auto=route where
the first ping yields no reply).

4 years agotesting: Remove nearly all sleep calls from pretest and posttest scripts
Tobias Brunner [Thu, 5 Nov 2015 13:47:58 +0000 (14:47 +0100)]
testing: Remove nearly all sleep calls from pretest and posttest scripts

By consistently using the `expect-connection` helper we can avoid pretty
much all previously needed calls to sleep.

4 years agoikev1: Fix calculation of DPD timeout
Tobias Brunner [Thu, 5 Nov 2015 14:14:56 +0000 (15:14 +0100)]
ikev1: Fix calculation of DPD timeout

A DPD timeout job is queued whenever a DPD is sent, i.e. after the
DPD delay already has elapsed, so we have to compensate for that.

4 years agotesting: Adapt tests to retransmission settings and reduce DPD delay/timeout
Tobias Brunner [Thu, 5 Nov 2015 13:55:14 +0000 (14:55 +0100)]
testing: Adapt tests to retransmission settings and reduce DPD delay/timeout

4 years agoipsec: Quit script quicker for ipsec stop
Tobias Brunner [Tue, 6 Oct 2015 15:21:01 +0000 (17:21 +0200)]
ipsec: Quit script quicker for ipsec stop

It rarely takes 1 second or longer to terminate the daemon.  This
decreases the runtime of the post test step a lot where `ipsec stop`
is called for multiple hosts in each test case (10-15 minutes over all
test cases).

4 years agotesting: Only send two retransmits after 1 second each to fail negative tests earlier
Tobias Brunner [Mon, 21 Sep 2015 17:32:22 +0000 (19:32 +0200)]
testing: Only send two retransmits after 1 second each to fail negative tests earlier

4 years agotesting: Add a base strongswan.conf file used by all hosts in all scenarios
Tobias Brunner [Mon, 21 Sep 2015 09:15:20 +0000 (11:15 +0200)]
testing: Add a base strongswan.conf file used by all hosts in all scenarios

We will use this to set some defaults (e.g. timeouts to make testing
negative tests quicker).  We don't want these settings to show up in the
configs of the actual scenarios though.

4 years agoxauth: Call authorize() hook also when xauth-noauth is used
Tobias Brunner [Thu, 1 Oct 2015 16:15:00 +0000 (18:15 +0200)]
xauth: Call authorize() hook also when xauth-noauth is used

Fixes #1138.

4 years agolibtnccs: Optionally use RTLD_NOW to load IMC/IMVs with dlopen()
Tobias Brunner [Fri, 25 Sep 2015 10:00:58 +0000 (12:00 +0200)]
libtnccs: Optionally use RTLD_NOW to load IMC/IMVs with dlopen()

4 years agoplugin-loader: Optionally use RTLD_NOW with dlopen()
Tobias Brunner [Fri, 25 Sep 2015 09:05:24 +0000 (11:05 +0200)]
plugin-loader: Optionally use RTLD_NOW with dlopen()

This can be useful when writing custom plugins as typos or missing
linker flags that result in unresolved symbols in the shared object
could otherwise cause late crashes.  In particular, if such a symbol
is used in a code path that is rarely executed.  During development
and testing using RTLD_NOW instead of RTLD_LAZY will prevent the
plugin from getting loaded and makes the error visible immediately.

4 years agowindows: Define RTLD_NOW, even if it is not used
Tobias Brunner [Fri, 25 Sep 2015 15:41:31 +0000 (17:41 +0200)]
windows: Define RTLD_NOW, even if it is not used

4 years agokernel-pfkey: Enable ENCR_AES_CTR when it's available
Renato Botelho [Fri, 6 Nov 2015 19:07:38 +0000 (17:07 -0200)]
kernel-pfkey: Enable ENCR_AES_CTR when it's available

Obtained-from: pfSense
Sponsored-by: Rubicon Communications (Netgate)
Closes strongswan/strongswan#17.

4 years agovici: Add NAT information when listing IKE_SAs
Tobias Brunner [Mon, 9 Nov 2015 10:39:54 +0000 (11:39 +0100)]
vici: Add NAT information when listing IKE_SAs

The `nat-local` and `nat-remote` keys contain information on the NAT
status of the local and remote IKE endpoints, respectively.  If a
responder did not detect a NAT but is configured to fake a NAT situation
this is indicated by `nat-fake` (if an initiator fakes a NAT situation
`nat-local` is set).  If any NAT is detected or faked `nat-any` is set.

Closes strongswan/strongswan#16.

4 years agoMerge branch 'iv-gen-null-encr'
Tobias Brunner [Mon, 9 Nov 2015 10:16:12 +0000 (11:16 +0100)]
Merge branch 'iv-gen-null-encr'

Fixes NULL encryption in libipsec.

Fixes #1174.

4 years agotesting: Add libipsec/net2net-null scenario
Tobias Brunner [Fri, 23 Oct 2015 12:47:54 +0000 (14:47 +0200)]
testing: Add libipsec/net2net-null scenario

4 years agoiv-gen: Use NULL IV generator for NULL encryption
Tobias Brunner [Fri, 23 Oct 2015 12:34:54 +0000 (14:34 +0200)]
iv-gen: Use NULL IV generator for NULL encryption

We don't need an IV for NULL encryption, so we wouldn't technically need
an IV generator.  But some of the code currently relies on an IV
generator to be present.  So we don't have to change that code and
handle IV size == 0 specially we use the new NULL IV generator, which
handles this transparently to the existing code.

Before 3c81cb6fc322 ("aead: Create AEAD using traditional transforms
with an explicit IV generator") iv_gen_rand_t was used for NULL
encryption, which would work too but this way it's clearer.

4 years agocrypto: Add NULL IV generator
Tobias Brunner [Fri, 23 Oct 2015 12:16:57 +0000 (14:16 +0200)]
crypto: Add NULL IV generator

This does not actually allocate an IV and only accepts requests
for size == 0.

4 years agoconfigure: Load sha1 and random plugins in manager by default
Tobias Brunner [Thu, 22 Oct 2015 09:05:31 +0000 (11:05 +0200)]
configure: Load sha1 and random plugins in manager by default

If the openssl plugin is not enabled we need these to generate session
IDs and to authenticate the users.

The md4 plugin is not needed in the manager.

Fixes #1168.

4 years agostroke: Make down-nb actually non-blocking
Tobias Brunner [Wed, 4 Nov 2015 15:44:17 +0000 (16:44 +0100)]
stroke: Make down-nb actually non-blocking

Fixes #1191.

4 years agoVersion bump to 5.3.4dr2
Andreas Steffen [Fri, 6 Nov 2015 15:07:04 +0000 (16:07 +0100)]
Version bump to 5.3.4dr2

4 years agotesting: Updated hasher tests
Andreas Steffen [Fri, 6 Nov 2015 15:05:44 +0000 (16:05 +0100)]
testing: Updated hasher tests

4 years agoExplicitly mention SHA2 algorithm in BLISS OIDs and signature schemes
Andreas Steffen [Fri, 6 Nov 2015 13:55:10 +0000 (14:55 +0100)]
Explicitly mention SHA2 algorithm in BLISS OIDs and signature schemes

4 years agoVersion bump to 5.3.4dr1 5.3.4dr1
Andreas Steffen [Wed, 4 Nov 2015 18:42:17 +0000 (19:42 +0100)]
Version bump to 5.3.4dr1

4 years agoUse word-aligned XOR in sha3_absorb()
Andreas Steffen [Tue, 3 Nov 2015 18:06:45 +0000 (19:06 +0100)]
Use word-aligned XOR in sha3_absorb()

4 years agotesting: BLISS CA uses SHA-3 in its CRL
Andreas Steffen [Fri, 30 Oct 2015 06:06:57 +0000 (07:06 +0100)]
testing: BLISS CA uses SHA-3 in its CRL

4 years agoSupport BLISS signatures with SHA-3 hash
Andreas Steffen [Wed, 28 Oct 2015 20:00:31 +0000 (21:00 +0100)]
Support BLISS signatures with SHA-3 hash

4 years agoImplemented SHA-3 hash algorithm including test vectors
Andreas Steffen [Wed, 28 Oct 2015 18:57:14 +0000 (19:57 +0100)]
Implemented SHA-3 hash algorithm including test vectors

4 years agoDefined SHA-3 hashers
Andreas Steffen [Thu, 15 Oct 2015 14:39:50 +0000 (16:39 +0200)]
Defined SHA-3 hashers

4 years agotesting: Update tkm to version 0.1.3
Tobias Brunner [Fri, 30 Oct 2015 10:19:44 +0000 (11:19 +0100)]
testing: Update tkm to version 0.1.3

Adds XFRM state/policy flush when terminating which caused tests to fail
due to the check added with 9086f060d35a ("testing: Let test scenarios
fail if IPsec SAs or policies are not removed").

4 years agolibipsec: Properly support CAMELLIA in CTR mode
Tobias Brunner [Mon, 21 Sep 2015 09:12:14 +0000 (11:12 +0200)]
libipsec: Properly support CAMELLIA in CTR mode

4 years agoikev2: Fix size of key material for CAMELLIA-CTR
Tobias Brunner [Mon, 21 Sep 2015 09:11:33 +0000 (11:11 +0200)]
ikev2: Fix size of key material for CAMELLIA-CTR

Like AES in CTR mode it includes a 4 byte nonce.