4 years agoinit: Reload configurations/credentials as well during systemctl reload
Martin Willi [Tue, 7 Mar 2017 16:29:45 +0000 (17:29 +0100)]
init: Reload configurations/credentials as well during systemctl reload

4 years agoswanctl: Add --reauth option to --rekey command
Tobias Brunner [Thu, 23 Aug 2018 14:20:06 +0000 (16:20 +0200)]
swanctl: Add --reauth option to --rekey command

4 years agovici: Add option to reauthenticae instead of rekey an IKEv2 SA
Tobias Brunner [Thu, 23 Aug 2018 14:16:47 +0000 (16:16 +0200)]
vici: Add option to reauthenticae instead of rekey an IKEv2 SA

4 years agoMerge branch 'xfrm-set-mark'
Tobias Brunner [Fri, 31 Aug 2018 10:27:40 +0000 (12:27 +0200)]
Merge branch 'xfrm-set-mark'

This adds the ability to configure marks the in- and/or outbound SA
should apply to packets after processing on Linux.  Configuring such a mark
for outbound SAs requires at least a 4.14 kernel.  The ability to set a mask
and configuring a mark/mask for inbound SAs will be added with the upcoming
4.19 kernel.

4 years agochild-sa: Use SA matching mark as SA set mark if the latter is %same
Martin Willi [Wed, 9 May 2018 11:40:36 +0000 (13:40 +0200)]
child-sa: Use SA matching mark as SA set mark if the latter is %same

For inbound processing, it can be rather useful to apply the mark to the
packet in the SA, so the associated policy with that mark implicitly matches.
When using %unique as match mark, we don't know the mark beforehand, so
we most likely want to set the mark we match against.

4 years agoipsec-types: Restrict the use of %unique and other keywords when parsing marks
Martin Willi [Mon, 14 May 2018 11:42:53 +0000 (13:42 +0200)]
ipsec-types: Restrict the use of %unique and other keywords when parsing marks

%unique (and the upcoming %same key) are usable in specific contexts only.
To restrict the user from using it in other places where it does not get the
expected results, reject such keywords unless explicitly allowed.

4 years agovici: Document kernel requirements for set_mark_in/set_mark_out options
Martin Willi [Mon, 14 May 2018 10:55:27 +0000 (12:55 +0200)]
vici: Document kernel requirements for set_mark_in/set_mark_out options

4 years agovici: Make in-/outbound marks the SA should set configurable
Tobias Brunner [Fri, 20 Apr 2018 12:12:48 +0000 (14:12 +0200)]
vici: Make in-/outbound marks the SA should set configurable

4 years agochild-sa: Configure in-/outbound mark the SA should set
Tobias Brunner [Fri, 20 Apr 2018 12:08:35 +0000 (14:08 +0200)]
child-sa: Configure in-/outbound mark the SA should set

4 years agochild-cfg: Add properties for in-/outbound mark the SA should set
Tobias Brunner [Fri, 20 Apr 2018 12:02:57 +0000 (14:02 +0200)]
child-cfg: Add properties for in-/outbound mark the SA should set

4 years agokernel-netlink: Add support for setting mark/mask an SA should apply to processed...
Tobias Brunner [Fri, 20 Apr 2018 12:01:12 +0000 (14:01 +0200)]
kernel-netlink: Add support for setting mark/mask an SA should apply to processed traffic

4 years agokernel-netlink: Use larger buffer for event messages
Tobias Brunner [Fri, 10 Aug 2018 12:41:16 +0000 (14:41 +0200)]
kernel-netlink: Use larger buffer for event messages

4 years agoikev1: Increase DPD sequence number only after receiving a response
Tobias Brunner [Mon, 6 Aug 2018 15:01:20 +0000 (17:01 +0200)]
ikev1: Increase DPD sequence number only after receiving a response

We don't retransmit DPD requests like we do requests for proper exchanges,
so increasing the number with each sent DPD could result in the peer's state
getting out of sync if DPDs are lost.  Because according to RFC 3706, DPDs
with an unexpected sequence number SHOULD be rejected (it does mention the
possibility of maintaining a window of acceptable numbers, but we currently
don't implement that).  We partially ignore such messages (i.e. we don't
update the expected sequence number and the inbound message stats, so we
might send a DPD when none is required).  However, we always send a response,
so a peer won't really notice this (it also ensures a reply for "retransmits"
caused by this change, i.e. multiple DPDs with the same number - hopefully,
other implementations behave similarly when receiving such messages).

Fixes #2714.

4 years agoRemove ITA references
Tobias Brunner [Fri, 31 Aug 2018 09:11:12 +0000 (11:11 +0200)]
Remove ITA references

4 years agoikev1: Signal IKE_SA connection failure via bus
Tobias Brunner [Thu, 23 Aug 2018 15:54:29 +0000 (17:54 +0200)]
ikev1: Signal IKE_SA connection failure via bus

This is mainly for HA where a passive SA was already created when the
IKE keys were derived.  If e.g. an authentication error occurs later that
SA wouldn't get cleaned up.

4 years agoaggressive-mode: Trigger alerts for authentication failures
Tobias Brunner [Thu, 23 Aug 2018 15:25:08 +0000 (17:25 +0200)]
aggressive-mode: Trigger alerts for authentication failures

4 years agomain-mode: Local identity is always defined
Tobias Brunner [Thu, 23 Aug 2018 15:31:50 +0000 (17:31 +0200)]
main-mode: Local identity is always defined

4 years agomain-mode: Also trigger a PEER_AUTH_FAILED alert if authorize() fails
Tobias Brunner [Thu, 23 Aug 2018 15:24:26 +0000 (17:24 +0200)]
main-mode: Also trigger a PEER_AUTH_FAILED alert if authorize() fails

4 years agomain-mode: Signal local/peer auth failure via bus
Thomas Egerer [Tue, 14 Aug 2018 11:56:58 +0000 (13:56 +0200)]
main-mode: Signal local/peer auth failure via bus

Signed-off-by: Thomas Egerer <>
4 years agocustom-logger: Add optional reload method
Thomas Egerer [Wed, 29 Aug 2018 11:14:59 +0000 (13:14 +0200)]
custom-logger: Add optional reload method

The reload of the configuration of the loggers so far only included
the log levels. In order to support the reload of all other options,
a reload function may be implemented.

Signed-off-by: Thomas Egerer <>
4 years agoike-sa-manager: Log message when scheduling delete for reauthenticated IKE_SA
Tobias Brunner [Tue, 28 Aug 2018 15:11:13 +0000 (17:11 +0200)]
ike-sa-manager: Log message when scheduling delete for reauthenticated IKE_SA

4 years agoMerge branch 'ip-header-fields'
Tobias Brunner [Wed, 29 Aug 2018 09:46:13 +0000 (11:46 +0200)]
Merge branch 'ip-header-fields'

Adds new options that allow configuring how/whether certain fields in
the IP headers are copied during IPsec processing. Currently only allows
configuration on Linux.

Closes strongswan/strongswan#104.

4 years agokernel: Add option to control DS field behavior
Tobias Brunner [Mon, 11 Jun 2018 10:07:48 +0000 (12:07 +0200)]
kernel: Add option to control DS field behavior

4 years agokernel: Add options to control DF and ECN header bits/fields via XFRM
Tobias Brunner [Mon, 11 Jun 2018 08:49:16 +0000 (10:49 +0200)]
kernel: Add options to control DF and ECN header bits/fields via XFRM

The options control whether the DF and ECN header bits/fields are copied
from the unencrypted packets to the encrypted packets in tunnel mode (DF only
for IPv4), and for ECN whether the same is done for inbound packets.

Note: This implementation only works with Linux/Netlink/XFRM.

Based on a patch by Markus Sattler.

4 years agovici: Add error handling to message parsing in Perl bindings
Tobias Brunner [Tue, 5 Jun 2018 15:49:42 +0000 (17:49 +0200)]
vici: Add error handling to message parsing in Perl bindings

4 years agovici: Improve message parsing performance in Perl bindings
Afschin Hormozdiary [Tue, 5 Jun 2018 13:10:43 +0000 (15:10 +0200)]
vici: Improve message parsing performance in Perl bindings

During a test with ~12000 established SAs it was noted that vici
related operations hung.
The operations took over 16 minutes to finish. The time was spent in
the vici message parser, which was assigning the message over and over
again, to get rid of the already parsed portions.

First fixed by cutting the consumed parts off without copying the message.
Runtime for ~12000 SAs is now around 20 seconds.

Further optimization brought the runtime down to roughly 1-2 seconds
by using an fd to read through the message variable.

Closes strongswan/strongswan#103.

4 years agokernel-netlink: Align concatenated Netlink responses
Thomas Egerer [Thu, 16 Aug 2018 07:12:37 +0000 (09:12 +0200)]
kernel-netlink: Align concatenated Netlink responses

The code to support parallel Netlink queries (commit 3c7193f) made use
of nlmsg_len member from struct nlmsghdr to allocate and copy the
responses. Since NLMSG_NEXT is later used to parse these responses, they
must be aligned, or the results are undefined.

Signed-off-by: Thomas Egerer <>
4 years agolibimcv: Fix
Tobias Brunner [Fri, 10 Aug 2018 08:09:07 +0000 (10:09 +0200)]
libimcv: Fix

4 years agolibtpmtss: Fixed
Vishal Rana [Thu, 9 Aug 2018 05:28:03 +0000 (22:28 -0700)]
libtpmtss: Fixed

Closes strongswan/strongswan#111

Signed-off-by: Vishal Rana <>
4 years agoREADME: Fix typos
Tom Schlenkhoff [Mon, 6 Aug 2018 11:24:18 +0000 (13:24 +0200)]
README: Fix typos

Closes strongswan/strongswan#110.

4 years agotravis: Fix vici Python tests when using Clang
Tobias Brunner [Mon, 6 Aug 2018 09:54:24 +0000 (11:54 +0200)]
travis: Fix vici Python tests when using Clang

For some reason the clang binary that's installed in an uncommon
directory could not be found anymore when installing packages via pip for
the last couple of builds. While the directory is obviously contained in PATH,
using `sudo -E` didn't help. So we now install the Python packages in the
user's home directory to avoid having to use sudo.

4 years agoVersion bump to 5.7.0dr8 5.7.0dr8
Andreas Steffen [Thu, 2 Aug 2018 05:30:05 +0000 (07:30 +0200)]
Version bump to 5.7.0dr8

4 years agoMerge branch 'swima-subscriptions'
Andreas Steffen [Thu, 2 Aug 2018 05:28:52 +0000 (07:28 +0200)]
Merge branch 'swima-subscriptions'

4 years agotnccs-20: Defer handshake retry when sending SRETRY batch
Andreas Steffen [Sat, 28 Jul 2018 12:57:49 +0000 (14:57 +0200)]
tnccs-20: Defer handshake retry when sending SRETRY batch

Set a retry_handshake flag on a TNC server when sending a SRETRY
batch and do the retry only after receiving the next CDATA batch
from the TNC client.

4 years agolibimcv: Reset of IMC state for new measurement cycle
Andreas Steffen [Tue, 31 Jul 2018 12:06:21 +0000 (14:06 +0200)]
libimcv: Reset of IMC state for new measurement cycle

4 years agolibimcv: Reset of IMV state for new measurement cycle
Andreas Steffen [Thu, 26 Jul 2018 15:24:32 +0000 (17:24 +0200)]
libimcv: Reset of IMV state for new measurement cycle

4 years agoimv-swima: Support subscriptions
Andreas Steffen [Wed, 25 Jul 2018 06:41:05 +0000 (08:41 +0200)]
imv-swima: Support subscriptions

4 years agoimc-swima: Support subscriptions
Andreas Steffen [Tue, 24 Jul 2018 20:35:55 +0000 (22:35 +0200)]
imc-swima: Support subscriptions

4 years agolibimcv: Missing comma in pa_tnc_error_code_names
Andreas Steffen [Tue, 24 Jul 2018 18:43:31 +0000 (20:43 +0200)]
libimcv: Missing comma in pa_tnc_error_code_names

4 years agoVersion bump to 5.7.0dr6 5.7.0dr6
Andreas Steffen [Sat, 21 Jul 2018 07:30:53 +0000 (09:30 +0200)]
Version bump to 5.7.0dr6

4 years agolibtpmss: Configure TCTI device options
Andreas Steffen [Thu, 19 Jul 2018 15:53:31 +0000 (17:53 +0200)]
libtpmss: Configure TCTI device options

4 years agoVersion bump to 5.7.0dr5 5.7.0dr5
Andreas Steffen [Thu, 19 Jul 2018 12:13:09 +0000 (14:13 +0200)]
Version bump to 5.7.0dr5

4 years agolibimcv: Added Debian 8.11 and Ubunut 18.04 to IMV database
Andreas Steffen [Thu, 19 Jul 2018 12:11:44 +0000 (14:11 +0200)]
libimcv: Added Debian 8.11 and Ubunut 18.04 to IMV database

4 years agolibtpmtss: Support of RSAPSS signature scheme
Andreas Steffen [Wed, 18 Jul 2018 20:55:27 +0000 (22:55 +0200)]
libtpmtss: Support of RSAPSS signature scheme

4 years agolibtpmtss: Support for TSS2 v2 libraries
Andreas Steffen [Tue, 17 Jul 2018 21:22:52 +0000 (23:22 +0200)]
libtpmtss: Support for TSS2 v2 libraries

4 years agotesting: Optionally build/install strongSwan only on a specific guest
Tobias Brunner [Wed, 11 Jul 2018 16:38:09 +0000 (18:38 +0200)]
testing: Optionally build/install strongSwan only on a specific guest

This may be used to test different strongSwan versions against each

4 years agoconf: Fix bench_time documentation
Tobias Brunner [Mon, 9 Jul 2018 16:10:07 +0000 (18:10 +0200)]
conf: Fix bench_time documentation

4 years agomessage: Report the size of the complete reassembled IKE message
Tobias Brunner [Thu, 5 Jul 2018 15:36:21 +0000 (17:36 +0200)]
message: Report the size of the complete reassembled IKE message

This way we see the same size on both ends, namely that of the complete
IKE message as if it was sent in a single packet (excluding UDP/IP headers).

4 years agoencrypted-payload: Change how the length for reassembled messages is calculated
Tobias Brunner [Thu, 5 Jul 2018 15:21:47 +0000 (17:21 +0200)]
encrypted-payload: Change how the length for reassembled messages is calculated

If we have an AEAD transform we add the overhead as if the data would have
been transported in a single encrypted payload.

4 years agoencrypted-payload: Add getter for the used AEAD transform
Tobias Brunner [Thu, 5 Jul 2018 15:20:52 +0000 (17:20 +0200)]
encrypted-payload: Add getter for the used AEAD transform

4 years agotesting: Fix checks after changing fragmentation log messages
Tobias Brunner [Thu, 5 Jul 2018 15:19:39 +0000 (17:19 +0200)]
testing: Fix checks after changing fragmentation log messages

4 years agocharon-nm: Parse any type of private key in need_secrets
SC Lee [Mon, 9 Jul 2018 09:54:25 +0000 (17:54 +0800)]
charon-nm: Parse any type of private key in need_secrets

Previously, when the user supplied an ECDSA key for public key authentication,
the user was always asked to provide a password, even if the key was not

Related: 954f73ea6e7e ("charon-nm: Parse any type of private key not only RSA")
Closes strongswan/strongswan#108.

4 years agokernel-pfkey: Add support for native ChaCha20/Poly1305 on macOS
Tobias Brunner [Fri, 6 Jul 2018 08:17:52 +0000 (10:17 +0200)]
kernel-pfkey: Add support for native ChaCha20/Poly1305 on macOS

4 years agokernel-pfkey: Enable macOS native AES_GCM_ICV16 support
Ruben Tytgat [Thu, 5 Jul 2018 15:54:42 +0000 (17:54 +0200)]
kernel-pfkey: Enable macOS native AES_GCM_ICV16 support

macOS supports AES_GCM_ICV16 natively using PF_KEYv2.

This change enables AES_GCM if the corresponding definition is detected
in the headers.

With this change it is no longer necessary to use the libipsec module to
use AES_GCM on macOS.

Closes strongswan/strongswan#107.

4 years agotesting: The dhcp plugin uses the DHCP client port again by default
Tobias Brunner [Thu, 5 Jul 2018 16:12:40 +0000 (18:12 +0200)]
testing: The dhcp plugin uses the DHCP client port again by default

This reverts parts of commit becf027cd9b0af162247015a9fff6c00e59fd6ce.

Fixes: 707b70725a7d ("dhcp: Only use DHCP server port if explicitly configured")

4 years agoandroid: New release after fixing EAP-PEAP issue and Autofill crash
Tobias Brunner [Wed, 4 Jul 2018 09:51:44 +0000 (11:51 +0200)]
android: New release after fixing EAP-PEAP issue and Autofill crash

4 years agoRevert "android: Enable the eap-ttls and eap-peap plugins"
Tobias Brunner [Wed, 4 Jul 2018 17:35:55 +0000 (19:35 +0200)]
Revert "android: Enable the eap-ttls and eap-peap plugins"

This reverts commit 064c97afaeabc341f98577eae67073641b1591db.

We have to make this optional and more configurable.  It seems some
commercial VPN providers use self-signed certificates for their AAA

4 years agoandroid: Move hint from TextInputEditText to TextInputLayout
Tobias Brunner [Wed, 4 Jul 2018 09:43:40 +0000 (11:43 +0200)]
android: Move hint from TextInputEditText to TextInputLayout

This avoids a NullPointerException on Android 8 related to the optional
Autofill functionality.  The bug has been fixed in Android 8.1 [1] but there
is no fix for Android 8.


4 years agoandroid: Don't enforce the server address as AAA identity for EAP-PEAP/TTLS
Tobias Brunner [Wed, 4 Jul 2018 09:17:04 +0000 (11:17 +0200)]
android: Don't enforce the server address as AAA identity for EAP-PEAP/TTLS

This is similar to EAP-TLS.  We could probably make this configurable

4 years agoandroid: New release after fixing cancelling connecting on older systems
Tobias Brunner [Tue, 3 Jul 2018 13:43:32 +0000 (15:43 +0200)]
android: New release after fixing cancelling connecting on older systems

4 years agoandroid: Poll dropper TUN device for data on older Android systems
Tobias Brunner [Tue, 3 Jul 2018 13:03:51 +0000 (15:03 +0200)]
android: Poll dropper TUN device for data on older Android systems

It seems that even the NIO version of read() is uninterruptible on
platforms < Android 7 (24).

4 years agoMerge branch 'android-updates'
Tobias Brunner [Tue, 3 Jul 2018 10:15:52 +0000 (12:15 +0200)]
Merge branch 'android-updates'

Lots of new features, e.g. Quick Settings tile, Always-on VPN, error
recovery, and lots of improvements under the hood.

4 years agoandroid: New version after adding lots of new features
Tobias Brunner [Thu, 21 Jun 2018 17:06:49 +0000 (19:06 +0200)]
android: New version after adding lots of new features

4 years agoandroid: Use ListView for log messages
Tobias Brunner [Mon, 2 Jul 2018 16:05:13 +0000 (18:05 +0200)]
android: Use ListView for log messages

This is hopefully a bit more efficient for large log files than the previous
single TextView.  The ListView widget also provides an auto-scroll mechanism.

4 years agoandroid: Simplify error handling in VPN state fragment
Tobias Brunner [Fri, 29 Jun 2018 14:42:18 +0000 (16:42 +0200)]
android: Simplify error handling in VPN state fragment

Always reset the error state when disconnecting via state service. This
way the error state is also cleared when the connection is terminated
directly via control activity.

4 years agoandroid: Remove MIME type filter when importing trusted certificates
Tobias Brunner [Fri, 29 Jun 2018 14:04:10 +0000 (16:04 +0200)]
android: Remove MIME type filter when importing trusted certificates

This way we should see files even if the MIME type has not been set
correctly while downloading it.

4 years agoandroid: Show date/thread prefix in log view if we have enough space
Tobias Brunner [Fri, 29 Jun 2018 10:50:31 +0000 (12:50 +0200)]
android: Show date/thread prefix in log view if we have enough space

This is the case for tablets or even phones in landscape orientation.
600dp is the breaking point for small tablets according to Google's

4 years agoandroid: Change log message when initializing the native code and add a divider
Tobias Brunner [Fri, 29 Jun 2018 10:07:17 +0000 (12:07 +0200)]
android: Change log message when initializing the native code and add a divider

We don't really start a daemon and the divider should make it easier to
identify retries.

4 years agoandroid: Don't use infinite keying tries on Android 5+
Tobias Brunner [Fri, 29 Jun 2018 09:41:41 +0000 (11:41 +0200)]
android: Don't use infinite keying tries on Android 5+

This way we get some feedback about the issue in the GUI (otherwise it
would just switch to connecting state) and also some delays between retries.

4 years agoandroid: Allow explicit termination of a profile without confirmation
Tobias Brunner [Mon, 25 Jun 2018 09:02:08 +0000 (11:02 +0200)]
android: Allow explicit termination of a profile without confirmation

4 years agoandroid: Handle restarts of the control Activity better
Tobias Brunner [Fri, 22 Jun 2018 11:57:51 +0000 (13:57 +0200)]
android: Handle restarts of the control Activity better

For instance, rotating a device will restart it and this previously
could have started the wrong profile or shown the system's VPN
confirmation dialog twice.

4 years agoandroid: Properly handle pressing home when VPN confirmation dialog is shown
Tobias Brunner [Fri, 22 Jun 2018 09:22:23 +0000 (11:22 +0200)]
android: Properly handle pressing home when VPN confirmation dialog is shown

As documented, onActivityResult() is called right before onResume() when
the activity is reactivated.  However, if the system's VPN confirmation
dialog is shown and the home button is pressed, the activity is stopped
and not just paused, so its state is saved.  And onActivityResult() is
actually also called before onStart().  This means that no fragment
transactions may be committed (i.e. no dialog may be shown) when the
activity is later restarted (e.g. because there is another attempt to
connect the VPN) until onStart() has been called.  So if we'd try to show
the error dialog in onActivityResult() after returning to the launcher
it would result in an IllegalStateException.

However, showing the dialog for the previous confirmation dialog is not
ideal anyway, so we just ignore that result.

4 years agoandroid: Crudely catch exception if no file browser is available
Tobias Brunner [Thu, 21 Jun 2018 17:05:33 +0000 (19:05 +0200)]
android: Crudely catch exception if no file browser is available

Seen on Android TV in the emulator.

4 years agoandroid: Enable the eap-ttls and eap-peap plugins
Tobias Brunner [Thu, 21 Jun 2018 16:35:37 +0000 (18:35 +0200)]
android: Enable the eap-ttls and eap-peap plugins

4 years agoandroid: Pass UUID to VPN service to initiate profiles
Tobias Brunner [Thu, 21 Jun 2018 14:46:13 +0000 (16:46 +0200)]
android: Pass UUID to VPN service to initiate profiles

4 years agoandroid: Remove Suite B ESP proposals and reorder some algorithms
Tobias Brunner [Thu, 21 Jun 2018 12:49:22 +0000 (14:49 +0200)]
android: Remove Suite B ESP proposals and reorder some algorithms

4 years agoandroid: Make RSA/PSS flag configurable in the GUI
Tobias Brunner [Thu, 21 Jun 2018 10:51:51 +0000 (12:51 +0200)]
android: Make RSA/PSS flag configurable in the GUI

4 years agoandroid: Import RSA/PSS flag
Tobias Brunner [Thu, 21 Jun 2018 10:25:28 +0000 (12:25 +0200)]
android: Import RSA/PSS flag

4 years agoandroid: Add flag to enable RSA/PSS
Tobias Brunner [Thu, 21 Jun 2018 10:09:47 +0000 (12:09 +0200)]
android: Add flag to enable RSA/PSS

4 years agoandroid: Make fetching OCSP/CRL interruptible
Tobias Brunner [Thu, 21 Jun 2018 09:17:22 +0000 (11:17 +0200)]
android: Make fetching OCSP/CRL interruptible

This allows cancelling connecting if e.g. the OCSP server is not
reachable. Previously this caused some delay in disconnecting state but
even worse it cause an ANR if the user tried reconnecting during that
time as the main thread would get struck in setNextProfile() (we could
probably find a better solution there too in the future).

4 years agoandroid: Make CRL/OCSP/strict flags configurable in the GUI
Tobias Brunner [Wed, 20 Jun 2018 15:37:44 +0000 (17:37 +0200)]
android: Make CRL/OCSP/strict flags configurable in the GUI

4 years agoandroid: Import CRL/OCSP/strict flags
Tobias Brunner [Wed, 20 Jun 2018 15:25:18 +0000 (17:25 +0200)]
android: Import CRL/OCSP/strict flags

4 years agoandroid: Fix import of certificate request flag
Tobias Brunner [Wed, 20 Jun 2018 15:23:08 +0000 (17:23 +0200)]
android: Fix import of certificate request flag

4 years agoandroid: Add flags to control CRL/OCSP fetching and strict revocation
Tobias Brunner [Wed, 20 Jun 2018 15:18:03 +0000 (17:18 +0200)]
android: Add flags to control CRL/OCSP fetching and strict revocation

4 years agorevocation: Support en-/disabling CRL/OCSP at runtime
Tobias Brunner [Thu, 21 Jun 2018 06:59:40 +0000 (08:59 +0200)]
revocation: Support en-/disabling CRL/OCSP at runtime

4 years agoandroid: Use activity when reconnecting without (or a possibly wrong) password
Tobias Brunner [Wed, 20 Jun 2018 10:25:09 +0000 (12:25 +0200)]
android: Use activity when reconnecting without (or a possibly wrong) password

4 years agoandroid: Use startForegroundService() to start VpnService
Tobias Brunner [Tue, 19 Jun 2018 15:31:51 +0000 (17:31 +0200)]
android: Use startForegroundService() to start VpnService

This gives us some time to call startForeground() so we don't get

4 years agoandroid: Install a blocking TUN device until the VPN is established
Tobias Brunner [Tue, 19 Jun 2018 15:14:17 +0000 (17:14 +0200)]
android: Install a blocking TUN device until the VPN is established

It's reinstalled when reconnecting (or during error recovery) and
eventually uninstalled after disconnecting.

Only on Android 5+, otherwise we'd block our fetcher (and Android 4.4 is
stupid in regards to overlapping TUN devices anyway).

Note that Android 8's blocking feature blocks everything that passes by
the VPN, so this only works when tunneling everything (i.e. neither subnets,
nor apps can be excluded from the VPN if that feature is enabled).

4 years agoandroid: Exclude our own app from the VPN
Tobias Brunner [Tue, 19 Jun 2018 15:01:21 +0000 (17:01 +0200)]
android: Exclude our own app from the VPN

Otherwise, a blocking VPN interface would prevent our fetcher from working
as we currently rely on an interface that doesn't allow access to the
underlying socket/FD, which would be required to call VpnService.protect().

4 years agoandroid: Log retries to the same log file
Tobias Brunner [Tue, 19 Jun 2018 09:15:16 +0000 (11:15 +0200)]
android: Log retries to the same log file

It's cleared when a new connection is started or there is a manual

4 years agoandroid: Use capped exponential backoff for automatic retries
Tobias Brunner [Mon, 18 Jun 2018 17:04:03 +0000 (19:04 +0200)]
android: Use capped exponential backoff for automatic retries

4 years agoandroid: Show countdown and retry button in notification
Tobias Brunner [Mon, 18 Jun 2018 14:57:03 +0000 (16:57 +0200)]
android: Show countdown and retry button in notification

4 years agoandroid: Avoid IllegalStateException in state fragments
Tobias Brunner [Mon, 18 Jun 2018 14:45:37 +0000 (16:45 +0200)]
android: Avoid IllegalStateException in state fragments

This happened if the state service got connected while such a fragment was
not visible (anymore or at all).

4 years agoandroid: Don't hide the notification if we are connecting to a profile
Tobias Brunner [Mon, 18 Jun 2018 14:30:26 +0000 (16:30 +0200)]
android: Don't hide the notification if we are connecting to a profile

In particular, if we are reconnecting after an error.

4 years agoandroid: Add an automatic reconnect on errors
Tobias Brunner [Fri, 15 Jun 2018 12:40:01 +0000 (14:40 +0200)]
android: Add an automatic reconnect on errors

This way the connection will be attempted to be kept up even on "fatal"
errors like authentication failures.

4 years agoike-sa-manager: Fix races when changing initiator SPI of an IKE_SA
Tobias Brunner [Fri, 15 Jun 2018 10:34:15 +0000 (12:34 +0200)]
ike-sa-manager: Fix races when changing initiator SPI of an IKE_SA

Removing and readding the entry to a potentially different row/segment,
while driving out waiting and new threads, could prevent threads from
acquiring the SA even if they were waiting to check it out by unique
ID (which doesn't change), or if they were just trying to enumerate it.
With this change the row and segment doesn't change anymore and waiting
threads may acquire the SA. However, those looking for an IKE_SA by SPIs
might get one back that has a different SPI (but that's probably not
something that happens very often this early).

This was noticed because we check out SAs by unique ID in the Android
app to terminate them after failed retransmits if we are not reestablishing
the SA (otherwise we continue), and this sometimes failed.

Fixes: eaedcf8c0054 ("ike-sa-manager: Add method to change the initiator SPI of an IKE_SA")

4 years agoandroid: Show a retry button in the error banner
Tobias Brunner [Fri, 15 Jun 2018 09:00:08 +0000 (11:00 +0200)]
android: Show a retry button in the error banner

The button to view the log is now below the status info.  And since the
IMC results are just below that we don't need a special handling for
that anymore.

4 years agoandroid: Add function to quickly reconnect the current profile
Tobias Brunner [Fri, 15 Jun 2018 08:58:59 +0000 (10:58 +0200)]
android: Add function to quickly reconnect the current profile

4 years agoandroid: Use Java 8 features
Tobias Brunner [Thu, 14 Jun 2018 16:13:44 +0000 (18:13 +0200)]
android: Use Java 8 features

4 years agoandroid: Show an error if client certificate is unavailable
Tobias Brunner [Thu, 14 Jun 2018 13:20:57 +0000 (15:20 +0200)]
android: Show an error if client certificate is unavailable

This can happen on systems (e.g. Android 7.x) where Always-on VPNs are
triggered right after booting before the KeyChain is unlocked by the user.
Retrieving the certificate chain or private key then fails with
"KeyChainException: IllegalStateException: keystore is LOCKED" until the
user unlocks the screen once.

The built-in client actually also fails in this situation (e.g. with XAuth
RSA), it tries three times then stops and shows an error notification.