strongswan.git
5 years agochild-sa: Remove policies before states to avoid acquire events for untrapped policies
Tobias Brunner [Tue, 17 Mar 2015 08:58:00 +0000 (09:58 +0100)]
child-sa: Remove policies before states to avoid acquire events for untrapped policies

5 years agoMerge branch 'vici-python'
Martin Willi [Wed, 18 Mar 2015 14:03:28 +0000 (15:03 +0100)]
Merge branch 'vici-python'

Introduce a Python Egg for the vici plugin, contributed by Björn Schuberg.

5 years agoNEWS: Introduce vici Python Egg
Martin Willi [Fri, 6 Mar 2015 12:33:13 +0000 (13:33 +0100)]
NEWS: Introduce vici Python Egg

5 years agotravis: Install pip to install pytest in "all" tests
Martin Willi [Wed, 18 Mar 2015 13:28:17 +0000 (14:28 +0100)]
travis: Install pip to install pytest in "all" tests

This allows ./configure to detect py.test, and execute python unit tests we
provide in the vici python egg.

5 years agovici: Add support for python 3
Björn Schuberg [Mon, 9 Mar 2015 11:28:02 +0000 (12:28 +0100)]
vici: Add support for python 3

5 years agovici: Execute python tests during "check" if py.test is available
Martin Willi [Wed, 11 Mar 2015 09:18:56 +0000 (10:18 +0100)]
vici: Execute python tests during "check" if py.test is available

5 years agoconfigure: Check optional py.test availability when building with python eggs
Martin Willi [Wed, 11 Mar 2015 09:01:40 +0000 (10:01 +0100)]
configure: Check optional py.test availability when building with python eggs

5 years agovici: Add test of Packet layer in python library
Björn Schuberg [Mon, 9 Mar 2015 10:20:02 +0000 (11:20 +0100)]
vici: Add test of Packet layer in python library

5 years agovici: Add test of Message (de)serialization in python library
Björn Schuberg [Mon, 9 Mar 2015 10:12:30 +0000 (11:12 +0100)]
vici: Add test of Message (de)serialization in python library

5 years agovici: Evaluate Python streamed command results, and raise CommandException
Martin Willi [Mon, 9 Mar 2015 11:16:10 +0000 (12:16 +0100)]
vici: Evaluate Python streamed command results, and raise CommandException

5 years agovici: Catch Python GeneratorExit to properly cancel streamed event iteration
Martin Willi [Mon, 9 Mar 2015 11:06:38 +0000 (12:06 +0100)]
vici: Catch Python GeneratorExit to properly cancel streamed event iteration

5 years agovici: Fall back to heap buffer when vararg printing on stack fails
Martin Willi [Fri, 6 Mar 2015 09:54:34 +0000 (10:54 +0100)]
vici: Fall back to heap buffer when vararg printing on stack fails

This avoids failures when building log event messages including larger hexdumps.

5 years agovici: Return a Python generator instead of a list for streamed responses
Martin Willi [Mon, 2 Mar 2015 14:25:55 +0000 (15:25 +0100)]
vici: Return a Python generator instead of a list for streamed responses

In addition that it may reduce memory usage and improve performance for large
responses, it returns immediate results. This is important for longer lasting
commands, such as initiate/terminate, where immediate log feedback is preferable
when interactively calling such commands.

5 years agovici: Raise a Python CommandException instead of returning a CommandResult
Martin Willi [Mon, 2 Mar 2015 14:19:32 +0000 (15:19 +0100)]
vici: Raise a Python CommandException instead of returning a CommandResult

5 years agovici: Add initial Python egg documentation to README
Martin Willi [Fri, 27 Feb 2015 14:37:40 +0000 (15:37 +0100)]
vici: Add initial Python egg documentation to README

5 years agovici: Use OrderedDict to handle vici responses in Python library
Martin Willi [Fri, 27 Feb 2015 13:30:34 +0000 (14:30 +0100)]
vici: Use OrderedDict to handle vici responses in Python library

The default Python dictionaries are unordered, but order is important for some
vici trees (for example the order of authentication rounds).

5 years agovici: Return authentication rounds with unique names
Martin Willi [Fri, 27 Feb 2015 13:28:47 +0000 (14:28 +0100)]
vici: Return authentication rounds with unique names

To simplify handling of authentication rounds in dictionaries/hashtables on the
client side, we assign unique names to each authentication round when listing
connection.

5 years agovici: Rebuild ruby gem on source file changes
Martin Willi [Fri, 27 Feb 2015 13:05:12 +0000 (14:05 +0100)]
vici: Rebuild ruby gem on source file changes

5 years agovici: Use default Unix vici socket if none passed to ruby constructor
Martin Willi [Fri, 27 Feb 2015 13:03:35 +0000 (14:03 +0100)]
vici: Use default Unix vici socket if none passed to ruby constructor

While we currently have a static path instead of one generated with Autotools,
this at least is congruent to what we have in the Python library.

5 years agovici: Support non-Unix sockets for vici connections using Python
Martin Willi [Fri, 27 Feb 2015 12:59:23 +0000 (13:59 +0100)]
vici: Support non-Unix sockets for vici connections using Python

5 years agovici: Add python egg setuptools building and installation using easy_install
Martin Willi [Wed, 25 Feb 2015 15:20:10 +0000 (16:20 +0100)]
vici: Add python egg setuptools building and installation using easy_install

An uninstall target is currently not supported, as there is no trivial way with
either plain setuptools or with easy_install. pip would probably be the best
choice, but we currently don't depend on it.

5 years agovici: Generate a version specific setup.py for setuptools installation
Martin Willi [Wed, 25 Feb 2015 15:18:29 +0000 (16:18 +0100)]
vici: Generate a version specific setup.py for setuptools installation

5 years agovici: Include python package in distribution
Martin Willi [Wed, 25 Feb 2015 15:04:57 +0000 (16:04 +0100)]
vici: Include python package in distribution

5 years agoconfigure: Add --enable-python-eggs and --with-pythoneggdir options
Martin Willi [Wed, 25 Feb 2015 13:34:27 +0000 (14:34 +0100)]
configure: Add --enable-python-eggs and --with-pythoneggdir options

Detect easy_install for Python egg installation to install any egg we provide
in strongSwan.

5 years agovici: Add python package MIT license
Björn Schuberg [Sun, 15 Feb 2015 23:17:00 +0000 (00:17 +0100)]
vici: Add python package MIT license

5 years agovici: Expose Session as a top-level symbol in python package
Björn Schuberg [Sun, 15 Feb 2015 18:18:52 +0000 (19:18 +0100)]
vici: Expose Session as a top-level symbol in python package

5 years agovici: Introduce main API Session class in python package
Björn Schuberg [Sun, 15 Feb 2015 15:13:44 +0000 (16:13 +0100)]
vici: Introduce main API Session class in python package

5 years agovici: Add a python vici command execution handler
Björn Schuberg [Sat, 14 Feb 2015 14:53:25 +0000 (15:53 +0100)]
vici: Add a python vici command execution handler

5 years agovici: Add vici python protocol handler
Björn Schuberg [Sat, 14 Feb 2015 11:54:31 +0000 (12:54 +0100)]
vici: Add vici python protocol handler

5 years agoMerge branch 'swanctl-pkcs12'
Martin Willi [Wed, 18 Mar 2015 12:36:50 +0000 (13:36 +0100)]
Merge branch 'swanctl-pkcs12'

Add support for loading PKCS#12 containers from a swanctl/pkcs12 directory.

Fixes #815.

5 years agoswanctl: Cache entered PKCS#12 decryption secret
Martin Willi [Wed, 11 Mar 2015 15:52:54 +0000 (16:52 +0100)]
swanctl: Cache entered PKCS#12 decryption secret

It is usually used more than once, but most likely the same for decryption and
MAC verification.

5 years agoswanctl: Support loading PKCS#12 containers from a pkcs12 swanctl directory
Martin Willi [Wed, 11 Mar 2015 15:23:56 +0000 (16:23 +0100)]
swanctl: Support loading PKCS#12 containers from a pkcs12 swanctl directory

5 years agoswanctl: Generalize private key decryption to support other credential types
Martin Willi [Wed, 11 Mar 2015 15:23:11 +0000 (16:23 +0100)]
swanctl: Generalize private key decryption to support other credential types

5 years agoencoding: Verify the length of KE payload data for known groups
Martin Willi [Tue, 3 Feb 2015 15:40:14 +0000 (16:40 +0100)]
encoding: Verify the length of KE payload data for known groups

IKE is very strict in the length of KE payloads, and it should be safe to
strictly verify their length. Not doing so is no direct threat, but allows DDoS
amplification by sending short KE payloads for large groups using the target
as the source address.

5 years agoikev2: Migrate MOBIKE additional peer addresses to new SA after IKE_SA rekeying
Martin Willi [Wed, 18 Mar 2015 12:32:27 +0000 (13:32 +0100)]
ikev2: Migrate MOBIKE additional peer addresses to new SA after IKE_SA rekeying

5 years agoikev2: Immediately initiate queued tasks after establishing rekeyed IKE_SA
Martin Willi [Wed, 11 Mar 2015 10:30:51 +0000 (11:30 +0100)]
ikev2: Immediately initiate queued tasks after establishing rekeyed IKE_SA

If additional tasks get queued before/while rekeying an IKE_SA, these get
migrated to the new IKE_SA. We previously did not trigger initiation of these
tasks, though, leaving the task unexecuted until a new task gets queued.

5 years agoVersion bump to 5.3.0dr2
Andreas Steffen [Mon, 16 Mar 2015 16:15:58 +0000 (17:15 +0100)]
Version bump to 5.3.0dr2

5 years agoReplace kid by aik_id in ITA TBOOT functional component
Andreas Steffen [Mon, 16 Mar 2015 16:15:28 +0000 (17:15 +0100)]
Replace kid by aik_id in ITA TBOOT functional component

5 years agoFixed two BLISS key type identifier strings
Andreas Steffen [Sun, 15 Mar 2015 18:29:25 +0000 (19:29 +0100)]
Fixed two BLISS key type identifier strings

5 years agocharon-systemd: Add missing semicolon
Martin Willi [Mon, 16 Mar 2015 08:31:17 +0000 (09:31 +0100)]
charon-systemd: Add missing semicolon

References #887, fixes f3c83322.

5 years agoosx: Include eap-gtc plugin in build instructions
Martin Willi [Mon, 16 Mar 2015 08:27:18 +0000 (09:27 +0100)]
osx: Include eap-gtc plugin in build instructions

5 years agoAdded availability of TNC AR IP address to IMVs to NEWS 5.3.0dr1
Andreas Steffen [Sun, 15 Mar 2015 11:30:32 +0000 (12:30 +0100)]
Added availability of TNC AR IP address to IMVs to NEWS

5 years agoCreate TPM TBOOT Measurement group
Andreas Steffen [Sun, 15 Mar 2015 11:24:05 +0000 (12:24 +0100)]
Create TPM TBOOT Measurement group

5 years agovici: Use %u to print stats returned by mallinfo(3)
Tobias Brunner [Fri, 13 Mar 2015 14:20:39 +0000 (15:20 +0100)]
vici: Use %u to print stats returned by mallinfo(3)

Fixes #886.

5 years agostroke: Use %u to print stats returned by mallinfo(3)
Tobias Brunner [Fri, 13 Mar 2015 14:20:08 +0000 (15:20 +0100)]
stroke: Use %u to print stats returned by mallinfo(3)

References #886.

5 years agocharon-systemd: Add support to configure user and group via strongswan.conf
Tobias Brunner [Fri, 13 Mar 2015 13:33:13 +0000 (14:33 +0100)]
charon-systemd: Add support to configure user and group via strongswan.conf

Fixes #887.

5 years agoeap-radius: Increase Acct-Session-ID string buffer
Martin Willi [Fri, 13 Mar 2015 08:39:42 +0000 (09:39 +0100)]
eap-radius: Increase Acct-Session-ID string buffer

As the startup timestamp needs 10 characters, we only have left 4 characters
for the IKE_SA unique identifier. This is insufficient when having 10000 IKE_SAs
or more established, resulting in non-unique session identifiers.

Fixes #889.

5 years agotesting: Remove obsolete leftnexthop option from configs
Tobias Brunner [Thu, 12 Mar 2015 14:51:25 +0000 (15:51 +0100)]
testing: Remove obsolete leftnexthop option from configs

5 years agoikev2: Don't set old IKE_SA to REKEYING state during make-before-break reauth
Martin Willi [Wed, 11 Mar 2015 13:41:37 +0000 (14:41 +0100)]
ikev2: Don't set old IKE_SA to REKEYING state during make-before-break reauth

We are actually not in rekeying state, but just trigger a separate, new IKE_SA
as a replacement for the current IKE_SA. Switching to the REKEYING state
disables the invocation of both IKE and CHILD_SA updown hooks as initiator,
preventing the removal of any firewall rules.

Fixes #885.

5 years agoha: Destroy synced IKE_SA if no configuration is found during update
Martin Willi [Tue, 10 Mar 2015 14:08:58 +0000 (15:08 +0100)]
ha: Destroy synced IKE_SA if no configuration is found during update

5 years agoikev1: Don't handle DPD timeout job if IKE_SA got passive
Martin Willi [Tue, 10 Mar 2015 12:59:49 +0000 (13:59 +0100)]
ikev1: Don't handle DPD timeout job if IKE_SA got passive

While a passively installed IKE_SA does not queue a DPD timeout job, one that
switches from active to passive might execute it. Ignore such a queued job if
the IKE_SA is in passive state.

5 years agotesting: Don't check for exact IKEv1 fragment size
Martin Willi [Tue, 10 Mar 2015 09:21:16 +0000 (10:21 +0100)]
testing: Don't check for exact IKEv1 fragment size

Similar to 7a9c0d51, the exact packet size depends on many factors we don't
want to consider in this test case.

5 years agotesting: Fix active/passive role description in ha/both-active test case
Martin Willi [Tue, 10 Mar 2015 09:02:21 +0000 (10:02 +0100)]
testing: Fix active/passive role description in ha/both-active test case

5 years agolibipsec: Pass separate inbound/update flags to the IPsec SA manager
Martin Willi [Mon, 9 Mar 2015 17:08:52 +0000 (18:08 +0100)]
libipsec: Pass separate inbound/update flags to the IPsec SA manager

Similar to other kernel interfaces, the libipsec backends uses the flag for
different purposes, and therefore should get separate flags.

5 years agokernel-interface: Add a separate "update" flag to add_sa()
Martin Willi [Mon, 9 Mar 2015 17:04:54 +0000 (18:04 +0100)]
kernel-interface: Add a separate "update" flag to add_sa()

The current "inbound" flag is used for two purposes: To define the actual
direction of the SA, but also to determine the operation used for SA
installation. If an SPI has been allocated, an update operation is required
instead of an add.

While the inbound flag normally defines the kind of operation required, this
is not necessarily true in all cases. On the HA passive node, we install inbound
SAs without prior SPI allocation.

5 years agotkm: Use the inbound flag do determine peer role in CHILD_SA exchange
Martin Willi [Mon, 9 Mar 2015 16:44:55 +0000 (17:44 +0100)]
tkm: Use the inbound flag do determine peer role in CHILD_SA exchange

This was not available during initial implementation, but fits just fine to
avoid reconstructing the peer role.

5 years agoRevert "child-sa: Remove the obsolete update logic"
Martin Willi [Mon, 9 Mar 2015 16:52:33 +0000 (17:52 +0100)]
Revert "child-sa: Remove the obsolete update logic"

While the the meaning of the "inbound" flag on the kernel_interface->add_sa()
call is not very clear, we still need that update logic to allow installation of
inbound SAs without SPI allocation. This is used in the HA plugin as a passive
node.

This reverts commit 698ed656.

5 years agoRevert "ha: Always install the CHILD_SAs with the inbound flag set to FALSE"
Martin Willi [Mon, 9 Mar 2015 16:47:53 +0000 (17:47 +0100)]
Revert "ha: Always install the CHILD_SAs with the inbound flag set to FALSE"

While this change results in the correct add/update flag during installation,
it exchanges all other values in the child_sa->install() call. We should pass
the correct flag, but determine the add/update flag by other means.

This reverts commit e722ee5d.

5 years agotkm: Disable RFC 7427 signature authentication
Tobias Brunner [Fri, 6 Mar 2015 15:10:41 +0000 (16:10 +0100)]
tkm: Disable RFC 7427 signature authentication

TKM can't verify such signatures so we'd fail in the authorize hook.
Skipping the algorithm identifier doesn't help if the peer uses
anything other than SHA-1, so config changes would be required.

5 years agoikev2: Move code in pubkey authenticator's build() method into separate functions
Tobias Brunner [Mon, 9 Mar 2015 13:50:34 +0000 (14:50 +0100)]
ikev2: Move code in pubkey authenticator's build() method into separate functions

5 years agoikev2: Try all eligible signature schemes
Tobias Brunner [Fri, 6 Mar 2015 14:27:33 +0000 (15:27 +0100)]
ikev2: Try all eligible signature schemes

Previously, we failed without recovery if a private key did not support
a selected signature scheme (based on key strength and the other peer's
supported hash algorithms).

5 years agofiles: Add simple plugin to load files from file:// URIs
Tobias Brunner [Wed, 11 Feb 2015 11:11:04 +0000 (12:11 +0100)]
files: Add simple plugin to load files from file:// URIs

5 years agodaemon: Remove scheduled jobs before unloading plugins
Tobias Brunner [Thu, 5 Mar 2015 09:08:33 +0000 (10:08 +0100)]
daemon: Remove scheduled jobs before unloading plugins

Especially callback jobs might refer to memory that gets invalid after
the plugins got unlaoded, so make sure we destroy these jobs before.

References #840.

5 years agoscheduler: Add method to remove all scheduled jobs
Tobias Brunner [Thu, 5 Mar 2015 09:07:33 +0000 (10:07 +0100)]
scheduler: Add method to remove all scheduled jobs

References #840.

5 years agoplugin-loader: Increase log level for warning about plugin features that failed to...
Tobias Brunner [Wed, 4 Mar 2015 09:48:33 +0000 (10:48 +0100)]
plugin-loader: Increase log level for warning about plugin features that failed to load

Since we can't get rid of all unmet dependencies (at least not in every
possible plugin configuration) the message is more confusing than
helpful.  In particular because a detailed warning about plugin features
that failed to load due to unmet dependencies is only logged on level 2.

5 years agotls-peer: Make sure to use the right trusted public key for peer
Tobias Brunner [Fri, 20 Feb 2015 10:29:02 +0000 (11:29 +0100)]
tls-peer: Make sure to use the right trusted public key for peer

In case a CA certificate uses the same subject DN as the server the
previous code could end up trying to verify the server's signature with
the CA certificate's public key.  By comparing the certificate with the
one sent by the peer we make sure to use the right one.

Fixes #849.

5 years agopkcs11: Convert RFC 3279 ECDSA signatures when verifying
Tobias Brunner [Thu, 5 Mar 2015 14:14:40 +0000 (15:14 +0100)]
pkcs11: Convert RFC 3279 ECDSA signatures when verifying

References #873.

5 years agopkcs11: Properly encode RFC 3279 ECDSA signatures
Tobias Brunner [Thu, 5 Mar 2015 13:36:39 +0000 (14:36 +0100)]
pkcs11: Properly encode RFC 3279 ECDSA signatures

Fixes #873.

5 years agopkcs11: Properly encode EC_POINTs created on a token
Tobias Brunner [Thu, 5 Mar 2015 15:17:36 +0000 (16:17 +0100)]
pkcs11: Properly encode EC_POINTs created on a token

Some tokens might not fail when creating EC public keys in the incorrect
format, but they will later not be able to use them to verify signatures.

References #872.

5 years agopkcs11: Properly handle EC_POINTs returned as ASN.1 octet string
Tobias Brunner [Thu, 5 Mar 2015 13:33:59 +0000 (14:33 +0100)]
pkcs11: Properly handle EC_POINTs returned as ASN.1 octet string

This is the correct encoding but we internally only use unwrapped keys
and some tokens return them unwrapped.

Fixes #872.

5 years agoUpdated products in imv database
Andreas Steffen [Sun, 22 Feb 2015 21:27:35 +0000 (22:27 +0100)]
Updated products in imv database

5 years agoattest: output trusted flag and device description
Andreas Steffen [Sun, 22 Feb 2015 18:07:30 +0000 (19:07 +0100)]
attest: output trusted flag and device description

5 years agoMake access requestor IP address available to TNC server
Andreas Steffen [Thu, 19 Feb 2015 10:44:11 +0000 (11:44 +0100)]
Make access requestor IP address available to TNC server

5 years agotesting: Update modified updown scripts to the latest template
Tobias Brunner [Tue, 17 Feb 2015 14:01:09 +0000 (15:01 +0100)]
testing: Update modified updown scripts to the latest template

This avoids confusion and makes identifying the changes needed for each
scenario easier.

5 years agoRemove obsolete _updown_espmark script
Tobias Brunner [Tue, 17 Feb 2015 13:51:53 +0000 (14:51 +0100)]
Remove obsolete _updown_espmark script

According to NEWS it was created to support kernels < 2.6.16.

5 years ago_updown: Remove obsolete stuff from default script
Tobias Brunner [Tue, 17 Feb 2015 13:46:00 +0000 (14:46 +0100)]
_updown: Remove obsolete stuff from default script

5 years agoikev1: Set protocol ID and SPIs in INITIAL-CONTACT notification payloads
Tobias Brunner [Tue, 10 Feb 2015 18:03:44 +0000 (19:03 +0100)]
ikev1: Set protocol ID and SPIs in INITIAL-CONTACT notification payloads

The payload we sent before is not compliant with RFC 2407 and thus some
peers might abort negotiation (e.g. with an INVALID-PROTOCOL-ID error).

Fixes #819.

5 years agox509: Use subjectKeyIdentifier provided by issuer cert when checking CRL issuer
Tobias Brunner [Thu, 18 Dec 2014 08:13:38 +0000 (09:13 +0100)]
x509: Use subjectKeyIdentifier provided by issuer cert when checking CRL issuer

Some CAs don't use SHA-1 hashes of the public key as subjectKeyIdentifier and
authorityKeyIdentifier.  If that's the case we can't force the
calculation of the hash to compare that to authorityKeyIdentifier in the CRL,
instead we use the subjectKeyIdentifier stored in the issuer certificate, if
available.  Otherwise, we fall back to the SHA-1 hash (or comparing the
DNs) as before.

5 years agokernel-pfkey: Add option to set receive buffer size of event socket
Tobias Brunner [Mon, 15 Dec 2014 15:43:03 +0000 (16:43 +0100)]
kernel-pfkey: Add option to set receive buffer size of event socket

If many requests are sent to the kernel the events generated by these
requests may fill the receive buffer before the daemon is able to read
these messages.

Fixes #783.

5 years agouse SHA512 for moon's BLISS signature
Andreas Steffen [Wed, 4 Mar 2015 13:08:37 +0000 (14:08 +0100)]
use SHA512 for moon's BLISS signature

5 years agoMerge branch 'ikev2-signature-authentication'
Tobias Brunner [Wed, 4 Mar 2015 12:56:50 +0000 (13:56 +0100)]
Merge branch 'ikev2-signature-authentication'

This adds support for RFC 7427 signature authentication in IKEv2,
enabling the use of stronger signature schemes (e.g. RSA with SHA-2)
for IKE authentication.

Public key constraints defined in `rightauth` are now also checked
against IKEv2 signature schemes (may be disabled via strongswan.conf).

Fixes #863.

5 years agoNEWS: Introduce RFC 7427 signature authentication
Tobias Brunner [Fri, 27 Feb 2015 18:19:13 +0000 (19:19 +0100)]
NEWS: Introduce RFC 7427 signature authentication

5 years agoman: Add documentation about IKEv2 signature schemes
Tobias Brunner [Fri, 27 Feb 2015 18:11:53 +0000 (19:11 +0100)]
man: Add documentation about IKEv2 signature schemes

5 years agotesting: Test classic public key authentication in ikev2/net2net-cert scenario
Tobias Brunner [Tue, 3 Mar 2015 18:38:51 +0000 (19:38 +0100)]
testing: Test classic public key authentication in ikev2/net2net-cert scenario

5 years agotesting: Disable signature authentication on dave in openssl-ikev2/ecdsa-certs scenario
Tobias Brunner [Tue, 3 Mar 2015 18:37:53 +0000 (19:37 +0100)]
testing: Disable signature authentication on dave in openssl-ikev2/ecdsa-certs scenario

5 years agoikev2: Try all RSA signature schemes if none is configured
Tobias Brunner [Tue, 3 Mar 2015 18:32:35 +0000 (19:32 +0100)]
ikev2: Try all RSA signature schemes if none is configured

5 years agoikev2: Consider signature schemes in rightauth when sending hash algorithms
Tobias Brunner [Tue, 3 Mar 2015 17:15:35 +0000 (18:15 +0100)]
ikev2: Consider signature schemes in rightauth when sending hash algorithms

5 years agotkm: Implement hash algorithm storage methods of keymat_v2_t interface
Tobias Brunner [Tue, 3 Mar 2015 17:09:33 +0000 (18:09 +0100)]
tkm: Implement hash algorithm storage methods of keymat_v2_t interface

5 years agokeymat: Use hash algorithm set
Tobias Brunner [Tue, 3 Mar 2015 17:07:09 +0000 (18:07 +0100)]
keymat: Use hash algorithm set

5 years agohash-algorithm-set: Add class to manage a set of hash algorithms
Tobias Brunner [Tue, 3 Mar 2015 17:03:28 +0000 (18:03 +0100)]
hash-algorithm-set: Add class to manage a set of hash algorithms

5 years agoikev2: Add an option to disable constraints against signature schemes
Tobias Brunner [Fri, 27 Feb 2015 17:45:56 +0000 (18:45 +0100)]
ikev2: Add an option to disable constraints against signature schemes

If this is disabled the schemes configured in `rightauth` are only
checked against signature schemes used in the certificate chain and
signature schemes used during IKEv2 are ignored.

Disabling this could be helpful if existing connections with peers that
don't support RFC 7427 use signature schemes in `rightauth` to verify
certificate chains.

5 years agostroke: Enable BLISS-based public key constraints
Tobias Brunner [Mon, 2 Mar 2015 14:40:30 +0000 (15:40 +0100)]
stroke: Enable BLISS-based public key constraints

5 years agocredential-manager: Store BLISS key strength in auth config
Tobias Brunner [Mon, 2 Mar 2015 14:51:16 +0000 (15:51 +0100)]
credential-manager: Store BLISS key strength in auth config

5 years agoauth-cfg: Add BLISS key strength constraint
Tobias Brunner [Mon, 2 Mar 2015 14:49:53 +0000 (15:49 +0100)]
auth-cfg: Add BLISS key strength constraint

5 years agotesting: Don't check for exact IKEv2 fragment size
Tobias Brunner [Fri, 27 Feb 2015 16:58:47 +0000 (17:58 +0100)]
testing: Don't check for exact IKEv2 fragment size

Because SHA-256 is now used for signatures the size of the two IKE_AUTH
messages changed.

5 years agotesting: Update test conditions because signature schemes are now logged
Tobias Brunner [Thu, 26 Feb 2015 17:34:38 +0000 (18:34 +0100)]
testing: Update test conditions because signature schemes are now logged

RFC 7427 signature authentication is now used between strongSwan hosts
by default, which causes the actual signature schemes to get logged.

5 years agotesting: Add ikev2/rw-sig-auth scenario
Tobias Brunner [Thu, 26 Feb 2015 17:24:47 +0000 (18:24 +0100)]
testing: Add ikev2/rw-sig-auth scenario

5 years agotesting: Add ikev2/net2net-cert-sha2 scenario
Tobias Brunner [Thu, 26 Feb 2015 08:18:10 +0000 (09:18 +0100)]
testing: Add ikev2/net2net-cert-sha2 scenario

5 years agoikev2: Fall back to SHA-1 signatures for RSA
Tobias Brunner [Thu, 26 Feb 2015 16:36:41 +0000 (17:36 +0100)]
ikev2: Fall back to SHA-1 signatures for RSA

This is really just a fallback to "classic" IKEv2 authentication if the other
peer supports no stronger hash algorithms.

5 years agoikev2: Select a signature scheme appropriate for the given key
Tobias Brunner [Thu, 26 Feb 2015 16:32:50 +0000 (17:32 +0100)]
ikev2: Select a signature scheme appropriate for the given key

By enumerating hashes we'd use SHA-1 by default.  This way stronger
signature schemes are preferred.