Andreas Steffen [Wed, 5 Aug 2015 08:01:21 +0000 (10:01 +0200)]
testing: Update AAA certificate on Freeradius as well
Andreas Steffen [Tue, 4 Aug 2015 19:50:01 +0000 (21:50 +0200)]
testing: Updated expired AAA server certificate
Tobias Brunner [Tue, 4 Aug 2015 17:08:30 +0000 (19:08 +0200)]
configure: Explicitly disable unused parameter warnings in qsort_r test
When compiling with -Wextra (and without disabling these warnings
globally) the tests would otherwise fail due to the unused arguments in
the cmp() functions.
Fixes #1053.
Tobias Brunner [Mon, 27 Jul 2015 09:18:53 +0000 (11:18 +0200)]
printf-hook-builtin: Fix invalid memory access
When precision is given for a string, we must not run unbounded
strlen() as it will read beyond the given length. It might even cause
a crash if the given pointer is near end of heap or mapping.
Fixes numerous valgrind errors such as:
==19215== Invalid read of size 1
==19215== at 0x52D36C6: builtin_vsnprintf (printf_hook_builtin.c:853)
==19215== by 0x52D40A8: builtin_snprintf (printf_hook_builtin.c:1084)
==19215== by 0x52CE464: dntoa (identification.c:337)
==19215== by 0x52CE464: identification_printf_hook (identification.c:837)
==19215== by 0x52D3DAA: builtin_vsnprintf (printf_hook_builtin.c:1010)
==19215== by 0x57040EB: vlog (bus.c:388)
==19215== by 0x570427D: log_ (bus.c:430)
==19215== by 0xA8445D3: load_x509_ca (stroke_cred.c:416)
==19215== by 0xA8445D3: load_certdir (stroke_cred.c:537)
==19215== by 0xA846A95: load_certs (stroke_cred.c:1353)
==19215== by 0xA846A95: stroke_cred_create (stroke_cred.c:1475)
==19215== by 0xA84073E: stroke_socket_create (stroke_socket.c:782)
==19215== by 0xA83F27C: register_stroke (stroke_plugin.c:53)
==19215== by 0x52C3125: load_feature (plugin_loader.c:716)
==19215== by 0x52C3125: load_provided (plugin_loader.c:778)
==19215== by 0x52C3A20: load_features (plugin_loader.c:799)
==19215== by 0x52C3A20: load_plugins (plugin_loader.c:1159)
==19215== Address 0x50cdb42 is 0 bytes after a block of size 2 alloc'd
==19215== at 0x4C919FE: malloc (vg_replace_malloc.c:296)
==19215== by 0x52CD198: chunk_printable (chunk.c:759)
==19215== by 0x52CE442: dntoa (identification.c:334)
==19215== by 0x52CE442: identification_printf_hook (identification.c:837)
==19215== by 0x52D3DAA: builtin_vsnprintf (printf_hook_builtin.c:1010)
==19215== by 0x57040EB: vlog (bus.c:388)
==19215== by 0x570427D: log_ (bus.c:430)
==19215== by 0xA8445D3: load_x509_ca (stroke_cred.c:416)
==19215== by 0xA8445D3: load_certdir (stroke_cred.c:537)
==19215== by 0xA846A95: load_certs (stroke_cred.c:1353)
==19215== by 0xA846A95: stroke_cred_create (stroke_cred.c:1475)
==19215== by 0xA84073E: stroke_socket_create (stroke_socket.c:782)
==19215== by 0xA83F27C: register_stroke (stroke_plugin.c:53)
==19215== by 0x52C3125: load_feature (plugin_loader.c:716)
==19215== by 0x52C3125: load_provided (plugin_loader.c:778)
==19215== by 0x52C3A20: load_features (plugin_loader.c:799)
==19215== by 0x52C3A20: load_plugins (plugin_loader.c:1159)
Tobias Brunner [Thu, 16 Jul 2015 09:50:22 +0000 (11:50 +0200)]
kernel-netlink: Use PAGE_SIZE as default size for the netlink receive buffer
The kernel uses NLMSG_GOODSIZE as default buffer size, which defaults to
the PAGE_SIZE if it is lower than 8192 or to that value otherwise.
In some cases (e.g. for dump messages) the kernel might use up to 16k
for messages, which might require increasing this value.
Tobias Brunner [Thu, 16 Jul 2015 09:43:44 +0000 (11:43 +0200)]
kernel-netlink: Actually verify if the netlink message exceeds the buffer size
It might equal it and that's fine. With MSG_TRUNC we get the actual
message size and can only report an error if we haven't received the
complete message.
Tobias Brunner [Mon, 3 Aug 2015 11:30:11 +0000 (13:30 +0200)]
ha: Properly initialize algo variables when installing CHILD_SAs
If AEAD algorithms are used no integrity algorithm will be received from
the other HA node. But since AUTH_UNDEFINED is 1024 and not 0 this value
was incorrectly added to the proposal, resulting in a failure during key
derivation. The variables are now explicitly initialized to 0, as already
was the case for the IKE SAs.
Fixes #1051.
Thomas Egerer [Fri, 24 Apr 2015 11:43:18 +0000 (13:43 +0200)]
ha: Sync remote address in HA_IKE_ADD, too
When the IKE_SA is synced without the remote address, after a
reauthentication charon is not able to find it in its connected_peers
table since the destination host will be %any (it's missing in the
message, hence the default from the newly created ike_sa_t -- %any --
will be used).
By adding the value to the HA_IKE_ADD message, we should be able to
solve this problem.
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
Thomas Egerer [Fri, 24 Apr 2015 11:43:14 +0000 (13:43 +0200)]
jobs: Don't execute rekey CHILD_SA job on passive IKE_SAs
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
Thomas Egerer [Fri, 24 Apr 2015 11:43:11 +0000 (13:43 +0200)]
ike: Disable NAT keepalives in state PASSIVE
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
Tobias Brunner [Mon, 3 Aug 2015 11:34:05 +0000 (13:34 +0200)]
testing: Don't run do-tests when hosts are not running
running_any is satisfied if at least one host is running. We could
easily add a running_all() helper to check if all hosts are running if
it turns out that's not strong enough.
Tobias Brunner [Mon, 3 Aug 2015 10:54:09 +0000 (12:54 +0200)]
testing: Suppress errors when checking for running hosts
If libvirt is not running virsh can't connect to it and will complain that
the socket does not exist.
Andreas Steffen [Fri, 31 Jul 2015 15:47:14 +0000 (17:47 +0200)]
Version bump to 5.3.3dr3
Andreas Steffen [Fri, 31 Jul 2015 12:43:40 +0000 (14:43 +0200)]
testing: Adapted ha/both-active scenario to new jhash values
Tobias Brunner [Fri, 31 Jul 2015 10:22:55 +0000 (12:22 +0200)]
testing: Fix initial kernel build
The directory does not exist yet if the kernel was never built.
Fixes:
a4a13d0be29b ("testing: Extract and patch each kernel version only once")
Tobias Brunner [Wed, 29 Jul 2015 15:04:33 +0000 (17:04 +0200)]
ha: Use the same init values for jhash() as Linux 4.1
Tobias Brunner [Fri, 31 Jul 2015 09:20:24 +0000 (11:20 +0200)]
kernel-netlink: Unlock mutex in del_policy() if mark can't be added to message
Tobias Brunner [Tue, 28 Jul 2015 12:53:14 +0000 (14:53 +0200)]
sql: Fix memory leak in SQL logger
Andreas Steffen [Tue, 28 Jul 2015 12:28:13 +0000 (14:28 +0200)]
Version bump to 5.3.3dr2
Tobias Brunner [Tue, 28 Jul 2015 11:57:13 +0000 (13:57 +0200)]
android: New release fixing roaming on 5+ and adding new advanced options
Tobias Brunner [Tue, 28 Jul 2015 11:29:03 +0000 (13:29 +0200)]
Merge branch 'android-updates'
Fixes the roaming behavior on Android 5+, a linker issue on Android M,
a few bugs, and adds several new advanced options for VPN profile (MTU,
server port, split tunneling).
Also adds methods and a constructor to parse settings_t from a string
instead of a file.
Fixes #782, #847, #865.
Tobias Brunner [Mon, 27 Jul 2015 15:46:06 +0000 (17:46 +0200)]
android: Keep NDK API level at 19
The headers/libraries changed a lot with level 21 so that our app won't
run on devices with Android < 5 when built against it. We currently
don't need any new native APIs so that should be fine.
Tobias Brunner [Fri, 24 Jul 2015 12:14:07 +0000 (14:14 +0200)]
android: Apply split tunneling options when creating TUN device
Android blocks traffic for address families for which no IPs, DNS servers
or routes are installed via VpnService.Builder. Since Android 5+ (API
level 21) it is possible to explicitly allow such traffic to bypass the VPN.
So for proper split tunneling we note whether we saw a VIP and/or DNS
server of a specific family, and if not, allow traffic of that family
to bypass the VPN using the new API (on older systems there is no change
and such traffic will still be blocked). Otherwise, we do what we did so
far, that is, simply install the received routes (traffic selectors), all
other traffic will not be directed to the TUN device and use the underlying
network instead.
If traffic for a family should be blocked we install a default route via
TUN device even if we received more specific traffic selectors from the
server. libipsec will use the actual traffic selectors as IPsec policies
and drop any packets it received that don't match them. We only do this
if we saw any VIPs or DNS servers of a family. Otherwise the traffic for
that family is blocked anyway.
Tobias Brunner [Tue, 21 Jul 2015 09:57:56 +0000 (11:57 +0200)]
include: Remove linux/types.h header
This conflicts with the headers of the android-21 target. Hopefully
headers on current Linux distros are recent enough.
Tobias Brunner [Tue, 21 Jul 2015 09:37:33 +0000 (11:37 +0200)]
android: Build against the android-21 target
Tobias Brunner [Fri, 24 Jul 2015 09:47:53 +0000 (11:47 +0200)]
android: Extend GUI so the split tunneling options can be set
Tobias Brunner [Fri, 24 Jul 2015 09:33:07 +0000 (11:33 +0200)]
android: Add field for split tunneling config to data model
Tobias Brunner [Tue, 21 Jul 2015 09:14:53 +0000 (11:14 +0200)]
android: Retrigger a roam event if reportedly connected but no source address found
In dual-stack environments the IPv6 connectivity (via autoconfiguration)
might be established before the IPv4 connectivity (via DHCP). It seems
Android triggers the CONNECTIVITY_ACTION broadcast already when the first
family is fully configured. At that time we might not be able to find an
IPv4 source address. And since Android does not trigger the broadcast
again if IPv4 connectivity is established, the connection is broken
afterwards.
So we store the connectivity state and if we are reportedly connected but
still find no source address we trigger a roam event to recheck for an IPv4
address. This will cause regular rechecks if a device enters an IPv6-only
network, but I guess that's rare (otherwise we could limit the number of
rechecks done between connectivity changes).
Tobias Brunner [Tue, 21 Jul 2015 09:05:10 +0000 (11:05 +0200)]
android: Add method to check for connectivity to NetworkManager
Tobias Brunner [Mon, 22 Jun 2015 15:15:33 +0000 (17:15 +0200)]
android: Fix kernel-net implementation on Android 4.3 and earlier
Before fwmarks were used protected sockets were bound to the outbound
interface via SO_BINDTODEVICE. This does not always seem to work well
together with our connect()/getsockname() trick if the server is covered
by the traffic selectors. Calling protect() again after disconnecting
the socket seems to help, but if there is no connectivity at all we still
get the virtual IP back (maybe protect() does not bind the socket to any
interface then).
Tobias Brunner [Wed, 17 Jun 2015 15:21:21 +0000 (17:21 +0200)]
android: Add a custom kernel-net implementation to replace kernel-netlink
When roaming from a mobile network to WiFi on Android 5.x the event
received via ConnectivityManager is triggered before the mobile
connection is fully torn down (i.e. before the interface is disabled and
the routes disappear). So for strongSwan the current path still seems
valid and since no roam event is triggered later the daemon never switches
to WiFi and the connection is broken afterwards.
A possible solution to this is enabling roam events in the kernel-netlink
plugin. That would trigger an event when the device is finally disconnected
from the mobile network. However, this could actually take a some time,
during which traffic continues to be sent via mobile network instead of WiFi.
That's because Android now uses multiple routing tables, routing rules and
fwmarks to direct traffic to the appropriate interface/table, but in our
plugin we don't have the information available that would allow us to make
the switch to a different network/routing table earlier (and we actually
prefer the current path if it is still valid). Additionally, the plugin
produces quite a bit more events than ConnectivityManager (which was one
of the reasons to use the latter in the first place).
This custom kernel-net implementation is now specifically tailored for
Android. Roam events are still triggered via ConnectivityManager but
the source address is determined via connect()/getsockname() on a VPN
excluded UDP socket, which does use the correct routing table as intended
by Android. That way the daemon immediately sees a different source IP
when connectivity changes even if the device is connected to multiple
networks concurrently.
Tobias Brunner [Wed, 17 Jun 2015 13:31:24 +0000 (15:31 +0200)]
android: Manually load libraries with dlopen() and RTLD_GLOBAL on Android M
This fixes an issue when using the Android M preview. Bionic's dynamic
linker was changed so that symbols in libraries loaded with RTLD_LOCAL
were not found anymore in dlsym(RTLD_DEFAULT, ...). This is the case
for libraries loaded with System.loadLibrary(), therefore, the plugin
loader in libstrongswan was not able to resolve any symbols defined in
other libraries loaded later. While this seems to have been broken
unintentionally for existing apps (fix at [1]), it will again be a
problem whenever we decide to increase targetSdkVersion beyond 22 (or
until that fix makes it into the system/emulator images).
Unfortunately, the dynamic loader in releases prior to Android 4.3 can't
load libandroidbridge without also loading its dependencies.
[1] https://github.com/android/platform_bionic/commit/
1913352c6b
Tobias Brunner [Tue, 16 Jun 2015 14:44:29 +0000 (16:44 +0200)]
android: Apply configured server port
Tobias Brunner [Tue, 16 Jun 2015 14:42:40 +0000 (16:42 +0200)]
android: Extend GUI so the server port can be entered
Tobias Brunner [Tue, 16 Jun 2015 14:39:08 +0000 (16:39 +0200)]
android: Add field for server port to data model
Tobias Brunner [Tue, 16 Jun 2015 14:06:13 +0000 (16:06 +0200)]
android: Apply configured MTU
While it is stored as property of individual profiles it is really a
global setting because we currently don't support more than one
connection.
Tobias Brunner [Mon, 15 Jun 2015 14:59:12 +0000 (16:59 +0200)]
android: Extend GUI so the MTU can be entered
This also adds a new area for advanced settings that is only displayed
if the user requests it (or if advanced settings already have been set).
The min. MTU for IPv6 is 1280, anything lower lets the TUN device
creation fail if an IPv6 address has been assigned. If lower MTUs are
necessary we might be able to catch that later when setting the MTU and
just use at least 1280 if an IPv6 address was assigned, but let's keep
it simple for now.
Tobias Brunner [Mon, 15 Jun 2015 13:36:46 +0000 (15:36 +0200)]
android: Add field for MTU to data model
Tobias Brunner [Fri, 12 Jun 2015 12:14:46 +0000 (14:14 +0200)]
android: Set preferred language for remediation instructions
Tobias Brunner [Wed, 10 Jun 2015 12:59:48 +0000 (14:59 +0200)]
android: Encode connection settings as single Java string argument
This makes adding new configuration settings easier.
Tobias Brunner [Fri, 5 Jun 2015 14:01:31 +0000 (16:01 +0200)]
android: Add simple utility class to generate settings_t compatible config snippets
Tobias Brunner [Thu, 23 Oct 2014 15:03:52 +0000 (17:03 +0200)]
unit-tests: Add unit tests for settings_t.load_string[_section]
Tobias Brunner [Thu, 23 Oct 2014 14:57:47 +0000 (16:57 +0200)]
settings: Add methods and a constructor to parse settings from strings
Tobias Brunner [Thu, 23 Oct 2014 14:57:24 +0000 (16:57 +0200)]
settings: Extend parser so we can parse settings from a string
Tobias Brunner [Mon, 8 Jun 2015 15:49:02 +0000 (17:49 +0200)]
starter: Add support for multi-line strings in ipsec.conf
Tobias Brunner [Mon, 8 Jun 2015 15:47:51 +0000 (17:47 +0200)]
settings: Add support for multi-line strings
Unterminated strings are now an error.
Tobias Brunner [Fri, 5 Jun 2015 13:49:39 +0000 (15:49 +0200)]
starter: Don't replace rarely used special characters in strings in ipsec.conf
Tobias Brunner [Fri, 5 Jun 2015 13:42:58 +0000 (15:42 +0200)]
settings: Don't replace rarely used special characters
Tobias Brunner [Mon, 22 Jun 2015 15:26:10 +0000 (17:26 +0200)]
android: Don't pass null as root view to inflate()
Tobias Brunner [Mon, 22 Jun 2015 15:22:05 +0000 (17:22 +0200)]
android: Fix a potential NullPointerException in the IMC state fragment
Tobias Brunner [Fri, 12 Jun 2015 13:13:46 +0000 (15:13 +0200)]
android: EAP-TNC does not require a client certificate
Was incorrectly changed with the refactoring in
a64089738d3e ("android:
Change how features of VPN types are stored and checked").
Tobias Brunner [Thu, 4 Jun 2015 08:35:03 +0000 (10:35 +0200)]
android: Enable charon.initiator_only option
Tobias Brunner [Wed, 10 Jun 2015 13:13:49 +0000 (15:13 +0200)]
android: Increase the minSdkVersion to 15 and targetSdkVersion to 22
There are no devices anymore that use API level 14 (4.0-4.0.2) and 22 is
the most recent level.
Andreas Steffen [Mon, 27 Jul 2015 17:51:18 +0000 (19:51 +0200)]
testing: Regenerated BLISS certificates due to oracle changes
Andreas Steffen [Mon, 27 Jul 2015 12:50:14 +0000 (14:50 +0200)]
Use MGF1 with SHA-512 as BLISS random oracle
Markku-Juhani Olavi Saarinen [Thu, 18 Jun 2015 10:46:16 +0000 (12:46 +0200)]
Generalize c_indices generation using SHA-512 random oracle.
This generalization allows the ring dimension n to be different
from the current n = 512 and allows kappa to be > 56. Also the
hash octets are consumed in a more consistent manner.
Markku-Juhani Olavi Saarinen [Wed, 17 Jun 2015 10:00:32 +0000 (12:00 +0200)]
Fixed several bugs in the BLISS signature generation/verification step.
The c_indices derived from the SHA-512 random oracle consist of
nine bits (0..511). The leftmost 8 bits of each index are taken
on an octet-by-octet basis from the 56 leftmost octets of the
SHA-512 hash. The 9th bit needed for the LSB is taken from the
extra_bits 64 bit unsigned integer which consists of the 8 rightmost
octets of the SHA-512 hash (in network order). If more than 56
indices must be derived then additional rounds of the random oracle
are executed until all kappa c_indices have been determined.
The bug fix shifts the extra_bits value by one bit in each loop
iteration so that the LSB of each index is random. Also iterate
through the hash array using the loop variable j not the c_indices
variable i.
Tobias Brunner [Mon, 27 Jul 2015 17:37:41 +0000 (19:37 +0200)]
ike: Fix memory leak if remote address is kept
Tobias Brunner [Mon, 27 Jul 2015 13:20:01 +0000 (15:20 +0200)]
ike-rekey: Fix cleanup() call
Tobias Brunner [Mon, 15 Jun 2015 09:52:16 +0000 (11:52 +0200)]
ike-rekey: Reset IKE_SA on bus before sending CREATE_CHILD_SA response
Even when there is no error the CREATE_CHILD_SA response should be sent
in the context of the existing IKE_SA.
Tobias Brunner [Mon, 15 Jun 2015 09:46:33 +0000 (11:46 +0200)]
ike-rekey: Reset IKE_SA on the bus after destroying new IKE_SA
The destroy() method sets the IKE_SA on the bus to NULL, we reset it to
the current IKE_SA so any events and log messages that follow happen in
the correct context.
A practical example where this is problematic is a DH group mismatch,
which causes the first CREATE_CHILD_SA exchange to fail. Because the SA
was not reset previously, the message() hook for the CREATE_CHILD_SA
response, for instance, was triggered outside the context of an IKE_SA,
that is, the ike_sa parameter was NULL, which is definitely not expected
by several plugins.
Fixes #862.
Tobias Brunner [Mon, 27 Jul 2015 12:00:23 +0000 (14:00 +0200)]
Merge branch 'trap-shunt-updates'
Changes how acquires are tracked in the trap manager, which fixes
several race conditions. Also fixes races between threads installing
trap policies and the main thread trying to flush the trap policies.
Similar changes were added to the shunt manager which previously
used no locking at all.
Fixes #1014.
Tobias Brunner [Tue, 14 Jul 2015 14:56:33 +0000 (16:56 +0200)]
daemon: Flush shunts before unloading plugins
Tobias Brunner [Tue, 14 Jul 2015 14:55:36 +0000 (16:55 +0200)]
shunt-manager: Add flush() method to properly uninstall shunts
This will allow us to uninstall shunts before unloading the
kernel-interface plugins.
Tobias Brunner [Tue, 14 Jul 2015 14:50:32 +0000 (16:50 +0200)]
shunt-manager: Remove stored entries if installation fails
Tobias Brunner [Tue, 14 Jul 2015 14:35:21 +0000 (16:35 +0200)]
shunt-manager: Add a lock to safely access the list of shunt policies
Tobias Brunner [Mon, 13 Jul 2015 11:20:14 +0000 (13:20 +0200)]
trap-manager: Resolve race conditions between flush() and install()
When flush() is called there might be threads in install() waiting for
trap policies to get installed (without holding the lock). We have to
wait until they updated the entries with the respective CHILD_SAs before
destroying the list.
We also have to prevent further trap policy installations (and wait until
threads in install() are really finished), otherwise we might end up
destroying CHILD_SA objects after the kernel interface implementations
have already been unloaded (avoiding this is the whole point of calling
flush() before unloading the plugins).
Tobias Brunner [Thu, 9 Jul 2015 10:00:56 +0000 (12:00 +0200)]
trap-manager: Changed how acquires we acted on are tracked
This fixes potential race conditions in case complete() or flush() is
executed before or concurrently with a thread that handles an acquire.
It will also simplify tracking multiple acquires created for the same
trap policy in the future.
Also fixes the behavior in some error situations.
Tobias Brunner [Thu, 9 Jul 2015 12:34:19 +0000 (14:34 +0200)]
trap-manager: Properly check-in IKE_SA if initiating fails
This basically reverts
f4e822c1b422 ("trap-manager: don't check-in
nonexisting IKE_SA if acquire fails"). As checkout_by_config() could
return an already existing and established IKE_SA we have to properly
destroy it, for instance, in case other threads are waiting to check
it out. checkin_and_destroy() should handle the case of a new SA
properly (it produces a log message on level 1, though).
Tobias Brunner [Fri, 10 Jul 2015 08:23:02 +0000 (10:23 +0200)]
ike: Fall back to the current remote IP if it resolves to %any
In some situations it might be valid for a host that configures
right=%any to reestablish or reauthenticate an IKE_SA. Using %any would
immediately abort the initiation causing the new SA to fail (which
might already have the existing CHILD_SAs assigned).
Fixes #1027.
Tobias Brunner [Mon, 27 Jul 2015 11:42:49 +0000 (13:42 +0200)]
Merge branch 'remote-host-family'
Considers the address family of locally defined addresses when resolving
the remote host.
Fixes #993.
Tobias Brunner [Thu, 11 Jun 2015 13:10:29 +0000 (15:10 +0200)]
ike: Use address family of local address when resolving remote host
If static local addresses are configured we should use their address family
as a hint when resolving the remote address.
We don't do this if %any is configured as this might break existing
configurations (%any4 and %any6 are however used as hint).
Tobias Brunner [Thu, 11 Jun 2015 14:10:25 +0000 (16:10 +0200)]
ike-cfg: Add unit tests for ike_cfg_get_family() helper
Tobias Brunner [Thu, 11 Jun 2015 13:42:54 +0000 (15:42 +0200)]
ike-cfg: Add helper function to determine address family of IP addresses
All configured static addresses (hostnames, ranges or subnets are not
considered) must be of the same family, otherwise AF_UNSPEC is returned.
Tobias Brunner [Thu, 11 Jun 2015 13:07:07 +0000 (15:07 +0200)]
host: Properly handle NULL in host_create_from_string[_and_family]
Andreas Steffen [Wed, 22 Jul 2015 15:46:15 +0000 (17:46 +0200)]
Improved legibility of swanctl CRL listings
Andreas Steffen [Wed, 22 Jul 2015 15:11:00 +0000 (17:11 +0200)]
testing: Updated loop ca certificates
Andreas Steffen [Tue, 21 Jul 2015 21:26:44 +0000 (23:26 +0200)]
testing: Added swanctl --list-authorities output to do-tests
Andreas Steffen [Tue, 21 Jul 2015 21:23:10 +0000 (23:23 +0200)]
testing: Updated all swanctl scenarios and added some new ones
Andreas Steffen [Mon, 29 Jun 2015 11:13:35 +0000 (13:13 +0200)]
tests: Introduced IPV6 flag in tests.conf
Andreas Steffen [Mon, 29 Jun 2015 10:43:20 +0000 (12:43 +0200)]
tests: Introduced SWANCTL flag in test.conf
Andreas Steffen [Mon, 29 Jun 2015 10:42:35 +0000 (12:42 +0200)]
tests: fixed evaltest of swanctl/rw-cert scenario
Andreas Steffen [Mon, 29 Jun 2015 10:41:37 +0000 (12:41 +0200)]
tests: fixed description of swanctl ip-pool scenarios
Andreas Steffen [Tue, 21 Jul 2015 21:15:36 +0000 (23:15 +0200)]
Version bump to 5.3.3dr1
Andreas Steffen [Tue, 14 Jul 2015 12:41:27 +0000 (14:41 +0200)]
vici: Certification Authority support added.
CDP and OCSP URIs for a one or multiple certification authorities
can be added via the VICI interface. swanctl allows to read
definitions from a new authorities section.
Andreas Steffen [Mon, 13 Jul 2015 16:54:54 +0000 (18:54 +0200)]
vici: Compute rekey_bytes and rekey_packets if life_bytes and life_packets are defined
Tobias Brunner [Wed, 15 Jul 2015 14:52:52 +0000 (16:52 +0200)]
testing: Do not attempt to start the test environment if hosts are still running
Tobias Brunner [Wed, 8 Jul 2015 13:28:46 +0000 (15:28 +0200)]
ike-sa-manager: Safely access the RNG instance with an rwlock
Threads might still be allocating SPIs (e.g. triggered by an acquire or
an inbound message) while the main thread calls flush(). If there is a
context switch right after such a thread successfully checked this->rng
in get_spi() and the main thread destroys the RNG instance right then,
that worker thread will cause a segmentation fault when it continues and
attempts to call get_bytes().
Fixes #1014.
Martin Willi [Thu, 2 Jul 2015 07:10:21 +0000 (09:10 +0200)]
vici: Asynchronize debug logging
The vici logger uses the listener_t.log() callback to raise vici events.
When doing so, it holds the bus lock as reader while acquiring the vici socket
mutex (1). If at the same time the vici socket enables a writer, that thread
tries to lock the watcher mutex (2). The watcher thread uses debugging while
holding the lock, i.e. acquires the bus read lock (3).
(1) bus.rlock -> vici.lock!
(2) vici.lock -> watcher.lock!
(3) watcher.lock -> bus.rlock!
This all actually would resolve just fine, as we have a shared read lock on the
bus. However, under Windows we seem to have a strict writer preference when
acquiring the rwlock (4). This results in blocking read locks until any pending
write lock can be fulfilled, and makes the constellation deadlock. The relevant
threads are:
Thread (1)
6 0x71313d25 in wait_ at threading/windows/mutex.c:137
7 0x7054c8a2 in find_entry at vici_socket.c:201
8 0x7054d690 in send_ at vici_socket.c:624
9 0x7054f6c1 in send_op at vici_dispatcher.c:119
10 0x705502c1 in raise_event at vici_dispatcher.c:469
12 0x704c3878 in log_cb at bus/bus.c:332
13 0x712c7c3a in invoke_function at collections/linked_list.c:414
14 0x704c3a63 in vlog at bus/bus.c:400
15 0x704c3b36 in log_ at bus/bus.c:430
18 0x70508f1f in process_response at sa/ikev2/task_manager_v2.c:664
20 0x704f5430 in process_message at sa/ike_sa.c:1369
21 0x704e3823 in execute at processing/jobs/process_message_job.c:74
22 0x712e629f in process_job at processing/processor.c:235
Thread (2)
4 0x71313b61 in lock at threading/windows/mutex.c:66
5 0x712e81fd in add at processing/watcher.c:441
6 0x712e1ab9 in add_watcher at networking/streams/stream.c:213
7 0x712e1b4d in on_write at networking/streams/stream.c:237
8 0x7054d606 in _cb_enable_writer at vici_socket.c:609
9 0x712e5e34 in execute at processing/jobs/callback_job.c:77
10 0x712e629f in process_job at processing/processor.c:235
Thread (3)
3 0x71313f38 in read_lock at threading/windows/rwlock.c:74
4 0x704c3971 in vlog at bus/bus.c:373
5 0x704cc156 in dbg_bus at daemon.c:126
6 0x712e7bf9 in watch at processing/watcher.c:316
7 0x712e5e34 in execute at processing/jobs/callback_job.c:77
8 0x712e629f in process_job at processing/processor.c:235
Thread (4)
3 0x71313f70 in write_lock at threading/windows/rwlock.c:82
4 0x704c378b in remove_logger at bus/bus.c:290
5 0x704cb284 in listener_unregister at control/controller.c:166
6 0x713136cd in thread_cleanup_pop at threading/windows/thread.c:558
8 0x704cb94e in initiate at control/controller.c:435
9 0x70553996 in _cb_initiate at vici_control.c:187
12 0x7054d200 in _cb_process_queue at vici_socket.c:508
13 0x712e5e34 in execute at processing/jobs/callback_job.c:77
14 0x712e629f in process_job at processing/processor.c:235
To avoid such a situation, we dissolve the (1) lock sequence. It's actually
never good practice to acquire shared locks during bus hooks, as it is
problematic if we raise bus events while holding the lock. We do so by
raising vici events for log message asynchronously, but of curse must keep
log order as is using a synchronized queue.
Martin Willi [Sun, 12 Jul 2015 11:55:08 +0000 (13:55 +0200)]
Merge branch 'chapoly'
Add ChaCha20/Poly1305 AEAD support in IKEv2 and libipsec ESP through the
chapoly plugin, and in kernel ESP SAs starting with Linux 4.2.
Martin Willi [Sun, 12 Jul 2015 11:42:11 +0000 (13:42 +0200)]
NEWS: Add ChaCha20/Poly1305 news
Martin Willi [Mon, 1 Jun 2015 08:01:56 +0000 (10:01 +0200)]
testing: Enable AESNI/PCLMULQD in moon/sun guests, if supported
Martin Willi [Fri, 29 May 2015 20:29:59 +0000 (22:29 +0200)]
testing: Do not overwrite kernel configuration if it already exists
This allows us to do changes to the kernel configuration using menuconfig
and friends, and update the kernel with make-testing.
Martin Willi [Fri, 29 May 2015 20:28:05 +0000 (22:28 +0200)]
testing: Extract and patch each kernel version only once
This allows us to do modifications to the kernel tree and rebuild that kernel
using make-testing. We can even have a git kernel tree in a directory to
do kernel development.
Martin Willi [Fri, 29 May 2015 20:42:04 +0000 (22:42 +0200)]
testing: Build with --enable-chapoly
Martin Willi [Mon, 27 Apr 2015 13:40:08 +0000 (15:40 +0200)]
libipsec: Add a unit-test for ESP encryption using ChaCha20Poly1305
Martin Willi [Mon, 27 Apr 2015 12:13:58 +0000 (14:13 +0200)]
libipsec: Add a unit-test test runner
Martin Willi [Mon, 27 Apr 2015 11:11:02 +0000 (13:11 +0200)]
unit-tests: Add a IKEv2 message encryption test case
It uses the ChaCha20Poly1305 test vectors from
draft-ietf-ipsecme-chacha20-poly1305-06.
Martin Willi [Tue, 14 Apr 2015 08:21:06 +0000 (10:21 +0200)]
unit-tests: Increase failure message buffer to hold larger hex dumps
Martin Willi [Mon, 27 Apr 2015 11:09:25 +0000 (13:09 +0200)]
unit-tests: Forward variable argument list in TEST_SUITE_DEPEND
For some plugin features, such as crypters or AEADs, we have some additional
feature arguments, such as the key size.