strongswan.git
5 years agoAdded BLISS OIDs in ITA-HSR OID tree
Andreas Steffen [Wed, 29 Oct 2014 21:34:36 +0000 (22:34 +0100)]
Added BLISS OIDs in ITA-HSR OID tree

5 years agoImplemented Number Theoretic Transform using the FFT algorithm
Andreas Steffen [Sat, 25 Oct 2014 17:09:41 +0000 (19:09 +0200)]
Implemented Number Theoretic Transform using the FFT algorithm

By pre-multiplying the input arrays with a linear phase the
fast multiplication via FFT and inverse FFT computes a negative
wrapped convolution corresponding to a modulus of x^n+1.

5 years agoCreated framework for BLISS post-quantum signature algorithm
Andreas Steffen [Tue, 21 Oct 2014 22:19:49 +0000 (00:19 +0200)]
Created framework for BLISS post-quantum signature algorithm

5 years agolibtls: Catch POLLHUP/NVAL in TLS socket splicing
Martin Willi [Fri, 28 Nov 2014 14:50:58 +0000 (15:50 +0100)]
libtls: Catch POLLHUP/NVAL in TLS socket splicing

If one of the sockets gets disconnected, some systems return POLLHUP. Signal
the socket as ready to let the read/write call fail properly.

5 years agowatcher: Proper handle poll() POLLHUP/NVAL signaling
Martin Willi [Fri, 28 Nov 2014 11:36:10 +0000 (12:36 +0100)]
watcher: Proper handle poll() POLLHUP/NVAL signaling

poll() may return POLLHUP or POLLNVAL for given file descriptors. To handle
these properly, we signal them to the EXCEPT watcher state, if registered. If
not, we call the read/write callbacks, so they can properly fail when trying
to read from or write to the file descriptor.

5 years agowindows: Properly set errno for read/write functions using Winsock
Martin Willi [Thu, 27 Nov 2014 17:15:45 +0000 (18:15 +0100)]
windows: Properly set errno for read/write functions using Winsock

5 years agoikev2: Fix ike_rekey switch statement broken with last commit
Martin Willi [Mon, 24 Nov 2014 09:03:26 +0000 (10:03 +0100)]
ikev2: Fix ike_rekey switch statement broken with last commit

5 years agoikev2: Prevent IKE_SA rekeying if we are currently retrying a CHILD_SA rekey
Martin Willi [Fri, 21 Nov 2014 11:10:16 +0000 (12:10 +0100)]
ikev2: Prevent IKE_SA rekeying if we are currently retrying a CHILD_SA rekey

5 years agocontroller: Keep following initiate() if the first DH guess was wrong
Martin Willi [Mon, 3 Nov 2014 08:39:16 +0000 (09:39 +0100)]
controller: Keep following initiate() if the first DH guess was wrong

5 years agochild-sa: Introduce a CHILD_RETRYING state to detect DH group retries
Martin Willi [Mon, 3 Nov 2014 08:38:27 +0000 (09:38 +0100)]
child-sa: Introduce a CHILD_RETRYING state to detect DH group retries

5 years agoMerge branch 'poll'
Martin Willi [Fri, 21 Nov 2014 11:49:07 +0000 (12:49 +0100)]
Merge branch 'poll'

Replace relevant uses of select() by poll(). poll(2) avoids the difficulties
we have with more than 1024 open file descriptors, and seems to be fairly
portable.

Fixes #757.

5 years agowindows: Move the compatibility header to the compat subfolder
Martin Willi [Thu, 6 Nov 2014 13:31:28 +0000 (14:31 +0100)]
windows: Move the compatibility header to the compat subfolder

5 years agoapple: Wrap accept() and recvfrom() with poll(2) instead of select
Martin Willi [Thu, 6 Nov 2014 13:40:52 +0000 (14:40 +0100)]
apple: Wrap accept() and recvfrom() with poll(2) instead of select

5 years agoapple: Introduce a central compatibility header with all __APPLE__ quirks
Martin Willi [Thu, 6 Nov 2014 13:27:07 +0000 (14:27 +0100)]
apple: Introduce a central compatibility header with all __APPLE__ quirks

5 years agowatcher: Use Windows read/write(2) wrappers instead of compile-conditions
Martin Willi [Thu, 6 Nov 2014 13:20:28 +0000 (14:20 +0100)]
watcher: Use Windows read/write(2) wrappers instead of compile-conditions

5 years agowindows: Provide a write(2) wrapper that uses send(2) on sockets
Martin Willi [Thu, 6 Nov 2014 13:18:22 +0000 (14:18 +0100)]
windows: Provide a write(2) wrapper that uses send(2) on sockets

5 years agowindows: Provide a read(2) wrapper that uses recv(2) on sockets
Martin Willi [Thu, 6 Nov 2014 13:15:09 +0000 (14:15 +0100)]
windows: Provide a read(2) wrapper that uses recv(2) on sockets

5 years agounit-tests: Test cancellability of some cancellation points we rely on
Martin Willi [Thu, 6 Nov 2014 10:19:51 +0000 (11:19 +0100)]
unit-tests: Test cancellability of some cancellation points we rely on

5 years agothread: Test for pending cancellation requests before poll()ing on OS X
Martin Willi [Wed, 5 Nov 2014 18:30:45 +0000 (19:30 +0100)]
thread: Test for pending cancellation requests before poll()ing on OS X

As we are now using poll(2) instead of select(2), we need the work-around from
76dc329e for poll() as well.

5 years agokernel-libipsec: Use poll(2) instead of select
Martin Willi [Wed, 5 Nov 2014 16:44:30 +0000 (17:44 +0100)]
kernel-libipsec: Use poll(2) instead of select

5 years agowatcher: Use poll(2) instead of select
Martin Willi [Wed, 5 Nov 2014 16:31:17 +0000 (17:31 +0100)]
watcher: Use poll(2) instead of select

5 years agolibtls: Use poll(2) instead of select() in tls_socket
Martin Willi [Wed, 5 Nov 2014 16:09:56 +0000 (17:09 +0100)]
libtls: Use poll(2) instead of select() in tls_socket

5 years agosocket-default: Use round-robin selection of sockets to read from
Martin Willi [Fri, 21 Nov 2014 10:43:20 +0000 (11:43 +0100)]
socket-default: Use round-robin selection of sockets to read from

If multiple sockets are ready, we previously preferred the IPv4 non-NAT socket
over others. To handle all with equal priority, use a round-robin selection.

5 years agosocket-default: Use poll(2) instead of select
Martin Willi [Wed, 5 Nov 2014 15:59:39 +0000 (16:59 +0100)]
socket-default: Use poll(2) instead of select

It is not only simpler, but also allows the use of arbitrary high fd numbers,
which silently fails with select().

5 years agotun-device: Read from tun to buffer on stack to avoid over-allocation of packets
Martin Willi [Fri, 21 Nov 2014 10:23:08 +0000 (11:23 +0100)]
tun-device: Read from tun to buffer on stack to avoid over-allocation of packets

Instead of allocating MTU-sized buffers for each packet, read to a stack buffer
and copy to an allocation of the actual packet size. While it requires an
additional copy on non-Apple platforms, this should make allocation more
efficient for small packets.

5 years agotun-device: Remove the superfluous use of select() before read()
Martin Willi [Wed, 5 Nov 2014 15:43:01 +0000 (16:43 +0100)]
tun-device: Remove the superfluous use of select() before read()

5 years agolibradius: Use poll(2) to wait for RADIUS responses
Martin Willi [Wed, 5 Nov 2014 15:28:42 +0000 (16:28 +0100)]
libradius: Use poll(2) to wait for RADIUS responses

5 years agowindows: Provide a poll(2) wrapper calling WSAPoll()
Martin Willi [Thu, 6 Nov 2014 11:11:25 +0000 (12:11 +0100)]
windows: Provide a poll(2) wrapper calling WSAPoll()

5 years agoMerge branch 'netlink-extensions'
Martin Willi [Fri, 21 Nov 2014 10:01:39 +0000 (11:01 +0100)]
Merge branch 'netlink-extensions'

Introduces options to enable concurrent Netlink queries. While this does not
make much sense on vanilla Linux, this can help on third party stacks to
increase throughput if longer latencies are to expect. Netlink message
retransmission can be optionally enabled if transmission is unreliable.
Non-socket based IKE bypass policies and other tweaks bring better compatibility
to third party stacks using Netlink.

5 years agokernel-netlink: Optionally ignore errors resulting from response message loss
Martin Willi [Thu, 14 Aug 2014 09:33:12 +0000 (11:33 +0200)]
kernel-netlink: Optionally ignore errors resulting from response message loss

As some backends over unreliable transport do not cache response messages,
retransmissions due the loss of responses perform the operation again. Add an
option to ignore some errors arising from such duplicate operations.

Note: This approach can't distinguish between real EXIST/NOTFOUND errors
and packet failures, and therefore is a source of race conditions and can't
detect any of these errors actually happening. Therefore that behavior is
disabled by default, and can be enabled with the ignore_retransmit_errors
strongswan.conf option.

To properly distinguish between real and retransmission errors, a Netlink
backend should implement retransmission detection using sequence numbers.

5 years agokernel-netlink: Add an option to enforce using XFRM_MSG_UPDPOLICY
Martin Willi [Tue, 29 Jul 2014 14:38:45 +0000 (16:38 +0200)]
kernel-netlink: Add an option to enforce using XFRM_MSG_UPDPOLICY

5 years agokernel-netlink: Fallback to UDP if detecting socket protocol fails
Martin Willi [Mon, 29 Sep 2014 15:11:53 +0000 (17:11 +0200)]
kernel-netlink: Fallback to UDP if detecting socket protocol fails

getsockopt(SO_PROTOCOL) is not supported before 2.6.32. Default to UDP if
either the SO_PROTOCOL define is missing or the syscall fails.

5 years agokernel-netlink: Alternatively support global port based IKE bypass policies
Martin Willi [Wed, 16 Jul 2014 14:31:52 +0000 (16:31 +0200)]
kernel-netlink: Alternatively support global port based IKE bypass policies

The socket based IKE bypass policies are usually superior, but not supported
on all networking stacks. The port based variant uses global policies for the
UDP ports we have IKE sockets for.

5 years agoconf: Document kernel-netlink retransmission and parallelization options
Martin Willi [Wed, 16 Jul 2014 11:22:21 +0000 (13:22 +0200)]
conf: Document kernel-netlink retransmission and parallelization options

5 years agokernel-netlink: Add options to enable parallel Netlink queries explicitly
Martin Willi [Wed, 16 Jul 2014 10:38:30 +0000 (12:38 +0200)]
kernel-netlink: Add options to enable parallel Netlink queries explicitly

As under vanilla Linux the kernel can't handle parallel dump queries and returns
EBUSY, it makes not much sense to use them. Disable parallel queries by default
to basically restore original behavior, improving performance.

5 years agokernel-netlink: Release lock while doing Netlink NEW/DELADDR operations
Martin Willi [Wed, 16 Jul 2014 09:59:59 +0000 (11:59 +0200)]
kernel-netlink: Release lock while doing Netlink NEW/DELADDR operations

Besides that it can improve throughput, it avoids a deadlock situation. If
all threads are busy, watcher will invoke the FD notification for NEWADDR
events itself. If the lock is held, it gets locked up. As watcher is not
dispatching anymore, it can't signal Netlink socket send() completion, and
the send() operation does not return and keeps the lock.

5 years agokernel-netlink: Add non-dumping variants of echo and stress tests
Martin Willi [Tue, 15 Jul 2014 13:58:11 +0000 (15:58 +0200)]
kernel-netlink: Add non-dumping variants of echo and stress tests

5 years agokernel-netlink: Add test cases for successful and timing out retransmissions
Martin Willi [Tue, 15 Jul 2014 13:47:03 +0000 (15:47 +0200)]
kernel-netlink: Add test cases for successful and timing out retransmissions

5 years agokernel-netlink: Add a compile-time hook to simulate request message loss
Martin Willi [Tue, 15 Jul 2014 13:11:14 +0000 (15:11 +0200)]
kernel-netlink: Add a compile-time hook to simulate request message loss

5 years agokernel-netlink: Implement configurable Netlink request retransmission
Martin Willi [Mon, 14 Jul 2014 15:17:38 +0000 (17:17 +0200)]
kernel-netlink: Implement configurable Netlink request retransmission

5 years agokernel-netlink: Add a stress test with several threads doing Netlink exchanges
Martin Willi [Mon, 14 Jul 2014 14:56:30 +0000 (16:56 +0200)]
kernel-netlink: Add a stress test with several threads doing Netlink exchanges

5 years agokernel-netlink: Retry netlink query while kernel returns EBUSY
Martin Willi [Mon, 14 Jul 2014 14:50:07 +0000 (16:50 +0200)]
kernel-netlink: Retry netlink query while kernel returns EBUSY

If the kernel can't execute a Netlink query because a different query is already
active, it returns EBUSY. As this can happen now as we support parallel queries,
retry on this error condition.

5 years agokernel-netlink: Support parallel Netlink queries
Martin Willi [Thu, 10 Jul 2014 14:28:44 +0000 (16:28 +0200)]
kernel-netlink: Support parallel Netlink queries

Instead of locking the socket exclusively to wait for replies, use watcher
to wait for and read in responses asynchronously. This allows multiple parallel
Netlink queries, which can significantly improve performance if the kernel
Netlink layer has longer latencies and supports parallel queries.

For vanilla Linux, parallel queries don't make much sense, as it usually returns
EBUSY for the relevant dump requests. This requires a retry, and in the end
makes queries more expensive under high load.

Instead of checking the Netlink message sequence number to detect multi-part
messages, this code now relies on the NLM_F_MULTI flag to detect them. This
has previously been avoided (by 1d51abb7). It is unclear if the flag did not
work correctly on very old Linux kernels, or if the flag was not used
appropriately by strongSwan. The flag seems to work just fine back to 2.6.18,
which is a kernel still in use by RedHat/CentOS 5.

5 years agokernel-netlink: Add a simple send message test querying available links
Martin Willi [Wed, 9 Jul 2014 13:26:30 +0000 (15:26 +0200)]
kernel-netlink: Add a simple send message test querying available links

5 years agokernel-netlink: Add a stub for a test-runner
Martin Willi [Wed, 9 Jul 2014 13:08:28 +0000 (15:08 +0200)]
kernel-netlink: Add a stub for a test-runner

5 years agomem-pool: Fix potential memory leak and lost leases when reassigning leases
Tobias Brunner [Tue, 11 Nov 2014 17:50:26 +0000 (18:50 +0100)]
mem-pool: Fix potential memory leak and lost leases when reassigning leases

If no offline leases are available for the current client and assigning online
leases is disabled, and if all IPs of the pool have already been assigned to
clients we look for offline leases that previously were assigned to other
clients.

In case the current client has online leases the previous code would
replace the existing mapping entry and besides resulting in a memory leak
the online leases would be lost forever (even if the client later releases
the addresses).  If this happens repeatedly the number of available addresses
would decrease even though the total number of online and offline leases seen
in `ipsec leases` would indicate that there are free addresses available.

Fixes #764.

5 years agoandroid: New release based on 5.2.1 and after adding EAP-TLS
Tobias Brunner [Thu, 6 Nov 2014 16:16:27 +0000 (17:16 +0100)]
android: New release based on 5.2.1 and after adding EAP-TLS

Also enables support for IKEv2 fragmentation, provides improved MOBIKE
handling and optionally enables PFS for CHILD_SAs.

5 years agoandroid: Build binaries for MIPS
Tobias Brunner [Thu, 6 Nov 2014 16:11:55 +0000 (17:11 +0100)]
android: Build binaries for MIPS

5 years agoandroid: Increase fragment size
Tobias Brunner [Thu, 6 Nov 2014 16:05:47 +0000 (17:05 +0100)]
android: Increase fragment size

We use the same value we use as MTU on TUN devices.

5 years agoandroid: Enable IKEv2 fragmentation
Tobias Brunner [Thu, 6 Nov 2014 15:56:54 +0000 (16:56 +0100)]
android: Enable IKEv2 fragmentation

5 years agoMerge branch 'android-eap-tls'
Tobias Brunner [Thu, 6 Nov 2014 15:33:01 +0000 (16:33 +0100)]
Merge branch 'android-eap-tls'

This adds support for EAP-TLS authentication on Android.

EAP-only authentication is currently not allowed because the AAA identity
is not configurable, so to prevent anyone with a valid certificate from
impersonating the AAA server and thus the gateway, we authenticate the
gateway (like we do with other authentication methods).
Also, it's currently not possible to select a specific CA certificate to
authenticate the AAA server certificate, so it either must be issued by the
same CA as that of the gateway or automatic CA certificate selection must
be used.

5 years agoandroid: Use %any as AAA identity, but disable EAP-only authentication
Tobias Brunner [Tue, 21 Oct 2014 16:28:24 +0000 (18:28 +0200)]
android: Use %any as AAA identity, but disable EAP-only authentication

Without verification of the identity we can't prevent a malicious user
with a valid certificate from impersonating the AAA server and thus the
VPN gateway.  So unless we make the AAA identity configurable we have to
prevent EAP-only authentication.

5 years agoandroid: Add support for signature schemes used by EAP-TLS
Tobias Brunner [Tue, 21 Oct 2014 16:03:49 +0000 (18:03 +0200)]
android: Add support for signature schemes used by EAP-TLS

5 years agoandroid: Allow enumeration of untrusted certificates
Tobias Brunner [Wed, 10 Sep 2014 14:54:12 +0000 (16:54 +0200)]
android: Allow enumeration of untrusted certificates

5 years agoandroid: Handle EAP-TLS in Android service
Tobias Brunner [Wed, 10 Sep 2014 09:35:04 +0000 (11:35 +0200)]
android: Handle EAP-TLS in Android service

5 years agoandroid: Enable EAP-TLS plugin in the app
Tobias Brunner [Wed, 10 Sep 2014 09:33:39 +0000 (11:33 +0200)]
android: Enable EAP-TLS plugin in the app

5 years agoandroid: Add EAP-TLS VPN type to the GUI
Tobias Brunner [Wed, 10 Sep 2014 09:28:48 +0000 (11:28 +0200)]
android: Add EAP-TLS VPN type to the GUI

5 years agoandroid: Change how features of VPN types are stored and checked
Tobias Brunner [Wed, 10 Sep 2014 09:25:03 +0000 (11:25 +0200)]
android: Change how features of VPN types are stored and checked

5 years agotesting: Update tkm/multiple-clients/evaltest.dat
Reto Buerki [Thu, 30 Oct 2014 16:43:01 +0000 (17:43 +0100)]
testing: Update tkm/multiple-clients/evaltest.dat

Since the CC context is now properly reset in the bus listener plugin,
the second connection from host dave re-uses the first CC ID. Adjust
the expect string on gateway sun accordingly.

5 years agocharon-tkm: Properly reset CC context in listener
Reto Buerki [Thu, 30 Oct 2014 15:16:40 +0000 (16:16 +0100)]
charon-tkm: Properly reset CC context in listener

Make sure that the acquired CC context is correctly reset and the
associated ID released in the authorize() function of the TKM bus
listener.

5 years agocharon-tkm: Add missing comma to enum
Reto Buerki [Thu, 30 Oct 2014 14:39:43 +0000 (15:39 +0100)]
charon-tkm: Add missing comma to enum

Add missing comma to tkm_context_kind_names enum definition.

5 years agoproposal: Add default PRF for HMAC-MD5-128 and HMAC-SHA1-160 integrity algorithms
Tobias Brunner [Fri, 31 Oct 2014 09:09:54 +0000 (10:09 +0100)]
proposal: Add default PRF for HMAC-MD5-128 and HMAC-SHA1-160 integrity algorithms

5 years agoMerge branch 'mem-pool-range'
Tobias Brunner [Thu, 30 Oct 2014 14:04:31 +0000 (15:04 +0100)]
Merge branch 'mem-pool-range'

Adds support to configure address pools as ranges (from-to) in
ipsec.conf and swanctl.conf.

The first and last addresses in subnet based pools are now skipped
properly and the pools' sizes are adjusted accordingly.  Which is also
the case if pools are configured with an offset, e.g. 192.168.0.100/24,
which reduces the number of available addresses from 254 to 155, and
assignment now starts at .100 not .101, i.e. .100-.254 are assignable
to clients.

References #744.

5 years agohost: Ignore spaces around - when parsing ranges
Tobias Brunner [Thu, 30 Oct 2014 11:32:16 +0000 (12:32 +0100)]
host: Ignore spaces around - when parsing ranges

5 years agoike-cfg: Use host_create_from_range() helper
Tobias Brunner [Tue, 28 Oct 2014 17:23:10 +0000 (18:23 +0100)]
ike-cfg: Use host_create_from_range() helper

5 years agovici: Add support for address range definitions of pools
Tobias Brunner [Mon, 27 Oct 2014 14:50:25 +0000 (15:50 +0100)]
vici: Add support for address range definitions of pools

5 years agostroke: Add support for address range definitions of in-memory pools
Tobias Brunner [Mon, 27 Oct 2014 14:31:46 +0000 (15:31 +0100)]
stroke: Add support for address range definitions of in-memory pools

5 years agohost: Add function to create two hosts from a range definition
Tobias Brunner [Tue, 28 Oct 2014 17:14:29 +0000 (18:14 +0100)]
host: Add function to create two hosts from a range definition

5 years agomem-pool: Add basic unit tests
Tobias Brunner [Fri, 24 Oct 2014 14:48:34 +0000 (16:48 +0200)]
mem-pool: Add basic unit tests

5 years agolibhydra: Add test runner
Tobias Brunner [Fri, 24 Oct 2014 14:47:26 +0000 (16:47 +0200)]
libhydra: Add test runner

5 years agomem-pool: Correctly ignore first and last addresses of subnets and adjust size
Tobias Brunner [Fri, 24 Oct 2014 13:40:09 +0000 (15:40 +0200)]
mem-pool: Correctly ignore first and last addresses of subnets and adjust size

Previously one more than the first and last address was ignored.
And if the base address is not the network ID of the subnet we
should not skip it.  But we should adjust the size as it does not
represent the actual number of IP addresses assignable.

5 years agoikev1: Don't inherit children if INITITAL_CONTACT was seen
Thomas Egerer [Thu, 9 Oct 2014 09:15:07 +0000 (11:15 +0200)]
ikev1: Don't inherit children if INITITAL_CONTACT was seen

Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
5 years agoikev1: Send INITIAL_CONTACT notify in Main Mode
Thomas Egerer [Thu, 9 Oct 2014 09:13:43 +0000 (11:13 +0200)]
ikev1: Send INITIAL_CONTACT notify in Main Mode

We currently send the notify in Main Mode only, as it is explicitly not allowed
by RFC 2407 to send (unprotected) notifications in Aggressive Mode. To make
that work, we'd need to handle that notify in Aggressive Mode, which could
allow a MitM to inject such notifies and do some harm.

Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
5 years agoMerge branch 'policy-constraints'
Martin Willi [Thu, 30 Oct 2014 10:42:04 +0000 (11:42 +0100)]
Merge branch 'policy-constraints'

Fixes handling of invalid policies in end entity certificates by not rejecting
the full certificate, but just invalidating the affected policy. Additionally
adds a bunch of unit tests for the constraints plugin, and some minor fixes
to the nameConstraints handling.

Currently we still reject CAs that use invalid policy mapping; we should accept
such certificates and just invalid affected policies in a next iteration.

Fixes #453.

5 years agopki: Print and document the name constraint type for DNS or email constraints
Martin Willi [Wed, 15 Oct 2014 10:33:17 +0000 (12:33 +0200)]
pki: Print and document the name constraint type for DNS or email constraints

As email constraints may be for a specific host, it is not clear from the
name itself if it is a DNS or email constraint.

5 years agoconstraints: Add permitted/excludedNameConstraints check
Martin Willi [Tue, 14 Oct 2014 14:29:28 +0000 (16:29 +0200)]
constraints: Add permitted/excludedNameConstraints check

5 years agoconstraints: Use a more specific FQDN/email name constraint matching
Martin Willi [Wed, 15 Oct 2014 10:10:54 +0000 (12:10 +0200)]
constraints: Use a more specific FQDN/email name constraint matching

While RFC 5280 is not very specific about the matching rules of subjectAltNames,
it has some examples how to match email and FQDN constraints. We try to follow
these examples, and restrict DNS names to subdomain matching and email to
full email, host or domain matching.

5 years agoconstraints: Add requireExplicitPolicy tests
Martin Willi [Tue, 14 Oct 2014 13:25:24 +0000 (15:25 +0200)]
constraints: Add requireExplicitPolicy tests

5 years agoconstraints: Add inhibitAnyPolicy tests
Martin Willi [Tue, 14 Oct 2014 13:00:22 +0000 (15:00 +0200)]
constraints: Add inhibitAnyPolicy tests

5 years agoconstraints: Add inhibitPolicyMapping tests
Martin Willi [Tue, 14 Oct 2014 12:56:46 +0000 (14:56 +0200)]
constraints: Add inhibitPolicyMapping tests

5 years agoconstraints: Don't reject certificates with invalid certificate policies
Martin Willi [Fri, 10 Oct 2014 14:33:56 +0000 (16:33 +0200)]
constraints: Don't reject certificates with invalid certificate policies

Instead of rejecting the certificate completely if a certificate has a policy
OID that is actually not allowed by the issuer CA, we accept it. However, the
certificate policy itself is still considered invalid, and is not returned
in the auth config resulting from trust chain operations.

A user must make sure to rely on the returned auth config certificate policies
instead of the policies contained in the certificate; even if the certificate
is valid, the policy OID itself in the certificate are not to be trusted
anymore.

5 years agoconstraints: Add certificate policy and policy mapping unit tests
Martin Willi [Fri, 10 Oct 2014 13:23:21 +0000 (15:23 +0200)]
constraints: Add certificate policy and policy mapping unit tests

5 years agoMerge branch 'id-type-prefix'
Martin Willi [Thu, 30 Oct 2014 10:21:22 +0000 (11:21 +0100)]
Merge branch 'id-type-prefix'

Introduce generic identity prefixes to enforce a specific type.

5 years agoNEWS: Mention identity prefixes
Martin Willi [Thu, 30 Oct 2014 10:21:01 +0000 (11:21 +0100)]
NEWS: Mention identity prefixes

5 years agoswanctl: Document identity type prefixes
Martin Willi [Wed, 29 Oct 2014 11:15:39 +0000 (12:15 +0100)]
swanctl: Document identity type prefixes

5 years agoman: Document identification type prefixes in ipsec.conf(5)
Martin Willi [Wed, 29 Oct 2014 11:06:04 +0000 (12:06 +0100)]
man: Document identification type prefixes in ipsec.conf(5)

5 years agoidentification: Support custom types in string constructor prefixes
Martin Willi [Wed, 29 Oct 2014 10:53:03 +0000 (11:53 +0100)]
identification: Support custom types in string constructor prefixes

5 years agoidentification: Support prefixes in string constructors for an explicit type
Martin Willi [Wed, 29 Oct 2014 10:18:35 +0000 (11:18 +0100)]
identification: Support prefixes in string constructors for an explicit type

5 years agounit-tests: Re-align identification_create_from_string() unit test table data
Martin Willi [Wed, 29 Oct 2014 10:12:38 +0000 (11:12 +0100)]
unit-tests: Re-align identification_create_from_string() unit test table data

5 years agothreading: Support rwlock try_write_lock() on Windows
Martin Willi [Wed, 22 Oct 2014 09:24:51 +0000 (11:24 +0200)]
threading: Support rwlock try_write_lock() on Windows

We explicitly avoided TryAcquireSRWLockExclusive() because of crashes. This
issue was caused by a MinGW-w64 bug (mingw-w64 fix 46f77afc). Using a newer
toolchain works fine.

While try_write_lock() obviously can fail, not supporting it is not really an
option, as some algorithms depend on occasionally successful calls. Certificate
caching in the certificate manager and the cred_set cache rely on successful
try_write_lock()ing.

5 years agothreading: Add a more explicit rwlock try_write_lock() testing
Martin Willi [Wed, 22 Oct 2014 09:23:49 +0000 (11:23 +0200)]
threading: Add a more explicit rwlock try_write_lock() testing

5 years agomessage: Include encrypted fragment payload in payload (order) rules
Tobias Brunner [Tue, 28 Oct 2014 15:42:06 +0000 (16:42 +0100)]
message: Include encrypted fragment payload in payload (order) rules

Otherwise fragmented CREATE_CHILD_SA exchanges won't get accepted
because they don't contain an SA payload.

It also prevents a warning when ordering payloads.

Fixes #752.

5 years agocert-cache: Prevent that a cached issuer is freed too early
Tobias Brunner [Fri, 24 Oct 2014 09:14:51 +0000 (11:14 +0200)]
cert-cache: Prevent that a cached issuer is freed too early

Previously we got no reference to the cached issuer certificate
before releasing the lock of the cache line, this allowed other
threads, or even the same thread if it replaces a cache line, to
destroy that issuer certificate in cache() (or flush()) before
get_ref() for the issuer certificate is finally called.

5 years agounit-tests: Fix internet checksum tests on big-endian systems
Tobias Brunner [Wed, 22 Oct 2014 17:43:22 +0000 (19:43 +0200)]
unit-tests: Fix internet checksum tests on big-endian systems

We actually need to do a byte-swap, which ntohs() only does on
little-endian systems.

Fixes #747.

5 years agochunk: Fix internet checksum calculation on big-endian systems
Tobias Brunner [Wed, 22 Oct 2014 17:41:40 +0000 (19:41 +0200)]
chunk: Fix internet checksum calculation on big-endian systems

ntohs() might be defined as noop (#define ntohs(x) (x)) so we have
to manually shorten the negated value (gets promoted to an int).

Fixes #747.

5 years agoupdown: Explicitly pass caller PATH to updown script
Martin Willi [Wed, 22 Oct 2014 12:50:09 +0000 (14:50 +0200)]
updown: Explicitly pass caller PATH to updown script

When invoking /bin/sh, its default PATH is used. On some systems, that does
not include the PATH where the ipsec script is installed, as charon is invoked
with a custom PATH. Explicitly setting the PATH of charon should fix this
case, properly invoking the (default) updown script.

Fixes #745.

5 years agoip-packet: Fix length in IPv6 header of generated packets
Tobias Brunner [Mon, 20 Oct 2014 13:32:01 +0000 (15:32 +0200)]
ip-packet: Fix length in IPv6 header of generated packets

5 years agoIncreased fragment size to 1400 in ipv6/net2net-ikev1 scenario 5.2.1
Andreas Steffen [Sat, 18 Oct 2014 12:05:53 +0000 (14:05 +0200)]
Increased fragment size to 1400 in ipv6/net2net-ikev1 scenario

5 years agoEnabled IKEv2 fragmentation in ipv6/net2net-ikev2 scenario
Andreas Steffen [Sat, 18 Oct 2014 12:05:18 +0000 (14:05 +0200)]
Enabled IKEv2 fragmentation in ipv6/net2net-ikev2 scenario

5 years agoVersion bump to 5.2.1
Andreas Steffen [Sat, 18 Oct 2014 10:12:17 +0000 (12:12 +0200)]
Version bump to 5.2.1