7 years agosystemd: Provide a charon-systemd daemon targeting full systemd integration
Martin Willi [Thu, 17 Jul 2014 14:16:23 +0000 (16:16 +0200)]
systemd: Provide a charon-systemd daemon targeting full systemd integration

7 years agoswanctl: Complete --load-creds command summary
Martin Willi [Thu, 7 Aug 2014 13:23:47 +0000 (15:23 +0200)]
swanctl: Complete --load-creds command summary

7 years agoswanctl: Fix description of load-pools command summary
Martin Willi [Thu, 7 Aug 2014 13:23:27 +0000 (15:23 +0200)]
swanctl: Fix description of load-pools command summary

7 years agoswanctl: Add a --load-all command, performing --load-{creds,pools,conns}
Martin Willi [Thu, 7 Aug 2014 13:22:40 +0000 (15:22 +0200)]
swanctl: Add a --load-all command, performing --load-{creds,pools,conns}

7 years agoswanctl: Add a --reload-settings command
Martin Willi [Thu, 17 Jul 2014 16:14:34 +0000 (18:14 +0200)]
swanctl: Add a --reload-settings command

7 years agovici: Add a command to reload strongswan.conf
Martin Willi [Thu, 17 Jul 2014 16:02:09 +0000 (18:02 +0200)]
vici: Add a command to reload strongswan.conf

7 years agoencoding: Accept all exchange types for non IKEv1/IKEv2 major versions
Martin Willi [Wed, 10 Sep 2014 09:14:22 +0000 (11:14 +0200)]
encoding: Accept all exchange types for non IKEv1/IKEv2 major versions

7 years agosettings: Make loading a NULL or empty pattern a (nop-)success
Martin Willi [Mon, 25 Aug 2014 08:36:01 +0000 (10:36 +0200)]
settings: Make loading a NULL or empty pattern a (nop-)success

7 years agosettings: Use strongswan.conf used during library initialization for reload
Martin Willi [Thu, 17 Jul 2014 16:07:05 +0000 (18:07 +0200)]
settings: Use strongswan.conf used during library initialization for reload

Since 4b670a20 we require an explicit strongswan.conf to re-load configurations.
However, the define was missing in the build, breaking SIGHUP based config

Fixes #651.

7 years agolibrary: Store the used root strongswan.conf configuration
Martin Willi [Thu, 17 Jul 2014 15:47:42 +0000 (17:47 +0200)]
library: Store the used root strongswan.conf configuration

7 years agotesting: Use multiple jobs to install strongSwan
Tobias Brunner [Tue, 16 Sep 2014 12:02:05 +0000 (14:02 +0200)]
testing: Use multiple jobs to install strongSwan

7 years agotesting: Add a script to build the current (or an arbitrary) source tree
Tobias Brunner [Fri, 29 Aug 2014 10:13:49 +0000 (12:13 +0200)]
testing: Add a script to build the current (or an arbitrary) source tree

This allows to (relatively) quickly (re-)build and install the current
or an arbitrary strongSwan source tree within the root image.

bindfs is used to bind mount the source directory using the regular user
and group (only works if sudo is used to run the script) so that newly
created files are not owned by root.

As with building the root image in general the guests must not be
running while executing this script.  The guest images are automatically
rebuilt after the root image has been updated so configuration files and
other modifications in guests will be lost.

7 years agotesting: Add packages to rebuild strongSwan from the repository
Tobias Brunner [Fri, 29 Aug 2014 14:22:49 +0000 (16:22 +0200)]
testing: Add packages to rebuild strongSwan from the repository

7 years agotesting: Make strongSwan build recipe more configurable
Tobias Brunner [Fri, 29 Aug 2014 09:51:54 +0000 (11:51 +0200)]
testing: Make strongSwan build recipe more configurable

7 years agoswanctl: Document --stats command
Tobias Brunner [Fri, 19 Sep 2014 09:29:45 +0000 (11:29 +0200)]
swanctl: Document --stats command

7 years agotesting: Update certs and keys in tkm tests
Reto Buerki [Wed, 17 Sep 2014 13:45:11 +0000 (15:45 +0200)]
testing: Update certs and keys in tkm tests

References #705.

7 years agotesting: Update x509-ada version to 0.1.1
Reto Buerki [Wed, 17 Sep 2014 13:44:19 +0000 (15:44 +0200)]
testing: Update x509-ada version to 0.1.1

Fixes #705.

7 years agoikev2: Don't treat initial messages as MOBIKE exchanges
Tobias Brunner [Tue, 16 Sep 2014 12:59:05 +0000 (14:59 +0200)]
ikev2: Don't treat initial messages as MOBIKE exchanges

The MOBIKE task is active during the initial exchanges but we don't want
to treat them as actual MOBIKE exchanges (i.e. there is no path probing).

7 years agoikev1: Don't cache last block of INFORMATIONAL messages as IV
Tobias Brunner [Fri, 15 Aug 2014 15:52:15 +0000 (17:52 +0200)]
ikev1: Don't cache last block of INFORMATIONAL messages as IV

We don't expect a response with the same MID, but apparently some
devices (e.g. FRITZ!Box) do that for DPDs, while still treating the
response as a new exchange.  By storing the last message block as IV
we can't decrypt the first block of such a response.

Fixes #661.

7 years agoikev1: Log IV when encrypting messages
Tobias Brunner [Fri, 15 Aug 2014 15:28:40 +0000 (17:28 +0200)]
ikev1: Log IV when encrypting messages

7 years agoikev1: Skip unusable IPComp proposals
Tobias Brunner [Fri, 15 Aug 2014 13:59:12 +0000 (15:59 +0200)]
ikev1: Skip unusable IPComp proposals

Fixes #661.

7 years agoikev1: Properly handle different proposal numbering schemes
Tobias Brunner [Fri, 15 Aug 2014 13:57:22 +0000 (15:57 +0200)]
ikev1: Properly handle different proposal numbering schemes

While the examples in RFC 2408 show proposal numbers starting at 1 and
increasing by one for each subsequent proposal this is not mandatory.
Actually, IKEv1 proposals may start at any number, the only requirement
is that the proposal numbers increase monotonically they don't have to
do so consecutively.

Most implementations follow the examples and start numbering at 1 (charon,
racoon, Shrew, Cisco, Windows XP, FRITZ!Box) but pluto was one of the
implementations that started with 0 and there might be others out there.

The previous assumption that implementations always start numbering proposals
at 0 caused problems with clients that start numbering with 1 and whose first
proposal consists of multiple protocols (e.g. ESP+IPComp).

Fixes #661.

7 years agokernel-netlink: Optionally install protocol and ports on transport mode SAs
Tobias Brunner [Mon, 25 Aug 2014 12:45:40 +0000 (14:45 +0200)]
kernel-netlink: Optionally install protocol and ports on transport mode SAs

7 years agoMerge branch 'mobike-fixes'
Tobias Brunner [Fri, 12 Sep 2014 08:35:06 +0000 (10:35 +0200)]
Merge branch 'mobike-fixes'

These changes improve the handling of MOBIKE tasks, for instance, when
retransmitting and no path is available.

Fixes #632.

7 years agoikev2: Reduce timeout if path probing was enabled
Tobias Brunner [Mon, 28 Jul 2014 12:09:10 +0000 (14:09 +0200)]
ikev2: Reduce timeout if path probing was enabled

7 years agoikev2: Defer MOBIKE updates if no path is available
Tobias Brunner [Mon, 28 Jul 2014 11:51:27 +0000 (13:51 +0200)]
ikev2: Defer MOBIKE updates if no path is available

7 years agoike-mobike: Allow calling transmit() even when not currently path probing
Tobias Brunner [Mon, 28 Jul 2014 11:46:16 +0000 (13:46 +0200)]
ike-mobike: Allow calling transmit() even when not currently path probing

Path probing is enabled if the current path is not available anymore.

7 years agoikev2: Defer path probing if no path is currently available
Tobias Brunner [Mon, 28 Jul 2014 11:12:20 +0000 (13:12 +0200)]
ikev2: Defer path probing if no path is currently available

We do the same before initiating the task, so we should probably do it
too when we already initiated it, not just time out and destroy the SA.

7 years agoike-mobike: Return FALSE in transmit() if no path was available
Tobias Brunner [Mon, 28 Jul 2014 11:12:09 +0000 (13:12 +0200)]
ike-mobike: Return FALSE in transmit() if no path was available

7 years agoikev2: Enable path probing for currently active MOBIKE task
Tobias Brunner [Mon, 28 Jul 2014 10:25:01 +0000 (12:25 +0200)]
ikev2: Enable path probing for currently active MOBIKE task

This might not be the case if e.g. an address appeared but the old one
is still available but not actually usable.  Without this the MOBIKE
task would eventually time out even though we might be able to switch
to a working address.

7 years agoike-mobike: Add method to enable path probing
Tobias Brunner [Mon, 28 Jul 2014 10:24:33 +0000 (12:24 +0200)]
ike-mobike: Add method to enable path probing

7 years agoike-mobike: Skip peer addresses we can't send packets to when checking paths
Tobias Brunner [Mon, 28 Jul 2014 10:09:16 +0000 (12:09 +0200)]
ike-mobike: Skip peer addresses we can't send packets to when checking paths

7 years agoikev2: Skip peer addresses we can't send packets to when looking for valid paths
Tobias Brunner [Mon, 28 Jul 2014 10:04:40 +0000 (12:04 +0200)]
ikev2: Skip peer addresses we can't send packets to when looking for valid paths

7 years agoikev2: Insert MOBIKE tasks at the front of the queue
Tobias Brunner [Tue, 22 Jul 2014 16:51:57 +0000 (18:51 +0200)]
ikev2: Insert MOBIKE tasks at the front of the queue

In case we have no usable path to the other peer there is no point in
initiating any other tasks (like rekeying).

7 years agoikev2: Migrate number of pending MOBIKE updates
Tobias Brunner [Tue, 22 Jul 2014 16:30:24 +0000 (18:30 +0200)]
ikev2: Migrate number of pending MOBIKE updates

This will probably never be more than 1 since we only have one task queued
at a time and we don't migrate running tasks.

7 years agoikev2: Properly keep track of pending MOBIKE updates
Tobias Brunner [Tue, 22 Jul 2014 16:25:37 +0000 (18:25 +0200)]
ikev2: Properly keep track of pending MOBIKE updates

Because we only queue one MOBIKE task at a time, but destroy superfluous
ones only after we already increased the counter for pending MOBIKE updates,
we have to reduce the counter when such tasks are destroyed.  Otherwise, the
queued task would assume another task is queued when it is running and
ignore any successful response.

7 years agoMerge branch 'android-pfs'
Tobias Brunner [Fri, 12 Sep 2014 08:24:48 +0000 (10:24 +0200)]
Merge branch 'android-pfs'

Changes how CHILD_SA rekeying errors are handled in the Android app and adds
CHILD_SA proposals with DH groups.

7 years agoandroid: Reduce CHILD_SA lifetime
Tobias Brunner [Mon, 11 Aug 2014 16:19:29 +0000 (18:19 +0200)]
android: Reduce CHILD_SA lifetime

7 years agoandroid: Add DH groups to ESP proposals
Tobias Brunner [Mon, 11 Aug 2014 16:17:00 +0000 (18:17 +0200)]
android: Add DH groups to ESP proposals

7 years agochild-cfg: Ignore duplicate proposals
Tobias Brunner [Mon, 11 Aug 2014 16:12:36 +0000 (18:12 +0200)]
child-cfg: Ignore duplicate proposals

If ESP proposals are added once with and once without DH groups
duplicates result during IKE_AUTH when DH groups are stripped.

7 years agoproposal: Fix equals()
Tobias Brunner [Mon, 11 Aug 2014 16:08:24 +0000 (18:08 +0200)]
proposal: Fix equals()

7 years agoandroid: Reestablish IKE_SA if CHILD_SA rekeying failed
Tobias Brunner [Mon, 11 Aug 2014 14:34:28 +0000 (16:34 +0200)]
android: Reestablish IKE_SA if CHILD_SA rekeying failed

7 years agoandroid: Report error if CHILD_SA rekeying fails
Tobias Brunner [Mon, 11 Aug 2014 14:09:35 +0000 (16:09 +0200)]
android: Report error if CHILD_SA rekeying fails

7 years agokernel-netlink: Add global option to configure MSS-clamping on installed routes
Tobias Brunner [Mon, 4 Aug 2014 13:57:46 +0000 (15:57 +0200)]
kernel-netlink: Add global option to configure MSS-clamping on installed routes

7 years agokernel-netlink: Add global option to set MTU on installed routes
Tobias Brunner [Mon, 4 Aug 2014 13:35:18 +0000 (15:35 +0200)]
kernel-netlink: Add global option to set MTU on installed routes

7 years agochunk: Fix Doxygen comments for chunk_internet_checksum[_inc]
Tobias Brunner [Thu, 11 Sep 2014 15:56:12 +0000 (17:56 +0200)]
chunk: Fix Doxygen comments for chunk_internet_checksum[_inc]

7 years agoauth-cfg: Fix crash after several reauthentications with multiple authentication...
Tobias Brunner [Thu, 11 Sep 2014 15:33:52 +0000 (17:33 +0200)]
auth-cfg: Fix crash after several reauthentications with multiple authentication rounds

Due to the issue described in c641974, purge() inadvertently destroyed
CA certificates that should have been kept (while the pointer to these
objects remained in the array).  This lead to incorrect reference counts
and after a few reauthentications with multiple authentication rounds,
which cause calls to purge(TRUE), to crashes.

7 years agoarray: Adjust negative index before calling remove_head|tail()
Tobias Brunner [Fri, 29 Aug 2014 08:18:07 +0000 (10:18 +0200)]
array: Adjust negative index before calling remove_head|tail()

For ARRAY_TAIL we most often want to call remove_tail() not remove_head().

7 years agoarray: Warn about caveat with array_remove_at() and value based arrays
Tobias Brunner [Thu, 11 Sep 2014 15:29:21 +0000 (17:29 +0200)]
array: Warn about caveat with array_remove_at() and value based arrays

Because enumerate() for value based arrays returns a pointer directly to
the internal array elements and because array_remove_at() or rather the
called array_remove() may move elements over the element at the currently
enumerated position, the pointer passed to enumerate() will point to a
different array element after the array_remove_at() call.  The caller
will thus operate on the wrong element if that pointer is accessed again
before calling enumerate().

For performance reasons we currently don't change the implementation to copy
each array element during enumeration to a private member of the enumerator and
return a pointer to that.  Similarly, due to the danger of subtle bugs we don't
remember the pointer passed to enumerate() to later redirect it to a copy
created during the array_remove_at() call.

7 years agoasn1: Try to fill the available binary OID buffer if possible
Tobias Brunner [Tue, 9 Sep 2014 09:46:38 +0000 (11:46 +0200)]
asn1: Try to fill the available binary OID buffer if possible

7 years agounit-tests: Give worker threads time to clean up when testing thread_t.detach()
Tobias Brunner [Wed, 25 Jun 2014 14:37:25 +0000 (16:37 +0200)]
unit-tests: Give worker threads time to clean up when testing thread_t.detach()

7 years agostream-service: Prevent race conditions due to blocking call to destroy()
Tobias Brunner [Mon, 21 Jul 2014 10:23:37 +0000 (12:23 +0200)]
stream-service: Prevent race conditions due to blocking call to destroy()

In the previous implementation queued jobs could prevent a service from
getting destroyed.  This could have lead to a deadlock when the
processor is cancelled.  Now destroy() still blocks, but waits only for
actually running tasks.  The service instance is reference counted so that
queued jobs can safely be destroyed.

7 years agostream-service: Do not accept or re-register when service is terminated
Tobias Brunner [Mon, 21 Jul 2014 09:35:34 +0000 (11:35 +0200)]
stream-service: Do not accept or re-register when service is terminated

7 years agostream-service: Restart accepting without blocking
Tobias Brunner [Mon, 21 Jul 2014 09:30:34 +0000 (11:30 +0200)]
stream-service: Restart accepting without blocking

Calling on_accept() sometimes lead to deadlocks when service->destroy()
was called concurrently.  That is, two threads waiting in on_accept() but
the last worker would only wake one due to the call to signal().  Calling
broadcast() wouldn't help either as that could lead to crashes if the thread
that called destroy() is woken first.

This is also more efficient as a constant pool of concurrent workers can
be maintained, otherwise peaks at the limit were followed by only a single
worker being active.

7 years agoandroid: Add support for querying use stats of a CHILD_SA
Tobias Brunner [Wed, 20 Aug 2014 09:39:28 +0000 (11:39 +0200)]
android: Add support for querying use stats of a CHILD_SA

7 years agoeap-radius: Forward Cisco and Microsoft specific DNS/NBNS attributes
Tobias Brunner [Tue, 19 Aug 2014 12:34:28 +0000 (14:34 +0200)]
eap-radius: Forward Cisco and Microsoft specific DNS/NBNS attributes

Fixes #677.

7 years agoikev1: Make sure proposed IPsec mode matches our own
Tobias Brunner [Tue, 12 Aug 2014 13:15:02 +0000 (15:15 +0200)]
ikev1: Make sure proposed IPsec mode matches our own

References #557.

7 years agoike: Reset IKE_SA in state CONNECTING instead of reauthenticating
Tobias Brunner [Tue, 12 Aug 2014 10:05:16 +0000 (12:05 +0200)]
ike: Reset IKE_SA in state CONNECTING instead of reauthenticating

Due to how reauthentication works for IKEv1 we could get a second
IKE_SA, which might cause problems, when connectivity problems arise
when the connection is initially established.

Fixes #670.

7 years agoasn1: Make sure not to exceed buffer for binary OID
Tobias Brunner [Mon, 4 Aug 2014 12:10:40 +0000 (14:10 +0200)]
asn1: Make sure not to exceed buffer for binary OID

7 years agokernel-pfroute: Delete interfaces on RTM_IFANNOUNCE/IFAN_DEPARTURE events
Tobias Brunner [Fri, 25 Jul 2014 16:07:08 +0000 (18:07 +0200)]
kernel-pfroute: Delete interfaces on RTM_IFANNOUNCE/IFAN_DEPARTURE events

We actually never deleted cached interfaces.  So if the kernel reuses
interface indices events for newly created interfaces could have been
associated with interface objects of deactivated and deleted interfaces.

Since we also didn't update the interface name when such an interface
got reactivated we ended up using the old name e.g. to install routes.

A trigger for this was the deletion and recreation of TUN devices during
reauthentication of SAs that use virtual IPs.

7 years agoip-packet: Define our own structs to handle TCP/UDP headers
Tobias Brunner [Thu, 24 Jul 2014 12:12:50 +0000 (14:12 +0200)]
ip-packet: Define our own structs to handle TCP/UDP headers

7 years agokernel-pfkey: Report packet counts of IPsec SAs
Tobias Brunner [Fri, 18 Jul 2014 16:19:46 +0000 (18:19 +0200)]
kernel-pfkey: Report packet counts of IPsec SAs

Seems that packet counts can be retrieved after all. At least the Linux
and FreeBSD kernels treat the number of allocations as number of packets.
We actually installed packet limits in that field already.

7 years agoswanctl: Document how connections.*.unique affects initiators
Tobias Brunner [Fri, 18 Jul 2014 14:05:47 +0000 (16:05 +0200)]
swanctl: Document how connections.*.unique affects initiators

7 years agomutex: Use atomics to set current thread in recursive mutex
Tobias Brunner [Thu, 17 Jul 2014 08:35:42 +0000 (10:35 +0200)]
mutex: Use atomics to set current thread in recursive mutex

Because this->thread is also read by threads that don't hold the
mutex the previous implementation was problematic (especially since
pthread_t is an opaque type of unknown length).

Fixes #654.

7 years agocurl: Log error code too
Tobias Brunner [Fri, 11 Jul 2014 13:40:15 +0000 (15:40 +0200)]
curl: Log error code too

It seems libcurl does not always return an error message.

7 years agounit-tests: Add option to exclude specific test suites
Tobias Brunner [Fri, 11 Jul 2014 08:51:31 +0000 (10:51 +0200)]
unit-tests: Add option to exclude specific test suites

Listing test suites in TESTS_SUITES_EXCLUDE allows excluding specific
test suites from running.

7 years agoopenssl: Report correct key length for EC keys when not using NIST curves
Tobias Brunner [Tue, 26 Aug 2014 16:26:33 +0000 (18:26 +0200)]
openssl: Report correct key length for EC keys when not using NIST curves

Fixes #688.

7 years agocredmgr: Fix copy and paste error in add_validator
Thomas Egerer [Thu, 28 Aug 2014 14:04:06 +0000 (16:04 +0200)]
credmgr: Fix copy and paste error in add_validator

This won't hurt as long as sets and validators are of the same class.
But as soon as one of the object's class is changed this will cause
either a compile error (best option), or result (most likely) in a

Signed-off-by: Thomas Egerer <>
7 years agoGenerated new test certificates
Andreas Steffen [Thu, 28 Aug 2014 19:34:40 +0000 (21:34 +0200)]
Generated new test certificates

7 years agoha: Don't adopt IKEv1 children when building without IKEv1 support
Martin Willi [Thu, 28 Aug 2014 08:16:51 +0000 (10:16 +0200)]
ha: Don't adopt IKEv1 children when building without IKEv1 support

The adopt_children_job_create() function is not available when IKEv1 support
is disabled. Fixes uncommon builds using --enable-ha --disable-ikev1.

Fixes #690.

7 years agotesting: Make sure the kernel exists when starting
Tobias Brunner [Mon, 25 Aug 2014 08:58:46 +0000 (10:58 +0200)]
testing: Make sure the kernel exists when starting

7 years agounity: Do not bump TS to as initiator when no Split-Include received
Martin Willi [Mon, 4 Aug 2014 08:38:08 +0000 (10:38 +0200)]
unity: Do not bump TS to as initiator when no Split-Include received

When having the unity plugin enabled and both peers send the Unity Vendor ID,
we proposed as traffic selector, even if no Split-Include has been
received on the SA. This can break compatibility with some responders, as
they don't narrow the TS themselves, but expect the configured TS.

7 years agounity: Handle narrowing according to roles in the IKE_SA
Tobias Brunner [Thu, 17 Jul 2014 15:24:43 +0000 (17:24 +0200)]
unity: Handle narrowing according to roles in the IKE_SA

Since the narrow hook types reflect the roles in the Quick Mode exchange
the plugin behaved incorrectly if the server initiated the CHILD_SA

7 years agoMerge branch 'push-mode-reauth'
Martin Willi [Mon, 25 Aug 2014 07:57:05 +0000 (09:57 +0200)]
Merge branch 'push-mode-reauth'

Fixes IKEv1 re-authentication when using push mode by reassigning the same
IP lease to the client.

7 years agoikev1: Defer Mode Config push after CHILD adoption when using XAuth
Martin Willi [Mon, 7 Jul 2014 09:10:43 +0000 (11:10 +0200)]
ikev1: Defer Mode Config push after CHILD adoption when using XAuth

7 years agoikev1: Defer Mode Config push after CHILD adoption and reauth detection
Martin Willi [Mon, 7 Jul 2014 08:42:11 +0000 (10:42 +0200)]
ikev1: Defer Mode Config push after CHILD adoption and reauth detection

When an initiator starts reauthentication on a connection that uses push
mode to assign a virtual IP, we can't execute the Mode Config before releasing
the virtual IP. Otherwise we would request a new and different lease, which
the client probably can't handle. Defer Mode Config execution, so the same IP
gets first released then reassigned during reauthentication.

7 years agoikev1: Extend adopt_children_job by task queuing, executed after adoption
Martin Willi [Mon, 7 Jul 2014 08:36:35 +0000 (10:36 +0200)]
ikev1: Extend adopt_children_job by task queuing, executed after adoption

7 years agoikev1: Accept Quick Mode DELETES while Quick Mode rekeying is active
Martin Willi [Fri, 11 Jul 2014 09:59:01 +0000 (11:59 +0200)]
ikev1: Accept Quick Mode DELETES while Quick Mode rekeying is active

If a peer immediately sends DELETE messages when completing Quick Mode rekeying,
the third Quick Mode message and the DELETE are sent simultaneously. This
implies that DELETE messages may arrive before the completing third Quick Mode

Handle this case by ignoring the DELETE INFORMATIONAL in Quick Mode and let
the delete task handle it.

7 years agoutils: Check if the parameter passed to countof() is actually an array type
Martin Willi [Fri, 4 Jul 2014 12:37:58 +0000 (14:37 +0200)]
utils: Check if the parameter passed to countof() is actually an array type

This should avoid errors such as the one fixed with 118b2879.

7 years agoutils: Add some initial build time assertion macros
Martin Willi [Fri, 4 Jul 2014 12:35:27 +0000 (14:35 +0200)]
utils: Add some initial build time assertion macros

These are useful to assert constants during build time. We evaluate the
expression to 0 when valid, so we can safely use the evaluated value.

7 years agostarter: Do not close all file descriptors after fork()
Martin Willi [Fri, 11 Jul 2014 12:40:56 +0000 (14:40 +0200)]
starter: Do not close all file descriptors after fork()

As we use libstrongswan and expect that it still works after the fork, we
can't just closefrom() all file descriptors. Watcher, for example, uses
a pipe to notify FDSET changes, which must be kept open.

Reverts 652ddf5ce2fad08f6569096dd56a821500cc5ba4.

7 years agoike-sa-manager: Use transient hasher for IKE_SA_INIT hash calculation
Christophe Gouault [Fri, 11 Jul 2014 11:40:25 +0000 (13:40 +0200)]
ike-sa-manager: Use transient hasher for IKE_SA_INIT hash calculation

To check if a received IKE_SA_INIT request is a new request or a
retransmit, charon maintains hashes of the pending IKE_SA_INIT

However, the hash calculation is not reentrant because a single hasher
is used for the whole IKE SA manager. It leads to bogus calculations
under high load and hence dropped messages on responder
(IkeInInvalidSpi incremented).

Don't share a single hasher in the IKE SA manager, create a transient
one whenever a message must be hashed.

Signed-off-by: Christophe Gouault <>
7 years agodiffie-hellman: Explicitly initialize DH exponent sizes during initialization
Martin Willi [Wed, 16 Jul 2014 14:44:24 +0000 (16:44 +0200)]
diffie-hellman: Explicitly initialize DH exponent sizes during initialization

To avoid any race conditions when multiple threads call and initialize
diffie_hellman_get_params(), explicitly examine the optimum DH exponent size
during library initialization.

Fixes #655.

7 years agokernel-pfroute: Fix kernel response handling
Tobias Brunner [Tue, 19 Aug 2014 09:08:33 +0000 (11:08 +0200)]
kernel-pfroute: Fix kernel response handling

The condvar is signaled for every handled message received from the
kernel not only for replies (this changed with 2a2d7a4dc8).  This may
cause segfaults because this->reply is not set when the waiting thread is
woken due to an IP address change.

Since this->reply is only set when it is actually the expected reply (and
only one request is sent at a time, thanks to c9a323c1d9) we only have
to make sure the reply is there (and clear it once we handled it).

Using separate condvars could also be an option in the future.

7 years agoconfigure: Add additional includes when checking for linux/fib_rules.h
Tobias Brunner [Mon, 11 Aug 2014 16:38:20 +0000 (18:38 +0200)]
configure: Add additional includes when checking for linux/fib_rules.h

This seems to be required on Cent OS 6.5.

8 years agostarter: Wait indefinitely for charon when using --attach-gdb
Martin Willi [Fri, 8 Aug 2014 08:28:58 +0000 (10:28 +0200)]
starter: Wait indefinitely for charon when using --attach-gdb

This makes sure the user has time to set break points etc. before it runs
charon under gdb.

8 years agostarter: Don't monitor child if debugger is attached
Thomas Egerer [Thu, 7 Aug 2014 16:05:46 +0000 (18:05 +0200)]
starter: Don't monitor child if debugger is attached

Signed-off-by: Thomas Egerer <>
8 years agoAdded Debian 7.6 to IMV database
Andreas Steffen [Wed, 6 Aug 2014 06:04:42 +0000 (08:04 +0200)]
Added Debian 7.6 to IMV database

8 years agounused os_info_t object removed
Andreas Steffen [Wed, 6 Aug 2014 05:55:54 +0000 (07:55 +0200)]
unused os_info_t object removed

8 years agoUpdated to 3.13.0-32-generic Ubuntu kernel
Andreas Steffen [Wed, 6 Aug 2014 05:54:57 +0000 (07:54 +0200)]
Updated to 3.13.0-32-generic Ubuntu kernel

8 years agoimv-swid: Use pkg-config to check for libjson-c
Tobias Brunner [Wed, 30 Jul 2014 14:01:41 +0000 (16:01 +0200)]
imv-swid: Use pkg-config to check for libjson-c

The package/library is called libjson-c on recent distributions.
Some like Ubuntu 14.04 provide symlinks with the old name but these
will eventually disappear.  Using pkg-config allows us to easily check
for it (with a fallback) and configure the proper compiler flags.

Fixes #663.

8 years agodns-proxy: Don't use proxy socket if we fail to bypass it
Tobias Brunner [Wed, 30 Jul 2014 07:48:08 +0000 (09:48 +0200)]
dns-proxy: Don't use proxy socket if we fail to bypass it

This will result in an infinite loop as packets sent over that socket
will again pass through the TUN device and the DNS proxy.

Apparently, bypassing fails when airplane mode is enabled.

Fixes #662.

8 years agoswanctl: Fix documentation of options for send_cert setting
Tobias Brunner [Mon, 28 Jul 2014 08:37:09 +0000 (10:37 +0200)]
swanctl: Fix documentation of options for send_cert setting

8 years agoandroid: New release after adding certificate import, DNS proxy and GUI changes
Tobias Brunner [Tue, 22 Jul 2014 09:34:09 +0000 (11:34 +0200)]
android: New release after adding certificate import, DNS proxy and GUI changes

8 years agoMerge branch 'android-dns-proxy'
Tobias Brunner [Tue, 22 Jul 2014 09:10:59 +0000 (11:10 +0200)]
Merge branch 'android-dns-proxy'

Adds a DNS proxy feature that uses VPN-protected sockets to resolve the
VPN gateway's hostname while reestablishing the IKE_SA, which is
required because we keep the TUN device up to avoid leaking plaintext

The TUN device is recreated without DNS servers before reestablishing in
case the VPN server pushed DNS servers to the client that are only
reachable via VPN.

Fixes #622.

8 years agoandroid: For keyingtries > 0 notify the GUI if the limit is reached when reestablishing
Tobias Brunner [Thu, 17 Jul 2014 13:39:29 +0000 (15:39 +0200)]
android: For keyingtries > 0 notify the GUI if the limit is reached when reestablishing

The IKE_SA is destroyed anyway, so letting the GUI remain in
"connecting" state would be incorrect.

We still use keyingtries=0 for now, though. And we still abort after the
first failed attempt initially, in case there is a configuration error.

8 years agoandroid: Terminate IKE_SA if initial IKE_SA_INIT fails
Tobias Brunner [Thu, 17 Jul 2014 13:22:29 +0000 (15:22 +0200)]
android: Terminate IKE_SA if initial IKE_SA_INIT fails

Since VpnStateService.disconnect() is now not called until the error
dialog is dismissed the daemon would continue to try connecting.
So while the error dialog is shown the connection might actually be
successfully established in the background, which is not intended.

This way the IKE_SA is destroyed right after sending the IKE_SA_INIT of
the second connection attempt (due to keyingtries=0).

8 years agoandroid: Only allow DNS queries for the configured hostname
Tobias Brunner [Wed, 16 Jul 2014 14:20:00 +0000 (16:20 +0200)]
android: Only allow DNS queries for the configured hostname

8 years agoandroid: Add optional filter functionality to DNS proxy
Tobias Brunner [Wed, 16 Jul 2014 14:17:28 +0000 (16:17 +0200)]
android: Add optional filter functionality to DNS proxy

If specified only queries for a list of allowed host names will be

8 years agoandroid: Recreate the TUN device without DNS when reestablishing IKE_SAs
Tobias Brunner [Wed, 16 Jul 2014 12:01:12 +0000 (14:01 +0200)]
android: Recreate the TUN device without DNS when reestablishing IKE_SAs

This enables DNS resolution while reestablishing if the VPN gateway pushed
DNS servers to the client that are only reachable via VPN.