2 weeks agotesting: Extended swanctl/rw-qske-l1 scenario ikev2-qske-notify
Andreas Steffen [Mon, 29 Oct 2018 11:34:26 +0000 (12:34 +0100)]
testing: Extended swanctl/rw-qske-l1 scenario

2 weeks agowip
Tobias Brunner [Mon, 23 Jul 2018 16:14:28 +0000 (18:14 +0200)]

2 weeks agowip: unit-tests: Add QSKE exchange tests
Tobias Brunner [Mon, 16 Jul 2018 13:50:56 +0000 (15:50 +0200)]
wip: unit-tests: Add QSKE exchange tests

2 weeks agounit-tests: Add mock QSKE implementation
Tobias Brunner [Mon, 16 Jul 2018 13:50:09 +0000 (15:50 +0200)]
unit-tests: Add mock QSKE implementation

2 weeks agoike-sa-manager: Log SPIs when checking in an IKE_SA
Tobias Brunner [Mon, 16 Jul 2018 13:48:30 +0000 (15:48 +0200)]
ike-sa-manager: Log SPIs when checking in an IKE_SA

2 weeks agowip: CHILD_SA rekey and creation testing
Tobias Brunner [Fri, 13 Jul 2018 16:45:53 +0000 (18:45 +0200)]
wip: CHILD_SA rekey and creation testing

2 weeks agoikev2: Use hashes to detect retransmits
Tobias Brunner [Mon, 23 Jul 2018 15:49:15 +0000 (17:49 +0200)]
ikev2: Use hashes to detect retransmits

We avoid parsing messages with unexpected message IDs.  This allows us to
process and detect retransmits of messages for which we don't have the keys
anymore (i.e. IKE_AUX after IKE_SA_INIT and changing the keys).

This also changes how retransmits for fragmented messages are triggered,
previously we waited for all fragments and reconstructed the message
before retransmitting the response.  Now we only track the first
fragment and if we receive a retransmit of it respond immediately
without waiting for other fragments (which are now ignored).  This is in
compliance with RFC 7383, section 2.6.1.

2 weeks agochild-create: Change how DH group/QSKE mechanism is determined
Tobias Brunner [Fri, 20 Jul 2018 15:44:14 +0000 (17:44 +0200)]
child-create: Change how DH group/QSKE mechanism is determined

Either reuse algorithms previously used (rekeying) or use the IKE_SA's
proposal to determine a preferred group/mechanism.

2 weeks agochild-cfg: Add method to check if an algorithm is proposed
Tobias Brunner [Fri, 20 Jul 2018 15:43:24 +0000 (17:43 +0200)]
child-cfg: Add method to check if an algorithm is proposed

2 weeks agounit-tests: Fix CHILD_SA rekey tests after INVALID_KE_PAYLOAD handling changes
Tobias Brunner [Fri, 20 Jul 2018 12:12:48 +0000 (14:12 +0200)]
unit-tests: Fix CHILD_SA rekey tests after INVALID_KE_PAYLOAD handling changes

The responder doesn't create a CHILD_SA and allocate an SPI anymore
when responding with an INVALID_KE_PAYLOAD notify.

2 weeks agowip: child-create: Prototypical support for QSKE mechanisms
Tobias Brunner [Fri, 13 Jul 2018 14:07:43 +0000 (16:07 +0200)]
wip: child-create: Prototypical support for QSKE mechanisms

wip: For some errors a more specific notify might be preferable (e.g.
INVALID_SYNTAX if a QSKE payload is missing or an exchange other than
IKE_AUX follows CREATE_CHILD_SA if a QSKE mechanism was negotiated).

2 weeks agooqs: Allow different paths to generate/encapsulate the shared secret
Tobias Brunner [Fri, 20 Jul 2018 14:02:19 +0000 (16:02 +0200)]
oqs: Allow different paths to generate/encapsulate the shared secret

This way we don't have to generate the QSKE payload before we can query
the shared secret.

2 weeks agokeymat_v2: Add optional qske_t argument to derive_child_keys()
Tobias Brunner [Fri, 13 Jul 2018 13:31:34 +0000 (15:31 +0200)]
keymat_v2: Add optional qske_t argument to derive_child_keys()

2 weeks agochild-cfg: Generalize get_dh_group() method
Tobias Brunner [Fri, 20 Jul 2018 09:11:00 +0000 (11:11 +0200)]
child-cfg: Generalize get_dh_group() method

2 weeks agochild-cfg: Strip QSKE mechanisms from ESP proposal when we strip DH groups
Tobias Brunner [Mon, 9 Jul 2018 14:59:05 +0000 (16:59 +0200)]
child-cfg: Strip QSKE mechanisms from ESP proposal when we strip DH groups

2 weeks agowip: keymat_v2: Cache initial IKE messages for auth octets
Tobias Brunner [Tue, 10 Jul 2018 14:26:58 +0000 (16:26 +0200)]
wip: keymat_v2: Cache initial IKE messages for auth octets

This avoids pre-generating the message to be sent and supports fragments
as used for IKE_AUX.

In scenarios with IKE_AUX this basically changes the auth octets as follows:

  InitiatorSignedOctets = RealMessage1(INIT) | RealMessage3(AUX) | ...
                          NonceRData | MACedIDForI


  ResponderSignedOctets = RealMessage2(INIT) | RealMessage4(AUX) | ...
                          NonceIData | MACedIDForR

wip: Since this requires keeping around quite some data, alternatives would
be to hash the message (with some negotiated or fixed hash function) or
applying the PRF (if it is QC-safe, e.g. with a zero key or the ones we
derived from DH).

2 weeks agotesting: Added swanctl/rw-qske-l1 and swanctl/rw-qske-l5 scenarios
Andreas Steffen [Mon, 18 Jun 2018 22:06:35 +0000 (00:06 +0200)]
testing: Added swanctl/rw-qske-l1 and swanctl/rw-qske-l5 scenarios

2 weeks agoike-rekey: Reset IKE_SA after processing CREATE_CHILD_SA request
Tobias Brunner [Tue, 10 Jul 2018 12:36:28 +0000 (14:36 +0200)]
ike-rekey: Reset IKE_SA after processing CREATE_CHILD_SA request

This probably didn't cause any problems, as there wasn't really anything
happening between the calls, but reset it anyway, just to be safe.

2 weeks agowip: ike-init: Prototypical (optional) IKE_AUX exchange for QSKE mechanisms
Tobias Brunner [Mon, 25 Jun 2018 15:19:39 +0000 (17:19 +0200)]
wip: ike-init: Prototypical (optional) IKE_AUX exchange for QSKE mechanisms

The QSKE payloads are, by default, exchanged in a separate IKE_AUX exchange
after IKE_SA_INIT to leverage IKEv2 fragmentation.  It would be possible
to do that directly in IKE_SA_INIT (DH is currently not optional, though).

Rekeying is always done with a single CREATE_CHILD_SA exchange (again,
DH is currently not optional).

The key material is derived by concatenating the DH and QSKE secrets.

wip: DH could theoretically be made optional if QSKE is used (only during
rekeying, or when not using IKE_AUX also during IKE_SA_INIT)

wip: HA and the ike_keys() hook on listener_t currently handle only
classic key derivation.

wip: Retransmits of IKE_AUX requests will fail after changing the keys?
We either have to keep the old keys around, or use hashes to detect
retransmits (tricky with fragments, unless we retransmit the message
even if we receive the retransmit of just one fragment).

2 weeks agonotify-payload: Add INVALID_QSKE_PAYLOAD notify type
Tobias Brunner [Thu, 19 Jul 2018 10:08:19 +0000 (12:08 +0200)]
notify-payload: Add INVALID_QSKE_PAYLOAD notify type

2 weeks agoike-cfg: Generalize get_dh_group() method
Tobias Brunner [Thu, 19 Jul 2018 14:53:01 +0000 (16:53 +0200)]
ike-cfg: Generalize get_dh_group() method

2 weeks agoproposal: Generalize DH methods
Tobias Brunner [Mon, 9 Jul 2018 14:27:04 +0000 (16:27 +0200)]
proposal: Generalize DH methods

2 weeks agokeymat_v2: Add optional qske_t argument to derive_ike_keys()
Tobias Brunner [Thu, 28 Jun 2018 09:40:49 +0000 (11:40 +0200)]
keymat_v2: Add optional qske_t argument to derive_ike_keys()

If given, its shared secret is appended to the secret provided by the
diffie_hellman_t implementation.

2 weeks agokeymat_v2: Proper cleanup if derive_ike_keys() is called multiple times
Tobias Brunner [Thu, 28 Jun 2018 13:33:35 +0000 (15:33 +0200)]
keymat_v2: Proper cleanup if derive_ike_keys() is called multiple times

2 weeks agokeymat_v2: Add method to create QSKE implementation
Tobias Brunner [Thu, 28 Jun 2018 09:38:54 +0000 (11:38 +0200)]
keymat_v2: Add method to create QSKE implementation

2 weeks agoikev2: Allow tasks to do work after generating requests/responses
Tobias Brunner [Thu, 28 Jun 2018 08:44:40 +0000 (10:44 +0200)]
ikev2: Allow tasks to do work after generating requests/responses

2 weeks agotask: Add optional post_build() method
Tobias Brunner [Thu, 28 Jun 2018 08:44:03 +0000 (10:44 +0200)]
task: Add optional post_build() method

This will allow tasks to do some work after the message has been

2 weeks agounit-tests: Use a simple default IKE proposal to avoid issues with IKE_AUX
Tobias Brunner [Tue, 26 Jun 2018 08:13:05 +0000 (10:13 +0200)]
unit-tests: Use a simple default IKE proposal to avoid issues with IKE_AUX

The exchange tests don't expect an IKE_AUX exchange so we don't want any
QSKE methods getting negotiated (in case they are proposed in the default

2 weeks agoike-auth: Support IKE_AUX exchange between IKE_SA_INIT and IKE_AUTH
Tobias Brunner [Mon, 25 Jun 2018 12:27:16 +0000 (14:27 +0200)]
ike-auth: Support IKE_AUX exchange between IKE_SA_INIT and IKE_AUTH

2 weeks agochild-create: Support IKE_AUX exchange between IKE_SA_INIT and IKE_AUTH
Tobias Brunner [Mon, 25 Jun 2018 12:14:59 +0000 (14:14 +0200)]
child-create: Support IKE_AUX exchange between IKE_SA_INIT and IKE_AUTH

Handling of IKE_AUX when creating new CHILD_SAs or rekeying is not yet

2 weeks agoike-mobike: Support IKE_AUX exchange between IKE_SA_INIT and IKE_AUTH
Tobias Brunner [Mon, 25 Jun 2018 12:03:56 +0000 (14:03 +0200)]
ike-mobike: Support IKE_AUX exchange between IKE_SA_INIT and IKE_AUTH

This changes the MID of the first IKE_AUTH message.

2 weeks agoike-config: Support IKE_AUX exchange between IKE_SA_INIT and IKE_AUTH
Tobias Brunner [Mon, 25 Jun 2018 10:32:27 +0000 (12:32 +0200)]
ike-config: Support IKE_AUX exchange between IKE_SA_INIT and IKE_AUTH

This changes the MID of the first IKE_AUTH message.

2 weeks agoike-cert-post: Make absolutely sure certificates are only added to IKE_AUTH
Tobias Brunner [Mon, 25 Jun 2018 10:23:50 +0000 (12:23 +0200)]
ike-cert-post: Make absolutely sure certificates are only added to IKE_AUTH

The AUTH payload check should be fine, but add some extra checks just to make
really sure and also for clarification.

2 weeks agoike-cert-pre: Support IKE_AUX exchange between IKE_SA_INIT and IKE_AUTH
Tobias Brunner [Mon, 25 Jun 2018 10:07:50 +0000 (12:07 +0200)]
ike-cert-pre: Support IKE_AUX exchange between IKE_SA_INIT and IKE_AUTH

The first IKE_AUTH does not have MID 1 if that's the case.

2 weeks agostatus: Add return_need_more() utility function
Tobias Brunner [Fri, 13 Jul 2018 12:52:05 +0000 (14:52 +0200)]
status: Add return_need_more() utility function

2 weeks agotest-vectors: Added QSKE vectors
Andreas Steffen [Tue, 10 Jul 2018 07:31:26 +0000 (09:31 +0200)]
test-vectors: Added QSKE vectors

2 weeks agoscripts: nist-kam-kat generates KEM KAT test data
Andreas Steffen [Fri, 6 Jul 2018 06:06:16 +0000 (08:06 +0200)]
scripts: nist-kam-kat generates KEM KAT test data

The script converts the Known-Answers-Test data (KAT) for the NIST
post-quantum round 1 submission Key Encapsulation Mechanism (KEM)
candidates into a C struct amenable for our unit-tests.

2 weeks agounit-tests: Tests for oqs plugin
Andreas Steffen [Wed, 4 Jul 2018 17:15:41 +0000 (19:15 +0200)]
unit-tests: Tests for oqs plugin

2 weeks agounit-tests: Fixed newhope plugin test
Andreas Steffen [Wed, 4 Jul 2018 17:12:19 +0000 (19:12 +0200)]
unit-tests: Fixed newhope plugin test

2 weeks agooqs: Created QSKE plugin based on OQS library
Andreas Steffen [Wed, 27 Jun 2018 11:22:58 +0000 (13:22 +0200)]
oqs: Created QSKE plugin based on OQS library

2 weeks agoqske-newhope: Created NewHope QSKE plugin
Andreas Steffen [Wed, 20 Jun 2018 12:51:07 +0000 (14:51 +0200)]
qske-newhope: Created NewHope QSKE plugin

2 weeks agostroke: Support for QSKE mechanisms
Andreas Steffen [Thu, 21 Jun 2018 08:23:52 +0000 (10:23 +0200)]
stroke: Support for QSKE mechanisms

2 weeks agoswanctl: Support for QSKE mechanisms
Andreas Steffen [Mon, 18 Jun 2018 22:30:11 +0000 (00:30 +0200)]
swanctl: Support for QSKE mechanisms

2 weeks agovici: Support for QSKE mechanisms
Andreas Steffen [Mon, 18 Jun 2018 22:29:39 +0000 (00:29 +0200)]
vici: Support for QSKE mechanisms

2 weeks agoencoding: Transport of QSKE payload via IKE_AUX
Andreas Steffen [Mon, 18 Jun 2018 15:48:04 +0000 (17:48 +0200)]
encoding: Transport of QSKE payload via IKE_AUX

2 weeks agocrypto: Support for QSKE mechanisms
Andreas Steffen [Mon, 18 Jun 2018 15:43:11 +0000 (17:43 +0200)]
crypto: Support for QSKE mechanisms

A new transform type for Quantum-Safe Key Encapsulation (QSKE)
mechanisms is defined.

2 weeks agoike-config: If we don't send a CFG_REQUEST, we don't expect a CFG_REPLY
Tobias Brunner [Fri, 29 Mar 2019 10:05:42 +0000 (11:05 +0100)]
ike-config: If we don't send a CFG_REQUEST, we don't expect a CFG_REPLY

Previously, attributes in an incorrectly sent CFG_REPLY would still be passed
to attribute handlers.  This does not prevent handlers from receiving
unrequested attributes if they requested at least one other.

2 weeks agoike-config: Ignore unrequested virtual IP addresses
Tobias Brunner [Thu, 28 Mar 2019 17:44:08 +0000 (18:44 +0100)]
ike-config: Ignore unrequested virtual IP addresses

But forward them to handlers in case they requested them.

2 weeks agoMerge branch 'xfrmi'
Tobias Brunner [Thu, 4 Apr 2019 08:41:01 +0000 (10:41 +0200)]
Merge branch 'xfrmi'

This adds support for XFRM interfaces, which replace VTI devices and are
available with 4.19+ Linux kernels.

IPsec SAs and policies are associated with such interfaces via interface
IDs that can be configured on the CHILD_SA-level (dynamic IDs may
optionally be allocated for each instance and even direction) or on the
IKE_SA-level (again, dynamic IDs may be optionally allocated per IKE_SA).
IDs on an IKE_SA are inherited by all CHILD_SAs created under it, unless
the child configuration overrides them.

The effect the interface ID has on policies is similar to that of marks,
i.e. they won't match packets unless they are routed via interface with
matching interface ID.  So it's possible to negotiate e.g. as
traffic selector on both sides and then control the affected traffic via

It's possible to use separate interfaces for in- and outbound traffic (or
only use an interface in one direction and regular policies in the other).

Since iproute2 does not yet support XFRM interfaces, a small utility is
provided that allows creating and listing XFRM interfaces.

Interfaces may be created dynamically via updown/vici scripts or
statically (before or after establishing the SAs).  Routes must be added
manually as needed (the daemon will not install any routes for outbound
policies with an interface ID).

When moving XFRM interfaces to other network namespaces they retain access
to the SAs and policies created in the original namespace, which allows
providing IPsec tunnels for processes in other network namespaces without
giving them access to the IPsec keys or IKE credentials.

Fixes #2845.

2 weeks agotesting: Add scenario that uses IKE-specific interface IDs
Tobias Brunner [Mon, 25 Mar 2019 17:31:28 +0000 (18:31 +0100)]
testing: Add scenario that uses IKE-specific interface IDs

2 weeks agotesting: Install python-daemon with strongSwan for use in updown scripts
Tobias Brunner [Wed, 27 Mar 2019 10:13:41 +0000 (11:13 +0100)]
testing: Install python-daemon with strongSwan for use in updown scripts

2 weeks agotesting: Add /etc/resolv.conf when building strongSwan
Tobias Brunner [Wed, 27 Mar 2019 10:04:57 +0000 (11:04 +0100)]
testing: Add /etc/resolv.conf when building strongSwan

2 weeks agotesting: Enable Python eggs in testing environment (i.e. vici's Python bindings)
Tobias Brunner [Mon, 25 Mar 2019 13:28:21 +0000 (14:28 +0100)]
testing: Enable Python eggs in testing environment (i.e. vici's Python bindings)

2 weeks agoconfigure: Fix package version for python packages for developer releases
Tobias Brunner [Mon, 25 Mar 2019 13:26:11 +0000 (14:26 +0100)]
configure: Fix package version for python packages for developer releases

According to PEP 440 the suffix for development releases is .devN and
not just devN.

2 weeks agovici: Add support for interface ID configurable on IKE_SA
Tobias Brunner [Fri, 22 Mar 2019 17:33:46 +0000 (18:33 +0100)]
vici: Add support for interface ID configurable on IKE_SA

2 weeks agochild-sa: Pass default interface ID inherited from IKE_SA
Tobias Brunner [Fri, 22 Mar 2019 16:39:47 +0000 (17:39 +0100)]
child-sa: Pass default interface ID inherited from IKE_SA

Also pass optional arguments as struct.

2 weeks agoike-sa: Add property for interface ID
Tobias Brunner [Fri, 22 Mar 2019 16:19:51 +0000 (17:19 +0100)]
ike-sa: Add property for interface ID

2 weeks agoipsec-types: Move allocation of unique interface IDs to helper function
Tobias Brunner [Fri, 22 Mar 2019 16:18:00 +0000 (17:18 +0100)]
ipsec-types: Move allocation of unique interface IDs to helper function

2 weeks agopeer-cfg: Add property for interface ID
Tobias Brunner [Fri, 22 Mar 2019 15:23:59 +0000 (16:23 +0100)]
peer-cfg: Add property for interface ID

2 weeks agoxfrmi: Use helpers for nested Netlink attributes
Tobias Brunner [Fri, 8 Mar 2019 14:22:58 +0000 (15:22 +0100)]
xfrmi: Use helpers for nested Netlink attributes

2 weeks agokernel-netlink: Add helper functions for nested attributes
Tobias Brunner [Fri, 8 Mar 2019 14:20:40 +0000 (15:20 +0100)]
kernel-netlink: Add helper functions for nested attributes

2 weeks agotesting: Add scenarios that use XFRM interfaces
Tobias Brunner [Fri, 8 Feb 2019 17:57:38 +0000 (18:57 +0100)]
testing: Add scenarios that use XFRM interfaces

The network namespace scenario requires a kernel patch in 4.19 and 4.20
kernels (the fix is included in 5.0 kernels).

2 weeks agokernel-netlink: Don't install routes for CHILD_SAs with interface ID
Tobias Brunner [Fri, 1 Mar 2019 09:19:32 +0000 (10:19 +0100)]
kernel-netlink: Don't install routes for CHILD_SAs with interface ID

2 weeks agotesting: Enable XFRM interfaces and network namespaces in 4.19 and 5.0 kernel
Tobias Brunner [Tue, 19 Feb 2019 09:16:31 +0000 (10:16 +0100)]
testing: Enable XFRM interfaces and network namespaces in 4.19 and 5.0 kernel

2 weeks agoxfrmi: Move to a separate directory to fix monolithic build
Tobias Brunner [Wed, 13 Feb 2019 09:33:59 +0000 (10:33 +0100)]
xfrmi: Move to a separate directory to fix monolithic build

2 weeks agokernel-netlink: Add --list option to XFRM interfaces utility
Tobias Brunner [Tue, 12 Feb 2019 17:26:43 +0000 (18:26 +0100)]
kernel-netlink: Add --list option to XFRM interfaces utility

2 weeks agoswanctl: Report interface IDs in --list-sas
Tobias Brunner [Tue, 12 Feb 2019 15:20:12 +0000 (16:20 +0100)]
swanctl: Report interface IDs in --list-sas

2 weeks agovici: Report interface IDs
Tobias Brunner [Tue, 12 Feb 2019 11:13:41 +0000 (12:13 +0100)]
vici: Report interface IDs

2 weeks agoupdown: Pass interface ID to updown script
Tobias Brunner [Tue, 12 Feb 2019 11:11:10 +0000 (12:11 +0100)]
updown: Pass interface ID to updown script

2 weeks agoike: Reuse interface ID during CHILD_SA rekeyings
Tobias Brunner [Tue, 12 Feb 2019 10:59:38 +0000 (11:59 +0100)]
ike: Reuse interface ID during CHILD_SA rekeyings

2 weeks agochild-sa: Configure interface ID on SAs and policies
Tobias Brunner [Tue, 12 Feb 2019 10:39:11 +0000 (11:39 +0100)]
child-sa: Configure interface ID on SAs and policies

2 weeks agovici: Make interface ID configurable
Tobias Brunner [Tue, 12 Feb 2019 11:10:06 +0000 (12:10 +0100)]
vici: Make interface ID configurable

2 weeks agoipsec-types: Add helper to parse interface ID
Tobias Brunner [Tue, 12 Feb 2019 11:25:53 +0000 (12:25 +0100)]
ipsec-types: Add helper to parse interface ID

2 weeks agokernel-interface: Consider interface ID when allocating reqids
Tobias Brunner [Tue, 12 Feb 2019 10:10:04 +0000 (11:10 +0100)]
kernel-interface: Consider interface ID when allocating reqids

2 weeks agochild-cfg: Add property for interface ID
Tobias Brunner [Tue, 12 Feb 2019 09:19:36 +0000 (10:19 +0100)]
child-cfg: Add property for interface ID

2 weeks agokernel-netlink: Make interface ID configurable on SAs and policies
Tobias Brunner [Fri, 1 Feb 2019 16:29:20 +0000 (17:29 +0100)]
kernel-netlink: Make interface ID configurable on SAs and policies

2 weeks agoinclude: Add XFRM attribute identifier for interface ID
Tobias Brunner [Fri, 1 Feb 2019 12:53:29 +0000 (13:53 +0100)]
include: Add XFRM attribute identifier for interface ID

2 weeks agokernel-netlink: Add utility to create XFRM interfaces
Tobias Brunner [Fri, 1 Feb 2019 08:28:10 +0000 (09:28 +0100)]
kernel-netlink: Add utility to create XFRM interfaces

This is mainly to see what's necessary to create them (in case we
integrate this into the daemon) and to experiment in our testing
environment without having to add a patched version of iproute2 (the
4.20.0 version in stretch-backports doesn't support XFRM interfaces
yet).  The regular version of iproute2 can be used for other operations
with these interfaces (delete, up, addrs etc.).

2 weeks agokernel-netlink: Calculate length of Netlink messages correctly
Tobias Brunner [Fri, 1 Feb 2019 08:19:03 +0000 (09:19 +0100)]
kernel-netlink: Calculate length of Netlink messages correctly

This is relevant when adding e.g. strings whose length are not aligned.

2 weeks agoUse Botan 2.10.0 for tests
Tobias Brunner [Mon, 1 Apr 2019 09:01:46 +0000 (11:01 +0200)]
Use Botan 2.10.0 for tests

2 weeks agoVersion bump to 5.8.0dr2 5.8.0dr2
Andreas Steffen [Sat, 30 Mar 2019 16:11:34 +0000 (17:11 +0100)]
Version bump to 5.8.0dr2

2 weeks agotesting: Updated expired certificates
Andreas Steffen [Sat, 30 Mar 2019 16:10:51 +0000 (17:10 +0100)]
testing: Updated expired certificates

3 weeks agoTesting: Removed tnc/tnccs-20-server-retry scenario
Andreas Steffen [Fri, 29 Mar 2019 15:54:54 +0000 (16:54 +0100)]
Testing: Removed tnc/tnccs-20-server-retry scenario

3 weeks agoCorrected use of PB-TNC CRETRY and SRETRY batches
Andreas Steffen [Fri, 29 Mar 2019 14:33:24 +0000 (15:33 +0100)]
Corrected use of PB-TNC CRETRY and SRETRY batches

The PB-TNC finite state machine according to section 3.2 of RFC 5793
was not correctly implemented when sending either a CRETRY or SRETRY
batch. These batches can only be sent in the "Decided" state and a
CRETRY batch can immediately carry all messages usually transported
by a CDATA batch. strongSwan currently is not able to send a SRETRY
batch since full-duplex mode for PT-TLS isn't supported yet.

3 weeks agotesting: Disable gcrypt plugin for swanctl
Tobias Brunner [Thu, 28 Mar 2019 17:16:56 +0000 (18:16 +0100)]
testing: Disable gcrypt plugin for swanctl

Sometimes swanctl hangs when initializing the plugin and it apparently
gathers entropy.

3 weeks agoconf: Use actually configured path for strongswan.conf
Tobias Brunner [Fri, 22 Mar 2019 15:19:48 +0000 (16:19 +0100)]
conf: Use actually configured path for strongswan.conf

References #2984.

3 weeks agogenerator: Don't print any tainted values in DBG3 messages for U_INT_4
Tobias Brunner [Mon, 18 Mar 2019 12:58:52 +0000 (13:58 +0100)]
generator: Don't print any tainted values in DBG3 messages for U_INT_4

The bits not written to are marked tainted by valgrind, don't print
them in the debug messages.  Also use more specific printf-specifiers
for other values.

3 weeks agotrap-manager: Wait for install to finish before uninstalling
Sheena Mira-ato [Wed, 20 Mar 2019 23:30:56 +0000 (12:30 +1300)]
trap-manager: Wait for install to finish before uninstalling

There was a race condition between install() and uninstall()
where one thread was in the process of installing a trap
entry, and had destroyed the child_sa, while the other
thread was uninstalling the same trap entry and ended up
trying to destroy the already destroyed child_sa, resulting
in a segmentation fault in the destroy_entry() function.

The uninstall() function needs to wait until all the threads
are done with the installing before proceeding to uninstall
a trap entry.

Closes strongswan/strongswan#131.

5 weeks agosql: Handle %any better when looking up shared secrets
Tobias Brunner [Mon, 25 Feb 2019 09:30:59 +0000 (10:30 +0100)]
sql: Handle %any better when looking up shared secrets

This can be the case for IKEv1 since 419ae9a20a0b ("ikev1: Default remote
identity to %any for PSK lookup if not configured").

Closes strongswan/strongswan#128.

5 weeks agoMerge branch 'nm-ipv6'
Tobias Brunner [Thu, 14 Mar 2019 12:46:33 +0000 (13:46 +0100)]
Merge branch 'nm-ipv6'

Adds support for IPv6 to the NetworkManager backend and plugin.

Fixes #1143, #2586.

5 weeks agonm: Remove deprecated variables from
Tobias Brunner [Fri, 25 Jan 2019 10:19:40 +0000 (11:19 +0100)]
nm: Remove deprecated variables from

5 weeks agocharon-nm: Add IPv6 support
Tobias Brunner [Fri, 25 Jan 2019 09:56:19 +0000 (10:56 +0100)]
charon-nm: Add IPv6 support

5 weeks agocharon-nm: Handle IPv6 DNS server attributes
Tobias Brunner [Tue, 27 Sep 2016 09:48:07 +0000 (11:48 +0200)]
charon-nm: Handle IPv6 DNS server attributes

5 weeks agocharon-nm: Set local address to %any so IPv6 may be used as outer address
Tobias Brunner [Tue, 27 Sep 2016 08:12:53 +0000 (10:12 +0200)]
charon-nm: Set local address to %any so IPv6 may be used as outer address

5 weeks agocharon-nm: Request virtual IPv6 address and appropriate TS
Tobias Brunner [Wed, 6 Nov 2013 10:36:31 +0000 (11:36 +0100)]
charon-nm: Request virtual IPv6 address and appropriate TS

5 weeks agonm: Enable IPv6 tab in NM connection dialog
Tobias Brunner [Wed, 6 Nov 2013 10:32:25 +0000 (11:32 +0100)]
nm: Enable IPv6 tab in NM connection dialog

5 weeks agoforecast: Only reinject packets that are marked or from the configured interface
Tobias Brunner [Tue, 5 Feb 2019 16:21:21 +0000 (17:21 +0100)]
forecast: Only reinject packets that are marked or from the configured interface

This seems to avoid broadcast loops (i.e. processing and reinjecting the
same broadcast packet over and over again) as the packets we send via
AF_PACKET socket are neither marked nor from that interface.

5 weeks agokernel-netlink: Use address labels instead of deprecation for IPv6 virtual IPs
Tobias Brunner [Tue, 3 Apr 2018 13:01:20 +0000 (15:01 +0200)]
kernel-netlink: Use address labels instead of deprecation for IPv6 virtual IPs

In order to avoid that the kernel uses virtual tunnel IPs for traffic
over physical interfaces we previously deprecated the virtual IP.  While
this is working it is not ideal.  This patch adds address labels for
virtual IPs, which should force the kernel to avoid such addresses to
reach any destination unless there is an explicit route that uses it as
source address.

5 weeks agoMerge branch 'android-updates'
Tobias Brunner [Thu, 14 Mar 2019 09:56:07 +0000 (10:56 +0100)]
Merge branch 'android-updates'

Adds a copy function for VPN profiles and an option to set custom DNS

5 weeks agotesting: Prolonged Duck end entity certificate
Andreas Steffen [Wed, 13 Mar 2019 17:37:20 +0000 (18:37 +0100)]
testing: Prolonged Duck end entity certificate