This also restores the charon.signature_authentication_constraints
functionality, that is, if no explicit IKE signature schemes are
configured we apply all regular signature constraints as IKE constraints.
The structs that make up a message sent to the kernel have all to be
aligned with XT_ALIGN. That was not necessarily the case when
initializing the complete message as struct.
Fixes#1212.
If the IKEv2 initiator acting as a TNC server receives invalid TNC measurements
from the IKEv2 responder acting as a TNC clienti, the exchange of PB-TNC batches
is continued until the IKEv2 responder acting as a TNC server has also finished
its TNC measurements.
In the past if these measurements in the other direction were correct
the IKEv2 responder acting as EAP server declared the IKEv2 EAP authentication
successful and the IPsec connection was established even though the TNC
measurement verification on the EAP peer side failed.
The fix adds an "allow" group membership on each endpoint if the corresponding
TNC measurements of the peer are successful. By requiring a "allow" group
membership in the IKEv2 connection definition the IPsec connection succeeds
only if the TNC measurements on both sides are valid.
Otherwise, libcharon's dependency on kernel-ipsec can't be satisfied.
This changed with db61c37690 ("kernel-interface: Return bool for
kernel interface registration") as the registration of further
kernel-ipsec implementations now fails and therefore even if other
plugins are loaded the dependency will not be satisfied anymore.
References #953.
To handle Phase 2 exchanges on the other HA host we need to sync the last
block of the last Phase 1 message (or the last expected IV). If the
gateway is the initiator of a Main Mode SA the last message is an
inbound message. When handling such messages the expected IV is not
updated until it is successfully decrypted so we can't sync the IV
when processing the still encrypted (!plain) message. However, as responder,
i.e. if the last message is an outbound message, the reverse applies, that
is, we get the next IV after successfully encrypting the message, not
while handling the plain message.
Fixes#1267.
It is required for IKEv1 to determine the DH group of the CHILD SAs
during rekeying. It also fixes the status output for HA SAs, which so
far haven't shown the DH group on the passive side.
Fixes#1267.
- Switch.pm, which was implemented as a source filter, has been deprecated in
Perl 5.10 and was later removed from the core modules in Perl 5.14 or so.
Unfortunately, its replacement, the given/when/default construct, has since
been downgraded to "experimental" status because of problems with the underlying
"smart-match" operator.
Thus, as of Perl 5.22, Perl still has no actually usable "switch"-like construct.
So just use boring, old and ugly "if/elsif/else" constructs instead, which are
compatible with almost any Perl version.
- None of the Perl modules here does anything that would require "AutoLoader".
- "Exporter" can be used to export plain functions into another modules name
space. But the things that were exported here are meant to be called as
methods. In this case, it is neither necessary nor advisable to export those
symbols.
Just export nothing (the POD documentation already said so).
- It is usually the calling script that enables (or does not enable) warnings
globally. When a module says "use warnings;" however, the caller looses control
over what warnings should be enabled in that module.
Tobias Brunner