Commit Graph

17510 Commits

Author SHA1 Message Date
Tobias Brunner 2e522952c7 configure: Optionally use version information obtained from Git in executables
The variable GIT_VERSION is always defined, either obtained from Git or
a file that is embedded in tarballs when they are built.  Optionally,
that version is declared as VERSION in config.h so it will be used e.g. in
the daemons when they print the version number.

There is a check that should catch missing tags (i.e. if the version number
in AC_INIT() isn't a prefix of the version obtained via Git).
2020-07-20 14:10:52 +02:00
Tobias Brunner f77e8c171c openssl: Use consistent ifdefs to disable x25519/448
When compiling with OPENSSL_NO_ECDH but without OPENSSL_NO_EC the build
failed.
2020-07-20 14:10:05 +02:00
Tobias Brunner 6f9d5ea0f1 Merge branch 'vici-ca-certs'
These changes store all CA certificates in vici_authority_t, which avoids
issues with unloading authority sections or clearing credentials.

Closes strongswan/strongswan#172.
2020-07-20 14:07:47 +02:00
Tobias Brunner 3c5e7eaa88 vici: Keep track of all CA certificates in vici_authority_t
This way we only have one reference for each CA certificate, whether it
is loaded in an authority section, a connection or via load-certs() command.
It also avoids enumerating CA certificates multiple times if they are
loaded in different ways.
2020-07-20 14:05:39 +02:00
Tobias Brunner 3d3d5235aa object: Add helper for callbacks with two void pointers 2020-07-20 14:05:39 +02:00
Tobias Brunner d8a2c58229 vici: Make attribute certificates untrusted again
Fixes: 334119b843 ("Share vici_cert_info.c with vici_cred.c")
2020-07-20 14:05:39 +02:00
Tobias Brunner 6fc1b2c3d3 vici: Clear credential cache when unloading an authority section 2020-07-20 14:05:38 +02:00
Tobias Brunner 46ff268885 vici: Directly provide CA certificates in authority sections
With the previous approach, CA certificates that were not re-loaded via
load-cert() (e.g. from tokens or via absolute paths) would not be available
anymore after the clear-creds() command was used.  This avoids this
issue, but can cause duplicate CA certificates to get stored and enumerated,
so there might be a scaling factor.
2020-07-20 14:05:38 +02:00
Tobias Brunner 306c0c9f8e certificate: Extract helper function to filter certificates 2020-07-20 14:05:38 +02:00
Tobias Brunner dd7505af3e Merge branch 'ordered-hashtable'
This changes the hashtable implementation to that it maintains insertion
order.  This is then used in the vici plugin to store connections in a
hash table instead of a linked list, which makes managing them quite a
bit faster if there are lots of connections.

The old implementation is extracted into a new class (hashlist_t), which
optionally supports sorting keys and provides the previous get_match()
function.
2020-07-20 14:03:27 +02:00
Tobias Brunner 93b2c2066f hashtable: Use quadratic probing
This reduces the clustering problem (primary clustering) but is not
completely free of it (secondary clustering) it still reduces the maximum
and average probing lengths.
2020-07-20 13:50:11 +02:00
Tobias Brunner 736fae4e6c vici: Store configs in a hashtable
This makes updates more efficient if many configs are loaded. Configs
still have to be enumerated to select them.
2020-07-20 13:50:11 +02:00
Tobias Brunner 45376040ce hashtable: Maintain insertion order when enumerating
With the previous approach we'd require at least an additional pointer
per item to store them in a list (15-18% increase in the overhead per
item).  Instead we switch from handling collisions with overflow lists to
an open addressing scheme and store the actual table as variable-sized
indices pointing into an array of all inserted items in their original
order.

This can reduce the memory overhead even compared to the previous
implementation (especially for smaller tables), but because the array for
items is preallocated whenever the table is resized, it can be worse for
certain numbers of items.  However, avoiding all the allocations required
by the previous design is actually a big advantage.

Depending on the usage pattern, the performance can improve quite a bit (in
particular when inserting many items).  The raw lookup performance is a bit
slower as probing lengths increase with open addressing, but there are some
caching benefits due to the compact storage.  So for general usage the
performance should be better.  For instance, one test I did was counting the
occurrences of words in a list of 1'000'000 randomly selected words from a
dictionary of ~58'000 words (i.e. using a counter stored under each word as
key).  The new implementation was ~8% faster on average while requiring
10% less memory.

Since we can't remove items from the array (would change the indices of all
items that follow it) we just mark them as removed and remove them once the
hash table is resized/rehashed (the cells in the hash table for these may
be reused).  Due to this the latter may also happen if the number of stored
items does not increase e.g. after a series of remove/put operations (each
insertion requires storage in the array, no matter if items were removed).
So if the capacity is exhausted, the table is resized/rehashed (after lots
of removals the size may even be reduced) and all items marked as removed
are simply skipped.

Compared to the previous implementation the load factor/capacity is
lowered to reduce chances of collisions and to avoid primary clustering to
some degree.  However, the latter in particular, but the open addressing
scheme in general, make this implementation completely unsuited for the
get_match() functionality (purposefully hashing to the same value and,
therefore, increasing the probing length and clustering).  And keeping the
keys optionally sorted would complicate the code significantly.  So we just
keep the existing hashlist_t implementation without adding code to maintain
the overall insertion order (we could add that feature optionally later, but
with the mentioned overhead for one or two pointers).

The maximum size is currently not changed.  With the new implementation
this translates to a hard limit for the maximum number of items that can be
held in the table (=CAPACITY(MAX_SIZE)).  Since this equals 715'827'882
items with the current settings, this shouldn't be a problem in practice,
the table alone would require 20 GiB in memory for that many items.  The
hashlist_t implementation doesn't have that limitation due to the overflow
lists (it can store beyond it's capacity) but it itself would require over
29 GiB of memory to hold that many items.
2020-07-20 13:50:11 +02:00
Tobias Brunner d9944102f5 hashlist: Move get_match() and sorting into a separate class
The main intention here is that we can change the hashtable_t
implementation without being impeded by the special requirements imposed
by get_match() and sorting the keys/items in buckets.
2020-07-20 13:50:11 +02:00
Tobias Brunner 4334f61284 unit-tests: Pass test iteration to fixtures 2020-07-20 13:50:11 +02:00
Tobias Brunner 31e6ca78df hashtable: Optionally collect and report profiling data 2020-07-20 13:50:11 +02:00
Tobias Brunner 87ceaefe2f hashtable: Optionally sort keys/items in buckets in a specific way
This can improve negative lookups, but is mostly intended to be used
with get_match() so keys/items can be matched/enumerated in a specific
order.  It's like storing sorted linked lists under a shared key but
with less memory overhead.
2020-07-20 13:50:11 +02:00
Tobias Brunner c66c850fc0 hashtable: Store items in buckets in insertion order
This is more predictable when using get_match() in particular because
the order does not change anymore when the table is rehashed.
2020-07-20 13:50:11 +02:00
Tobias Brunner 54a2b35f07 unit-tests: Add tests for larger number of items in hashtables 2020-07-20 13:50:11 +02:00
Tobias Brunner 13d302e95a unit-tests: Optionally report the times test cases ran 2020-07-20 13:50:11 +02:00
Tobias Brunner fd94c1301e kernel-netlink: Ignore preference for temporary addresses for IPv6 VIPs
They are not marked as temporary addresses so make sure we always return
them whether temporary addresses are preferred as source addresses or not
as we need to enumerate them when searching for addresses in traffic selectors
to install routes.

Fixes: 9f12b8a61c ("kernel-netlink: Enumerate temporary IPv6 addresses according to config")
2020-07-07 10:01:46 +02:00
Tobias Brunner 10a913685f charon-nm: Set DPD/close action to restart and enable indefinite keying tries
We don't track CHILD_SA down events anymore and rely on NM's initial timeout
to let the user know if the connection failed initially.  So we also don't
have to explicitly differentiate between initial connection failures and
later ones like we do an Android.  Also, with the default retransmission
settings, there will only be one keying try as NM's timeout is lower than
the combined retransmission timeout of 165s.

There is no visual indicator while the connection is reestablished later.

Fixes #3300.
2020-07-06 13:47:16 +02:00
Tobias Brunner feda4a3d37 vici: With start_action=start, terminate IKE_SA without children on unload
This includes IKE_SAs in CONNECTING state, which not yet have any
CHILD_SAs.

Closes strongswan/strongswan#175.
2020-07-01 15:59:41 +02:00
Boris Vanhoof 6870a9b590 eap-radius: Small spelling fix
Closes strongswan/strongswan#174.
2020-06-29 09:44:19 +02:00
Tobias Brunner f2d240954a testing: Skip tests with missing files, don't abort the test run
This allows simple test configs in testing/tests/local that are no
actual test cases.
2020-06-23 16:24:18 +02:00
Andreas Steffen d470422974 Version bump to 5.9.0dr2 2020-06-14 12:15:44 +02:00
Tobias Brunner 84bce03a64 testing: Fix SQL scenarios after preferring AEAD for ESP
sql/net2net-route|start-pem seem to be the only ones that configure a
proposal via database.
2020-06-12 13:45:58 +02:00
Tobias Brunner 4261f915d6 testing: Fix ikev2/net2net-fragmentation scenario
The IKE_AUTH message from moon is now larger because of the AEAD proposal.
2020-06-12 13:45:58 +02:00
Tobias Brunner 33412158f5 ike: Send AEAD ESP default proposal first
We generally prefer AEAD nowadays.

References #3461.
2020-06-12 13:47:13 +02:00
Tobias Brunner c7bef954ee proposal: Add AES-GCM to the ESP default AEAD proposal
References #3461.
2020-06-12 13:45:58 +02:00
Tobias Brunner bc40509057 ikev2: Ensure ALERT_RETRANSMIT_SEND_CLEARED is triggered
If a MOBIKE task is deferred, the retransmission counter is reset to 0
when reinitiating.  So if there were retransmits before, this alert would
not be triggered if a response is received now without retransmits.
2020-06-11 13:33:32 +02:00
Tobias Brunner 4b225bf866 travis: Don't pipe negative lgtm.com result into jq
The data might not be valid JSON.
2020-06-11 13:29:47 +02:00
Tobias Brunner 364d8b2628 ikev1: Ensure local IP is known as identity fallback during Main Mode
We usually have a local IP already via ike_sa_t::resolve_hosts() before
build_i() is called but if that's not the case, it's more likely we have
one after we processed the first response (it might also have changed).
There is a potential chance we still don't have one if the socket API
doesn't provide us with the destination address of received messages,
but that seems not very likely nowadays.
2020-06-11 13:29:47 +02:00
Andreas Steffen 12e4dbb231 Version bump to 5.9.0dr1 2020-06-06 15:02:42 +02:00
Tobias Brunner 59ebdac49b child-create: Don't reset DH group when retrying after INVALID_KE_PAYLOAD
migrate() is called before retrying.

Fixes: 0184a69b7b ("child-create: Properly handle DH group during
migration when reestablishing")
2020-06-05 16:41:23 +02:00
Tobias Brunner 736ac65554 ikev1: Fix PSK lookup for Main Mode initiators
We need the PSK/identity already when deriving the keys in process_i().

Fixes: 1665a4e050 ("ikev1: Use actual local identity as initiator or aggressive mode responder")
2020-06-05 14:26:30 +02:00
Tobias Brunner 62367f2c01 ike: Fix retransmission timeouts if base is <= 1
Fixes: 72b282cf20 ("ike: Properly support high number of retransmission tries")
2020-06-05 13:44:00 +02:00
Tobias Brunner a5e4322348 android: New release after improving connectivity/scheduling 2020-06-02 14:55:58 +02:00
Tobias Brunner 763f07c531 travis: Add build of the Android app 2020-06-02 14:42:38 +02:00
Tobias Brunner eadba6d225 android: Suppress linting error in manifest related to cert import activity
<data> tags that only specify the mimeType attribute are perfectly fine
according to the docs.
2020-06-02 14:42:48 +02:00
Tobias Brunner 93d6fe3e4a android: Ignore some missing quantity lint errors
Once these strings are translated and the quantities are defined, this
attribute can be removed again.
2020-06-02 14:42:45 +02:00
Tobias Brunner 84924249aa android: Mock parseInetAddress() method to fix unit tests
The native parseInetAddressBytes() method called by that method is not
available when running the tests.

Not very pretty and there are some warnings because PowerMock does
reflection in some illegal way but it fixes the unit tests and does
not require any new dependencies like Apache Commons or Guava just to
parse IP addresses without DNS lookup.

Fixes: 2ef473be15 ("android: Use helper to parse IP addresses where appropriate")
Fixes #3443.
2020-06-02 14:42:38 +02:00
Tobias Brunner a22a1493c3 Merge branch 'android-scheduler'
Starting with Android 6, the system will aggressively suspend apps when
the device is idle (Doze mode).  With Android 10 on a Pixel 4 this seems
to happen after about 70 minutes.  Then the scheduler thread in our
default scheduler is only woken rarely, combined with our previous use
of the monotonic clock it meant that events were executed with severe
delays and noticing that there was such a delay.  This was particularly
bad in regards to NAT keepalives as it usually meant that the device was
not reachable anymore from the outside.

Some changes here try to improve that situation, e.g. the clock is switched
to CLOCK_REALTIME (Bionic doesn't support CLOCK_BOOTTIME for condvars) so we
can measure the actual difference e.g. since the last outbound message,
other changes try to ensure that connectivity is restored after being asleep
for a while (send DPD instead of keepalive after a long delay, send DPD even
if path to peer stays the same).

However, the most significant change is the replacement of the default
scheduler with one specifically designed for Android.  It schedules
long-term events via AlarmManager, which allows waking up the app even
if the system put it to sleep.  The latter requires adding the app to the
system's battery optimization whitelist, which is requested from the
user automatically if necessary.  With this, NAT keepalives and rekeyings
are now scheduled accurately, with little changes to the battery usage.
If the app is not whitelisted (there is a setting to ignore this), events
are delayed by up to 15 minutes after about 70 minutes, so behind a NAT
the device won't be reachable from the outside afterwards (connectivity
should be restored as soon as the device is woken from deep sleep by the
user).

Fixes #3364.
2020-06-02 14:34:31 +02:00
Tobias Brunner 04f4bef235 android: Add a preference flag to ignore battery optimizations
This allows users to ignore whether the app is on the device's power
whitelist without a warning.  The flag is currently not set
automatically if the user denies the request.
2020-06-02 14:07:06 +02:00
Tobias Brunner 5d01aaf91d android: Increase lifetimes a bit
This should avoid clashes of soft and hard lifetimes even if the app is
not whitelisted.
2020-06-02 14:07:06 +02:00
Tobias Brunner a0d32a2d13 android: Ask user to add our app to the device's power whitelist
This is necessary so we can actually schedule events accurately in Doze
mode. Otherwise, we'd only get woken in intervals of several minutes (up to
15 according to the docs) after about an hour.
2020-06-02 14:07:06 +02:00
Tobias Brunner d67a5b0c4d android: Use the default scheduler for short-term events
Using AlarmManager has quite some overhead, so we use our regular
scheduler for events that are to be executed in the near future.
2020-06-02 14:07:06 +02:00
Tobias Brunner 1b4c4123c2 android: Use Android-specific scheduler on Android 6 and later 2020-06-02 14:07:06 +02:00
Tobias Brunner b7d66ae2cd android: Add Android-specific implementation of scheduler_t
This uses AlarmManager to schedule events in a way that ensures the app
is woken up (requires whitelisting when in Doze mode to be woken up at
the exact time, otherwise there are delays of up to 15 minutes).
2020-06-02 14:07:06 +02:00
Tobias Brunner aaa908dc0a scheduler: Use timercmp(3) instead of a custom function 2020-06-02 14:07:06 +02:00