Commit Graph

13680 Commits

Author SHA1 Message Date
Noel Kuntze d1d5659ead ike-vendor: Add option to send Cisco FLexVPN vendor ID
A new global option enables sending this vendor ID to prevent Cisco
devices from narrowing the initiator's local traffic selector to the
requested virtual IP, so e.g. 0.0.0.0/0 can be used instead.

This has been tested with a "tunnel mode ipsec ipv4" Cisco template but
should also work for GRE encapsulation.

Closes strongswan/strongswan#180.
2020-09-10 12:01:44 +02:00
Tobias Brunner dc0c20600f libipsec: Enable code coverage
Same as with libtls.
2020-09-09 13:25:30 +02:00
Tobias Brunner ed1ba70894 libtls: Enable code coverage
While the test runner was already correctly set up, the library itself
was not and no coverage was reported for any of its files.
2020-09-09 13:25:30 +02:00
Tobias Brunner d5d6d671fb leak-detective: Whitelist OPENSSL_init_ssl()
These leaks are reported with OpenSSL 1.1.0+ if the mysql plugin is loaded.
2020-09-09 13:25:30 +02:00
Tobias Brunner 1496991078 leak-detective: Whitelist leaks that occur on Debian buster 2020-09-03 15:24:37 +02:00
Tobias Brunner 766017a8d3 libimcv: Add Debian 10.5 to IMV database 2020-09-03 13:34:19 +02:00
Tobias Brunner bdd058e36c imv-scanner: Fix potential buffer overflow
While `pos` was moved to the end, `len` was not adjusted (i.e. set to 0)
so later calls could write beyond the buffer.  However, the last port
written might have been incomplete, so instead we just reset the string.
2020-08-18 14:05:04 +02:00
Tobias Brunner 3f8eb2ebdf aesni: Remove useless algorithm assignments 2020-08-18 13:17:24 +02:00
Tobias Brunner 0ce2e00d94 vici: Don't use pytest-pycodestyle with Python 3.5
This causes problems due to a deprecation error during the Ubuntu Xenial
build on Travis.
2020-08-17 15:22:34 +02:00
Tobias Brunner 61af9a3478 vici: Fix typos in comments 2020-07-23 14:50:17 +02:00
Tobias Brunner edc7752802 unit-tests: Fix cancel_onoff test
If it takes a while to start one of the threads, another thread might already
have passed the usleep() call previously used and re-enabled cancelability
so that the loop that checked for it would never terminate.
2020-07-20 15:49:44 +02:00
Tobias Brunner 8a4e30ccef unit-tests: Print a header for each test function/iteration if verbosity is >= 0 2020-07-20 14:29:28 +02:00
Tobias Brunner 5c43a5bfa7 unit-tests: Add ability to filter test cases and functions 2020-07-20 14:29:12 +02:00
Tobias Brunner f77e8c171c openssl: Use consistent ifdefs to disable x25519/448
When compiling with OPENSSL_NO_ECDH but without OPENSSL_NO_EC the build
failed.
2020-07-20 14:10:05 +02:00
Tobias Brunner 3c5e7eaa88 vici: Keep track of all CA certificates in vici_authority_t
This way we only have one reference for each CA certificate, whether it
is loaded in an authority section, a connection or via load-certs() command.
It also avoids enumerating CA certificates multiple times if they are
loaded in different ways.
2020-07-20 14:05:39 +02:00
Tobias Brunner 3d3d5235aa object: Add helper for callbacks with two void pointers 2020-07-20 14:05:39 +02:00
Tobias Brunner d8a2c58229 vici: Make attribute certificates untrusted again
Fixes: 334119b843 ("Share vici_cert_info.c with vici_cred.c")
2020-07-20 14:05:39 +02:00
Tobias Brunner 6fc1b2c3d3 vici: Clear credential cache when unloading an authority section 2020-07-20 14:05:38 +02:00
Tobias Brunner 46ff268885 vici: Directly provide CA certificates in authority sections
With the previous approach, CA certificates that were not re-loaded via
load-cert() (e.g. from tokens or via absolute paths) would not be available
anymore after the clear-creds() command was used.  This avoids this
issue, but can cause duplicate CA certificates to get stored and enumerated,
so there might be a scaling factor.
2020-07-20 14:05:38 +02:00
Tobias Brunner 306c0c9f8e certificate: Extract helper function to filter certificates 2020-07-20 14:05:38 +02:00
Tobias Brunner 93b2c2066f hashtable: Use quadratic probing
This reduces the clustering problem (primary clustering) but is not
completely free of it (secondary clustering) it still reduces the maximum
and average probing lengths.
2020-07-20 13:50:11 +02:00
Tobias Brunner 736fae4e6c vici: Store configs in a hashtable
This makes updates more efficient if many configs are loaded. Configs
still have to be enumerated to select them.
2020-07-20 13:50:11 +02:00
Tobias Brunner 45376040ce hashtable: Maintain insertion order when enumerating
With the previous approach we'd require at least an additional pointer
per item to store them in a list (15-18% increase in the overhead per
item).  Instead we switch from handling collisions with overflow lists to
an open addressing scheme and store the actual table as variable-sized
indices pointing into an array of all inserted items in their original
order.

This can reduce the memory overhead even compared to the previous
implementation (especially for smaller tables), but because the array for
items is preallocated whenever the table is resized, it can be worse for
certain numbers of items.  However, avoiding all the allocations required
by the previous design is actually a big advantage.

Depending on the usage pattern, the performance can improve quite a bit (in
particular when inserting many items).  The raw lookup performance is a bit
slower as probing lengths increase with open addressing, but there are some
caching benefits due to the compact storage.  So for general usage the
performance should be better.  For instance, one test I did was counting the
occurrences of words in a list of 1'000'000 randomly selected words from a
dictionary of ~58'000 words (i.e. using a counter stored under each word as
key).  The new implementation was ~8% faster on average while requiring
10% less memory.

Since we can't remove items from the array (would change the indices of all
items that follow it) we just mark them as removed and remove them once the
hash table is resized/rehashed (the cells in the hash table for these may
be reused).  Due to this the latter may also happen if the number of stored
items does not increase e.g. after a series of remove/put operations (each
insertion requires storage in the array, no matter if items were removed).
So if the capacity is exhausted, the table is resized/rehashed (after lots
of removals the size may even be reduced) and all items marked as removed
are simply skipped.

Compared to the previous implementation the load factor/capacity is
lowered to reduce chances of collisions and to avoid primary clustering to
some degree.  However, the latter in particular, but the open addressing
scheme in general, make this implementation completely unsuited for the
get_match() functionality (purposefully hashing to the same value and,
therefore, increasing the probing length and clustering).  And keeping the
keys optionally sorted would complicate the code significantly.  So we just
keep the existing hashlist_t implementation without adding code to maintain
the overall insertion order (we could add that feature optionally later, but
with the mentioned overhead for one or two pointers).

The maximum size is currently not changed.  With the new implementation
this translates to a hard limit for the maximum number of items that can be
held in the table (=CAPACITY(MAX_SIZE)).  Since this equals 715'827'882
items with the current settings, this shouldn't be a problem in practice,
the table alone would require 20 GiB in memory for that many items.  The
hashlist_t implementation doesn't have that limitation due to the overflow
lists (it can store beyond it's capacity) but it itself would require over
29 GiB of memory to hold that many items.
2020-07-20 13:50:11 +02:00
Tobias Brunner d9944102f5 hashlist: Move get_match() and sorting into a separate class
The main intention here is that we can change the hashtable_t
implementation without being impeded by the special requirements imposed
by get_match() and sorting the keys/items in buckets.
2020-07-20 13:50:11 +02:00
Tobias Brunner 4334f61284 unit-tests: Pass test iteration to fixtures 2020-07-20 13:50:11 +02:00
Tobias Brunner 31e6ca78df hashtable: Optionally collect and report profiling data 2020-07-20 13:50:11 +02:00
Tobias Brunner 87ceaefe2f hashtable: Optionally sort keys/items in buckets in a specific way
This can improve negative lookups, but is mostly intended to be used
with get_match() so keys/items can be matched/enumerated in a specific
order.  It's like storing sorted linked lists under a shared key but
with less memory overhead.
2020-07-20 13:50:11 +02:00
Tobias Brunner c66c850fc0 hashtable: Store items in buckets in insertion order
This is more predictable when using get_match() in particular because
the order does not change anymore when the table is rehashed.
2020-07-20 13:50:11 +02:00
Tobias Brunner 54a2b35f07 unit-tests: Add tests for larger number of items in hashtables 2020-07-20 13:50:11 +02:00
Tobias Brunner 13d302e95a unit-tests: Optionally report the times test cases ran 2020-07-20 13:50:11 +02:00
Tobias Brunner fd94c1301e kernel-netlink: Ignore preference for temporary addresses for IPv6 VIPs
They are not marked as temporary addresses so make sure we always return
them whether temporary addresses are preferred as source addresses or not
as we need to enumerate them when searching for addresses in traffic selectors
to install routes.

Fixes: 9f12b8a61c ("kernel-netlink: Enumerate temporary IPv6 addresses according to config")
2020-07-07 10:01:46 +02:00
Tobias Brunner 10a913685f charon-nm: Set DPD/close action to restart and enable indefinite keying tries
We don't track CHILD_SA down events anymore and rely on NM's initial timeout
to let the user know if the connection failed initially.  So we also don't
have to explicitly differentiate between initial connection failures and
later ones like we do an Android.  Also, with the default retransmission
settings, there will only be one keying try as NM's timeout is lower than
the combined retransmission timeout of 165s.

There is no visual indicator while the connection is reestablished later.

Fixes #3300.
2020-07-06 13:47:16 +02:00
Tobias Brunner feda4a3d37 vici: With start_action=start, terminate IKE_SA without children on unload
This includes IKE_SAs in CONNECTING state, which not yet have any
CHILD_SAs.

Closes strongswan/strongswan#175.
2020-07-01 15:59:41 +02:00
Boris Vanhoof 6870a9b590 eap-radius: Small spelling fix
Closes strongswan/strongswan#174.
2020-06-29 09:44:19 +02:00
Tobias Brunner 33412158f5 ike: Send AEAD ESP default proposal first
We generally prefer AEAD nowadays.

References #3461.
2020-06-12 13:47:13 +02:00
Tobias Brunner c7bef954ee proposal: Add AES-GCM to the ESP default AEAD proposal
References #3461.
2020-06-12 13:45:58 +02:00
Tobias Brunner bc40509057 ikev2: Ensure ALERT_RETRANSMIT_SEND_CLEARED is triggered
If a MOBIKE task is deferred, the retransmission counter is reset to 0
when reinitiating.  So if there were retransmits before, this alert would
not be triggered if a response is received now without retransmits.
2020-06-11 13:33:32 +02:00
Tobias Brunner 364d8b2628 ikev1: Ensure local IP is known as identity fallback during Main Mode
We usually have a local IP already via ike_sa_t::resolve_hosts() before
build_i() is called but if that's not the case, it's more likely we have
one after we processed the first response (it might also have changed).
There is a potential chance we still don't have one if the socket API
doesn't provide us with the destination address of received messages,
but that seems not very likely nowadays.
2020-06-11 13:29:47 +02:00
Tobias Brunner 59ebdac49b child-create: Don't reset DH group when retrying after INVALID_KE_PAYLOAD
migrate() is called before retrying.

Fixes: 0184a69b7b ("child-create: Properly handle DH group during
migration when reestablishing")
2020-06-05 16:41:23 +02:00
Tobias Brunner 736ac65554 ikev1: Fix PSK lookup for Main Mode initiators
We need the PSK/identity already when deriving the keys in process_i().

Fixes: 1665a4e050 ("ikev1: Use actual local identity as initiator or aggressive mode responder")
2020-06-05 14:26:30 +02:00
Tobias Brunner 62367f2c01 ike: Fix retransmission timeouts if base is <= 1
Fixes: 72b282cf20 ("ike: Properly support high number of retransmission tries")
2020-06-05 13:44:00 +02:00
Tobias Brunner a5e4322348 android: New release after improving connectivity/scheduling 2020-06-02 14:55:58 +02:00
Tobias Brunner eadba6d225 android: Suppress linting error in manifest related to cert import activity
<data> tags that only specify the mimeType attribute are perfectly fine
according to the docs.
2020-06-02 14:42:48 +02:00
Tobias Brunner 93d6fe3e4a android: Ignore some missing quantity lint errors
Once these strings are translated and the quantities are defined, this
attribute can be removed again.
2020-06-02 14:42:45 +02:00
Tobias Brunner 84924249aa android: Mock parseInetAddress() method to fix unit tests
The native parseInetAddressBytes() method called by that method is not
available when running the tests.

Not very pretty and there are some warnings because PowerMock does
reflection in some illegal way but it fixes the unit tests and does
not require any new dependencies like Apache Commons or Guava just to
parse IP addresses without DNS lookup.

Fixes: 2ef473be15 ("android: Use helper to parse IP addresses where appropriate")
Fixes #3443.
2020-06-02 14:42:38 +02:00
Tobias Brunner 04f4bef235 android: Add a preference flag to ignore battery optimizations
This allows users to ignore whether the app is on the device's power
whitelist without a warning.  The flag is currently not set
automatically if the user denies the request.
2020-06-02 14:07:06 +02:00
Tobias Brunner 5d01aaf91d android: Increase lifetimes a bit
This should avoid clashes of soft and hard lifetimes even if the app is
not whitelisted.
2020-06-02 14:07:06 +02:00
Tobias Brunner a0d32a2d13 android: Ask user to add our app to the device's power whitelist
This is necessary so we can actually schedule events accurately in Doze
mode. Otherwise, we'd only get woken in intervals of several minutes (up to
15 according to the docs) after about an hour.
2020-06-02 14:07:06 +02:00
Tobias Brunner d67a5b0c4d android: Use the default scheduler for short-term events
Using AlarmManager has quite some overhead, so we use our regular
scheduler for events that are to be executed in the near future.
2020-06-02 14:07:06 +02:00
Tobias Brunner 1b4c4123c2 android: Use Android-specific scheduler on Android 6 and later 2020-06-02 14:07:06 +02:00