Tobias Brunner
bf5d0693ef
id-payload: Enable multiple calls to get_ts() for subnet traffic selectors
...
The second call resulted in a /32 subnet previously.
2014-12-05 09:32:38 +01:00
Tobias Brunner
7459f3a5ac
ikev2: Fix handling of more than one hash-and-URL certificate payloads
2014-12-04 11:33:38 +01:00
Martin Willi
e61841a211
Merge branch 'wfp-drop-firewall'
...
Introduces ALE layer WFP rules to accept tunnel mode packets in Windows
stateful packet filtering if default-drop policies are used.
2014-12-04 11:11:47 +01:00
Martin Willi
e1a448314f
kernel-wfp: Install outbound ALE connect rules for IPsec
...
Similar to the inbound rules, the ALE filter processes IP-in-IP packets for
outbound tunnel mode traffic. When using an outbound default-drop policy,
Windows does not allow connection initiation without these explicit rules.
2014-12-04 11:10:48 +01:00
Martin Willi
a8142a17cf
kernel-wfp: Install inbound ALE IP-in-IP filters
...
When processing inbound tunnel mode packets, Windows decrypts packets and
filters them as IP-in-IP packets. We therefore require an ALE filter that
calls the FWPM_CALLOUT_IPSEC_INBOUND_TUNNEL_ALE_ACCEPT callout to allow them
when using a default-drop policy.
Without these rules, any outbound packet created an ALE state that allows
inbound packets as well. Processing inbound packets without any outbound
traffic fails without these rules.
2014-12-04 11:10:48 +01:00
Martin Willi
070461b70d
kernel-wfp: Add missing IPsec sublayer GUIDs
2014-12-04 11:10:48 +01:00
Martin Willi
a21338a43e
kernel-wfp: Define IPsec related ALE layers and callout GUIDs
2014-12-04 11:10:48 +01:00
Martin Willi
4d48dfd6a3
kernel-wfp: Fix logging of MM/QM/EM NetEvent failures
2014-12-04 11:10:48 +01:00
Martin Willi
b164cc8e15
vici: Make sure to send/recv all requested bytes over socket
...
As the underlying C functions, send/recv on ruby sockets are not guaranteed
to send/recv all requested bytes. Use wrapper functions to make sure we get
all bytes needed.
2014-12-04 10:42:22 +01:00
Martin Willi
dcae0a3935
updown: Inverse comment of VPN_LOGGING variable, as it is enabled by default
...
Fixes #780 .
2014-12-02 15:02:41 +01:00
Andreas Steffen
32d19652f1
Version bump to 5.2.2dr1
2014-11-29 15:00:10 +01:00
Andreas Steffen
9b01a061ec
Increased check size du to INITIAL_CONTACT notify
2014-11-29 14:57:41 +01:00
Andreas Steffen
c02ebf1ecd
Renewed expired certificates
2014-11-29 14:51:18 +01:00
Andreas Steffen
b6bb32e658
Implemented full BLISS support for IKEv2 public key authentication and the pki tool
2014-11-29 14:51:18 +01:00
Andreas Steffen
43d9247599
Created ikev2/rw-ntru-bliss scenario
2014-11-29 14:51:18 +01:00
Andreas Steffen
0d8a3f5d01
Applied bit packing to BLISS public key
2014-11-29 14:51:18 +01:00
Andreas Steffen
bf749fa1fb
Wipe BLISS private key memory
2014-11-29 14:51:17 +01:00
Andreas Steffen
b352ee4266
Created bliss_bitpacker class to encode BLISS signatures
2014-11-29 14:51:17 +01:00
Andreas Steffen
7143667bdd
Skip the unused bits field of the ASN.1 BIT STRING encoding
2014-11-29 14:51:17 +01:00
Andreas Steffen
5a50e364e6
Store NTT A of BLISS public key a
2014-11-29 14:51:17 +01:00
Andreas Steffen
3e1f6edc5a
unit-tests: created bliss_sign test suite
2014-11-29 14:51:17 +01:00
Andreas Steffen
e71813e56d
Finished BLISS signature generation
2014-11-29 14:51:17 +01:00
Andreas Steffen
edd72b6bb9
Implemented Gaussian rejection sampler
...
The bliss_sampler class uses the mgf1_bitspender as a
pseudo-random source.
2014-11-29 14:51:16 +01:00
Andreas Steffen
72bb7eec9c
Implemented get_byte() method for mgf1_bitspender class
...
The new get_byte() method returns a pseudo-random byte at a time.
Changed the get_bits() interface to the same interface as get_byte().
Updated the mgf1 unit-tests accordingly.
2014-11-29 14:51:16 +01:00
Andreas Steffen
5f7a9ea9c3
Added support for BLISS-III
2014-11-29 14:51:16 +01:00
Andreas Steffen
f673966b9f
Started implementing BLISS signature generation
2014-11-29 14:51:16 +01:00
Andreas Steffen
56009f2001
Store and parse BLISS private and public keys in DER and PEM format
...
Additionally generate SHA-1 fingerprints of raw BLISS subjectPublicKey
and subjectPublicKeyInfo objects.
Some basic functions used by the bliss_public_key class are shared
with the bliss_private_key class.
2014-11-29 14:51:16 +01:00
Andreas Steffen
37bfe44358
unit-tests: Created separate mgf1 test suite
2014-11-29 14:51:16 +01:00
Andreas Steffen
8614d1214d
Use mgf1_bitspender in ntru_poly_create_from_seed
2014-11-29 14:51:15 +01:00
Andreas Steffen
64a5cacde5
Use mgf1_bitspender to generate random secret key
2014-11-29 14:51:15 +01:00
Andreas Steffen
988d477145
Implemented bitspender based on the MGF1 mask generator function
2014-11-29 14:51:15 +01:00
Andreas Steffen
c3664d8ee1
unit-tests: Added bliss_fft test suite
2014-11-29 14:51:15 +01:00
Andreas Steffen
1d3e080877
Moved mgf1 class to libstrongswan/crypto/mgf1
2014-11-29 14:51:15 +01:00
Andreas Steffen
73a327404d
Defined BLISS I and IV parameter sets
2014-11-29 14:51:14 +01:00
Andreas Steffen
6d31c7ef74
Added BLISS OIDs in ITA-HSR OID tree
2014-11-29 14:51:14 +01:00
Andreas Steffen
8c751b6119
Implemented Number Theoretic Transform using the FFT algorithm
...
By pre-multiplying the input arrays with a linear phase the
fast multiplication via FFT and inverse FFT computes a negative
wrapped convolution corresponding to a modulus of x^n+1.
2014-11-29 14:51:14 +01:00
Andreas Steffen
9d5b91d198
Created framework for BLISS post-quantum signature algorithm
2014-11-29 14:51:14 +01:00
Martin Willi
4ef819a379
libtls: Catch POLLHUP/NVAL in TLS socket splicing
...
If one of the sockets gets disconnected, some systems return POLLHUP. Signal
the socket as ready to let the read/write call fail properly.
2014-11-28 15:53:50 +01:00
Martin Willi
015fb3134d
watcher: Proper handle poll() POLLHUP/NVAL signaling
...
poll() may return POLLHUP or POLLNVAL for given file descriptors. To handle
these properly, we signal them to the EXCEPT watcher state, if registered. If
not, we call the read/write callbacks, so they can properly fail when trying
to read from or write to the file descriptor.
2014-11-28 12:50:34 +01:00
Martin Willi
02fd29acc1
windows: Properly set errno for read/write functions using Winsock
2014-11-28 12:45:58 +01:00
Martin Willi
f1773fee43
ikev2: Fix ike_rekey switch statement broken with last commit
2014-11-24 10:03:26 +01:00
Martin Willi
8891ed5478
ikev2: Prevent IKE_SA rekeying if we are currently retrying a CHILD_SA rekey
2014-11-21 12:51:20 +01:00
Martin Willi
c39b0c883d
controller: Keep following initiate() if the first DH guess was wrong
2014-11-21 12:51:19 +01:00
Martin Willi
013857ad79
child-sa: Introduce a CHILD_RETRYING state to detect DH group retries
2014-11-21 12:51:19 +01:00
Martin Willi
f6f3b0db11
Merge branch 'poll'
...
Replace relevant uses of select() by poll(). poll(2) avoids the difficulties
we have with more than 1024 open file descriptors, and seems to be fairly
portable.
Fixes #757 .
2014-11-21 12:49:07 +01:00
Martin Willi
89f19ef876
windows: Move the compatibility header to the compat subfolder
2014-11-21 12:02:08 +01:00
Martin Willi
aec3d5fb7f
apple: Wrap accept() and recvfrom() with poll(2) instead of select
2014-11-21 12:02:08 +01:00
Martin Willi
f65779dd0f
apple: Introduce a central compatibility header with all __APPLE__ quirks
2014-11-21 12:02:08 +01:00
Martin Willi
6e1d3f3615
watcher: Use Windows read/write(2) wrappers instead of compile-conditions
2014-11-21 12:02:08 +01:00
Martin Willi
a301a9c939
windows: Provide a write(2) wrapper that uses send(2) on sockets
2014-11-21 12:02:08 +01:00