Updated entity name in copyright statements

This is needed, because the standard mandates that the remote entity
must be configured as ims (mimicking the APN setting I think), but on
the other hand the ePDG will identify itself with its FQDN in the end. I
tested this and this is currently the only way to do it with strongswan
I think, because you cannot configure different identities.

.appveyor.yml

@@ -3,6 +3,7 @@ clone_depth: 50
 image:
   - Visual Studio 2015
   - Visual Studio 2017
+  - Visual Studio 2019
 
 environment:
   global:
@@ -18,12 +19,21 @@ environment:
     #  bits: 32
 
 install:
+  - tzutil /s "Central European Standard Time"
   - set MSYS_SH=C:\msys%BITS%\usr\bin\sh.exe
   - set MSYSTEM=MINGW%BITS%
   - set TEST=win%BITS%
+  - |
+      set IMG=%APPVEYOR_BUILD_WORKER_IMAGE:~-4%
+      set OPENSSL=OpenSSL
+      IF "%IMG%" == "2017" set OPENSSL=OpenSSL-v11
+      IF "%IMG%" == "2019" set OPENSSL=OpenSSL-v111
+      set OPENSSL_DIR=/c/%OPENSSL%-%TEST%
+      C:\%OPENSSL%-%TEST%\bin\openssl.exe version -a
 
 build_script:
   - '%MSYS_SH% --login -c ". /etc/profile && cd $APPVEYOR_BUILD_FOLDER && ./scripts/test.sh deps"'
 
 test_script:
+  - '%MSYS_SH% --login -c ". /etc/profile && touch /$MSYSTEM/etc/strongswan.conf"'
   - '%MSYS_SH% --login -c ". /etc/profile && cd $APPVEYOR_BUILD_FOLDER && ./scripts/test.sh"'

.cirrus.yml

@@ -1,12 +1,12 @@
 freebsd_instance:
-  image: freebsd-12-0-release-amd64
+  image_family: freebsd-12-2
 
 env:
   TESTS_REDUCED_KEYLENGTHS: yes
   LEAK_DETECTIVE: no
   MONOLITHIC: no
   TEST: freebsd
-  TRAVIS_OS_NAME: freebsd
+  OS_NAME: freebsd
 
 task:
   install_script: ./scripts/test.sh deps

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,35 @@
+---
+name: "🐛 Bug report"
+about: Report a reproducible bug or regression
+labels: bug, needs triage
+---
+
+<!--
+IMPORTANT: Please use the [discussion forum](https://github.com/strongswan/strongswan/discussions)
+for questions and configuration problems etc., only report actual bugs here.
+Your issue will otherwise be closed immediately.
+-->
+
+**System (please complete the following information):**
+ - OS: [e.g. Ubuntu 20.04]
+ - Kernel version (if applicable): [e.g. 5.10]
+ - strongSwan version(s): [e.g. 5.9.2]
+ - Tested/confirmed with the latest version: [yes/no]
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+Steps to reproduce the behavior:
+1. ...
+2. ...
+3. ...
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Logs/Backtraces**
+If applicable, add logs or backtraces to help explain your problem.
+
+**Additional context**
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,5 @@
+blank_issues_enabled: false
+contact_links:
+  - name: "🤔 Question and Help"
+    url: https://github.com/strongswan/strongswan/discussions
+    about: This issue tracker is not for support questions. Please refer to the strongSwan community's help and discussion forum

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,23 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+labels: enhancement, needs triage
+---
+
+<!--
+IMPORTANT: Please consider discussing the requested feature in the
+[forum](https://github.com/strongswan/strongswan/discussions) first.
+-->
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is.
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions, workarounds or
+features you've considered.
+
+**Additional context**
+Add any other context about the feature request here.

.github/actions/default/action.yml

@@ -0,0 +1,16 @@
+name: "Default CI Build Steps"
+runs:
+  using: "composite"
+  steps:
+    - name: "Install Dependencies"
+      run: ./scripts/test.sh deps
+      shell: bash
+    - name: "Install Python Dependencies"
+      run: ./scripts/test.sh pydeps
+      shell: bash
+    - name: "Build Dependencies"
+      run: ./scripts/test.sh build-deps
+      shell: bash
+    - name: "Build/Tests"
+      run: ./scripts/test.sh
+      shell: bash

.github/workflows/android.yml

@@ -0,0 +1,54 @@
+name: Android
+
+on: [push, pull_request]
+
+env:
+  CCACHE_BASEDIR: ${{ github.workspace }}
+  CCACHE_COMPRESS: true
+  CCACHE_MAXSIZE: 400M
+  CC: gcc
+  OS_NAME: linux
+
+jobs:
+  pre-check:
+    runs-on: ubuntu-latest
+    outputs:
+      should_skip: ${{ steps.skip-check.outputs.should_skip }}
+    steps:
+      - id: skip-check
+        uses: fkirc/skip-duplicate-actions@master
+        with:
+          concurrent_skipping: 'same_content'
+
+  android:
+    needs: pre-check
+    if: ${{ needs.pre-check.outputs.should_skip != 'true' }}
+    runs-on: ubuntu-latest
+    env:
+      TEST: android
+      # since the NDK is newly installed every time, we have to use this to avoid cache misses
+      CCACHE_COMPILERCHECK: content
+    steps:
+      # even though we don't specify a specific version in our gradle files, the
+      # build fails without this because some arbitrary NDK version, that's
+      # weirdly not installed, is requested
+      - name: Install NDK
+        run: yes | sudo ${ANDROID_HOME}/tools/bin/sdkmanager --install 'ndk;21.0.6113669'
+      - uses: actions/checkout@v2
+      - uses: actions/cache@v2
+        with:
+          path: ~/.ccache
+          key: ccache-android-${{ github.ref }}:${{ github.sha }}
+          restore-keys: |
+            ccache-android-${{ github.ref }}:
+            ccache-android-
+      - run: |
+          sudo apt-get install -qq ccache
+          echo "PATH=/usr/lib/ccache:$PATH" >> $GITHUB_ENV
+          ccache -z
+      - uses: ./.github/actions/default
+      - run: ccache -s
+      - uses: actions/upload-artifact@v2
+        with:
+          name: Lint Results
+          path: src/frontends/android/app/build/reports/lint-results.xml

.github/workflows/lgtm.yml

@@ -0,0 +1,37 @@
+name: lgtm.com
+
+on: [push]
+
+env:
+  OS_NAME: linux
+
+jobs:
+  pre-check:
+    runs-on: ubuntu-latest
+    outputs:
+      should_skip: ${{ steps.skip-check.outputs.should_skip }}
+    steps:
+      - id: skip-check
+        uses: fkirc/skip-duplicate-actions@master
+        with:
+          concurrent_skipping: 'same_content'
+
+  lgtm:
+    needs: pre-check
+    if: ${{ needs.pre-check.outputs.should_skip != 'true' }}
+    runs-on: ubuntu-latest
+    env:
+      TEST: lgtm
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      # we don't use github/codeql-action because we can't exclude queries there,
+      # so we continue to use the approach we used on Travis
+      - env:
+          LGTM_TOKEN: ${{ secrets.LGTM_TOKEN }}
+          LGTM_PROJECT: ${{ secrets.LGTM_PROJECT }}
+          BUILD_NUMBER: ${{ github.run_id }}
+          COMMIT_ID: ${{ github.sha }}
+          COMMIT_BASE: ${{ github.event.before }}
+        uses: ./.github/actions/default

.github/workflows/linux.yml

@@ -0,0 +1,200 @@
+name: Linux
+
+on: [push, pull_request]
+
+env:
+  # this test case does not actually test anything but tries to access system
+  # directories that might be inaccessible on build hosts
+  TESTS_CASES_EXCLUDE: sw_collector
+  TESTS_REDUCED_KEYLENGTHS: yes
+  CCACHE_BASEDIR: ${{ github.workspace }}
+  CCACHE_COMPRESS: true
+  CCACHE_MAXSIZE: 200M
+  OS_NAME: linux
+
+jobs:
+  pre-check:
+    runs-on: ubuntu-latest
+    outputs:
+      should_skip: ${{ steps.skip-check.outputs.should_skip }}
+    steps:
+      - id: skip-check
+        uses: fkirc/skip-duplicate-actions@master
+        with:
+          concurrent_skipping: 'same_content'
+
+  latest:
+    needs: pre-check
+    if: ${{ needs.pre-check.outputs.should_skip != 'true' }}
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        test: [ all, default, printf-builtin ]
+        compiler: [ gcc, clang ]
+        leak-detective: [ no, yes ]
+        monolithic: [ no, yes ]
+        exclude:
+          # leaks will show up whether we build monolithic or not
+          - leak-detective: yes
+            monolithic: yes
+          # monolithic builds don't affect the printf-hook implementation
+          - test: printf-builtin
+            monolithic: yes
+        include:
+          - test: apidoc
+          - test: coverage
+          - test: dist
+          - test: nm-no-glib
+          - test: fuzzing
+            compiler: clang
+            monolithic: yes
+    env:
+      LEAK_DETECTIVE: ${{ matrix.leak-detective || 'no' }}
+      MONOLITHIC: ${{ matrix.monolithic || 'no' }}
+      CC: ${{ matrix.compiler || 'gcc' }}
+      TEST: ${{ matrix.test }}
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/cache@v2
+        with:
+          path: ~/.ccache
+          # with regards to ccache, monolithic builds don't differ from regular
+          # builds and, similarly, builds with leak-detective only differ in two
+          # files (LD itself and library.c); but different tests build different
+          # dependencies, so different caches are needed
+          key: ccache-${{ runner.os }}-${{ env.CC }}-${{ matrix.test }}-${{ github.ref }}:${{ github.sha }}
+          restore-keys: |
+            ccache-${{ runner.os }}-${{ env.CC }}-${{ matrix.test }}-${{ github.ref }}:
+            ccache-${{ runner.os }}-${{ env.CC }}-${{ matrix.test }}-
+            ccache-${{ runner.os }}-${{ env.CC }}-
+      - run: |
+          sudo apt-get install -qq ccache
+          echo "PATH=/usr/lib/ccache:$PATH" >> $GITHUB_ENV
+          ccache -z
+      - uses: ./.github/actions/default
+      - run: ccache -s
+      - if: ${{ success() && matrix.test == 'coverage' }}
+        run: bash <(curl -s https://codecov.io/bash)
+      - if: ${{ failure() }}
+        uses: actions/upload-artifact@v2
+        with:
+          name: Logs ${{ github.job }}
+          path: config.log
+          retention-days: 5
+
+  crypto-plugins:
+    needs: pre-check
+    if: ${{ needs.pre-check.outputs.should_skip != 'true' }}
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        test: [ botan, wolfssl, openssl, gcrypt ]
+        leak-detective: [ no, yes ]
+    env:
+      LEAK_DETECTIVE: ${{ matrix.leak-detective || 'no' }}
+      TEST: ${{ matrix.test }}
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/cache@v2
+        with:
+          path: ~/.ccache
+          key: ccache-${{ runner.os }}-${{ env.CC }}-${{ matrix.test }}-${{ github.ref }}:${{ github.sha }}
+          restore-keys: |
+            ccache-${{ runner.os }}-${{ env.CC }}-${{ matrix.test }}-${{ github.ref }}:
+            ccache-${{ runner.os }}-${{ env.CC }}-${{ matrix.test }}-
+            ccache-${{ runner.os }}-${{ env.CC }}-
+            ccache-${{ runner.os }}-${{ env.CC }}-all-${{ github.ref }}:${{ github.sha }}
+            ccache-${{ runner.os }}-${{ env.CC }}-all-${{ github.ref }}:
+            ccache-${{ runner.os }}-${{ env.CC }}-all-
+            ccache-${{ runner.os }}-${{ env.CC }}-
+      - run: |
+          sudo apt-get install -qq ccache
+          echo "PATH=/usr/lib/ccache:$PATH" >> $GITHUB_ENV
+          ccache -z
+      - uses: ./.github/actions/default
+      - run: ccache -s
+      - if: ${{ failure() }}
+        uses: actions/upload-artifact@v2
+        with:
+          name: Logs ${{ github.job }}
+          path: config.log
+          retention-days: 5
+
+  bionic:
+    needs: pre-check
+    if: ${{ needs.pre-check.outputs.should_skip != 'true' }}
+    runs-on: ubuntu-18.04
+    strategy:
+      matrix:
+        test: [ all ]
+        compiler: [ gcc, clang ]
+        include:
+          - test: nm
+    env:
+      LEAK_DETECTIVE: ${{ matrix.leak-detective || 'no' }}
+      CC: ${{ matrix.compiler || 'gcc' }}
+      TEST: ${{ matrix.test }}
+      UBUNTU_BIONIC: yes
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/cache@v2
+        with:
+          path: ~/.ccache
+          key: ccache-bionic-${{ env.CC }}-${{ matrix.test }}-${{ github.ref }}:${{ github.sha }}
+          restore-keys: |
+            ccache-bionic-${{ env.CC }}-${{ matrix.test }}-${{ github.ref }}:
+            ccache-bionic-${{ env.CC }}-${{ matrix.test }}-
+            ccache-bionic-${{ env.CC }}-
+      - run: |
+          sudo apt-get install -qq ccache
+          echo "PATH=/usr/lib/ccache:$PATH" >> $GITHUB_ENV
+          ccache -z
+      - uses: ./.github/actions/default
+      - run: ccache -s
+      - if: ${{ failure() }}
+        uses: actions/upload-artifact@v2
+        with:
+          name: Logs ${{ github.job }}
+          path: config.log
+          retention-days: 5
+
+  xenial:
+    needs: pre-check
+    if: ${{ needs.pre-check.outputs.should_skip != 'true' }}
+    runs-on: ubuntu-16.04
+    strategy:
+      matrix:
+        test: [ all ]
+        compiler: [ gcc, clang ]
+        include:
+          - test: openssl-1.0
+          - test: openssl-1.0
+            leak-detective: yes
+    env:
+      LEAK_DETECTIVE: ${{ matrix.leak-detective || 'no' }}
+      CC: ${{ matrix.compiler || 'gcc' }}
+      TEST: ${{ matrix.test }}
+      # this is the default with newer versions and fixes builds with clang
+      CCACHE_CPP2: true
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/cache@v2
+        with:
+          path: ~/.ccache
+          key: ccache-xenial-${{ env.CC }}-${{ matrix.test }}-${{ github.ref }}:${{ github.sha }}
+          restore-keys: |
+            ccache-xenial-${{ env.CC }}-${{ matrix.test }}-${{ github.ref }}:
+            ccache-xenial-${{ env.CC }}-${{ matrix.test }}-
+            ccache-xenial-${{ env.CC }}-
+      - run: |
+          sudo apt-get install -qq ccache
+          echo "PATH=/usr/lib/ccache:$PATH" >> $GITHUB_ENV
+          ccache -z
+      - uses: ./.github/actions/default
+      - run: ccache -s
+      - if: ${{ failure() }}
+        uses: actions/upload-artifact@v2
+        with:
+          name: Logs ${{ github.job }}
+          path: config.log
+          retention-days: 5

.github/workflows/macos.yml

@@ -0,0 +1,49 @@
+name: macOS
+
+on: [push, pull_request]
+
+env:
+  TESTS_REDUCED_KEYLENGTHS: yes
+  CCACHE_BASEDIR: ${{ github.workspace }}
+  CCACHE_COMPRESS: true
+  CCACHE_MAXSIZE: 100M
+  OS_NAME: macos
+
+jobs:
+  pre-check:
+    runs-on: ubuntu-latest
+    outputs:
+      should_skip: ${{ steps.skip-check.outputs.should_skip }}
+    steps:
+      - id: skip-check
+        uses: fkirc/skip-duplicate-actions@master
+        with:
+          concurrent_skipping: 'same_content'
+
+  macos:
+    needs: pre-check
+    if: ${{ needs.pre-check.outputs.should_skip != 'true' }}
+    runs-on: macos-latest
+    env:
+      TEST: macos
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/cache@v2
+        with:
+          path: ~/Library/Caches/ccache
+          key: ccache-${{ runner.os }}-${{ github.ref }}:${{ github.sha }}
+          restore-keys: |
+            ccache-${{ runner.os }}-${{ github.ref }}:
+            ccache-${{ runner.os }}-
+      - run: |
+          brew install ccache
+          echo "PATH=$(brew --prefix)/opt/ccache/libexec:$PATH" >> $GITHUB_ENV
+          ccache -z
+      - uses: ./.github/actions/default
+      - run: ccache -s
+      - if: ${{ failure() }}
+        uses: actions/upload-artifact@v2
+        with:
+          name: Logs ${{ github.job }}
+          path: config.log
+          retention-days: 5

.github/workflows/sonarcloud.yml

@@ -0,0 +1,65 @@
+name: SonarCloud
+
+on: [push]
+
+env:
+  CCACHE_BASEDIR: ${{ github.workspace }}
+  CCACHE_COMPRESS: true
+  CCACHE_MAXSIZE: 200M
+  OS_NAME: linux
+
+jobs:
+  pre-check:
+    runs-on: ubuntu-latest
+    outputs:
+      should_skip: ${{ steps.skip-check.outputs.should_skip }}
+    steps:
+      - id: skip-check
+        uses: fkirc/skip-duplicate-actions@master
+        with:
+          concurrent_skipping: 'same_content'
+
+  sonarcloud:
+    needs: pre-check
+    if: ${{ needs.pre-check.outputs.should_skip != 'true' }}
+    runs-on: ubuntu-latest
+    env:
+      TEST: sonarcloud
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - uses: actions/cache@v2
+        with:
+          path: |
+            ~/.ccache
+            ~/.sonar-cache
+          key: ccache-sonarcloud-${{ github.ref }}:${{ github.sha }}
+          restore-keys: |
+            ccache-sonarcloud-${{ github.ref }}:
+            ccache-sonarcloud-
+      - run: |
+          sudo apt-get install -qq ccache
+          echo "PATH=/usr/lib/ccache:$PATH" >> $GITHUB_ENV
+          ccache -z
+      # using SonarSource/sonarcloud-github-action is currently not recommended
+      # for C builds, so we follow the "any CI" instructions
+      - name: Install sonar-scanner
+        env:
+          SONAR_SCANNER_VERSION: 4.4.0.2170
+        run: |
+          export SONAR_SCANNER_HOME=$HOME/.sonar/sonar-scanner-$SONAR_SCANNER_VERSION-linux
+          curl --create-dirs -sSLo $HOME/.sonar/sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-$SONAR_SCANNER_VERSION-linux.zip
+          unzip -o $HOME/.sonar/sonar-scanner.zip -d $HOME/.sonar/
+          echo "SONAR_SCANNER_OPTS=-server" >> $GITHUB_ENV
+          curl --create-dirs -sSLo $HOME/.sonar/build-wrapper-linux-x86.zip https://sonarcloud.io/static/cpp/build-wrapper-linux-x86.zip
+          unzip -o $HOME/.sonar/build-wrapper-linux-x86.zip -d $HOME/.sonar/
+          echo "PATH=$HOME/.sonar/build-wrapper-linux-x86:$SONAR_SCANNER_HOME/bin:$PATH" >> $GITHUB_ENV
+      - env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          BUILD_NUMBER: ${{ github.run_id }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_PROJECT: ${{ secrets.SONAR_PROJECT }}
+          SONAR_ORGANIZATION: ${{ secrets.SONAR_ORGANIZATION }}
+        uses: ./.github/actions/default
+      - run: ccache -s

.github/workflows/windows.yml

@@ -0,0 +1,56 @@
+name: Windows
+
+on: [push, pull_request]
+
+env:
+  TESTS_REDUCED_KEYLENGTHS: yes
+  CCACHE_BASEDIR: ${{ github.workspace }}
+  CCACHE_COMPRESS: true
+  CCACHE_MAXSIZE: 200M
+  # since the compilers are newly installed every time, we have to use this to
+  # avoid cache misses
+  CCACHE_COMPILERCHECK: content
+  MONOLITHIC: yes
+
+jobs:
+  pre-check:
+    runs-on: ubuntu-latest
+    outputs:
+      should_skip: ${{ steps.skip-check.outputs.should_skip }}
+    steps:
+      - id: skip-check
+        uses: fkirc/skip-duplicate-actions@master
+        with:
+          concurrent_skipping: 'same_content'
+
+  cross-compile:
+    needs: pre-check
+    if: ${{ needs.pre-check.outputs.should_skip != 'true' }}
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        test: [ win64, win32 ]
+    env:
+      OS_NAME: linux
+      TEST: ${{ matrix.test }}
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/cache@v2
+        with:
+          path: ~/.ccache
+          key: ccache-${{ runner.os }}-${{ matrix.test }}-${{ github.ref }}:${{ github.sha }}
+          restore-keys: |
+            ccache-${{ runner.os }}-${{ matrix.test }}-${{ github.ref }}:
+            ccache-${{ runner.os }}-${{ matrix.test }}-
+      - run: |
+          sudo apt-get install -qq ccache
+          echo "PATH=/usr/lib/ccache:$PATH" >> $GITHUB_ENV
+          ccache -z
+      - uses: ./.github/actions/default
+      - run: ccache -s
+      - if: ${{ failure() }}
+        uses: actions/upload-artifact@v2
+        with:
+          name: Logs ${{ github.job }}
+          path: config.log
+          retention-days: 5

.lgtm.yml

@@ -0,0 +1,46 @@
+queries:
+  - exclude: cpp/fixme-comment
+  # this rule produces too many false positives due to our custom specifiers and
+  # the use of void pointers in swanctl
+  - exclude: cpp/wrong-type-format-argument
+
+extraction:
+  cpp:
+    prepare:
+      packages:
+        # for tss2
+        - libssl-dev
+        - libjson-c-dev
+        - libcurl4-openssl-dev
+    after_prepare:
+      - export DEPS_BUILD_DIR=$LGTM_WORKSPACE/deps
+      - mkdir -p $DEPS_BUILD_DIR
+      - export DEPS_PREFIX=$DEPS_BUILD_DIR/usr
+      - mkdir -p $DEPS_PREFIX
+      - export PKG_CONFIG_PATH="$DEPS_PREFIX/lib/pkgconfig:$PKG_CONFIG_PATH"
+      - export LD_LIBRARY_PATH="$DEPS_PREFIX/lib:$LD_LIBRARY_PATH"
+      - mkdir -p $LGTM_WORKSPACE/bin
+      # sudo doesn't work on the build hosts
+      - ln -s /usr/bin/nice $LGTM_WORKSPACE/bin/sudo
+      # for ldconfig we don't have enough permissions
+      - ln -s /bin/true $LGTM_WORKSPACE/bin/ldconfig
+      # likewise for apt-get
+      - ln -s /bin/echo $LGTM_WORKSPACE/bin/apt-get
+      - export PATH=$LGTM_WORKSPACE/bin:$PATH
+      - export TEST=all
+      - ./scripts/test.sh build-deps
+      - rm $LGTM_WORKSPACE/bin/*
+    configure:
+      command:
+        # follows the "all" build in test.sh (without custom-compiled stuff)
+        - ./autogen.sh
+        - ./configure --enable-all --disable-android-dns --disable-android-log
+            --disable-kernel-pfroute --disable-keychain
+            --disable-lock-profiler --disable-padlock --disable-fuzzing
+            --disable-osx-attr --disable-tkm --disable-uci
+            --disable-unwind-backtraces
+            --disable-svc --disable-dbghelp-backtraces --disable-socket-win
+            --disable-kernel-wfp --disable-kernel-iph --disable-winhttp
+            --disable-af-alg --disable-coverage
+            --disable-python-eggs-install
+            --disable-monolithic --disable-leak-detective

.lgtm/cpp-queries/chunk_from_chars.ql

@@ -0,0 +1,51 @@
+/**
+ * @name Invalid use of chunk_from_chars() macro
+ * @description The chunk_from_chars() macro creates a temporary chunk_t, which
+ *              is not defined outside of the block in which it has been used,
+ *              therefore, compilers might optimize out the assignment.
+ * @kind path-problem
+ * @problem.severity error
+ * @id strongswan/invalid-chunk-from-chars
+ * @tags correctness
+ * @precision very-high
+ */
+import cpp
+import DataFlow::PathGraph
+import semmle.code.cpp.dataflow.DataFlow
+
+class ChunkFromChars extends Expr {
+  ChunkFromChars() {
+    this = any(MacroInvocation mi |
+      mi.getOutermostMacroAccess().getMacroName() = "chunk_from_chars"
+      /* ignore global static uses of the macro */
+      and exists (Block b | mi.getExpr().getEnclosingBlock() = b)
+    ).getExpr()
+  }
+}
+
+class ChunkFromCharsUsage extends DataFlow::Configuration {
+  ChunkFromCharsUsage() { this = "ChunkFromCharsUsage" }
+
+  override predicate isSource(DataFlow::Node source) {
+    source.asExpr() instanceof ChunkFromChars
+  }
+
+  override predicate isSink(DataFlow::Node sink) {
+    exists(sink.asExpr())
+  }
+
+  override predicate isBarrierOut(DataFlow::Node node) {
+    /* don't track beyond function calls */
+    exists(FunctionCall fc | node.asExpr().getParent*() = fc)
+  }
+}
+
+Block enclosingBlock(Block b) {
+  result = b.getEnclosingBlock()
+}
+
+from ChunkFromCharsUsage usage, DataFlow::PathNode source, DataFlow::PathNode sink
+where
+  usage.hasFlowPath(source, sink)
+  and not source.getNode().asExpr().getEnclosingBlock() = enclosingBlock*(sink.getNode().asExpr().getEnclosingBlock())
+select source, source, sink, "Invalid use of chunk_from_chars() result in sibling/parent block."

.travis.yml

@@ -1,99 +0,0 @@
-language: c
-
-sudo: required
-dist: bionic
-
-# don't build tags separately
-if: tag IS blank
-
-compiler: gcc
-
-cache: ccache
-
-before_install:
-  - travis_retry ./scripts/test.sh deps
-  - travis_retry ./scripts/test.sh pydeps
-
-before_script:
-  - sudo sysctl -w net.ipv6.conf.all.disable_ipv6=0 || true
-
-script:
-  - ./scripts/test.sh
-
-after_success:
-  if [ "$TEST" == "coverage" ]; then
-    bash <(curl -s https://codecov.io/bash);
-  fi
-
-after_failure:
-  - cat config.log
-  - sleep 1
-
-env:
-  global:
-    - TESTS_REDUCED_KEYLENGTHS=yes
-    - LEAK_DETECTIVE=no
-    - MONOLITHIC=no
-
-matrix:
-  include:
-    - env: TEST=sonarcloud
-      if: type = push AND env(SONAR_TOKEN) IS present
-      git:
-        depth: false
-      addons:
-        sonarcloud:
-          organization: "strongswan"
-    - env: TEST=osx
-      compiler: clang
-      os: osx
-    - env: TEST=all
-    - env: TEST=all
-      compiler: clang
-    - env: TEST=all
-      dist: xenial
-    - env: TEST=all
-      dist: xenial
-      compiler: clang
-    - env: TEST=all MONOLITHIC=yes
-    - env: TEST=all MONOLITHIC=yes
-      compiler: clang
-    - env: TEST=all LEAK_DETECTIVE=yes
-    - env: TEST=all LEAK_DETECTIVE=yes
-      compiler: clang
-    - env: TEST=coverage
-    - env: TEST=fuzzing MONOLITHIC=yes
-      compiler: clang
-    - env: TEST=win64 MONOLITHIC=yes
-    - env: TEST=win32 MONOLITHIC=yes
-    - env: TEST=dist
-    # "default" with GCC is already tested with "dist" above
-    - env: TEST=default
-      compiler: clang
-    - env: TEST=default MONOLITHIC=yes
-    - env: TEST=default MONOLITHIC=yes
-      compiler: clang
-    - env: TEST=default LEAK_DETECTIVE=yes
-    - env: TEST=default LEAK_DETECTIVE=yes
-      compiler: clang
-    # we can't test Vstr as negative int args are not properly passed to CBs
-    - env: TEST=printf-builtin
-    - env: TEST=printf-builtin
-      compiler: clang
-    - env: TEST=printf-builtin LEAK_DETECTIVE=yes
-    - env: TEST=printf-builtin LEAK_DETECTIVE=yes
-      compiler: clang
-    # the crypto plugins are build-tested with clang via "all" above
-    - env: TEST=botan
-    - env: TEST=botan LEAK_DETECTIVE=yes
-    - env: TEST=wolfssl
-    - env: TEST=wolfssl LEAK_DETECTIVE=yes
-    - env: TEST=openssl
-    - env: TEST=openssl LEAK_DETECTIVE=yes
-    - env: TEST=openssl-1.0
-      dist: xenial
-    - env: TEST=openssl-1.0 LEAK_DETECTIVE=yes
-      dist: xenial
-    - env: TEST=gcrypt
-    - env: TEST=gcrypt LEAK_DETECTIVE=yes
-    - env: TEST=apidoc

Doxyfile.in

@@ -1990,12 +1990,6 @@ EXTERNAL_GROUPS        = YES
 
 EXTERNAL_PAGES         = YES
 
-# The PERL_PATH should be the absolute path and name of the perl script
-# interpreter (i.e. the result of 'which perl').
-# The default file (with absolute path) is: /usr/bin/perl.
-
-PERL_PATH              = /usr/bin/perl
-
 #---------------------------------------------------------------------------
 # Configuration options related to the dot tool
 #---------------------------------------------------------------------------
@@ -2009,15 +2003,6 @@ PERL_PATH              = /usr/bin/perl
 
 CLASS_DIAGRAMS         = YES
 
-# You can define message sequence charts within doxygen comments using the \msc
-# command. Doxygen will then run the mscgen tool (see:
-# http://www.mcternan.me.uk/mscgen/)) to produce the chart and insert it in the
-# documentation. The MSCGEN_PATH tag allows you to specify the directory where
-# the mscgen tool resides. If left empty the tool is assumed to be found in the
-# default search path.
-
-MSCGEN_PATH            =
-
 # You can include diagrams made with dia in doxygen documentation. Doxygen will
 # then run dia to produce the diagram and insert it in the documentation. The
 # DIA_PATH tag allows you to specify the directory where the dia binary resides.

Makefile.am

@@ -38,6 +38,9 @@ Android.common.mk :	Android.common.mk.in configure.ac
 		-e "s:\@PACKAGE_VERSION\@:$(PACKAGE_VERSION):" \
 		$(srcdir)/$@.in > $@
 
+dist-hook:
+		@echo $(GIT_VERSION) > $(distdir)/.tarball-git-version
+
 Doxyfile :	Doxyfile.in
 		$(AM_V_GEN) \
 		sed \

NEWS

@@ -1,9 +1,258 @@
+strongswan-5.9.3
+----------------
+
+- Added AES_ECB, SHA-3 and SHAKE-256 support to wolfssl plugin.
+
+- Added AES_CCM and SHA-3 signature support to openssl plugin.
+
+- The x509 and openssl plugins now consider the authorityKeyIdentifier, if
+  available, before verifying signatures, which avoids unnecessary signature
+  verifications after a CA key rollover if both certificates are loaded.
+
+- The pkcs11 plugin better handles optional attributes like CKA_TRUSTED, which
+  previously depended on a version check.
+
+- charon-nm now supports using SANs as client identities, not only full DNs.
+
+- charon-tkm now handles IKE encryption.
+
+- A MOBIKE update is sent again if a a change in the NAT mappings is detected
+  but the endpoints stay the same.
+
+- Converted most of the test case scenarios to the vici interface
+
+
+strongswan-5.9.2
+----------------
+
+- Together with a Linux 5.8 kernel supporting the IMA measurement of the GRUB
+  bootloader and the Linux kernel, the strongSwan Attestation IMC allows to do
+  remote attestation of the complete boot phase. A recent TPM 2.0 device with a
+  SHA-256 PCR bank is required, so that both BIOS and IMA file measurements are
+  based on SHA-256 hashes.
+
+- Our own TLS library (libtls) that we use for TLS-based EAP methods and PT-TLS
+  gained experimental support for TLS 1.3.  Thanks to Méline Sieber (client) and
+  Pascal Knecht (client and server) for their work on this.
+  Because the use of TLS 1.3 with these EAP methods is not yet standardized (two
+  Internet-Drafts are being worked on), the default maximum version is currently
+  set to TLS 1.2, which is now also the default minimum version. However the TNC
+  test scenarios using PT-TLS transport already use TLS 1.3.
+
+- Other improvements for libtls also affect older TLS versions. For instance, we
+  added support for ECDH with Curve25519/448 (DH groups may also be configured
+  now), for EdDSA keys and certificates and for RSA-PSS signatures. Support for
+  old and weak cipher suites has been removed (e.g. with 3DES and MD5) as well
+  as signature schemes with SHA-1.
+
+- The listener_t::ike_update event is now also called for MOBIKE updates. Its
+  signature has changed so we only have to call it once if both addresses/ports
+  have changed (e.g. for an address family switch).  The event is now also
+  exposed via vici.
+
+- The farp plugin has been ported to macOS and FreeBSD. Thanks to Dan James for
+  working on this.
+
+- To fix DNS server installation with systemd-resolved, charon-nm now creates a
+  dummy TUN device again (was removed with 5.5.1).
+
+- The botan plugin can use rng_t implementations provided by other plugins when
+  generating keys etc. if the Botan library supports it.
+
+- charon-tkm now supports multiple CAs and is configured via vici/swanctl.
+
+- Simple glob patterns (e.g. include conf.d/*.conf) now also work on Windows.
+  Handling of forward slashes in paths on Windows has also been improved.
+
+- The abbreviations for the 'surname' and 'serial number' RDNs in ASN.1 DNs have
+  been changed to align with RFC 4519: The abbreviation for 'surname' is now
+  "SN" (was "S" before), which was previously used for 'serial number' that can
+  now be specified as "serialNumber" only.
+
+- An issue with Windows clients requesting previous IPv6 but not IPv4 virtual
+  IP addresses has been fixed.
+
+- ike_sa_manager_t:  Checking out IKE_SAs by config is now atomic (e.g. when
+  acquires for different children of the same connection arrive concurrently).
+  The checkout_new() method has been renamed to create_new(). A new
+  checkout_new() method allows registering a new IKE_SA with the manager before
+  checking it in, so jobs can be queued without losing them as they can block
+  on checking out the new SA.
+
+
+strongswan-5.9.1
+----------------
+
+- Remote attestation via TNC supports the SHA-256 based TPM 2.0 BIOS/EFI
+  measurements introduced with the Linux 5.4 kernel.
+
+- Nonces in OCSP responses are not enforced anymore and only validated if a
+  nonce is actually contained.
+
+- Fixed an issue when only some fragments of a retransmitted IKEv2 message were
+  received, which prevented processing a following fragmented message.
+
+- All queued vici messages are now sent to subscribed clients during shutdown,
+  which includes ike/child-updown events triggered when all SAs are deleted.
+
+- CHILD_SA IP addresses are updated before installation to allow MOBIKE updates
+  while retransmitting a CREATE_CHILD_SA request.
+
+- When looking for a route to the peer, the kernel-netlink plugin ignores the
+  current source address if it's deprecated.
+
+- The file and syslog loggers support logging the log level of each message
+  after the subsystem (e.g. [IKE2]).
+
+- charon-nm is now properly terminated during system shutdown.
+
+- Improved support for EdDSA keys in vici/swanctl, in particular, encrypted
+  keys are now supported.
+
+- A new global strongswan.conf option allows sending the Cisco FlexVPN vendor ID
+  to prevent Cisco devices from narrowing a 0.0.0.0/0 traffic selector.
+
+- The openssl plugin accepts CRLs issued by non-CA certificates if they contain
+  the cRLSign keyUsage flag (the x509 plugin already does this since 4.5.1).
+
+- Attributes in PKCS#7 containers, as used in SCEP, are now properly
+  DER-encoded, i.e. sorted.
+
+- The load-tester plugin now supports virtual IPv6 addresses and IPv6 source
+  address pools.
+
+
+strongswan-5.9.0
+----------------
+
+- We prefer AEAD algorithms for ESP and therefore put AES-GCM in a default AEAD
+  proposal in front of the previous default proposal.
+
+- The NM backend now clears cached credentials when disconnecting, has DPD and
+  and close action set to restart, and supports custom remote TS via 'remote-ts'
+  option (no GUI support).
+
+- The pkcs11 plugin falls back to software hashing for PKCS#1v1.5 RSA signatures
+  if mechanisms with hashing (e.g. CKM_SHA256_RSA_PKCS) are not supported.
+
+- The owner/group of log files is now set so the daemon can reopen them if the
+  config is reloaded and it doesn't run as root.
+
+- The wolfssl plugin (with wolfSSL 4.4.0+) supports x448 DH and Ed448 keys.
+
+- The vici plugin stores all CA certificates in one location, which avoids
+  issues with unloading authority sections or clearing all credentials.
+
+- When unloading a vici connection with start_action=start, any related IKE_SAs
+  without children are now terminated (including those in CONNECTING state).
+
+- The hashtable implementation has been changed so it maintains insertion order.
+  This was mainly done so the vici plugin can store its connections in a
+  hashtable, which makes managing high numbers of connections faster.
+
+- The default maximum size for vici messages (512 KiB) can now be changed via
+  VICI_MESSAGE_SIZE_MAX compile option.
+
+- The charon.check_current_path option allows forcing a DPD exchange to check if
+  the current path still works whenever interface/address-changes are detected.
+
+- It's possible to use clocks other than CLOCK_MONOTONIC (e.g. CLOCK_BOOTTIME)
+  via TIME_CLOCK_ID compile option if clock_gettime() is available and
+  pthread_condattr_setclock() supports that clock.
+
+- Test cases and functions can now be filtered when running the unit tests.
+
+
+strongswan-5.8.4
+----------------
+
+- In IKEv1 Quick Mode make sure that a proposal exists before determining
+  lifetimes (fixes crash due to null pointer exception).
+
+- OpenSSL currently doesn't support squeezing bytes out of a SHAKE128/256
+  XOF (eXtended Output Function) multiple times.  Unfortunately,
+  EVP_DigestFinalXOF() completely resets the context and later calls not
+  simply fail, they cause a null-pointer dereference in libcrypto. This
+  fixes the crash at the cost of repeating initializing the whole state
+  and allocating too much data for subsequent calls.
+
+
+strongswan-5.8.3
+----------------
+
+- Updates for the NM backend (and plugin), among others: EAP-TLS authentication,
+  configurable local and remote IKE identities, custom server port, redirection
+  and reauthentication support.
+
+- Previously used reqids are now reallocated to workaround an issue on FreeBSD
+  where the daemon can't use reqids > 16383.
+
+- On Linux, throw type routes are installed for passthrough policies. They act
+  as fallbacks on routes in other tables and require less information, so they
+  can be installed earlier and are not affected by updates.
+
+- For IKEv1, the lifetimes of the selected transform are returned to the
+  initiator, which is an issue with peers that propose different lifetimes in
+  different transforms.  We also return the correct transform and proposal IDs.
+
+- IKE_SAs are not re-established anymore if a deletion has been queued.
+
+- Added support for Ed448 keys and certificates via openssl plugin and pki tool.
+  The openssl plugin also supports SHA-3 and SHAKE128/256.
+
+- The use of algorithm IDs from the private use ranges can now be enabled
+  globally, to use them even if no strongSwan vendor ID was exchanged.
+
+
 strongswan-5.8.2
 ----------------
 
+- Identity-based CA constraints are supported via vici/swanctl.conf. They
+  enforce that the remote's certificate chain contains a CA certificate with a
+  specific identity. While similar to the existing CA constraints, they don't
+  require that the CA certificate is locally installed such as intermediate CA
+  certificates received from peers. Compared to wildcard identity matching (e.g.
+  "..., OU=Research, CN=*") this requires less trust in the intermediate CAs (to
+  only issue certificates with legitimate subject DNs) as long as path length
+  basic constraints prevent them from issuing further intermediate CAs.
+
+- Intermediate CA certificates may now be sent in hash-and-URL encoding by
+  configuring a base URL for the parent CA.
+
 - Implemented NIST SP-800-90A Deterministic Random Bit Generator (DRBG)
   based on AES-CTR and SHA2-HMAC modes. Currently used by gmp and ntru plugins.
 
+- Random nonces sent in an OCSP requests are now expected in the corresponding
+  OCSP responses.
+
+- The kernel-netlink plugin ignores deprecated IPv6 addresses for MOBIKE.
+  Whether temporary or permanent IPv6 addresses are included depends on the
+  charon.prefer_temporary_addrs setting.
+
+- Extended Sequence Numbers (ESN) are configured via PF_KEY if supported by the
+  kernel.
+
+- Unique section names are used for CHILD_SAs in vici child-updown events and
+  more information (e.g. statistics) are included for individually deleted
+  CHILD_SAs (in particular for IKEv1).
+
+- So fallbacks to other plugins work properly, creating HMACs via openssl plugin
+  now fails instantly if the underlying hash algorithm isn't supported (e.g.
+  MD5 in FIPS-mode).
+
+- Exponents of RSA keys read from TPM 2.0 via SAPI are now correctly converted.
+
+- Routing table IDs > 255 are supported for custom routes on Linux.
+
+- The D-Bus config file for charon-nm is now installed in
+  $(datadir)/dbus-1/system.d instead of $(sysconfdir)/dbus-1/system.d.
+
+- INVALID_MAJOR_VERSION notifies are now correctly sent in messages of the same
+  exchange type and using the same message ID as the request.
+
+- IKEv2 SAs are immediately destroyed when sending or receiving INVALID_SYNTAX
+  notifies in authenticated messages.
+
 
 strongswan-5.8.1
 ----------------
@@ -145,7 +394,7 @@ strongswan-5.7.0
   for low-exponent keys (i.e. with e=3).  CVE-2018-16151 has been assigned to
   the problem of accepting random bytes after the OID of the hash function in
   such signatures, and CVE-2018-16152 has been assigned to the issue of not
-  verifying that the parameters in the ASN.1 algorithmIdentitifer structure is
+  verifying that the parameters in the ASN.1 algorithmIdentifier structure is
   empty.  Other flaws that don't lead to a vulnerability directly (e.g. not
   checking for at least 8 bytes of padding) have no separate CVE assigned.
 
@@ -651,7 +900,7 @@ strongswan-5.3.3
 
 - In the bliss plugin the c_indices derivation using a SHA-512 based random
   oracle has been fixed, generalized and standardized by employing the MGF1 mask
-  generation function with SHA-512. As a consequence BLISS signatures unsing the
+  generation function with SHA-512. As a consequence BLISS signatures using the
   improved oracle are not compatible with the earlier implementation.
 
 - Support for auto=route with right=%any for transport mode connections has
@@ -1226,7 +1475,7 @@ strongswan-5.0.1
 - The PA-TNC and PB-TNC protocols can now process huge data payloads
   >64 kB by distributing PA-TNC attributes over multiple PA-TNC messages
   and these messages over several PB-TNC batches. As long as no
-  consolidated recommandation from all IMVs can be obtained, the TNC
+  consolidated recommendation from all IMVs can be obtained, the TNC
   server requests more client data by sending an empty SDATA batch.
 
 - The rightgroups2 ipsec.conf option can require group membership during
@@ -1948,7 +2197,7 @@ strongswan-4.3.1
 
 - The nm plugin also accepts CA certificates for gateway authentication. If
   a CA certificate is configured, strongSwan uses the entered gateway address
-  as its idenitity, requiring the gateways certificate to contain the same as
+  as its identity, requiring the gateways certificate to contain the same as
   subjectAltName. This allows a gateway administrator to deploy the same
   certificates to Windows 7 and NetworkManager clients.
 
@@ -1995,7 +2244,7 @@ strongswan-4.3.0
   Initiators and responders can use several authentication rounds (e.g. RSA
   followed by EAP) to authenticate. The new ipsec.conf leftauth/rightauth and
   leftauth2/rightauth2 parameters define own authentication rounds or setup
-  constraints for the remote peer. See the ipsec.conf man page for more detials.
+  constraints for the remote peer. See the ipsec.conf man page for more details.
 
 - If glibc printf hooks (register_printf_function) are not available,
   strongSwan can use the vstr string library to run on non-glibc systems.
@@ -2494,7 +2743,7 @@ strongswan-4.1.5
 strongswan-4.1.4
 ----------------
 
-- The pluto IKEv1 daemon now exhibits the same behaviour as its
+- The pluto IKEv1 daemon now exhibits the same behavior as its
   IKEv2 companion charon by inserting an explicit route via the
   _updown script only if a sourceip exists. This is admissible
   since routing through the IPsec tunnel is handled automatically
@@ -2741,7 +2990,7 @@ strongswan-4.0.4
 
 - Added support for preshared keys in IKEv2. PSK keys configured in
   ipsec.secrets are loaded. The authby parameter specifies the authentication
-  method to authentificate ourself, the other peer may use PSK or RSA.
+  method to authenticate ourself, the other peer may use PSK or RSA.
 
 - Changed retransmission policy to respect the keyingtries parameter.
 
@@ -2879,7 +3128,7 @@ strongswan-2.7.0
   left|rightfirewall keyword causes the automatic insertion
   and deletion of ACCEPT rules for tunneled traffic upon
   the successful setup and teardown of an IPsec SA, respectively.
-  left|rightfirwall can be used with KLIPS under any Linux 2.4
+  left|rightfirewall can be used with KLIPS under any Linux 2.4
   kernel or with NETKEY under a Linux kernel version >= 2.6.16
   in conjunction with iptables >= 1.3.5. For NETKEY under a Linux
   kernel version < 2.6.16 which does not support IPsec policy
@@ -3000,7 +3249,7 @@ strongswan-2.6.0
   to replace the various shell and awk starter scripts (setup, _plutoload,
   _plutostart, _realsetup, _startklips, _confread, and auto). Since
   ipsec.conf is now parsed only once, the starting of multiple tunnels is
-  accelerated tremedously.
+  accelerated tremendously.
 
 - Added support of %defaultroute to the ipsec starter. If the IP address
   changes, a HUP signal to the ipsec starter will automatically
@@ -3134,9 +3383,9 @@ strongswan-2.5.1
 
 - Under the native IPsec of the Linux 2.6 kernel, a %trap eroute
   installed either by setting auto=route in ipsec.conf or by
-  a connection put into hold, generates an XFRM_AQUIRE event
+  a connection put into hold, generates an XFRM_ACQUIRE event
   for each packet that wants to use the not-yet existing
-  tunnel. Up to now each XFRM_AQUIRE event led to an entry in
+  tunnel. Up to now each XFRM_ACQUIRE event led to an entry in
   the Quick Mode queue, causing multiple IPsec SA to be
   established in rapid succession. Starting with strongswan-2.5.1
   only a single IPsec SA is established per host-pair connection.

README.md

@@ -1,4 +1,4 @@
-# strongSwan Configuration #
+## Patched version, containing patch to disable parsing of AUTH payload in IKEv2 Phase2, because we only want EAP-AKA ##
 
 ## Overview ##
 
@@ -570,7 +570,7 @@ RSA or ECDSA private key. For details, refer to the TPM 2.0
 In a next step the command
 
     pki --req --type priv --in moonKey.pem \
-              --dn "C=CH, O=strongswan, CN=moon.strongswan.org \
+              --dn "C=CH, O=strongswan, CN=moon.strongswan.org" \
               --san moon.strongswan.org --outform pem > moonReq.pem
 
 creates a PKCS#10 certificate request that has to be signed by the CA.

README_LEGACY.md

@@ -639,7 +639,7 @@ following entries are required in `/etc/ipsec.conf`:
 
     conn rw1
         right=%any
-        righsubnet=10.4.0.5/32
+        rightsubnet=10.4.0.5/32
 
     conn rw2
         right=%any

SECURITY.md

@@ -0,0 +1,48 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+Please report any security-relevant flaw to security@strongswan.org. Whenever
+possible encrypt your email with the [PGP key](https://pgp.key-server.io/0x1EB41ECF25A536E4)
+with key ID 0x1EB41ECF25A536E4.
+
+## Severity Classification
+
+* **High Severity Flaw**
+
+    * Allows remote access to the VPN with improper, missing, or invalid
+      credentials
+    * Allows local escalation of privileges on the server
+    * Plain text traffic on the secure interface
+    * Key generation and crypto flaws that reduce the difficulty in decrypting
+      secure traffic
+
+* **Medium Severity Flaw**
+
+    * Remotely crashing the strongSwan daemon, which would allow DoS attacks on
+      the VPN service
+
+* **Low Severity Flaw**
+
+    * All other minor issues not directly compromising security or availability
+      of the strongSwan daemon or the host the daemon is running on
+
+## Action Taken
+
+For **high** and **medium** severity vulnerabilities we are generally going to
+apply for a [CVE Identifier](https://cve.mitre.org/cve/identifiers/) first.
+Next we notify all known strongSwan customers and the major Linux
+distributions, giving them a time of about three weeks to patch their software
+release. On a predetermined date, we officially issue an advisory and a patch
+for the vulnerability and usually a new stable strongSwan release containing
+the security fix.
+
+Minor vulnerabilities of **low** severity usually will be fixed immediately
+in our repository and released with the next stable release.
+
+## List of Reported and Fixed Security Flaws
+
+A list of all reported strongSwan high and medium security flaws may be
+found in the [CVE database](https://nvd.nist.gov/vuln/search/results?query=strongswan).
+
+The corresponding security patches are published on https://download.strongswan.org/security/.

conf/Makefile.am

@@ -33,6 +33,7 @@ plugins = \
 	plugins/attr.opt \
 	plugins/attr-sql.opt \
 	plugins/bliss.opt \
+	plugins/botan.opt \
 	plugins/bypass-lan.opt \
 	plugins/certexpire.opt \
 	plugins/coupling.opt \

conf/format-options.py

@@ -68,8 +68,9 @@ import sys
 import re
 from textwrap import TextWrapper
 from argparse import ArgumentParser
-from functools import cmp_to_key
+from functools import cmp_to_key, total_ordering
 
+@total_ordering
 class ConfigOption:
 	"""Representing a configuration option or described section in strongswan.conf"""
 	def __init__(self, path, default = None, section = False, commented = False, include = False):
@@ -83,6 +84,9 @@ class ConfigOption:
 		self.desc = []
 		self.options = []
 
+	def __eq__(self, other):
+		return self.name == other.name
+
 	def __lt__(self, other):
 		return self.name < other.name
 

conf/options/charon-logging.opt

@@ -29,6 +29,9 @@ charon.filelog.<name>.ike_name = no
 	Prefix each log entry with the connection name and a unique numerical
 	identifier for each IKE_SA.
 
+charon.filelog.<name>.log_level = no
+	Add the log level of each message after the subsystem (e.g. [IKE2]).
+
 charon.filelog.<name>.time_format
 	Prefix each log entry with a timestamp. The option accepts a format string
 	as passed to **strftime**(3).
@@ -64,3 +67,6 @@ charon.syslog.<facility>.<subsystem> = <default>
 charon.syslog.<facility>.ike_name = no
 	Prefix each log entry with the connection name and a unique numerical
 	identifier for each IKE_SA.
+
+charon.syslog.<facility>.log_level = no
+	Add the log level of each message after the subsystem (e.g. [IKE2]).

conf/options/charon.opt

@@ -8,6 +8,10 @@ charon {}
 	**charon-cmd** instead of **charon**). For many options defaults can be
 	defined in the **libstrongswan** section.
 
+charon.accept_private_algs = no
+	Deliberately violate the IKE standard's requirement and allow the use of
+	private algorithm identifiers, even if the peer implementation is unknown.
+
 charon.accept_unencrypted_mainmode_messages = no
 	Accept unencrypted ID and HASH payloads in IKEv1 Main Mode.
 
@@ -36,6 +40,29 @@ charon.cache_crls = no
 	Certification Authority (CA) to **/etc/ipsec.d/crls** (stroke) or
 	**/etc/swanctl/x509crl** (vici), respectively.
 
+charon.check_current_path = no
+	Whether to use DPD to check if the current path still works after any
+	changes to interfaces/addresses.
+
+	By default, after detecting any changes to interfaces and/or addresses no
+	action is taken if the current path to the remote peer still looks usable.
+	Enabling this option will use DPD to check if the path actually still works,
+	or, for instance, the peer removed the state after a longer phase without
+	connectivity.  It will also trigger a MOBIKE update if NAT mappings were
+	removed during the downtime.
+
+charon.cisco_flexvpn = no
+	Send the Cisco FlexVPN vendor ID payload (IKEv2 only).
+
+	Send the Cisco FlexVPN vendor ID payload, which is required in order to make
+	Cisco brand devices allow negotiating a local traffic selector (from
+	strongSwan's point of view) that is not the assigned virtual IP address if
+	such an address is requested by	strongSwan.  Sending the Cisco FlexVPN
+	vendor ID prevents the peer from narrowing the initiator's local traffic
+	selector and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0
+	instead.  This has been tested with a "tunnel mode ipsec ipv4" Cisco
+	template but should also work for GRE encapsulation.
+
 charon.cisco_unity = no
 	Send Cisco Unity vendor ID payload (IKEv1 only).
 
@@ -102,9 +129,6 @@ charon.dns2
 charon.dos_protection = yes
 	Enable Denial of Service protection using cookies and aggressiveness checks.
 
-charon.ecp_x_coordinate_only = yes
-	Compliance with the errata for RFC 4753.
-
 charon.flush_auth_cfg = no
 	Free objects during authentication (might conflict with plugins).
 
@@ -116,6 +140,10 @@ charon.flush_auth_cfg = no
 charon.follow_redirects = yes
 	Whether to follow IKEv2 redirects (RFC 5685).
 
+charon.force_eap_only_authentication = no
+	Violate RFC 5998 and use EAP-only authentication even if the peer did not
+	send an EAP_ONLY_AUTHENTICATION notify during IKE_AUTH.
+
 charon.fragment_size = 1280
 	Maximum size (complete IP datagram size in bytes) of a sent IKE fragment
 	when using proprietary IKEv1 or standardized IKEv2 fragmentation, defaults
@@ -212,6 +240,11 @@ charon.interfaces_use
 charon.keep_alive = 20s
 	NAT keep alive interval.
 
+charon.keep_alive_dpd_margin = 0s
+	Number of seconds the keep alive interval may be exceeded before a DPD is
+	sent instead of a NAT keep alive (0 to disable).  This is only useful if a
+	clock is used that includes time spent suspended (e.g. CLOCK_BOOTTIME).
+
 charon.leak_detective.detailed = yes
 	Includes source file names and line numbers in leak detective output.
 
@@ -440,6 +473,24 @@ charon.tls.mac
 charon.tls.suites
 	List of TLS cipher suites.
 
+charon.tls.ke_group
+	List of TLS key exchange groups.
+
+charon.tls.signature
+	List of TLS signature schemes.
+
+charon.tls.send_certreq_authorities = yes
+	Whether to include CAs in a server's CertificateRequest message.
+
+	Whether to include CAs in a server's CertificateRequest message. May be
+	disabled if clients can't handle a long list of CAs.
+
+charon.tls.version_min = 1.2
+	Minimum TLS version to negotiate.
+
+charon.tls.version_max = 1.2
+	Maximum TLS version to negotiate.
+
 charon.user
 	Name of the user the daemon changes to after startup.
 

conf/plugins/botan.opt

@@ -0,0 +1,6 @@
+charon.plugins.botan.internal_rng_only = no
+	Force the use of Botan's internal RNG.
+
+	If enabled, only Botan's internal RNG will be used throughout the plugin.
+	Otherwise, and if supported by Botan, rng_t implementations provided by
+	other loaded plugins will be used as RNG.

conf/plugins/imc-attestation.opt

@@ -10,6 +10,9 @@ libimcv.plugins.imc-attestation.aik_pubkey =
 libimcv.plugins.imc-attestation.aik_handle =
 	AIK object handle.
 
+libimcv.plugins.imc-attestation.hash_algorithm = sha384
+	Preferred measurement hash algorithm.
+
 libimcv.plugins.imc-attestation.mandatory_dh_groups = yes
 	Enforce mandatory Diffie-Hellman groups.
 
@@ -44,3 +47,7 @@ libimcv.plugins.imc-attestation.pcr18_meas =
 
 libimcv.plugins.imc-attestation.pcr18_after =
 	PCR18 value after measurement.
+
+libimcv.plugins.imc-attestation.pcr_padding = no
+	Whether to pad IMA SHA1 measurements values when extending into
+	SHA256 PCR bank.

conf/plugins/imv-attestation.opt

@@ -7,7 +7,7 @@ libimcv.plugins.imv-attestation.mandatory_dh_groups = yes
 libimcv.plugins.imv-attestation.dh_group = ecp256
 	Preferred Diffie-Hellman group.
 
-libimcv.plugins.imv-attestation.hash_algorithm = sha256
+libimcv.plugins.imv-attestation.hash_algorithm = sha384
 	Preferred measurement hash algorithm.
 
 libimcv.plugins.imv-attestation.min_nonce_len = 0

conf/plugins/load-tester.opt

@@ -25,7 +25,7 @@ charon.plugins.load-tester.crl
 	certificates.
 
 charon.plugins.load-tester.delay = 0
-	Delay between initiatons for each thread.
+	Delay between initiations for each thread.
 
 charon.plugins.load-tester.delete_after_established = no
 	Delete an IKE_SA as soon as it has been established.
@@ -66,7 +66,7 @@ charon.plugins.load-tester.initiators = 0
 	Number of concurrent initiator threads to use in load test.
 
 charon.plugins.load-tester.initiator_auth = pubkey
-	Authentication method(s) the intiator uses.
+	Authentication method(s) the initiator uses.
 
 charon.plugins.load-tester.initiator_id =
 	Initiator ID used in load test.
@@ -119,7 +119,7 @@ charon.plugins.load-tester.responder_tsr = initiator_tsr
 	Traffic selector on responder side, as narrowed by responder.
 
 charon.plugins.load-tester.request_virtual_ip = no
-	Request an INTERNAL_IPV4_ADDR from the server.
+	Request an INTERNAL_IPV4_ADDR and INTERNAL_IPV6_ADDR from the server.
 
 charon.plugins.load-tester.shutdown_when_complete = no
 	Shutdown the daemon after all IKE_SAs have been established.

conf/strongswan.conf.5.tail.in

@@ -74,7 +74,7 @@ libtls library messages
 libipsec library messages
 .TP
 .B lib
-libstrongwan library messages
+libstrongswan library messages
 .TP
 .B tnc
 Trusted Network Connect

configure.ac

@@ -3,6 +3,8 @@
 # Copyright (C) 2006-2019 Andreas Steffen
 # Copyright (C) 2006-2014 Martin Willi
 # HSR Hochschule fuer Technik Rapperswil
+# Copyright (C) 2017 Domonkos P. Tomcsanyi
+# umlaut Communications Gmbh.
 #
 # This program is free software; you can redistribute it and/or modify it
 # under the terms of the GNU General Public License as published by the
@@ -19,7 +21,7 @@
 #  initialize & set some vars
 # ============================
 
-AC_INIT([strongSwan],[5.8.2dr2])
+AC_INIT([strongSwan],[5.9.3])
 AM_INIT_AUTOMAKE(m4_esyscmd([
 	echo tar-ustar
 	echo subdir-objects
@@ -55,7 +57,7 @@ ARG_WITH_SUBST([piddir],             [/var/run], [set path for PID and UNIX sock
 ARG_WITH_SUBST([ipsecdir],           [${libexecdir%/}/ipsec], [set installation path for ipsec tools])
 ARG_WITH_SUBST([ipseclibdir],        [${libdir%/}/ipsec], [set installation path for ipsec libraries])
 ARG_WITH_SUBST([plugindir],          [${ipseclibdir%/}/plugins], [set the installation path of plugins])
-ARG_WITH_SUBST([imcvdir],            [${ipseclibdir%/}/imcvs], [set the installation path of IMC and IMV dynamic librariers])
+ARG_WITH_SUBST([imcvdir],            [${ipseclibdir%/}/imcvs], [set the installation path of IMC and IMV dynamic libraries])
 ARG_WITH_SUBST([nm-ca-dir],          [/usr/share/ca-certificates], [directory the NM backend uses to look up trusted root certificates])
 ARG_WITH_SUBST([swanctldir],         [${sysconfdir}/swanctl], [base directory for swanctl configuration files and credentials])
 ARG_WITH_SUBST([linux-headers],      [\${top_srcdir}/src/include], [set directory of linux header files to use])
@@ -77,6 +79,15 @@ fi
 ARG_WITH_SET([systemdsystemunitdir], [$systemdsystemunitdir_default], [directory for systemd service files])
 AC_SUBST(systemdsystemunitdir)
 
+AC_ARG_WITH(
+	[dbuspolicydir],
+	AS_HELP_STRING([--with-dbuspolicydir=arg],[directory for D-Bus policies (default: ${dbusdatadir|datarootdir}/dbus-1/system.d)]),
+	[dbuspolicydir="$withval"],
+	[PKG_CHECK_VAR([dbusdatadir], [dbus-1], [datadir], , [dbusdatadir="${datarootdir}"])
+	 dbuspolicydir="${dbusdatadir}/dbus-1/system.d"]
+)
+AC_SUBST(dbuspolicydir)
+
 AC_ARG_WITH(
 	[user],
 	AS_HELP_STRING([--with-user=user],[change user of the daemons to "user" after startup (default is "root").]),
@@ -190,7 +201,8 @@ ARG_ENABL_SET([eap-sim-pcsc],   [enable EAP-SIM backend based on a smartcard rea
 ARG_ENABL_SET([eap-aka],        [enable EAP AKA authentication module.])
 ARG_ENABL_SET([eap-aka-3gpp],   [enable EAP AKA backend implementing 3GPP MILENAGE algorithms in software.])
 ARG_ENABL_SET([eap-aka-3gpp2],  [enable EAP AKA backend implementing 3GPP2 algorithms in software. Requires libgmp.])
-ARG_ENABL_SET([eap-simaka-sql], [enable EAP-SIM/AKA backend based on a triplet/quintuplet SQL database.])
+ARG_ENABL_SET([eap-simaka-pcsc],   [enable EAP-SIM/AKA backend based on a smartcard reader. Requires libpcsclite.])
+ARG_ENABL_SET([eap-simaka-sql],    [enable EAP-SIM/AKA backend based on a triplet/quintuplet SQL database.])
 ARG_ENABL_SET([eap-simaka-pseudonym], [enable EAP-SIM/AKA pseudonym storage plugin.])
 ARG_ENABL_SET([eap-simaka-reauth],    [enable EAP-SIM/AKA reauthentication data storage plugin.])
 ARG_ENABL_SET([eap-identity],   [enable EAP module providing EAP-Identity helper.])
@@ -317,6 +329,7 @@ ARG_ENABL_SET([tss-tss2],       [enable the use of the TSS 2.0 Trusted Software
 
 # compile options
 ARG_ENABL_SET([coverage],       [enable lcov coverage report generation.])
+ARG_ENABL_SET([git-version],    [use output of 'git describe' as version information in executables.])
 ARG_ENABL_SET([leak-detective], [enable malloc hooks to find memory leaks.])
 ARG_ENABL_SET([lock-profiler],  [enable lock/mutex profiling code.])
 ARG_ENABL_SET([log-thread-ids], [use thread ID, if available, instead of an incremented value starting from 1, to identify threads.])
@@ -374,33 +387,35 @@ AC_PROG_LEX
 AC_PROG_YACC
 AM_PATH_PYTHON(,,[:])
 AC_PATH_PROG([PERL], [perl], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
+AC_ARG_VAR([PERL], [the Perl interpreter])
 AC_PATH_PROG([GPERF], [gperf], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
+AC_ARG_VAR([GPERF], [the GNU gperf program])
 
-# because gperf is not needed by end-users we just report it but do not abort on failure
-AC_MSG_CHECKING([gperf version >= 3.0.0])
+# because gperf is not needed by end-users we only abort if generated files don't exist
+AC_MSG_CHECKING([gperf len type])
 if test -x "$GPERF"; then
-	if test "`$GPERF --version | $AWK -F' ' '/^GNU gperf/ { print $3 }' | $AWK -F. '{ print $1 }'`" -ge "3"; then
-		GPERF_OUTPUT="`echo foo | ${GPERF}`"
-		AC_COMPILE_IFELSE(
+	GPERF_OUTPUT="`echo foo | ${GPERF}`"
+	AC_COMPILE_IFELSE(
+		[AC_LANG_PROGRAM(
+			[[#include <string.h>
+			  const char *in_word_set(const char*, size_t); $GPERF_OUTPUT]])],
+		[GPERF_LEN_TYPE=size_t],
+		[AC_COMPILE_IFELSE(
 			[AC_LANG_PROGRAM(
 				[[#include <string.h>
-				  const char *in_word_set(const char*, size_t); $GPERF_OUTPUT]])],
-			[GPERF_LEN_TYPE=size_t],
-			[AC_COMPILE_IFELSE(
-				[AC_LANG_PROGRAM(
-					[[#include <string.h>
-					  const char *in_word_set(const char*, unsigned); $GPERF_OUTPUT]])],
-				[GPERF_LEN_TYPE=unsigned],
-				[AC_MSG_ERROR([unable to determine gperf len type])]
-			)]
-		)
-		AC_SUBST(GPERF_LEN_TYPE)
-		AC_MSG_RESULT([yes])
-	else
-		AC_MSG_RESULT([no])
-	fi
+				  const char *in_word_set(const char*, unsigned); $GPERF_OUTPUT]])],
+			[GPERF_LEN_TYPE=unsigned],
+			[AC_MSG_ERROR([unable to determine gperf len type])]
+		)]
+	)
+	AC_SUBST(GPERF_LEN_TYPE)
+	AC_MSG_RESULT([$GPERF_LEN_TYPE])
 else
 	AC_MSG_RESULT([not found])
+	GPERF_TEST_FILE="$srcdir/src/libstrongswan/crypto/proposal/proposal_keywords_static.c"
+	if test ! -f "$GPERF_TEST_FILE"; then
+		AC_MSG_ERROR([GNU gperf required to generate e.g. $GPERF_TEST_FILE])
+	fi
 fi
 
 # ========================
@@ -650,7 +665,7 @@ AC_CHECK_FUNC(
 	]
 )
 
-AC_CHECK_FUNCS(prctl mallinfo getpass closefrom getpwnam_r getgrnam_r getpwuid_r)
+AC_CHECK_FUNCS(prctl mallinfo getpass closefrom getpwnam_r getgrnam_r getpwuid_r chown)
 AC_CHECK_FUNCS(fmemopen funopen mmap memrchr setlinebuf strptime dirfd sigwaitinfo explicit_bzero)
 
 AC_CHECK_FUNC([syslog], [
@@ -1027,26 +1042,28 @@ if test x$tss_tss2 = xtrue; then
 	PKG_CHECK_MODULES(tss2_esys, [tss2-esys],
 		[tss2_esys=true; AC_DEFINE([TSS2_ESYS], [], [use TSS2 v2 Extended System API])],
 		[tss2_esys=false])
-	PKG_CHECK_MODULES(tss2_tabrmd, [tcti-tabrmd],
-		[tss2_tabrmd=true; AC_DEFINE([TSS2_TCTI_TABRMD], [], [use TCTI Access Broker and Resource Mamager])],
-		[tss2_tabrmd=false])
-	PKG_CHECK_MODULES(tss2_socket, [tcti-socket],
-		[tss2_socket=true; AC_DEFINE([TSS2_TCTI_SOCKET], [], [use TCTI Sockets])],
-		[tss2_socket=false])
 	if test x$tss2_sys = xtrue; then
 		AC_DEFINE([TSS_TSS2_V2], [], [use TSS 2.0 v2 libraries])
 		AC_SUBST(tss2_CFLAGS, "$tss2_sys_CFLAGS")
 		AC_SUBST(tss2_LIBS, "$tss2_sys_LIBS")
-	elif test x$tss2_tabrmd = xtrue -o x$tss2_socket = xtrue; then
-		AC_DEFINE([TSS_TSS2_V1], [], [use TSS 2.0 v1 libraries])
-		AC_SUBST(tss2_CFLAGS, "$tss2_tabrmd_CFLAGS $tss2_socket_CFLAGS")
-		AC_SUBST(tss2_LIBS, "$tss2_tabrmd_LIBS $tss2_socket_LIBS")
 	else
-		AC_MSG_FAILURE([no TSS2 TCTI or SAPI libraries detected])
+		PKG_CHECK_MODULES(tss2_tabrmd, [tcti-tabrmd],
+			[tss2_tabrmd=true; AC_DEFINE([TSS2_TCTI_TABRMD], [], [use TCTI Access Broker and Resource Manager])],
+			[tss2_tabrmd=false])
+		PKG_CHECK_MODULES(tss2_socket, [tcti-socket],
+			[tss2_socket=true; AC_DEFINE([TSS2_TCTI_SOCKET], [], [use TCTI Sockets])],
+			[tss2_socket=false])
+		if test x$tss2_tabrmd = xtrue -o x$tss2_socket = xtrue; then
+			AC_DEFINE([TSS_TSS2_V1], [], [use TSS 2.0 v1 libraries])
+			AC_SUBST(tss2_CFLAGS, "$tss2_tabrmd_CFLAGS $tss2_socket_CFLAGS")
+			AC_SUBST(tss2_LIBS, "$tss2_tabrmd_LIBS $tss2_socket_LIBS")
+		else
+			AC_MSG_FAILURE([no TSS2 TCTI or SAPI libraries detected])
+		fi
 	fi
 fi
 
-if test x$imc_swima = xtrue -o $imv_swima = xtrue; then
+if test x$imc_swima = xtrue -o x$imv_swima = xtrue; then
 	PKG_CHECK_MODULES(json, [json-c], [],
 		[PKG_CHECK_MODULES(json, [json])])
 	AC_SUBST(json_CFLAGS)
@@ -1139,11 +1156,9 @@ if test x$openssl = xtrue; then
 fi
 
 if test x$wolfssl = xtrue; then
-	wolfssl_lib=wolfssl
-	AC_CHECK_LIB([$wolfssl_lib],[wolfSSL_Init],[LIBS="$LIBS"],
-		[AC_MSG_ERROR([wolfSSL lib$wolfssl_lib not found])],[$DLLIB])
-	AC_SUBST(WOLFSSL_LIB, [-l$wolfssl_lib])
-	AC_CHECK_HEADER([wolfssl/options.h],,[AC_MSG_ERROR([wolfSSL header wolfssl/options.h not found!])])
+	PKG_CHECK_MODULES(wolfssl, [wolfssl])
+	AC_SUBST(wolfssl_CFLAGS)
+	AC_SUBST(wolfssl_LIBS)
 fi
 
 if test x$gcrypt = xtrue; then
@@ -1161,9 +1176,14 @@ if test x$gcrypt = xtrue; then
 fi
 
 if test x$botan = xtrue; then
-	PKG_CHECK_MODULES(botan, [botan-2])
+	PKG_CHECK_MODULES(botan, [botan-3], [],
+		[PKG_CHECK_MODULES(botan, [botan-2])])
 	AC_SUBST(botan_CFLAGS)
 	AC_SUBST(botan_LIBS)
+	saved_LIBS=$LIBS
+	LIBS="$botan_LIBS"
+	AC_CHECK_FUNCS(botan_rng_init_custom)
+	LIBS=$saved_LIBS
 fi
 
 if test x$uci = xtrue; then
@@ -1186,10 +1206,23 @@ if test x$eap_sim_pcsc = xtrue; then
 	AC_SUBST(pcsclite_LIBS)
 fi
 
+if test x$eap_simaka_pcsc = xtrue; then
+	PKG_CHECK_MODULES(pcsclite, [libpcsclite])
+	AC_SUBST(pcsclite_CFLAGS)
+	AC_SUBST(pcsclite_LIBS)
+fi
+
 if test x$nm = xtrue; then
 	PKG_CHECK_MODULES(nm, [gthread-2.0 libnm])
 	AC_SUBST(nm_CFLAGS)
 	AC_SUBST(nm_LIBS)
+
+	AC_MSG_CHECKING([for D-Bus policy directory])
+	if test -n "$dbuspolicydir" -a "x$dbuspolicydir" != xno; then
+		AC_MSG_RESULT([$dbuspolicydir])
+	else
+		AC_MSG_ERROR([not found (try --with-dbuspolicydir)])
+	fi
 fi
 
 if test x$xauth_pam = xtrue; then
@@ -1198,7 +1231,7 @@ if test x$xauth_pam = xtrue; then
 fi
 
 if test x$connmark = xtrue -o x$forecast = xtrue; then
-	PKG_CHECK_MODULES(libiptc, [libiptc])
+	PKG_CHECK_MODULES(libiptc, [libip4tc])
 	AC_SUBST(libiptc_CFLAGS)
 	AC_SUBST(libiptc_LIBS)
 fi
@@ -1247,6 +1280,11 @@ if test x$bfd_backtraces = xtrue; then
 	AC_CHECK_LIB([bfd],[bfd_init],[LIBS="$LIBS"],[AC_MSG_ERROR([binutils libbfd not found!])],[])
 	AC_CHECK_HEADER([bfd.h],[AC_DEFINE([HAVE_BFD_H],,[have binutils bfd.h])],
 		[AC_MSG_ERROR([binutils bfd.h header not found!])])
+	AC_CHECK_DECLS(
+		[bfd_section_flags, bfd_get_section_flags,
+		 bfd_section_vma, bfd_get_section_vma,
+		 bfd_section_size, bfd_get_section_size], [], [],
+		[[#include <bfd.h>]])
 	BFDLIB="-lbfd"
 	AC_SUBST(BFDLIB)
 fi
@@ -1343,6 +1381,7 @@ if test x$python_eggs = xtrue; then
 	else
 		AC_SUBST(PYTHONEGGINSTALLDIR, "--install-dir $pythoneggdir")
 	fi
+	AC_PATH_PROG([TOX], [tox], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
 	AC_PATH_PROG([PY_TEST], [py.test], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
 fi
 AM_CONDITIONAL(PYTHON_EGGS_INSTALL, [test "x$python_eggs_install" = xtrue])
@@ -1360,6 +1399,27 @@ AC_CACHE_CHECK(
 )
 if test "x$ss_cv_static_plugin_constructors" = xyes; then
 	static_plugin_constructors=true
+	if test "$PYTHON" = ":"; then
+		AC_MSG_FAILURE([Python is required to resolve plugin constructors statically])
+	fi
+fi
+
+AC_MSG_CHECKING([version from Git repository])
+AC_SUBST(GIT_VERSION, [$($srcdir/scripts/git-version "$srcdir")])
+case "$GIT_VERSION" in
+	"$PACKAGE_VERSION"*)
+		AC_MSG_RESULT([$GIT_VERSION])
+		;;
+	UNKNOWN)
+		AC_MSG_RESULT([$GIT_VERSION (could be due to insufficient clone depth)])
+		;;
+	*)
+		AC_MSG_ERROR([$PACKAGE_VERSION is not a prefix of $GIT_VERSION, tag missing?])
+		;;
+esac
+
+if test x$git_version = xtrue -a "$GIT_VERSION" != "UNKNOWN"; then
+	AC_DEFINE_UNQUOTED(VERSION, ["$GIT_VERSION"])
 fi
 
 # ===============================================
@@ -1482,6 +1542,7 @@ ADD_PLUGIN([eap-sim-pcsc],         [c charon])
 ADD_PLUGIN([eap-aka],              [c charon])
 ADD_PLUGIN([eap-aka-3gpp],         [c charon])
 ADD_PLUGIN([eap-aka-3gpp2],        [c charon])
+ADD_PLUGIN([eap-simaka-pcsc],      [c charon])
 ADD_PLUGIN([eap-simaka-sql],       [c charon])
 ADD_PLUGIN([eap-simaka-pseudonym], [c charon])
 ADD_PLUGIN([eap-simaka-reauth],    [c charon])
@@ -1653,6 +1714,7 @@ AM_CONDITIONAL(USE_RADATTR, test x$radattr = xtrue)
 AM_CONDITIONAL(USE_EAP_SIM, test x$eap_sim = xtrue)
 AM_CONDITIONAL(USE_EAP_SIM_FILE, test x$eap_sim_file = xtrue)
 AM_CONDITIONAL(USE_EAP_SIM_PCSC, test x$eap_sim_pcsc = xtrue)
+AM_CONDITIONAL(USE_EAP_SIMAKA_PCSC, test x$eap_simaka_pcsc = xtrue)
 AM_CONDITIONAL(USE_EAP_SIMAKA_SQL, test x$eap_simaka_sql = xtrue)
 AM_CONDITIONAL(USE_EAP_SIMAKA_PSEUDONYM, test x$eap_simaka_pseudonym = xtrue)
 AM_CONDITIONAL(USE_EAP_SIMAKA_REAUTH, test x$eap_simaka_reauth = xtrue)
@@ -1762,7 +1824,8 @@ AM_CONDITIONAL(USE_LEGACY_SYSTEMD, test -n "$systemdsystemunitdir" -a "x$systemd
 AM_CONDITIONAL(USE_RUBY_GEMS, test x$ruby_gems = xtrue)
 AM_CONDITIONAL(USE_PYTHON_EGGS, test x$python_eggs = xtrue)
 AM_CONDITIONAL(USE_PERL_CPAN, test x$perl_cpan = xtrue)
-AM_CONDITIONAL(USE_PY_TEST, test "x$PY_TEST" != x)
+AM_CONDITIONAL(USE_TOX, test "x$TOX" != x)
+AM_CONDITIONAL(USE_PY_TEST, test "x$PY_TEST" != x -a "x$TOX" = x)
 
 # ========================
 #  set global definitions
@@ -1944,6 +2007,7 @@ AC_CONFIG_FILES([
 	src/libcharon/plugins/eap_sim/Makefile
 	src/libcharon/plugins/eap_sim_file/Makefile
 	src/libcharon/plugins/eap_sim_pcsc/Makefile
+	src/libcharon/plugins/eap_simaka_pcsc/Makefile
 	src/libcharon/plugins/eap_simaka_sql/Makefile
 	src/libcharon/plugins/eap_simaka_pseudonym/Makefile
 	src/libcharon/plugins/eap_simaka_reauth/Makefile

init/systemd-starter/strongswan-starter.service.in

@@ -4,7 +4,6 @@ After=syslog.target network-online.target
 
 [Service]
 ExecStart=@SBINDIR@/@IPSEC_SCRIPT@ start --nofork
-StandardOutput=syslog
 Restart=on-abnormal
 
 [Install]

packages/network-manager-strongswan/Makefile

@@ -1,19 +0,0 @@
-
-SOURCE:=../../src/frontends/gnome
-VERSION:=1.3.1
-
-source:	prepare
-	cd build/NetworkManager-strongswan-$(VERSION) && debuild -S
-
-prepare: clean
-	mkdir build
-	make -C $(SOURCE) dist-gzip
-	mv $(SOURCE)/NetworkManager-strongswan-$(VERSION).tar.gz build/network-manager-strongswan_$(VERSION).orig.tar.gz
-	tar -zxv -C build -f build/network-manager-strongswan_$(VERSION).orig.tar.gz
-	dch -b -v $(VERSION)
-	cp -R debian build/NetworkManager-strongswan-$(VERSION)
-
-clean:
-	rm -Rf build
-
-.PHONY:	source prepare clean

packages/network-manager-strongswan/debian/changelog

@@ -1,54 +0,0 @@
-network-manager-strongswan (1.3.1-1) unstable; urgency=low
-
-  * New upstream release, adds PSK support
-  * Invoke charon-nm as IKE backend (Closes: #741415)
-  * Hand over maintenance to Debian strongSwan Maintainers (pkg-swan)
-
- -- Martin <martin@strongswan.org>  Thu, 24 Apr 2014 15:42:39 +0200
-
-network-manager-strongswan (1.3.0-1) unstable; urgency=low
-
-  * New upstream release, support for NetworkManager 0.9 (Closes: #639400)
-
- -- Martin Willi <martin@strongswan.org>  Mon, 02 Jul 2012 09:55:20 +0200
-
-network-manager-strongswan (1.1.2-2) unstable; urgency=low
-
-  * Do not install unused libtool and static libraries
-    (Closes: #622499)
-
- -- Martin Willi <martin@strongswan.org>  Tue, 19 Apr 2011 11:07:10 +0200
-
-network-manager-strongswan (1.1.2-1) unstable; urgency=low
-
-  * New upstream release, fixes pkgconfig for new libnm-glib packages
-    (Closes: #569302)
-
- -- Martin Willi <martin@strongswan.org>  Thu, 18 Feb 2010 09:41:39 +0100
-
-network-manager-strongswan (1.1.1-2) unstable; urgency=low
-
-  * Added ${shlibs:Depends} dependency
-  * Reload network-manager after installation, reloading dbus is insufficient.
-  * Fixed debhelper-but-no-misc-depends, out-of-date-standards-version and
-    copyright-without-copyright-notice lintian warnings
-
- -- Martin Willi <martin@strongswan.org>  Mon, 12 Oct 2009 10:19:40 +0200
-
-network-manager-strongswan (1.1.1-1) unstable; urgency=low
-
-  * New upstream release fixing a crasher when saving connections
-  * Fix "Wrong path to network-manager initscript in postinst"
-    Reload dbus instead of network-manager, as other VPN plugins do.
-    (Closes: #529189)
-  * Fix "FTBFS: No package 'libnm-util' found"
-    added dependencies to libnm-util-dev and libnm-glib-vpn-dev
-    (Closes: #528977)
-
- -- Martin Willi <martin@strongswan.org>  Tue, 19 May 2009 13:16:51 +0200
-
-network-manager-strongswan (1.1.0-1) unstable; urgency=low
-
-  * Initial Debian packaging of NetworkManager plugin for strongSwan
-
- -- Martin Willi <martin@strongswan.org>  Wed, 25 Mar 2009 09:07:05 +0100

packages/network-manager-strongswan/debian/compat

@@ -1 +0,0 @@
-7

packages/network-manager-strongswan/debian/control

@@ -1,31 +0,0 @@
-Source: network-manager-strongswan
-Section: net
-Priority: extra
-Maintainer: strongSwan Maintainers <pkg-swan-devel@lists.alioth.debian.org>
-Uploaders: Rene Mayrhofer <rmayr@debian.org>,
-	Yves-Alexis Perez <corsac@debian.org>,
-	Romain Francoise <rfrancoise@debian.org>
-Build-Depends: cdbs,
-	debhelper (>= 7),
-	network-manager-dev (>= 0.9),
-	libnm-util-dev (>= 0.9),
-	libnm-glib-dev (>= 0.9),
-	libnm-glib-vpn-dev (>= 0.9),
-	libdbus-glib-1-dev,
-	libgnomeui-dev,
-	automake,
-	gnome-common,
-Standards-Version: 3.9.1
-
-Package: network-manager-strongswan
-Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}, strongswan-nm, network-manager (>= 0.9)
-Description: network management framework (strongSwan plugin)
- NetworkManager attempts to keep an active network connection available at
- all times.  It is intended primarily for laptops where it allows easy
- switching between local wireless networks, it's also useful on desktops
- with a selection of different interfaces to use.  It is not intended for
- usage on servers.
- .
- This package provides a VPN plugin for strongSwan, providing easy access to
- IKEv2 IPSec VPN's.

packages/network-manager-strongswan/debian/copyright

@@ -1,10 +0,0 @@
-Format-Specification: http://svn.debian.org/wsvn/dep/web/deps/dep5.mdwn?op=file&rev=59
-Name: NetworkManager-strongswan
-Source: http://download.strongswan.org/NetworkManager
-
-Copyright: 2008-2009, Martin Willi <martin@strongswan.org>
-           2005-2008, Dan Williams
-           2005, David Zeuthen
-License: GPL-2
- On Debian systems the full text of the GNU General Public License can be found
- in the `/usr/share/common-licenses/GPL-2' file.

packages/network-manager-strongswan/debian/network-manager-strongswan.postinst

@@ -1,19 +0,0 @@
-#!/bin/sh
-
-set -e
-
-case "$1" in
-	configure)
-		if [ -x "/etc/init.d/network-manager" ]; then
-			if [ -x /usr/sbin/invoke-rc.d ]; then
-				invoke-rc.d network-manager force-reload || true
-			else
-				/etc/init.d/network-manager force-reload || true
-			fi
-		fi
-		;;
-esac
-
-#DEBHELPER#
-
-exit 0

packages/network-manager-strongswan/debian/rules

@@ -1,16 +0,0 @@
-#!/usr/bin/make -f
-
-include /usr/share/cdbs/1/rules/debhelper.mk
-include /usr/share/cdbs/1/class/autotools.mk
-
-DEB_CONFIGURE_EXTRA_FLAGS := --with-charon=/usr/lib/ipsec/charon-nm
-
-DEB_CONFIGURE_LIBEXECDIR := "\$$(prefix)/lib/NetworkManager"
-
-DEB_DH_MAKESHLIBS_ARGS_ALL := -X/usr/lib/NetworkManager/
-
-DEB_DH_INSTALL_SOURCEDIR := debian/tmp
-
-
-install/network-manager-strongswan::
-	rm debian/network-manager-strongswan/usr/lib/NetworkManager/libnm-strongswan-properties.*a

packages/strongswan/Makefile

@@ -1,19 +0,0 @@
-
-SOURCE=../..
-VERSION:=5.0.1dr1
-
-source:	prepare
-	cd build/strongswan-$(VERSION) && debuild -S
-
-prepare: clean
-	mkdir build
-	make -C $(SOURCE) dist-gzip
-	mv $(SOURCE)/strongswan-$(VERSION).tar.gz build/strongswan_$(VERSION).orig.tar.gz
-	tar -zxv -C build -f build/strongswan_$(VERSION).orig.tar.gz
-	dch -b -v $(VERSION)
-	cp -R debian build/strongswan-$(VERSION)
-
-clean:
-	rm -Rf build
-
-.PHONY:	source prepare clean

packages/strongswan/debian/changelog

@@ -1,5 +0,0 @@
-strongswan (5.0.1dr1) unstable; urgency=low
-
-  * New package for strongSwan 5.0 series
-
- -- Martin Willi <martin@strongswan.org>  Mon, 02 Jul 2012 18:48:55 +0200

packages/strongswan/debian/compat

@@ -1 +0,0 @@
-7

packages/strongswan/debian/control

@@ -1,61 +0,0 @@
-Source: strongswan
-Section: net
-Priority: extra
-Maintainer: Martin Willi <martin@strongswan.org>
-Standards-Version: 3.9.2
-Build-Depends: debhelper (>= 7.0.0), libssl-dev (>= 0.9.8), libcap-dev, network-manager-dev (>= 0.9), libnm-glib-dev (>= 0.9), libcurl4-openssl-dev | libcurl4-gnutls-dev | libcurl4-nss-dev, libldap2-dev, libmysqlclient-dev, libsqlite3-dev
-Homepage: http://www.strongswan.org
-
-Package: strongswan
-Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}
-Description: IPsec VPN solution.
- strongSwan is a IPsec based VPN solution for the Linux kernel. It uses the
- native IPsec stack and runs on any recent 2.6 kernel (no patching required).
- It supports both, the IKEv1 and the newer IKEv2 protocols.
- .
- This package contains the IKEv1/IKEv2 keying daemon charon and command line
- configuration backend.
-
-Package: strongswan-tools
-Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}
-Description: Additional command line tools for strongSwan.
- This packages provides pki and other strongSwan utilities.
-
-Package: strongswan-nm
-Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}, network-manager (>= 0.9)
-Description: strongSwan plugin to interact with NetworkManager
- This plugin provides an interface which allows NetworkManager to configure
- and control the IKEv2 daemon directly through DBUS. It is designed to work
- in conjunction with the network-manager-strongswan package, providing
- a simple graphical frontend to configure IPsec based VPNs.
-
-Package: libstrongswan
-Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}
-Description: strongSwan utility and crypto library
- libstrongswan is the underlying library of charon and other strongSwan
- components. It is built in a modular way and is extendable through various
- plugins.
-
-Package: libstrongswan-dev
-Architecture: any
-Priority: optional
-Depends: ${misc:Depends}, libstrongswan (=${binary:Version})
-Section: devel
-Description: strongSwan development headers
- C header files to develop with libstrongswan.
-
-Package: strongswan-dbg
-Architecture: any
-Section: debug
-Priority: extra
-Depends: ${misc:Depends}, strongswan, libstrongswan
-Description: strongSwan library and binaries - debugging symbols
- StrongSwan is an IPsec-based VPN solution for the Linux kernel. It uses the
- native IPsec stack and runs on any recent 2.6 kernel (no patching required).
- It supports both IKEv1 and the newer IKEv2 protocols.
- .
- This package provides the symbols needed for debugging of strongswan.

packages/strongswan/debian/libstrongswan-dev.install

@@ -1,2 +0,0 @@
-usr/lib/strongswan/include/config.h			usr/lib/strongswan/include/
-usr/include/strongswan/*					usr/include/strongswan/

packages/strongswan/debian/libstrongswan.install

@@ -1,31 +0,0 @@
-etc/strongswan.conf												etc/
-usr/lib/strongswan/libstrongswan.so*							usr/lib/strongswan/
-usr/lib/strongswan/libcharon.so*								usr/lib/strongswan/
-usr/lib/strongswan/libtls.so*									usr/lib/strongswan/
-usr/lib/strongswan/plugins/libstrongswan-x509.so*				usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-pubkey.so*				usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-xcbc.so*				usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-random.so*				usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-agent.so*				usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-openssl.so*			usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-ldap.so*				usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-curl.so*				usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-kernel-netlink.so*		usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-eap-identity.so*		usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-eap-mschapv2.so*		usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-eap-tls.so*			usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-eap-md5.so*			usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-pkcs1.so*				usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-revocation.so*			usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-nonce.so*				usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-pkcs8.so*				usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-pem.so*				usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-socket-default.so*		usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-constraints.so*		usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-ctr.so*				usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-ccm.so*				usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-cmac.so*				usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-gcm.so*				usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-xauth-generic.so*		usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-xauth-eap.so*			usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-pkcs11.so*				usr/lib/strongswan/plugins/

packages/strongswan/debian/rules

@@ -1,71 +0,0 @@
-#!/usr/bin/make -f
-
-#export DH_VERBOSE=1
-
-CC = gcc
-CFLAGS = -Wall -Wno-format -Wno-pointer-sign -g
-CONFIGURE_ARGS = \
-	--prefix=/usr --libexecdir=/usr/lib --sysconfdir=/etc --enable-curl \
-	--enable-ldap --disable-aes --disable-des --disable-md5 --disable-sha1 \
-	--disable-sha2 --disable-fips-prf --disable-gmp --disable-pgp --disable-dnskey \
-	--enable-mysql --enable-sqlite --enable-eap-identity --enable-eap-md5 \
-	--enable-eap-mschapv2 --enable-eap-tls --enable-eap-radius --enable-xauth-eap \
-	--enable-farp --enable-attr-sql --enable-dhcp --enable-openssl --enable-agent \
-	--enable-pkcs11 --enable-ctr --enable-ccm --enable-gcm --enable-addrblock \
-	--enable-nm  --disable-hmac --with-capabilities=libcap \
-	--with-ipsecdir=/usr/lib/strongswan --with-ipseclibdir=/usr/lib/strongswan \
-	--with-dev-headers=/usr/include/strongswan
-
-ifeq (,$(filter noopt,$(DEB_BUILD_OPTIONS)))
-	CFLAGS += -O2
-endif
-ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
-	NUMJOBS = $(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
-	MAKEFLAGS += -j$(NUMJOBS)
-endif
-ifeq ($(DEB_BUILD_ARCH_CPU),i386)
-  CONFIGURE_ARGS += --enable-padlock
-endif
-
-build:
-	dh_testdir
-	./configure $(CONFIGURE_ARGS) CC="$(CC)" CFLAGS="$(CFLAGS)"
-	$(MAKE)
-	touch build
-
-clean:
-	dh_testdir
-	dh_testroot
-	rm -f build
-	[ ! -f Makefile ] || $(MAKE) clean
-	dh_clean
-
-install: build
-	dh_testdir
-	dh_testroot
-	dh_clean
-	dh_installdirs
-	$(MAKE) DESTDIR=$(CURDIR)/debian/tmp install
-
-binary-indep: build install
-binary-arch: build install
-	dh_testdir
-	dh_testroot
-	dh_installchangelogs NEWS
-	dh_installdocs README
-	dh_installinit --name=ipsec
-	dh_install -s
-	dh_link
-	dh_strip --dbg=strongswan-dbg
-	dh_compress
-	dh_fixperms -Xetc/ipsec.secrets -Xetc/ipsec.d
-	dh_makeshlibs
-	dh_installdeb
-	dh_shlibdeps
-	dh_gencontrol -s
-	dh_md5sums
-	dh_builddeb -s
-
-binary: binary-indep binary-arch
-.PHONY: build clean binary-indep binary-arch binary install
-

packages/strongswan/debian/strongswan-nm.install

@@ -1 +0,0 @@
-usr/lib/strongswan/charon-nm	usr/lib/strongswan/

packages/strongswan/debian/strongswan-starter.ipsec.init

@@ -1,133 +0,0 @@
-#! /bin/sh
-### BEGIN INIT INFO
-# Provides:          vpn
-# Required-Start:    $network $local_fs
-# Required-Stop:     $network $local_fs
-# Default-Start:     2 3 4 5
-# Default-Stop:      0 1 6
-# Short-Description: Strongswan IPsec services
-### END INIT INFO
-
-# Author: Rene Mayrhofer <rene@mayrhofer.eu.org>
-
-# PATH should only include /usr/* if it runs after the mountnfs.sh script
-PATH=/sbin:/usr/sbin:/bin:/usr/bin
-DESC="strongswan IPsec services"
-NAME=ipsec
-DAEMON=/usr/sbin/$NAME
-PIDFILE=/var/run/$NAME.pid
-SCRIPTNAME=/etc/init.d/$NAME
-
-# Exit if the package is not installed
-[ -x "$DAEMON" ] || exit 0
-
-# Read configuration variable file if it is present
-[ -r /etc/default/$NAME ] && . /etc/default/$NAME
-
-# Load the VERBOSE setting and other rcS variables
-. /lib/init/vars.sh
-
-# Define LSB log_* functions.
-# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
-. /lib/lsb/init-functions
-
-#
-# Function that starts the daemon/service
-#
-do_start()
-{
-	# Return
-	#   0 if daemon has been started
-	#   1 if daemon was already running
-	#   2 if daemon could not be started
-	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
-		|| return 1
-	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- start \
-		|| return 2
-}
-
-#
-# Function that stops the daemon/service
-#
-do_stop()
-{
-	# Return
-	#   0 if daemon has been stopped
-	#   1 if daemon was already stopped
-	#   2 if daemon could not be stopped
-	#   other if a failure occurred
-	# give the proper signal to stop
-	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- stop \
-		|| return 2
-	# but kill if that didn't work
-	start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
-	RETVAL="$?"
-	[ "$RETVAL" = 2 ] && return 2
-	# Wait for children to finish too if this is a daemon that forks
-	# and if the daemon is only ever run from this initscript.
-	# If the above conditions are not satisfied then add some other code
-	# that waits for the process to drop all resources that could be
-	# needed by services started subsequently.  A last resort is to
-	# sleep for some time.
-	start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
-	[ "$?" = 2 ] && return 2
-	# Many daemons don't delete their pidfiles when they exit.
-	rm -f $PIDFILE
-	return "$RETVAL"
-}
-
-do_reload() {
-	$DAEMON reload
-	return 0
-}
-
-case "$1" in
-  start)
-	[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
-	do_start
-	case "$?" in
-		0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
-		2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
-	esac
-	;;
-  stop)
-	[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
-	do_stop
-	case "$?" in
-		0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
-		2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
-	esac
-	;;
-  status)
-	$DAEMON status
-	;;
-  reload|force-reload)
-	log_daemon_msg "Reloading $DESC" "$NAME"
-	do_reload
-	log_end_msg $?
-	;;
-  restart)
-	log_daemon_msg "Restarting $DESC" "$NAME"
-	do_stop
-	case "$?" in
-	  0|1)
-		do_start
-		case "$?" in
-			0) log_end_msg 0 ;;
-			1) log_end_msg 1 ;; # Old process is still running
-			*) log_end_msg 1 ;; # Failed to start
-		esac
-		;;
-	  *)
-	  	# Failed to stop
-		log_end_msg 1
-		;;
-	esac
-	;;
-  *)
-	echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
-	exit 3
-	;;
-esac
-
-:

packages/strongswan/debian/strongswan-tools.install

@@ -1,3 +0,0 @@
-usr/lib/strongswan/scepclient		usr/lib/strongswan/
-usr/lib/strongswan/pki				usr/lib/strongswan/
-usr/share/man/man8/scepclient.8		usr/share/man/man8/

packages/strongswan/debian/strongswan.install

@@ -1,36 +0,0 @@
-usr/lib/strongswan/_updown										usr/lib/strongswan/
-usr/lib/strongswan/_updown_espmark								usr/lib/strongswan/
-usr/lib/strongswan/starter										usr/lib/strongswan/
-usr/lib/strongswan/_copyright									usr/lib/strongswan/
-usr/lib/strongswan/pool											usr/lib/strongswan/
-usr/lib/strongswan/libradius.so*								usr/lib/strongswan/
-usr/sbin/ipsec													usr/sbin/
-etc/ipsec.conf													etc/
-etc/ipsec.d														etc/
-etc/ipsec.d/reqs												etc/ipsec.d/
-etc/ipsec.d/cacerts												etc/ipsec.d/
-etc/ipsec.d/aacerts												etc/ipsec.d/
-etc/ipsec.d/acerts												etc/ipsec.d/
-etc/ipsec.d/ocspcerts											etc/ipsec.d/
-etc/ipsec.d/private												etc/ipsec.d/
-etc/ipsec.d/crls												etc/ipsec.d/
-etc/ipsec.d/certs												etc/ipsec.d/
-usr/share/man/man8/ipsec.8										usr/share/man/man8/
-usr/share/man/man8/_updown.8									usr/share/man/man8/
-usr/share/man/man8/_updown_espmark.8							usr/share/man/man8/
-usr/share/man/man5/ipsec.conf.5									usr/share/man/man5/
-usr/share/man/man5/ipsec.secrets.5								usr/share/man/man5/
-usr/share/man/man5/strongswan.conf.5							usr/share/man/man5/
-usr/lib/strongswan/charon										usr/lib/strongswan/
-usr/lib/strongswan/stroke										usr/lib/strongswan/
-usr/lib/strongswan/plugins/libstrongswan-stroke.so*				usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-updown.so*				usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-attr-sql.so*			usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-mysql.so*				usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-sqlite.so				usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-addrblock.so*			usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-eap-radius.so*			usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-dhcp.so*				usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-farp.so*				usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-attr.so*				usr/lib/strongswan/plugins/
-usr/lib/strongswan/plugins/libstrongswan-resolve.so*			usr/lib/strongswan/plugins/

packages/strongswan/debian/watch

@@ -1,2 +0,0 @@
-version=3
-http://download.strongswan.org/strongswan-([\d.]+)\.tar\.bz2

scripts/Makefile.am

@@ -1,3 +1,5 @@
+EXTRA_DIST = git-version
+
 AM_CPPFLAGS = \
 	-I$(top_srcdir)/src/libstrongswan \
 	-I$(top_srcdir)/src/libtls \

scripts/crypt_burn.c

@@ -196,6 +196,11 @@ int main(int argc, char *argv[])
 	if (argc > 2)
 	{
 		len = atoi(argv[2]);
+		if (len > (1 << 30))
+		{
+			fprintf(stderr, "buffer too large (1 GiB limit)\n");
+			return 1;
+		}
 	}
 	if (argc > 3)
 	{

scripts/git-version

@@ -0,0 +1,16 @@
+#!/bin/sh
+
+SRCDIR=$1
+TARBALL=$SRCDIR/.tarball-git-version
+
+if test -f $TARBALL; then
+	V=$(cat $TARBALL)
+elif test -d $SRCDIR/.git; then
+	V=$(git -C $SRCDIR describe --tags HEAD 2>/dev/null)
+fi
+
+if test -z "$V"; then
+	V="UNKNOWN"
+fi
+
+echo $V

scripts/id2sql.c

@@ -14,6 +14,8 @@
  */
 
 #include <stdio.h>
+
+#include <library.h>
 #include <utils/identification.h>
 
 /**
@@ -25,6 +27,9 @@ int main(int argc, char *argv[])
 	chunk_t enc;
 	int i;
 
+	library_init(NULL, "id2sql");
+	atexit(library_deinit);
+
 	if (argc < 2)
 	{
 		return -1;
@@ -45,6 +50,7 @@ int main(int argc, char *argv[])
 		printf("%02x", (unsigned int)enc.ptr[i]);
 	}
 	printf("'\n");
+	id->destroy(id);
 	return 0;
 }
 

scripts/pubkey_speed.c

@@ -56,6 +56,10 @@ int main(int argc, char *argv[])
 	}
 
 	rounds = atoi(argv[3]);
+	if (rounds < 0 || rounds > (1 << 26))
+	{	/* arbitrary limit to the number of chunk_t/sigs that fit into 1 GiB */
+		usage();
+	}
 
 	if (streq(argv[2], "rsa"))
 	{

scripts/test.sh

@@ -1,11 +1,11 @@
 #!/bin/sh
-# Build script for Travis CI
+# Build script for CI
 
 build_botan()
 {
 	# same revision used in the build recipe of the testing environment
-	BOTAN_REV=2.12.1
-	BOTAN_DIR=$TRAVIS_BUILD_DIR/../botan
+	BOTAN_REV=2.18.0
+	BOTAN_DIR=$DEPS_BUILD_DIR/botan
 
 	if test -d "$BOTAN_DIR"; then
 		return
@@ -22,7 +22,8 @@ build_botan()
 					  --disable-modules=locking_allocator"
 	fi
 	# disable some larger modules we don't need for the tests
-	BOTAN_CONFIG="$BOTAN_CONFIG --disable-modules=pkcs11,tls,x509,xmss"
+	BOTAN_CONFIG="$BOTAN_CONFIG --disable-modules=pkcs11,tls,x509,xmss
+				  --prefix=$DEPS_PREFIX"
 
 	git clone https://github.com/randombit/botan.git $BOTAN_DIR &&
 	cd $BOTAN_DIR &&
@@ -36,8 +37,8 @@ build_botan()
 
 build_wolfssl()
 {
-	WOLFSSL_REV=v4.2.0-stable
-	WOLFSSL_DIR=$TRAVIS_BUILD_DIR/../wolfssl
+	WOLFSSL_REV=0caf3ba456f1 # v4.7.1r + SHA-3 fix
+	WOLFSSL_DIR=$DEPS_BUILD_DIR/wolfssl
 
 	if test -d "$WOLFSSL_DIR"; then
 		return
@@ -45,10 +46,15 @@ build_wolfssl()
 
 	echo "$ build_wolfssl()"
 
-	WOLFSSL_CFLAGS="-DWOLFSSL_PUBLIC_MP -DWOLFSSL_DES_ECB"
-	WOLFSSL_CONFIG="--enable-keygen --enable-rsapss --enable-aesccm
-					--enable-aesctr --enable-des3 --enable-camellia
-					--enable-curve25519 --enable-ed25519"
+	WOLFSSL_CFLAGS="-DWOLFSSL_PUBLIC_MP -DWOLFSSL_DES_ECB -DHAVE_AES_ECB \
+					-DHAVE_ECC_BRAINPOOL -DWOLFSSL_MIN_AUTH_TAG_SZ=8"
+	WOLFSSL_CONFIG="--prefix=$DEPS_PREFIX
+					--disable-crypttests --disable-examples
+					--enable-aesccm --enable-aesctr --enable-camellia
+					--enable-curve25519 --enable-curve448 --enable-des3
+					--enable-ecccustcurves --enable-ed25519 --enable-ed448
+					--enable-keygen --enable-md4 --enable-rsapss --enable-sha3
+					--enable-shake256"
 
 	git clone https://github.com/wolfSSL/wolfssl.git $WOLFSSL_DIR &&
 	cd $WOLFSSL_DIR &&
@@ -63,9 +69,9 @@ build_wolfssl()
 
 build_tss2()
 {
-	TSS2_REV=2.3.1
+	TSS2_REV=2.4.3
 	TSS2_PKG=tpm2-tss-$TSS2_REV
-	TSS2_DIR=$TRAVIS_BUILD_DIR/../$TSS2_PKG
+	TSS2_DIR=$DEPS_BUILD_DIR/$TSS2_PKG
 	TSS2_SRC=https://github.com/tpm2-software/tpm2-tss/releases/download/$TSS2_REV/$TSS2_PKG.tar.gz
 
 	if test -d "$TSS2_DIR"; then
@@ -74,23 +80,24 @@ build_tss2()
 
 	echo "$ build_tss2()"
 
-	# the default version of libgcrypt in Ubuntu 16.04 is too old
-	sudo apt-get update -qq && \
-	sudo apt-get install -qq libgcrypt20-dev &&
-	curl -L $TSS2_SRC | tar xz -C $TRAVIS_BUILD_DIR/.. &&
+	curl -L $TSS2_SRC | tar xz -C $DEPS_BUILD_DIR &&
 	cd $TSS2_DIR &&
-	./configure --disable-doxygen-doc &&
+	./configure --prefix=$DEPS_PREFIX --disable-doxygen-doc &&
 	make -j4 >/dev/null &&
 	sudo make install >/dev/null &&
 	sudo ldconfig || exit $?
 	cd -
 }
 
-if test -z $TRAVIS_BUILD_DIR; then
-	TRAVIS_BUILD_DIR=$PWD
-fi
+: ${BUILD_DIR=$PWD}
+: ${DEPS_BUILD_DIR=$BUILD_DIR/..}
+: ${DEPS_PREFIX=/usr/local}
 
-cd $TRAVIS_BUILD_DIR
+if [ -e /etc/os-release ]; then
+	. /etc/os-release
+elif [ -e /usr/lib/os-release ]; then
+	. /usr/lib/os-release
+fi
 
 TARGET=check
 
@@ -111,17 +118,17 @@ openssl*)
 gcrypt)
 	CONFIG="--disable-defaults --enable-pki --enable-gcrypt --enable-pkcs1"
 	export TESTS_PLUGINS="test-vectors pkcs1 gcrypt!"
-	DEPS="libgcrypt11-dev"
+	if [ "$ID" = "ubuntu" -a "$VERSION_ID" = "20.04" ]; then
+		DEPS="libgcrypt20-dev"
+	else
+		DEPS="libgcrypt11-dev"
+	fi
 	;;
 botan)
 	CONFIG="--disable-defaults --enable-pki --enable-botan --enable-pem"
 	export TESTS_PLUGINS="test-vectors pem botan!"
-	# we can't use the old package that comes with Ubuntu so we build from
-	# the current master until 2.8.0 is released and then probably switch to
-	# that unless we need newer features (at least 2.7.0 plus PKCS#1 patch is
-	# currently required)
 	DEPS=""
-	if test "$1" = "deps"; then
+	if test "$1" = "build-deps"; then
 		build_botan
 	fi
 	;;
@@ -130,7 +137,7 @@ wolfssl)
 	export TESTS_PLUGINS="test-vectors pem wolfssl!"
 	# build with custom options to enable all the features the plugin supports
 	DEPS=""
-	if test "$1" = "deps"; then
+	if test "$1" = "build-deps"; then
 		build_wolfssl
 	fi
 	;;
@@ -138,13 +145,21 @@ printf-builtin)
 	CONFIG="--with-printf-hooks=builtin"
 	;;
 all|coverage|sonarcloud)
+	if [ "$TEST" = "sonarcloud" ]; then
+		if [ -z "$SONAR_PROJECT" -o -z "$SONAR_ORGANIZATION" -o -z "$SONAR_TOKEN" ]; then
+			echo "The SONAR_PROJECT, SONAR_ORGANIZATION and SONAR_TOKEN" \
+				 "environment variables are required to run this test"
+			exit 1
+		fi
+	fi
 	CONFIG="--enable-all --disable-android-dns --disable-android-log
 			--disable-kernel-pfroute --disable-keychain
 			--disable-lock-profiler --disable-padlock --disable-fuzzing
 			--disable-osx-attr --disable-tkm --disable-uci
-			--disable-soup --disable-unwind-backtraces
+			--disable-unwind-backtraces
 			--disable-svc --disable-dbghelp-backtraces --disable-socket-win
-			--disable-kernel-wfp --disable-kernel-iph --disable-winhttp"
+			--disable-kernel-wfp --disable-kernel-iph --disable-winhttp
+			--disable-python-eggs-install"
 	# not enabled on the build server
 	CONFIG="$CONFIG --disable-af-alg"
 	if test "$TEST" != "coverage"; then
@@ -153,13 +168,27 @@ all|coverage|sonarcloud)
 		# not actually required but configure checks for it
 		DEPS="$DEPS lcov"
 	fi
+	# Botan requires newer compilers, so disable it on Ubuntu 16.04
+	if [ "$ID" = "ubuntu" -a "$VERSION_ID" = "16.04" ]; then
+		CONFIG="$CONFIG --disable-botan"
+	fi
 	DEPS="$DEPS libcurl4-gnutls-dev libsoup2.4-dev libunbound-dev libldns-dev
 		  libmysqlclient-dev libsqlite3-dev clearsilver-dev libfcgi-dev
-		  libpcsclite-dev libpam0g-dev binutils-dev libunwind8-dev libnm-dev
-		  libjson-c-dev iptables-dev python-pip libtspi-dev libsystemd-dev"
-	PYDEPS="pytest"
-	if test "$1" = "deps"; then
-		build_botan
+		  libldap2-dev libpcsclite-dev libpam0g-dev binutils-dev libnm-dev
+		  libgcrypt20-dev libjson-c-dev python3-pip libtspi-dev libsystemd-dev"
+	if [ "$ID" = "ubuntu" -a "$VERSION_ID" = "20.04" ]; then
+		DEPS="$DEPS libiptc-dev"
+	else
+		DEPS="$DEPS iptables-dev python3-setuptools"
+	fi
+	# tox has dependencies that can't be resolved on 16.04 (even with pip)
+	if [ "$ID" != "ubuntu" -o "$VERSION_ID" != "16.04" ]; then
+		PYDEPS="tox"
+	fi
+	if test "$1" = "build-deps"; then
+		if [ "$ID" != "ubuntu" -o "$VERSION_ID" != "16.04" ]; then
+			build_botan
+		fi
 		build_wolfssl
 		build_tss2
 	fi
@@ -170,7 +199,7 @@ win*)
 			--enable-constraints --enable-revocation --enable-pem --enable-pkcs1
 			--enable-pkcs8 --enable-x509 --enable-pubkey --enable-acert
 			--enable-eap-tnc --enable-eap-ttls --enable-eap-identity
-			--enable-updown --enable-ext-auth --enable-libipsec
+			--enable-updown --enable-ext-auth --enable-libipsec --enable-pkcs11
 			--enable-tnccs-20 --enable-imc-attestation --enable-imv-attestation
 			--enable-imc-os --enable-imv-os --enable-tnc-imv --enable-tnc-imc
 			--enable-pki --enable-swanctl --enable-socket-win
@@ -178,11 +207,10 @@ win*)
 	# no make check for Windows binaries unless we run on a windows host
 	if test "$APPVEYOR" != "True"; then
 		TARGET=
-		CCACHE=ccache
 	else
 		CONFIG="$CONFIG --enable-openssl"
-		CFLAGS="$CFLAGS -I/c/OpenSSL-$TEST/include"
-		LDFLAGS="-L/c/OpenSSL-$TEST"
+		CFLAGS="$CFLAGS -I$OPENSSL_DIR/include"
+		LDFLAGS="-L$OPENSSL_DIR"
 		export LDFLAGS
 	fi
 	CFLAGS="$CFLAGS -mno-ms-bitfields"
@@ -191,30 +219,37 @@ win*)
 	win64)
 		CONFIG="--host=x86_64-w64-mingw32 $CONFIG --enable-dbghelp-backtraces"
 		DEPS="gcc-mingw-w64-x86-64 binutils-mingw-w64-x86-64 mingw-w64-x86-64-dev $DEPS"
-		CC="$CCACHE x86_64-w64-mingw32-gcc"
+		CC="x86_64-w64-mingw32-gcc"
 		;;
 	win32)
 		CONFIG="--host=i686-w64-mingw32 $CONFIG"
 		DEPS="gcc-mingw-w64-i686 binutils-mingw-w64-i686 mingw-w64-i686-dev $DEPS"
-		CC="$CCACHE i686-w64-mingw32-gcc"
+		CC="i686-w64-mingw32-gcc"
 		;;
 	esac
 	;;
-osx)
+android)
+	if test "$1" = "deps"; then
+		git clone git://git.strongswan.org/android-ndk-boringssl.git -b ndk-static \
+			src/frontends/android/app/src/main/jni/openssl
+	fi
+	TARGET=distdir
+	;;
+macos)
 	# this causes a false positive in ip-packet.c since Xcode 8.3
 	CFLAGS="$CFLAGS -Wno-address-of-packed-member"
 	# use the same options as in the Homebrew Formula
 	CONFIG="--disable-defaults --enable-charon --enable-cmd --enable-constraints
 			--enable-curl --enable-eap-gtc --enable-eap-identity
-			--enable-eap-md5 --enable-eap-mschapv2 --enable-ikev1 --enable-ikev2
-			--enable-kernel-libipsec --enable-kernel-pfkey
+			--enable-eap-md5 --enable-eap-mschapv2 --enable-farp --enable-ikev1
+			--enable-ikev2 --enable-kernel-libipsec --enable-kernel-pfkey
 			--enable-kernel-pfroute --enable-nonce --enable-openssl
 			--enable-osx-attr --enable-pem --enable-pgp --enable-pkcs1
 			--enable-pkcs8 --enable-pki --enable-pubkey --enable-revocation
 			--enable-scepclient --enable-socket-default --enable-sshkey
 			--enable-stroke --enable-swanctl --enable-unity --enable-updown
 			--enable-x509 --enable-xauth-generic"
-	DEPS="bison gettext openssl curl"
+	DEPS="automake autoconf libtool bison gettext openssl curl"
 	BREW_PREFIX=$(brew --prefix)
 	export PATH=$BREW_PREFIX/opt/bison/bin:$PATH
 	export ACLOCAL_PATH=$BREW_PREFIX/opt/gettext/share/aclocal:$ACLOCAL_PATH
@@ -241,10 +276,11 @@ freebsd)
 			--enable-eap-radius --enable-eap-sim --enable-eap-sim-file
 			--enable-gcm --enable-ipseckey --enable-kernel-libipsec
 			--enable-load-tester --enable-ldap --enable-mediation
-			--enable-mysql --enable-sqlite --enable-tpm	--enable-unbound
-			--enable-unity --enable-xauth-eap --enable-xauth-pam
-			--with-printf-hooks=builtin --enable-attr-sql --enable-sql"
-	DEPS="gmp openldap-client libxml2 mysql80-client sqlite3 unbound ldns"
+			--enable-mysql --enable-sqlite --enable-tpm --enable-tss-tss2
+			--enable-unbound --enable-unity --enable-xauth-eap --enable-xauth-pam
+			--with-printf-hooks=builtin --enable-attr-sql --enable-sql
+			--enable-farp"
+	DEPS="git gmp openldap-client libxml2 mysql80-client sqlite3 unbound ldns tpm2-tss"
 	export GPERF=/usr/local/bin/gperf
 	export LEX=/usr/local/bin/flex
 	;;
@@ -258,7 +294,7 @@ fuzzing)
 	if test -z "$1"; then
 		if test -z "$FUZZING_CORPORA"; then
 			git clone --depth 1 https://github.com/strongswan/fuzzing-corpora.git fuzzing-corpora
-			export FUZZING_CORPORA=$TRAVIS_BUILD_DIR/fuzzing-corpora
+			export FUZZING_CORPORA=$BUILD_DIR/fuzzing-corpora
 		fi
 		# these are about the same as those on OSS-Fuzz (except for the
 		# symbolize options and strip_path_prefix)
@@ -270,6 +306,17 @@ fuzzing)
 			symbolize=1:handle_segv=1:fast_unwind_on_fatal=0:external_symbolizer_path=/usr/bin/llvm-symbolizer-3.5
 	fi
 	;;
+nm|nm-no-glib)
+	DEPS="gnome-common libsecret-1-dev libgtk-3-dev libnm-dev libnma-dev"
+	if test "$TEST" = "nm"; then
+		DEPS="$DEPS libnm-glib-vpn-dev libnm-gtk-dev"
+	else
+		CONFIG="$CONFIG --without-libnm-glib"
+	fi
+	cd src/frontends/gnome
+	# don't run ./configure with ./autogen.sh
+	export NOCONFIGURE=1
+	;;
 dist)
 	TARGET=distcheck
 	;;
@@ -278,22 +325,83 @@ apidoc)
 	CONFIG="--disable-defaults"
 	TARGET=apidoc
 	;;
+lgtm)
+	if [ -z "$LGTM_PROJECT" -o -z "$LGTM_TOKEN" ]; then
+		echo "The LGTM_PROJECT and LGTM_TOKEN environment variables" \
+			 "are required to run this test"
+		exit 0
+	fi
+	DEPS="jq"
+	if test -z "$1"; then
+		base=$COMMIT_BASE
+		# after rebases or for new/duplicate branches, the passed base commit
+		# ID might not be valid
+		git rev-parse -q --verify $base^{commit}
+		if [ $? != 0 ]; then
+			# this will always compare against master, while via base we
+			# otherwise only contains "new" commits
+			base=$(git merge-base origin/master ${COMMIT_ID})
+		fi
+		base=$(git rev-parse $base)
+
+		echo "Starting code review for $COMMIT_ID (base $base) on lgtm.com"
+		git diff --binary $base > lgtm.patch || exit $?
+		curl -s -X POST --data-binary @lgtm.patch \
+			"https://lgtm.com/api/v1.0/codereviews/${LGTM_PROJECT}?base=${base}&external-id=${BUILD_NUMBER}" \
+			-H 'Content-Type: application/octet-stream' \
+			-H 'Accept: application/json' \
+			-H "Authorization: Bearer ${LGTM_TOKEN}" > lgtm.res || exit $?
+		lgtm_check_url=$(jq -r '."task-result-url"' lgtm.res)
+		if [ -z "$lgtm_check_url" -o "$lgtm_check_url" = "null" ]; then
+			cat lgtm.res
+			exit 1
+		fi
+		lgtm_url=$(jq -r '."task-result"."results-url"' lgtm.res)
+		echo "Progress and full results: ${lgtm_url}"
+
+		echo -n "Waiting for completion: "
+		lgtm_status=pending
+		while [ "$lgtm_status" = "pending" ]; do
+			sleep 15
+			curl -s -X GET "${lgtm_check_url}" \
+				-H 'Accept: application/json' \
+				-H "Authorization: Bearer ${LGTM_TOKEN}" > lgtm.res
+			if [ $? != 0 ]; then
+				echo -n "-"
+				continue
+			fi
+			echo -n "."
+			lgtm_status=$(jq -r '.status' lgtm.res)
+		done
+		echo ""
+
+		if [ "$lgtm_status" != "success" ]; then
+			lgtm_message=$(jq -r '.["status-message"]' lgtm.res)
+			echo "Code review failed: ${lgtm_message}"
+			exit 1
+		fi
+		lgtm_new=$(jq -r '.languages[].new' lgtm.res | awk '{t+=$1} END {print t}')
+		lgtm_fixed=$(jq -r '.languages[].fixed' lgtm.res | awk '{t+=$1} END {print t}')
+		echo -n "Code review complete: "
+		printf "%b\n" "\e[1;31m${lgtm_new}\e[0m new alerts, \e[1;32m${lgtm_fixed}\e[0m fixed"
+		exit $lgtm_new
+	fi
+	;;
 *)
 	echo "$0: unknown test $TEST" >&2
 	exit 1
 	;;
 esac
 
-if test "$1" = "deps"; then
-	case "$TRAVIS_OS_NAME" in
+case "$1" in
+deps)
+	case "$OS_NAME" in
 	linux)
 		sudo apt-get update -qq && \
 		sudo apt-get install -qq bison flex gperf gettext $DEPS
 		;;
-	osx)
+	macos)
 		brew update && \
-		# workaround for issue #6352
-		brew uninstall --force libtool && brew install libtool && \
 		brew install $DEPS
 		;;
 	freebsd)
@@ -302,12 +410,17 @@ if test "$1" = "deps"; then
 		;;
 	esac
 	exit $?
-fi
-
-if test "$1" = "pydeps"; then
-	test -z "$PYDEPS" || pip -q install --user $PYDEPS
+	;;
+pydeps)
+	test -z "$PYDEPS" || pip3 -q install --user $PYDEPS
 	exit $?
-fi
+	;;
+build-deps)
+	exit
+	;;
+*)
+	;;
+esac
 
 CONFIG="$CONFIG
 	--disable-dependency-tracking
@@ -332,12 +445,6 @@ esac
 echo "$ make $TARGET"
 case "$TEST" in
 sonarcloud)
-	# there is an issue with the platform detection that causes sonarqube to
-	# fail on bionic with "ERROR: ld.so: object '...libinterceptor-${PLATFORM}.so'
-	# from LD_PRELOAD cannot be preloaded (cannot open shared object file)"
-	# https://jira.sonarsource.com/browse/CPP-2027
-	BW_PATH=$(dirname $(which build-wrapper-linux-x86-64))
-	cp $BW_PATH/libinterceptor-x86_64.so $BW_PATH/libinterceptor-haswell.so
 	# without target, coverage is currently not supported anyway because
 	# sonarqube only supports gcov, not lcov
 	build-wrapper-linux-x86-64 --out-dir bw-output make -j4 || exit $?
@@ -357,13 +464,24 @@ apidoc)
 	;;
 sonarcloud)
 	sonar-scanner \
-		-Dsonar.projectKey=strongswan \
-		-Dsonar.projectVersion=$(git describe)+${TRAVIS_BUILD_NUMBER} \
+		-Dsonar.host.url=https://sonarcloud.io \
+		-Dsonar.projectKey=${SONAR_PROJECT} \
+		-Dsonar.organization=${SONAR_ORGANIZATION} \
+		-Dsonar.login=${SONAR_TOKEN} \
+		-Dsonar.projectVersion=$(git describe)+${BUILD_NUMBER} \
 		-Dsonar.sources=. \
 		-Dsonar.cfamily.threads=2 \
+		-Dsonar.cfamily.cache.enabled=true \
+		-Dsonar.cfamily.cache.path=$HOME/.sonar-cache \
 		-Dsonar.cfamily.build-wrapper-output=bw-output || exit $?
 	rm -r bw-output .scannerwork
 	;;
+android)
+	rm -r strongswan-*
+	cd src/frontends/android
+	echo "$ ./gradlew build"
+	NDK_CCACHE=ccache ./gradlew build || exit $?
+	;;
 *)
 	;;
 esac

scripts/tls_test.c

@@ -1,4 +1,8 @@
 /*
+ * Copyright (C) 2020 Pascal Knecht
+ * Copyright (C) 2020 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
  * Copyright (C) 2010 Martin Willi
  * Copyright (C) 2010 revosec AG
  *
@@ -33,8 +37,28 @@
 static void usage(FILE *out, char *cmd)
 {
 	fprintf(out, "usage:\n");
-	fprintf(out, "  %s --connect <address> --port <port> [--key <key] [--cert <file>]+ [--times <n>]\n", cmd);
-	fprintf(out, "  %s --listen <address> --port <port> --key <key> [--cert <file>]+ [--times <n>]\n", cmd);
+	fprintf(out, "  %s --connect <address> --port <port> [--key <key] [--cert <file>] [--cacert <file>]+ [--times <n>]\n", cmd);
+	fprintf(out, "  %s --listen <address> --port <port> --key <key> --cert <file> [--cacert <file>]+ [--auth-optional] [--times <n>]\n", cmd);
+	fprintf(out, "\n");
+	fprintf(out, "options:\n");
+	fprintf(out, "  --help                   print help and exit\n");
+	fprintf(out, "  --connect <address>      connect to a server on dns name or ip address\n");
+	fprintf(out, "  --listen <address>       listen on dns name or ip address\n");
+	fprintf(out, "  --port <port>            specify the port to use\n");
+	fprintf(out, "  --cert <file>            certificate to authenticate itself\n");
+	fprintf(out, "  --key <file>             private key to authenticate itself\n");
+	fprintf(out, "  --cacert <file>          certificate to verify other peer\n");
+	fprintf(out, "  --auth-optional          don't enforce client authentication\n");
+	fprintf(out, "  --times <n>              specify the amount of repeated connection establishments\n");
+	fprintf(out, "  --ipv4                   use IPv4\n");
+	fprintf(out, "  --ipv6                   use IPv6\n");
+	fprintf(out, "  --min-version <version>  specify the minimum TLS version, supported versions:\n");
+	fprintf(out, "                           1.0 (default), 1.1, 1.2 and 1.3\n");
+	fprintf(out, "  --max-version <version>  specify the maximum TLS version, supported versions:\n");
+	fprintf(out, "                           1.0, 1.1, 1.2 and 1.3 (default)\n");
+	fprintf(out, "  --version <version>      set one specific TLS version to use, supported versions:\n");
+	fprintf(out, "                           1.0, 1.1, 1.2 and 1.3\n");
+	fprintf(out, "  --debug <debug level>    set debug level, default is 1\n");
 }
 
 /**
@@ -85,14 +109,17 @@ static identification_t *find_client_id()
  * Client routine
  */
 static int run_client(host_t *host, identification_t *server,
-					  identification_t *client, int times, tls_cache_t *cache)
+					  identification_t *client, int times, tls_cache_t *cache,
+					  tls_version_t min_version, tls_version_t max_version,
+					  tls_flag_t flags)
 {
 	tls_socket_t *tls;
 	int fd, res;
 
 	while (times == -1 || times-- > 0)
 	{
-		fd = socket(AF_INET, SOCK_STREAM, 0);
+		DBG2(DBG_TLS, "connecting to %#H", host);
+		fd = socket(host->get_family(host), SOCK_STREAM, 0);
 		if (fd == -1)
 		{
 			DBG1(DBG_TLS, "opening socket failed: %s", strerror(errno));
@@ -105,7 +132,8 @@ static int run_client(host_t *host, identification_t *server,
 			close(fd);
 			return 1;
 		}
-		tls = tls_socket_create(FALSE, server, client, fd, cache, TLS_1_2, TRUE);
+		tls = tls_socket_create(FALSE, server, client, fd, cache, min_version,
+							    max_version, flags);
 		if (!tls)
 		{
 			close(fd);
@@ -125,8 +153,9 @@ static int run_client(host_t *host, identification_t *server,
 /**
  * Server routine
  */
-static int serve(host_t *host, identification_t *server,
-				 int times, tls_cache_t *cache)
+static int serve(host_t *host, identification_t *server, identification_t *client,
+				 int times, tls_cache_t *cache, tls_version_t min_version,
+				 tls_version_t max_version, tls_flag_t flags)
 {
 	tls_socket_t *tls;
 	int fd, cfd;
@@ -162,7 +191,8 @@ static int serve(host_t *host, identification_t *server,
 		}
 		DBG1(DBG_TLS, "%#H connected", host);
 
-		tls = tls_socket_create(TRUE, server, NULL, cfd, cache, TLS_1_2, TRUE);
+		tls = tls_socket_create(TRUE, server, client, cfd, cache, min_version,
+								max_version, flags);
 		if (!tls)
 		{
 			close(fd);
@@ -207,8 +237,8 @@ static bool load_key(char *filename)
 {
 	private_key_t *key;
 
-	key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_RSA,
-							  BUILD_FROM_FILE, filename, BUILD_END);
+	key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ANY,
+							 BUILD_FROM_FILE, filename, BUILD_END);
 	if (!key)
 	{
 		DBG1(DBG_TLS, "loading key from '%s' failed", filename);
@@ -251,11 +281,14 @@ static void cleanup()
  */
 static void init()
 {
+	char *plugins;
+
 	library_init(NULL, "tls_test");
 
 	dbg = dbg_tls;
 
-	lib->plugins->load(lib->plugins, PLUGINS);
+	plugins = getenv("PLUGINS") ?: PLUGINS;
+	lib->plugins->load(lib->plugins, plugins);
 
 	creds = mem_cred_create();
 	lib->credmgr->add_set(lib->credmgr, &creds->set);
@@ -267,8 +300,10 @@ int main(int argc, char *argv[])
 {
 	char *address = NULL;
 	bool listen = FALSE;
-	int port = 0, times = -1, res;
-	identification_t *server, *client;
+	int port = 0, times = -1, res, family = AF_UNSPEC;
+	identification_t *server, *client = NULL;
+	tls_version_t min_version = TLS_SUPPORTED_MIN, max_version = TLS_SUPPORTED_MAX;
+	tls_flag_t flags = TLS_FLAG_ENCRYPTION_OPTIONAL;
 	tls_cache_t *cache;
 	host_t *host;
 
@@ -277,14 +312,21 @@ int main(int argc, char *argv[])
 	while (TRUE)
 	{
 		struct option long_opts[] = {
-			{"help",		no_argument,			NULL,		'h' },
-			{"connect",		required_argument,		NULL,		'c' },
-			{"listen",		required_argument,		NULL,		'l' },
-			{"port",		required_argument,		NULL,		'p' },
-			{"cert",		required_argument,		NULL,		'x' },
-			{"key",			required_argument,		NULL,		'k' },
-			{"times",		required_argument,		NULL,		't' },
-			{"debug",		required_argument,		NULL,		'd' },
+			{"help",			no_argument,			NULL,		'h' },
+			{"connect",			required_argument,		NULL,		'c' },
+			{"listen",			required_argument,		NULL,		'l' },
+			{"port",			required_argument,		NULL,		'p' },
+			{"cert",			required_argument,		NULL,		'x' },
+			{"key",				required_argument,		NULL,		'k' },
+			{"cacert",			required_argument,		NULL,		'f' },
+			{"times",			required_argument,		NULL,		't' },
+			{"ipv4",			no_argument,			NULL,		'4' },
+			{"ipv6",			no_argument,			NULL,		'6' },
+			{"min-version",		required_argument,		NULL,		'm' },
+			{"max-version",		required_argument,		NULL,		'M' },
+			{"version",			required_argument,		NULL,		'v' },
+			{"auth-optional",	no_argument,			NULL,		'n' },
+			{"debug",			required_argument,		NULL,		'd' },
 			{0,0,0,0 }
 		};
 		switch (getopt_long(argc, argv, "", long_opts, NULL))
@@ -306,6 +348,13 @@ int main(int argc, char *argv[])
 					return 1;
 				}
 				continue;
+			case 'f':
+				if (!load_certificate(optarg))
+				{
+					return 1;
+				}
+				client = identification_create_from_encoding(ID_ANY, chunk_empty);
+				continue;
 			case 'l':
 				listen = TRUE;
 				/* fall */
@@ -326,6 +375,40 @@ int main(int argc, char *argv[])
 			case 'd':
 				tls_level = atoi(optarg);
 				continue;
+			case '4':
+				family = AF_INET;
+				continue;
+			case '6':
+				family = AF_INET6;
+				continue;
+			case 'm':
+				if (!enum_from_name(tls_numeric_version_names, optarg,
+									&min_version))
+				{
+					fprintf(stderr, "unknown minimum TLS version: %s\n", optarg);
+					return 1;
+				}
+				continue;
+			case 'M':
+				if (!enum_from_name(tls_numeric_version_names, optarg,
+									&max_version))
+				{
+					fprintf(stderr, "unknown maximum TLS version: %s\n", optarg);
+					return 1;
+				}
+				continue;
+			case 'v':
+				if (!enum_from_name(tls_numeric_version_names, optarg,
+									&min_version))
+				{
+					fprintf(stderr, "unknown TLS version: %s\n", optarg);
+					return 1;
+				}
+				max_version = min_version;
+				continue;
+			case 'n':
+				flags |= TLS_FLAG_CLIENT_AUTH_OPTIONAL;
+				continue;
 			default:
 				usage(stderr, argv[0]);
 				return 1;
@@ -337,7 +420,7 @@ int main(int argc, char *argv[])
 		usage(stderr, argv[0]);
 		return 1;
 	}
-	host = host_create_from_dns(address, 0, port);
+	host = host_create_from_dns(address, family, port);
 	if (!host)
 	{
 		DBG1(DBG_TLS, "resolving hostname %s failed", address);
@@ -347,12 +430,15 @@ int main(int argc, char *argv[])
 	cache = tls_cache_create(100, 30);
 	if (listen)
 	{
-		res = serve(host, server, times, cache);
+		res = serve(host, server, client, times, cache, min_version,
+					max_version, flags);
 	}
 	else
 	{
+		DESTROY_IF(client);
 		client = find_client_id();
-		res = run_client(host, server, client, times, cache);
+		res = run_client(host, server, client, times, cache, min_version,
+						 max_version, flags);
 		DESTROY_IF(client);
 	}
 	cache->destroy(cache);

sonar-project.properties

@@ -0,0 +1,42 @@
+# exclude these files completely
+sonar.exclusions=\
+	src/manager/templates/static/jquery.js, \
+	src/include/linux/**, \
+	src/frontends/**, \
+	**/data.sql, \
+	**/test.sql, \
+	**/tables.sql, \
+	**/ipsec.sql
+
+# don't report duplications in these files
+sonar.cpd.exclusions=\
+	src/libstrongswan/crypto/proposal/proposal_keywords_static.c, \
+	src/libstrongswan/settings/settings_parser.*, \
+	src/libstrongswan/settings/settings_lexer.c, \
+	src/starter/keywords.c, \
+	src/starter/parser/parser.*, \
+	src/starter/parser/lexer.c, \
+	src/stroke/stroke_keywords.c, \
+	**/suites/test_*.c, \
+	**/data.sql
+
+# the following settings are officially only available via UI
+
+# ignore issues in these generated files
+sonar.issue.ignore.allfile=a1,a2,a3
+sonar.issue.ignore.allfile.a1.fileRegexp=generated by flex
+sonar.issue.ignore.allfile.a2.fileRegexp=made by GNU Bison
+sonar.issue.ignore.allfile.a3.fileRegexp=produced by gperf
+
+# ignore some rules
+sonar.issue.ignore.multicriteria=m1,m2,m3,m4,m5
+sonar.issue.ignore.multicriteria.m1.ruleKey=c:SingleDeclarationPerStatement
+sonar.issue.ignore.multicriteria.m1.resourceKey=**/*
+sonar.issue.ignore.multicriteria.m2.ruleKey=c:FunctionEllipsis
+sonar.issue.ignore.multicriteria.m2.resourceKey=**/*
+sonar.issue.ignore.multicriteria.m3.ruleKey=c:S936
+sonar.issue.ignore.multicriteria.m3.resourceKey=**/*
+sonar.issue.ignore.multicriteria.m4.ruleKey=c:S1172
+sonar.issue.ignore.multicriteria.m4.resourceKey=**/*
+sonar.issue.ignore.multicriteria.m5.ruleKey=plsql:SingleLineCommentsSyntaxCheck
+sonar.issue.ignore.multicriteria.m5.resourceKey=**/*

src/Makefile.am

@@ -42,6 +42,9 @@ endif
 
 if USE_LIBCHARON
   SUBDIRS += libcharon
+if USE_KERNEL_NETLINK
+  SUBDIRS += xfrmi
+endif
 endif
 
 if USE_FILE_CONFIG
@@ -143,7 +146,3 @@ endif
 if USE_TPM
   SUBDIRS += tpm_extendpcr
 endif
-
-if USE_KERNEL_NETLINK
-  SUBDIRS += xfrmi
-endif

src/_copyright/_copyright.c

@@ -58,14 +58,14 @@ static const char *copyright[] = {
 	NULL,
 };
 
-char usage[] = "Usage: ipsec _copyright";
-struct option opts[] = {
+static const char usage[] = "Usage: ipsec _copyright";
+static const struct option opts[] = {
   {"help",	0,	NULL,	'h',},
   {"version",	0,	NULL,	'v',},
   {0,		0,	NULL,	0, },
 };
 
-char me[] = "ipsec _copyright";	/* for messages */
+static const char me[] = "ipsec _copyright";	/* for messages */
 
 int
 main(int argc, char *argv[])

src/_updown/_updown.in

@@ -43,7 +43,7 @@
 #              is the name of the ipsec interface to be used.
 #
 #       PLUTO_REQID
-#              is the requid of the AH|ESP policy
+#              is the reqid of the AH|ESP policy
 #
 #       PLUTO_PROTO
 #              is the negotiated IPsec protocol, ah|esp

src/charon-cmd/charon-cmd.c

@@ -134,14 +134,10 @@ static int run()
 				break;
 			}
 			case SIGINT:
-			{
-				DBG1(DBG_DMN, "signal of type SIGINT received. Shutting down");
-				charon->bus->alert(charon->bus, ALERT_SHUTDOWN_SIGNAL, sig);
-				return 0;
-			}
 			case SIGTERM:
 			{
-				DBG1(DBG_DMN, "signal of type SIGTERM received. Shutting down");
+				DBG1(DBG_DMN, "%s received, shutting down",
+					 sig == SIGINT ? "SIGINT" : "SIGTERM");
 				charon->bus->alert(charon->bus, ALERT_SHUTDOWN_SIGNAL, sig);
 				return 0;
 			}

src/charon-cmd/cmd/cmd_connection.c

@@ -362,9 +362,8 @@ static child_cfg_t* create_child_cfg(private_cmd_connection_t *this,
 	}
 	else
 	{
+		child_cfg->add_proposal(child_cfg, proposal_create_default_aead(PROTO_ESP));
 		child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
-		child_cfg->add_proposal(child_cfg,
-								proposal_create_default_aead(PROTO_ESP));
 	}
 	while (this->local_ts->remove_first(this->local_ts, (void**)&ts) == SUCCESS)
 	{

src/charon-nm/Makefile.am

@@ -23,7 +23,6 @@ charon_nm_LDADD = \
 	$(top_builddir)/src/libcharon/libcharon.la \
 	-lm $(PTHREADLIB) $(ATOMICLIB) $(DLLIB) ${nm_LIBS}
 
-dbusservicedir = $(datadir)/dbus-1/system.d
-dbusservice_DATA = nm-strongswan-service.conf
+dbuspolicy_DATA = nm-strongswan-service.conf
 
-EXTRA_DIST = $(dbusservice_DATA)
+EXTRA_DIST = $(dbuspolicy_DATA)

src/charon-nm/charon-nm.c

@@ -94,14 +94,10 @@ static void run()
 		switch (sig)
 		{
 			case SIGINT:
-			{
-				DBG1(DBG_DMN, "signal of type SIGINT received. Shutting down");
-				charon->bus->alert(charon->bus, ALERT_SHUTDOWN_SIGNAL, sig);
-				return;
-			}
 			case SIGTERM:
 			{
-				DBG1(DBG_DMN, "signal of type SIGTERM received. Shutting down");
+				DBG1(DBG_DMN, "%s received, shutting down",
+					 sig == SIGINT ? "SIGINT" : "SIGTERM");
 				charon->bus->alert(charon->bus, ALERT_SHUTDOWN_SIGNAL, sig);
 				return;
 			}
@@ -196,9 +192,9 @@ int main(int argc, char *argv[])
 							   "charon-nm.syslog.daemon.default", 1));
 	charon->load_loggers(charon);
 
-	/* use random ports to avoid conflicts with regular charon */
-	lib->settings->set_int(lib->settings, "charon-nm.port", 0);
-	lib->settings->set_int(lib->settings, "charon-nm.port_nat_t", 0);
+	/* default to random ports to avoid conflicts with regular charon */
+	lib->settings->set_default_str(lib->settings, "charon-nm.port", "0");
+	lib->settings->set_default_str(lib->settings, "charon-nm.port_nat_t", "0");
 
 	DBG1(DBG_DMN, "Starting charon NetworkManager backend (strongSwan "VERSION")");
 	if (lib->integrity)

src/charon-nm/nm/nm_backend.c

@@ -14,6 +14,9 @@
  * for more details.
  */
 
+#include <sys/types.h>
+#include <unistd.h>
+
 #include "nm_service.h"
 #include "nm_creds.h"
 #include "nm_handler.h"
@@ -44,7 +47,7 @@ struct nm_backend_t {
 	nm_creds_t *creds;
 
 	/**
-	 * attribute handler regeisterd at the daemon
+	 * attribute handler registered at the daemon
 	 */
 	nm_handler_t *handler;
 };
@@ -54,12 +57,21 @@ struct nm_backend_t {
  */
 static nm_backend_t *nm_backend = NULL;
 
+/**
+ * Terminate the daemon if signaled by NM
+ */
+static void terminate(void *plugin, void *arg)
+{
+	kill(getpid(), SIGTERM);
+}
+
 /**
  * NM plugin processing routine, creates and handles NMVpnServicePlugin
  */
 static job_requeue_t run(nm_backend_t *this)
 {
 	this->loop = g_main_loop_new(NULL, FALSE);
+	g_signal_connect(this->plugin, "quit", G_CALLBACK(terminate), NULL);
 	g_main_loop_run(this->loop);
 	return JOB_REQUEUE_NONE;
 }

src/charon-nm/nm/nm_backend.h

@@ -28,8 +28,6 @@
 
 /**
  * Initialize the NetworkManager backend.
- *
- * @return		TRUE, if initialization was successful
  */
 void nm_backend_register();
 

src/charon-nm/nm/nm_creds.c

@@ -77,32 +77,11 @@ struct private_nm_creds_t {
 };
 
 /**
- * Enumerator for user certificate
+ * Enumerator for user certificate (lock has to be locked)
  */
 static enumerator_t *create_usercert_enumerator(private_nm_creds_t *this,
 							certificate_type_t cert, key_type_t key)
 {
-	public_key_t *public;
-
-	if (cert != CERT_ANY && cert != this->usercert->get_type(this->usercert))
-	{
-		return NULL;
-	}
-	if (key != KEY_ANY)
-	{
-		public = this->usercert->get_public_key(this->usercert);
-		if (!public)
-		{
-			return NULL;
-		}
-		if (public->get_type(public) != key)
-		{
-			public->destroy(public);
-			return NULL;
-		}
-		public->destroy(public);
-	}
-	this->lock->read_lock(this->lock);
 	return enumerator_create_cleaner(
 								enumerator_create_single(this->usercert, NULL),
 								(void*)this->lock->unlock, this->lock);
@@ -114,6 +93,8 @@ static enumerator_t *create_usercert_enumerator(private_nm_creds_t *this,
 typedef struct {
 	/** ref to credential credential store */
 	private_nm_creds_t *this;
+	/** certificate type we are looking for */
+	certificate_type_t type;
 	/** type of key we are looking for */
 	key_type_t key;
 	/** CA certificate ID */
@@ -131,55 +112,36 @@ CALLBACK(cert_filter, bool,
 	cert_data_t *data, enumerator_t *orig, va_list args)
 {
 	certificate_t *cert, **out;
-	public_key_t *public;
 
 	VA_ARGS_VGET(args, out);
 
 	while (orig->enumerate(orig, &cert))
 	{
-		public = cert->get_public_key(cert);
-		if (!public)
+		if (certificate_matches(cert, data->type, data->key, data->id))
 		{
-			continue;
-		}
-		if (data->key != KEY_ANY && public->get_type(public) != data->key)
-		{
-			public->destroy(public);
-			continue;
-		}
-		if (data->id && data->id->get_type(data->id) == ID_KEY_ID &&
-			public->has_fingerprint(public, data->id->get_encoding(data->id)))
-		{
-			public->destroy(public);
 			*out = cert;
 			return TRUE;
 		}
-		public->destroy(public);
-		if (data->id && !cert->has_subject(cert, data->id))
-		{
-			continue;
-		}
-		*out = cert;
-		return TRUE;
 	}
 	return FALSE;
 }
 
 /**
- * Create enumerator for trusted certificates
+ * Create enumerator for trusted certificates (lock has to be locked)
  */
 static enumerator_t *create_trusted_cert_enumerator(private_nm_creds_t *this,
-										key_type_t key, identification_t *id)
+										certificate_type_t type, key_type_t key,
+										identification_t *id)
 {
 	cert_data_t *data;
 
 	INIT(data,
 		.this = this,
-		.id = id,
+		.type = type,
 		.key = key,
+		.id = id,
 	);
 
-	this->lock->read_lock(this->lock);
 	return enumerator_create_filter(
 					this->certs->create_enumerator(this->certs),
 					cert_filter, data, cert_data_destroy);
@@ -189,16 +151,14 @@ METHOD(credential_set_t, create_cert_enumerator, enumerator_t*,
 	private_nm_creds_t *this, certificate_type_t cert, key_type_t key,
 	identification_t *id, bool trusted)
 {
+	this->lock->read_lock(this->lock);
+
 	if (id && this->usercert &&
-		id->equals(id, this->usercert->get_subject(this->usercert)))
+		certificate_matches(this->usercert, cert, key, id))
 	{
 		return create_usercert_enumerator(this, cert, key);
 	}
-	if (cert == CERT_X509 || cert == CERT_ANY)
-	{
-		return create_trusted_cert_enumerator(this, key, id);
-	}
-	return NULL;
+	return create_trusted_cert_enumerator(this, cert, key, id);
 }
 
 METHOD(credential_set_t, create_private_enumerator, enumerator_t*,
@@ -285,7 +245,7 @@ METHOD(credential_set_t, create_shared_enumerator, enumerator_t*,
 			{
 				goto no_secret;
 			}
-			if (me && !me->equals(me, this->user))
+			if (me && !me->matches(me, this->user))
 			{
 				goto no_secret;
 			}

src/charon-nm/nm/nm_service.c

@@ -1,7 +1,7 @@
 /*
  * Copyright (C) 2017 Lubomir Rintel
  *
- * Copyright (C) 2013-2019 Tobias Brunner
+ * Copyright (C) 2013-2020 Tobias Brunner
  * Copyright (C) 2008-2009 Martin Willi
  * HSR Hochschule fuer Technik Rapperswil
  *
@@ -23,11 +23,10 @@
 #include <utils/identification.h>
 #include <config/peer_cfg.h>
 #include <credentials/certificates/x509.h>
+#include <networking/tun_device.h>
 
 #include <stdio.h>
 
-G_DEFINE_TYPE(NMStrongswanPlugin, nm_strongswan_plugin, NM_TYPE_VPN_SERVICE_PLUGIN)
-
 /**
  * Private data of NMStrongswanPlugin
  */
@@ -42,13 +41,17 @@ typedef struct {
 	nm_creds_t *creds;
 	/* attribute handler for DNS/NBNS server information */
 	nm_handler_t *handler;
+	/* dummy TUN device */
+	tun_device_t *tun;
 	/* name of the connection */
 	char *name;
 } NMStrongswanPluginPrivate;
 
+G_DEFINE_TYPE_WITH_PRIVATE(NMStrongswanPlugin, nm_strongswan_plugin, NM_TYPE_VPN_SERVICE_PLUGIN)
+
 #define NM_STRONGSWAN_PLUGIN_GET_PRIVATE(o) \
-			(G_TYPE_INSTANCE_GET_PRIVATE ((o), \
-				NM_TYPE_STRONGSWAN_PLUGIN, NMStrongswanPluginPrivate))
+			((NMStrongswanPluginPrivate*) \
+				nm_strongswan_plugin_get_instance_private (o))
 
 /**
  * Convert an address chunk to a GValue
@@ -111,7 +114,8 @@ static GVariant* handler_to_variant(nm_handler_t *handler, char *variant_type,
 static void signal_ip_config(NMVpnServicePlugin *plugin,
 							 ike_sa_t *ike_sa, child_sa_t *child_sa)
 {
-	NMStrongswanPluginPrivate *priv = NM_STRONGSWAN_PLUGIN_GET_PRIVATE(plugin);
+	NMStrongswanPlugin *pub = (NMStrongswanPlugin*)plugin;
+	NMStrongswanPluginPrivate *priv = NM_STRONGSWAN_PLUGIN_GET_PRIVATE(pub);
 	GVariantBuilder builder, ip4builder, ip6builder;
 	GVariant *ip4config, *ip6config;
 	enumerator_t *enumerator;
@@ -127,7 +131,18 @@ static void signal_ip_config(NMVpnServicePlugin *plugin,
 	/* NM apparently requires to know the gateway */
 	other = ike_sa->get_other_host(ike_sa);
 	g_variant_builder_add (&builder, "{sv}", NM_VPN_PLUGIN_CONFIG_EXT_GATEWAY,
-	                       host_to_variant(other));
+						   host_to_variant(other));
+
+	/* systemd-resolved requires a device to properly install DNS servers, but
+	 * Netkey does not use one.  Passing the physical interface is not ideal,
+	 * as NM fiddles around with it and systemd-resolved likes a separate
+	 * device. So we pass a dummy TUN device along for NM etc. to play with...
+	 */
+	if (priv->tun)
+	{
+		g_variant_builder_add (&builder, "{sv}", NM_VPN_PLUGIN_CONFIG_TUNDEV,
+							   g_variant_new_string (priv->tun->get_name(priv->tun)));
+	}
 
 	/* pass the first virtual IPs we got or use the physical IP */
 	enumerator = ike_sa->create_virtual_ip_enumerator(ike_sa, TRUE);
@@ -239,80 +254,79 @@ static void signal_ip_config(NMVpnServicePlugin *plugin,
  */
 static void signal_failure(NMVpnServicePlugin *plugin, NMVpnPluginFailure failure)
 {
-	nm_handler_t *handler = NM_STRONGSWAN_PLUGIN_GET_PRIVATE(plugin)->handler;
+	NMStrongswanPlugin *pub = (NMStrongswanPlugin*)plugin;
+	nm_handler_t *handler = NM_STRONGSWAN_PLUGIN_GET_PRIVATE(pub)->handler;
 
 	handler->reset(handler);
 
 	nm_vpn_service_plugin_failure(plugin, failure);
 }
 
-/**
- * Implementation of listener_t.ike_state_change
- */
-static bool ike_state_change(listener_t *listener, ike_sa_t *ike_sa,
-							 ike_sa_state_t state)
+METHOD(listener_t, ike_state_change, bool,
+	NMStrongswanPluginPrivate *this, ike_sa_t *ike_sa, ike_sa_state_t state)
 {
-	NMStrongswanPluginPrivate *private = (NMStrongswanPluginPrivate*)listener;
-
-	if (private->ike_sa == ike_sa && state == IKE_DESTROYING)
+	if (this->ike_sa == ike_sa && state == IKE_DESTROYING)
 	{
-		signal_failure(private->plugin, NM_VPN_PLUGIN_FAILURE_LOGIN_FAILED);
-		return FALSE;
+		signal_failure(this->plugin, NM_VPN_PLUGIN_FAILURE_LOGIN_FAILED);
 	}
 	return TRUE;
 }
 
-/**
- * Implementation of listener_t.child_state_change
- */
-static bool child_state_change(listener_t *listener, ike_sa_t *ike_sa,
-							   child_sa_t *child_sa, child_sa_state_t state)
+METHOD(listener_t, child_state_change, bool,
+	NMStrongswanPluginPrivate *this, ike_sa_t *ike_sa, child_sa_t *child_sa,
+	child_sa_state_t state)
 {
-	NMStrongswanPluginPrivate *private = (NMStrongswanPluginPrivate*)listener;
-
-	if (private->ike_sa == ike_sa && state == CHILD_DESTROYING)
+	if (this->ike_sa == ike_sa && state == CHILD_DESTROYING)
 	{
-		signal_failure(private->plugin, NM_VPN_PLUGIN_FAILURE_CONNECT_FAILED);
-		return FALSE;
+		signal_failure(this->plugin, NM_VPN_PLUGIN_FAILURE_CONNECT_FAILED);
 	}
 	return TRUE;
 }
 
-/**
- * Implementation of listener_t.child_updown
- */
-static bool child_updown(listener_t *listener, ike_sa_t *ike_sa,
-						 child_sa_t *child_sa, bool up)
+METHOD(listener_t, ike_rekey, bool,
+	NMStrongswanPluginPrivate *this, ike_sa_t *old, ike_sa_t *new)
 {
-	NMStrongswanPluginPrivate *private = (NMStrongswanPluginPrivate*)listener;
-
-	if (private->ike_sa == ike_sa)
-	{
-		if (up)
-		{	/* disable initiate-failure-detection hooks */
-			private->listener.ike_state_change = NULL;
-			private->listener.child_state_change = NULL;
-			signal_ip_config(private->plugin, ike_sa, child_sa);
-		}
-		else
-		{
-			signal_failure(private->plugin, NM_VPN_PLUGIN_FAILURE_CONNECT_FAILED);
-			return FALSE;
-		}
-	}
-	return TRUE;
-}
-
-/**
- * Implementation of listener_t.ike_rekey
- */
-static bool ike_rekey(listener_t *listener, ike_sa_t *old, ike_sa_t *new)
-{
-	NMStrongswanPluginPrivate *private = (NMStrongswanPluginPrivate*)listener;
-
-	if (private->ike_sa == old)
+	if (this->ike_sa == old)
 	{	/* follow a rekeyed IKE_SA */
-		private->ike_sa = new;
+		this->ike_sa = new;
+	}
+	return TRUE;
+}
+
+METHOD(listener_t, ike_reestablish_pre, bool,
+	NMStrongswanPluginPrivate *this, ike_sa_t *old, ike_sa_t *new)
+{
+	if (this->ike_sa == old)
+	{	/* ignore child state changes during redirects etc. (task migration) */
+		this->listener.child_state_change = NULL;
+	}
+	return TRUE;
+}
+
+METHOD(listener_t, ike_reestablish_post, bool,
+	NMStrongswanPluginPrivate *this, ike_sa_t *old, ike_sa_t *new,
+	bool initiated)
+{
+	if (this->ike_sa == old && initiated)
+	{	/* if we get redirected during IKE_AUTH we just migrate to the new SA */
+		this->ike_sa = new;
+		/* re-register hooks to detect initiation failures */
+		this->listener.ike_state_change = _ike_state_change;
+		this->listener.child_state_change = _child_state_change;
+	}
+	return TRUE;
+}
+
+METHOD(listener_t, child_updown, bool,
+	NMStrongswanPluginPrivate *this, ike_sa_t *ike_sa, child_sa_t *child_sa,
+	bool up)
+{
+	if (this->ike_sa == ike_sa && up)
+	{
+		/* disable initiate-failure-detection hooks */
+		this->listener.ike_state_change = NULL;
+		this->listener.child_state_change = NULL;
+		signal_ip_config(this->plugin, ike_sa, child_sa);
 	}
 	return TRUE;
 }
@@ -370,18 +384,223 @@ static identification_t *find_smartcard_key(NMStrongswanPluginPrivate *priv,
 	return id;
 }
 
+/**
+ * Add a client auth config for certificate authentication
+ */
+static bool add_auth_cfg_cert(NMStrongswanPluginPrivate *priv,
+							  NMSettingVpn *vpn, peer_cfg_t *peer_cfg,
+							  GError **err)
+{
+	identification_t *id = NULL;
+	certificate_t *cert = NULL;
+	auth_cfg_t *auth;
+	const char *str, *method, *cert_source;
+
+	method = nm_setting_vpn_get_data_item(vpn, "method");
+	cert_source = nm_setting_vpn_get_data_item(vpn, "cert-source") ?: method;
+
+	if (streq(cert_source, "smartcard"))
+	{
+		char *pin;
+
+		pin = (char*)nm_setting_vpn_get_secret(vpn, "password");
+		if (pin)
+		{
+			id = find_smartcard_key(priv, pin);
+		}
+		if (!id)
+		{
+			g_set_error(err, NM_VPN_PLUGIN_ERROR,
+						NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS,
+						"No usable smartcard certificate found.");
+			return FALSE;
+		}
+	}
+	/* ... or certificate/private key authentication */
+	else if ((str = nm_setting_vpn_get_data_item(vpn, "usercert")))
+	{
+		public_key_t *public;
+		private_key_t *private = NULL;
+
+		bool agent = streq(cert_source, "agent");
+
+		cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
+								  BUILD_FROM_FILE, str, BUILD_END);
+		if (!cert)
+		{
+			g_set_error(err, NM_VPN_PLUGIN_ERROR,
+						NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS,
+						"Loading peer certificate failed.");
+			return FALSE;
+		}
+		/* try agent */
+		str = nm_setting_vpn_get_secret(vpn, "agent");
+		if (agent && str)
+		{
+			public = cert->get_public_key(cert);
+			if (public)
+			{
+				private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY,
+											 public->get_type(public),
+											 BUILD_AGENT_SOCKET, str,
+											 BUILD_PUBLIC_KEY, public,
+											 BUILD_END);
+				public->destroy(public);
+			}
+			if (!private)
+			{
+				g_set_error(err, NM_VPN_PLUGIN_ERROR,
+							NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS,
+							"Connecting to SSH agent failed.");
+			}
+		}
+		/* ... or key file */
+		str = nm_setting_vpn_get_data_item(vpn, "userkey");
+		if (!agent && str)
+		{
+			char *secret;
+
+			secret = (char*)nm_setting_vpn_get_secret(vpn, "password");
+			if (secret)
+			{
+				priv->creds->set_key_password(priv->creds, secret);
+			}
+			private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY,
+									KEY_ANY, BUILD_FROM_FILE, str, BUILD_END);
+			if (!private)
+			{
+				g_set_error(err, NM_VPN_PLUGIN_ERROR,
+							NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS,
+							"Loading private key failed.");
+			}
+		}
+		if (private)
+		{
+			id = cert->get_subject(cert);
+			id = id->clone(id);
+			priv->creds->set_cert_and_key(priv->creds, cert, private);
+		}
+		else
+		{
+			DESTROY_IF(cert);
+			return FALSE;
+		}
+	}
+	else
+	{
+		g_set_error(err, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS,
+					"Certificate is missing.");
+		return FALSE;
+	}
+
+	auth = auth_cfg_create();
+	if (streq(method, "eap-tls"))
+	{
+		auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_EAP);
+		auth->add(auth, AUTH_RULE_EAP_TYPE, EAP_TLS);
+		auth->add(auth, AUTH_RULE_AAA_IDENTITY,
+				  identification_create_from_string("%any"));
+	}
+	else
+	{
+		auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PUBKEY);
+	}
+	if (cert)
+	{
+		auth->add(auth, AUTH_RULE_SUBJECT_CERT, cert->get_ref(cert));
+	}
+	str = nm_setting_vpn_get_data_item(vpn, "local-identity");
+	if (str)
+	{
+		identification_t *local_id;
+
+		local_id = identification_create_from_string((char*)str);
+		if (local_id)
+		{
+			id->destroy(id);
+			id = local_id;
+		}
+	}
+	auth->add(auth, AUTH_RULE_IDENTITY, id);
+	peer_cfg->add_auth_cfg(peer_cfg, auth, TRUE);
+	return TRUE;
+}
+
+/**
+ * Add a client auth config for username/password authentication
+ */
+static bool add_auth_cfg_pw(NMStrongswanPluginPrivate *priv,
+							NMSettingVpn *vpn, peer_cfg_t *peer_cfg,
+							GError **err)
+{
+	identification_t *user = NULL, *id = NULL;
+	auth_cfg_t *auth;
+	const char *str, *method;
+
+	method = nm_setting_vpn_get_data_item(vpn, "method");
+
+	str = nm_setting_vpn_get_data_item(vpn, "user");
+	if (str)
+	{
+		user = identification_create_from_string((char*)str);
+	}
+	else
+	{
+		user = identification_create_from_string("%any");
+	}
+	str = nm_setting_vpn_get_data_item(vpn, "local-identity");
+	if (str)
+	{
+		id = identification_create_from_string((char*)str);
+	}
+	else
+	{
+		id = user->clone(user);
+	}
+	str = nm_setting_vpn_get_secret(vpn, "password");
+	if (streq(method, "psk"))
+	{
+		if (strlen(str) < 20)
+		{
+			g_set_error(err, NM_VPN_PLUGIN_ERROR,
+						NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS,
+						"Pre-shared key is too short.");
+			user->destroy(user);
+			id->destroy(id);
+			return FALSE;
+		}
+		priv->creds->set_username_password(priv->creds, id, (char*)str);
+	}
+	else
+	{
+		priv->creds->set_username_password(priv->creds, user, (char*)str);
+	}
+
+	auth = auth_cfg_create();
+	auth->add(auth, AUTH_RULE_AUTH_CLASS,
+			  streq(method, "psk") ? AUTH_CLASS_PSK : AUTH_CLASS_EAP);
+	/* in case EAP-PEAP or EAP-TTLS is used we currently accept any identity */
+	auth->add(auth, AUTH_RULE_AAA_IDENTITY,
+			  identification_create_from_string("%any"));
+	auth->add(auth, AUTH_RULE_EAP_IDENTITY, user);
+	auth->add(auth, AUTH_RULE_IDENTITY, id);
+	peer_cfg->add_auth_cfg(peer_cfg, auth, TRUE);
+	return TRUE;
+}
+
 /**
  * Connect function called from NM via DBUS
  */
 static gboolean connect_(NMVpnServicePlugin *plugin, NMConnection *connection,
 						 GError **err)
 {
+	NMStrongswanPlugin *pub = (NMStrongswanPlugin*)plugin;
 	NMStrongswanPluginPrivate *priv;
 	NMSettingConnection *conn;
 	NMSettingVpn *vpn;
 	enumerator_t *enumerator;
-	identification_t *user = NULL, *gateway = NULL;
-	const char *str;
+	identification_t *gateway = NULL;
+	const char *str, *method;
 	bool virtual, proposal;
 	proposal_t *prop;
 	ike_cfg_t *ike_cfg;
@@ -390,10 +609,9 @@ static gboolean connect_(NMVpnServicePlugin *plugin, NMConnection *connection,
 	traffic_selector_t *ts;
 	ike_sa_t *ike_sa;
 	auth_cfg_t *auth;
-	auth_class_t auth_class = AUTH_CLASS_EAP;
 	certificate_t *cert = NULL;
 	x509_t *x509;
-	bool agent = FALSE, smartcard = FALSE, loose_gateway_id = FALSE;
+	bool loose_gateway_id = FALSE;
 	ike_cfg_create_t ike = {
 		.version = IKEV2,
 		.local = "%any",
@@ -404,7 +622,6 @@ static gboolean connect_(NMVpnServicePlugin *plugin, NMConnection *connection,
 	peer_cfg_create_t peer = {
 		.cert_policy = CERT_SEND_IF_ASKED,
 		.unique = UNIQUE_REPLACE,
-		.keyingtries = 1,
 		.rekey_time = 36000, /* 10h */
 		.jitter_time = 600, /* 10min */
 		.over_time = 600, /* 10min */
@@ -418,12 +635,14 @@ static gboolean connect_(NMVpnServicePlugin *plugin, NMConnection *connection,
 			},
 		},
 		.mode = MODE_TUNNEL,
+		.dpd_action = ACTION_RESTART,
+		.close_action = ACTION_RESTART,
 	};
 
 	/**
 	 * Read parameters
 	 */
-	priv = NM_STRONGSWAN_PLUGIN_GET_PRIVATE(plugin);
+	priv = NM_STRONGSWAN_PLUGIN_GET_PRIVATE(pub);
 	conn = NM_SETTING_CONNECTION(nm_connection_get_setting(connection,
 												NM_TYPE_SETTING_CONNECTION));
 	vpn = NM_SETTING_VPN(nm_connection_get_setting(connection,
@@ -437,6 +656,11 @@ static gboolean connect_(NMVpnServicePlugin *plugin, NMConnection *connection,
 		 priv->name);
 	DBG4(DBG_CFG, "%s",
 		 nm_setting_to_string(NM_SETTING(vpn)));
+	if (!priv->tun)
+	{
+		DBG1(DBG_CFG, "failed to create dummy TUN device, might affect DNS "
+			 "server installation negatively");
+	}
 	ike.remote = (char*)nm_setting_vpn_get_data_item(vpn, "address");
 	if (!ike.remote || !*ike.remote)
 	{
@@ -444,31 +668,17 @@ static gboolean connect_(NMVpnServicePlugin *plugin, NMConnection *connection,
 					"Gateway address missing.");
 		return FALSE;
 	}
+	str = nm_setting_vpn_get_data_item(vpn, "server-port");
+	if (str && strlen(str))
+	{
+		ike.remote_port = settings_value_as_int((char*)str, ike.remote_port);
+	}
 	str = nm_setting_vpn_get_data_item(vpn, "virtual");
 	virtual = streq(str, "yes");
 	str = nm_setting_vpn_get_data_item(vpn, "encap");
 	ike.force_encap = streq(str, "yes");
 	str = nm_setting_vpn_get_data_item(vpn, "ipcomp");
 	child.options |= streq(str, "yes") ? OPT_IPCOMP : 0;
-	str = nm_setting_vpn_get_data_item(vpn, "method");
-	if (streq(str, "psk"))
-	{
-		auth_class = AUTH_CLASS_PSK;
-	}
-	else if (streq(str, "agent"))
-	{
-		auth_class = AUTH_CLASS_PUBKEY;
-		agent = TRUE;
-	}
-	else if (streq(str, "key"))
-	{
-		auth_class = AUTH_CLASS_PUBKEY;
-	}
-	else if (streq(str, "smartcard"))
-	{
-		auth_class = AUTH_CLASS_PUBKEY;
-		smartcard = TRUE;
-	}
 
 	/**
 	 * Register credentials
@@ -489,14 +699,6 @@ static gboolean connect_(NMVpnServicePlugin *plugin, NMConnection *connection,
 			return FALSE;
 		}
 		priv->creds->add_certificate(priv->creds, cert);
-
-		x509 = (x509_t*)cert;
-		if (!(x509->get_flags(x509) & X509_CA))
-		{	/* For a gateway certificate, we use the cert subject as identity. */
-			gateway = cert->get_subject(cert);
-			gateway = gateway->clone(gateway);
-			DBG1(DBG_CFG, "using gateway certificate, identity '%Y'", gateway);
-		}
 	}
 	else
 	{
@@ -504,139 +706,29 @@ static gboolean connect_(NMVpnServicePlugin *plugin, NMConnection *connection,
 		priv->creds->load_ca_dir(priv->creds, lib->settings->get_str(
 								 lib->settings, "charon-nm.ca_dir", NM_CA_DIR));
 	}
-	if (!gateway)
+
+	str = nm_setting_vpn_get_data_item(vpn, "remote-identity");
+	if (str)
 	{
-		/* If the user configured a CA certificate, we use the IP/DNS
-		 * of the gateway as its identity. This identity will be used for
-		 * certificate lookup and requires the configured IP/DNS to be
-		 * included in the gateway certificate. */
+		gateway = identification_create_from_string((char*)str);
+	}
+	else if (cert)
+	{
+		x509 = (x509_t*)cert;
+		if (!(x509->get_flags(x509) & X509_CA))
+		{	/* for server certificates, we use the subject as identity */
+			gateway = cert->get_subject(cert);
+			gateway = gateway->clone(gateway);
+		}
+	}
+	if (!gateway || gateway->get_type(gateway) == ID_ANY)
+	{
+		/* if the user configured a CA certificate (or an invalid identity),
+		 * we use the IP/hostname of the server */
 		gateway = identification_create_from_string(ike.remote);
-		DBG1(DBG_CFG, "using CA certificate, gateway identity '%Y'", gateway);
 		loose_gateway_id = TRUE;
 	}
-
-	if (auth_class == AUTH_CLASS_EAP ||
-		auth_class == AUTH_CLASS_PSK)
-	{
-		/* username/password or PSK authentication ... */
-		str = nm_setting_vpn_get_data_item(vpn, "user");
-		if (str)
-		{
-			user = identification_create_from_string((char*)str);
-			str = nm_setting_vpn_get_secret(vpn, "password");
-			if (auth_class == AUTH_CLASS_PSK &&
-				strlen(str) < 20)
-			{
-				g_set_error(err, NM_VPN_PLUGIN_ERROR,
-							NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS,
-							"pre-shared key is too short.");
-				gateway->destroy(gateway);
-				user->destroy(user);
-				return FALSE;
-			}
-			priv->creds->set_username_password(priv->creds, user, (char*)str);
-		}
-	}
-
-	if (auth_class == AUTH_CLASS_PUBKEY)
-	{
-		if (smartcard)
-		{
-			char *pin;
-
-			pin = (char*)nm_setting_vpn_get_secret(vpn, "password");
-			if (pin)
-			{
-				user = find_smartcard_key(priv, pin);
-			}
-			if (!user)
-			{
-				g_set_error(err, NM_VPN_PLUGIN_ERROR,
-							NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS,
-							"no usable smartcard certificate found.");
-				gateway->destroy(gateway);
-				return FALSE;
-			}
-		}
-		/* ... or certificate/private key authenitcation */
-		else if ((str = nm_setting_vpn_get_data_item(vpn, "usercert")))
-		{
-			public_key_t *public;
-			private_key_t *private = NULL;
-
-			cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
-									  BUILD_FROM_FILE, str, BUILD_END);
-			if (!cert)
-			{
-				g_set_error(err, NM_VPN_PLUGIN_ERROR,
-							NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS,
-							"Loading peer certificate failed.");
-				gateway->destroy(gateway);
-				return FALSE;
-			}
-			/* try agent */
-			str = nm_setting_vpn_get_secret(vpn, "agent");
-			if (agent && str)
-			{
-				public = cert->get_public_key(cert);
-				if (public)
-				{
-					private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY,
-												 public->get_type(public),
-												 BUILD_AGENT_SOCKET, str,
-												 BUILD_PUBLIC_KEY, public,
-												 BUILD_END);
-					public->destroy(public);
-				}
-				if (!private)
-				{
-					g_set_error(err, NM_VPN_PLUGIN_ERROR,
-								NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS,
-								"Connecting to SSH agent failed.");
-				}
-			}
-			/* ... or key file */
-			str = nm_setting_vpn_get_data_item(vpn, "userkey");
-			if (!agent && str)
-			{
-				char *secret;
-
-				secret = (char*)nm_setting_vpn_get_secret(vpn, "password");
-				if (secret)
-				{
-					priv->creds->set_key_password(priv->creds, secret);
-				}
-				private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY,
-								KEY_ANY, BUILD_FROM_FILE, str, BUILD_END);
-				if (!private)
-				{
-					g_set_error(err, NM_VPN_PLUGIN_ERROR,
-								NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS,
-								"Loading private key failed.");
-				}
-			}
-			if (private)
-			{
-				user = cert->get_subject(cert);
-				user = user->clone(user);
-				priv->creds->set_cert_and_key(priv->creds, cert, private);
-			}
-			else
-			{
-				DESTROY_IF(cert);
-				gateway->destroy(gateway);
-				return FALSE;
-			}
-		}
-	}
-
-	if (!user)
-	{
-		g_set_error(err, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS,
-					"Configuration parameters missing.");
-		gateway->destroy(gateway);
-		return FALSE;
-	}
+	DBG1(DBG_CFG, "using gateway identity '%Y'", gateway);
 
 	/**
 	 * Set up configurations
@@ -660,7 +752,6 @@ static gboolean connect_(NMVpnServicePlugin *plugin, NMConnection *connection,
 				enumerator->destroy(enumerator);
 				ike_cfg->destroy(ike_cfg);
 				gateway->destroy(gateway);
-				user->destroy(user);
 				return FALSE;
 			}
 			ike_cfg->add_proposal(ike_cfg, prop);
@@ -679,12 +770,45 @@ static gboolean connect_(NMVpnServicePlugin *plugin, NMConnection *connection,
 		peer_cfg->add_virtual_ip(peer_cfg, host_create_any(AF_INET));
 		peer_cfg->add_virtual_ip(peer_cfg, host_create_any(AF_INET6));
 	}
+
+	method = nm_setting_vpn_get_data_item(vpn, "method");
+	if (streq(method, "cert") ||
+		streq(method, "eap-tls") ||
+		streq(method, "key") ||
+		streq(method, "agent") ||
+		streq(method, "smartcard"))
+	{
+		if (!add_auth_cfg_cert (priv, vpn, peer_cfg, err))
+		{
+			peer_cfg->destroy(peer_cfg);
+			ike_cfg->destroy(ike_cfg);
+			gateway->destroy(gateway);
+			return FALSE;
+		}
+	}
+	else if (streq(method, "eap") ||
+			 streq(method, "psk"))
+	{
+		if (!add_auth_cfg_pw(priv, vpn, peer_cfg, err))
+		{
+			peer_cfg->destroy(peer_cfg);
+			ike_cfg->destroy(ike_cfg);
+			gateway->destroy(gateway);
+			return FALSE;
+		}
+	}
+	else
+	{
+		g_set_error(err, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS,
+					"Configuration parameters missing.");
+		peer_cfg->destroy(peer_cfg);
+		ike_cfg->destroy(ike_cfg);
+		gateway->destroy(gateway);
+		return FALSE;
+	}
+
 	auth = auth_cfg_create();
-	auth->add(auth, AUTH_RULE_AUTH_CLASS, auth_class);
-	auth->add(auth, AUTH_RULE_IDENTITY, user);
-	peer_cfg->add_auth_cfg(peer_cfg, auth, TRUE);
-	auth = auth_cfg_create();
-	if (auth_class == AUTH_CLASS_PSK)
+	if (streq(method, "psk"))
 	{
 		auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PSK);
 	}
@@ -720,15 +844,39 @@ static gboolean connect_(NMVpnServicePlugin *plugin, NMConnection *connection,
 	}
 	else
 	{
-		child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
 		child_cfg->add_proposal(child_cfg, proposal_create_default_aead(PROTO_ESP));
+		child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
 	}
 	ts = traffic_selector_create_dynamic(0, 0, 65535);
 	child_cfg->add_traffic_selector(child_cfg, TRUE, ts);
-	ts = traffic_selector_create_from_cidr("0.0.0.0/0", 0, 0, 65535);
-	child_cfg->add_traffic_selector(child_cfg, FALSE, ts);
-	ts = traffic_selector_create_from_cidr("::/0", 0, 0, 65535);
-	child_cfg->add_traffic_selector(child_cfg, FALSE, ts);
+	str = nm_setting_vpn_get_data_item(vpn, "remote-ts");
+	if (str && strlen(str))
+	{
+		enumerator = enumerator_create_token(str, ";", "");
+		while (enumerator->enumerate(enumerator, &str))
+		{
+			ts = traffic_selector_create_from_cidr((char*)str, 0, 0, 65535);
+			if (!ts)
+			{
+				g_set_error(err, NM_VPN_PLUGIN_ERROR,
+							NM_VPN_PLUGIN_ERROR_LAUNCH_FAILED,
+							"Invalid remote traffic selector.");
+				enumerator->destroy(enumerator);
+				child_cfg->destroy(child_cfg);
+				peer_cfg->destroy(peer_cfg);
+				return FALSE;
+			}
+			child_cfg->add_traffic_selector(child_cfg, FALSE, ts);
+		}
+		enumerator->destroy(enumerator);
+	}
+	else
+	{
+		ts = traffic_selector_create_from_cidr("0.0.0.0/0", 0, 0, 65535);
+		child_cfg->add_traffic_selector(child_cfg, FALSE, ts);
+		ts = traffic_selector_create_from_cidr("::/0", 0, 0, 65535);
+		child_cfg->add_traffic_selector(child_cfg, FALSE, ts);
+	}
 	peer_cfg->add_child_cfg(peer_cfg, child_cfg);
 
 	/**
@@ -736,26 +884,20 @@ static gboolean connect_(NMVpnServicePlugin *plugin, NMConnection *connection,
 	 */
 	ike_sa = charon->ike_sa_manager->checkout_by_config(charon->ike_sa_manager,
 														peer_cfg);
+	peer_cfg->destroy(peer_cfg);
 	if (!ike_sa)
 	{
-		peer_cfg->destroy(peer_cfg);
 		g_set_error(err, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_LAUNCH_FAILED,
 					"IKE version not supported.");
 		return FALSE;
 	}
-	if (!ike_sa->get_peer_cfg(ike_sa))
-	{
-		ike_sa->set_peer_cfg(ike_sa, peer_cfg);
-	}
-	peer_cfg->destroy(peer_cfg);
 
 	/**
 	 * Register listener, enable  initiate-failure-detection hooks
 	 */
 	priv->ike_sa = ike_sa;
-	priv->listener.ike_state_change = ike_state_change;
-	priv->listener.child_state_change = child_state_change;
-	charon->bus->add_listener(charon->bus, &priv->listener);
+	priv->listener.ike_state_change = _ike_state_change;
+	priv->listener.child_state_change = _child_state_change;
 
 	/**
 	 * Initiate
@@ -763,7 +905,6 @@ static gboolean connect_(NMVpnServicePlugin *plugin, NMConnection *connection,
 	child_cfg->get_ref(child_cfg);
 	if (ike_sa->initiate(ike_sa, child_cfg, 0, NULL, NULL) != SUCCESS)
 	{
-		charon->bus->remove_listener(charon->bus, &priv->listener);
 		charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, ike_sa);
 
 		g_set_error(err, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_LAUNCH_FAILED,
@@ -781,58 +922,64 @@ static gboolean need_secrets(NMVpnServicePlugin *plugin, NMConnection *connectio
 							 const char **setting_name, GError **error)
 {
 	NMSettingVpn *settings;
-	const char *method, *path;
+	const char *method, *cert_source, *path;
+	bool need_secret = FALSE;
 
 	settings = NM_SETTING_VPN(nm_connection_get_setting(connection,
 														NM_TYPE_SETTING_VPN));
 	method = nm_setting_vpn_get_data_item(settings, "method");
 	if (method)
 	{
-		if (streq(method, "eap") || streq(method, "psk"))
+		if (streq(method, "cert") ||
+			streq(method, "eap-tls") ||
+			streq(method, "key") ||
+			streq(method, "agent") ||
+			streq(method, "smartcard"))
 		{
-			if (nm_setting_vpn_get_secret(settings, "password"))
+			cert_source = nm_setting_vpn_get_data_item(settings, "cert-source");
+			if (!cert_source)
 			{
-				return FALSE;
+				cert_source = method;
 			}
-		}
-		else if (streq(method, "agent"))
-		{
-			if (nm_setting_vpn_get_secret(settings, "agent"))
+			if (streq(cert_source, "agent"))
 			{
-				return FALSE;
+				need_secret = !nm_setting_vpn_get_secret(settings, "agent");
 			}
-		}
-		else if (streq(method, "key"))
-		{
-			path = nm_setting_vpn_get_data_item(settings, "userkey");
-			if (path)
+			else if (streq(cert_source, "smartcard"))
 			{
-				private_key_t *key;
+				need_secret = !nm_setting_vpn_get_secret(settings, "password");
+			}
+			else
+			{
+				need_secret = TRUE;
+				path = nm_setting_vpn_get_data_item(settings, "userkey");
+				if (path)
+				{
+					private_key_t *key;
 
-				/* try to load/decrypt the private key */
-				key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY,
-								KEY_ANY, BUILD_FROM_FILE, path, BUILD_END);
-				if (key)
-				{
-					key->destroy(key);
-					return FALSE;
-				}
-				else if (nm_setting_vpn_get_secret(settings, "password"))
-				{
-					return FALSE;
+					/* try to load/decrypt the private key */
+					key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY,
+									KEY_ANY, BUILD_FROM_FILE, path, BUILD_END);
+					if (key)
+					{
+						key->destroy(key);
+						need_secret = FALSE;
+					}
+					else if (nm_setting_vpn_get_secret(settings, "password"))
+					{
+						need_secret = FALSE;
+					}
 				}
 			}
 		}
-		else if (streq(method, "smartcard"))
+		else if (streq(method, "eap") ||
+				 streq(method, "psk"))
 		{
-			if (nm_setting_vpn_get_secret(settings, "password"))
-			{
-				return FALSE;
-			}
+			need_secret = !nm_setting_vpn_get_secret(settings, "password");
 		}
 	}
 	*setting_name = NM_SETTING_VPN_SETTING_NAME;
-	return TRUE;
+	return need_secret;
 }
 
 /**
@@ -856,6 +1003,11 @@ static gboolean do_disconnect(gpointer plugin)
 			enumerator->destroy(enumerator);
 			charon->controller->terminate_ike(charon->controller, id, FALSE,
 											  controller_cb_empty, NULL, 0);
+
+			/* clear secrets as we are asked for new secrets (where we'd find
+			 * the cached secrets from earlier connections) before we clear
+			 * them in connect() */
+			priv->creds->clear(priv->creds);
 			return FALSE;
 		}
 	}
@@ -888,11 +1040,33 @@ static void nm_strongswan_plugin_init(NMStrongswanPlugin *plugin)
 	priv = NM_STRONGSWAN_PLUGIN_GET_PRIVATE(plugin);
 	priv->plugin = NM_VPN_SERVICE_PLUGIN(plugin);
 	memset(&priv->listener, 0, sizeof(listener_t));
-	priv->listener.child_updown = child_updown;
-	priv->listener.ike_rekey = ike_rekey;
+	priv->listener.child_updown = _child_updown;
+	priv->listener.ike_rekey = _ike_rekey;
+	priv->listener.ike_reestablish_pre = _ike_reestablish_pre;
+	priv->listener.ike_reestablish_post = _ike_reestablish_post;
+	charon->bus->add_listener(charon->bus, &priv->listener);
+	priv->tun = tun_device_create(NULL);
 	priv->name = NULL;
 }
 
+/**
+ * Destructor
+ */
+static void nm_strongswan_plugin_dispose(GObject *obj)
+{
+	NMStrongswanPlugin *plugin;
+	NMStrongswanPluginPrivate *priv;
+
+	plugin = NM_STRONGSWAN_PLUGIN(obj);
+	priv = NM_STRONGSWAN_PLUGIN_GET_PRIVATE(plugin);
+	if (priv->tun)
+	{
+		priv->tun->destroy(priv->tun);
+		priv->tun = NULL;
+	}
+	G_OBJECT_CLASS (nm_strongswan_plugin_parent_class)->dispose (obj);
+}
+
 /**
  * Class constructor
  */
@@ -901,11 +1075,10 @@ static void nm_strongswan_plugin_class_init(
 {
 	NMVpnServicePluginClass *parent_class = NM_VPN_SERVICE_PLUGIN_CLASS(strongswan_class);
 
-	g_type_class_add_private(G_OBJECT_CLASS(strongswan_class),
-							 sizeof(NMStrongswanPluginPrivate));
 	parent_class->connect = connect_;
 	parent_class->need_secrets = need_secrets;
 	parent_class->disconnect = disconnect;
+	G_OBJECT_CLASS(strongswan_class)->dispose = nm_strongswan_plugin_dispose;
 }
 
 /**

src/charon-tkm/Makefile.am

@@ -29,7 +29,7 @@ PLUGINS = \
 	pem \
 	socket-default \
 	openssl \
-	stroke
+	vici
 
 all: build_charon
 

src/charon-tkm/build_common.gpr

@@ -15,7 +15,6 @@ project Build_Common is
                              "-gnatygAdISuxo",
                              "-gnata",
                              "-gnatVa",
-                             "-gnat05",
                              "-gnatf",
                              "-fstack-check",
                              "-gnato",

src/charon-tkm/src/charon-tkm.c

@@ -118,14 +118,10 @@ static void run()
 		switch (sig)
 		{
 			case SIGINT:
-			{
-				DBG1(DBG_DMN, "signal of type SIGINT received. Shutting down");
-				charon->bus->alert(charon->bus, ALERT_SHUTDOWN_SIGNAL, sig);
-				return;
-			}
 			case SIGTERM:
 			{
-				DBG1(DBG_DMN, "signal of type SIGTERM received. Shutting down");
+				DBG1(DBG_DMN, "%s received, shutting down",
+					 sig == SIGINT ? "SIGINT" : "SIGTERM");
 				charon->bus->alert(charon->bus, ALERT_SHUTDOWN_SIGNAL, sig);
 				return;
 			}
@@ -327,9 +323,18 @@ int main(int argc, char *argv[])
 		goto deinit;
 	}
 
+	if (!register_ca_mapping())
+	{
+		DBG1(DBG_DMN, "no CA certificate ID mapping defined - aborting %s", dmn_name);
+		goto deinit;
+	}
+
 	/* register TKM keymat variant */
 	keymat_register_constructor(IKEV2, (keymat_constructor_t)tkm_keymat_create);
 
+	/* register TKM credential encoder */
+	lib->encoding->add_encoder(lib->encoding, tkm_encoder_encode);
+
 	/* initialize daemon */
 	if (!charon->initialize(charon, PLUGINS))
 	{
@@ -371,9 +376,6 @@ int main(int argc, char *argv[])
 	creds = tkm_cred_create();
 	lib->credmgr->add_set(lib->credmgr, (credential_set_t*)creds);
 
-	/* register TKM credential encoder */
-	lib->encoding->add_encoder(lib->encoding, tkm_encoder_encode);
-
 	/* add handler for fatal signals,
 	 * INT and TERM are handled by sigwaitinfo() in run() */
 	action.sa_flags = 0;
@@ -408,6 +410,7 @@ int main(int argc, char *argv[])
 
 deinit:
 	destroy_dh_mapping();
+	destroy_ca_mapping();
 	libcharon_deinit();
 	tkm_deinit();
 	unlink_pidfile();

src/charon-tkm/src/tkm/tkm.c

@@ -119,6 +119,8 @@ void tkm_deinit()
 
 	ees_server_finalize();
 
+	ike_finalize();
+
 	tkmlib_final();
 	free(this);
 	tkm = NULL;

src/charon-tkm/src/tkm/tkm_aead.c

@@ -0,0 +1,245 @@
+/*
+ * Copyright (C) 2020 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * Copyright (C) 2020 secunet Security Networks AG
+ * Copyright (C) 2020 Stefan Berghofer
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include <errno.h>
+
+#include <crypto/iv/iv_gen.h>
+#include <tkm/constants.h>
+#include <tkm/client.h>
+
+#include "tkm_aead.h"
+#include "tkm_utils.h"
+
+typedef struct private_aead_t private_aead_t;
+
+/**
+ * AEAD implementation using TKM
+ */
+struct private_aead_t {
+
+	/**
+	 * Public interface
+	 * */
+	aead_t public;
+
+	/**
+	 * Internal IV generator for TKM
+	 */
+	iv_gen_t iv_gen;
+
+	/**
+	 * ISA context id
+	 */
+	isa_id_type isa_ctx_id;
+
+	/**
+	 * Block length of encryption algorithm
+	 */
+	block_len_type block_len;
+
+	/**
+	 * Length of integrity check value
+	 */
+	icv_len_type icv_len;
+
+	/**
+	 * Length of initialization vector
+	 */
+	iv_len_type iv_len;
+};
+
+METHOD(iv_gen_t, get_iv, bool,
+	iv_gen_t *this, uint64_t seq, size_t size, uint8_t *buffer)
+{
+	return TRUE;
+}
+
+METHOD(iv_gen_t, allocate_iv, bool,
+	iv_gen_t *this, uint64_t seq, size_t size, chunk_t *chunk)
+{
+	*chunk = chunk_alloc(size);
+	return get_iv(this, seq, chunk->len, chunk->ptr);
+}
+
+METHOD(aead_t, encrypt, bool,
+	private_aead_t *this, chunk_t plain, chunk_t assoc,
+	chunk_t iv, chunk_t *encrypted)
+{
+	aad_plain_type aad_plain;
+	iv_encrypted_icv_type iv_encrypted_icv;
+	result_type res;
+
+	aad_plain = (aad_plain_type){
+		.size = assoc.len + plain.len,
+	};
+	if (aad_plain.size > sizeof(aad_plain.data))
+	{
+		DBG1(DBG_IKE, "%u exceeds buffer size %u, encryption failed (isa: "
+			 "%llu)", aad_plain.size, sizeof(aad_plain.data), this->isa_ctx_id);
+		return FALSE;
+	}
+	memcpy(aad_plain.data, assoc.ptr, assoc.len);
+	memcpy(aad_plain.data + assoc.len, plain.ptr, plain.len);
+
+	res = ike_isa_encrypt(this->isa_ctx_id, assoc.len, aad_plain,
+						  &iv_encrypted_icv);
+	if (res != TKM_OK)
+	{
+		DBG1(DBG_IKE, "encryption failed (isa: %llu)", this->isa_ctx_id);
+		return FALSE;
+	}
+
+	if (encrypted)
+	{
+		sequence_to_chunk(iv_encrypted_icv.data, iv_encrypted_icv.size,
+						  encrypted);
+	}
+	else
+	{
+		memcpy(plain.ptr, iv_encrypted_icv.data + iv.len,
+			   iv_encrypted_icv.size - iv.len);
+	}
+	memcpy(iv.ptr, iv_encrypted_icv.data, iv.len);
+	return TRUE;
+}
+
+METHOD(aead_t, decrypt, bool,
+	private_aead_t *this, chunk_t encrypted, chunk_t assoc, chunk_t iv,
+	chunk_t *plain)
+{
+	aad_iv_encrypted_icv_type aad_iv_encrypted_icv;
+	decrypted_type decrypted;
+	result_type res;
+
+	aad_iv_encrypted_icv = (aad_iv_encrypted_icv_type){
+		.size = assoc.len + iv.len + encrypted.len,
+	};
+	if (aad_iv_encrypted_icv.size > sizeof(aad_iv_encrypted_icv.data))
+	{
+		DBG1(DBG_IKE, "%u exceeds buffer size %u, decryption failed (isa: "
+			 "%llu)", aad_iv_encrypted_icv.size,
+			 sizeof(aad_iv_encrypted_icv.data), this->isa_ctx_id);
+		return FALSE;
+	}
+	memcpy(aad_iv_encrypted_icv.data, assoc.ptr, assoc.len);
+	memcpy(aad_iv_encrypted_icv.data + assoc.len, iv.ptr, iv.len);
+	memcpy(aad_iv_encrypted_icv.data + assoc.len + iv.len, encrypted.ptr,
+		   encrypted.len);
+
+	res = ike_isa_decrypt(this->isa_ctx_id, assoc.len, aad_iv_encrypted_icv,
+						  &decrypted);
+	if (res != TKM_OK)
+	{
+		DBG1(DBG_IKE, "decryption failed (isa: %llu)", this->isa_ctx_id);
+		return FALSE;
+	}
+
+	if (plain)
+	{
+		sequence_to_chunk(decrypted.data, decrypted.size, plain);
+	}
+	else
+	{
+		memcpy(encrypted.ptr, decrypted.data, decrypted.size);
+	}
+	return TRUE;
+}
+
+METHOD(aead_t, get_block_size, size_t,
+	private_aead_t *this)
+{
+	return this->block_len;
+}
+
+METHOD(aead_t, get_icv_size, size_t,
+	private_aead_t *this)
+{
+	return this->icv_len;
+}
+
+METHOD(aead_t, get_iv_size, size_t,
+	private_aead_t *this)
+{
+	return this->iv_len;
+}
+
+METHOD(aead_t, get_iv_gen, iv_gen_t*,
+	private_aead_t *this)
+{
+	return &this->iv_gen;
+}
+
+METHOD(aead_t, get_key_size, size_t,
+	private_aead_t *this)
+{
+	return 1;
+}
+
+METHOD(aead_t, set_key, bool,
+	private_aead_t *this, chunk_t key)
+{
+	return TRUE;
+}
+
+METHOD(aead_t, destroy, void,
+	private_aead_t *this)
+{
+	free(this);
+}
+
+/*
+ * Described in header
+ */
+aead_t *tkm_aead_create(isa_id_type isa_ctx_id, block_len_type block_len,
+						icv_len_type icv_len, iv_len_type iv_len)
+{
+	private_aead_t *aead;
+
+	INIT(aead,
+		.public = {
+			.encrypt = _encrypt,
+			.decrypt = _decrypt,
+			.get_block_size = _get_block_size,
+			.get_icv_size = _get_icv_size,
+			.get_iv_size = _get_iv_size,
+			.get_iv_gen = _get_iv_gen,
+			.get_key_size = _get_key_size,
+			.set_key = _set_key,
+			.destroy = _destroy,
+		},
+		.iv_gen = {
+			.get_iv = _get_iv,
+			.allocate_iv = _allocate_iv,
+			.destroy = (void *)nop,
+		},
+		.isa_ctx_id = isa_ctx_id,
+		.block_len = block_len,
+		.icv_len = icv_len,
+		.iv_len = iv_len,
+	);
+
+	return &aead->public;
+}

src/charon-tkm/src/tkm/tkm_aead.h

@@ -0,0 +1,50 @@
+/*
+ * Copyright (C) 2020 secunet Security Networks AG
+ * Copyright (C) 2020 Stefan Berghofer
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+/**
+ * @defgroup tkm-aead aead
+ * @{ @ingroup tkm
+ */
+
+#ifndef TKM_AEAD_H_
+#define TKM_AEAD_H_
+
+typedef struct tkm_aead_t tkm_aead_t;
+
+#include <crypto/aead.h>
+#include <tkm/types.h>
+
+/**
+ * Create an AEAD implementation providing encryption and integrity protection
+ * using TKM.
+ *
+ * @param isa_ctx_id		id of ISA context to use for encryption/decryption
+ * @param block_len			block length of encryption algorithm
+ * @param icv_len			length of integrity check value
+ * @param iv_len			length of initialization vector
+ * @return					created aead_t object
+ */
+aead_t *tkm_aead_create(isa_id_type isa_ctx_id, block_len_type block_len,
+						icv_len_type icv_len, iv_len_type iv_len);
+
+#endif /** TKM_AEAD_H_ @}*/

src/charon-tkm/src/tkm/tkm_keymat.c

@@ -25,6 +25,7 @@
 #include "tkm_utils.h"
 #include "tkm_diffie_hellman.h"
 #include "tkm_keymat.h"
+#include "tkm_aead.h"
 
 typedef struct private_tkm_keymat_t private_tkm_keymat_t;
 
@@ -44,14 +45,9 @@ struct private_tkm_keymat_t {
 	bool initiator;
 
 	/**
-	 * Inbound AEAD.
+	 * AEAD implementation.
 	 */
-	aead_t *aead_in;
-
-	/**
-	 * Outbound AEAD.
-	 */
-	aead_t *aead_out;
+	aead_t *aead;
 
 	/**
 	 * ISA context id.
@@ -79,91 +75,6 @@ struct private_tkm_keymat_t {
 	hash_algorithm_set_t *hash_algorithms;
 };
 
-/**
- * Create AEAD transforms from given key chunks.
- *
- * @param in			inbound AEAD transform to allocate, NULL if failed
- * @param out			outbound AEAD transform to allocate, NULL if failed
- * @param sk_ai			SK_ai key chunk
- * @param sk_ar			SK_ar key chunk
- * @param sk_ei			SK_ei key chunk
- * @param sk_er			SK_er key chunk
- * @param enc_alg		encryption algorithm to use
- * @param int_alg		integrity algorithm to use
- * @param key_size		encryption key size in bytes
- * @param initiator		TRUE if initiator
- */
-static void aead_create_from_keys(aead_t **in, aead_t **out,
-	   const chunk_t * const sk_ai, const chunk_t * const sk_ar,
-	   const chunk_t * const sk_ei, const chunk_t * const sk_er,
-	   const uint16_t enc_alg, const uint16_t int_alg,
-	   const uint16_t key_size, bool initiator)
-{
-	*in = *out = NULL;
-	signer_t *signer_i, *signer_r;
-	crypter_t *crypter_i, *crypter_r;
-	iv_gen_t *ivg_i, *ivg_r;
-
-	signer_i = lib->crypto->create_signer(lib->crypto, int_alg);
-	signer_r = lib->crypto->create_signer(lib->crypto, int_alg);
-	if (signer_i == NULL || signer_r == NULL)
-	{
-		DBG1(DBG_IKE, "%N %N not supported!",
-			 transform_type_names, INTEGRITY_ALGORITHM,
-			 integrity_algorithm_names, int_alg);
-		return;
-	}
-	crypter_i = lib->crypto->create_crypter(lib->crypto, enc_alg, key_size);
-	crypter_r = lib->crypto->create_crypter(lib->crypto, enc_alg, key_size);
-	if (crypter_i == NULL || crypter_r == NULL)
-	{
-		signer_i->destroy(signer_i);
-		signer_r->destroy(signer_r);
-		DBG1(DBG_IKE, "%N %N (key size %d) not supported!",
-			 transform_type_names, ENCRYPTION_ALGORITHM,
-			 encryption_algorithm_names, enc_alg, key_size);
-		return;
-	}
-
-	DBG4(DBG_IKE, "Sk_ai %B", sk_ai);
-	if (!signer_i->set_key(signer_i, *sk_ai))
-	{
-		return;
-	}
-	DBG4(DBG_IKE, "Sk_ar %B", sk_ar);
-	if (!signer_r->set_key(signer_r, *sk_ar))
-	{
-		return;
-	}
-	DBG4(DBG_IKE, "Sk_ei %B", sk_ei);
-	if (!crypter_i->set_key(crypter_i, *sk_ei))
-	{
-		return;
-	}
-	DBG4(DBG_IKE, "Sk_er %B", sk_er);
-	if (!crypter_r->set_key(crypter_r, *sk_er))
-	{
-		return;
-	}
-
-	ivg_i = iv_gen_create_for_alg(enc_alg);
-	ivg_r = iv_gen_create_for_alg(enc_alg);
-	if (!ivg_i || !ivg_r)
-	{
-		return;
-	}
-	if (initiator)
-	{
-		*in = aead_create(crypter_r, signer_r, ivg_r);
-		*out = aead_create(crypter_i, signer_i, ivg_i);
-	}
-	else
-	{
-		*in = aead_create(crypter_i, signer_i, ivg_i);
-		*out = aead_create(crypter_r, signer_r, ivg_r);
-	}
-}
-
 METHOD(keymat_t, get_version, ike_version_t,
 	private_tkm_keymat_t *this)
 {
@@ -187,46 +98,15 @@ METHOD(keymat_v2_t, derive_ike_keys, bool,
 	chunk_t nonce_i, chunk_t nonce_r, ike_sa_id_t *id,
 	pseudo_random_function_t rekey_function, chunk_t rekey_skd)
 {
-	uint16_t enc_alg, int_alg, key_size;
 	uint64_t nc_id, spi_loc, spi_rem;
-	chunk_t *nonce, c_ai, c_ar, c_ei, c_er;
+	chunk_t *nonce;
 	tkm_diffie_hellman_t *tkm_dh;
 	dh_id_type dh_id;
 	nonce_type nonce_rem;
 	result_type res;
-	key_type sk_ai, sk_ar, sk_ei, sk_er;
-
-	/* Check encryption and integrity algorithms */
-	if (!proposal->get_algorithm(proposal, ENCRYPTION_ALGORITHM, &enc_alg,
-								 &key_size))
-	{
-		DBG1(DBG_IKE, "no %N selected", transform_type_names,
-			 ENCRYPTION_ALGORITHM);
-		return FALSE;
-	}
-	if (encryption_algorithm_is_aead(enc_alg))
-	{
-		DBG1(DBG_IKE, "AEAD algorithm %N not supported",
-			 encryption_algorithm_names, enc_alg);
-		return FALSE;
-	}
-	if (!proposal->get_algorithm(proposal, INTEGRITY_ALGORITHM, &int_alg, NULL))
-	{
-		DBG1(DBG_IKE, "no %N selected", transform_type_names,
-			 INTEGRITY_ALGORITHM);
-		return FALSE;
-	}
-	if (!(enc_alg == ENCR_AES_CBC && key_size == 256 &&
-		  int_alg == AUTH_HMAC_SHA2_512_256))
-	{
-		DBG1(DBG_IKE, "the TKM only supports aes256-sha512 at the moment, "
-			 "please update your configuration");
-		return FALSE;
-	}
-
-	DBG2(DBG_IKE, "using %N for encryption, %N for integrity",
-		 encryption_algorithm_names, enc_alg, integrity_algorithm_names,
-		 int_alg);
+	block_len_type block_len;
+	icv_len_type icv_len;
+	iv_len_type iv_len;
 
 	/* Acquire nonce context id */
 	nonce = this->initiator ? &nonce_i : &nonce_r;
@@ -266,7 +146,7 @@ METHOD(keymat_v2_t, derive_ike_keys, bool,
 			 "spi_rem: %llx)", nc_id, dh_id, spi_loc, spi_rem);
 		res = ike_isa_create(this->isa_ctx_id, this->ae_ctx_id, 1, dh_id, nc_id,
 							 nonce_rem, this->initiator, spi_loc, spi_rem,
-							 &sk_ai, &sk_ar, &sk_ei, &sk_er);
+							 &block_len, &icv_len, &iv_len);
 	}
 	else
 	{
@@ -291,8 +171,8 @@ METHOD(keymat_v2_t, derive_ike_keys, bool,
 		this->ae_ctx_id = isa_info.ae_id;
 		res = ike_isa_create_child(this->isa_ctx_id, isa_info.parent_isa_id, 1,
 								   dh_id, nc_id, nonce_rem, this->initiator,
-								   spi_loc, spi_rem, &sk_ai, &sk_ar, &sk_ei,
-								   &sk_er);
+								   spi_loc, spi_rem, &block_len, &icv_len,
+								   &iv_len);
 		chunk_free(&rekey_skd);
 	}
 
@@ -302,25 +182,7 @@ METHOD(keymat_v2_t, derive_ike_keys, bool,
 		return FALSE;
 	}
 
-	sequence_to_chunk(sk_ai.data, sk_ai.size, &c_ai);
-	sequence_to_chunk(sk_ar.data, sk_ar.size, &c_ar);
-	sequence_to_chunk(sk_ei.data, sk_ei.size, &c_ei);
-	sequence_to_chunk(sk_er.data, sk_er.size, &c_er);
-
-	aead_create_from_keys(&this->aead_in, &this->aead_out, &c_ai, &c_ar, &c_ei,
-						  &c_er, enc_alg, int_alg, key_size / 8,
-						  this->initiator);
-
-	chunk_clear(&c_ai);
-	chunk_clear(&c_ar);
-	chunk_clear(&c_ei);
-	chunk_clear(&c_er);
-
-	if (!this->aead_in || !this->aead_out)
-	{
-		DBG1(DBG_IKE, "could not initialize AEAD transforms");
-		return FALSE;
-	}
+	this->aead = tkm_aead_create(this->isa_ctx_id, block_len, icv_len, iv_len);
 
 	/* TODO: Add failure handler (see keymat_v2.c) */
 
@@ -380,7 +242,7 @@ METHOD(keymat_v2_t, derive_child_keys, bool,
 METHOD(keymat_t, get_aead, aead_t*,
 	private_tkm_keymat_t *this, bool in)
 {
-	return in ? this->aead_in : this->aead_out;
+	return this->aead;
 }
 
 METHOD(keymat_v2_t, get_auth_octets, bool,
@@ -474,8 +336,7 @@ METHOD(keymat_t, destroy, void,
 	}
 
 	DESTROY_IF(this->hash_algorithms);
-	DESTROY_IF(this->aead_in);
-	DESTROY_IF(this->aead_out);
+	DESTROY_IF(this->aead);
 	chunk_free(&this->auth_payload);
 	chunk_free(&this->other_init_msg);
 	free(this);

src/charon-tkm/src/tkm/tkm_listener.c

@@ -15,8 +15,11 @@
  */
 
 #include <stdarg.h>
+#include <inttypes.h>
 
 #include <daemon.h>
+#include <collections/array.h>
+#include <collections/hashtable.h>
 #include <encoding/payloads/auth_payload.h>
 #include <utils/chunk.h>
 #include <tkm/types.h>
@@ -30,6 +33,8 @@
 
 typedef struct private_tkm_listener_t private_tkm_listener_t;
 
+static hashtable_t *ca_map = NULL;
+
 /**
  * Private data of a tkm_listener_t object.
  */
@@ -45,7 +50,7 @@ struct private_tkm_listener_t {
 /**
  * Return id of remote identity.
  *
- * TODO: Replace this with the lookup for the remote identitiy id.
+ * TODO: Replace this with the lookup for the remote identity id.
  *
  * Currently the reqid of the first child SA in peer config of IKE SA is
  * returned. Might choose wrong reqid if IKE SA has multiple child configs
@@ -90,97 +95,132 @@ static bool build_cert_chain(const ike_sa_t * const ike_sa, cc_id_type cc_id)
 	rounds = ike_sa->create_auth_cfg_enumerator((ike_sa_t *)ike_sa, FALSE);
 	while (rounds->enumerate(rounds, &auth))
 	{
-		cert = auth->get(auth, AUTH_RULE_SUBJECT_CERT);
+		cert = auth->get(auth, AUTH_RULE_CA_CERT);
 		if (cert)
 		{
-			chunk_t enc_user_cert;
-			ri_id_type ri_id;
-			certificate_type user_cert;
 			auth_rule_t rule;
 			enumerator_t *enumerator;
+			ca_id_type ca_id;
+			public_key_t *pubkey;
+			certificate_type ca_cert;
+			chunk_t enc_ca_cert, fp;
+			array_t *im_certs = NULL;
+			uint64_t *raw_id;
 
-			/* set user certificate */
-			if (!cert->get_encoding(cert, CERT_ASN1_DER, &enc_user_cert))
+			pubkey = cert->get_public_key(cert);
+			if (!pubkey)
 			{
-				DBG1(DBG_IKE, "unable to extract encoded user certificate");
+				DBG1(DBG_IKE, "unable to get CA certificate pubkey");
+				rounds->destroy(rounds);
+				return FALSE;
+			}
+			if (!pubkey->get_fingerprint(pubkey, KEYID_PUBKEY_SHA1, &fp))
+			{
+				DBG1(DBG_IKE, "unable to extract CA certificate fingerprint");
+				rounds->destroy(rounds);
+				pubkey->destroy(pubkey);
+				return FALSE;
+			}
+			pubkey->destroy(pubkey);
+
+			raw_id = ca_map->get(ca_map, &fp);
+			if (!raw_id || *raw_id == 0)
+			{
+				DBG1(DBG_IKE, "error mapping CA certificate (fp: %#B) to "
+					 "ID", &fp);
+				rounds->destroy(rounds);
+				return FALSE;
+			}
+			ca_id = *raw_id;
+
+			if (!cert->get_encoding(cert, CERT_ASN1_DER, &enc_ca_cert))
+			{
+				DBG1(DBG_IKE, "unable to extract encoded CA certificate");
 				rounds->destroy(rounds);
 				return FALSE;
 			}
 
-			ri_id = get_remote_identity_id(ike_sa->get_peer_cfg((ike_sa_t *)ike_sa));
-			chunk_to_sequence(&enc_user_cert, &user_cert, sizeof(certificate_type));
-			chunk_free(&enc_user_cert);
-			if (ike_cc_set_user_certificate(cc_id, ri_id, 1, user_cert) != TKM_OK)
+			chunk_to_sequence(&enc_ca_cert, &ca_cert,
+							  sizeof(certificate_type));
+			chunk_free(&enc_ca_cert);
+
+			if (ike_cc_check_ca(cc_id, ca_id, ca_cert) != TKM_OK)
 			{
-				DBG1(DBG_IKE, "error setting user certificate of cert chain"
-					 " (cc_id: %llu)", cc_id);
+				DBG1(DBG_IKE, "CA certificate (fp: %#B, cc_id: %llu) does not"
+					 " match trusted CA (ca_id: %llu)", &fp, cc_id, ca_id);
 				rounds->destroy(rounds);
 				return FALSE;
 			}
 
-			/* process intermediate CA certificates */
+			/* process intermediate CA certificates in reverse order */
 			enumerator = auth->create_enumerator(auth);
 			while (enumerator->enumerate(enumerator, &rule, &cert))
 			{
 				if (rule == AUTH_RULE_IM_CERT)
 				{
-					chunk_t enc_im_cert;
-					certificate_type im_cert;
-
-					if (!cert->get_encoding(cert, CERT_ASN1_DER, &enc_im_cert))
-					{
-						DBG1(DBG_IKE, "unable to extract encoded intermediate CA"
-							 " certificate");
-						rounds->destroy(rounds);
-						enumerator->destroy(enumerator);
-						return FALSE;
-					}
-
-					chunk_to_sequence(&enc_im_cert, &im_cert,
-									  sizeof(certificate_type));
-					chunk_free(&enc_im_cert);
-					if (ike_cc_add_certificate(cc_id, 1, im_cert) != TKM_OK)
-					{
-						DBG1(DBG_IKE, "error adding intermediate certificate to"
-							 " cert chain (cc_id: %llu)", cc_id);
-						rounds->destroy(rounds);
-						enumerator->destroy(enumerator);
-						return FALSE;
-					}
+					array_insert_create(&im_certs, ARRAY_TAIL, cert);
 				}
 			}
 			enumerator->destroy(enumerator);
 
-			/* finally add CA certificate */
-			cert = auth->get(auth, AUTH_RULE_CA_CERT);
+			while (array_remove(im_certs, ARRAY_TAIL, &cert))
+			{
+				chunk_t enc_im_cert;
+				certificate_type im_cert;
+
+				if (!cert->get_encoding(cert, CERT_ASN1_DER, &enc_im_cert))
+				{
+					DBG1(DBG_IKE, "unable to extract encoded intermediate CA"
+						 " certificate");
+					rounds->destroy(rounds);
+					array_destroy(im_certs);
+					return FALSE;
+				}
+
+				chunk_to_sequence(&enc_im_cert, &im_cert,
+								  sizeof(certificate_type));
+				chunk_free(&enc_im_cert);
+				if (ike_cc_add_certificate(cc_id, 1, im_cert) != TKM_OK)
+				{
+					DBG1(DBG_IKE, "error adding intermediate certificate to"
+						 " cert chain (cc_id: %llu)", cc_id);
+					rounds->destroy(rounds);
+					array_destroy(im_certs);
+					return FALSE;
+				}
+			}
+			array_destroy(im_certs);
+
+			/* finally add user certificate and check chain */
+			cert = auth->get(auth, AUTH_RULE_SUBJECT_CERT);
 			if (cert)
 			{
-				const ca_id_type ca_id = 1;
-				certificate_type ca_cert;
-				chunk_t enc_ca_cert;
+				chunk_t enc_user_cert;
+				ri_id_type ri_id;
+				certificate_type user_cert;
 
-				if (!cert->get_encoding(cert, CERT_ASN1_DER, &enc_ca_cert))
+				/* set user certificate */
+				if (!cert->get_encoding(cert, CERT_ASN1_DER, &enc_user_cert))
 				{
-					DBG1(DBG_IKE, "unable to extract encoded CA certificate");
+					DBG1(DBG_IKE, "unable to extract encoded user certificate");
 					rounds->destroy(rounds);
 					return FALSE;
 				}
 
-				chunk_to_sequence(&enc_ca_cert, &ca_cert,
-								  sizeof(certificate_type));
-				chunk_free(&enc_ca_cert);
-				if (ike_cc_add_certificate(cc_id, 1, ca_cert) != TKM_OK)
+				chunk_to_sequence(&enc_user_cert, &user_cert, sizeof(certificate_type));
+				chunk_free(&enc_user_cert);
+				if (ike_cc_add_certificate(cc_id, 1, user_cert) != TKM_OK)
 				{
-					DBG1(DBG_IKE, "error adding CA certificate to cert chain "
-						 "(cc_id: %llu)", cc_id);
+					DBG1(DBG_IKE, "error adding user certificate to cert chain"
+						 " (cc_id: %llu)", cc_id);
 					rounds->destroy(rounds);
 					return FALSE;
 				}
 
-				if (ike_cc_check_ca(cc_id, ca_id) != TKM_OK)
+				ri_id = get_remote_identity_id(ike_sa->get_peer_cfg((ike_sa_t *)ike_sa));
+				if (ike_cc_check_chain(cc_id, ri_id) != TKM_OK)
 				{
-					DBG1(DBG_IKE, "certificate chain (cc_id: %llu) not based on"
-						 " trusted CA (ca_id: %llu)", cc_id, ca_id);
+					DBG1(DBG_IKE, "error checking cert chain (cc_id: %llu)", cc_id);
 					rounds->destroy(rounds);
 					return FALSE;
 				}
@@ -190,12 +230,12 @@ static bool build_cert_chain(const ike_sa_t * const ike_sa, cc_id_type cc_id)
 			}
 			else
 			{
-				DBG1(DBG_IKE, "no CA certificate");
+				DBG1(DBG_IKE, "no subject certificate for remote peer");
 			}
 		}
 		else
 		{
-			DBG1(DBG_IKE, "no subject certificate for remote peer");
+			DBG1(DBG_IKE, "no CA certificate");
 		}
 	}
 
@@ -368,3 +408,112 @@ tkm_listener_t *tkm_listener_create()
 
 	return &this->public;
 }
+
+static u_int hash(const chunk_t *key)
+{
+	return chunk_hash(*key);
+}
+
+static bool equals(const chunk_t *key, const chunk_t *other_key)
+{
+	return chunk_equals(*key, *other_key);
+}
+
+static u_int id_hash(const uint64_t *key)
+{
+	return chunk_hash(chunk_create((u_char*)key, sizeof(uint64_t)));
+}
+
+static bool id_equals(const uint64_t *key, const uint64_t *other_key)
+{
+	return *key == *other_key;
+}
+
+/*
+ * Described in header.
+ */
+int register_ca_mapping()
+{
+	char *section, *tkm_ca_id_str, *key_fp_str;
+	chunk_t *key_fp;
+	uint64_t *tkm_ca_id;
+	hashtable_t *id_map;
+	enumerator_t *enumerator;
+	bool err = FALSE;
+
+	ca_map = hashtable_create((hashtable_hash_t)hash,
+							  (hashtable_equals_t)equals, 8);
+	id_map = hashtable_create((hashtable_hash_t)id_hash,
+							  (hashtable_equals_t)id_equals, 8);
+
+	enumerator = lib->settings->create_section_enumerator(lib->settings,
+														  "%s.ca_mapping",
+														  lib->ns);
+	while (enumerator->enumerate(enumerator, &section))
+	{
+		tkm_ca_id_str = lib->settings->get_str(lib->settings,
+											   "%s.ca_mapping.%s.id", NULL,
+											   lib->ns, section);
+		tkm_ca_id = malloc_thing(uint64_t);
+		*tkm_ca_id = settings_value_as_uint64(tkm_ca_id_str, 0);
+
+		key_fp_str = lib->settings->get_str(lib->settings,
+											"%s.ca_mapping.%s.fingerprint", NULL,
+											lib->ns, section);
+		if (key_fp_str)
+		{
+			key_fp = malloc_thing(chunk_t);
+			*key_fp = chunk_from_hex(chunk_from_str(key_fp_str), NULL);
+		}
+
+		if (!*tkm_ca_id || !key_fp_str || !key_fp->len ||
+			id_map->get(id_map, tkm_ca_id) != NULL)
+		{
+			DBG1(DBG_CFG, "error adding CA ID mapping '%s': ID %s, FP '%s'",
+				 section, tkm_ca_id_str, key_fp_str);
+			free(tkm_ca_id);
+			if (key_fp_str)
+			{
+				chunk_free(key_fp);
+				free(key_fp);
+			}
+			err = TRUE;
+		}
+		else
+		{
+			DBG2(DBG_CFG, "adding CA ID mapping '%s': ID %" PRIu64 ", FP '%#B'",
+				 section, *tkm_ca_id, key_fp);
+			ca_map->put(ca_map, key_fp, tkm_ca_id);
+			/* track CA IDs for uniqueness, set value to not-NULL */
+			id_map->put(id_map, tkm_ca_id, id_map);
+		}
+	}
+	enumerator->destroy(enumerator);
+	id_map->destroy(id_map);
+
+	return err ? 0 : ca_map->get_count(ca_map);
+}
+
+/*
+ * Described in header.
+ */
+void destroy_ca_mapping()
+{
+	enumerator_t *enumerator;
+	chunk_t *key;
+	uint64_t *value;
+
+	if (ca_map)
+	{
+		enumerator = ca_map->create_enumerator(ca_map);
+		while (enumerator->enumerate(enumerator, &key, &value))
+		{
+			chunk_free(key);
+			free(key);
+			free(value);
+		}
+		enumerator->destroy(enumerator);
+		ca_map->destroy(ca_map);
+	}
+	ca_map = NULL;
+}

src/charon-tkm/src/tkm/tkm_listener.h

@@ -42,6 +42,18 @@ struct tkm_listener_t {
 	void (*destroy)(tkm_listener_t *this);
 };
 
+/**
+ * Loads CA certificate fingerprint to TKM CA id mapping from config.
+ *
+ * @return          number of registered mappings
+ */
+int register_ca_mapping();
+
+/**
+ * Destroy CA certificate fingerprint to TKM CA id mapping.
+ */
+void destroy_ca_mapping();
+
 /**
  * Create a tkm_listener instance.
  *

src/charon/charon.c

@@ -126,14 +126,10 @@ static void run()
 				break;
 			}
 			case SIGINT:
-			{
-				DBG1(DBG_DMN, "signal of type SIGINT received. Shutting down");
-				charon->bus->alert(charon->bus, ALERT_SHUTDOWN_SIGNAL, sig);
-				return;
-			}
 			case SIGTERM:
 			{
-				DBG1(DBG_DMN, "signal of type SIGTERM received. Shutting down");
+				DBG1(DBG_DMN, "%s received, shutting down",
+					 sig == SIGINT ? "SIGINT" : "SIGTERM");
 				charon->bus->alert(charon->bus, ALERT_SHUTDOWN_SIGNAL, sig);
 				return;
 			}

src/conftest/README

@@ -108,7 +108,7 @@ The following CHILD_SA specific configuration options are supported:
   lts:         Local side traffic selectors, comma separated CIDR subnets
   rts:         Remote side traffic selectors, comma separated CIDR subnets
   transport:   Propose IPsec transport mode instead of tunnel mode
-  tfc_padding: Inject Traffic Flow Confidentialty bytes to align packets to the
+  tfc_padding: Inject Traffic Flow Confidentiality bytes to align packets to the
                given length
   proposal:    CHILD_SA proposal list, same syntax as IKE_SA proposal list
 
@@ -271,7 +271,7 @@ Currently, the following hooks are defined with the following options:
     request:          yes to set in request, no in response
     id:               IKEv2 message identifier of message to mangle
     from:             proposal number to mangle
-    to:               new porposal number to set instead of from
+    to:               new proposal number to set instead of from
   set_reserved:       set arbitrary reserved bits/bytes in payloads
     request:          yes to set in request, no in response
     id:               IKEv2 message identifier of message to mangle

src/conftest/config.c

@@ -192,9 +192,8 @@ static child_cfg_t *load_child_config(private_config_t *this,
 	}
 	else
 	{
+		child_cfg->add_proposal(child_cfg, proposal_create_default_aead(PROTO_ESP));
 		child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
-		child_cfg->add_proposal(child_cfg,
-								proposal_create_default_aead(PROTO_ESP));
 	}
 
 	token = settings->get_str(settings, "configs.%s.%s.lts", NULL, config, child);

src/conftest/conftest.c

@@ -129,7 +129,7 @@ static bool load_cert(settings_t *settings, bool trusted)
 }
 
 /**
- * Load certificates from the confiuguration file
+ * Load certificates from the configuration file
  */
 static bool load_certs(settings_t *settings, char *dir)
 {
@@ -163,7 +163,7 @@ static bool load_certs(settings_t *settings, char *dir)
 }
 
 /**
- * Load private keys from the confiuguration file
+ * Load private keys from the configuration file
  */
 static bool load_keys(settings_t *settings, char *dir)
 {
@@ -382,7 +382,7 @@ static void load_log_levels(file_logger_t *logger, char *section)
 static void load_logger_options(file_logger_t *logger, char *section)
 {
 	char *time_format;
-	bool add_ms, ike_name;
+	bool add_ms, ike_name, log_level;
 
 	time_format = conftest->test->get_str(conftest->test,
 					"log.%s.time_format", NULL, section);
@@ -390,8 +390,10 @@ static void load_logger_options(file_logger_t *logger, char *section)
 					"log.%s.time_add_ms", FALSE, section);
 	ike_name = conftest->test->get_bool(conftest->test,
 					"log.%s.ike_name", FALSE, section);
+	log_level = conftest->test->get_bool(conftest->test,
+					"log.%s.log_level", FALSE, section);
 
-	logger->set_options(logger, time_format, add_ms, ike_name);
+	logger->set_options(logger, time_format, add_ms, ike_name, log_level);
 }
 
 /**
@@ -457,7 +459,7 @@ int main(int argc, char *argv[])
 	lib->credmgr->add_set(lib->credmgr, &conftest->creds->set);
 
 	logger = file_logger_create("stdout");
-	logger->set_options(logger, NULL, FALSE, FALSE);
+	logger->set_options(logger, NULL, FALSE, FALSE, FALSE);
 	logger->open(logger, FALSE, FALSE);
 	logger->set_level(logger, DBG_ANY, LEVEL_CTRL);
 	charon->bus->add_logger(charon->bus, &logger->logger);

src/frontends/android/app/build.gradle

@@ -1,14 +1,14 @@
 apply plugin: 'com.android.application'
 
 android {
-    compileSdkVersion 28
+    compileSdkVersion 29
 
     defaultConfig {
         applicationId "org.strongswan.android"
         minSdkVersion 15
-        targetSdkVersion 28
-        versionCode 69
-        versionName "2.2.1"
+        targetSdkVersion 29
+        versionCode 74
+        versionName "2.3.2"
     }
 
     sourceSets.main {
@@ -46,9 +46,13 @@ android {
 }
 
 dependencies {
-    implementation 'androidx.appcompat:appcompat:1.1.0'
-    implementation 'androidx.preference:preference:1.1.0'
+    implementation 'androidx.appcompat:appcompat:1.2.0'
+    implementation 'androidx.preference:preference:1.1.1'
     implementation 'androidx.legacy:legacy-support-v4:1.0.0'
-    implementation 'com.google.android.material:material:1.0.0'
+    implementation 'com.google.android.material:material:1.2.1'
     testImplementation 'junit:junit:4.12'
+    testImplementation 'org.mockito:mockito-core:2.28.2'
+    testImplementation 'org.powermock:powermock-core:2.0.2'
+    testImplementation 'org.powermock:powermock-module-junit4:2.0.2'
+    testImplementation 'org.powermock:powermock-api-mockito2:2.0.2'
 }

src/frontends/android/app/src/main/AndroidManifest.xml

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--
-    Copyright (C) 2012-2018 Tobias Brunner
+    Copyright (C) 2012-2020 Tobias Brunner
     Copyright (C) 2012 Giuliano Grassi
     Copyright (C) 2012 Ralf Sager
     HSR Hochschule fuer Technik Rapperswil
@@ -16,12 +16,14 @@
     for more details.
 -->
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
+    xmlns:tools="http://schemas.android.com/tools"
     package="org.strongswan.android">
 
     <uses-permission android:name="android.permission.INTERNET" />
     <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
     <uses-permission android:name="android.permission.FOREGROUND_SERVICE" />
     <uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
+    <uses-permission android:name="android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS" />
 
     <application
         android:name=".logic.StrongSwanApplication"
@@ -140,7 +142,7 @@
             android:name=".ui.TrustedCertificateImportActivity"
             android:label="@string/import_certificate"
             android:theme="@style/TransparentActivity" >
-            <intent-filter>
+            <intent-filter tools:ignore="AppLinkUrlError">
                 <action android:name="android.intent.action.VIEW" />
                 <category android:name="android.intent.category.DEFAULT" />
                 <data android:mimeType="application/x-x509-ca-cert" />

src/frontends/android/app/src/main/java/org/strongswan/android/data/VpnProfile.java

@@ -36,6 +36,7 @@ public class VpnProfile implements Cloneable
 	public static final int FLAGS_DISABLE_OCSP = 1 << 2;
 	public static final int FLAGS_STRICT_REVOCATION = 1 << 3;
 	public static final int FLAGS_RSA_PSS = 1 << 4;
+	public static final int FLAGS_IPv6_TRANSPORT = 1 << 5;
 
 	private String mName, mGateway, mUsername, mPassword, mCertificate, mUserCertificate;
 	private String mRemoteId, mLocalId, mExcludedSubnets, mIncludedSubnets, mSelectedApps;

src/frontends/android/app/src/main/java/org/strongswan/android/data/VpnProfileDataSource.java

@@ -235,7 +235,7 @@ public class VpnProfileDataSource
 					{
 						ContentValues values = new ContentValues();
 						values.put(KEY_UUID, UUID.randomUUID().toString());
-						db.update(TABLE_VPNPROFILE, values, KEY_ID + " = " + cursor.getLong(cursor.getColumnIndex(KEY_ID)), null);
+						db.update(TABLE_VPNPROFILE, values, KEY_ID + " = " + cursor.getLong(cursor.getColumnIndexOrThrow(KEY_ID)), null);
 					}
 					cursor.close();
 					db.setTransactionSuccessful();
@@ -433,29 +433,29 @@ public class VpnProfileDataSource
 	private VpnProfile VpnProfileFromCursor(Cursor cursor)
 	{
 		VpnProfile profile = new VpnProfile();
-		profile.setId(cursor.getLong(cursor.getColumnIndex(KEY_ID)));
-		profile.setUUID(UUID.fromString(cursor.getString(cursor.getColumnIndex(KEY_UUID))));
-		profile.setName(cursor.getString(cursor.getColumnIndex(KEY_NAME)));
-		profile.setGateway(cursor.getString(cursor.getColumnIndex(KEY_GATEWAY)));
-		profile.setVpnType(VpnType.fromIdentifier(cursor.getString(cursor.getColumnIndex(KEY_VPN_TYPE))));
-		profile.setUsername(cursor.getString(cursor.getColumnIndex(KEY_USERNAME)));
-		profile.setPassword(cursor.getString(cursor.getColumnIndex(KEY_PASSWORD)));
-		profile.setCertificateAlias(cursor.getString(cursor.getColumnIndex(KEY_CERTIFICATE)));
-		profile.setUserCertificateAlias(cursor.getString(cursor.getColumnIndex(KEY_USER_CERTIFICATE)));
-		profile.setMTU(getInt(cursor, cursor.getColumnIndex(KEY_MTU)));
-		profile.setPort(getInt(cursor, cursor.getColumnIndex(KEY_PORT)));
-		profile.setSplitTunneling(getInt(cursor, cursor.getColumnIndex(KEY_SPLIT_TUNNELING)));
-		profile.setLocalId(cursor.getString(cursor.getColumnIndex(KEY_LOCAL_ID)));
-		profile.setRemoteId(cursor.getString(cursor.getColumnIndex(KEY_REMOTE_ID)));
-		profile.setExcludedSubnets(cursor.getString(cursor.getColumnIndex(KEY_EXCLUDED_SUBNETS)));
-		profile.setIncludedSubnets(cursor.getString(cursor.getColumnIndex(KEY_INCLUDED_SUBNETS)));
-		profile.setSelectedAppsHandling(getInt(cursor, cursor.getColumnIndex(KEY_SELECTED_APPS)));
-		profile.setSelectedApps(cursor.getString(cursor.getColumnIndex(KEY_SELECTED_APPS_LIST)));
-		profile.setNATKeepAlive(getInt(cursor, cursor.getColumnIndex(KEY_NAT_KEEPALIVE)));
-		profile.setFlags(getInt(cursor, cursor.getColumnIndex(KEY_FLAGS)));
-		profile.setIkeProposal(cursor.getString(cursor.getColumnIndex(KEY_IKE_PROPOSAL)));
-		profile.setEspProposal(cursor.getString(cursor.getColumnIndex(KEY_ESP_PROPOSAL)));
-		profile.setDnsServers(cursor.getString(cursor.getColumnIndex(KEY_DNS_SERVERS)));
+		profile.setId(cursor.getLong(cursor.getColumnIndexOrThrow(KEY_ID)));
+		profile.setUUID(UUID.fromString(cursor.getString(cursor.getColumnIndexOrThrow(KEY_UUID))));
+		profile.setName(cursor.getString(cursor.getColumnIndexOrThrow(KEY_NAME)));
+		profile.setGateway(cursor.getString(cursor.getColumnIndexOrThrow(KEY_GATEWAY)));
+		profile.setVpnType(VpnType.fromIdentifier(cursor.getString(cursor.getColumnIndexOrThrow(KEY_VPN_TYPE))));
+		profile.setUsername(cursor.getString(cursor.getColumnIndexOrThrow(KEY_USERNAME)));
+		profile.setPassword(cursor.getString(cursor.getColumnIndexOrThrow(KEY_PASSWORD)));
+		profile.setCertificateAlias(cursor.getString(cursor.getColumnIndexOrThrow(KEY_CERTIFICATE)));
+		profile.setUserCertificateAlias(cursor.getString(cursor.getColumnIndexOrThrow(KEY_USER_CERTIFICATE)));
+		profile.setMTU(getInt(cursor, cursor.getColumnIndexOrThrow(KEY_MTU)));
+		profile.setPort(getInt(cursor, cursor.getColumnIndexOrThrow(KEY_PORT)));
+		profile.setSplitTunneling(getInt(cursor, cursor.getColumnIndexOrThrow(KEY_SPLIT_TUNNELING)));
+		profile.setLocalId(cursor.getString(cursor.getColumnIndexOrThrow(KEY_LOCAL_ID)));
+		profile.setRemoteId(cursor.getString(cursor.getColumnIndexOrThrow(KEY_REMOTE_ID)));
+		profile.setExcludedSubnets(cursor.getString(cursor.getColumnIndexOrThrow(KEY_EXCLUDED_SUBNETS)));
+		profile.setIncludedSubnets(cursor.getString(cursor.getColumnIndexOrThrow(KEY_INCLUDED_SUBNETS)));
+		profile.setSelectedAppsHandling(getInt(cursor, cursor.getColumnIndexOrThrow(KEY_SELECTED_APPS)));
+		profile.setSelectedApps(cursor.getString(cursor.getColumnIndexOrThrow(KEY_SELECTED_APPS_LIST)));
+		profile.setNATKeepAlive(getInt(cursor, cursor.getColumnIndexOrThrow(KEY_NAT_KEEPALIVE)));
+		profile.setFlags(getInt(cursor, cursor.getColumnIndexOrThrow(KEY_FLAGS)));
+		profile.setIkeProposal(cursor.getString(cursor.getColumnIndexOrThrow(KEY_IKE_PROPOSAL)));
+		profile.setEspProposal(cursor.getString(cursor.getColumnIndexOrThrow(KEY_ESP_PROPOSAL)));
+		profile.setDnsServers(cursor.getString(cursor.getColumnIndexOrThrow(KEY_DNS_SERVERS)));
 		return profile;
 	}
 

src/frontends/android/app/src/main/java/org/strongswan/android/logic/CharonVpnService.java

@@ -35,7 +35,6 @@ import android.os.Bundle;
 import android.os.Handler;
 import android.os.IBinder;
 import android.os.ParcelFileDescriptor;
-import android.preference.PreferenceManager;
 import android.security.KeyChain;
 import android.security.KeyChainException;
 import android.system.OsConstants;
@@ -77,6 +76,7 @@ import java.util.SortedSet;
 
 import androidx.core.app.NotificationCompat;
 import androidx.core.content.ContextCompat;
+import androidx.preference.PreferenceManager;
 
 public class CharonVpnService extends VpnService implements Runnable, VpnStateService.VpnStateListener
 {
@@ -288,7 +288,8 @@ public class CharonVpnService extends VpnService implements Runnable, VpnStateSe
 						SimpleFetcher.enable();
 						addNotification();
 						mBuilderAdapter.setProfile(mCurrentProfile);
-						if (initializeCharon(mBuilderAdapter, mLogFile, mAppDir, mCurrentProfile.getVpnType().has(VpnTypeFeature.BYOD)))
+						if (initializeCharon(mBuilderAdapter, mLogFile, mAppDir, mCurrentProfile.getVpnType().has(VpnTypeFeature.BYOD),
+											(mCurrentProfile.getFlags() & VpnProfile.FLAGS_IPv6_TRANSPORT) != 0))
 						{
 							Log.i(TAG, "charon started");
 
@@ -775,9 +776,10 @@ public class CharonVpnService extends VpnService implements Runnable, VpnStateSe
 	 * @param logfile absolute path to the logfile
 	 * @param appdir absolute path to the data directory of the app
 	 * @param byod enable BYOD features
+	 * @param ipv6 enable IPv6 transport
 	 * @return TRUE if initialization was successful
 	 */
-	public native boolean initializeCharon(BuilderAdapter builder, String logfile, String appdir, boolean byod);
+	public native boolean initializeCharon(BuilderAdapter builder, String logfile, String appdir, boolean byod, boolean ipv6);
 
 	/**
 	 * Deinitialize charon, provided by libandroidbridge.so
@@ -820,6 +822,12 @@ public class CharonVpnService extends VpnService implements Runnable, VpnStateSe
 			PendingIntent pending = PendingIntent.getActivity(context, 0, intent,
 															  PendingIntent.FLAG_UPDATE_CURRENT);
 			builder.setConfigureIntent(pending);
+
+			/* mark all VPN connections as unmetered (default changed for Android 10) */
+			if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.Q)
+			{
+				builder.setMetered(false);
+			}
 			return builder;
 		}
 

src/frontends/android/app/src/main/java/org/strongswan/android/logic/NetworkManager.java

@@ -21,7 +21,6 @@ import android.content.Intent;
 import android.content.IntentFilter;
 import android.net.ConnectivityManager;
 import android.net.Network;
-import android.net.NetworkInfo;
 import android.net.NetworkRequest;
 import android.os.Build;
 
@@ -126,10 +125,12 @@ public class NetworkManager extends BroadcastReceiver implements Runnable
 		}
 	}
 
+	@SuppressWarnings("deprecation")
 	public boolean isConnected()
 	{
+		/* deprecated since API level 29 */
 		ConnectivityManager cm = (ConnectivityManager)mContext.getSystemService(Context.CONNECTIVITY_SERVICE);
-		NetworkInfo info = null;
+		android.net.NetworkInfo info = null;
 		if (cm != null)
 		{
 			info = cm.getActiveNetworkInfo();

src/frontends/android/app/src/main/java/org/strongswan/android/logic/Scheduler.java

@@ -0,0 +1,169 @@
+/*
+ * Copyright (C) 2020 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+package org.strongswan.android.logic;
+
+import android.app.AlarmManager;
+import android.app.PendingIntent;
+import android.content.BroadcastReceiver;
+import android.content.Context;
+import android.content.Intent;
+import android.content.IntentFilter;
+import android.os.Build;
+
+import java.util.ArrayList;
+import java.util.PriorityQueue;
+import java.util.UUID;
+
+import androidx.annotation.RequiresApi;
+
+public class Scheduler extends BroadcastReceiver
+{
+	private final String EXECUTE_JOB = "org.strongswan.android.Scheduler.EXECUTE_JOB";
+	private final Context mContext;
+	private final AlarmManager mManager;
+	private final PriorityQueue<ScheduledJob> mJobs;
+
+	public Scheduler(Context context)
+	{
+		mContext = context;
+		mManager = (AlarmManager)context.getSystemService(Context.ALARM_SERVICE);
+		mJobs = new PriorityQueue<>();
+
+		IntentFilter filter = new IntentFilter();
+		filter.addAction(EXECUTE_JOB);
+		mContext.registerReceiver(this, filter);
+	}
+
+	/**
+	 * Remove all pending jobs and unregister the receiver.
+	 * Called via JNI.
+	 */
+	public void Terminate()
+	{
+		synchronized (this)
+		{
+			mJobs.clear();
+		}
+		mManager.cancel(createIntent());
+		mContext.unregisterReceiver(this);
+	}
+
+	/**
+	 * Allocate a job ID. Called via JNI.
+	 *
+	 * @return random ID for a new job
+	 */
+	public String allocateId()
+	{
+		return UUID.randomUUID().toString();
+	}
+
+	/**
+	 * Create a pending intent to execute a job.
+	 *
+	 * @return pending intent
+	 */
+	private PendingIntent createIntent()
+	{
+		/* using component/class doesn't work with dynamic broadcast receivers */
+		Intent intent = new Intent(EXECUTE_JOB);
+		intent.setPackage(mContext.getPackageName());
+		return PendingIntent.getBroadcast(mContext, 0, intent, 0);
+	}
+
+	/**
+	 * Schedule executing a job in the future.
+	 * Called via JNI from different threads.
+	 *
+	 * @param id job ID
+	 * @param ms delta in milliseconds when the job should be executed
+	 */
+	@RequiresApi(api = Build.VERSION_CODES.M)
+	public void scheduleJob(String id, long ms)
+	{
+		synchronized (this)
+		{
+			ScheduledJob job = new ScheduledJob(id, System.currentTimeMillis() + ms);
+			mJobs.add(job);
+
+			if (job == mJobs.peek())
+			{	/* update the alarm if the job has to be executed before all others */
+				PendingIntent pending = createIntent();
+				mManager.setExactAndAllowWhileIdle(AlarmManager.RTC_WAKEUP, job.Time, pending);
+			}
+		}
+	}
+
+	@RequiresApi(api = Build.VERSION_CODES.M)
+	@Override
+	public void onReceive(Context context, Intent intent)
+	{
+		ArrayList<ScheduledJob> jobs = new ArrayList<>();
+		long now = System.currentTimeMillis();
+
+		synchronized (this)
+		{
+			ScheduledJob job = mJobs.peek();
+			while (job != null)
+			{
+				if (job.Time > now)
+				{
+					break;
+				}
+				jobs.add(mJobs.remove());
+				job = mJobs.peek();
+			}
+			if (job != null)
+			{
+				PendingIntent pending = createIntent();
+				mManager.setExactAndAllowWhileIdle(AlarmManager.RTC_WAKEUP, job.Time, pending);
+			}
+		}
+
+		for (ScheduledJob job : jobs)
+		{
+			executeJob(job.Id);
+		}
+	}
+
+	/**
+	 * Execute the job with the given ID.
+	 *
+	 * @param id job ID
+	 */
+	public native void executeJob(String id);
+
+	/**
+	 * Keep track of scheduled jobs.
+	 */
+	private static class ScheduledJob implements Comparable<ScheduledJob>
+	{
+		String Id;
+		long Time;
+
+		ScheduledJob(String id, long time)
+		{
+			Id = id;
+			Time = time;
+		}
+
+		@Override
+		public int compareTo(ScheduledJob o)
+		{
+			return Long.compare(Time, o.Time);
+		}
+	}
+}

src/frontends/android/app/src/main/java/org/strongswan/android/logic/SimpleFetcher.java

@@ -118,7 +118,7 @@ public class SimpleFetcher
 	/**
 	 * Disable the fetcher and abort any future requests.
 	 *
-	 * The native thread is not cancelable as it is working on an IKE_SA (cancelling the methods of
+	 * The native thread is not cancelable as it is working on an IKE_SA (canceling the methods of
 	 * HttpURLConnection is not reliably possible anyway), so to abort while fetching we cancel the
 	 * Future (causing a return from fetch() immediately) and let the executor thread continue its
 	 * thing in the background.

src/frontends/android/app/src/main/java/org/strongswan/android/ui/ImcStateFragment.java

@@ -88,7 +88,7 @@ public class ImcStateFragment extends Fragment implements VpnStateListener
 		context.bindService(new Intent(context, VpnStateService.class),
 							mServiceConnection, Service.BIND_AUTO_CREATE);
 		/* hide it initially */
-		getFragmentManager().beginTransaction().hide(this).commit();
+		getParentFragmentManager().beginTransaction().hide(this).commit();
 	}
 
 	@Override
@@ -192,7 +192,7 @@ public class ImcStateFragment extends Fragment implements VpnStateListener
 
 	public void updateView()
 	{
-		FragmentManager fm = getFragmentManager();
+		FragmentManager fm = getParentFragmentManager();
 		if (fm == null)
 		{
 			return;

src/frontends/android/app/src/main/java/org/strongswan/android/ui/MainActivity.java

@@ -66,7 +66,7 @@ public class MainActivity extends AppCompatActivity implements OnVpnProfileSelec
 		ActionBar bar = getSupportActionBar();
 		bar.setDisplayShowHomeEnabled(true);
 		bar.setDisplayShowTitleEnabled(false);
-		bar.setIcon(R.drawable.ic_launcher);
+		bar.setIcon(R.mipmap.ic_app);
 
 		/* load CA certificates in a background task */
 		new LoadCertificatesTask().executeOnExecutor(AsyncTask.THREAD_POOL_EXECUTOR);

src/frontends/android/app/src/main/java/org/strongswan/android/ui/RemediationInstructionsFragment.java

@@ -81,7 +81,7 @@ public class RemediationInstructionsFragment extends ListFragment
 	{
 		super.onStart();
 
-		boolean two_pane = getFragmentManager().findFragmentById(R.id.remediation_instruction_fragment) != null;
+		boolean two_pane = getParentFragmentManager().findFragmentById(R.id.remediation_instruction_fragment) != null;
 		if (two_pane)
 		{	/* two-pane layout, make list items selectable */
 			getListView().setChoiceMode(ListView.CHOICE_MODE_SINGLE);

src/frontends/android/app/src/main/java/org/strongswan/android/ui/TrustedCertificateImportActivity.java

@@ -202,7 +202,7 @@ public class TrustedCertificateImportActivity extends AppCompatActivity
 			certificate = (X509Certificate)getArguments().getSerializable(VpnProfileDataSource.KEY_CERTIFICATE);
 
 			return new AlertDialog.Builder(getActivity())
-				.setIcon(R.drawable.ic_launcher)
+				.setIcon(R.mipmap.ic_app)
 				.setTitle(R.string.import_certificate)
 				.setMessage(certificate.getSubjectDN().toString())
 				.setPositiveButton(R.string.import_certificate, new DialogInterface.OnClickListener()

src/frontends/android/app/src/main/java/org/strongswan/android/ui/VpnProfileControlActivity.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2012-2018 Tobias Brunner
+ * Copyright (C) 2012-2020 Tobias Brunner
  * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -19,12 +19,18 @@ import android.app.Dialog;
 import android.app.Service;
 import android.content.ActivityNotFoundException;
 import android.content.ComponentName;
+import android.content.Context;
 import android.content.DialogInterface;
 import android.content.Intent;
 import android.content.ServiceConnection;
+import android.content.SharedPreferences;
+import android.net.Uri;
 import android.net.VpnService;
+import android.os.Build;
 import android.os.Bundle;
 import android.os.IBinder;
+import android.os.PowerManager;
+import android.provider.Settings;
 import android.view.LayoutInflater;
 import android.view.View;
 import android.widget.EditText;
@@ -36,13 +42,16 @@ import org.strongswan.android.data.VpnProfileDataSource;
 import org.strongswan.android.data.VpnType.VpnTypeFeature;
 import org.strongswan.android.logic.VpnStateService;
 import org.strongswan.android.logic.VpnStateService.State;
+import org.strongswan.android.utils.Constants;
 
+import androidx.annotation.NonNull;
 import androidx.appcompat.app.AlertDialog;
 import androidx.appcompat.app.AppCompatActivity;
 import androidx.appcompat.app.AppCompatDialogFragment;
 import androidx.fragment.app.Fragment;
 import androidx.fragment.app.FragmentManager;
 import androidx.fragment.app.FragmentTransaction;
+import androidx.preference.PreferenceManager;
 
 public class VpnProfileControlActivity extends AppCompatActivity
 {
@@ -51,6 +60,7 @@ public class VpnProfileControlActivity extends AppCompatActivity
 	public static final String EXTRA_VPN_PROFILE_ID = "org.strongswan.android.VPN_PROFILE_ID";
 
 	private static final int PREPARE_VPN_SERVICE = 0;
+	private static final int ADD_TO_POWER_WHITELIST = 1;
 	private static final String WAITING_FOR_RESULT = "WAITING_FOR_RESULT";
 	private static final String PROFILE_NAME = "PROFILE_NAME";
 	private static final String PROFILE_REQUIRES_PASSWORD = "REQUIRES_PASSWORD";
@@ -181,6 +191,34 @@ public class VpnProfileControlActivity extends AppCompatActivity
 		}
 	}
 
+	/**
+	 * Check if we are on the system's power whitelist, if necessary, or ask the user
+	 * to add us.
+	 * @return true if profile can be initiated immediately
+	 */
+	private boolean checkPowerWhitelist()
+	{
+		if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M)
+		{
+			PowerManager pm = (PowerManager)this.getSystemService(Context.POWER_SERVICE);
+			SharedPreferences pref = PreferenceManager.getDefaultSharedPreferences(this);
+			if (!pm.isIgnoringBatteryOptimizations(this.getPackageName()) &&
+				!pref.getBoolean(Constants.PREF_IGNORE_POWER_WHITELIST, false))
+			{
+				if (getSupportFragmentManager().isStateSaved())
+				{	/* we might get called via service connection and manual onActivityResult()
+					 * call when the activity is not active anymore and fragment transactions
+					 * would cause an illegalStateException */
+					return false;
+				}
+				PowerWhitelistRequired whitelist = new PowerWhitelistRequired();
+				whitelist.show(getSupportFragmentManager(), DIALOG_TAG);
+				return false;
+			}
+		}
+		return true;
+	}
+
 	@Override
 	protected void onActivityResult(int requestCode, int resultCode, Intent data)
 	{
@@ -190,11 +228,14 @@ public class VpnProfileControlActivity extends AppCompatActivity
 				mWaitingForResult = false;
 				if (resultCode == RESULT_OK && mProfileInfo != null)
 				{
-					if (mService != null)
+					if (checkPowerWhitelist())
 					{
-						mService.connect(mProfileInfo, true);
+						if (mService != null)
+						{
+							mService.connect(mProfileInfo, true);
+						}
+						finish();
 					}
-					finish();
 				}
 				else
 				{	/* this happens if the always-on VPN feature is activated by a different app or the user declined */
@@ -207,6 +248,14 @@ public class VpnProfileControlActivity extends AppCompatActivity
 					VpnNotSupportedError.showWithMessage(this, R.string.vpn_not_supported_no_permission);
 				}
 				break;
+			case ADD_TO_POWER_WHITELIST:
+				mWaitingForResult = false;
+				if (mProfileInfo != null && mService != null)
+				{
+					mService.connect(mProfileInfo, true);
+				}
+				finish();
+				break;
 			default:
 				super.onActivityResult(requestCode, resultCode, data);
 		}
@@ -531,6 +580,34 @@ public class VpnProfileControlActivity extends AppCompatActivity
 		}
 	}
 
+	/**
+	 * Class that displays a warning before asking the user to add the app to the
+	 * device's power whitelist.
+	 */
+	public static class PowerWhitelistRequired extends AppCompatDialogFragment
+	{
+		@Override
+		public Dialog onCreateDialog(Bundle savedInstanceState)
+		{
+			return new AlertDialog.Builder(getActivity())
+				.setTitle(R.string.power_whitelist_title)
+				.setMessage(R.string.power_whitelist_text)
+				.setPositiveButton(android.R.string.ok, (dialog, id) -> {
+					VpnProfileControlActivity activity = (VpnProfileControlActivity)getActivity();
+					activity.mWaitingForResult = true;
+					Intent intent = new Intent(Settings.ACTION_REQUEST_IGNORE_BATTERY_OPTIMIZATIONS,
+											   Uri.parse("package:" + activity.getPackageName()));
+					activity.startActivityForResult(intent, ADD_TO_POWER_WHITELIST);
+				}).create();
+		}
+
+		@Override
+		public void onCancel(@NonNull DialogInterface dialog)
+		{
+			getActivity().finish();
+		}
+	}
+
 	/**
 	 * Class representing an error message which is displayed if VpnService is
 	 * not supported on the current device.
@@ -556,7 +633,6 @@ public class VpnProfileControlActivity extends AppCompatActivity
 			return new AlertDialog.Builder(getActivity())
 				.setTitle(R.string.vpn_not_supported_title)
 				.setMessage(messageId)
-				.setCancelable(false)
 				.setPositiveButton(android.R.string.ok, new DialogInterface.OnClickListener()
 				{
 					@Override

src/frontends/android/app/src/main/java/org/strongswan/android/ui/VpnProfileDetailActivity.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2012-2019 Tobias Brunner
+ * Copyright (C) 2012-2020 Tobias Brunner
  * Copyright (C) 2012 Giuliano Grassi
  * Copyright (C) 2012 Ralf Sager
  * HSR Hochschule fuer Technik Rapperswil
@@ -124,6 +124,7 @@ public class VpnProfileDetailActivity extends AppCompatActivity
 	private Switch mUseOcsp;
 	private Switch mStrictRevocation;
 	private Switch mRsaPss;
+	private Switch mIPv6Transport;
 	private EditText mNATKeepalive;
 	private TextInputLayoutHelper mNATKeepaliveWrap;
 	private EditText mIncludedSubnets;
@@ -194,6 +195,7 @@ public class VpnProfileDetailActivity extends AppCompatActivity
 		mUseOcsp = findViewById(R.id.use_ocsp);
 		mStrictRevocation= findViewById(R.id.strict_revocation);
 		mRsaPss= findViewById(R.id.rsa_pss);
+		mIPv6Transport= findViewById(R.id.ipv6_transport);
 		mIncludedSubnets = (EditText)findViewById(R.id.included_subnets);
 		mIncludedSubnetsWrap = (TextInputLayoutHelper)findViewById(R.id.included_subnets_wrap);
 		mExcludedSubnets = (EditText)findViewById(R.id.excluded_subnets);
@@ -712,6 +714,7 @@ public class VpnProfileDetailActivity extends AppCompatActivity
 		flags |= !mUseOcsp.isChecked() ? VpnProfile.FLAGS_DISABLE_OCSP : 0;
 		flags |= mStrictRevocation.isChecked() ? VpnProfile.FLAGS_STRICT_REVOCATION : 0;
 		flags |= mRsaPss.isChecked() ? VpnProfile.FLAGS_RSA_PSS : 0;
+		flags |= mIPv6Transport.isChecked() ? VpnProfile.FLAGS_IPv6_TRANSPORT : 0;
 		mProfile.setFlags(flags);
 		mProfile.setIncludedSubnets(getString(mIncludedSubnets));
 		mProfile.setExcludedSubnets(getString(mExcludedSubnets));
@@ -782,6 +785,7 @@ public class VpnProfileDetailActivity extends AppCompatActivity
 		mUseOcsp.setChecked(flags == null || (flags & VpnProfile.FLAGS_DISABLE_OCSP) == 0);
 		mStrictRevocation.setChecked(flags != null && (flags & VpnProfile.FLAGS_STRICT_REVOCATION) != 0);
 		mRsaPss.setChecked(flags != null && (flags & VpnProfile.FLAGS_RSA_PSS) != 0);
+		mIPv6Transport.setChecked(flags != null && (flags & VpnProfile.FLAGS_IPv6_TRANSPORT) != 0);
 
 		/* check if the user selected a user certificate previously */
 		useralias = savedInstanceState == null ? useralias : savedInstanceState.getString(VpnProfileDataSource.KEY_USER_CERTIFICATE);

src/frontends/android/app/src/main/java/org/strongswan/android/ui/VpnProfileImportActivity.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2016-2019 Tobias Brunner
+ * Copyright (C) 2016-2020 Tobias Brunner
  * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -463,8 +463,7 @@ public class VpnProfileImportActivity extends AppCompatActivity
 		}
 		catch (IllegalArgumentException e)
 		{
-			e.printStackTrace();
-			return null;
+			throw new JSONException(getString(R.string.profile_import_failed_value, "uuid"));
 		}
 		ParsedVpnProfile profile = new ParsedVpnProfile();
 		Integer flags = 0;
@@ -528,6 +527,11 @@ public class VpnProfileImportActivity extends AppCompatActivity
 		profile.setDnsServers(getAddressList(obj, "dns-servers"));
 		profile.setMTU(getInteger(obj, "mtu", Constants.MTU_MIN, Constants.MTU_MAX));
 		profile.setNATKeepAlive(getInteger(obj, "nat-keepalive", Constants.NAT_KEEPALIVE_MIN, Constants.NAT_KEEPALIVE_MAX));
+		if (obj.optBoolean("ipv6-transport", false))
+		{
+			flags |= VpnProfile.FLAGS_IPv6_TRANSPORT;
+		}
+
 		JSONObject split = obj.optJSONObject("split-tunneling");
 		if (split != null)
 		{

src/frontends/android/app/src/main/java/org/strongswan/android/ui/VpnTileService.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2018 Tobias Brunner
+ * Copyright (C) 2018-2019 Tobias Brunner
  * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -25,7 +25,6 @@ import android.content.SharedPreferences;
 import android.graphics.drawable.Icon;
 import android.os.Build;
 import android.os.IBinder;
-import android.preference.PreferenceManager;
 import android.service.quicksettings.Tile;
 import android.service.quicksettings.TileService;
 
@@ -36,9 +35,12 @@ import org.strongswan.android.data.VpnType;
 import org.strongswan.android.logic.VpnStateService;
 import org.strongswan.android.utils.Constants;
 
+import androidx.preference.PreferenceManager;
+
 @TargetApi(Build.VERSION_CODES.N)
 public class VpnTileService extends TileService implements VpnStateService.VpnStateListener
 {
+	private boolean mListening;
 	private VpnProfileDataSource mDataSource;
 	private VpnStateService mService;
 	private final ServiceConnection mServiceConnection = new ServiceConnection()
@@ -53,7 +55,7 @@ public class VpnTileService extends TileService implements VpnStateService.VpnSt
 		public void onServiceConnected(ComponentName name, IBinder service)
 		{
 			mService = ((VpnStateService.LocalBinder)service).getService();
-			if (mDataSource != null)
+			if (mListening && mDataSource != null)
 			{
 				mService.registerListener(VpnTileService.this);
 				updateTile();
@@ -69,6 +71,9 @@ public class VpnTileService extends TileService implements VpnStateService.VpnSt
 		Context context = getApplicationContext();
 		context.bindService(new Intent(context, VpnStateService.class),
 							mServiceConnection, Service.BIND_AUTO_CREATE);
+
+		mDataSource = new VpnProfileDataSource(this);
+		mDataSource.open();
 	}
 
 	@Override
@@ -80,15 +85,15 @@ public class VpnTileService extends TileService implements VpnStateService.VpnSt
 		{
 			getApplicationContext().unbindService(mServiceConnection);
 		}
+		mDataSource.close();
+		mDataSource = null;
 	}
 
 	@Override
 	public void onStartListening()
 	{
 		super.onStartListening();
-
-		mDataSource = new VpnProfileDataSource(this);
-		mDataSource.open();
+		mListening = true;
 
 		if (mService != null)
 		{
@@ -101,14 +106,12 @@ public class VpnTileService extends TileService implements VpnStateService.VpnSt
 	public void onStopListening()
 	{
 		super.onStopListening();
+		mListening = false;
 
 		if (mService != null)
 		{
 			mService.unregisterListener(this);
 		}
-
-		mDataSource.close();
-		mDataSource = null;
 	}
 
 	private VpnProfile getProfile()
@@ -119,8 +122,7 @@ public class VpnTileService extends TileService implements VpnStateService.VpnSt
 		{
 			uuid = pref.getString(Constants.PREF_MRU_VPN_PROFILE, null);
 		}
-
-		return mDataSource.getVpnProfile(uuid);
+		return mDataSource != null ? mDataSource.getVpnProfile(uuid) : null;
 	}
 
 	@Override
@@ -134,7 +136,7 @@ public class VpnTileService extends TileService implements VpnStateService.VpnSt
 			{
 				profile = getProfile();
 			}
-			else
+			else if (mDataSource != null)
 			{   /* always get the plain profile without cached password */
 				profile = mDataSource.getVpnProfile(profile.getId());
 			}