870 lines
30 KiB
Plaintext
870 lines
30 KiB
Plaintext
strongswan-4.0.6
|
|
----------------
|
|
|
|
- IKEv2: Support for reauthentication when rekeying
|
|
|
|
- fixed most (all?) bugs related to byte order
|
|
|
|
- a lot of bugfixes
|
|
|
|
|
|
strongswan-4.0.5
|
|
----------------
|
|
|
|
- IKEv1: Implementation of ModeConfig push mode via the new connection
|
|
keyword modeconfig=push allows interoperability with Cisco VPN gateways.
|
|
|
|
- IKEv1: The command ipsec statusall now shows "DPD active" for all
|
|
ISAKMP SAs that are under active Dead Peer Detection control.
|
|
|
|
- IKEv2: Charon's logging and debugging framework has been completely rewritten.
|
|
Instead of logger, special printf() functions are used to directly
|
|
print objects like hosts (%H) identifications (%D), certificates (%Q),
|
|
etc. The number of debugging levels have been reduced to:
|
|
|
|
0 (audit), 1 (control), 2 (controlmore), 3 (raw), 4 (private)
|
|
|
|
The debugging levels can either be specified statically in ipsec.conf as
|
|
|
|
config setup
|
|
charondebug="lib 1, cfg 3, net 2"
|
|
|
|
or changed at runtime via stroke as
|
|
|
|
ipsec stroke loglevel cfg 2
|
|
|
|
|
|
strongswan-4.0.4
|
|
----------------
|
|
|
|
- Implemented full support for IPv6-in-IPv6 tunnels.
|
|
|
|
- Added configuration options for dead peer detection in IKEv2. dpd_action
|
|
types "clear", "hold" and "restart" are supported. The dpd_timeout
|
|
value is not used, as the normal retransmission policy applies to
|
|
detect dead peers. The dpd_delay parameter enables sending of empty
|
|
informational message to detect dead peers in case of inactivity.
|
|
|
|
- Added support for preshared keys in IKEv2. PSK keys configured in
|
|
ipsec.secrets are loaded. The authby parameter specifies the authentication
|
|
method to authentificate ourself, the other peer may use PSK or RSA.
|
|
|
|
- Changed retransmission policy to respect the keyingtries parameter.
|
|
|
|
- Added private key decryption. PEM keys encrypted with AES-128/192/256
|
|
or 3DES are supported.
|
|
|
|
- Implemented DES/3DES algorithms in libstrongswan. 3DES can be used to
|
|
encrypt IKE traffic.
|
|
|
|
- Implemented SHA-256/384/512 in libstrongswan, allows usage of certificates
|
|
signed with such a hash algorithm.
|
|
|
|
- Added initial support for updown scripts. The actions up-host/client and
|
|
down-host/client are executed. The leftfirewall=yes parameter
|
|
uses the default updown script to insert dynamic firewall rules, a custom
|
|
updown script may be specified with the leftupdown parameter.
|
|
|
|
|
|
strongswan-4.0.3
|
|
----------------
|
|
|
|
- Added support for the auto=route ipsec.conf parameter and the
|
|
ipsec route/unroute commands for IKEv2. This allows to set up IKE_SAs and
|
|
CHILD_SAs dynamically on demand when traffic is detected by the
|
|
kernel.
|
|
|
|
- Added support for rekeying IKE_SAs in IKEv2 using the ikelifetime parameter.
|
|
As specified in IKEv2, no reauthentication is done (unlike in IKEv1), only
|
|
new keys are generated using perfect forward secrecy. An optional flag
|
|
which enforces reauthentication will be implemented later.
|
|
|
|
- "sha" and "sha1" are now treated as synonyms in the ike= and esp=
|
|
algorithm configuration statements.
|
|
|
|
|
|
strongswan-4.0.2
|
|
----------------
|
|
|
|
- Full X.509 certificate trust chain verification has been implemented.
|
|
End entity certificates can be exchanged via CERT payloads. The current
|
|
default is leftsendcert=always, since CERTREQ payloads are not supported
|
|
yet. Optional CRLs must be imported locally into /etc/ipsec.d/crls.
|
|
|
|
- Added support for leftprotoport/rightprotoport parameters in IKEv2. IKEv2
|
|
would offer more possibilities for traffic selection, but the Linux kernel
|
|
currently does not support it. That's why we stick with these simple
|
|
ipsec.conf rules for now.
|
|
|
|
- Added Dead Peer Detection (DPD) which checks liveliness of remote peer if no
|
|
IKE or ESP traffic is received. DPD is currently hardcoded (dpdaction=clear,
|
|
dpddelay=60s).
|
|
|
|
- Initial NAT traversal support in IKEv2. Charon includes NAT detection
|
|
notify payloads to detect NAT routers between the peers. It switches
|
|
to port 4500, uses UDP encapsulated ESP packets, handles peer address
|
|
changes gracefully and sends keep alive message periodically.
|
|
|
|
- Reimplemented IKE_SA state machine for charon, which allows simultaneous
|
|
rekeying, more shared code, cleaner design, proper retransmission
|
|
and a more extensible code base.
|
|
|
|
- The mixed PSK/RSA roadwarrior detection capability introduced by the
|
|
strongswan-2.7.0 release necessitated the pre-parsing of the IKE proposal
|
|
payloads by the responder right before any defined IKE Main Mode state had
|
|
been established. Although any form of bad proposal syntax was being correctly
|
|
detected by the payload parser, the subsequent error handler didn't check
|
|
the state pointer before logging current state information, causing an
|
|
immediate crash of the pluto keying daemon due to a NULL pointer.
|
|
|
|
|
|
strongswan-4.0.1
|
|
----------------
|
|
|
|
- Added algorithm selection to charon: New default algorithms for
|
|
ike=aes128-sha-modp2048, as both daemons support it. The default
|
|
for IPsec SAs is now esp=aes128-sha,3des-md5. charon handles
|
|
the ike/esp parameter the same way as pluto. As this syntax does
|
|
not allow specification of a pseudo random function, the same
|
|
algorithm as for integrity is used (currently sha/md5). Supported
|
|
algorithms for IKE:
|
|
Encryption: aes128, aes192, aes256
|
|
Integrity/PRF: md5, sha (using hmac)
|
|
DH-Groups: modp768, 1024, 1536, 2048, 4096, 8192
|
|
and for ESP:
|
|
Encryption: aes128, aes192, aes256, 3des, blowfish128,
|
|
blowfish192, blowfish256
|
|
Integrity: md5, sha1
|
|
More IKE encryption algorithms will come after porting libcrypto into
|
|
libstrongswan.
|
|
|
|
- initial support for rekeying CHILD_SAs using IKEv2. Currently no
|
|
perfect forward secrecy is used. The rekeying parameters rekey,
|
|
rekeymargin, rekeyfuzz and keylife from ipsec.conf are now supported
|
|
when using IKEv2. WARNING: charon currently is unable to handle
|
|
simultaneous rekeying. To avoid such a situation, use a large
|
|
rekeyfuzz, or even better, set rekey=no on one peer.
|
|
|
|
- support for host2host, net2net, host2net (roadwarrior) tunnels
|
|
using predefined RSA certificates (see uml scenarios for
|
|
configuration examples).
|
|
|
|
- new build environment featuring autotools. Features such
|
|
as HTTP, LDAP and smartcard support may be enabled using
|
|
the ./configure script. Changing install directories
|
|
is possible, too. See ./configure --help for more details.
|
|
|
|
- better integration of charon with ipsec starter, which allows
|
|
(almost) transparent operation with both daemons. charon
|
|
handles ipsec commands up, down, status, statusall, listall,
|
|
listcerts and allows proper load, reload and delete of connections
|
|
via ipsec starter.
|
|
|
|
|
|
strongswan-4.0.0
|
|
----------------
|
|
|
|
- initial support of the IKEv2 protocol. Connections in
|
|
ipsec.conf designated by keyexchange=ikev2 are negotiated
|
|
by the new IKEv2 charon keying daemon whereas those marked
|
|
by keyexchange=ikev1 or the default keyexchange=ike are
|
|
handled thy the IKEv1 pluto keying daemon. Currently only
|
|
a limited subset of functions are available with IKEv2
|
|
(Default AES encryption, authentication based on locally
|
|
imported X.509 certificates, unencrypted private RSA keys
|
|
in PKCS#1 file format, limited functionality of the ipsec
|
|
status command).
|
|
|
|
|
|
strongswan-2.7.0
|
|
----------------
|
|
|
|
- the dynamic iptables rules from the _updown_x509 template
|
|
for KLIPS and the _updown_policy template for NETKEY have
|
|
been merged into the default _updown script. The existing
|
|
left|rightfirewall keyword causes the automatic insertion
|
|
and deletion of ACCEPT rules for tunneled traffic upon
|
|
the successful setup and teardown of an IPsec SA, respectively.
|
|
left|rightfirwall can be used with KLIPS under any Linux 2.4
|
|
kernel or with NETKEY under a Linux kernel version >= 2.6.16
|
|
in conjuction with iptables >= 1.3.5. For NETKEY under a Linux
|
|
kernel version < 2.6.16 which does not support IPsec policy
|
|
matching yet, please continue to use a copy of the _updown_espmark
|
|
template loaded via the left|rightupdown keyword.
|
|
|
|
- a new left|righthostaccess keyword has been introduced which
|
|
can be used in conjunction with left|rightfirewall and the
|
|
default _updown script. By default leftfirewall=yes inserts
|
|
a bi-directional iptables FORWARD rule for a local client network
|
|
with a netmask different from 255.255.255.255 (single host).
|
|
This does not allow to access the VPN gateway host via its
|
|
internal network interface which is part of the client subnet
|
|
because an iptables INPUT and OUTPUT rule would be required.
|
|
lefthostaccess=yes will cause this additional ACCEPT rules to
|
|
be inserted.
|
|
|
|
- mixed PSK|RSA roadwarriors are now supported. The ISAKMP proposal
|
|
payload is preparsed in order to find out whether the roadwarrior
|
|
requests PSK or RSA so that a matching connection candidate can
|
|
be found.
|
|
|
|
|
|
strongswan-2.6.4
|
|
----------------
|
|
|
|
- the new _updown_policy template allows ipsec policy based
|
|
iptables firewall rules. Required are iptables version
|
|
>= 1.3.5 and linux kernel >= 2.6.16. This script obsoletes
|
|
the _updown_espmark template, so that no INPUT mangle rules
|
|
are required any more.
|
|
|
|
- added support of DPD restart mode
|
|
|
|
- ipsec starter now allows the use of wildcards in include
|
|
statements as e.g. in "include /etc/my_ipsec/*.conf".
|
|
Patch courtesy of Matthias Haas.
|
|
|
|
- the Netscape OID 'employeeNumber' is now recognized and can be
|
|
used as a Relative Distinguished Name in certificates.
|
|
|
|
|
|
strongswan-2.6.3
|
|
----------------
|
|
|
|
- /etc/init.d/ipsec or /etc/rc.d/ipsec is now a copy of the ipsec
|
|
command and not of ipsec setup any more.
|
|
|
|
- ipsec starter now supports AH authentication in conjunction with
|
|
ESP encryption. AH authentication is configured in ipsec.conf
|
|
via the auth=ah parameter.
|
|
|
|
- The command ipsec scencrypt|scdecrypt <args> is now an alias for
|
|
ipsec whack --scencrypt|scdecrypt <args>.
|
|
|
|
- get_sa_info() now determines for the native netkey IPsec stack
|
|
the exact time of the last use of an active eroute. This information
|
|
is used by the Dead Peer Detection algorithm and is also displayed by
|
|
the ipsec status command.
|
|
|
|
|
|
strongswan-2.6.2
|
|
----------------
|
|
|
|
- running under the native Linux 2.6 IPsec stack, the function
|
|
get_sa_info() is called by ipsec auto --status to display the current
|
|
number of transmitted bytes per IPsec SA.
|
|
|
|
- get_sa_info() is also used by the Dead Peer Detection process to detect
|
|
recent ESP activity. If ESP traffic was received from the peer within
|
|
the last dpd_delay interval then no R_Y_THERE notification must be sent.
|
|
|
|
- strongSwan now supports the Relative Distinguished Name "unstructuredName"
|
|
in ID_DER_ASN1_DN identities. The following notations are possible:
|
|
|
|
rightid="unstructuredName=John Doe"
|
|
rightid="UN=John Doe"
|
|
|
|
- fixed a long-standing bug which caused PSK-based roadwarrior connections
|
|
to segfault in the function id.c:same_id() called by keys.c:get_secret()
|
|
if an FQDN, USER_FQDN, or Key ID was defined, as in the following example.
|
|
|
|
conn rw
|
|
right=%any
|
|
rightid=@foo.bar
|
|
authby=secret
|
|
|
|
- the ipsec command now supports most ipsec auto commands (e.g. ipsec listall).
|
|
|
|
- ipsec starter didn't set host_addr and client.addr ports in whack msg.
|
|
|
|
- in order to guarantee backwards-compatibility with the script-based
|
|
auto function (e.g. auto --replace), the ipsec starter scripts stores
|
|
the defaultroute information in the temporary file /var/run/ipsec.info.
|
|
|
|
- The compile-time option USE_XAUTH_VID enables the sending of the XAUTH
|
|
Vendor ID which is expected by Cisco PIX 7 boxes that act as IKE Mode Config
|
|
servers.
|
|
|
|
- the ipsec starter now also recognizes the parameters authby=never and
|
|
type=passthrough|pass|drop|reject.
|
|
|
|
|
|
strongswan-2.6.1
|
|
----------------
|
|
|
|
- ipsec starter now supports the also parameter which allows
|
|
a modular structure of the connection definitions. Thus
|
|
"ipsec start" is now ready to replace "ipsec setup".
|
|
|
|
|
|
strongswan-2.6.0
|
|
----------------
|
|
|
|
- Mathieu Lafon's popular ipsec starter tool has been added to the
|
|
strongSwan distribution. Many thanks go to Stephan Scholz from astaro
|
|
for his integration work. ipsec starter is a C program which is going
|
|
to replace the various shell and awk starter scripts (setup, _plutoload,
|
|
_plutostart, _realsetup, _startklips, _confread, and auto). Since
|
|
ipsec.conf is now parsed only once, the starting of multiple tunnels is
|
|
accelerated tremedously.
|
|
|
|
- Added support of %defaultroute to the ipsec starter. If the IP address
|
|
changes, a HUP signal to the ipsec starter will automatically
|
|
reload pluto's connections.
|
|
|
|
- moved most compile time configurations from pluto/Makefile to
|
|
Makefile.inc by defining the options USE_LIBCURL, USE_LDAP,
|
|
USE_SMARTCARD, and USE_NAT_TRAVERSAL_TRANSPORT_MODE.
|
|
|
|
- removed the ipsec verify and ipsec newhostkey commands
|
|
|
|
- fixed some 64-bit issues in formatted print statements
|
|
|
|
- The scepclient functionality implementing the Simple Certificate
|
|
Enrollment Protocol (SCEP) is nearly complete but hasn't been
|
|
documented yet.
|
|
|
|
|
|
strongswan-2.5.7
|
|
----------------
|
|
|
|
- CA certicates are now automatically loaded from a smartcard
|
|
or USB crypto token and appear in the ipsec auto --listcacerts
|
|
listing.
|
|
|
|
|
|
strongswan-2.5.6
|
|
----------------
|
|
|
|
- when using "ipsec whack --scencrypt <data>" with a PKCS#11
|
|
library that does not support the C_Encrypt() Cryptoki
|
|
function (e.g. OpenSC), the RSA encryption is done in
|
|
software using the public key fetched from the smartcard.
|
|
|
|
- The scepclient function now allows to define the
|
|
validity of a self-signed certificate using the --days,
|
|
--startdate, and --enddate options. The default validity
|
|
has been changed from one year to five years.
|
|
|
|
|
|
strongswan-2.5.5
|
|
----------------
|
|
|
|
- the config setup parameter pkcs11proxy=yes opens pluto's PKCS#11
|
|
interface to other applications for RSA encryption and decryption
|
|
via the whack interface. Notation:
|
|
|
|
ipsec whack --scencrypt <data>
|
|
[--inbase 16|hex|64|base64|256|text|ascii]
|
|
[--outbase 16|hex|64|base64|256|text|ascii]
|
|
[--keyid <keyid>]
|
|
|
|
ipsec whack --scdecrypt <data>
|
|
[--inbase 16|hex|64|base64|256|text|ascii]
|
|
[--outbase 16|hex|64|base64|256|text|ascii]
|
|
[--keyid <keyid>]
|
|
|
|
The default setting for inbase and outbase is hex.
|
|
|
|
The new proxy interface can be used for securing symmetric
|
|
encryption keys required by the cryptoloop or dm-crypt
|
|
disk encryption schemes, especially in the case when
|
|
pkcs11keepstate=yes causes pluto to lock the pkcs11 slot
|
|
permanently.
|
|
|
|
- if the file /etc/ipsec.secrets is lacking during the startup of
|
|
pluto then the root-readable file /etc/ipsec.d/private/myKey.der
|
|
containing a 2048 bit RSA private key and a matching self-signed
|
|
certificate stored in the file /etc/ipsec.d/certs/selfCert.der
|
|
is automatically generated by calling the function
|
|
|
|
ipsec scepclient --out pkcs1 --out cert-self
|
|
|
|
scepclient was written by Jan Hutter and Martin Willi, students
|
|
at the University of Applied Sciences in Rapperswil, Switzerland.
|
|
|
|
|
|
strongswan-2.5.4
|
|
----------------
|
|
|
|
- the current extension of the PKCS#7 framework introduced
|
|
a parsing error in PKCS#7 wrapped X.509 certificates that are
|
|
e.g. transmitted by Windows XP when multi-level CAs are used.
|
|
the parsing syntax has been fixed.
|
|
|
|
- added a patch by Gerald Richter which tolerates multiple occurrences
|
|
of the ipsec0 interface when using KLIPS.
|
|
|
|
|
|
strongswan-2.5.3
|
|
----------------
|
|
|
|
- with gawk-3.1.4 the word "default2 has become a protected
|
|
keyword for use in switch statements and cannot be used any
|
|
more in the strongSwan scripts. This problem has been
|
|
solved by renaming "default" to "defaults" and "setdefault"
|
|
in the scripts _confread and auto, respectively.
|
|
|
|
- introduced the parameter leftsendcert with the values
|
|
|
|
always|yes (the default, always send a cert)
|
|
ifasked (send the cert only upon a cert request)
|
|
never|no (never send a cert, used for raw RSA keys and
|
|
self-signed certs)
|
|
|
|
- fixed the initialization of the ESP key length to a default of
|
|
128 bits in the case that the peer does not send a key length
|
|
attribute for AES encryption.
|
|
|
|
- applied Herbert Xu's uniqueIDs patch
|
|
|
|
- applied Herbert Xu's CLOEXEC patches
|
|
|
|
|
|
strongswan-2.5.2
|
|
----------------
|
|
|
|
- CRLs can now be cached also in the case when the issuer's
|
|
certificate does not contain a subjectKeyIdentifier field.
|
|
In that case the subjectKeyIdentifier is computed by pluto as the
|
|
160 bit SHA-1 hash of the issuer's public key in compliance
|
|
with section 4.2.1.2 of RFC 3280.
|
|
|
|
- Fixed a bug introduced by strongswan-2.5.1 which eliminated
|
|
not only multiple Quick Modes of a given connection but also
|
|
multiple connections between two security gateways.
|
|
|
|
|
|
strongswan-2.5.1
|
|
----------------
|
|
|
|
- Under the native IPsec of the Linux 2.6 kernel, a %trap eroute
|
|
installed either by setting auto=route in ipsec.conf or by
|
|
a connection put into hold, generates an XFRM_AQUIRE event
|
|
for each packet that wants to use the not-yet exisiting
|
|
tunnel. Up to now each XFRM_AQUIRE event led to an entry in
|
|
the Quick Mode queue, causing multiple IPsec SA to be
|
|
established in rapid succession. Starting with strongswan-2.5.1
|
|
only a single IPsec SA is established per host-pair connection.
|
|
|
|
- Right after loading the PKCS#11 module, all smartcard slots are
|
|
searched for certificates. The result can be viewed using
|
|
the command
|
|
|
|
ipsec auto --listcards
|
|
|
|
The certificate objects found in the slots are numbered
|
|
starting with #1, #2, etc. This position number can be used to address
|
|
certificates (leftcert=%smartcard) and keys (: PIN %smartcard)
|
|
in ipsec.conf and ipsec.secrets, respectively:
|
|
|
|
%smartcard (selects object #1)
|
|
%smartcard#1 (selects object #1)
|
|
%smartcard#3 (selects object #3)
|
|
|
|
As an alternative the existing retrieval scheme can be used:
|
|
|
|
%smartcard:45 (selects object with id=45)
|
|
%smartcard0 (selects first object in slot 0)
|
|
%smartcard4:45 (selects object in slot 4 with id=45)
|
|
|
|
- Depending on the settings of CKA_SIGN and CKA_DECRYPT
|
|
private key flags either C_Sign() or C_Decrypt() is used
|
|
to generate a signature.
|
|
|
|
- The output buffer length parameter siglen in C_Sign()
|
|
is now initialized to the actual size of the output
|
|
buffer prior to the function call. This fixes the
|
|
CKR_BUFFER_TOO_SMALL error that could occur when using
|
|
the OpenSC PKCS#11 module.
|
|
|
|
- Changed the initialization of the PKCS#11 CK_MECHANISM in
|
|
C_SignInit() to mech = { CKM_RSA_PKCS, NULL_PTR, 0 }.
|
|
|
|
- Refactored the RSA public/private key code and transferred it
|
|
from keys.c to the new pkcs1.c file as a preparatory step
|
|
towards the release of the SCEP client.
|
|
|
|
|
|
strongswan-2.5.0
|
|
----------------
|
|
|
|
- The loading of a PKCS#11 smartcard library module during
|
|
runtime does not require OpenSC library functions any more
|
|
because the corresponding code has been integrated into
|
|
smartcard.c. Also the RSAREF pkcs11 header files have been
|
|
included in a newly created pluto/rsaref directory so that
|
|
no external include path has to be defined any longer.
|
|
|
|
- A long-awaited feature has been implemented at last:
|
|
The local caching of CRLs fetched via HTTP or LDAP, activated
|
|
by the parameter cachecrls=yes in the config setup section
|
|
of ipsec.conf. The dynamically fetched CRLs are stored under
|
|
a unique file name containing the issuer's subjectKeyID
|
|
in /etc/ipsec.d/crls.
|
|
|
|
- Applied a one-line patch courtesy of Michael Richardson
|
|
from the Openswan project which fixes the kernel-oops
|
|
in KLIPS when an snmp daemon is running on the same box.
|
|
|
|
|
|
strongswan-2.4.4
|
|
----------------
|
|
|
|
- Eliminated null length CRL distribution point strings.
|
|
|
|
- Fixed a trust path evaluation bug introduced with 2.4.3
|
|
|
|
|
|
strongswan-2.4.3
|
|
----------------
|
|
|
|
- Improved the joint OCSP / CRL revocation policy.
|
|
OCSP responses have precedence over CRL entries.
|
|
|
|
- Introduced support of CRLv2 reason codes.
|
|
|
|
- Fixed a bug with key-pad equipped readers which caused
|
|
pluto to prompt for the pin via the console when the first
|
|
occasion to enter the pin via the key-pad was missed.
|
|
|
|
- When pluto is built with LDAP_V3 enabled, the library
|
|
liblber required by newer versions of openldap is now
|
|
included.
|
|
|
|
|
|
strongswan-2.4.2
|
|
----------------
|
|
|
|
- Added the _updown_espmark template which requires all
|
|
incoming ESP traffic to be marked with a default mark
|
|
value of 50.
|
|
|
|
- Introduced the pkcs11keepstate parameter in the config setup
|
|
section of ipsec.conf. With pkcs11keepstate=yes the PKCS#11
|
|
session and login states are kept as long as possible during
|
|
the lifetime of pluto. This means that a PIN entry via a key
|
|
pad has to be done only once.
|
|
|
|
- Introduced the pkcs11module parameter in the config setup
|
|
section of ipsec.conf which specifies the PKCS#11 module
|
|
to be used with smart cards. Example:
|
|
|
|
pkcs11module=/usr/lib/pkcs11/opensc-pkcs11.lo
|
|
|
|
- Added support of smartcard readers equipped with a PIN pad.
|
|
|
|
- Added patch by Jay Pfeifer which detects when netkey
|
|
modules have been statically built into the Linux 2.6 kernel.
|
|
|
|
- Added two patches by Herbert Xu. The first uses ip xfrm
|
|
instead of setkey to flush the IPsec policy database. The
|
|
second sets the optional flag in inbound IPComp SAs only.
|
|
|
|
- Applied Ulrich Weber's patch which fixes an interoperability
|
|
problem between native IPsec and KLIPS systems caused by
|
|
setting the replay window to 32 instead of 0 for ipcomp.
|
|
|
|
|
|
strongswan-2.4.1
|
|
----------------
|
|
|
|
- Fixed a bug which caused an unwanted Mode Config request
|
|
to be initiated in the case where "right" was used to denote
|
|
the local side in ipsec.conf and "left" the remote side,
|
|
contrary to the recommendation that "right" be remote and
|
|
"left" be"local".
|
|
|
|
|
|
strongswan-2.4.0a
|
|
-----------------
|
|
|
|
- updated Vendor ID to strongSwan-2.4.0
|
|
|
|
- updated copyright statement to include David Buechi and
|
|
Michael Meier
|
|
|
|
|
|
strongswan-2.4.0
|
|
----------------
|
|
|
|
- strongSwan now communicates with attached smartcards and
|
|
USB crypto tokens via the standardized PKCS #11 interface.
|
|
By default the OpenSC library from www.opensc.org is used
|
|
but any other PKCS#11 library could be dynamically linked.
|
|
strongSwan's PKCS#11 API was implemented by David Buechi
|
|
and Michael Meier, both graduates of the Zurich University
|
|
of Applied Sciences in Winterthur, Switzerland.
|
|
|
|
- When a %trap eroute is triggered by an outgoing IP packet
|
|
then the native IPsec stack of the Linux 2.6 kernel [often/
|
|
always?] returns an XFRM_ACQUIRE message with an undefined
|
|
protocol family field and the connection setup fails.
|
|
As a workaround IPv4 (AF_INET) is now assumed.
|
|
|
|
- the results of the UML test scenarios are now enhanced
|
|
with block diagrams of the virtual network topology used
|
|
in a particular test.
|
|
|
|
|
|
strongswan-2.3.2
|
|
----------------
|
|
|
|
- fixed IV used to decrypt informational messages.
|
|
This bug was introduced with Mode Config functionality.
|
|
|
|
- fixed NCP Vendor ID.
|
|
|
|
- undid one of Ulrich Weber's maximum udp size patches
|
|
because it caused a segmentation fault with NAT-ed
|
|
Delete SA messages.
|
|
|
|
- added UML scenarios wildcards and attr-cert which
|
|
demonstrate the implementation of IPsec policies based
|
|
on wildcard parameters contained in Distinguished Names and
|
|
on X.509 attribute certificates, respectively.
|
|
|
|
|
|
strongswan-2.3.1
|
|
----------------
|
|
|
|
- Added basic Mode Config functionality
|
|
|
|
- Added Mathieu Lafon's patch which upgrades the status of
|
|
the NAT-Traversal implementation to RFC 3947.
|
|
|
|
- The _startklips script now also loads the xfrm4_tunnel
|
|
module.
|
|
|
|
- Added Ulrich Weber's netlink replay window size and
|
|
maximum udp size patches.
|
|
|
|
- UML testing now uses the Linux 2.6.10 UML kernel by default.
|
|
|
|
|
|
strongswan-2.3.0
|
|
----------------
|
|
|
|
- Eric Marchionni and Patrik Rayo, both recent graduates from
|
|
the Zuercher Hochschule Winterthur in Switzerland, created a
|
|
User-Mode-Linux test setup for strongSwan. For more details
|
|
please read the INSTALL and README documents in the testing
|
|
subdirectory.
|
|
|
|
- Full support of group attributes based on X.509 attribute
|
|
certificates. Attribute certificates can be generated
|
|
using the openac facility. For more details see
|
|
|
|
man ipsec_openac.
|
|
|
|
The group attributes can be used in connection definitions
|
|
in order to give IPsec access to specific user groups.
|
|
This is done with the new parameter left|rightgroups as in
|
|
|
|
rightgroups="Research, Sales"
|
|
|
|
giving access to users possessing the group attributes
|
|
Research or Sales, only.
|
|
|
|
- In Quick Mode clients with subnet mask /32 are now
|
|
coded as IP_V4_ADDRESS or IP_V6_ADDRESS. This should
|
|
fix rekeying problems with the SafeNet/SoftRemote and NCP
|
|
Secure Entry Clients.
|
|
|
|
- Changed the defaults of the ikelifetime and keylife parameters
|
|
to 3h and 1h, respectively. The maximum allowable values are
|
|
now both set to 24 h.
|
|
|
|
- Suppressed notification wars between two IPsec peers that
|
|
could e.g. be triggered by incorrect ISAKMP encryption.
|
|
|
|
- Public RSA keys can now have identical IDs if either the
|
|
issuing CA or the serial number is different. The serial
|
|
number of a certificate is now shown by the command
|
|
|
|
ipsec auto --listpubkeys
|
|
|
|
|
|
strongswan-2.2.2
|
|
----------------
|
|
|
|
- Added Tuomo Soini's sourceip feature which allows a strongSwan
|
|
roadwarrior to use a fixed Virtual IP (see README section 2.6)
|
|
and reduces the well-known four tunnel case on VPN gateways to
|
|
a single tunnel definition (see README section 2.4).
|
|
|
|
- Fixed a bug occuring with NAT-Traversal enabled when the responder
|
|
suddenly turns initiator and the initiator cannot find a matching
|
|
connection because of the floated IKE port 4500.
|
|
|
|
- Removed misleading ipsec verify command from barf.
|
|
|
|
- Running under the native IP stack, ipsec --version now shows
|
|
the Linux kernel version (courtesy to the Openswan project).
|
|
|
|
|
|
strongswan-2.2.1
|
|
----------------
|
|
|
|
- Introduced the ipsec auto --listalgs monitoring command which lists
|
|
all currently registered IKE and ESP algorithms.
|
|
|
|
- Fixed a bug in the ESP algorithm selection occuring when the strict flag
|
|
is set and the first proposed transform does not match.
|
|
|
|
- Fixed another deadlock in the use of the lock_certs_and_keys() mutex,
|
|
occuring when a smartcard is present.
|
|
|
|
- Prevented that a superseded Phase1 state can trigger a DPD_TIMEOUT event.
|
|
|
|
- Fixed the printing of the notification names (null)
|
|
|
|
- Applied another of Herbert Xu's Netlink patches.
|
|
|
|
|
|
strongswan-2.2.0
|
|
----------------
|
|
|
|
- Support of Dead Peer Detection. The connection parameter
|
|
|
|
dpdaction=clear|hold
|
|
|
|
activates DPD for the given connection.
|
|
|
|
- The default Opportunistic Encryption (OE) policy groups are not
|
|
automatically included anymore. Those wishing to activate OE can include
|
|
the policy group with the following statement in ipsec.conf:
|
|
|
|
include /etc/ipsec.d/examples/oe.conf
|
|
|
|
The default for [right|left]rsasigkey is now set to %cert.
|
|
|
|
- strongSwan now has a Vendor ID of its own which can be activated
|
|
using the compile option VENDORID
|
|
|
|
- Applied Herbert Xu's patch which sets the compression algorithm correctly.
|
|
|
|
- Applied Herbert Xu's patch fixing an ESPINUDP problem
|
|
|
|
- Applied Herbert Xu's patch setting source/destination port numbers.
|
|
|
|
- Reapplied one of Herbert Xu's NAT-Traversal patches which got
|
|
lost during the migration from SuperFreeS/WAN.
|
|
|
|
- Fixed a deadlock in the use of the lock_certs_and_keys() mutex.
|
|
|
|
- Fixed the unsharing of alg parameters when instantiating group
|
|
connection.
|
|
|
|
|
|
strongswan-2.1.5
|
|
----------------
|
|
|
|
- Thomas Walpuski made me aware of a potential DoS attack via
|
|
a PKCS#7-wrapped certificate bundle which could overwrite valid CA
|
|
certificates in Pluto's authority certificate store. This vulnerability
|
|
was fixed by establishing trust in CA candidate certificates up to a
|
|
trusted root CA prior to insertion into Pluto's chained list.
|
|
|
|
- replaced the --assign option by the -v option in the auto awk script
|
|
in order to make it run with mawk under debian/woody.
|
|
|
|
|
|
strongswan-2.1.4
|
|
----------------
|
|
|
|
- Split of the status information between ipsec auto --status (concise)
|
|
and ipsec auto --statusall (verbose). Both commands can be used with
|
|
an optional connection selector:
|
|
|
|
ipsec auto --status[all] <connection_name>
|
|
|
|
- Added the description of X.509 related features to the ipsec_auto(8)
|
|
man page.
|
|
|
|
- Hardened the ASN.1 parser in debug mode, especially the printing
|
|
of malformed distinguished names.
|
|
|
|
- The size of an RSA public key received in a certificate is now restricted to
|
|
|
|
512 bits <= modulus length <= 8192 bits.
|
|
|
|
- Fixed the debug mode enumeration.
|
|
|
|
|
|
strongswan-2.1.3
|
|
----------------
|
|
|
|
- Fixed another PKCS#7 vulnerability which could lead to an
|
|
endless loop while following the X.509 trust chain.
|
|
|
|
|
|
strongswan-2.1.2
|
|
----------------
|
|
|
|
- Fixed the PKCS#7 vulnerability discovered by Thomas Walpuski
|
|
that accepted end certificates having identical issuer and subject
|
|
distinguished names in a multi-tier X.509 trust chain.
|
|
|
|
|
|
strongswan-2.1.1
|
|
----------------
|
|
|
|
- Removed all remaining references to ipsec_netlink.h in KLIPS.
|
|
|
|
|
|
strongswan-2.1.0
|
|
----------------
|
|
|
|
- The new "ca" section allows to define the following parameters:
|
|
|
|
ca kool
|
|
cacert=koolCA.pem # cacert of kool CA
|
|
ocspuri=http://ocsp.kool.net:8001 # ocsp server
|
|
ldapserver=ldap.kool.net # default ldap server
|
|
crluri=http://www.kool.net/kool.crl # crl distribution point
|
|
crluri2="ldap:///O=Kool, C= .." # crl distribution point #2
|
|
auto=add # add, ignore
|
|
|
|
The ca definitions can be monitored via the command
|
|
|
|
ipsec auto --listcainfos
|
|
|
|
- Fixed cosmetic corruption of /proc filesystem by integrating
|
|
D. Hugh Redelmeier's freeswan-2.06 kernel fixes.
|
|
|
|
|
|
strongswan-2.0.2
|
|
----------------
|
|
|
|
- Added support for the 818043 NAT-Traversal update of Microsoft's
|
|
Windows 2000/XP IPsec client which sends an ID_FQDN during Quick Mode.
|
|
|
|
- A symbolic link to libcrypto is now added in the kernel sources
|
|
during kernel compilation
|
|
|
|
- Fixed a couple of 64 bit issues (mostly casts to int).
|
|
Thanks to Ken Bantoft who checked my sources on a 64 bit platform.
|
|
|
|
- Replaced s[n]printf() statements in the kernel by ipsec_snprintf().
|
|
Credits go to D. Hugh Redelmeier, Michael Richardson, and Sam Sgro
|
|
of the FreeS/WAN team who solved this problem with the 2.4.25 kernel.
|
|
|
|
|
|
strongswan-2.0.1
|
|
----------------
|
|
|
|
- an empty ASN.1 SEQUENCE OF or SET OF object (e.g. a subjectAltName
|
|
certificate extension which contains no generalName item) can cause
|
|
a pluto crash. This bug has been fixed. Additionally the ASN.1 parser has
|
|
been hardened to make it more robust against malformed ASN.1 objects.
|
|
|
|
- applied Herbert Xu's NAT-T patches which fixes NAT-T under the native
|
|
Linux 2.6 IPsec stack.
|
|
|
|
|
|
strongswan-2.0.0
|
|
----------------
|
|
|
|
- based on freeswan-2.04, x509-1.5.3, nat-0.6c, alg-0.8.1rc12
|