From team at libreswan.org Sun Jan 15 21:42:10 2017 From: team at libreswan.org (The Libreswan Project) Date: Sun, 15 Jan 2017 16:42:10 -0500 (EST) Subject: [Swan-announce] Libreswan 3.19 released Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 The Libreswan Project has released libreswan-3.19 This is a major bugfix and feature release. Important bugfixes: This version fixes a crasher and/or lockup in the bare shunt handling. It also includes various memory leak fixes related to certificate handling and some DPD fixes. Compatiblity changes: Support for the obsolete keyword auth= has been removed. Configurations should use the phase2= keyword instead. The forceencaps functionality was extended and renamed into the option encapsulation=auto|yes|no that allows forcing "no encapsulation" desired in some cloud deployments. Support for DH22 is no longer compiled in per default. Support for DH2 has been removed from the default proposal set of IKEv1. New features introduced: Support for asymmetric authentication using leftauth= and rightauth= has been introduced. This feature allows for using LetsEncrypt for Opportunistic IPsec. See the libreswan website for defaults. A new keyword leftvti=/rightvti was added to allow specifying the desired IP address of the VTI interface that is created with the connection. OCSP cache tuning options have been introduced: ocsp-method= ocsp-cache-size= ocsp-cache-min-age= and ocsp-cache-max-age=. Experimental support for SECCOMP security is introduced with the seccomp= keyword. Various crypto code was reworked to better support FIPS requirements. You can download libreswan via https at: https: //download.libreswan.org/libreswan-3.19.tar.gz https: //download.libreswan.org/libreswan-3.19.tar.gz.asc The full changelog is available at: https: //download.libreswan.org/CHANGES Please report bugs either via one of the mailinglists or at our bug tracker: https: //lists.libreswan.org/ https: //bugs.libreswan.org/ Binary packages for RHEL/EPEL and Debian/Ubuntu can be found at https: //download.libreswan.org/binaries/ Binary packages for Fedora and Debian should be available in their respective repositories a few days after this release. See also https://libreswan.org/ v3.19 (January 15, 2017) * NSS: Support for configurable nss dir via @IPSEC_NSSDIR@ [dkg/Tuomo] * FIPS: Only pluto needs a .hmac file, reducing crypto boundary [Paul] * FIPS: do not allow DBG_PRIVATE to be set when running in FIPS mode [Paul] * FIPS: Ignore failureshunt=passthrough and negotiationshunt=passthrough [Paul] * FIPS: Filter default proposals of non-FIPS allowed proposals [Andrew] * FIPS: Added CAVP test for pluto GCM code [Andrew] * FIPS: More cleanup of crypto related structs and functions [Andrew] * FIPS: Implement SHA based PRFs directly in NSS [Andrew] * FIPS: Support for CAVP testing 'HMAC construct' based SHA PRF code [Andrew] * IKEv2: Don't crash on bogus mixed protocol Delete Payloads [Hugh/Paul] * IKEv2: Add asymmetric AUTH support (leftauth= and rightauth=) [Antony/Paul] * IKEv2: refactored AUTH handling payload into v2_check_auth() [Paul] * IKEv2: support CERT chain sending [Paul] * IKEv2: Allow CERT and CERTREQ payloads multiple times [Paul] * IKEv2: do not attempt to send notify in reply to IKE_AUTH reply [Paul] * IKEv2: When receiving DELETE, ensure expire+restart when needed [Antony] * IKEv1: If a queued up DPD probe finds no IKE SA, create a new one [Paul] * IKEv1: accept_delete() check if IKE SA is shared before deleting [Paul] * IKEv1: Remove ADNS, DNS continuations and IKEv1 OE code [Paul/Antony] * IKEv1: Schedule IPsec SA REPLACE immediately when receiving DELETE [Antny] * IKEv1: Some IKE SA failure on initiator could lead to hanging whack [Paul] * KLIPS: fix for unregister_netdevice() for Linux 3.6.11 and up [Richard/Paul] * XFRM: EXPERIMENTAL Support for configuring IP address on the VTI device [Paul] keyword: leftvti=address/mask * XFRM: Fix NAT-T support when userland compiled without KLIPS support [Paul] * X509: Obsolete /etc/ipsec.d/crls (load_crls()) and whack --rereadcrls [Paul] * X509: New whack --fetchcrls (alias ipsec crls) to trigger a fetch [Paul] * X509: Iterate all X.509 certs and try to fetch their crls [Kim] * X509: Start a fetch for CRLs 5 seconds after startup [Kim] * X509: --rereadcrls no longer overwrites newer CRLs with older ones [Paul] * X509: log the NSS error when CERT_ImportCerts() fails [Paul] * X509: Don't attempt to fetch crl->uri when not present [Paul/Matt] * X509: Additional OCSP options to tweak the cache and fetch method [Paul] (new keywords: ocsp-method ocsp-cache-size ocsp-cache-min-age ocsp-cache-max-age) * X509: Fix memory leak in certificate handling (lsbz#278) [William Rios] * X509: Fix memory leak in certificate chain handling [Matt] * pluto: close whack socket in add_pending when dup pending is skipped [Hugh] * pluto: Avoid adding duplicate bare shunts causing lockup [Paul] * pluto: drop modp1024 (DH2) from IKEv1 "ike=" default list [Andrew] * pluto: send_packet() now refuses to send a packet to 0.0.0.0 [Paul] * pluto: find_hostpair ignore CK_INSTANCES which are ID_NULL [Antony] * pluto: Fix ca name and generalName leak lsbz#276 [Bill Rios] * pluto: EXPERIMENTAL SECCOMP support (seccomp=enabled|tolerant|disabled) [Paul] * pluto: connection instances need their own reqid [Antony] (this resolves multiple clients behind same NAT router issue) * pluto: Use a global reqid counter instead of looping every time [Paul] * pluto: use sets instead of nested loops for transform processing [Andrew] * pluto: Prefer not switching connections when possible [Paul/Hugh] * pluto: Move unique mark from rw_instantiate() to instantiate() for OE [Paul] * pluto: log more information when a bare shunt is missing [Hugh] * pluto: redo process_encrypted_informational_ikev2 [Hugh] * pluto: Add new config option encapsulation=auto|yes|no [Paul/Patrick Kerpan] replacing forceencaps=yes|no * pluto: No longer log bogus reapchildren warning [Paul] * libipsecconf: libipsecconf: remove last remnants of manual keying [Paul] * libipsecconf: remove auth= alias for phase2= [Paul] * _updown.netkey: Move addcat call from route-host to up-client [Paul] * ipsec: initnss|import use --nssdir for nssdb directory option [Tuomo] * newhostkey: use --nssdir for nssdb directory option [Tuomo] * showhostkey: use --nssdir for nssdb directory option [Tuomo] * barf: minor improvements with systemd/journalctl [Paul] * verify: fix "with FIPS" output to print OK [Paul] * _stackmanager: add cmac and chacha20poly1305 to modprobe list [Paul] * building: libreswan assumes -std=gnu99 when building [Andrew] * building: USE_EXTRACRYPTO replaced by USE_SERPENT and USE_TWOFISH [Paul] * building: Disable DH22 by default. To re-enable use USE_DH22=true [Paul] * building: work around flex 2.5.4 (CentOS 5); use: -o/output/file [Andrew] * sysvinit: remove unnecessary warnings about already stopped pluto [Tuomo] * initsystems: Enable "systemctl help ipsec" [dkg] * testing: various web output fixes (see testing.libreswan.org) [Andrew] * testing: various test updates / additions [Paul/Antony] * documentation: fixup changes in GPL 2.0 / LGPL like FSF address [dkg] * Bugtracker bugs fixed: #270 newhostkey: text output produces 1 character bug in pubkey [Andew] #272 Option --leak-detective causes assertion failure [Bill / Paul] #277 pluto: fix pluto events leak in timer_event_cb [Bill Rios] #152: ipsec whack --initiate for xauth does not release whack [Paul/Hugh] -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJYe+wlAAoJEIX/S0OzD8b5LloP/1G7MgQ95KeCQhGRoS2f51Xa Ki+sFUhBWWrtEYIEDkmisR/MLs98e1inTNuOfwK7aM+8zZ6YDEwMUMgADwAGluTB b6mddyCKvbonjy+JJKW0xhggwL7zzOUnvvXxnWXMJodfnY5hY2AumE3QCV6eKgGV lL/6nDrMQNFuZpyLPbasEPpGgLFtQWRipjaeUZCbk+AcWY2jNlD+ZYqaEcSKsoFh WDHpKWXFaN9U/zWoWKX//yW9va+b4kTdiUX5uL+C7aoQcrE45axla13AKfc0FxjM +f12VvXtF/MPsytey+46IZwEBpQ9mUu5YhF7dBNQDjRf1lunW1kevZt7C1txkLtw ZlfMqLxZmaaVwizKS6PR5Fu4lwXL/tsP4comHEhreLvnbt5nLuvIiBLIe+5I64Jq fjCeMOx7n/d5kj7TIJ0oJh332XYSOiKvn/hKAc3ZS6YVr6QP32xs7fOiPPMjw/kM yWclpx18StAsWB3HxEgcPIsqGjj8Fe+O64uPNxNdiZZm0/7rGjD8nQwohqWX+KUR deH1mHCLpXmnjJVGwKUioT2/LSI25nTcEmKPue+Dk45+qtw1X7IhcMmAb9wtuGRR 9VpbhWTSI5AZa6FMpY/i9oGbf5JOoiICgH9d73uil2JVIYqL7mPFh92q190PyRNG iDFEHuiWj6t4vlA/LnZ0 =Jf9j -----END PGP SIGNATURE----- From team at libreswan.org Thu Mar 23 01:43:52 2017 From: team at libreswan.org (The Libreswan Project) Date: Wed, 22 Mar 2017 21:43:52 -0400 (EDT) Subject: [Swan-announce] Libreswan 3.20 released Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 The Libreswan Project has released libreswan-3.20 This is a bugfix and feature release. New Features: This releases completes support for the CREATE_CHILD_SA Exchange, support for the ECP DiffieHellman Groups (19-21), statistics support via ipsec whack --globalstatus and changed the IKE and ESP defaults to match rfc4307bis and rfc7321bis. Important bugfixes: A number of memory leaks were fixed, two use-after-free bugs, improved linking reducing binary sizes, and some misc bugfixes. Compatiblity changes: The uniqueids= keywords is ignored for PSK based connections, allowing uniqueids=yes and mixing RSA/PSK connections. Some minor logging changes. You can download libreswan via https at: https: //download.libreswan.org/libreswan-3.20.tar.gz https: //download.libreswan.org/libreswan-3.20.tar.gz.asc The full changelog is available at: https: //download.libreswan.org/CHANGES Please report bugs either via one of the mailinglists or at our bug tracker: https: //lists.libreswan.org/ https: //bugs.libreswan.org/ Binary packages for RHEL/EPEL and Debian/Ubuntu can be found at https: //download.libreswan.org/binaries/ Binary packages for Fedora and Debian should be available in their respective repositories a few days after this release. See also https://libreswan.org/ v3.20 (March 14, 2017) * pluto: Add ECP dh19(secp256r1), dh20(secp384r1) and dh21(secp521r1) [Andrew] * pluto: Add dh= aliases for all modp= groups (eg "dh2" for "modp1024") [Paul] * pluto: Add statistics support to ipsec whack --globalstatus [Paul] * pluto: Add statistics clearing support using ipsec whack --clearstats [Paul] * pluto: Fix use-after-free in whack event handler (since v3.19) [Andrew] * pluto: Cleanup kernel_netlink.c [Hugh] * pluto: Print AH= algorithm and ESN when established [Paul/Andrew] * pluto: strip file path from abort messages [Andrew] * pluto: Support initiating template conn with --remote-host [Paul] * pluto/libswan: Change most ttoaddr() to ttoaddr_num() to prevent DNS [Paul] * pluto: fix use-after-free with EVENT_v2_RELEASE_WHACK [Andrew] * pluto: orient() asserted on SPLIT_INC without remote-peer-type=cisco [Paul] (reported by Oleg Rosowiecki) * pluto: accurately size a buffer for the decimal representation [Hugh] (debian bug 853507) * pluto: avoid gcc unused variable warnings when USE_KLIPS=false [dkg] * pluto: Support for Linux systems without IFA_F_TENTATIVE (CentOS5) [Paul] * pluto: Ignore uniqueids= for roadwarrior PSK and assume non-unique [Paul] * IKEv2: CREATE_CHILD support for Parent SA and Child SA rekeying [Antony] * IKEv2: Various refactoring for CREATE_CHILD support [Antony] * IKEV2: OE/CAT: Don't send CP request when responder is behind NAT [Antony] * IKEv2: log first notify payload when we receive an Notify Error [Paul] * IKEv2: Fix memory leak in DH secret calculation (since v3.9) [Andrew] (reported by Eric Andresson) * IKEv2: If re-entering ikev2_crypto_start(), reset msgid [Paul] * IKEv2: prevent copying bogus peer id when ID kind is IPv4/IPv6 [Paul] (rhbz#1392191) * IKEv2: suppress DELETE notifies for connections being replaced [Paul] * IKEv2: re-instate ISAKMP_SA_established() [Paul] * IKEv1: For IKE (phase 1), prefer 256-bit bit encryption [Andrew] * IKEv1: Print conn algo's when using XAUTH [Andrew] * IKEv1: Simplify ike= defaults (drop MODP1024, MD5, add MODP2048) [Andrew] * IKEv1: Prefer 256-bit keys over 128-bit keys for IKE [Andrew] * IKEv1: Also call ISAKMP_SA_established() in Aggressive Mode [Paul] * newhostkey: Convert remaining --configdir for --nssdir [Tuomo] * barf: Ensure proper macros are used. Add certutil/crlutil output [Paul] * misc: Fix various spelling errors in code/comments/man pages [dkg] * packaging: spec files should use 0 and 1, not true and false [David Arnold] * building: NSS_REQ_AVA_COPY?=true to support new NSS lib export fix [Paul] * building: Remove no longer needed NSSCERT_CheckCrlTimes() copy [Paul] * building: fetch: remove support for ancient LDAP version 2 [Tuomo] * building: move whack to separate programs/whack/ directory [Andrew] * building: Various Makefile variable cleanups and double link fixes [Andrew] * building: Don't check runtime for SElinux/systemd with DESTDIR [Paul] * documentation: added oe-letsencrypt-* example configs [Paul] -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBCgAGBQJY0yfEAAoJEIX/S0OzD8b50ycP/0pP4UGlf3c7rwWmydgI88jF 9lNYxZvL7Gy+g69LY7TeqJ/XVVZ/kvX4e0a/AuZeZ+2YWPstjwa13xhTcdDQRiGa 6VXWj3fW88alHHxY15MNPdgDFUC2UmvBiy5TGRg+dICRdHtK/ydsKs5kRR7rB/G+ WA3h9VAOMUyZbkwaR79cTfCfAyy9GFDMeFpd0IFE+wfJ//l3n5QlEuBKB0OyLP4P 0LHD3VZprxvpkfIzKR2adkQuITRBze6sXAJrbC+glz8FRvkNYUL+g3WR1gYX9Y/A zT6n+S9LT+sZRhIOSYa2uBKOI+pq09UGPG4xZLwfa7qh3CBePZPkPVuzRl7UODwR m7rn8rdfuKrIPh7rrwFaWeWnnTNkZbB1QKLyHk95WWDj+blQCR3lECTtZLdFf/eI HQGtAo1p57JAyB7vN7soj8RZtjrdq5vn5dJ3E1sMwYI9umc2/YRX+2bL6e9FaYV+ zIjopM1q0AhqM0Wipgx/xLfFq+ICNN3YPuqReyXdPzZiSaLXtdCSt3YSrH9dO0cg v9dQ/3NlK33KljWw8gFWvR9yU85FuUHxu92cREN407h3OsWtr/qlQGvh4ZFc/Xxl bnv7LRfzxec3oAWkRjGEUqZPS2slCJ9NqKopVj+dp5HN7Alh8E5cRopTpTeqmoUQ EULyZggo6LL4tCuEAZo3 =P0o7 -----END PGP SIGNATURE----- From team at libreswan.org Sun Apr 23 00:17:10 2017 From: team at libreswan.org (The Libreswan Project) Date: Sat, 22 Apr 2017 20:17:10 -0400 (EDT) Subject: [Swan-announce] NSS vulnerability likely affecting libreswan Message-ID: Please upgrade nss to one of the recommend versions: https://rhn.redhat.com/errata/RHSA-2017-1100.html An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library. (CVE-2017-5461) From team at libreswan.org Thu Aug 10 01:34:17 2017 From: team at libreswan.org (The Libreswan Project) Date: Wed, 9 Aug 2017 21:34:17 -0400 (EDT) Subject: [Swan-announce] Libreswan 3.21 released Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 The Libreswan Project has released libreswan-3.21 This is a bugfix and feature release. New Features: This release features Opportunistic IPsec using DNSSEC lookups of IPSECKEY records. It also adds support for the DNSSEC root key rollover that is currently happening with support for loading new DNSSEC trust anchors from disk. If using DNSSECi with libreswan, please upgrade to this version before October 10, 2017. Support for hardware offloading for certain NIC cards (such as Mellanox) was added. PFS support was added to the CREATE_CHILD_SA Exchange. Important bugfixes: The ID handling code is now more strict when using certificates. Any ID configured via leftid= or rightid= MUST either be the certificate DN or be a SubjectAltName (SAN) on the certificate. A race condition in the threading code was fixed that could cause pluto to crash on loaded systems that use IKEv1 XAUTH or IKEv2 PAM authentication. A crasher in FIPS mode when input to hashing algorithms was too weak was fixed. Compatiblity changes: The above mentioned stricter ID handling can cause existing connections to fail if a SubjectAltName is missing from a certificate whose ID is specified specified in the connection. You can download libreswan via https at: https: //download.libreswan.org/libreswan-3.21.tar.gz https: //download.libreswan.org/libreswan-3.21.tar.gz.asc The full changelog is available at: https: //download.libreswan.org/CHANGES Please report bugs either via one of the mailinglists or at our bug tracker: https: //lists.libreswan.org/ https: //bugs.libreswan.org/ Binary packages for RHEL/EPEL and Debian/Ubuntu can be found at https: //download.libreswan.org/binaries/ Binary packages for Fedora and Debian should be available in their respective repositories a few days after this release. See also https://libreswan.org/ v3.21 (August 9, 2017) * FIPS: Don't crash on too weak PSK's in FIPS mode, warn for non-FIPS [Andrew] * FIPS: rsasigkey: Use modulus F4, not 3 (FIPS 186-4, section B.3.1) [Paul] * pluto: Support for "idXXX" esp/ike transform IDs removed [Andrew,Paul] * pluto: Do not return whack error when termining an alias connection [Paul] * pluto: Remove IKE policy bits on passthrough conns [Paul] * pluto: Minor memory leak fixes [Paul] * pluto: Fix memory leak due to addresspool reference count error [Antony] * pluto: Re-add support for ipsec whack --listevents [Antony] * pluto: Cleanup listed events on shutdown to please leak-detective [Antony] * pluto: Perform stricter SubjectAltName checks on configured ID's [Paul] * pluto: Handle *subnets in --route and --unroute via whack [Mika/Tuomo] * pluto: Unify IKEv1 XAUTH and IKEv2 PAM threading code [Andrew] * pluto: Use pthread_cancel() (not SIGINT, conflicts with debuggers) [Andrew] * pluto: Fix memory corruption with XAUTH/PAM threads [Andrew/Hugh] * pluto: Fix resource leak processing XAUTH password authentication [Andrew] * pluto: Fix warnings generated by gcc 7.1 [Lubomir Rintel] * pluto: NIC offload support nic-offload=auto|yes|no (eg mellanox) [Ilan Tayari] * pluto: Use common function in ikev1 / ikev2 for dpd/liveness actions [Antony] * NSS: Try harder finding private keys that reside on hardware tokens [Andrew] * IKEv2: Opportunistic IPsec support for IPSECKEY records [Antony] * IKEv2: New dnssec-enable=yes|no, dnssec-rootkey-file=, dnssec-anchors= [Paul] * IKEv2: If CREATE_CHILD_SA superseded retransmit, drop it [Antony] * IKEv2: Add PFS support for CREATE_CHILD_SA (RFC7296 1.3.1) [Antony] * IKEv2: Add PFS support for CREATE_CHILD_SA (RFC7296 1.3.2 responder) [Antony] * IKEv2: Add PFS support for CREATE_CHILD_SA (RFC7296 1.3.3 responder) [Antony] * IKEv2: Flush ESP/AH proposals on the initiator. It could be stale [Antony] * IKEv2: State Machine (svm) updates to simplify CREATE_CHILD_SA [Antony] * IKEv2: DH role is based on message role not Original Initiator role [Antony] * IKEv2: Return CHILD_SA_NOT_FOUND when appropriate [Antony] * IKEv2: After an IKE rekey, rehash inherited Child SA to new parent [Antony] * IKEv2: Rekeying must update SPIs when inheriting a Child SA [Antony] * IKEv2: Decrypt and verify the paylods before calling processor [Andrew] * IKEv2: Fragmentation code cleanup [Andrew] * IKEv2: Drop CREATE_CHILD_SA message when no IKE state found [Antony] * IKEv2: Do not send a new delete request for the same Child SA [Antony] * IKEv2: During Child SA rekey, abort when ESP proposals mismatch [Antony] * IKEv2: OE client check should take responders behind NAT into account [Paul] * IKEv2: Improved dpdaction=hold processing [Antony] * IKEv1: Only initiate and create IKE SA for appropriate dpdaction [Antony] * IKEv1: Re-add SHA2_256 (prefered) and SHA2_512 to IKEv1 defaults [Andrew] * IKEv1: Aggressive Mode fixes for sending CERT / CERTREQ payloads [Paul] * IKEv1: Multiple CISCO_SPLIT_INC's cause duplicate spd_routes [Oleg Rosowiecki] * X509: Improve some failure logging [Paul] * XFRM: Use proper alignment for IPv4 AH as per RFC4302 Section 3.3.3.2.1 [Paul] * XFRM: Update including system or local copy of xfrm.h [Paul/Antony] * XFRM: Remove no longer needed {rt}netlink.h copies [Paul] * KLIPS: cryptoapi: switch from hash to ahash [Richard] * KLIPS: Add traffic accounting support [Richard/Paul] * KLIPS: Support for linux 4.11 [Paul] * lib: Move the alg_info lookup-by-name code to libswan [Andrew] * lib: Move all conditionally compiled ike_alg*.c files to libswan.a [Andrew] * addconn: Replace ttoaddr() with calls supporting DNSSEC [Paul/Antony] * libswan: Algo code cleanup [Andrew] * libipsecconf: Load specified RSA keys irrespective of policy [Paul] * libipsecconf/pluto: Be more strict in authby= & type= combinations [Paul] * libipsecconf: Fail to load connections with unsatisfied auto= clause [Hugh] * parser: Numerous algorithm parser fixes, eg. esp=aes_ccm_8_128-null [Andrew] * algparse: (Experimental) modified to run algorithm parser stand-alone [Andrew] * newhostkey: Actually append to secrets as the warning claims it will [Paul] * _updown.netkey: Fix syntax failure when PLUTO_MY_SOURCEIP is not set [Tuomo] * _updown.netkey,klips: Fix use of printf when updating resolv.conf [Tuomo] * _updown.netkey: Remove wrong use of PLUTO_PEER_CLIENT netmask [Tuomo] * _updown: Add MAX_CIDR variable for host netmask [Tuomo] * ipsec import: Trust bits correction did not always trigger [Tuomo] * building: Convert lib/ to use mk/library.mk [Andrew] * building: Work around rhel-6 gcc [Andrew] * building: Add copy unbound-event.h work around broken unbound installs [Paul] * packaging: Better split rpm and make variables [Paul] * packaging: Updates for new requirements for ldns, unbound-devel [Paul] * testing: Add DNSSEC, Opportunistic IPsec testcases, fixups [Multiple people] * contrib: Munin plugin for libreswan [Kim/Paul] -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJZi7foAAoJEIX/S0OzD8b5dzQP/jLS3XCt1LYZ4O74zbeli97X XoBLpooCNDxLHdgtxCfd7qY1v4aBCmXOyNheuWbloWUPVUKlUlpXdZrulM2Ny2TO IkaIjXKM5EdMJdCds6k8LzFaMGMYNAu4v56QFfnfKqOy2UKjNu5uhHan4A0n9jgK ORkNaoiLjqmhRXdCHfTGPxs4U5JbpBsezjq49tU3m4tyLAixr4YbJB5/kLc+/BOI gpkZ7cuH5PbC3Rv/ywpkhckSiUcZEC7A4//rXahM4QzzWXsi7RhO6mOG2oU+s6lU NSKoDqj2Km+NMoQuXlbEfPLPESvUU8buWQhLlItekvhMP1oWftl1/vzoQRtYp6ZS MTcgS6vmkCr08ZDejDdfdR2Cfb8D+/MBy2f0fk7lvkii3NXmoIm2TQhwHjXxlPob 1QqVyv/HVw6HkDCG3K9RHJcqSOvbcXNafv0XyHSkwMlnD/60wnMog9OuzGhPKtVL 26oFj4VeBO0LkiuDcYIf3LAblmsRnaxtNFBdat/L2dlBR9eKYXLKYG9LGai0iH+t 76TLvuH68f5PZHaxcjYOO5FN6CNFOmHYsyAVsU7smNpRWWJJiw8sSiJju5Sz/Hic JNSbw9zFUcIcxNPNVrISlhvTVd4zpld/RaPytHBP/+tFI5gxFBEdSxooqPURVyHw nDCCqZyGAnX1jLZNqpHY =/JN4 -----END PGP SIGNATURE----- From team at libreswan.org Sun Oct 29 06:12:13 2017 From: team at libreswan.org (The Libreswan Project) Date: Sun, 29 Oct 2017 02:12:13 -0400 (EDT) Subject: [Swan-announce] Libreswan 3.22 released Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 The Libreswan Project has released libreswan-3.22 This is a performance enhancement and feature release. Performance improvements: After investigating performance under high load, we found a number of issues that slowed down performance. This resulted in some state machine code updates related to IKE retransmits, logging improvements, less phtread locking, and hash table improvements. These performance fixes resulted in libreswan handling 4x more connections then previous versions. New Features: This release features Opportunistic IPsec support using the unbound DNS ipsecmod module. This allows the DNS server to perform IPSECKEY lookups while it performs A/AAAA lookups and trigger Opportunistic IPsec before the DNS client receives an answer from the DNS server. Socket handling was updated to handle EAGAIN errors better and options for the socket buffer sizes and whether or not to process the socket error queue were added (see 'man ipsec.conf' and 'man pluto'). A client vanishing on a busy server could also cause an unrelated DH calculation to be aborted. Initial support for RFC 7427 Digital Signature has been added, and in the next few releases we expect to increase the number of supported algorithms and signature formats. Support for GMAC via esp=null_auth_aes_gcm was added for 3GPP. IKE UDP holes for IPv6 no longer need a separate v6neighbor-hole.conf and pluto now handles these internally. Important bugfxies: A number of memory leaks were found and fixed, most notable in the IKEv2 fragmentation code. The XAUTH retransmit logic was fixed, and XAUTH without ModeCFG was fixed. The previous version mistakenly rejected preloaded certificates that were not authenticated using a CA certificate. You can download libreswan via https at: https: //download.libreswan.org/libreswan-3.22.tar.gz https: //download.libreswan.org/libreswan-3.22.tar.gz.asc The full changelog is available at: https: //download.libreswan.org/CHANGES Please report bugs either via one of the mailinglists or at our bug tracker: https: //lists.libreswan.org/ https: //bugs.libreswan.org/ Binary packages for RHEL/EPEL and Debian/Ubuntu can be found at https: //download.libreswan.org/binaries/ Binary packages for Fedora and Debian should be available in their respective repositories a few days after this release. See also https://libreswan.org/ v3.22 (October 22, 2017) * IKEv2: EXPERIMENTAL: unbound DNS server ipsecmod support [Opportunistic IPsec] * IKEv2: Initial support for RFC 7427 Digital Signature [Sahana Prasad/GSoC] * IKEv2: Do not include INTEG=NONE in AEAD IKE proposals [Andrew] * IKEv2: Accept both ESP=AEAD+NONE and ESP=AEAD in proposals [Andrew] (See also: https://www.rfc-editor.org/errata/eid5109) * IKEV2: Fix interop with old pluto that rejected esp=aead+none [Andrew] * IKEv2: Add support for GMAC via esp=null_auth_aes_gcm [Andrew] * IKEv2: Fragmentation code cleanup and memory leak fixes [Andrew] * IKEv1: Fix XAUTH retransmits and packet storage [Antony] * IKEv1: Perform custom state change for XAUTH without ModeCFG [Paul] * IKEv1: Add support for nat-ikev1-method=none [Paul] * IKEv1: XAUTH password length wasn't consistent at 128 [Stepan Broz] * pluto: Natively install ICMPv6 neighbour discovery holes [Mayank Totale/GSoC] * pluto: Fixup XAUTH/PAM thread cancelation handling [Andrew/Antony] * pluto: Change default rundir from /var/run/pluto to /run/pluto [Paul] * pluto: Various ike_alg parsing updates [Andrew] * pluto: Various cleanups in addresspool and XAUTH code [Hugh] * pluto: Fix missing ntohl() on the SPI numbers in ipsec status [Paul] * pluto: Various memory leak fixes [Antony,Paul,Hugh] * pluto: Make ioctl(SIOCGIFFLAGS) failure for labeled devices non-fatal [Paul] * pluto: Give IKE traffic preference via SO_PRIO [Paul] * pluto: New setup options: ike-socket-errqueue= , ike-socket-bufsiza=e [Paul] * pluto: Improve whack --listevents with libevent [Antony] * pluto: Fixup NIC offload support [Antony, Hugh] * pluto: Track and try the number of EAGAIN errors on IKE socket [Hugh/Paul] * pluto: Prevent spurious initiating states on responder-only conn [Antony] * pluto: don't call sanitize_string() in fmt_log() as it is expensive [Paul] * pluto: No longer need to specify null for AEAD, can use esp=aes_gcm [Andrew] * pluto: Increase default nhelpers for 1 CPU (2) and 2 CPUs (4) [Paul] * pluto: New option logip= (default yes) to disable log of incoming IPs [Paul] * pluto: signal handling cleanup [Andrew/Hugh] * pluto: Don't try to retransmit unsent packet [Paul/Hugh] * pluto: state hashing improvements [Andrew] * pluto: Fix erranious connecting switching (bug in v3.21) [Paul] * pluto: when deleting parent, don't deschedule DH for wrong child [Andrew] * pluto: dpdaction=restart fixup when using %any [Antony] * pluto: Don't die on labeled interfaces without SIOCGIFFLAGS support [Paul] * addconn: left=%defaultroute would fail if >500 host routes [Kim] * showhotkey/rsasigkey: Fixup mismatch of public key display [Andrew] * FIPS: Some selftests did not run properly under FIPS mode [Andrew] * KLIPS: Removed old premade patches, use make targets instead [paul] * updown Don't remove source ip if it's still used (rhbz#1492501) [Tuomo] * updown: Allow disabling via leftupdown="" or leftupdown="%disabled" [Paul] * updown: SPI numbers were missing ntohl() conversion [Paul] * various: phase out --ctlbase for --ctlsocket and --rundir [Paul] * libipsecconf: reject unavailable kernel algorithms in parser [Andrew] * libswan/pluto: throw a clearer error for broken libunbound [Paul] * libswan/pluto: Cleanup logging and tighten logging lock [Andrew] * libswan/pluto: Greatly optimize logging code [Andrew] * libswan/pluto: Some logging algorithm renames for more consistency [Andrew] * building: remove -fexceptions; breaks pthread_cleanup_push [Andrew] * packaging: Update debian/ and move to packaging/debian [Antony] * packaging: Update fedora/rhel spec files [Tuomo] * testing: --impair-foo changed to --impair foo [Andrew] * testing: Some new impair options for testing [Andrew,Sahana,Paul] * testing: Allow null encryption with null auth for testing [Andrew] * Bugtracker bugs fixed: #294: Bug in public key reported by rsasigkey [Tijs Van Buggenhout/Andrew] #299: Fix overlapping addresspool and static lease from passwd file [Antony] #300: Fix bug in v3.21 that rejected hardcodes certs without a CA [Paul] #302: IKEv1-only and IKEv2-only must not share IKE SA [Paul] #303: xauth password length limited to 64 bytes [Stepan Broz] -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJZ9XCKAAoJEIX/S0OzD8b5zosP/2tL4bPkd9+tkFiiz97qTi8S tm0oCN1xW32RvYinJvsb6XwOyB4RCgY1YvIEVBEMleZLapX9i8jzuKgJA2GWVxoJ 6ZQt9UGu+lZbff/sidbKv9jiFAn9cgHEKF3kIZPkm8t1j7eclpVyDc13NlnFR3/s AaN7NfNR9Zuk6Q7PtB0pADZD6LhPUKanMhx6BfUFWNQqwt4gWWzwJbCQ8tZS347e 6EiOSlAT6B6cUsFlV0xPOT+0EMmmjxh7aJVirPX2npgyiyj3YJuKNr7v2mkoIGAM 5GnO7Q6lgDlKo9qCWYVFwQEA3X1t8xEkoO2BSvcq/hNDD/2VOitf+PONioWQ/iZR sPEWkYGFnF41Rt4g+OFo1Mjwng8fcL+8YhEqtY8Bg/E+0OJKd+WuqpRlh8ZXW+Qo rBn3n+QSRqNGxqhCK6pw2Q0k/upp11UqEv6jvYDhwdmvtaXdqgW903DjHyD5K2Ln hQgD3j7g2tvbg/wG7mZYLckhXw//8xXkH6x+DS83lxJrtNtnCa0X2OvP97GTws7t K8dVEnxUl8aWr/TKNOSrdxoqAf/DS32YpAcAux9Uy+kklvt4fw+N/McEIh19FKDb ad1ALvFPDhDuZZV/tLASyedC2ldrLm5VUZJgpS58WfYM11aqSGSy8iFpVQ21bhMz W9DstRQGt4jYEijwMQTu =kn+T -----END PGP SIGNATURE-----