[Swan-announce] libreswan-3.30 released

Libreswan Team team at libreswan.org
Fri Feb 14 04:00:42 UTC 2020

Hash: SHA512

The Libreswan Project has released libreswan-3.30

This is a major bugfix and feature release.

This release includes support for XFRMi virtual ipsec devices. This is
also the last release to support KLIPS based virtual ipsec devices.
Those using KLIPS should use this release to migrate to XFRMi.

Other new features include IPv6 roadwarrior/addresspool support, a
significant performance increase on processing X.509 certificates for
large scale systems and the Opportunistic IPsec (mesh or any-to-any)
support has been significantly improved to properly handle the cases of
nodes crashing or briefly not supporting Opportunistic IPsec.

This release follows the recommendation of RFC 8247 to no longer
support SHA1 for RFC 7427 style Digitial Signature support. This
can lead to interop issues with certain strongSwan configurations
that mistakenly negotiate SHA1 despite libreswan not sending
suppor for this using the Hash Algorithm Notify payload.

libreswan now also makes use of the new IKE PDF code inside the
NSS crypto library. As a result, libreswan itself currently no
longer needs a separate FIPS validation - validation of the NSS
library is enough.

For a full changelog, see below changelog for details.

You can download libreswan via https at:


The full changelog is available at: https://download.libreswan.org/CHANGES

Please report bugs either via one of the mailinglists or at our bug


Binary packages for RHEL/CentOS can be found at:

Binary packages for Fedora and Debian should be available in their
respective repositories a few days after this release.

See also https://libreswan.org/

v3.30 (February 13 2020)
* WARNING: This is the last release that supports the KLIPS stack,
            use the new ipsec-interface= virtual interfaces instead.
* XFRM: Fix detection on kernels without xfrm_stat (debian et all) [Paul]
* XFRM: XFRMi interface support using ipsec-interface= and iface-ip= [Antony]
* IKEv2: Message ID handling: remove a O(#STATES) lookup [Andrew]
* IKEv2: OE previous half-open state overwrites IPsec policy [Paul/Stepan]
* IKEv2: On initiator, do not retransmit on IKE_AUTH processing failure [Paul]
* IKEv2: Prevent leak in ikev2_send_certreq() on sending error [Paul]
* IKEv2: Remove SHA1 from default proposal list [Paul]
* IKEv2: On PPK failure with insist, return AUTHENTICATION_FAILED [Vukasin]
* IKEv2: Do not try to delete (replaced) bare shunts [Paul]
* IKEv2: Delete pending outgoing bare shunts if incoming IPsec happened [Paul]
* IKEv2: Allow CP payload in CREATE_CHILD_SA (RFC 7296 Appendix C.4) [Paul]
* IKEv2: calculate_sa_prio() now allows OE shunt to override priority [Paul]
* IKEv2: calculate_sa_prio() support for /32 template vs instance [Hugh/Paul]
* IKEv2: IPv6 support for addresspool= option [Antony]
* IKEv2: Updated support for MOBIKE triggered events [Antony]
* IKEv2: Support reconnecting authnull clients [Paul]
* IKEv2: New whack commands --rekey-ike and --rekey-ipsec [Antony]
* IKEv2: Prefer RFC 7427 Digital Signatures for default authby=rsasig [Sahana]
* IKEv2: Refuse SHA1 for RFC 7427 Digital Signatures as per RFC 8247 [Sahana]
* IKEv2: Use IKEv2 fragment size values (not IKEv1) [Andrew]
* IKEv2: On initiator, do not retransmit on IKE_AUTH processing failure [Paul]
* IKEv1: Re-implement CVE-2019-10155 fix to prevent future occurances [Andrew]
* IKEv1: do not assert on bad virtual private entry [Paul]
* pluto: Simplify plutodebug= options to: base, cpu-usage, crypt, private and tmi
          (maps old values to new ones for compatibility) [Andrew]
* pluto: non-default ipsec.conf did not load auto=add connections [Paul]
* pluto: fix %defaultroute for link-local and non-link-local gateway [Antony]
* pluto: Improve whackfd handling (prevent console hangs/omissions) [Andrew]
* pluto: Support to disable SAN checks (require-id-on-certificate=no) [Paul]
* pluto: Audit log IKE SA and IPsec SA failures for Common Criteria (CC) [Paul]
* pluto: Disable support for DH2/modp1024 at compile time [Paul]
* pluto: Add audit-log=yes|no (default yes) [Paul]
* pluto: DDNS event should not cause connection initialization [Paul]
* pluto: Various O(STATE) optimializations [Andrew]
* pluto: Fixup reporting of esp-hw-offload capabilities in kernel/nic [Paul]
* pluto: Add chacha20_poly1305 and curve25519 to default proposals [Paul]
* pluto: Updated SECCOMP syscall whitelist [Paul]
* pluto: With non-default config file, connections loading was skipped [Paul]
* pluto: Fix Opportunistic Encryption with Transport Mode policies [Paul]
* pluto: Fix various memory leaks in IKE and X.509 code [Andrew]
* pluto: netlink: increase the additional bufferspace to 32KiB [Antony]
* pluto: pluto --selftest no longer logs to stderr with timestamps [Paul]
* pluto: fix for redirect-to type when it is FQDN [John Mah]
* pluto: addresspool: give new lease to different (xauth)usernames [Paul]
* pluto: addresspool: reduce complexity from O(#LEASES) to O(1) [Andrew]
* whack: Remove obsoleted --whackrecord and --whackstoprecord options [Andrew]
* whack: Added whack --ddns to trigger DNS refresh event manually [Paul]
* X509: Offload most code to helpers for significant performance boost [Andrew]
* X509: Simplify code, cut redundant calculations, speed improvements [Andrew]
* X509: SAN checks should confirm IKE peer ID on responder too [Paul]
* letsencrypt: new command "ipsec letsencrypt" [Rishabh]
* _updown.netkey: PLUTO_VIRT_INTERFACE replaces PLUTO_INTERFACE [Antony]
* _updown.netkey: add IPv6 routing support [Tuomo]
* _updown.netkey: don't remove old resolv.conf, just update it [Tuomo]
* _updown.netkey: fix for iproute2 >= 5.1 which no longer ignores /mask [Paul]
* libswan: Don't leak ECDSA pubkey on form_ckaid_ecdsa() failure [Paul]
* libswan: Close netlink socket on send error in netlink_query() [Paul]
* libipsecconf: don't throw error for not finding a wildcarded include [Paul]
* verify: improve support for python2 and python3 [Anand Bibhuti/Paul]
* KLIPS: Support for kernels >= 4.20 with SYNC_SKCIPHER_REQUEST_ON_STACK [Paul]
* KLIPS: Userland tools compile fixes [Hugh/Paul]
* building: No longer build with DH2(modp1024) support (see RFC 8247) [Paul]
* building: Add config for PYTHON_BINARY, default being /usr/bin/python3 [Tuomo]
* building: Add new USE_NSS_PRF, to use KDF from NSS [Robert Relyea/Andrew]
* building: Add USE_PRF_AES_XCBC, replaces USE_XCBC [Paul]
* building: Fixes for NetBSD build [Andrew]
* building: Fixes for gcc10 [Paul]
* packaging: fedora30 requires gcc to be listed as BuildRequires: [Paul]
* packaging: Add Debian stretch specific configs and more cleanup [Antony]
* packaging: make deb jessie and xenial config detection [Antony]
* packaging: update python she-bang handling [Tuomo]
* testing: Added a new namespaces based testrun method [Antony]
* testing: setup: namespace based ipsec stop needs ip xfrm flush state [Paul]
* testing: setup: namespace based ipsec skips initsystem [Paul]



More information about the Swan-announce mailing list