+strongswan-5.3.0
+----------------
+
+- Added support for IKEv2 make-before-break reauthentication. By using a global
+ CHILD_SA reqid allocation mechanism, charon supports overlapping CHILD_SAs.
+ This allows the use of make-before-break instead of the previously supported
+ break-before-make reauthentication, avoiding connectivity gaps during that
+ procedure. As the new mechanism may fail with peers not supporting it (such
+ as any previous strongSwan release) it must be explicitly enabled using
+ the charon.make_before_break strongswan.conf option.
+
+- Support for "Signature Authentication in IKEv2" (RFC 7427) has been added.
+ This allows the use of stronger hash algorithms for public key authentication.
+ By default, signature schemes are chosen based on the strength of the
+ signature key, but specific hash algorithms may be configured in leftauth.
+
+- Key types and hash algorithms specified in rightauth are now also checked
+ against IKEv2 signature schemes. If such constraints are used for certificate
+ chain validation in existing configurations, in particular with peers that
+ don't support RFC 7427, it may be necessary to disable this feature with the
+ charon.signature_authentication_constraints setting, because the signature
+ scheme used in classic IKEv2 public key authentication may not be strong
+ enough.
+
+- The new connmark plugin allows a host to bind conntrack flows to a specific
+ CHILD_SA by applying and restoring the SA mark to conntrack entries. This
+ allows a peer to handle multiple transport mode connections coming over the
+ same NAT device for client-initiated flows. A common use case is to protect
+ L2TP/IPsec, as supported by some systems.
+
+- The forecast plugin can forward broadcast and multicast messages between
+ connected clients and a LAN. For CHILD_SA using unique marks, it sets up
+ the required Netfilter rules and uses a multicast/broadcast listener that
+ forwards such messages to all connected clients. This plugin is designed for
+ Windows 7 IKEv2 clients, which announces its services over the tunnel if the
+ negotiated IPsec policy allows it.
+
+- For the vici plugin a Python Egg has been added to allow Python applications
+ to control or monitor the IKE daemon using the VICI interface, similar to the
+ existing ruby gem. The Python library has been contributed by Björn Schuberg.
+
+- EAP server methods now can fulfill public key constraints, such as rightcert
+ or rightca. Additionally, public key and signature constraints can be
+ specified for EAP methods in the rightauth keyword. Currently the EAP-TLS and
+ EAP-TTLS methods provide verification details to constraints checking.
+
+- Upgrade of the BLISS post-quantum signature algorithm to the improved BLISS-B
+ variant. Can be used in conjunction with the SHA256, SHA384 and SHA512 hash
+ algorithms with SHA512 being the default.
+
+- The IF-IMV 1.4 interface now makes the IP address of the TNC access requestor
+ as seen by the TNC server available to all IMVs. This information can be
+ forwarded to policy enforcement points (e.g. firewalls or routers).
+
+- The new mutual tnccs-20 plugin parameter activates mutual TNC measurements
+ in PB-TNC half-duplex mode between two endpoints over either a PT-EAP or
+ PT-TLS transport medium.
+
+
strongswan-5.2.2
----------------
+- Fixed a denial-of-service vulnerability triggered by an IKEv2 Key Exchange
+ payload that contains the Diffie-Hellman group 1025. This identifier was
+ used internally for DH groups with custom generator and prime. Because
+ these arguments are missing when creating DH objects based on the KE payload
+ an invalid pointer dereference occurred. This allowed an attacker to crash
+ the IKE daemon with a single IKE_SA_INIT message containing such a KE
+ payload. The vulnerability has been registered as CVE-2014-9221.
+
- The left/rightid options in ipsec.conf, or any other identity in strongSwan,
now accept prefixes to enforce an explicit type, such as email: or fqdn:.
Note that no conversion is done for the remaining string, refer to
ipsec.conf(5) for details.
-- The post-quantum "Bimodal Lattice Signature Scheme (BLISS) can be used as
+- The post-quantum Bimodal Lattice Signature Scheme (BLISS) can be used as
an IKEv2 public key authentication method. The pki tool offers full support
for the generation of BLISS key pairs and certificates.
+- Fixed mapping of integrity algorithms negotiated for AH via IKEv1. This could
+ cause interoperability issues when connecting to older versions of charon.
+
strongswan-5.2.1
----------------
projects / people / ms / strongswan.git / blobdiff