strongSwan - Design by Margo Galas <galas (at) solnet (dot) ch>

Main Sponsors

secunet

secunet

revosec

Hochschule für Technik Rapperswil

strongSwan 4.6.3 Released

We are happy to release strongSwan 4.6.3, offering RADIUS extensions, support for resolvconf(8) and raw RSA keys, and more.


RADIUS extensions

  • The tnc-pdp plugin implements  a RADIUS server interface allowing a strongSwan TNC server to act as a Policy Decision Point. Have a look at the tnc/tnccs-20-pdp-eap test case for an example.
  • The eap-radius authentication backend enforces Session-Timeout attributes using RFC 4478 repeated authentication and acts upon RADIUS Dynamic Authorization extensions, RFC 5176. Currently supported are disconnect requests and CoA messages containing a Session-Timeout.
  • The eap-radius plugin can forward arbitrary RADIUS attributes from and to clients using custom IKEv2 notify payloads. The new radattr plugin reads attributes to include from files and prints received attributes to the console.

Support for resolvconf(8)

  • The resolve plugin automatically installs nameservers via resolvconf(8) instead of modifying /etc/resolv.conf directly.

Support for raw RSA keys

Download it from here - a more extensive changelog can be found on our wiki.