strongSwan - Design by Margo Galas <galas (at) solnet (dot) ch>

Main Sponsors

secunet

secunet

revosec

Hochschule für Technik Rapperswil

strongSwan 5.3.0 Released

We are proud to announce the release of strongSwan 5.3.0, which brings make-before-break re-authentication for IKEv2, support for RFC 7427 signature authentication, a Python VICI interface, and numerous other new features and fixes.


make-before-break Re-Authentication for IKEv2

Support for make-before-break re-authentication for IKEv2 has been added. By using a global CHILD_SA reqid allocation mechanism, charon supports overlapping CHILD_SAs. This allows the use of make-before-break instead of the previously supported break-before-make re-authentication, thus, avoiding connectivity gaps during that procedure. As the new mechanism may fail with peers not supporting it (such as any previous strongSwan release) it must be explicitly enabled using the charon.make_before_break strongswan.conf option.

The reqid related changes should also provide a fix for situations that resulted in "unable to install policy ... for reqid ..., the same policy for reqid ... exists" messages in earlier releases (e.g. #431).

Signature Authentication in IKEv2 (RFC 7427)

With the new Signature Authentication in IKEv2 (RFC 7427) the use of stronger hash algorithms for public key authentication is now possible. By default, signature schemes are chosen based on the strength of the signature key, but specific hash algorithms may be configured in leftauth.

Key types and hash algorithms specified in rightauth are now also checked against IKEv2 signature schemes. If such constraints are used for certificate chain validation in existing configurations, in particular with peers that don't support RFC 7427, it may be necessary to disable this feature with the charon.signature_authentication_constraints setting, because the signature scheme used in classic IKEv2 public key authentication may not be strong enough.

Multiple Transport Mode SAs over the Same NAT Device

The new connmark plugin allows a host to bind conntrack flows to a specific CHILD_SA by applying and restoring the SA mark to conntrack entries. This allows a peer to handle multiple transport mode connections coming over the same NAT device for client-initiated flows (a common use case is to protect L2TP/IPsec). Refer to the ikev2/host2host-transport-connmark scenario for an example.

Forward Broad- and Multicast Messages between Clients and a LAN

The forecast plugin can forward broadcast and multicast messages between connected clients and a LAN. For CHILD_SAs using unique marks, it sets up the required Netfilter rules and uses a multicast/broadcast listener that forwards such messages to all connected clients. This plugin is designed for Windows 7 IKEv2 clients, which announce their services over the tunnel if the negotiated IPsec policy allows it. Refer to the ikev2/forecast scenario for an example.

Python VICI Interface

For the vici plugin a Python Egg has been added to allow Python applications to control or monitor the IKE daemon using the VICI interface, similar to the existing ruby gem. The Python library has been contributed by Björn Schuberg.

Other Notable Changes

  • EAP server methods now can fulfill public key constraints, such as rightcert or rightca. Additionally, public key and signature constraints can be specified for EAP methods in the rightauth keyword. Currently the EAP-TLS and EAP-TTLS methods provide verification details to constraints checking.
  • CA certificates are now purged during ipsec rereadcacerts.
  • PKCS#12 files may be loaded via swanctl.
  • Upgrade of the BLISS post-quantum signature algorithm to the improved BLISS-B variant.
  • The new mutual tnccs-20 plugin parameter activates mutual TNC measurements in PB-TNC half-duplex mode between two endpoints over either a PT-EAP or PT-TLS transport medium.
  • The encoding of INITIAL_CONTACT notifies for IKEv1 has been fixed (#819).

Download it from here - a more extensive changelog can be found on our wiki.