Re: [PATCH] strongswan: Update to version 5.9.12

[Michael Tremer <michael.tremer@ipfire.org>]

[-- Attachment #1: Type: text/plain, Size: 9799 bytes --]

Reviewed-by: Michael Tremer <michael.tremer(a)ipfire.org>

I am back :)

> On 21 Nov 2023, at 22:37, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
> 
> - Update from version 5.9.11 to 5.9.12
> - Update of rootfile
> - Changelog
>    5.9.12
> Vulnerabilities
>    Fixed a vulnerability in charon-tkm (the TKM-backed version of the charon IKE
>     daemon) related to processing DH public values that can lead to a buffer
>     overflow and potentially remote code execution. This vulnerability has been
>     registered as CVE-2023-41913. Please refer to our blog for details.
> New Feature Additions
>    The new pki --ocsp command produces OCSP responses based on certificate status
>     information provided by implementations of the new ocsp_responder_t interface
>     (#1958).
>    Two sources are currently available, the openxpki plugin that directly
>     accesses the OpenXPKI database and the command's --index argument, which
>     reads certificate status information from OpenSSL-style index.txt files
>     (multiple CAs are supported concurrently).
>    The new cert-enroll script handles the initial enrollment of an X.509 host
>     certificate with a PKI server via the EST or SCEP protocols.
>    Run as a systemd timer or via a crontab entry, the script checks the
>     expiration date of the host certificate daily. When a given deadline is
>     reached, the host certificate is automatically renewed via EST or SCEP
>     re-enrollment based on the possession of the old private key and the
>     matching certificate.
>    Added a global option (charon.reject_trusted_end_entity) to prevent peers
>     from authenticating with certificates that are locally trusted, in
>     particular, our own local certificate, which safeguards against accidental
>     reuse of certificates on multiple peers. As the name suggests, all trusted
>     end-entity certificates are rejected if enabled, so peer certificates can't
>     be configured explicitly anymore (e.g. via remote.certs in swanctl.conf).
>    The --priv argument for charon-cmd allows the use of any type of private key
>     (previously, only RSA keys were supported).
>    The openssl plugin now supports the nameConstraints extension in X.509
>     certificates (#1990).
>    Support for nameConstraints of type iPAddress are now supported by the x509,
>     openssl and constraints plugins (#1991).
>    Support for encoding subjectAlternativeName extensions of type
>     uniformResourceIdentifier in X.509 certificates has been added via the uri:
>     prefix (e.g. for URNs, #1983).
>    Support for password-less PKCS#12 and PKCS#8 files has been added (#1955).
> Enhancements and Optimizations
>    Because of a relatively recent NIAP requirement (TD0527, Test 8b), loading of
>     certificates with ECDSA keys that explicitly encode the curve parameters is
>     rejected if possible. Explicit encoding is pretty rare to begin with and
>     e.g. wolfSSL already rejects such keys, by default. All crypto plugins that
>     support ECDSA enforce this by rejecting such public keys, except when using
>     older versions of OpenSSL (< 1.1.1h) or Botan (< 3.2.0) (#1949).
>    Make the NetworkManager plugin (charon-nm) actually use the XFRM interface it
>     creates since 5.9.10. This involves setting interface IDs on SAs and
>     policies, and installing routes via the interface. To avoid routing loops if
>     the remote traffic selectors include the VPN server, IKE and ESP packets are
>     marked to bypass the routing table that contains the routes via XFRM
>     interface (69e0c11).
>    If available, the plugin now also adopts the interface name configured in
>     connection.interface-name in a *.nmconnection file as name for the XFRM
>     interface instead of generating one randomly (e8f8d32).
>    The resolve plugin tries to maintain the order of DNS servers it installs via
>     resolvconf or resolv.conf (6440975, 8238ad4).
>    The kernel-libipsec plugin now always installs routes to remote networks even
>     if no address is found in the local traffic selectors, which allows
>     forwarding traffic from networks the VPN host is not part of (190d8cb).
>    Increased the default receive buffer size for Netlink sockets to 8 MiB
>     (doubled by the kernel to account for overhead) and simplified the
>     configuration (no need for a separate option to force overriding rmem_max).
>     It's now also set for event sockets, which previously could cause issues on
>     hosts with e.g. lots of route changes (#1757).
>    When issuing certificates, the subjectKeyIdentifier of the issuing
>     certificate, if available, is now copied as authorityKeyIdentifier, instead
>     of always generating a SHA-1 hash of the issuer's subjectPublicKey
>     (#1992, 6941dcb).
>    Explicitly request permission to display notifications on Android 13+
>     (ddf84c1), also enabled hardware acceleration for the Android-specific
>     OpenSSL build.
> Fixes
>    Fixed issues while reestablishing multiple CHILD_SAs (e.g. after a DPD
>     timeout) that could cause a reqid to get assigned to multiple CHILD_SAs with
>     unrelated traffic selectors (#1855).
>    Fixed an issue in watcher_t with handling errors on sockets (e.g. if the
>     receive buffer is full), which caused an infinite loop if poll() only
>     signaled POLLERR as event (#1757).
>    Fixed an issue in the IKE_SA_INIT tracking code that was added with 5.9.6,
>     which did not correctly untrack invalid messages with non-zero message IDs
>     or SPIs (0b47357).
>    Fixed a regression introduced with 5.9.8 when handling IKE redirects during
>     IKE_AUTH (595fa07).
>    Fixed adding the XFRMA_REPLAY_ESN_VAL attribute twice when updating SAs in
>     the kernel-netlink plugin, which prevented MOBIKE updates if a large
>     anti-replay window was used (#1967).
>    Fixed a race condition in the kernel-pfroute plugin when adding virtual IPs
>     if the TUN device is activated after the address was already added
>     internally, which caused the installed route not to go via TUN device in
>     order to force the virtual IP as source address (#1807).
>    Fixed an issue in libtls that could cause the wrong ECDH group to get
>     instantiated (b5e4bf4).
>    Fixed the encoding of the CHILD_SA_NOT_FOUND notify if a CHILD_SA is not
>     found during rekeying. It was previously empty, now contains the SPI and
>     sets the protocol to the values received in the REKEY_SA notify (849c2c9).
>    Fixed a possible issue with MOBIKE in the Android client on certain devices
>     (#1691).
> For Developers
>    The new ocsp_responder_t interface can be implemented to provide certificate
>     status information to the pki --ocsp command. Responders can be
>     (un-)registered via the ocsp_responders_t instance at lib->ocsp.
>    For the watcher_t component, WATCHER_EXCEPT has been removed as there is no
>     way to explicitly listen for errors on sockets and poll() actually can
>     return POLLERR for any FD and it might even be the only signaled event
>     (which caused an infinite loop previously). Now we simply notify the
>     registered callbacks. The error is then reported by e.g. recvfrom(), which
>     was already the case before if POLLERR was returned together with
>     e.g. POLLIN.
>    The reqids allocated for CHILD_SAs (including trap policies) via
>     kernel_interface_t::alloc_reqid() are now refcounted. When recreating a
>     CHILD_SA, a reference to the reqid can be requested via
>     child_sa_t::get_reqid_ref(). If another reference is required afterwards,
>     one can be acquired directly via kernel_interface_t::ref_reqid(). Each
>     reference has to be released via kernel_interface_t::release_reqid(), whose
>     interface was simplified.
>    The testing environment is now based on Debian 12 (bookworm), by default.
>     Also, when copying files to guests, the guest-specific files are now copied
>     after the default files, which allows overriding files per guest (fixes an
>     issue with winnetou's /etc/fstab and mounting the test results).
> Refer to the 5.9.12 milestone for a list of all closed issues and pull requests.
> 
> Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
> ---
> config/rootfiles/common/strongswan | 1 +
> lfs/strongswan                     | 4 ++--
> 2 files changed, 3 insertions(+), 2 deletions(-)
> 
> diff --git a/config/rootfiles/common/strongswan b/config/rootfiles/common/strongswan
> index 22adf24b4..a5f256e02 100644
> --- a/config/rootfiles/common/strongswan
> +++ b/config/rootfiles/common/strongswan
> @@ -181,6 +181,7 @@ usr/sbin/swanctl
> #usr/share/man/man1/pki---gen.1
> #usr/share/man/man1/pki---issue.1
> #usr/share/man/man1/pki---keyid.1
> +#usr/share/man/man1/pki---ocsp.1
> #usr/share/man/man1/pki---pkcs7.1
> #usr/share/man/man1/pki---print.1
> #usr/share/man/man1/pki---pub.1
> diff --git a/lfs/strongswan b/lfs/strongswan
> index 357283b15..9496d05dd 100644
> --- a/lfs/strongswan
> +++ b/lfs/strongswan
> @@ -24,7 +24,7 @@
> 
> include Config
> 
> -VER        = 5.9.11
> +VER        = 5.9.12
> 
> THISAPP    = strongswan-$(VER)
> DL_FILE    = $(THISAPP).tar.bz2
> @@ -40,7 +40,7 @@ objects = $(DL_FILE)
> 
> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
> 
> -$(DL_FILE)_BLAKE2 = e8e84d79d1530b9a968ce8429fec0e7b3fcf19b75fdbd4371a38763d8564d5b37d012769006330b5c94cff3e914acb1b1a3e2829749effb8c35f9e5d775be491
> +$(DL_FILE)_BLAKE2 = 40f80162970152bca028a9af6b37c4c6e2ef38e75f88b92bf03f18641dadacbc574441e74cd0c7abb49ce4c15d9b82301aa90cb07c4fd223bf83163ebfbc2381
> 
> install : $(TARGET)
> 
> -- 
> 2.42.1
>