Updated openswan packages that fix several bugs and add various enhancements are now available for Red Hat Enterprise Linux 6.
Openswan is a free implementation of Internet Protocol Security (IPsec) and Internet Key Exchange (IKE). IPsec uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks.
- Previously, the "ipsec barf" command called the grep utility on the /var/log/lastlog file which caused the system to use significant amount of memory. After this update, "ipsec barf" uses the "lastlog -u user" command, which prevents the utility from using too much memory.
- According to the RFC 5996 standard, reserved fields must be ignored on receipt, irrespective of their value. Previously, however, the contents of the reserved fields was not being ignored on receipt for some payloads. Consequently, Openswan reported an error message and Internet Key Exchange (IKE) negotiation failed. With this update, Openswan has been modified to ignore the reserved fields and IKE negotiation succeeds regardless of the reserved field value.
- When a connection was configured in transport mode, Openswan did not pass information about traffic selectors to the NETKEY/XFRM IPsec kernel stack during the setup of security associations (SAs). Consequently, the information was not available in the output of the "ip xfrm state" command. With this update, Openswan correctly passes the traffic selectors information to the kernel when SAs are set up in transport mode.
- When a tunnel was established between two IPsec hosts, for example host1 and host2, utilizing Dead Peer Detection DPD, and if host2 went offline while host1 continued to transmit data, host1 continually queued multiple phase 2 requests after the DPD action. When host2 came back online, the stack of pending phase 2 requests was established, leaving a new IPsec Security Association (SA), and a large group of extra SA's that consumed system resources and eventually expired. This update ensures that Openswan has just a single pending phase 2 request during the time that host2 is down, and when host2 comes back up, only a single new IPsec SA is established, thus preventing this bug.
- When a tunnel was established between two IPsec hosts, for example host1 and host2, using the "dpdaction=restart" option, if host2 went offline and the Dead Peer Detection (DPD) was activated, the new phase1 replacement started retransmitting, but was subject to a limited amount of retries, even if the "keyingtries=%forever" option (which is default) was set. If host2 did not reconnect in time, the phase1 replacement expired and then the tunnel did not rekey until the old phase1 Security Association (SA) expired (in about 10 minutes by default). This meant that using the "dpdaction=restart" option only allowed a short window for the peer to reconnect. With this update, the phase1 replacement continues to try to rekey, thus avoiding the retransmission limit and timeout.
- Previously, certificates specified by names in "rightid" connection options containing a comma, were ignored and these connections were not authenticated due to an ID mismatch. With this update, Openswan now supports escaped commas inside the OID field in the "rightid" option.
- Previously, when certificates signed with the SHA2 digest algorithm were used for peer authentication, connection setup failed with the following error:
digest algorithm not supportedThis bug has been fixed and Openswan now recognizes these certificates and sets up a connection correctly.
- The openswan package for Internet Protocol Security (IPsec) contains two diagnostic commands, "ipsec barf" and "ipsec look", that can cause the iptables kernel modules for NAT and IP connection tracking to be loaded. On very busy systems, loading such kernel modules can result in severely degraded performance or lead to a crash when the kernel runs out of resources. With this update, the diagnostic commands do not cause loading of the NAT and IP connection tracking modules. This update does not affect systems that already use IP connection tracking or NAT as the iptables and ip6tables services will already have loaded these kernel modules.
- Previously, when the IPsec daemon (pluto) attempted to verify the signature of a Certificate Revocation List (CRL), if the signature value began with a zero byte and had another zero as padding, the mpz() functions stripped out all leading zeros. This resulted in the Network Security Services (NSS) data input being one byte short and consequently failing verification when NSS compared its length to the modulus length. This update removes the conversions into arbitrary-precision arithmetic (bignum) objects and handles the leading zero by moving the pointer one position forward and reducing the length of the signature by 1. As a result, verification of CRLs now works as expected even with leading zeros in the signature.
- Previously, the order of the load_crls() and load_authcerts_from_nss() functions in the plutomain.c file was incorrect. As a consequence, when the IPsec daemon (pluto) attempted to load the Certificate Revocation Lists (CRLs) from the /etc/ipsec.d/crls/ directory during startup, loading failed because pluto checked for a loaded Certification Authority (CA) when there was none available. This update swaps the order of the aforementioned functions in the plutomain.c file, and now pluto no longer fails during startup and loads the CRLs successfully.
- Previously, the Openswan Internet Key Exchage version 2 (IKEv2) implementation did not set the "reserved" field to zero. As a consequence, Openswan did not pass the TAHI IKEv2 test. After this update, Openswan now sets the "reserved" field to zero and successfully passes the TAHI IKEv2 test.
- Previously, when an MD5 hash was used in the Internet Key Exchange version 2 (IKEv2) algorithm in Openswan to connect to another IPsec implementation, for example strongswan, occasionally the installed kernel security policy entry had a different "enc" or "auth" value than the corresponding values on the other side. As a consequence, a connection could not be established even though the Security Association (SA) was established correctly. After this update, these values are set correctly in Openswan and a connection can be established successfully.
- Previously, when in FIPS mode, Openswan did not allow the use of SHA2 algorithms. This update enables the use of SHA2 algorithms in FIPS mode.
- Initial support for passing traffic selectors to an XFRM IPsec stack for transport mode was incomplete and did not include the necessary work-arounds for NAT-traversal support. As a consequence, Openswan could not establish an L2TP connection with devices which use NAT-Traversal. After this update, the direction of IPsec Security Association (SA) is now passed to the netlink_setup_sa() function so that the client IP is substituted with the host IP and the selector works for NAT transport mode.
- After this update, Openswan now uses dracut-fips to determine whether it should run in FIPS mode.
- This update introduces a feature to control transmission delay timing for IPsec connections.
- With this update, Openswan now supports Internet Key Exchage (IKE) fragmentation. Openswan can now successfully connect to devices which support IKE fragmentation.
- Support for the Internet Key Exchage version 1 (IKEv1) INITIAL-CONTACT IPsec message, as as defined in Section 126.96.36.199. of the RFC2407 specification, has been added to Openswan. This addresses an interoperability bug where a peer does not replace an existing IPsec Security Association (SA) with a newly negotiated one unless a Notification Payload message is present.
- The kernel module aesni_intel is now loaded by Openswan on startup. This update significantly improves the performance of Openswan on machines running Advanced Encryption Standard New Instructions (AES-NI).
- The default behavior of Openswan is to send NAT-Traversal keepalive packets. Disabling sending keepalive packets previously was a global option. After this update, the user can disable NAT-Traversal keepalive packet sending per connection.
Users of openswan are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.