GithubHelp home page GithubHelp logo

strongswan / strongswan Goto Github PK

View Code? Open in Web Editor NEW
2.1K 2.1K 736.0 101.82 MB

strongSwan - IPsec-based VPN

Home Page: https://www.strongswan.org

License: Other

Makefile 1.25% Shell 3.66% Python 0.27% C 82.13% Ada 0.04% Ruby 0.09% Java 2.61% Objective-C 0.18% Perl 0.12% C# 0.09% JavaScript 0.01% CSS 0.01% HTML 0.01% Lex 0.05% Yacc 0.07% M4 0.49% Roff 8.90% Rich Text Format 0.01% Dockerfile 0.01%
ikev2 ipsec strongswan vpn vpn-client vpn-server

strongswan's Introduction

strongSwan Configuration

Overview

strongSwan is an OpenSource IPsec-based VPN solution.

This document is just a short introduction of the strongSwan swanctl command which uses the modern vici Versatile IKE Configuration Interface. The deprecated ipsec command using the legacy stroke configuration interface is described here. For more detailed information consult the man pages, our new documentation site and the legacy wiki.

Quickstart

Certificates for users, hosts and gateways are issued by a fictitious strongSwan CA. In our example scenarios the CA certificate strongswanCert.pem must be present on all VPN endpoints in order to be able to authenticate the peers. For your particular VPN application you can either use certificates from any third-party CA or generate the needed private keys and certificates yourself with the strongSwan pki tool, the use of which will be explained in one of the sections following below.

Site-to-Site Case

In this scenario two security gateways moon and sun will connect the two subnets moon-net and sun-net with each other through a VPN tunnel set up between the two gateways:

10.1.0.0/16 -- | 192.168.0.1 | === | 192.168.0.2 | -- 10.2.0.0/16
  moon-net          moon                 sun           sun-net

Configuration on gateway moon:

/etc/swanctl/x509ca/strongswanCert.pem
/etc/swanctl/x509/moonCert.pem
/etc/swanctl/private/moonKey.pem

/etc/swanctl/swanctl.conf:

    connections {
        net-net {
            remote_addrs = 192.168.0.2

            local {
                auth = pubkey
                certs = moonCert.pem
            }
            remote {
                auth = pubkey
                id = "C=CH, O=strongSwan, CN=sun.strongswan.org"
            }
            children {
                net-net {
                    local_ts  = 10.1.0.0/16
                    remote_ts = 10.2.0.0/16
                    start_action = trap
                }
            }
        }
    }

Configuration on gateway sun:

/etc/swanctl/x509ca/strongswanCert.pem
/etc/swanctl/x509/sunCert.pem
/etc/swanctl/private/sunKey.pem

/etc/swanctl/swanctl.conf:

    connections {
        net-net {
            remote_addrs = 192.168.0.1

            local {
                auth = pubkey
                certs = sunCert.pem
            }
            remote {
                auth = pubkey
                id = "C=CH, O=strongSwan, CN=moon.strongswan.org"
            }
            children {
                net-net {
                    local_ts  = 10.2.0.0/16
                    remote_ts = 10.1.0.0/16
                    start_action = trap
                }
            }
        }
    }

The local and remote identities used in this scenario are the subjectDistinguishedNames contained in the end entity certificates. The certificates and private keys are loaded into the charon daemon with the command

swanctl --load-creds

whereas

swanctl --load-conns

loads the connections defined in swanctl.conf. With start_action = trap the IPsec connection is automatically set up with the first plaintext payload IP packet wanting to go through the tunnel.

Host-to-Host Case

This is a setup between two single hosts which don't have a subnet behind them. Although IPsec transport mode would be sufficient for host-to-host connections we will use the default IPsec tunnel mode.

| 192.168.0.1 | === | 192.168.0.2 |
     moon                sun

Configuration on host moon:

/etc/swanctl/x509ca/strongswanCert.pem
/etc/swanctl/x509/moonCert.pem
/etc/swanctl/private/moonKey.pem

/etc/swanctl/swanctl.conf:

    connections {
        host-host {
            remote_addrs = 192.168.0.2

            local {
                auth=pubkey
                certs = moonCert.pem
            }
            remote {
                auth = pubkey
                id = "C=CH, O=strongSwan, CN=sun.strongswan.org"
            }
            children {
                net-net {
                    start_action = trap
                }
            }
        }
    }

Configuration on host sun:

/etc/swanctl/x509ca/strongswanCert.pem
/etc/swanctl/x509/sunCert.pem
/etc/swanctl/private/sunKey.pem

/etc/swanctl/swanctl.conf:

    connections {
        host-host {
            remote_addrs = 192.168.0.1

            local {
                auth = pubkey
                certs = sunCert.pem
            }
            remote {
                auth = pubkey
                id = "C=CH, O=strongSwan, CN=moon.strongswan.org"
            }
            children {
                host-host {
                    start_action = trap
                }
            }
        }
    }

Roadwarrior Case

This is a very common case where a strongSwan gateway serves an arbitrary number of remote VPN clients usually having dynamic IP addresses.

10.1.0.0/16 -- | 192.168.0.1 | === | x.x.x.x |
  moon-net          moon              carol

Configuration on gateway moon:

/etc/swanctl/x509ca/strongswanCert.pem
/etc/swanctl/x509/moonCert.pem
/etc/swanctl/private/moonKey.pem

/etc/swanctl/swanctl.conf:

    connections {
        rw {
            local {
                auth = pubkey
                certs = moonCert.pem
                id = moon.strongswan.org
            }
            remote {
                auth = pubkey
            }
            children {
                net-net {
                    local_ts  = 10.1.0.0/16
                }
            }
        }
    }

Configuration on roadwarrior carol:

/etc/swanctl/x509ca/strongswanCert.pem
/etc/swanctl/x509/carolCert.pem
/etc/swanctl/private/carolKey.pem

/etc/swanctl/swanctl.conf:

    connections {
        home {
            remote_addrs = moon.strongswan.org

            local {
                auth = pubkey
                certs = carolCert.pem
                id = [email protected]
            }
            remote {
                auth = pubkey
                id = moon.strongswan.org
            }
            children {
                home {
                    local_ts  = 10.1.0.0/16
                    start_action = start
                }
            }
        }
    }

For remote_addrs the hostname moon.strongswan.org was chosen which will be resolved by DNS at runtime into the corresponding IP destination address. In this scenario the identity of the roadwarrior carol is the email address [email protected] which must be included as a subjectAlternativeName in the roadwarrior certificate carolCert.pem.

Roadwarrior Case with Virtual IP

Roadwarriors usually have dynamic IP addresses assigned by the ISP they are currently attached to. In order to simplify the routing from moon-net back to the remote access client carol it would be desirable if the roadwarrior had an inner IP address chosen from a pre-defined pool.

10.1.0.0/16 -- | 192.168.0.1 | === | x.x.x.x | -- 10.3.0.1
  moon-net          moon              carol       virtual IP

In our example the virtual IP address is chosen from the address pool 10.3.0.0/16 which can be configured by adding the section

pools {
    rw_pool {
        addrs = 10.3.0.0/16
    }
}

to the gateway's swanctl.conf from where they are loaded into the charon daemon using the command

swanctl --load-pools

To request an IP address from this pool a roadwarrior can use IKEv1 mode config or IKEv2 configuration payloads. The configuration for both is the same

vips = 0.0.0.0

Configuration on gateway moon:

/etc/swanctl/x509ca/strongswanCert.pem
/etc/swanctl/x509/moonCert.pem
/etc/swanctl/private/moonKey.pem

/etc/swanctl/swanctl.conf:

    connections {
        rw {
            pools = rw_pool

            local {
                auth = pubkey
                certs = moonCert.pem
                id = moon.strongswan.org
            }
            remote {
                auth = pubkey
            }
            children {
                net-net {
                    local_ts  = 10.1.0.0/16
                }
            }
        }
    }

    pools {
        rw_pool {
            addrs = 10.30.0.0/16
        }
    }

Configuration on roadwarrior carol:

/etc/swanctl/x509ca/strongswanCert.pem
/etc/swanctl/x509/carolCert.pem
/etc/swanctl/private/carolKey.pem

/etc/swanctl/swanctl.conf:

    connections {
        home {
            remote_addrs = moon.strongswan.org
            vips = 0.0.0.0

            local {
                auth = pubkey
                certs = carolCert.pem
                id = [email protected]
            }
            remote {
                auth = pubkey
                id = moon.strongswan.org
            }
            children {
                home {
                    local_ts  = 10.1.0.0/16
                    start_action = start
                }
            }
        }
    }

Roadwarrior Case with EAP Authentication

This is a very common case where a strongSwan gateway serves an arbitrary number of remote VPN clients which authenticate themselves via a password based Extended Authentication Protocol as e.g. EAP-MD5 or EAP-MSCHAPv2.

10.1.0.0/16 -- | 192.168.0.1 | === | x.x.x.x |
  moon-net          moon              carol

Configuration on gateway moon:

/etc/swanctl/x509ca/strongswanCert.pem
/etc/swanctl/x509/moonCert.pem
/etc/swanctl/private/moonKey.pem

/etc/swanctl/swanctl.conf:

    connections {
        rw {
            local {
                auth = pubkey
                certs = moonCert.pem
                id = moon.strongswan.org
            }
            remote {
                auth = eap-md5
            }
            children {
                net-net {
                    local_ts  = 10.1.0.0/16
                }
            }
            send_certreq = no
        }
    }

The swanctl.conf file additionally contains a secrets section defining all client credentials

    secrets {
        eap-carol {
            id = [email protected]
            secret = Ar3etTnp
        }
        eap-dave {
            id = [email protected]
            secret = W7R0g3do
        }
    }

Configuration on roadwarrior carol:

/etc/swanctl/x509ca/strongswanCert.pem

/etc/swanctl/swanctl.conf:

    connections {
        home {
            remote_addrs = moon.strongswan.org

            local {
                auth = eap
                id = [email protected]
            }
            remote {
                auth = pubkey
                id = moon.strongswan.org
            }
            children {
                home {
                    local_ts  = 10.1.0.0/16
                    start_action = start
                }
            }
        }
    }

    secrets {
        eap-carol {
            id = [email protected]
            secret = Ar3etTnp
        }
    }

Roadwarrior Case with EAP Identity

Often a client EAP identity is exchanged via EAP which differs from the external IKEv2 identity. In this example the IKEv2 identity defaults to the IPv4 address of the client.

10.1.0.0/16 -- | 192.168.0.1 | === | x.x.x.x |
  moon-net          moon              carol

Configuration on gateway moon:

/etc/swanctl/x509ca/strongswanCert.pem
/etc/swanctl/x509/moonCert.pem
/etc/swanctl/private/moonKey.pem

/etc/swanctl/swanctl.conf:

    connections {
        rw {
            local {
                auth = pubkey
                certs = moonCert.pem
                id = moon.strongswan.org
            }
            remote {
                auth = eap-md5
                eap_id = %any
            }
            children {
                net-net {
                    local_ts  = 10.1.0.0/16
                }
            }
            send_certreq = no
        }
    }

    secrets {
        eap-carol {
            id = carol
            secret = Ar3etTnp
        }
        eap-dave {
            id = dave
            secret = W7R0g3do
        }
    }

Configuration on roadwarrior carol:

/etc/swanctl/x509ca/strongswanCert.pem

/etc/swanctl/swanctl.conf:

    connections {
        home {
            remote_addrs = moon.strongswan.org

            local {
                auth = eap
                eap_id = carol
            }
            remote {
                auth = pubkey
                id = moon.strongswan.org
            }
            children {
                home {
                    local_ts  = 10.1.0.0/16
                    start_action = start
                }
            }
        }
    }

    secrets {
        eap-carol {
            id = carol
            secret = Ar3etTnp
        }
    }

Generating Certificates and CRLs

This section is not a full-blown tutorial on how to use the strongSwan pki tool. It just lists a few points that are relevant if you want to generate your own certificates and CRLs for use with strongSwan.

Generating a CA Certificate

The pki statement

pki --gen --type ed25519 --outform pem > strongswanKey.pem

generates an elliptic Edwards-Curve key with a cryptographic strength of 128 bits. The corresponding public key is packed into a self-signed CA certificate with a lifetime of 10 years (3652 days)

pki --self --ca --lifetime 3652 --in strongswanKey.pem \
           --dn "C=CH, O=strongSwan, CN=strongSwan Root CA" \
           --outform pem > strongswanCert.pem

which can be listed with the command

pki --print --in strongswanCert.pem

subject:  "C=CH, O=strongSwan, CN=strongSwan Root CA"
issuer:   "C=CH, O=strongSwan, CN=strongSwan Root CA"
validity:  not before May 18 08:32:06 2017, ok
           not after  May 18 08:32:06 2027, ok (expires in 3651 days)
serial:    57:e0:6b:3a:9a:eb:c6:e0
flags:     CA CRLSign self-signed
subjkeyId: 2b:95:14:5b:c3:22:87:de:d1:42:91:88:63:b3:d5:c1:92:7a:0f:5d
pubkey:    ED25519 256 bits
keyid:     a7:e1:6a:3f:e7:6f:08:9d:89:ec:23:92:a9:a1:14:3c:78:a8:7a:f7
subjkey:   2b:95:14:5b:c3:22:87:de:d1:42:91:88:63:b3:d5:c1:92:7a:0f:5d

If you prefer the CA private key and X.509 certificate to be in binary DER format then just omit the --outform pem option. The directory /etc/swanctl/x509ca contains all required CA certificates either in binary DER or in Base64 PEM format. Irrespective of the file suffix the correct format will be determined by strongSwan automagically.

Generating a Host or User End Entity Certificate

Again we are using the command

pki --gen --type ed25519 --outform pem > moonKey.pem

to generate an Ed25519 private key for the host moon. Alternatively you could type

pki --gen --type rsa --size 3072 > moonKey.der

to generate a traditional 3072 bit RSA key and store it in binary DER format. As an alternative a TPM 2.0 Trusted Platform Module available on every recent Intel platform could be used as a virtual smartcard to securely store an RSA or ECDSA private key. For details, refer to the TPM 2.0 HOWTO.

In a next step the command

pki --req --type priv --in moonKey.pem \
          --dn "C=CH, O=strongswan, CN=moon.strongswan.org" \
          --san moon.strongswan.org --outform pem > moonReq.pem

creates a PKCS#10 certificate request that has to be signed by the CA. Through the [multiple] use of the --san parameter any number of desired subjectAlternativeNames can be added to the request. These can be of the form

--san sun.strongswan.org     # fully qualified host name
--san [email protected]   # RFC822 user email address
--san 192.168.0.1            # IPv4 address
--san fec0::1                # IPv6 address

Based on the certificate request the CA issues a signed end entity certificate with the following command

pki --issue --cacert strongswanCert.pem --cakey strongswanKey.pem \
            --type pkcs10 --in moonReq.pem --serial 01 --lifetime 1826 \
            --outform pem > moonCert.pem

If the --serial parameter with a hexadecimal argument is omitted then a random serial number is generated. Some third party VPN clients require that a VPN gateway certificate contains the TLS Server Authentication Extended Key Usage (EKU) flag which can be included with the following option

--flag serverAuth

If you want to use the dynamic CRL fetching feature described in one of the following sections then you may include one or several crlDistributionPoints in your end entity certificates using the --crl parameter

--crl  http://crl.strongswan.org/strongswan.crl
--crl "ldap://ldap.strongswan.org/cn=strongSwan Root CA, o=strongSwan,c=CH?certificateRevocationList"

The issued host certificate can be listed with

pki --print --in moonCert.pem

subject:  "C=CH, O=strongSwan, CN=moon.strongswan.org"
issuer:   "C=CH, O=strongSwan, CN=strongSwan Root CA"
validity:  not before May 19 10:28:19 2017, ok
           not after  May 19 10:28:19 2022, ok (expires in 1825 days)
serial:    01
altNames:  moon.strongswan.org
flags:     serverAuth
CRL URIs:  http://crl.strongswan.org/strongswan.crl
authkeyId: 2b:95:14:5b:c3:22:87:de:d1:42:91:88:63:b3:d5:c1:92:7a:0f:5d
subjkeyId: 60:9d:de:30:a6:ca:b9:8e:87:bb:33:23:61:19:18:b8:c4:7e:23:8f
pubkey:    ED25519 256 bits
keyid:     39:1b:b3:c2:34:72:1a:01:08:40:ce:97:75:b8:be:ce:24:30:26:29
subjkey:   60:9d:de:30:a6:ca:b9:8e:87:bb:33:23:61:19:18:b8:c4:7e:23:8f

Usually, a Windows, OSX, Android or iOS based VPN client needs its private key, its host or user certificate and the CA certificate. The most convenient way to load this information is to put everything into a PKCS#12 container:

openssl pkcs12 -export -inkey carolKey.pem \
               -in carolCert.pem -name "carol" \
               -certfile strongswanCert.pem -caname "strongSwan Root CA" \
               -out carolCert.p12

The strongSwan pki tool currently is not able to create PKCS#12 containers so that openssl must be used.

Generating a CRL

An empty CRL that is signed by the CA can be generated with the command

pki --signcrl --cacert strongswanCert.pem --cakey strongswanKey.pem \
              --lifetime 30 > strongswan.crl

If you omit the --lifetime option then the default value of 15 days is used. CRLs can either be uploaded to a HTTP or LDAP server or put in binary DER or Base64 PEM format into the /etc/swanctl/x509crl directory from where they are loaded into the charon daemon with the command

swanctl --load-creds

Revoking a Certificate

A specific end entity certificate is revoked with the command

pki --signcrl --cacert strongswanCert.pem --cakey strongswanKey.pem \
              --lifetime 30 --lastcrl strongswan.crl \
              --reason key-compromise --cert moonCert.pem > new.crl

Instead of the certificate file (in our example moonCert.pem), the serial number of the certificate to be revoked can be indicated using the --serial parameter. The pki --signcrl --help command documents all possible revocation reasons but the --reason parameter can also be omitted. The content of the new CRL file can be listed with the command

pki --print --type crl --in new.crl

issuer:   "C=CH, O=strongSwan, CN=strongSwan Root CA"
update:    this on May 19 11:13:01 2017, ok
           next on Jun 18 11:13:01 2017, ok (expires in 29 days)
serial:    02
authKeyId: 2b:95:14:5b:c3:22:87:de:d1:42:91:88:63:b3:d5:c1:92:7a:0f:5d
1 revoked certificate:
  01: May 19 11:13:01 2017, key compromise

Local Caching of CRLs

The strongswan.conf option

charon {
    cache_crls = yes
}

activates the local caching of CRLs that were dynamically fetched from an HTTP or LDAP server. Cached copies are stored in /etc/swanctl/x509crl using a unique filename formed from the issuer's subjectKeyIdentifier and the suffix .crl.

With the cached copy the CRL is immediately available after startup. When the local copy has become stale, an updated CRL is automatically fetched from one of the defined CRL distribution points during the next IKEv2 authentication.

strongswan's People

Contributors

airtower-luna avatar ebirger avatar fabled avatar geedo0 avatar gouault6wind avatar kensan avatar lkundrak avatar martinwilli avatar micah-morton avatar mjosaarinen avatar mpfeiffermway avatar mskalski avatar mtomaschewski avatar nissimadi avatar nomick avatar pemensik avatar reet- avatar rfrancoise avatar robinmccorkell avatar sbjorn avatar securitykernel avatar selsky avatar shlevy avatar spellingmistake avatar strongx509 avatar suishixingkong avatar supercodrut avatar thermi avatar thomasjfox avatar tobiasbrunner avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

alexgrin kagesys mikma spmadden hertus rks1121 richterger johncoronella agimsn fengye0316 olipro liuhangyu codeboten vinchu jpds-zz cjac atong leiyuan netklass tobiasbrunner hacklove174381115 xiverto chemhack needf kvjqzx shlevy sjas vtsingaras tydus samuelstrong zhanleewo dwlinux sbjorn tarakesh-ms benileo rklabs nkafei chinaunixer bronze1man duyamin andredasilvapinto fancyfon anbazhakan mohdahmad louxiu metaswitch singular78 radoslavlozanov weijiansheng theparerg chiforbogdan moistmoist networkmanager wiz dmsh rbgarga ttroy50 simudream heri16 peterwillcn m-schmoock gollub cjp256 fengyindiehun tito1337 nirmoy shield-firewall uraniid csakthikumar denisvm yiyihome galserg aveshagarwal sorah gaojs turkelb cameronmccord2 peterjeraldsaint prathyks zzbghost feilongyang y-cann guangbinw richiewoo thermi cocusag cshahani kapiladhikesavalu infotecs hong10 nishanthvasudevan fancymariusz yixiaoqingchen woda745 hanweimeng crossbuild supercodrut boydos manjurajv ntvis

strongswan's Issues

Could not build strong swan on OSX

Hi Team,

Please help me to fix this issue.

/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/include/mach/task.h:348:2: error:
too many arguments provided to function-like macro invocation
semaphore_t *semaphore,
^
../../../../src/libstrongswan/utils/compat/apple.h:35:9: note: macro
'semaphore_create' defined here
#define semaphore_create(x) strongswan_semaphore_create(x)

FreeBSD Start script default value fail

Hello together,

I found one issue after a new installation of strongswan version strongswan-5.9.2_1 under 12.2-RELEASE-p6.

The default value for strongswan_interface

in the comments we see following text:

#!/bin/sh
# Start or stop strongswan

# PROVIDE: strongswan
# REQUIRE: DAEMON
# BEFORE: LOGIN
# KEYWORD: shutdown

# strongswan_enable (bool):
#	Set it to "YES" to enable strongswan
#	Default is "NO"
# strongswan_interface (string):
#	Set the control interface to use.
#	Valid options are:
#	"stroke" for the old ipsec/startr interface
#	"vici" for the newer swanctl intrface
#	Default is "stroke"

but few lines later we see default value:

: ${strongswan_enable:=NO}
: ${strongswan_interface:="vici"}

the problem is we have not define this values in out /etc/rc.conf.d/strongswan so I was looking a long time, what happened at what change in the new version.

Could you change it back into the default?

Thanks a lot

Some test scenario are randomly failing with latest master

I was using Ubuntu 20.04, but the problem was happening during pull requests and was happening on Visual Studio 2019 build within AppVeyor.

One of the thread tests was randomly failing. I happened during pull requests and I fixed it by just reordering 1 line within the patch and force-pushed it. It apparently could not affect the failing test.

Steps to reproduce the behavior:
Try to create any pull request. As it seems to be random in time, maybe multiple pull request might be needed.

Expected behavior
No such failing tests will be happening

Logs/Backtraces
See AppVeyor

Additional context
N/A

Strongswan Responder rekey IKE, CHILD_SA rekey fails with INVALID_SPI alert

The scenario I am seeing is as follows:

  • client (initial Initiator) establishes IKE with IPSec SA
  • server (initial Responder) initiates CREATE_CHILD_SA request to Initiator successfully.
  • Some time later server (Responder) Initiates IKE Rekey request to client (initiator).
  • Rekey completes and roles of initiator and responder are now swapped. Client is now Responder and Server is now Initiator
  • Server (new Initiator) requests Rekey of CHILD_SA to client (new Responder)
  • Client (new responder) reply with CREATE_CHILD_SA response.
  • Server (new Initiator) reports checkout_by_message() fails due to INVALID_IKE_SPI
  • Initiator SPI and Responder SPI are correct in CREATE_CHILD_SA Rekey request/replys
  • after 4 seconds Server (new initiator) retransmits CREATE_CHILD_SA rekey request
  • client (new responder) responds and this time the server successfully checks out and processes the response

Strongswan 5.8.4 (confirmed in latest release as well)

Apr 7 20:10:14 10[JOB] watching 18 for reading
Apr 7 20:10:14 10[JOB] watcher going to poll() 6 fds
Apr 7 20:10:14 02[KNL] received a XFRM_MSG_EXPIRE
Apr 7 20:10:14 02[KNL] creating rekey job for CHILD_SA ESP/0xcdf894e8/20.129.3.210
Apr 7 20:10:14 02[MGR] checkout IKEv2 SA with SPIs a1a169042c232d2f_i 6ed6ea0e00000000_r
Apr 7 20:10:14 10[JOB] watcher got notification, rebuilding
Apr 7 20:10:14 10[JOB] watching 9 for reading
Apr 7 20:10:14 10[JOB] watching 15 for reading
Apr 7 20:10:14 10[JOB] watching 16 for reading
Apr 7 20:10:14 02[MGR] IKE_SA casa[2] successfully checked out
Apr 7 20:10:14 10[JOB] watching 17 for reading
Apr 7 20:10:14 10[JOB] watching 20 for reading
Apr 7 20:10:14 10[JOB] watching 18 for reading
Apr 7 20:10:14 10[JOB] watcher going to poll() 7 fds
Apr 7 20:10:14 02[IKE] <casa|2> queueing CHILD_REKEY task
Apr 7 20:10:14 02[IKE] <casa|2> activating new tasks
.
.
.
Apr 7 20:10:14 01[ENC] parsing HEADER payload finished
Apr 7 20:10:14 01[ENC] parsed a CREATE_CHILD_SA response header
Apr 7 20:10:14 01[NET] waiting for data on sockets
Apr 7 20:10:14 15[MGR] checkout IKEv2 SA by message with SPIs a1a169042c232d2f_i 6ed6ea0e00000000_r
Apr 7 20:10:14 15[IKE] ALERT: ALERT_INVALID_IKE_SPI RESPONSE message ID 0 reported with initiator SPI a1a169042c232d2f responder SPI 6ed6ea0e00000000 .
Apr 7 20:10:14 15[MGR] IKE_SA checkout not successful
.
.
.
Apr 7 20:10:18 12[JOB] got event, queuing job for execution
Apr 7 20:10:18 12[JOB] next event in 30s 7ms, waiting
Apr 7 20:10:18 14[MGR] checkout IKEv2 SA with SPIs a1a169042c232d2f_i 6ed6ea0e00000000_r
Apr 7 20:10:18 14[MGR] IKE_SA casa[2] successfully checked out
Apr 7 20:10:18 14[IKE] <casa|2> retransmit 1 of request with message ID 0
Apr 7 20:10:18 14[CFG] <casa|2> ALERT_RETRANSMIT_SEND for Initiator SPI a1a169042c232d2f and Responder SPI 6ed6ea0e00000000.
Apr 7 20:10:18 14[CFG] <casa|2> IKE 2 SK_EI: => 0 bytes @ (nil)
Apr 7 20:10:18 14[CFG] <casa|2> IKE 2 SK_ER: => 0 bytes @ (nil)
Apr 7 20:10:18 14[CFG] <casa|2> IKE 2 SK_AI: => 20 bytes @ 0x7fc8380051b0
Apr 7 20:10:18 14[CFG] <casa|2> 0: A2 07 E7 9B 1D 48 A8 EA 85 EB 9B 7C AA 4B 62 4C .....H.....|.KbL
Apr 7 20:10:18 14[CFG] <casa|2> 16: 4A 34 BC 63 J4.c
Apr 7 20:10:18 14[CFG] <casa|2> IKE 2 SK_AR: => 20 bytes @ 0x7fc8380051d0
Apr 7 20:10:18 14[CFG] <casa|2> 0: 2E 74 91 EF DB 0E 18 B2 41 95 44 C1 01 CB DC D1 .t......A.D.....
Apr 7 20:10:18 14[CFG] <casa|2> 16: AF F3 5A 07 ..Z.
Apr 7 20:10:18 14[NET] <casa|2> sending packet: from 20.129.3.210[4500] to 20.128.3.189[10000] (393 bytes)
Apr 7 20:10:18 14[MGR] <casa|2> checkin IKE_SA casa[2]
Apr 7 20:10:18 12[JOB] next event in 7s 199ms, waiting
Apr 7 20:10:18 14[MGR] <casa|2> checkin of IKE_SA successful
Apr 7 20:10:18 13[NET] sending packet: from 20.129.3.210[4500] to 20.128.3.189[10000]
Apr 7 20:10:18 01[NET] received packet => 193 bytes @ 0x7fc8646274c0
.
.
.

Apr 7 20:10:18 01[ENC] parsing HEADER payload finished
Apr 7 20:10:18 01[ENC] parsed a CREATE_CHILD_SA response header
Apr 7 20:10:18 01[NET] waiting for data on sockets
Apr 7 20:10:18 05[MGR] checkout IKEv2 SA by message with SPIs a1a169042c232d2f_i 6ed6ea0e00000000_r
Apr 7 20:10:18 05[MGR] IKE_SA casa[2] successfully checked out
Apr 7 20:10:18 05[NET] <casa|2> received packet: from 20.128.3.189[10000] to 20.129.3.210[4500] (189 bytes)
Apr 7 20:10:18 05[ENC] <casa|2> parsing body of message, first payload is ENCRYPTED

Due to proprietary messages and logs in the Strongswan logs and packet captures I would prefer not to post those in full here but can provide them securely if needed.

Android/FireTV stick: on-screen keyboard doesn't show up on some fields

System (please complete the following information):

  • OS: Amazon Fire OS 5.2.7.8 (664657720), Fire TV Home Version 6242057.1
  • Kernel version (if applicable): Fire TV Stick - 2nd Gen (2016-2019), AFTT, Android Level 22 (Android 5.1)
  • strongSwan version(s): 2.3.2
  • Tested/confirmed with the latest version: yes

Describe the bug
Using strongswan app (2.3.2) on FireTV stick, using the remote control to switch between the fields, the on-screen keyboard doesn't show up on Server or Client identity nor on the Profile name fields.
This is an issue for users using FireTV stick, as there is no way to connect the USB keyboard to it, unlike FireTV which has the usb port.

To Reproduce
Steps to reproduce the behavior:

  1. Create a new VPN account
  2. input all the relevant information using the on-screen keyboard
  3. use the right arrow on the remote control to switch the fields, pressing the middle button to activate the keyboard
  4. get to the Server identity under Advanced settings, the cursor is blinking, but clicking on the middle button does nothing, the on-screen keyboard doesn't show up

image
image

Expected behavior
using the middle button on the Amazon FireTV stick should activate the on-screen keyboard on all the text input fields.

image

Logs/Backtraces
If applicable, add logs or backtraces to help explain your problem.

Additional context
Add any other context about the problem here.

Many web sites can not be reached

System (please complete the following information):

  • OS: Arch Linux
  • Kernel version (if applicable): 5.13.12-arch1-1
  • strongSwan version(s): Linux strongSwan U5.9.3/K5.13.12-arch1-1
  • Tested/confirmed with the latest version: yes

Describe the bug
I use Strongswan to use NordVPN services. Many websites could not be accessed. It took me 2 months to find a solution, which I will share with you. Web sites which could not be accessed when the VPN was on: gmail, gmx, duolingo, cerego, linkedin, scmp (and probably many others, those are just what I personally use). After discussions on the archlinux forum, someone finally helped me with a solution: lower the MTU. I tried different values, the highest value beyond which the websites were no longer accessible was 1490. Concretely, I created a rules file in /etc/udev/rules.d/ (which I named 10-network.rules) with the following content:
ACTION=="add", SUBSYSTEM=="net", ATTR{mtu}="1490"
By just doing this, all websites can be accessed without any problem.

tpm plugin is not loaded with a monolitic version of charon

System

  • OS: Ubuntu 18.04.3
  • strongSwan version(s): 5.8.4
  • Tested/confirmed with the latest version: yes

Describe the bug
When ./configure includes --enable-tss-tss2 --enable-tpm with --enable-monolithic the tpm plugin is not loaded. Without any error message; it's simply ignored. I believe this is because in its monolithic version the charon knows nothing about this plugin, because a code like this is missing from src/libcharon/Makefile.am:

if USE_TPM
if MONOLITHIC
  libcharon_la_LIBADD += $(top_builddir)/src/libtpmtss/libtpmtss.la
endif
endif

In fact, adding this code solved this issue for me.

To Reproduce
Steps to reproduce the behavior:

  1. ./configure with --enable-tss-tss2 --enable-tpm with --enable-monolithic
  2. build and run charon

Expected behavior
A log message that the tpm plugin was loaded

2021-03-10 13:23:09 charon: 00[LIB] loaded plugins: ... tpm ...

Unable to use HMAC/PRF via openssl plugin when used in FIPS-mode with strongSwan 5.8.2 and newer

Discussed in #515

Originally posted by tobiasbrunner Aug 16, 2021
The openssl plugin announces support for PRF_HMAC_SHA2_256. However, creating an instance fails. Since 5.8.2, to ensure HMAC implementations are actually functional, HMAC_Init_ex() is called from the constructor by setting a key. However, that key is the empty string. So this consistently fails due to the length limit that's apparently enforced in FIPS-mode (I wasn't aware of that, is that documented anywhere or configurable?).

Strangely, that patch was done because someone used OpenSSL in FIPS mode and instantiating HMAC-MD5 worked only to fail later when actually using it, so it was not possible to fallback to the hmac plugin during construction (the use case there was RADIUS, which requires HMAC-MD5).

I guess we could use a longer key for the initialization, I pushed such a change to the 515-openssl-hmac-fips branch.

Log messages for received DHCP messages in the context of the corresponding IKE_SA

System (please complete the following information):

  • OS: Debian 11
  • strongSwan version(s): 5.9.2
  • Tested/confirmed with the latest version: no

Describe the bug
There are still a few lines in the log file not showing a SA or child SA, eg

May 27 20:41:14 20[CFG1] received DHCP OFFER 172.19.103.38 from 172.19.96.123
May 27 20:41:14 24[CFG1] received DHCP ACK for 172.19.103.38
May 27 20:44:28 22[CFG1] received DHCP OFFER 172.19.97.106 from 172.19.96.123
May 27 20:44:28 11[CFG1] received DHCP ACK for 172.19.97.106
May 27 20:48:25 24[CFG1] received DHCP OFFER 172.19.97.103 from 172.19.96.123
May 27 20:48:25 10[CFG1] received DHCP ACK for 172.19.97.103
May 27 20:51:22 10[CFG1] received DHCP OFFER 172.19.103.21 from 172.19.96.123
May 27 20:51:22 14[CFG1] received DHCP ACK for 172.19.103.21
May 27 20:52:03 31[KNL1] creating rekey job for CHILD_SA ESP/0xc24eb341/3.121.12.16
May 27 20:52:17 22[CFG1] received DHCP OFFER 172.19.103.21 from 172.19.96.124
May 27 20:52:17 11[CFG1] received DHCP ACK for 172.19.103.21
May 27 20:55:47 05[CFG1] received DHCP OFFER 172.19.97.243 from 172.19.96.123
May 27 20:55:47 06[CFG1] received DHCP ACK for 172.19.97.243
May 27 20:59:32 05[CFG1] received DHCP OFFER 172.19.97.85 from 172.19.96.123
May 27 20:59:32 06[CFG1] received DHCP ACK for 172.19.97.85
May 27 21:03:38 12[CFG1] received DHCP OFFER 172.19.100.163 from 172.19.96.124
May 27 21:03:38 21[CFG1] received DHCP ACK for 172.19.100.163
May 27 21:04:15 24[CFG1] received DHCP OFFER 172.19.97.103 from 172.19.96.123
May 27 21:04:15 13[CFG1] received DHCP ACK for 172.19.97.103
May 27 21:09:23 28[KNL1] creating rekey job for CHILD_SA ESP/0x0c0a8ee9/62.158.101.217
May 27 21:10:52 18[CFG1] received DHCP OFFER 172.19.103.38 from 172.19.96.123
May 27 21:10:52 13[CFG1] received DHCP ACK for 172.19.103.38
May 27 21:10:52 27[CFG1] received DHCP OFFER 172.19.100.163 from 172.19.96.123
May 27 21:10:52 12[CFG1] received DHCP ACK for 172.19.100.163
May 27 21:12:30 04[NET1] error writing to socket: Operation not permitted
May 27 21:12:34 04[NET1] error writing to socket: Operation not permitted
May 27 21:12:41 04[NET1] error writing to socket: Operation not permitted
May 27 21:12:54 04[NET1] error writing to socket: Operation not permitted
May 27 21:13:18 04[NET1] error writing to socket: Operation not permitted
May 27 21:14:00 04[NET1] error writing to socket: Operation not permitted
May 27 21:16:55 07[CFG1] received DHCP OFFER 172.19.100.183 from 172.19.96.123
May 27 21:16:55 11[CFG1] received DHCP ACK for 172.19.100.183
May 27 21:17:52 08[CFG1] received DHCP OFFER 172.19.103.30 from 172.19.96.123
May 27 21:17:52 24[CFG1] received DHCP ACK for 172.19.103.30
May 27 21:20:07 18[CFG1] received DHCP OFFER 172.19.97.103 from 172.19.96.123
May 27 21:20:07 13[CFG1] received DHCP ACK for 172.19.97.103

or

May 27 10:58:14 04[NET2] sending packet: from 10.145.142.17[4500] to 10.145.142.13[50894]
May 27 10:58:15 03[NET2] received packet: from 3.121.12.16[4500] to 10.145.142.17[4500]
May 27 10:58:15 03[NET2] waiting for data on sockets
May 27 10:58:15 04[NET2] sending packet: from 10.145.142.17[4500] to 3.121.12.16[4500]
May 27 10:58:16 03[NET2] received packet: from 80.187.103.210[6358] to 10.145.142.17[4500]
May 27 10:58:16 03[NET2] waiting for data on sockets
May 27 10:58:16 04[NET2] sending packet: from 10.145.142.17[4500] to 80.187.103.210[6358]
May 27 10:58:18 03[NET2] received packet: from 81.243.33.167[4500] to 10.145.142.17[4500]
May 27 10:58:18 03[NET2] waiting for data on sockets
May 27 10:58:18 04[NET2] sending packet: from 10.145.142.17[4500] to 81.243.33.167[4500]
May 27 10:58:18 03[NET2] received packet: from 2001:db8:1011:7b80:cd26:6327:c901:25c4[4500] to 2001:db8:13b0:ffff::63[4500]
May 27 10:58:18 03[NET2] waiting for data on sockets
May 27 10:58:18 04[NET2] sending packet: from 2001:db8:13b0:ffff::63[4500] to 2001:db8:1011:7b80:cd26:6327:c901:25c4[4500]
May 27 10:58:19 03[NET2] received packet: from 92.209.46.126[4500] to 10.145.142.17[4500]
May 27 10:58:19 03[NET2] waiting for data on sockets
May 27 10:58:19 04[NET2] sending packet: from 10.145.142.17[4500] to 92.209.46.126[4500]

This makes it very difficult to find out to which connection these lines belong.

To Reproduce

egrep -v '<.*>' /var/log/charon.log

Expected behavior
All log file lines should look like

May 27 21:32:23 11[NET1] <1165> received packet: from 10.0.207.116[64861] to 10.145.142.17[500] (432 bytes)
May 27 21:32:23 11[ENC1] <1165> parsed IKE_SA_INIT request 0 [ SA KE No N(REDIR_SUP) N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) ]
May 27 21:32:23 11[IKE0] <1165> 10.0.207.116 is initiating an IKE_SA
May 27 21:32:23 11[IKE2] <1165> IKE_SA (unnamed)[1165] state change: CREATED => CONNECTING
May 27 21:32:23 11[CFG1] <1165> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
May 27 21:32:23 11[IKE1] <1165> remote host is behind NAT
May 27 21:32:23 11[IKE2] <1165> sending strongSwan vendor ID
;
;
May 27 21:32:24 05[ENC1] <IPSec-IKEv2|1165> generating IKE_AUTH response 1 [ IDr CERT CERT AUTH CPRP(ADDR DNS DNS NBNS U_DEFDOM U_SPLITDNS DNS DNS NBNS) SA TSi TSr N(AUTH_LFT) N(MOBIKE_SUP) N(ADD_6_ADD>
May 27 21:32:24 05[ENC1] <IPSec-IKEv2|1165> splitting IKE message (4112 bytes) into 4 fragments
May 27 21:32:24 05[ENC1] <IPSec-IKEv2|1165> generating IKE_AUTH response 1 [ EF(1/4) ]
May 27 21:32:24 05[ENC1] <IPSec-IKEv2|1165> generating IKE_AUTH response 1 [ EF(2/4) ]
May 27 21:32:24 05[ENC1] <IPSec-IKEv2|1165> generating IKE_AUTH response 1 [ EF(3/4) ]
May 27 21:32:24 05[ENC1] <IPSec-IKEv2|1165> generating IKE_AUTH response 1 [ EF(4/4) ]
May 27 21:32:24 05[NET1] <IPSec-IKEv2|1165> sending packet: from 10.145.142.17[4500] to 10.0.207.116[64859] (1236 bytes)
May 27 21:32:24 05[NET1] <IPSec-IKEv2|1165> sending packet: from 10.145.142.17[4500] to 10.0.207.116[64859] (1236 bytes)
May 27 21:32:24 05[NET1] <IPSec-IKEv2|1165> sending packet: from 10.145.142.17[4500] to 10.0.207.116[64859] (1236 bytes)
May 27 21:32:24 05[NET1] <IPSec-IKEv2|1165> sending packet: from 10.145.142.17[4500] to 10.0.207.116[64859] (612 bytes)
May 27 21:33:51 24[NET1] <IPSec-IKEv2|1165> received packet: from 10.0.207.116[64859] to 10.145.142.17[4500] (144 bytes)
;
;

show generated MAC address for farp/dhcp plugin

It would be very nice if the charon.log file could show the generated MAC address in the "sending DHCP DISCOVER to 255.255.255.255" lines. This could help to resolve problems, if there is a static mapping between MAC address and IP address configured on the DHCP server. It also helps to find duplicate MAC addresses, e.g. due to a reused key file (just by accident, of course).

GRE key support

Right now, the code in vici_config.c does not support any GRE keys in dotted quad notation or over 2^16-1 because they are treated exactly like port numbers of tcp and gre. GRE keys are 32 bit in size and can be specified in numerical, or dotted quad notiation.

Strongswan build failing

System (please complete the following information):

  • OS: Centos7
  • Kernel version (if applicable): 4.4.0-64-generic
  • strongSwan version(s): 5.8.4
  • Tested/confirmed with the latest version: yes

Describe the bug
This was working fine when built on 3rd May 2021.
While building Strongswan, installing (install-exec-local) vici plugin is failing with below error:

Processing dependencies for vici==5.8.4
Searching for vici==5.8.4
Reading https://pypi.python.org/simple/vici/
Couldn't find index page for 'vici' (maybe misspelled?)

To Reproduce
Steps to reproduce the behavior:

  1. This is a build/install time error verified on Release 5.8.4, but same issue should be there on other tags/branches
  2. When strongswan install vici it fails with error
  3. To be very specific of the error, we can do '/usr/bin/easy_install dist/vici-5.8.4-py3.6.egg' in 'strongswan/src/libcharon/plugins/vici/python':
# pwd
/tmp/build/strongswan/src/libcharon/plugins/vici/python

# /usr/bin/easy_install dist/vici-5.8.4-py3.6.egg
Processing vici-5.8.4-py3.6.egg
Removing /usr/lib/python2.7/site-packages/vici-5.8.4-py3.6.egg
Copying vici-5.8.4-py3.6.egg to /usr/lib/python2.7/site-packages
vici 5.8.4 is already the active version in easy-install.pth

Installed /usr/lib/python2.7/site-packages/vici-5.8.4-py3.6.egg
Processing dependencies for vici==5.8.4
Searching for vici==5.8.4
Reading https://pypi.python.org/simple/vici/
Couldn't find index page for 'vici' (maybe misspelled?)
Scanning index of all packages (this may take a while)
Reading https://pypi.python.org/simple/
No local packages or download links found for vici==5.8.4
error: Could not find suitable distribution for Requirement.parse('vici==5.8.4')

Expected behavior

Strongswan install should pass

Logs/Backtraces

**Logs from strongswan install:**
creating /tmp/build/strongswan/src/libcharon/plugins/vici/python/dist
creating '/tmp/build/strongswan/src/libcharon/plugins/vici/python/dist/vici-5.8.4-py3.6.egg' and adding '/tmp/build/strongswan/src/libcharon/plugins/vici/python/build' to it
removing '/tmp/build/strongswan/src/libcharon/plugins/vici/python/build' (and everything under it)
make[7]: Entering directory `/tmp/build/strongswan/src/libcharon/plugins/vici/python'
/usr/bin/easy_install  \
        dist/vici-5.8.4-py3.6.egg
make[7]: Nothing to be done for `install-data-am'.
Processing vici-5.8.4-py3.6.egg
Copying vici-5.8.4-py3.6.egg to /usr/lib/python2.7/site-packages
Adding vici 5.8.4 to easy-install.pth file

Installed /usr/lib/python2.7/site-packages/vici-5.8.4-py3.6.egg
Processing dependencies for vici==5.8.4
Searching for vici==5.8.4
Reading https://pypi.python.org/simple/vici/
Couldn't find index page for 'vici' (maybe misspelled?)
Scanning index of all packages (this may take a while)
Reading https://pypi.python.org/simple/
No local packages or download links found for vici==5.8.4
error: Could not find suitable distribution for Requirement.parse('vici==5.8.4')
make[7]: Leaving directory `/tmp/build/strongswan/src/libcharon/plugins/vici/python'
make[7]: *** [insive] Error 1
make[4]: *** [install-recursive] Error 1
make[4]: Leaving directory `/tmp/build/strongswan/src/libcharon'
make[3]: *** [install] Error 2
make[3]: Leaving directory `/tmp/build/strongswan/src/libcharon'
make[2]: *** [install-recursive] Error 1
make[2]: Leaving directory `/tmp/build/strongswan/src'
make[1]: *** [install-recursive] Error 1
make[1]: Leaving directory `/tmp/build/strongswan'
make: *** [install] Error 2

Additional context
Add any other context about the problem here.

IKEV1: lost child_sa after ike_sa reauth

System:

  • OS: Ubuntu 20.04.2 LTS (Focal Fossa)
  • Kernel version: 5.8.0-50-generic
  • strongSwan version(s): 5.9.2
  • Tested/confirmed with the latest version: [yes]

Describe the bug
I have two same ubuntu system running Strongswan 5.9.2(net to net with psk), and establishs IPSec SA in tunnel mode. I am very likely encounter this issue which moon (initiator) gets new ike_sa and child_sa after ike reauth , but sun only get ike_sa (the same with moon), without any child_sa.

Everything workes fine with IKEV2.

To Reproduce
Steps to reproduce the behavior:

  1. net-net establishs IPSec tunnel with IKEV1
  2. check SA establish right, w
    moon_charon.log
    sun_charon.log

ait until ike_sa reauth
3. swanctl --list-sas to show sun lost child_sa

moon and sun share the same strongswn.conf below

charon {
	load_modular = yes
	plugins {
		include strongswan.d/charon/*.conf
	}
    filelog {
        charon {
            path = /root/charon.log
            time_format = %b %e %T
            ike_name = yes
            append = no
            default = 4
            flush_line = yes
        }
    }
}

include strongswan.d/*.conf

moon swanctl.conf below

connections {
   gw-gw {
      local_addrs  = 10.0.3.100
      remote_addrs = 10.0.3.200

      local {
         auth = psk
         id = moon.strongswan.org
      }
      remote {
         auth = psk
         id = sun.strongswan.org
      }
      children {
         net-net {
            local_ts  = 5.5.5.0/24
            remote_ts = 7.7.7.0/24

            rekey_time = 60
            rekey_bytes = 500000000
            rekey_packets = 1000000
            esp_proposals = aes128gcm128-x25519
         }
      }
      version = 1
      mobike = no
      reauth_time = 120
      proposals = aes128-sha256-x25519
   }
}
secrets {
   ike-3 {
      id-3a = moon.strongswan.org
      id-3b =sun.strongswan.org
      secret = 0sv+NkxY9LLZvwj4qCC2o/gGrWDF2d21jL
   }
}
include conf.d/*.conf

sun barely the same:

connections {
   gw-gw {
      local_addrs  = 10.0.3.200
      remote_addrs = 10.0.3.100
      local {
         auth = psk
         id = sun.strongswan.org
      }
      remote {
         auth = psk
         id = moon.strongswan.org
      }
      children {
         net-net {
            local_ts  = 7.7.7.0/24
            remote_ts = 5.5.5.0/24

            rekey_time = 60
            rekey_bytes = 500000000
            rekey_packets = 1000000
            esp_proposals = aes128gcm128-x25519
         }
      }
      version = 1
      mobike = no
      reauth_time = 120
      proposals = aes128-sha256-x25519
   }
}
secrets {
   ike-1 {
      id-moon = moon.strongswan.org
      id-sun =sun.strongswan.org
      secret = 0sv+NkxY9LLZvwj4qCC2o/gGrWDF2d21jL
   }
}
include conf.d/*.conf

Expected behavior
Moon and sun stay with the same ike_sa and child_sa

Logs/Backtraces

  1. moon SA check after established
    image
    sun SA check after established
    image
  2. SA in moon after reauth
    image
    SA in sun after reauth
    image

Additional context

  1. Log in attached files which named moon_charon.log and sun_charon.log respectively.
  2. Build strongswan with ./configure --disable-gmp --disable-shared --enable-static --enable-monolithic --disable-stroke

Thanks.

charon crash when starting on boot and using Linux CLOCK_MONOTONIC source.

System (please complete the following information):

  • OS: Linux (Yocto Poky v3.1)
  • Kernel version (if applicable): 5.4
  • strongSwan version(s): 5.9.1
  • Tested/confirmed with the latest version: no

Describe the bug
charon crashes with a divide error if started within 1 second of system uptime, when the Linux CLOCK_MONOTONIC source is used.

To Reproduce
Steps to reproduce the behavior:

  1. Ensure charon is built to use the Linux CLOCK_MONOTONIC source (the default as I understand). This clock starts at system boot time (see Documentation/core-api/timekeeping.rst in the Linux 5.4 source tree).
  2. Start charon on boot, within one second of the kernel starting.

Expected behavior
charon starts successfully.

Logs/Backtraces
charon crashes, producing a kernel log similar to the following:

traps: charon[427] trap divide error ip:7fd81d4fbf60 sp:7ffc877c2a10 error:0 in libcharon.so.0.0.0[7fd81d4de000+62000]

Additional context
I've traced the crash to receiver_create() (src/libcharon/network/receiver.c). This calls time_monotonic(NULL), which returns 0 in this case (i.e. the monotonic clock source reports 0 seconds). I've added custom logging in my builds to confirm this. This then leads to a divide error when the following expression is evaluated (as now is 0):

.secret_offset = random() % now,

I can avoid this crash with the following change to force secret_offset to 0 if now is 0:

.secret_offset = (now == 0) ? 0 : random() % now,

However, I'm not sure if having secret_offset set to 0 then negates its purpose ("hides our system time"). I also see that secret_offset can be set to 0 if the monotonic clock source reports a non-zero but small seconds value (e.g. 1). I'm using strongSwan 5.9.1, but the code involved appears to be the same on master.

Is having secret_offset set to 0 a problem? If not, and my change above is acceptable, then I'd be happy to raise a PR for this change. Otherwise, might a bigger change be needed here?

settings_parser error and ndk-build'' finished with non-zero exit value 2

  • OS: [e.g. MacOS big sur 11.3 Beta]
  • strongSwan version(s): 5.9.2
  • Tested/confirmed with the latest version: yes

** Description **

i was following the documentation for android client build

but after the command
$ make dist
the below error appeared

/Users/mac/Projects/VpnProject/strongswan/src/libstrongswan/settings/settings_parser.y:67.9-19: syntax error, unexpected identifier, expecting string
make[5]: *** [settings/settings_parser.c] Error 1
make[4]: *** [distdir-am] Error 1
make[3]: *** [distdir] Error 2
make[2]: *** [distdir-am] Error 1
make[1]: *** [distdir] Error 2
make: *** [dist] Error 2

and when i try to make the project

> Task :app:buildNative FAILED
fcntl(): Bad file descriptor
Android NDK: WARNING: APP_PLATFORM android-19 is higher than android:minSdkVersion 1 in /Users/mac/Projects/VpnProject/strongswan/src/frontends/android/app/src/main/AndroidManifest.xml. NDK binaries will *not* be compatible with devices older than android-19. See https://android.googlesource.com/platform/ndk/+/master/docs/user/common_problems.md for more information.    
/Users/mac/Library/Android/sdk/ndk/21.0.6113669/build/core/build-binary.mk:651: Android NDK: Module strongswan depends on undefined modules: crypto_static    
/Users/mac/Library/Android/sdk/ndk/21.0.6113669/build/core/build-binary.mk:664: *** Android NDK: Note that old versions of ndk-build silently ignored this error case. If your project worked on those versions, the missing libraries were not needed and you can remove those dependencies from the module to fix your build. Alternatively, set APP_ALLOW_MISSING_DEPS=true to allow missing dependencies.    .  Stop.

Execution failed for task ':app:buildNative'.
> Process 'command '/Users/mac/Library/Android/sdk/ndk/21.0.6113669/ndk-build'' finished with non-zero exit value 2

i need help

load-

System (please complete the following information):

  • OS: Debian GNU/Linux 9.13 (stretch)
  • Kernel version 4.9.0-15-amd64
  • strongSwan version(s): 5.7.2
  • Tested/confirmed with the latest version: no

Describe the bug
Since a long time and versions I failed with load-tester against cisco asa and get also in deep debbugging only some parameter is invalid, imm. after
charon: 06[ENC] generating IKE_AUTH request 1 [ IDi CERT N(INIT_CONTACT) CERTREQ IDr AUTH CPRQ(ADDR ADDR6 DNS DNS6) SA TSi TSr N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]

To Reproduce
Steps to reproduce the behavior:
run loadtest with

load-tester {
# enable the plugin
enable = yes
fake_kernel = no
initiators = 1
iterations = 1
delay = 0
responder = 192.168.106.1
responder_auth = pubkey
responder_id = "C=de, , CN=moon"
initiator_auth = pubkey
initiator_id = 999999999992%004d
initiator_match = *
initiator_tsi = %config
initiator_tsr = 10.245.0.0/16
issuer_key = /etc/ipsec.d/private/load.der
digest = sha384
issuer_cert = /etc/ipsec.d/aacerts/caCert.der
ca_dir = /etc/ipsec.d/cacerts/
proposal = aes256-sha256-prfsha1-modp2048
esp = aes256-sha256-modp2048
request_virtual_ip = yes
ike_rekey = 172800
# enable CHILD_SA every 3600s
child_rekey = 3600
delete_after_established = no
shutdown_when_complete = no

    }

Expected behavior
should establish a connection like the simple peer connection

conn asa0
right=192.168.106.1
rightid="C=de, L=DATEV-Zentrale, O=datev, CN=dnet.vpn.qs.datev.de, unstructuredName=risavpn01-qs.infra.dvint.de"
rightsubnet=10.245.0.0/16
rightauth=pubkey
left=192.168.106.3
leftsourceip=%config
leftcert=/etc/ipsec.d/acerts/peer.der
auto=add
keyexchange=ikev2
ike=aes256-sha256-prfsha1-modp2048
# CHILD_SA proposal to use for load tests.
esp=aes256-sha256-modp2048
modeconfig = push
ikelifetime = 172800s
keylife = 3600s
mobike = no

Logs/Backtraces
If applicable, add logs or backtraces to help explain your problem.
Jun 23 12:17:16 risasrv01-qs charon: 05[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) N(REDIR_SUP) ]
Jun 23 12:17:16 risasrv01-qs charon: 05[NET] sending packet: from 192.168.106.3[500] to 192.168.106.1[500] (456 bytes)
Jun 23 12:17:16 risasrv01-qs charon: 08[NET] received packet: from 192.168.106.1[500] to 192.168.106.3[500] (719 bytes)
Jun 23 12:17:16 risasrv01-qs charon: 08[ENC] parsed IKE_SA_INIT response 0 [ SA KE No V V N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) V ]
Jun 23 12:17:16 risasrv01-qs charon: 08[IKE] received Cisco Delete Reason vendor ID
Jun 23 12:17:16 risasrv01-qs charon: 08[IKE] received Cisco Copyright (c) 2009 vendor ID
Jun 23 12:17:16 risasrv01-qs charon: 08[IKE] received FRAGMENTATION vendor ID
Jun 23 12:17:16 risasrv01-qs charon: 08[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA1/MODP_2048
Jun 23 12:17:16 risasrv01-qs charon: 08[IKE] received cert request for "C=DE, *****"
Jun 23 12:17:16 risasrv01-qs charon: 08[IKE] received cert request for "C=DE, ****"
Jun 23 12:17:16 risasrv01-qs charon: 08[IKE] received 5 cert requests for an unknown ca
Jun 23 12:17:16 risasrv01-qs charon: 08[IKE] sending cert request for "C=DE, ****"
Jun 23 12:17:16 risasrv01-qs charon: 08[IKE] sending cert request for "C=DE, ****"
Jun 23 12:17:16 risasrv01-qs charon: 08[IKE] authentication of '9999999999920001' (myself) with RSA signature successful
Jun 23 12:17:16 risasrv01-qs charon: 08[IKE] sending end entity cert "CN=9999999999920001"
Jun 23 12:17:16 risasrv01-qs charon: 08[IKE] establishing CHILD_SA load-test{1}
Jun 23 12:17:16 risasrv01-qs charon: 08[ENC] generating IKE_AUTH request 1 [ IDi CERT N(INIT_CONTACT) CERTREQ IDr AUTH CPRQ(ADDR ADDR6 DNS DNS6) SA TSi TSr N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Jun 23 12:17:16 risasrv01-qs charon: 08[NET] sending packet: from 192.168.106.3[500] to 192.168.106.1[500] (2368 bytes)
Jun 23 12:17:20 risasrv01-qs charon: 10[IKE] retransmit 1 of request with message ID 1
Jun 23 12:17:20 risasrv01-qs charon: 10[NET] sending packet: from 192.168.106.3[500] to 192.168.106.1[500] (2368 bytes)

Additional context
Add any other context about the problem here.

Don't know some parameter are not available for loadtest (modeconfig ?) , Additional there seems a new dual stack option. I provided an IPv6 pool/DNS6 servers too on the gateway , but it doesnt help. Thats the only difference I see regarding the working single peer config

Update Required Kernel Modules list.

As of Kernel 5.2 these options are builtin, and no longer found in the Kernel config options:

-IP: IPsec transport mode [CONFIG_INET_XFRM_MODE_TRANSPORT]
-IP: IPsec tunnel mode [CONFIG_INET_XFRM_MODE_TUNNEL]
-IP: IPsec BEET mode [CONFIG_INET_XFRM_MODE_BEET]
-IPv6: IPsec transport mode [CONFIG_INET6_XFRM_MODE_TRANSPORT]
-IPv6: IPsec tunnel mode [CONFIG_INET6_XFRM_MODE_TUNNEL]
-IPv6: IPsec BEET mode [CONFIG_INET6_XFRM_MODE_BEET]

It would be helpful to add a note to the wiki that those options are not needed to be enabled for Kernel 5.2+

Android TV

Hi, is it possible to build this for Android TV for easy compatibility with the NVidia Shield, or MiBox for instance? It is no longer available on the android tv play store and has to be side-loaded. It then of course can not be easily accessed through an icon.. (leanback icon issue if my Googling is correct)

Cheers
Steve

how to debug strongswan when use UDP Encapsulation of ESP (NAT-T) ?

I'm managing to use ipsec transport mode on router and client access the l2tp vpn server from the other router .
Topology is like below:
Router A (wan + l2tp server) ---- (wan)Router B (lan)---- PC

Now the problem I'm facing is that PC could build ipsec with Router A, but the ESP packet received on Router A is missing, or dopped by strongswan.
I have add debug on kernel udp handling and l2tp server, the packet is received by in kernel, but l2tp server not received.
So my infer is that strongswan on Router A is not working right.

  1. is there any config that MUST be used when using ipsec nat-t function ?
  2. what does strongswan do when receiving the udp encapsulation packet ?
  3. in which file or function does strongswan handling the packet relay ?
    Thanks.

Stale Block policy in Charon and Kernel SPD.

System (please complete the following information):**

  • OS: CentOS 7
  • Kernel version (if applicable): [3.10]
  • strongSwan version(s): [5.6.3]
  • Tested/confirmed with the latest version: [no]

Describe the bug
Unable to install IPsec policies (SPD) in kernel, due to stale block policy in SPD.

I have N systems running Strongswan 5.6.3 (Host-A to Host-N and Security-GW), and establishes IPSec SA in tunnel mode, we recently encounter this issue and was seen only 3 times. where the Host-X is unable to install a SA unless the TSi is changed on the Host-X.

To Reproduce
Steps to reproduce the behavior:

  1. Host-X establishes IPSec tunnel to Security-GW.
  2. Host-X loses connectivity.
  3. Host-X keeps retrying and reboots if not successfully in establishing the tunnel.
  4. Security-GW terminates the tunnel due to DPD (60 Secs) after 2 retransmissions of DPD request.
  5. Host-X get to successfully authenticates with Security-GW using pubkey, but fails to install out policy, due to presence of stale out block policy for the same TSi-TSr.

Expected behavior
Host-X must be able to succefully install all the policy and no stale block policy must be present, across multiple make-break tunnels from any host on Security-GW.

Logs/Backtraces
2021-03-18T09:38:12.036432-07:00 Sec-GW ipsec-charon: 47[IKE-AUDIT(0)] 10.212.200.43 is initiating an IKE_SA
2021-03-18T09:38:12.036732-07:00 Sec-GW ipsec-charon: 47[IKE-CTRL(1)] IKE_SA 17IPsecTunnelServer_ipsec[19401] [952952558d60c5a2_i-cf6f41544586d606_r] between 10.212.202.4[500] to 10.212.200.43[500] state change: CREATED => CONNECTING
2021-03-18T09:38:12.052549-07:00 Sec-GW ipsec-charon: 47[IKE-CTRL(1)] remote host is behind NAT
2021-03-18T09:38:12.375652-07:00 Sec-GW ipsec-charon: 63[IKE-CTRL(1)] received end entity cert "C=US, ST=New Hampshire, L=Nashua, OU=Engineering, CN=40000870.host.net"
2021-03-18T09:38:12.375936-07:00 Sec-GW ipsec-charon: 63[CFG-CTRL(1)] looking for peer configs matching 10.212.202.4[%any]...10.212.200.43[C=US, ST=New Hampshire, L=Nashua, OU=Engineering, CN=40000870.host.net]
2021-03-18T09:38:12.377273-07:00 Sec-GW ipsec-charon: 63[CFG-CTRL(1)] using certificate "C=US, ST=New Hampshire, L=Nashua, OU=Engineering, CN=40000870.host.net"
2021-03-18T09:38:12.377541-07:00 Sec-GW ipsec-charon: 63[CFG-CTRL(1)] using trusted ca certificate "C=US, ST=New Hampshire, OU=Engineering, CN=ca.host.net, E=[email protected]"
2021-03-18T09:38:12.377805-07:00 Sec-GW ipsec-charon: 63[CFG-CTRL(1)] checking certificate status of "C=US, ST=New Hampshire, L=Nashua, OU=Engineering, CN=40000870.host.net"
2021-03-18T09:38:12.378079-07:00 Sec-GW ipsec-charon: 63[CFG-CTRL(1)] certificate status is not available
2021-03-18T09:38:12.378342-07:00 Sec-GW ipsec-charon: 63[CFG-CTRL(1)] reached self-signed root ca with a path length of 0
2021-03-18T09:38:12.378607-07:00 Sec-GW ipsec-charon: 63[IKE-CTRL(1)] authentication of 'C=US, ST=New Hampshire, L=Nashua, OU=Engineering, CN=40000870.host.net' with RSA_EMSA_PKCS1_SHA2_384 successful
2021-03-18T09:38:12.391341-07:00 Sec-GW ipsec-charon: 63[IKE-CTRL(1)] authentication of 'C=US, ST=New Hampshire, L=Nashua, OU=Engineering, CN=Security-GW-531.host.net' (myself) with RSA_EMSA_PKCS1_SHA2_384 successful
2021-03-18T09:38:12.391737-07:00 Sec-GW ipsec-charon: 63[CFG-CTRL(1)] build_r:: this->my_auth->build: status = 0
2021-03-18T09:38:12.392050-07:00 Sec-GW ipsec-charon: 63[IKE-AUDIT(0)] IKE_SA 17IPsecTunnelServer_ipsec[19401] established between 10.212.202.4[C=US, ST=New Hampshire, L=Nashua, OU=Engineering, CN=Security-GW-531.host.net]...10.212.200.43[C=US, ST=New Hampshire, L=Nashua, OU=Engineering, CN=40000870.host.net]
2021-03-18T09:38:12.392521-07:00 Sec-GW ipsec-charon: 63[IKE-CTRL(1)] IKE_SA 17IPsecTunnelServer_ipsec[19401] [952952558d60c5a2_i-cf6f41544586d606_r] between 10.212.202.4[4500] to 10.212.200.43[4500] state change: CONNECTING => ESTABLISHED
2021-03-18T09:38:12.392799-07:00 Sec-GW ipsec-charon: 63[IKE-CTRL(1)] IKE_SA 17IPsecTunnelServer_ipsec[19401] scheduling rekeying in 86277s
2021-03-18T09:38:12.393086-07:00 Sec-GW ipsec-charon: 63[IKE-CTRL(1)] IKE_SA 17IPsecTunnelServer_ipsec[19401] maximum IKE_SA lifetime 86397s
2021-03-18T09:38:12.393358-07:00 Sec-GW ipsec-charon: 63[IKE-CTRL(1)] sending end entity cert "C=US, ST=New Hampshire, L=Nashua, OU=Engineering, CN=Security-GW-531.host.net"
2021-03-18T09:38:12.393621-07:00 Sec-GW ipsec-charon: 63[CFG-CTRL(1)] unable to install policy 172.16.100.0/29 === 45.45.200.43/32 out for reqid 10805, the same policy for reqid 10646 exists
2021-03-18T09:38:12.393884-07:00 Sec-GW ipsec-charon: 63[IKE-CTRL(1)] unable to install IPsec policies (SPD) in kernel
2021-03-18T09:38:12.394157-07:00 Sec-GW ipsec-charon: 63[IKE-CTRL(1)] IKE_SA 17IPsecTunnelServer_ipsec[19401] closing IKE_SA due CHILD_SA setup failure
2021-03-18T09:38:12.395248-07:00 Sec-GW ipsec-charon: 63[IKE-DIAG(2)] process_message returned 0, setting return status to NEED_MORE
2021-03-18T09:38:12.395511-07:00 Sec-GW ipsec-charon: 63[IKE-DIAG(2)] process_message returned 11, destroying reassembled message
2021-03-18T09:38:12.492462-07:00 Sec-GW ipsec-charon: 21[IKE-DIAG(2)] queueing IKE_DELETE task
2021-03-18T09:38:12.492888-07:00 Sec-GW ipsec-charon: 21[IKE-DIAG(2)] activating new tasks for 17IPsecTunnelServer_ipsec[19401]
2021-03-18T09:38:12.493202-07:00 Sec-GW ipsec-charon: 21[IKE-DIAG(2)] activating IKE_DELETE task for 17IPsecTunnelServer_ipsec[19401]
2021-03-18T09:38:12.493487-07:00 Sec-GW ipsec-charon: 21[IKE-AUDIT(0)] deleting IKE_SA 17IPsecTunnelServer_ipsec[19401] between 10.212.202.4[C=US, ST=New Hampshire, L=Nashua, OU=Engineering, CN=Security-GW-531.host.net]...10.212.200.43[C=US, ST=New Hampshire, L=Nashua, OU=Engineering, CN=40000870.host.net]
2021-03-18T09:38:12.493769-07:00 Sec-GW ipsec-charon: 21[IKE-CTRL(1)] IKE_SA 17IPsecTunnelServer_ipsec[19401] [952952558d60c5a2_i-cf6f41544586d606_r] between 10.212.202.4[4500] to 10.212.200.43[4500] state change: ESTABLISHED => DELETING
2021-03-18T09:38:12.494048-07:00 Sec-GW ipsec-charon: 21[IKE-CTRL(1)] sending DELETE for IKE_SA 17IPsecTunnelServer_ipsec[19401]
2021-03-18T09:38:12.495329-07:00 Sec-GW ipsec-charon: 14[IKE-AUDIT(0)] IKE_SA deleted
2021-03-18T09:38:12.495611-07:00 Sec-GW ipsec-charon: 14[IKE-CTRL(1)] IKE_SA 17IPsecTunnelServer_ipsec[19401] [952952558d60c5a2_i-cf6f41544586d606_r] between 10.212.202.4[4500] to 10.212.200.43[4500] state change: DELETING => DESTROYING

Additional context
Host are behind NAT, and we just want to know how can we address this issue, as only way we could recover from this is to change the TSi of the Host.

Test case settings/invalid data: Lexer reads freed memory; Causes crash

System (please complete the following information):

  • OS: Alpine Linux
  • strongSwan version(s): 5.9.2, 5.9.1
  • Tested/confirmed with the latest version: [yes/no]

Describe the bug
A clear and concise description of what the bug is.

Test case settings/invalid data crashes on Alpine with musl because the lexer reads freed memory when throwing the error.

To Reproduce
Steps to reproduce the behavior:

  1. get package source for strongSwan on Alpine
  2. activate tests (comment options line, define "check" function that calls "make check" in APKBUILD)
  3. build with "abuild -r"

Expected behavior
A clear and concise description of what you expected to happen.
Test case passes

Logs/Backtraces
If applicable, add logs or backtraces to help explain your problem.
Backtrace of several tests that produce nearly the same backtrace:

    Running case 'load_string[_section]': ++==413557== Invalid read of size 1
==413557==    at 0x48EA9ED: settings_parser_error (settings_parser.y:213)
==413557==    by 0x48EB59C: settings_parser_parse (settings_parser.c:1539)
==413557==    by 0x48EBA2C: settings_parser_parse_string (settings_parser.y:366)
==413557==    by 0x48E7EA6: load_internal (settings.c:972)
==413557==    by 0x48E7EA6: load_internal (settings.c:961)
==413557==    by 0x48E84E6: load_string_section (settings.c:1059)
==413557==    by 0x146D27: test_load_string_section_null (test_settings.c:953)
==413557==    by 0x161750: run_test (test_runner.c:278)
==413557==    by 0x162198: run_case (test_runner.c:601)
==413557==    by 0x162198: run_suite (test_runner.c:698)
==413557==    by 0x162198: test_runner_run (test_runner.c:758)
==413557==    by 0x401CA02: ??? (in /lib/ld-musl-x86_64.so.1)
==413557==    by 0x401C9DB: ??? (in /lib/ld-musl-x86_64.so.1)
==413557==    by 0x1FFF000BEF: ???
==413557==  Address 0x4d51bf6 is 6 bytes inside a block of size 8 free'd
==413557==    at 0x48A4AF1: free (vg_replace_malloc.c:755)
==413557==    by 0x48EC3EE: settings_parser__delete_buffer (settings_lexer.c:2293)
==413557==    by 0x48EC423: settings_parser_pop_buffer_state (settings_lexer.c:2426)
==413557==    by 0x48ECB39: settings_parser_lex (settings_lexer.l:234)
==413557==    by 0x48EAF9C: yylex (settings_parser.y:60)
==413557==    by 0x48EAF9C: settings_parser_parse (settings_parser.c:1291)
==413557==    by 0x48EBA2C: settings_parser_parse_string (settings_parser.y:366)
==413557==    by 0x48E7EA6: load_internal (settings.c:972)
==413557==    by 0x48E7EA6: load_internal (settings.c:961)
==413557==    by 0x48E84E6: load_string_section (settings.c:1059)
==413557==    by 0x146D27: test_load_string_section_null (test_settings.c:953)
==413557==    by 0x161750: run_test (test_runner.c:278)
==413557==    by 0x162198: run_case (test_runner.c:601)
==413557==    by 0x162198: run_suite (test_runner.c:698)
==413557==    by 0x162198: test_runner_run (test_runner.c:758)
==413557==    by 0x401CA02: ??? (in /lib/ld-musl-x86_64.so.1)
==413557==  Block was alloc'd at
==413557==    at 0x48A26D9: malloc (vg_replace_malloc.c:379)
==413557==    by 0x48EC226: settings_parser__scan_bytes (settings_lexer.c:2561)
==413557==    by 0x48EB9F8: settings_parser_parse_string (settings_parser.y:360)
==413557==    by 0x48E7EA6: load_internal (settings.c:972)
==413557==    by 0x48E7EA6: load_internal (settings.c:961)
==413557==    by 0x48E84E6: load_string_section (settings.c:1059)
==413557==    by 0x146D27: test_load_string_section_null (test_settings.c:953)
==413557==    by 0x161750: run_test (test_runner.c:278)
==413557==    by 0x162198: run_case (test_runner.c:601)
==413557==    by 0x162198: run_suite (test_runner.c:698)
==413557==    by 0x162198: test_runner_run (test_runner.c:758)
==413557==    by 0x401CA02: ??? (in /lib/ld-musl-x86_64.so.1)
==413557==    by 0x401C9DB: ??? (in /lib/ld-musl-x86_64.so.1)
==413557==    by 0x1FFF000BEF: ???
==413557==
==413557== Invalid read of size 1
==413557==    at 0x48A7A9D: strnlen (vg_replace_strmem.c:436)
==413557==    by 0x48F5719: builtin_vsnprintf (printf_hook_builtin.c:846)
==413557==    by 0x48F21FE: parser_helper_log (parser_helper.c:222)
==413557==    by 0x48EB59C: settings_parser_parse (settings_parser.c:1539)
==413557==    by 0x48EBA2C: settings_parser_parse_string (settings_parser.y:366)
==413557==    by 0x48E7EA6: load_internal (settings.c:972)
==413557==    by 0x48E7EA6: load_internal (settings.c:961)
==413557==    by 0x48E84E6: load_string_section (settings.c:1059)
==413557==    by 0x146D27: test_load_string_section_null (test_settings.c:953)
==413557==    by 0x161750: run_test (test_runner.c:278)
==413557==    by 0x162198: run_case (test_runner.c:601)
==413557==    by 0x162198: run_suite (test_runner.c:698)
==413557==    by 0x162198: test_runner_run (test_runner.c:758)
==413557==    by 0x401CA02: ??? (in /lib/ld-musl-x86_64.so.1)
==413557==    by 0x401C9DB: ??? (in /lib/ld-musl-x86_64.so.1)
==413557==  Address 0x4d51bf6 is 6 bytes inside a block of size 8 free'd
==413557==    at 0x48A4AF1: free (vg_replace_malloc.c:755)
==413557==    by 0x48EC3EE: settings_parser__delete_buffer (settings_lexer.c:2293)
==413557==    by 0x48EC423: settings_parser_pop_buffer_state (settings_lexer.c:2426)
==413557==    by 0x48ECB39: settings_parser_lex (settings_lexer.l:234)
==413557==    by 0x48EAF9C: yylex (settings_parser.y:60)
==413557==    by 0x48EAF9C: settings_parser_parse (settings_parser.c:1291)
==413557==    by 0x48EBA2C: settings_parser_parse_string (settings_parser.y:366)
==413557==    by 0x48E7EA6: load_internal (settings.c:972)
==413557==    by 0x48E7EA6: load_internal (settings.c:961)
==413557==    by 0x48E84E6: load_string_section (settings.c:1059)
==413557==    by 0x146D27: test_load_string_section_null (test_settings.c:953)
==413557==    by 0x161750: run_test (test_runner.c:278)
==413557==    by 0x162198: run_case (test_runner.c:601)
==413557==    by 0x162198: run_suite (test_runner.c:698)
==413557==    by 0x162198: test_runner_run (test_runner.c:758)
==413557==    by 0x401CA02: ??? (in /lib/ld-musl-x86_64.so.1)
==413557==  Block was alloc'd at
==413557==    at 0x48A26D9: malloc (vg_replace_malloc.c:379)
==413557==    by 0x48EC226: settings_parser__scan_bytes (settings_lexer.c:2561)
==413557==    by 0x48EB9F8: settings_parser_parse_string (settings_parser.y:360)
==413557==    by 0x48E7EA6: load_internal (settings.c:972)
==413557==    by 0x48E7EA6: load_internal (settings.c:961)
==413557==    by 0x48E84E6: load_string_section (settings.c:1059)
==413557==    by 0x146D27: test_load_string_section_null (test_settings.c:953)
==413557==    by 0x161750: run_test (test_runner.c:278)
==413557==    by 0x162198: run_case (test_runner.c:601)
==413557==    by 0x162198: run_suite (test_runner.c:698)
==413557==    by 0x162198: test_runner_run (test_runner.c:758)
==413557==    by 0x401CA02: ??? (in /lib/ld-musl-x86_64.so.1)
==413557==    by 0x401C9DB: ??? (in /lib/ld-musl-x86_64.so.1)
==413557==    by 0x1FFF000BEF: ???
==413557==
+
    Running case 'fallback': +++
    Running case 'references': +++++
    Running case 'strings': +
    Running case 'valid/invalid data': +==413557== Invalid read of size 1
==413557==    at 0x48EA9ED: settings_parser_error (settings_parser.y:213)
==413557==    by 0x48EB59C: settings_parser_parse (settings_parser.c:1539)
==413557==    by 0x48EB91D: settings_parser_parse_file (settings_parser.y:329)
==413557==    by 0x48E7EAD: load_internal (settings.c:973)
==413557==    by 0x48E7EAD: load_internal (settings.c:961)
==413557==    by 0x48E7F2B: load_files (settings.c:1007)
==413557==    by 0x141611: test_invalid (test_settings.c:1508)
==413557==    by 0x161750: run_test (test_runner.c:278)
==413557==    by 0x162198: run_case (test_runner.c:601)
==413557==    by 0x162198: run_suite (test_runner.c:698)
==413557==    by 0x162198: test_runner_run (test_runner.c:758)
==413557==    by 0x401CA02: ??? (in /lib/ld-musl-x86_64.so.1)
==413557==    by 0x401C9DB: ??? (in /lib/ld-musl-x86_64.so.1)
==413557==    by 0x1FFF000BEF: ???
==413557==  Address 0x5d590d0 is 0 bytes inside a block of size 16,386 free'd
==413557==    at 0x48A4AF1: free (vg_replace_malloc.c:755)
==413557==    by 0x48EC3EE: settings_parser__delete_buffer (settings_lexer.c:2293)
==413557==    by 0x48EC423: settings_parser_pop_buffer_state (settings_lexer.c:2426)
==413557==    by 0x48ECB39: settings_parser_lex (settings_lexer.l:234)
==413557==    by 0x48EAF9C: yylex (settings_parser.y:60)
==413557==    by 0x48EAF9C: settings_parser_parse (settings_parser.c:1291)
==413557==    by 0x48EB91D: settings_parser_parse_file (settings_parser.y:329)
==413557==    by 0x48E7EAD: load_internal (settings.c:973)
==413557==    by 0x48E7EAD: load_internal (settings.c:961)
==413557==    by 0x48E7F2B: load_files (settings.c:1007)
==413557==    by 0x141611: test_invalid (test_settings.c:1508)
==413557==    by 0x161750: run_test (test_runner.c:278)
==413557==    by 0x162198: run_case (test_runner.c:601)
==413557==    by 0x162198: run_suite (test_runner.c:698)
==413557==    by 0x162198: test_runner_run (test_runner.c:758)
==413557==    by 0x401CA02: ??? (in /lib/ld-musl-x86_64.so.1)
==413557==  Block was alloc'd at
==413557==    at 0x48A26D9: malloc (vg_replace_malloc.c:379)
==413557==    by 0x48EBE33: settings_parser__create_buffer (settings_lexer.c:2260)
==413557==    by 0x48EC544: settings_parser_open_next_file (settings_lexer.l:257)
==413557==    by 0x48EB886: settings_parser_parse_file (settings_parser.y:311)
==413557==    by 0x48E7EAD: load_internal (settings.c:973)
==413557==    by 0x48E7EAD: load_internal (settings.c:961)
==413557==    by 0x48E7F2B: load_files (settings.c:1007)
==413557==    by 0x141611: test_invalid (test_settings.c:1508)
==413557==    by 0x161750: run_test (test_runner.c:278)
==413557==    by 0x162198: run_case (test_runner.c:601)
==413557==    by 0x162198: run_suite (test_runner.c:698)
==413557==    by 0x162198: test_runner_run (test_runner.c:758)
==413557==    by 0x401CA02: ??? (in /lib/ld-musl-x86_64.so.1)
==413557==    by 0x401C9DB: ??? (in /lib/ld-musl-x86_64.so.1)
==413557==    by 0x1FFF000BEF: ???
==413557==

Charon becoming unresponsive

On multiple Pfsense installs (with quite a lot of tunnels) I see Charon becoming unresponsive, especially after manually bringing tunnels down and up. Mostly directly after bringing up a connection suddenly all IPSec traffic stalls, commands like swanctl -l or ipsec statusall don’t do anything, service restart won’t work. From command line it’s says Charon is still running if trying to restart. Only remedy for now seems to restart box, although a kill -9 might help too.

First noticed on strongswan-5.9.2_2 but switched to Pfsense development builds and a very helpful JIMP from Netgate even pulled 5.9.3 port from freebsd ports, because I suspected to be hit by #268. But even on 5.9.3 I can make it happen pretty easily.

Looks like hanging VICI connections, but despite setting log levels higher no clues at all are visible. JIMP was not able to reproduce, but I can on multiple (virtual) boxes.

Netgate forum thread with even more info and logs:
https://forum.netgate.com/topic/165661/charon-becoming-unresponsive

Looks more some sort of bug to me than a misconfiguration. And even a misconfiguration should not lead to this state of the daemon IMHO. Always happy to provide more details if needed.

Julian

Reply

IKEV1: lost child_sa after ike_sa reauth

System:

  • OS: Ubuntu 20.04.2 LTS (Focal Fossa)
  • Kernel version: 5.8.0-50-generic
  • strongSwan version(s): 5.9.2
  • Tested/confirmed with the latest version: [yes]

Describe the bug
I have two same ubuntu system running Strongswan 5.9.2(net to net with psk), and establishs IPSec SA in tunnel mode. I am very likely encounter this issue which moon (initiator) gets new ike_sa and child_sa after ike reauth , but sun only get ike_sa (the same with moon), without any child_sa.

Everything workes fine with IKEV2.

To Reproduce
Steps to reproduce the behavior:

  1. net-net establishs IPSec tunnel with IKEV1
  2. check SA established before reauth
  3. check SA after reauth
moon:  swanctl --list-sas            
gw-gw: #3, ESTABLISHED, IKEv1, f582be510fd4cfc5_i* 0e62f801467d74bf_r
  local  'moon.strongswan.org' @ 10.0.3.100[500]
  remote 'sun.strongswan.org' @ 10.0.3.200[500]
  AES_CBC-128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519
  established 49s ago, reauth in 64s

sun: swanctl --list-sas            
gw-gw: #3, ESTABLISHED, IKEv1, f582be510fd4cfc5_i 0e62f801467d74bf_r*
  local  'sun.strongswan.org' @ 10.0.3.200[500]
  remote 'moon.strongswan.org' @ 10.0.3.100[500]
  AES_CBC-128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519
  established 43s ago, reauth in 66s
  net-net: #1, reqid 1, INSTALLED, TUNNEL, ESP:AES_GCM_16-128/CURVE_25519
    installed 156s ago, rekeying in 5535s, expires in 6444s
    in  ca2e23db,      0 bytes,     0 packets
    out ce1c8061,      0 bytes,     0 packets
    local  7.7.7.0/24
    remote 5.5.5.0/24

In my case, moon gw-gw[2] with child_sa, but deleted, sun gw-gw[3] with child_sa but moon gw-gw[3] without child_sa

moon and sun share the same strongswn.conf below

charon {
	load_modular = yes
	plugins {
		include strongswan.d/charon/*.conf
	}
    filelog {
        charon-debug-log {
                path = /var/log/charon_debug.log
                time_format = %a, %Y-%m-%d, %H:%M:%S
                default = 2
                mgr = 0
                net = 1
                enc = 1
                asn = 1
                job = 1
                ike_name = yes
                append = no
                flush_line = yes
        }
    }
}

moon swanctl.conf below

connections {
   gw-gw {
      local_addrs  = 10.0.3.100
      remote_addrs = 10.0.3.200
      local {
         auth = psk
         id = moon.strongswan.org
      }
      remote {
         auth = psk
         id = sun.strongswan.org
      }
      children {
         net-net {
            local_ts  = 5.5.5.0/24
            remote_ts = 7.7.7.0/24
            rekey_time = 6000
            rekey_bytes = 500000000
            rekey_packets = 1000000
            esp_proposals = aes128gcm128-x25519
         }
      }
      version = 1
      mobike = no
      reauth_time = 120
      proposals = aes128-sha256-x25519
   }
}
secrets {
   ike-3 {
      id-3a = moon.strongswan.org
      id-3b =sun.strongswan.org
      secret = 0sv+NkxY9LLZvwj4qCC2o/gGrWDF2d21jL
   }
}
include conf.d/*.conf

sun almost the same as moon:

connections {
   gw-gw {
      local_addrs  = 10.0.3.200
      remote_addrs = 10.0.3.100
      local {
         auth = psk
         id = sun.strongswan.org
      }
      remote {
         auth = psk
         id = moon.strongswan.org
      }
      children {
         net-net {
            local_ts  = 7.7.7.0/24
            remote_ts = 5.5.5.0/24
            rekey_time = 6000
            rekey_bytes = 500000000
            rekey_packets = 1000000
            esp_proposals = aes128gcm128-x25519
         }
      }
      version = 1
      mobike = no
      reauth_time = 120
      proposals = aes128-sha256-x25519
   }
}
secrets {
   ike-1 {
      id-moon = moon.strongswan.org
      id-sun =sun.strongswan.org
      secret = 0sv+NkxY9LLZvwj4qCC2o/gGrWDF2d21jL
   }
}
include conf.d/*.conf

Expected behavior
Moon and sun stay with the same ike_sa and child_sa

Logs/Backtraces
moon:

Mon, 2021-05-10, 16:19:17 09[IKE] <gw-gw|1> initiating Main Mode IKE_SA gw-gw[1] to 10.0.3.200
Mon, 2021-05-10, 16:19:17 09[IKE] <gw-gw|1> IKE_SA gw-gw[1] state change: CREATED => CONNECTING
Mon, 2021-05-10, 16:19:17 09[CFG] <gw-gw|1> configured proposals: IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519
Mon, 2021-05-10, 16:19:17 09[ENC] <gw-gw|1> generating ID_PROT request 0 [ SA V V V V V ]
Mon, 2021-05-10, 16:19:17 09[NET] <gw-gw|1> sending packet: from 10.0.3.100[500] to 10.0.3.200[500] (180 bytes)
Mon, 2021-05-10, 16:19:17 14[NET] <gw-gw|1> received packet: from 10.0.3.200[500] to 10.0.3.100[500] (160 bytes)
Mon, 2021-05-10, 16:19:17 14[ENC] <gw-gw|1> parsed ID_PROT response 0 [ SA V V V V ]
Mon, 2021-05-10, 16:19:17 14[IKE] <gw-gw|1> received XAuth vendor ID
Mon, 2021-05-10, 16:19:17 14[IKE] <gw-gw|1> received DPD vendor ID
Mon, 2021-05-10, 16:19:17 14[IKE] <gw-gw|1> received FRAGMENTATION vendor ID
Mon, 2021-05-10, 16:19:17 14[IKE] <gw-gw|1> received NAT-T (RFC 3947) vendor ID
Mon, 2021-05-10, 16:19:17 14[CFG] <gw-gw|1> selecting proposal:
Mon, 2021-05-10, 16:19:17 14[CFG] <gw-gw|1>   proposal matches
Mon, 2021-05-10, 16:19:17 14[CFG] <gw-gw|1> received proposals: IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519
Mon, 2021-05-10, 16:19:17 14[CFG] <gw-gw|1> configured proposals: IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519
Mon, 2021-05-10, 16:19:17 14[CFG] <gw-gw|1> selected proposal: IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519
Mon, 2021-05-10, 16:19:17 14[IKE] <gw-gw|1> reinitiating already active tasks
Mon, 2021-05-10, 16:19:17 14[IKE] <gw-gw|1>   ISAKMP_VENDOR task
Mon, 2021-05-10, 16:19:17 14[IKE] <gw-gw|1>   MAIN_MODE task
Mon, 2021-05-10, 16:19:17 14[ENC] <gw-gw|1> generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
Mon, 2021-05-10, 16:19:17 14[NET] <gw-gw|1> sending packet: from 10.0.3.100[500] to 10.0.3.200[500] (172 bytes)
Mon, 2021-05-10, 16:19:17 09[NET] <gw-gw|1> received packet: from 10.0.3.200[500] to 10.0.3.100[500] (172 bytes)
Mon, 2021-05-10, 16:19:17 09[ENC] <gw-gw|1> parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
Mon, 2021-05-10, 16:19:17 09[IKE] <gw-gw|1> reinitiating already active tasks
Mon, 2021-05-10, 16:19:17 09[IKE] <gw-gw|1>   ISAKMP_VENDOR task
Mon, 2021-05-10, 16:19:17 09[IKE] <gw-gw|1>   MAIN_MODE task
Mon, 2021-05-10, 16:19:17 09[ENC] <gw-gw|1> generating ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ]
Mon, 2021-05-10, 16:19:17 09[NET] <gw-gw|1> sending packet: from 10.0.3.100[500] to 10.0.3.200[500] (124 bytes)
Mon, 2021-05-10, 16:19:17 06[NET] <gw-gw|1> received packet: from 10.0.3.200[500] to 10.0.3.100[500] (92 bytes)
Mon, 2021-05-10, 16:19:17 06[ENC] <gw-gw|1> parsed ID_PROT response 0 [ ID HASH ]
Mon, 2021-05-10, 16:19:17 06[IKE] <gw-gw|1> IKE_SA gw-gw[1] established between 10.0.3.100[moon.strongswan.org]...10.0.3.200[sun.strongswan.org]
Mon, 2021-05-10, 16:19:17 06[IKE] <gw-gw|1> IKE_SA gw-gw[1] state change: CONNECTING => ESTABLISHED
Mon, 2021-05-10, 16:19:17 06[IKE] <gw-gw|1> scheduling reauthentication in 113s
Mon, 2021-05-10, 16:19:17 06[IKE] <gw-gw|1> maximum IKE_SA lifetime 125s
Mon, 2021-05-10, 16:19:17 06[IKE] <gw-gw|1> activating new tasks
Mon, 2021-05-10, 16:19:17 06[IKE] <gw-gw|1>   activating QUICK_MODE task
Mon, 2021-05-10, 16:19:17 06[CFG] <gw-gw|1> configured proposals: ESP:AES_GCM_16_128/CURVE_25519/NO_EXT_SEQ
Mon, 2021-05-10, 16:19:17 06[KNL] <gw-gw|1> got SPI ce1c8061
Mon, 2021-05-10, 16:19:17 06[CFG] <gw-gw|1> configured proposals: ESP:AES_GCM_16_128/CURVE_25519/NO_EXT_SEQ
Mon, 2021-05-10, 16:19:17 06[CFG] <gw-gw|1> proposing traffic selectors for us:
Mon, 2021-05-10, 16:19:17 06[CFG] <gw-gw|1>  5.5.5.0/24
Mon, 2021-05-10, 16:19:17 06[CFG] <gw-gw|1> proposing traffic selectors for other:
Mon, 2021-05-10, 16:19:17 06[CFG] <gw-gw|1>  7.7.7.0/24
Mon, 2021-05-10, 16:19:17 06[ENC] <gw-gw|1> generating QUICK_MODE request 1135166292 [ HASH SA No KE ID ID ]
Mon, 2021-05-10, 16:19:17 06[NET] <gw-gw|1> sending packet: from 10.0.3.100[500] to 10.0.3.200[500] (236 bytes)
Mon, 2021-05-10, 16:19:17 09[NET] <gw-gw|1> received packet: from 10.0.3.200[500] to 10.0.3.100[500] (236 bytes)
Mon, 2021-05-10, 16:19:17 09[ENC] <gw-gw|1> parsed QUICK_MODE response 1135166292 [ HASH SA No KE ID ID ]
Mon, 2021-05-10, 16:19:17 09[CFG] <gw-gw|1> selecting proposal:
Mon, 2021-05-10, 16:19:17 09[CFG] <gw-gw|1>   proposal matches
Mon, 2021-05-10, 16:19:17 09[CFG] <gw-gw|1> received proposals: ESP:AES_GCM_16_128/CURVE_25519/NO_EXT_SEQ
Mon, 2021-05-10, 16:19:17 09[CFG] <gw-gw|1> configured proposals: ESP:AES_GCM_16_128/CURVE_25519/NO_EXT_SEQ
Mon, 2021-05-10, 16:19:17 09[CFG] <gw-gw|1> selected proposal: ESP:AES_GCM_16_128/CURVE_25519/NO_EXT_SEQ
Mon, 2021-05-10, 16:19:17 09[CHD] <gw-gw|1> CHILD_SA net-net{1} state change: CREATED => INSTALLING
Mon, 2021-05-10, 16:19:17 09[CHD] <gw-gw|1>   using AES_GCM_16 for encryption
Mon, 2021-05-10, 16:19:17 09[CHD] <gw-gw|1> adding inbound ESP SA
Mon, 2021-05-10, 16:19:17 09[CHD] <gw-gw|1>   SPI 0xce1c8061, src 10.0.3.200 dst 10.0.3.100
Mon, 2021-05-10, 16:19:17 09[KNL] <gw-gw|1> adding SAD entry with SPI ce1c8061 and reqid {1}
Mon, 2021-05-10, 16:19:17 09[KNL] <gw-gw|1>   using encryption algorithm AES_GCM_16 with key size 160
Mon, 2021-05-10, 16:19:17 09[KNL] <gw-gw|1>   using replay window of 32 packets
Mon, 2021-05-10, 16:19:17 09[KNL] <gw-gw|1>   HW offload: no
Mon, 2021-05-10, 16:19:17 09[CHD] <gw-gw|1> adding outbound ESP SA
Mon, 2021-05-10, 16:19:17 09[CHD] <gw-gw|1>   SPI 0xca2e23db, src 10.0.3.100 dst 10.0.3.200
Mon, 2021-05-10, 16:19:17 09[KNL] <gw-gw|1> adding SAD entry with SPI ca2e23db and reqid {1}
Mon, 2021-05-10, 16:19:17 09[KNL] <gw-gw|1>   using encryption algorithm AES_GCM_16 with key size 160
Mon, 2021-05-10, 16:19:17 09[KNL] <gw-gw|1>   using replay window of 0 packets
Mon, 2021-05-10, 16:19:17 09[KNL] <gw-gw|1>   HW offload: no
Mon, 2021-05-10, 16:19:17 09[KNL] <gw-gw|1> adding policy 7.7.7.0/24 === 5.5.5.0/24 in [priority 375423, refcount 1]
Mon, 2021-05-10, 16:19:17 09[KNL] <gw-gw|1> adding policy 7.7.7.0/24 === 5.5.5.0/24 fwd [priority 375423, refcount 1]
Mon, 2021-05-10, 16:19:17 09[KNL] <gw-gw|1> adding policy 5.5.5.0/24 === 7.7.7.0/24 out [priority 375423, refcount 1]
Mon, 2021-05-10, 16:19:17 09[KNL] <gw-gw|1> getting a local address in traffic selector 5.5.5.0/24
Mon, 2021-05-10, 16:19:17 09[KNL] <gw-gw|1> no local address found in traffic selector 5.5.5.0/24
Mon, 2021-05-10, 16:19:17 09[IKE] <gw-gw|1> CHILD_SA net-net{1} established with SPIs ce1c8061_i ca2e23db_o and TS 5.5.5.0/24 === 7.7.7.0/24
Mon, 2021-05-10, 16:19:17 09[CHD] <gw-gw|1> CHILD_SA net-net{1} state change: INSTALLING => INSTALLED
Mon, 2021-05-10, 16:19:17 09[IKE] <gw-gw|1> reinitiating already active tasks
Mon, 2021-05-10, 16:19:17 09[IKE] <gw-gw|1>   QUICK_MODE task
Mon, 2021-05-10, 16:19:17 09[ENC] <gw-gw|1> generating QUICK_MODE request 1135166292 [ HASH ]
Mon, 2021-05-10, 16:19:17 09[NET] <gw-gw|1> sending packet: from 10.0.3.100[500] to 10.0.3.200[500] (76 bytes)
Mon, 2021-05-10, 16:19:17 09[IKE] <gw-gw|1> activating new tasks
Mon, 2021-05-10, 16:19:17 09[IKE] <gw-gw|1> nothing to initiate
Mon, 2021-05-10, 16:19:17 11[CFG] vici client 2 disconnected
Mon, 2021-05-10, 16:19:19 06[CFG] vici client 3 connected
Mon, 2021-05-10, 16:19:19 01[CFG] vici client 3 registered for: list-sa
Mon, 2021-05-10, 16:19:19 12[CFG] vici client 3 requests: list-sas
Mon, 2021-05-10, 16:19:19 12[KNL] <gw-gw|1> querying SAD entry with SPI ce1c8061
Mon, 2021-05-10, 16:19:19 12[KNL] <gw-gw|1> querying SAD entry with SPI ca2e23db
Mon, 2021-05-10, 16:19:19 15[CFG] vici client 3 disconnected
Mon, 2021-05-10, 16:21:08 01[CFG] vici client 4 connected
Mon, 2021-05-10, 16:21:08 08[CFG] vici client 4 registered for: list-sa
Mon, 2021-05-10, 16:21:08 15[CFG] vici client 4 requests: list-sas
Mon, 2021-05-10, 16:21:08 15[KNL] <gw-gw|1> querying SAD entry with SPI ce1c8061
Mon, 2021-05-10, 16:21:08 15[KNL] <gw-gw|1> querying SAD entry with SPI ca2e23db
Mon, 2021-05-10, 16:21:08 07[CFG] vici client 4 disconnected
Mon, 2021-05-10, 16:21:09 01[NET] <2> received packet: from 10.0.3.200[500] to 10.0.3.100[500] (180 bytes)
Mon, 2021-05-10, 16:21:09 01[ENC] <2> parsed ID_PROT request 0 [ SA V V V V V ]
Mon, 2021-05-10, 16:21:09 01[CFG] <2> looking for an IKEv1 config for 10.0.3.100...10.0.3.200
Mon, 2021-05-10, 16:21:09 01[CFG] <2>   candidate: 10.0.3.100...10.0.3.200, prio 3100
Mon, 2021-05-10, 16:21:09 01[CFG] <2> found matching ike config: 10.0.3.100...10.0.3.200 with prio 3100
Mon, 2021-05-10, 16:21:09 01[IKE] <2> received XAuth vendor ID
Mon, 2021-05-10, 16:21:09 01[IKE] <2> received DPD vendor ID
Mon, 2021-05-10, 16:21:09 01[IKE] <2> received FRAGMENTATION vendor ID
Mon, 2021-05-10, 16:21:09 01[IKE] <2> received NAT-T (RFC 3947) vendor ID
Mon, 2021-05-10, 16:21:09 01[IKE] <2> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
Mon, 2021-05-10, 16:21:09 01[IKE] <2> 10.0.3.200 is initiating a Main Mode IKE_SA
Mon, 2021-05-10, 16:21:09 01[IKE] <2> IKE_SA (unnamed)[2] state change: CREATED => CONNECTING
Mon, 2021-05-10, 16:21:09 01[CFG] <2> selecting proposal:
Mon, 2021-05-10, 16:21:09 01[CFG] <2>   proposal matches
Mon, 2021-05-10, 16:21:09 01[CFG] <2> received proposals: IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519
Mon, 2021-05-10, 16:21:09 01[CFG] <2> configured proposals: IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519
Mon, 2021-05-10, 16:21:09 01[CFG] <2> selected proposal: IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519
Mon, 2021-05-10, 16:21:09 01[IKE] <2> sending XAuth vendor ID
Mon, 2021-05-10, 16:21:09 01[IKE] <2> sending DPD vendor ID
Mon, 2021-05-10, 16:21:09 01[IKE] <2> sending FRAGMENTATION vendor ID
Mon, 2021-05-10, 16:21:09 01[IKE] <2> sending NAT-T (RFC 3947) vendor ID
Mon, 2021-05-10, 16:21:09 01[ENC] <2> generating ID_PROT response 0 [ SA V V V V ]
Mon, 2021-05-10, 16:21:09 01[NET] <2> sending packet: from 10.0.3.100[500] to 10.0.3.200[500] (160 bytes)
Mon, 2021-05-10, 16:21:09 13[NET] <2> received packet: from 10.0.3.200[500] to 10.0.3.100[500] (172 bytes)
Mon, 2021-05-10, 16:21:09 13[ENC] <2> parsed ID_PROT request 0 [ KE No NAT-D NAT-D ]
Mon, 2021-05-10, 16:21:09 13[CFG] <2>   candidate "gw-gw", match: 1/1/3100 (me/other/ike)
Mon, 2021-05-10, 16:21:09 13[ENC] <2> generating ID_PROT response 0 [ KE No NAT-D NAT-D ]
Mon, 2021-05-10, 16:21:09 13[NET] <2> sending packet: from 10.0.3.100[500] to 10.0.3.200[500] (172 bytes)
Mon, 2021-05-10, 16:21:09 09[NET] <2> received packet: from 10.0.3.200[500] to 10.0.3.100[500] (92 bytes)
Mon, 2021-05-10, 16:21:09 09[ENC] <2> parsed ID_PROT request 0 [ ID HASH ]
Mon, 2021-05-10, 16:21:09 09[CFG] <2> looking for pre-shared key peer configs matching 10.0.3.100...10.0.3.200[sun.strongswan.org]
Mon, 2021-05-10, 16:21:09 09[CFG] <2>   candidate "gw-gw", match: 1/20/3100 (me/other/ike)
Mon, 2021-05-10, 16:21:09 09[CFG] <2> selected peer config "gw-gw"
Mon, 2021-05-10, 16:21:09 09[IKE] <gw-gw|2> IKE_SA gw-gw[2] established between 10.0.3.100[moon.strongswan.org]...10.0.3.200[sun.strongswan.org]
Mon, 2021-05-10, 16:21:09 09[IKE] <gw-gw|2> IKE_SA gw-gw[2] state change: CONNECTING => ESTABLISHED
Mon, 2021-05-10, 16:21:09 09[IKE] <gw-gw|2> scheduling reauthentication in 112s
Mon, 2021-05-10, 16:21:09 09[IKE] <gw-gw|2> maximum IKE_SA lifetime 124s
Mon, 2021-05-10, 16:21:09 09[ENC] <gw-gw|2> generating ID_PROT response 0 [ ID HASH ]
Mon, 2021-05-10, 16:21:09 09[NET] <gw-gw|2> sending packet: from 10.0.3.100[500] to 10.0.3.200[500] (92 bytes)
Mon, 2021-05-10, 16:21:09 08[IKE] <gw-gw|1> detected reauth of existing IKE_SA, adopting 1 children, 0 child tasks, and 0 virtual IPs
Mon, 2021-05-10, 16:21:10 14[IKE] <gw-gw|1> reauthenticating IKE_SA gw-gw[1]
Mon, 2021-05-10, 16:21:10 14[IKE] <gw-gw|1> queueing ISAKMP_VENDOR task
Mon, 2021-05-10, 16:21:10 14[IKE] <gw-gw|1> queueing ISAKMP_CERT_PRE task
Mon, 2021-05-10, 16:21:10 14[IKE] <gw-gw|1> queueing MAIN_MODE task
Mon, 2021-05-10, 16:21:10 14[IKE] <gw-gw|1> queueing ISAKMP_CERT_POST task
Mon, 2021-05-10, 16:21:10 14[IKE] <gw-gw|1> queueing ISAKMP_NATD task
Mon, 2021-05-10, 16:21:10 14[IKE] <gw-gw|1> activating new tasks
Mon, 2021-05-10, 16:21:10 14[IKE] <gw-gw|1>   activating ISAKMP_VENDOR task
Mon, 2021-05-10, 16:21:10 14[IKE] <gw-gw|1>   activating ISAKMP_CERT_PRE task
Mon, 2021-05-10, 16:21:10 14[IKE] <gw-gw|1>   activating MAIN_MODE task
Mon, 2021-05-10, 16:21:10 14[IKE] <gw-gw|1>   activating ISAKMP_CERT_POST task
Mon, 2021-05-10, 16:21:10 14[IKE] <gw-gw|1>   activating ISAKMP_NATD task
Mon, 2021-05-10, 16:21:10 14[IKE] <gw-gw|1> sending XAuth vendor ID
Mon, 2021-05-10, 16:21:10 14[IKE] <gw-gw|1> sending DPD vendor ID
Mon, 2021-05-10, 16:21:10 14[IKE] <gw-gw|1> sending FRAGMENTATION vendor ID
Mon, 2021-05-10, 16:21:10 14[IKE] <gw-gw|1> sending NAT-T (RFC 3947) vendor ID
Mon, 2021-05-10, 16:21:10 14[IKE] <gw-gw|1> sending draft-ietf-ipsec-nat-t-ike-02\n vendor ID
Mon, 2021-05-10, 16:21:10 14[IKE] <gw-gw|1> initiating Main Mode IKE_SA gw-gw[3] to 10.0.3.200
Mon, 2021-05-10, 16:21:10 14[IKE] <gw-gw|1> IKE_SA gw-gw[3] state change: CREATED => CONNECTING
Mon, 2021-05-10, 16:21:10 14[CFG] <gw-gw|1> configured proposals: IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519
Mon, 2021-05-10, 16:21:10 14[ENC] <gw-gw|1> generating ID_PROT request 0 [ SA V V V V V ]
Mon, 2021-05-10, 16:21:10 14[NET] <gw-gw|1> sending packet: from 10.0.3.100[500] to 10.0.3.200[500] (180 bytes)
Mon, 2021-05-10, 16:21:10 14[IKE] IKE_SA gw-gw[1] state change: ESTABLISHED => REKEYING
Mon, 2021-05-10, 16:21:10 14[IKE] <gw-gw|1> activating new tasks
Mon, 2021-05-10, 16:21:10 14[IKE] <gw-gw|1> nothing to initiate
Mon, 2021-05-10, 16:21:10 12[NET] <gw-gw|3> received packet: from 10.0.3.200[500] to 10.0.3.100[500] (160 bytes)
Mon, 2021-05-10, 16:21:10 12[ENC] <gw-gw|3> parsed ID_PROT response 0 [ SA V V V V ]
Mon, 2021-05-10, 16:21:10 12[IKE] <gw-gw|3> received XAuth vendor ID
Mon, 2021-05-10, 16:21:10 12[IKE] <gw-gw|3> received DPD vendor ID
Mon, 2021-05-10, 16:21:10 12[IKE] <gw-gw|3> received FRAGMENTATION vendor ID
Mon, 2021-05-10, 16:21:10 12[IKE] <gw-gw|3> received NAT-T (RFC 3947) vendor ID
Mon, 2021-05-10, 16:21:10 12[CFG] <gw-gw|3> selecting proposal:
Mon, 2021-05-10, 16:21:10 12[CFG] <gw-gw|3>   proposal matches
Mon, 2021-05-10, 16:21:10 12[CFG] <gw-gw|3> received proposals: IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519
Mon, 2021-05-10, 16:21:10 12[CFG] <gw-gw|3> configured proposals: IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519
Mon, 2021-05-10, 16:21:10 12[CFG] <gw-gw|3> selected proposal: IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519
Mon, 2021-05-10, 16:21:10 12[IKE] <gw-gw|3> reinitiating already active tasks
Mon, 2021-05-10, 16:21:10 12[IKE] <gw-gw|3>   ISAKMP_VENDOR task
Mon, 2021-05-10, 16:21:10 12[IKE] <gw-gw|3>   MAIN_MODE task
Mon, 2021-05-10, 16:21:10 12[ENC] <gw-gw|3> generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
Mon, 2021-05-10, 16:21:10 12[NET] <gw-gw|3> sending packet: from 10.0.3.100[500] to 10.0.3.200[500] (172 bytes)
Mon, 2021-05-10, 16:21:10 11[NET] <gw-gw|3> received packet: from 10.0.3.200[500] to 10.0.3.100[500] (172 bytes)
Mon, 2021-05-10, 16:21:10 11[ENC] <gw-gw|3> parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
Mon, 2021-05-10, 16:21:10 11[IKE] <gw-gw|3> reinitiating already active tasks
Mon, 2021-05-10, 16:21:10 11[IKE] <gw-gw|3>   ISAKMP_VENDOR task
Mon, 2021-05-10, 16:21:10 11[IKE] <gw-gw|3>   MAIN_MODE task
Mon, 2021-05-10, 16:21:10 11[ENC] <gw-gw|3> generating ID_PROT request 0 [ ID HASH ]
Mon, 2021-05-10, 16:21:10 11[NET] <gw-gw|3> sending packet: from 10.0.3.100[500] to 10.0.3.200[500] (92 bytes)
Mon, 2021-05-10, 16:21:10 15[NET] <gw-gw|3> received packet: from 10.0.3.200[500] to 10.0.3.100[500] (92 bytes)
Mon, 2021-05-10, 16:21:10 15[ENC] <gw-gw|3> parsed ID_PROT response 0 [ ID HASH ]
Mon, 2021-05-10, 16:21:10 15[IKE] <gw-gw|3> IKE_SA gw-gw[3] established between 10.0.3.100[moon.strongswan.org]...10.0.3.200[sun.strongswan.org]
Mon, 2021-05-10, 16:21:10 15[IKE] <gw-gw|3> IKE_SA gw-gw[3] state change: CONNECTING => ESTABLISHED
Mon, 2021-05-10, 16:21:10 15[IKE] <gw-gw|3> scheduling reauthentication in 113s
Mon, 2021-05-10, 16:21:10 15[IKE] <gw-gw|3> maximum IKE_SA lifetime 125s
Mon, 2021-05-10, 16:21:10 15[IKE] <gw-gw|3> activating new tasks
Mon, 2021-05-10, 16:21:10 15[IKE] <gw-gw|3> nothing to initiate
Mon, 2021-05-10, 16:21:13 05[CFG] vici client 5 connected
Mon, 2021-05-10, 16:21:13 06[CFG] vici client 5 registered for: list-sa
Mon, 2021-05-10, 16:21:13 08[CFG] vici client 5 requests: list-sas
Mon, 2021-05-10, 16:21:13 08[KNL] <gw-gw|2> querying SAD entry with SPI ce1c8061
Mon, 2021-05-10, 16:21:13 08[KNL] <gw-gw|2> querying SAD entry with SPI ca2e23db
Mon, 2021-05-10, 16:21:13 15[CFG] vici client 5 disconnected
Mon, 2021-05-10, 16:21:19 07[IKE] <gw-gw|1> queueing ISAKMP_DELETE task
Mon, 2021-05-10, 16:21:19 07[IKE] <gw-gw|1> activating new tasks
Mon, 2021-05-10, 16:21:19 07[IKE] <gw-gw|1>   activating ISAKMP_DELETE task
Mon, 2021-05-10, 16:21:19 07[IKE] <gw-gw|1> deleting IKE_SA gw-gw[1] between 10.0.3.100[moon.strongswan.org]...10.0.3.200[sun.strongswan.org]
Mon, 2021-05-10, 16:21:19 07[IKE] <gw-gw|1> sending DELETE for IKE_SA gw-gw[1]
Mon, 2021-05-10, 16:21:19 07[IKE] <gw-gw|1> IKE_SA gw-gw[1] state change: REKEYING => DELETING
Mon, 2021-05-10, 16:21:19 07[ENC] <gw-gw|1> generating INFORMATIONAL_V1 request 1722974342 [ HASH D ]
Mon, 2021-05-10, 16:21:19 07[NET] <gw-gw|1> sending packet: from 10.0.3.100[500] to 10.0.3.200[500] (108 bytes)
Mon, 2021-05-10, 16:21:19 07[IKE] <gw-gw|1> IKE_SA gw-gw[1] state change: DELETING => DESTROYING
Mon, 2021-05-10, 16:21:20 01[NET] <gw-gw|2> received packet: from 10.0.3.200[500] to 10.0.3.100[500] (108 bytes)
Mon, 2021-05-10, 16:21:20 01[ENC] <gw-gw|2> parsed INFORMATIONAL_V1 request 2472388538 [ HASH D ]
Mon, 2021-05-10, 16:21:20 01[IKE] <gw-gw|2> received DELETE for IKE_SA gw-gw[2]
Mon, 2021-05-10, 16:21:20 01[IKE] <gw-gw|2> deleting IKE_SA gw-gw[2] between 10.0.3.100[moon.strongswan.org]...10.0.3.200[sun.strongswan.org]
Mon, 2021-05-10, 16:21:20 01[IKE] <gw-gw|2> IKE_SA gw-gw[2] state change: ESTABLISHED => DELETING
Mon, 2021-05-10, 16:21:20 01[IKE] <gw-gw|2> IKE_SA gw-gw[2] state change: DELETING => DELETING
Mon, 2021-05-10, 16:21:20 01[IKE] <gw-gw|2> IKE_SA gw-gw[2] state change: DELETING => DESTROYING
Mon, 2021-05-10, 16:21:20 01[CHD] <gw-gw|2> CHILD_SA net-net{1} state change: INSTALLED => DESTROYING
Mon, 2021-05-10, 16:21:20 01[KNL] <gw-gw|2> deleting policy 5.5.5.0/24 === 7.7.7.0/24 out
Mon, 2021-05-10, 16:21:20 01[KNL] <gw-gw|2> deleting policy 7.7.7.0/24 === 5.5.5.0/24 in
Mon, 2021-05-10, 16:21:20 01[KNL] <gw-gw|2> deleting policy 7.7.7.0/24 === 5.5.5.0/24 fwd
Mon, 2021-05-10, 16:21:20 01[KNL] <gw-gw|2> deleting SAD entry with SPI ce1c8061
Mon, 2021-05-10, 16:21:20 01[KNL] <gw-gw|2> deleted SAD entry with SPI ce1c8061
Mon, 2021-05-10, 16:21:20 01[KNL] <gw-gw|2> deleting SAD entry with SPI ca2e23db
Mon, 2021-05-10, 16:21:20 01[KNL] <gw-gw|2> deleted SAD entry with SPI ca2e23db

Additional context

  1. Build strongswan with ./configure --disable-gmp --disable-shared --enable-static --enable-monolithic --disable-stroke

Thanks.

swanctl --list-something --json please?

Would it be possible to get json formatted output for swanctl --list-sas and others as well? It doesn't have to be fancy. A big one-liner simirar to --raw would be sufficient.

This would make it much easier to process the output of various swanctl options for monitoring, using standard tools like jq or the json modules of perl and python, for example.

Thanx in advance

upgraded to centos stream, strongswan-services won't start

my vpn works perfectly, however after upgrading from centos8 to centos stream I am not able to load strongswan-services.
Could you let me know if there are know issues , Am running strongswan-5.9.1.
Below are the error logs:

systemctl status strongswan-starter.service
● strongswan-starter.service - strongSwan IPsec IKEv1/IKEv2 daemon using ipsec.conf
Loaded: loaded (/usr/lib/systemd/system/strongswan-starter.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Wed 2021-03-10 14:29:03 GMT; 1h 20min ago
Process: 997 ExecStart=/usr/sbin/ipsec start --nofork (code=exited, status=1/FAILURE)
Main PID: 997 (code=exited, status=1/FAILURE)

Mar 10 14:29:03 localhost.localdomain systemd[1]: Started strongSwan IPsec IKEv1/IKEv2 daemon using ipsec.conf.
Mar 10 14:29:03 coniston.xx.xx.xx.uk ipsec[997]: /usr/sbin/ipsec: unknown option "--nofork" (perhaps command name was omitted?)
Mar 10 14:29:03 coniston.xx.xx.xx.uk systemd[1]: strongswan-starter.service: Main process exited, code=exited, status=1/FAILURE
Mar 10 14:29:03 coniston.xx.xx.xx.uk systemd[1]: strongswan-starter.service: Failed with result 'exit-code'.

var/log/messages:

Mar 10 15:53:25 coniston systemd[1]: Started strongSwan IPsec IKEv1/IKEv2 daemon using ipsec.conf.
Mar 10 15:53:25 coniston ipsec[1574]: /usr/sbin/ipsec: unknown option "--nofork" (perhaps command name was omitted?)
Mar 10 15:53:25 coniston systemd[1]: strongswan-starter.service: Main process exited, code=exited, status=1/FAILURE
Mar 10 15:53:25 coniston systemd[1]: strongswan-starter.service: Failed with result 'exit-code'.

Gemalto Authentication Client PKCS#11 module ( version 10.7.77) tainted

I was using the Gemalto SafeNet eToken 5110 for my StrongSwan RoadWarrior authentication against my IPSEC Gateway (BinTEC RS123W). It works fine with Gemalto PKCS#11 module "libeToken.so.9.0.43" coming with SafeNet Authentication Client 9.0.43.
But now, using SafeNet SafeNet Authentication Client 10.7.77, the module produces a "MECHANISM_INVALID" error, denying any approach to connect.

Here the swanctl.conf
connections {
{
unique=replace
aggressive=no
version=2
send_cert=always
proposals=aes256-sha256-modp2048
rekey_time=230m
over_time=10m
keyingtries=3
vips=192.168.221.1
remote_addrs=
pools=remote_pool
local {
auth=pubkey
cert {
slot=0
handle=<ID taken out of pkcs11-ttol --module /usr/lib64/libeToken.so.10.7.77 -O >
}
}
remote {
auth=pubkey
id="CN="
cacerts=<pathToMyCAcert.pem>
}
children {
vp202_sa1 {
start_action=start
close_action=start
mode=tunnel
updown=
mark_in=42
mark_out=42
esp_proposals=aes256-sha256-modp2048
life_time=120m
rekey_time=108m
local_ts=192.168.221.1/32
remote_ts=192.168.202.0/24
dpd_action=restart
}
}
}
}

    pools {
            remote_pool {
                    addrs=192.168.202.0/24
            }

    }

    secrets {
            token {
                    slot=0
                    handle=<ID taken out of pkcs11-ttol --module /usr/lib64/libeToken.so.10.7.77 -O >
                    pin=<myTokenPassword>
            }
    }

Stronswan fail to restore connection using DPD 

Distributor ID: Ubuntu
Description:    Ubuntu 20.10
Release:        20.10
Codename:       groovy

Linux SLOWPC 5.8.0-38-generic #43-Ubuntu SMP Tue Jan 12 12:42:13 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
strongSwan 5.8.4 swanctl

Describe the bug
Due to unknown reason stronswan fail to restore connection and only possible way to fix it using full restart of service

To Reproduce
Steps to reproduce the behavior:

  1. install strongswan
  2. configure like in example (dialout mode)
  3. wait 1 day
  4. connection stop to work and only possible way to fix it using command systemctl restart strongswan-swanctl.service

Expected behavior
normally reestablish connection

Logs/Backtraces

In syslog following. keep alive sent out but no reply and stronswan just ignore it:

Feb 22 07:48:52 SLOWPC charon-systemd[244755]: sending keep alive to 2.2.2.2[4500]
Feb 22 07:53:32 SLOWPC charon-systemd[244755]: message repeated 14 times: [ sending keep alive to 2.2.2.2[4500]]

Additional context

swanctl.conf

connections {
    home {
        version = 2
        remote_addrs = 2.2.2.2
        dpd_delay = 30
        mobike = no
        vips = 0.0.0.0
        encap = yes
        unique = replace
        proposals = aes256-sha1-modp1536

        local {
            auth = pubkey
            certs = [email protected]
            id = [email protected]
            }
        remote {
            auth = pubkey
            cacerts = myCA.crt
            certs = [email protected]
            id = [email protected]
            }
        children {
            home {
                    remote_ts = 10.111.0.0/16
                    esp_proposals = aes256-sha1-modp1536
                    dpd_action = start
                    start_action = start
                    close_action = start
                    rekey_time = 1h
                }
        }
    }
}

swantctl -l

home: #364, CONNECTING, IKEv2, 38fe51c8808f4089_i* 7bf8574508a33b82_r
  local  '[email protected]' @ 10.10.10.38[4500] [10.111.121.2]
  remote '[email protected]' @ 2.2.2.2[4500]
  AES_CBC-256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536
  active:  IKE_CERT_PRE IKE_AUTH IKE_CERT_POST IKE_CONFIG CHILD_CREATE IKE_AUTH_LIFETIME

swanctl -L

  home: IKEv2, no reauthentication, rekeying every 14400s, dpd delay 30s
  local:  %any
  remote: 2.2.2.2
  local public key authentication:
    id: [email protected]
    certs: C=NL, [email protected]
  remote public key authentication:
    id: [email protected]
    certs: C=NL, [email protected]
    cacerts: CN=myCA
  home: TUNNEL, rekeying every 3600s, dpd action is restart
    local:  dynamic
    remote: 10.111.0.0/16

iptables -nL 
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

SSH not working over IPsec tunnel Strongswan

Hello,

I am trying to do SSH from my server machine (where strongswan is installed) to the client machine after the successful VPN connection. It shows the connection time-out error. Please suggest the changes or modifications regarding the same. Also do let me know if you want anything else related to this issue.
I have attached ipsec.conf file screenshot and ssh command screenshot for your reference.

Thank you

conf file
conf_file
same conf file
conf_file1

ssh command
ssh_debug

Configurable IKE rekeying delay

Hello,

I have a new feature request. Short description: I would like strongSwan to delay IKE SA negotiation attempt for a configurable time after the IKE SA is restarted (after it fails e.g. due to DPD timeout or due to initial negotiation timeout).

Long motivation: I am trying to configure an IPsec tunnel over a backup LTE line (IPv4 with central NAT in provider's network), the remote IPsec "server" is a normal public IP. It should transfer minimum "control" data (LTE is billed for transferred data amount) yet it should be available most of time. Instead of NAT keep-alive packets, I am using DPD for keeping NAT open: it is more reliable, since it survives NAT or LTE restarts (which sometimes change source UDP port of NAT-T payload: server ignores port change in keep-alive packets, but obeys it with any IPsec packets including DPD). The DPD interval is 50 seconds (UDP NAT on this particular LTE has timeout of 60 s). I have configured IKEv2 retransmission parameters to send 3 packets (at 0, 0.5 and 2.5 seconds) and give up at 10 seconds if it does not receive any reply. Together, it works very well with DPD: it does not only keep NAT open, it is also able to detect link/server failures within 60 seconds! It "costs" only 16 MB of data per month.

However, if the server fails (is not available, or moved and forgotten), the strongSwan client starts to send much more data. It tries to negotiate IKE SA, gives up after 10 seconds (see retransmission settings above) and tries immediately again. This is 223 MB of data per month (!).

Note it is not convenient to use {start,dpd,close}_action = trap to delay IKE SA renegotiation, as it is less reliable (in contrary with documentation!) than {start,dpd,close}_action = start: with "trap", the client must send a packet to restart IKE SA, but what if it is the server who wants to communicate first? Remember the NAT?

All togerher: I wish I could use {start,dpd,close}_action = start for clients behind NAT, but, on slower lines billed per megabyte transferred, it might introduce large (x 10) cost increase without the "keyingtries" delay requested here as a new feature.

strongSwan uses mobike over XFRMIs and VTIs

Describe the bug
As of any existing version of strongSwan when both peers are mobike capable, they will switch to exchange IKE messages over a shared XFRMI or VTI. They shouldn't do that, because as stated by the IPsec related RFCs, the IKE traffic has to be sent outside of any tunnel between the peers.

A solution would be to track used XFRMIs and VTIs and add them to %s.interfaces_ignore.

strongSwan won't connect on Wifi Android 10 (LG Velvet)

I have a working setup with BB, Android and iPhone phones working just fine. The setup is based on https://www.digitalocean.com/community/tutorials/how-to-set-up-an-ikev2-vpn-server-with-strongswan-on-ubuntu-18-04-2
Today I was setting up LG Velvet with Android 10. The VPN connection only works on LTE (mobile data). As soon as I try to connect to the VPN on Wifi (have tried multiple Wifi connections) the connection fails and even if I disconnect (disable the VPN) the connection on Wifi does not work anymore. I have to disable Wifi and enable it again to have internet access. It looks like there is some routing issue. Here is the client log:

Feb 18 21:47:49 00[DMN] +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Feb 18 21:47:49 00[DMN] Starting IKE service (strongSwan 5.9.1rc1, Android 10 - QKQ1.200308.002/2020-12-01, LM-G900 - lge/caymanlm_e/LGE, Linux 4.19.81-perf, aarch64)
Feb 18 21:47:49 00[LIB] loaded plugins: androidbridge charon android-log openssl fips-prf random nonce pubkey chapoly curve25519 pkcs1 pkcs8 pem xcbc hmac socket-default revocation eap-identity eap-mschapv2 eap-md5 eap-gtc eap-tls x509
Feb 18 21:47:49 00[JOB] spawning 16 worker threads
Feb 18 21:47:49 07[IKE] initiating IKE_SA android[22] to X.X.X.X
Feb 18 21:47:49 07[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Feb 18 21:47:49 07[NET] sending packet: from 0.0.0.0[53719] to X.X.X.X[500] (716 bytes)
Feb 18 21:47:49 03[NET] error writing to socket: Network is unreachable
Feb 18 21:47:50 07[IKE] old path is not available anymore, try to find another
Feb 18 21:47:50 07[IKE] looking for a route to X.X.X.X ...
Feb 18 21:47:50 07[IKE] no route found to reach X.X.X.X, MOBIKE update deferred
Feb 18 21:47:51 09[IKE] retransmit 1 of request with message ID 0
Feb 18 21:47:51 09[NET] sending packet: from 0.0.0.0[53719] to X.X.X.X[500] (716 bytes)
Feb 18 21:47:51 03[NET] error writing to socket: Network is unreachable
Feb 18 21:47:51 10[IKE] old path is not available anymore, try to find another
Feb 18 21:47:51 10[IKE] looking for a route to X.X.X.X ...
Feb 18 21:47:51 10[IKE] no route found to reach X.X.X.X, MOBIKE update deferred
Feb 18 21:47:52 13[IKE] old path is not available anymore, try to find another
Feb 18 21:47:52 13[IKE] looking for a route to X.X.X.X ...
Feb 18 21:47:52 13[IKE] no route found to reach X.X.X.X, MOBIKE update deferred
Feb 18 21:47:53 14[IKE] old path is not available anymore, try to find another
Feb 18 21:47:53 14[IKE] looking for a route to X.X.X.X ...
Feb 18 21:47:53 14[IKE] no route found to reach X.X.X.X, MOBIKE update deferred
Feb 18 21:47:54 16[IKE] retransmit 2 of request with message ID 0
Feb 18 21:47:54 16[NET] sending packet: from 0.0.0.0[53719] to X.X.X.X[500] (716 bytes)
Feb 18 21:47:54 03[NET] error writing to socket: Network is unreachable
Feb 18 21:47:54 08[IKE] old path is not available anymore, try to find another
Feb 18 21:47:54 08[IKE] looking for a route to X.X.X.X ...
Feb 18 21:47:54 08[IKE] no route found to reach X.X.X.X, MOBIKE update deferred
Feb 18 21:47:55 09[IKE] old path is not available anymore, try to find another
Feb 18 21:47:55 09[IKE] looking for a route to X.X.X.X ...
Feb 18 21:47:55 09[IKE] no route found to reach X.X.X.X, MOBIKE update deferred
Feb 18 21:47:56 10[IKE] old path is not available anymore, try to find another
Feb 18 21:47:56 10[IKE] looking for a route to X.X.X.X ...
Feb 18 21:47:56 10[IKE] no route found to reach X.X.X.X, MOBIKE update deferred
Feb 18 21:47:57 13[IKE] old path is not available anymore, try to find another
Feb 18 21:47:57 13[IKE] looking for a route to X.X.X.X ...
Feb 18 21:47:57 13[IKE] no route found to reach X.X.X.X, MOBIKE update deferred
Feb 18 21:47:57 00[IKE] destroying IKE_SA in state CONNECTING without notification

Any ideas what is going on?

charon becomes unresponsive on a dhcp problem

System (please complete the following information):

  • OS: Debian 10
  • Kernel version (if applicable): 4.19.171-2
  • strongSwan version(s): 5.9.1
  • Tested/confirmed with the latest version: yes

Describe the bug
road warrior setup. The laptops are bound to their own IP address using farp and dhcp plugin, and using

host ppcl000-ipsec {
    hardware ethernet 7a:a7:99:88:77:66;
    fixed-address ppcl000.example.com;
    option host-name "ppcl000.example.com";
}

in the DHCP configuration. Problem:

If the DHCP lookup fails (e.g. due to a new key file or due to a typo in the MAC address), then charon on the gateway becomes pretty unresponsive. If 2 DHCP sessions are failing in parallel, then it appears to be impossible to establish another connection, and users complain.

DHCP server is isc-dhcp (4.4.1-2, Debian 10) on a dedicated host.

Support ed25519 SSH private keys

It would be great if one could define ed25519 SSH private keys for pubkey authentication without ssh-agent.
This is especially interesting for embedded distributions like OpenWrt or Alpine Linux where busybox/dropbear is used as default SSH client/server and ssh-agent is not available.

show udp port numbers and "esp/nat" in the output of "ipsec statusall"?

Do you think it would be reasonable to show the udp port numbers next to the IP addresses in the output of ipsec statusall? I understand that these ports are usually 500/udp and 4500/udp, but if you have several connections via NAT, then the IP address alone is not sufficient. You need the client's port numbers, e.g. to watch the connection using tcpdump.

Even if there is no NAT involved and the peers are using esp, a road warrior might still use a private port number for IKE or dead peer detection.

Strongswan licence for commercial use

Hello!
We have a commercial company and we are seeking to integrate strongswan in our application.
We cannot publish our Android application to open source.
Is there any licence needed or agreement to be done in order to be legitimate for using your open source code?

on FreeBSD 13 the PFROUTE plugin is not able to add route to the routing table (and therefor no traffic is flowing to where it should be).

System (please complete the following information):

  • OS: freebsd 13.0 rc2
  • Kernel version (if applicable): [e.g. 5.10]
  • strongSwan version(s): 5.9.2
  • Tested/confirmed with the latest version: [yes]

Describe the bug
using freebsd 11.x and 12.x with route_via_internal = yes made strongswan add the rights routes automaticly.

To Reproduce
Steps to reproduce the behavior:

  1. just enable route_via_internal_yes in kernel-pfkey.conf

Expected behavior
A clear and concise description of what you expected to happen.
strongswan should add routes via internal interface.

Logs/Backtraces
I see no tries/fails of adding routes when using debug log from
https://wiki.strongswan.org/projects/strongswan/wiki/HelpRequests

this is my kernel-pfkey.conf

kernel-pfkey {

# Size of the receive buffer for the event socket (0 for default size).
# events_buffer_size = 0

# Whether to load the plugin. Can also be an integer to increase the
# priority of this plugin.
load = yes
route_via_internal = y

}

IOS roaming from Wifi to LTE "mobike" drop after 8 min

System (please complete the following information):

  • OS: Ubuntu 20.04
  • Kernel version (if applicable): 5.11.0-25-generic
  • strongSwan version(s): 5.9.1
  • Tested/confirmed with the latest version: [yes/no] no

Describe the bug
A clear and concise description of what the bug is.
when switching from wifi to lte the vpn is dropped after 8 mins, the vpn doesnt drop if u stay on wifi and doesnt drop if you stay on lte, only when u switch "mobike"

To Reproduce
Steps to reproduce the behavior:

on Iphone IOS 14.7

  1. connect to wifi
  2. connect to vpn
  3. turn on Cellular data
  4. turn off wifi
  5. look at the timer when it reaches 8:00 mins the vpn is dropped

Expected behavior
A clear and concise description of what you expected to happen.
vpn is dropped

Logs/Backtraces
If applicable, add logs or backtraces to help explain your problem.
proxyndp.updown.txt
ipsec.conf.txt

13[NET] sending packet: from Strongswan Public IP[4500] to Iphone Public IP [1210] (80 bytes)
13[ENC] generating INFORMATIONAL response 7 [ ]
13[IKE] IKE_SA deleted
13[IKE] IKE_SA deleted
13[IKE] deleting IKE_SA ikev2-vpn[5] between Strongswan Public IP[PUBLIC DNS NAME]...Iphone Public IP[LOCAL ID]
13[IKE] deleting IKE_SA ikev2-vpn[5] between Strongswan Public IP[PUBLIC DNS NAME]...Iphone Public IP[LOCAL ID]
13[IKE] received DELETE for IKE_SA ikev2-vpn[5]
13[ENC] parsed INFORMATIONAL request 7 [ D ]
13[NET] received packet: from Iphone Public IP [1210] to Strongswan Public IP[4500] (80 bytes)

Additional context
Add any other context about the problem here.

Unable to install policy for changed child config (new traffic selector added to local_ts list)

System:

  • OS: Ubuntu 18.04
  • strongSwan version(s): 5.9.2

Description
Unable to install IPsec policies on updating the local_ts for IKEv2 child configuration

I have two sites, site1 and site2. When an IKEv2 tunnel is brought up with a configuration it installs the policy as expected. But when I add a new subnet to the local_ts for site1 (and accordingly remote_ts for site2), charon seems unable to install the policies while throwing an error for the first policy that's installed.

Steps to reproduce

  1. Configure site1 and site2 with config as mentioned below
  2. Bring up tunnel by passing appropriate traffic (eg: ping 192.168.145.1 from site1)
  3. Edit /etc/swanctl/swanctl.conf on site1 to add one more subnet (local_ts=192.168.135.0/24,192.168.136.0/24) similarly update remote_ts on site2
  4. Observe logs

Expectation
Shouldn't charon be able to install the updated policy?

Initial swanctl.conf on site1

connections {

   remote-peer-2 {
      local_addrs  = 192.168.1.254
      remote_addrs = 192.168.1.47

      version = 2
      fragmentation = yes
      reauth_time = 25920s
      over_time = 2880s
      keyingtries = 1
      proposals = aes256-sha256-modp2048
      dpd_delay = 10s

      local {
         id = 192.168.1.254
         auth = psk
      }
      remote {
         id = 192.168.1.47
         auth = psk
      }

      children {
         net-2 {
            start_action = trap
            close_action = trap
            ipcomp = no
            esp_proposals = aes256-sha256-modp2048
            mode = tunnel
            inactivity = 50000
            rekey_time = 25920s
            life_time = 28800s
            replay_window = 32
            dpd_action = trap
            local_ts  = 192.168.135.0/24
            remote_ts = 192.168.145.0/24

         }
      }

   }
}

secrets {

   ike-2 {
      id = 192.168.1.47
      secret = test1234
   }
}

Logs on bringing up tunnel first time on site1

Apr 27 18:45:48 06[KNL] received a XFRM_MSG_ACQUIRE
Apr 27 18:45:48 06[KNL]   XFRMA_TMPL
Apr 27 18:45:48 06[KNL] creating acquire job for policy 192.168.135.1/32[udp/44639] === 192.168.145.1/32[udp/1025] with reqid {1}
Apr 27 18:45:48 06[MGR] checkout IKE_SA by config
Apr 27 18:45:48 06[MGR] created IKE_SA (unnamed)[4]
Apr 27 18:45:48 06[IKE] <remote-peer-2|4> queueing IKE_VENDOR task
Apr 27 18:45:48 06[IKE] <remote-peer-2|4> queueing IKE_INIT task
Apr 27 18:45:48 06[IKE] <remote-peer-2|4> queueing IKE_NATD task
Apr 27 18:45:48 06[IKE] <remote-peer-2|4> queueing IKE_CERT_PRE task
Apr 27 18:45:48 06[IKE] <remote-peer-2|4> queueing IKE_AUTH task
Apr 27 18:45:48 06[IKE] <remote-peer-2|4> queueing IKE_CERT_POST task
Apr 27 18:45:48 06[IKE] <remote-peer-2|4> queueing IKE_CONFIG task
Apr 27 18:45:48 06[IKE] <remote-peer-2|4> queueing IKE_AUTH_LIFETIME task
Apr 27 18:45:48 06[IKE] <remote-peer-2|4> queueing IKE_MOBIKE task
Apr 27 18:45:48 06[IKE] <remote-peer-2|4> queueing CHILD_CREATE task
Apr 27 18:45:48 06[IKE] <remote-peer-2|4> activating new tasks
Apr 27 18:45:48 06[IKE] <remote-peer-2|4>   activating IKE_VENDOR task
Apr 27 18:45:48 06[IKE] <remote-peer-2|4>   activating IKE_INIT task
Apr 27 18:45:48 06[IKE] <remote-peer-2|4>   activating IKE_NATD task
Apr 27 18:45:48 06[IKE] <remote-peer-2|4>   activating IKE_CERT_PRE task
Apr 27 18:45:48 06[IKE] <remote-peer-2|4>   activating IKE_AUTH task
Apr 27 18:45:48 06[IKE] <remote-peer-2|4>   activating IKE_CERT_POST task
Apr 27 18:45:48 06[IKE] <remote-peer-2|4>   activating IKE_CONFIG task
Apr 27 18:45:48 06[IKE] <remote-peer-2|4>   activating CHILD_CREATE task
Apr 27 18:45:48 06[IKE] <remote-peer-2|4>   activating IKE_AUTH_LIFETIME task
Apr 27 18:45:48 06[IKE] <remote-peer-2|4>   activating IKE_MOBIKE task
Apr 27 18:45:48 06[IKE] <remote-peer-2|4> initiating IKE_SA remote-peer-2[4] to 192.168.1.47
Apr 27 18:45:48 06[IKE] <remote-peer-2|4> IKE_SA remote-peer-2[4] state change: CREATED => CONNECTING
Apr 27 18:45:48 06[LIB] <remote-peer-2|4> size of DH secret exponent: 2045 bits
Apr 27 18:45:48 06[CFG] <remote-peer-2|4> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Apr 27 18:45:48 06[CFG] <remote-peer-2|4> sending supported signature hash algorithms: sha256 sha384 sha512 identity
Apr 27 18:45:48 06[NET] <remote-peer-2|4> sending packet: from 192.168.1.254[500] to 192.168.1.47[500] (464 bytes)
Apr 27 18:45:48 06[MGR] <remote-peer-2|4> checkin IKE_SA remote-peer-2[4]
Apr 27 18:45:48 06[MGR] <remote-peer-2|4> checkin of IKE_SA successful
Apr 27 18:45:48 11[NET] sending packet: from 192.168.1.254[500] to 192.168.1.47[500]
Apr 27 18:45:48 03[NET] received packet: from 192.168.1.47[500] to 192.168.1.254[500]
Apr 27 18:45:48 03[NET] waiting for data on sockets
Apr 27 18:45:48 04[MGR] checkout IKEv2 SA by message with SPIs b4cc45e0a7eee159_i 1867321342a86654_r
Apr 27 18:45:48 04[MGR] IKE_SA remote-peer-2[4] successfully checked out
Apr 27 18:45:48 04[NET] <remote-peer-2|4> received packet: from 192.168.1.47[500] to 192.168.1.254[500] (472 bytes)
Apr 27 18:45:48 04[IKE] <remote-peer-2|4> received FRAGMENTATION_SUPPORTED notify
Apr 27 18:45:48 04[IKE] <remote-peer-2|4> received SIGNATURE_HASH_ALGORITHMS notify
Apr 27 18:45:48 04[IKE] <remote-peer-2|4> received CHILDLESS_IKEV2_SUPPORTED notify
Apr 27 18:45:48 04[CFG] <remote-peer-2|4> selecting proposal:
Apr 27 18:45:48 04[CFG] <remote-peer-2|4>   proposal matches
Apr 27 18:45:48 04[CFG] <remote-peer-2|4> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Apr 27 18:45:48 04[CFG] <remote-peer-2|4> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Apr 27 18:45:48 04[CFG] <remote-peer-2|4> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Apr 27 18:45:48 04[CFG] <remote-peer-2|4> received supported signature hash algorithms: sha256 sha384 sha512 identity
Apr 27 18:45:48 04[IKE] <remote-peer-2|4> reinitiating already active tasks
Apr 27 18:45:48 04[IKE] <remote-peer-2|4>   IKE_CERT_PRE task
Apr 27 18:45:48 04[IKE] <remote-peer-2|4>   IKE_AUTH task
Apr 27 18:45:48 04[IKE] <remote-peer-2|4> authentication of '192.168.1.254' (myself) with pre-shared key
Apr 27 18:45:48 04[IKE] <remote-peer-2|4> successfully created shared key MAC
Apr 27 18:45:48 04[CFG] <remote-peer-2|4> proposing traffic selectors for us:
Apr 27 18:45:48 04[CFG] <remote-peer-2|4>  192.168.135.0/24
Apr 27 18:45:48 04[CFG] <remote-peer-2|4> proposing traffic selectors for other:
Apr 27 18:45:48 04[CFG] <remote-peer-2|4>  192.168.145.0/24
Apr 27 18:45:48 04[CFG] <remote-peer-2|4> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Apr 27 18:45:48 04[IKE] <remote-peer-2|4> establishing CHILD_SA net-2{9} reqid 1
Apr 27 18:45:48 04[KNL] <remote-peer-2|4> got SPI c4731ec5
Apr 27 18:45:48 04[NET] <remote-peer-2|4> sending packet: from 192.168.1.254[4500] to 192.168.1.47[4500] (368 bytes)
Apr 27 18:45:48 04[MGR] <remote-peer-2|4> checkin IKE_SA remote-peer-2[4]
Apr 27 18:45:48 04[MGR] <remote-peer-2|4> checkin of IKE_SA successful
Apr 27 18:45:48 11[NET] sending packet: from 192.168.1.254[4500] to 192.168.1.47[4500]
Apr 27 18:45:48 03[NET] received packet: from 192.168.1.47[4500] to 192.168.1.254[4500]
Apr 27 18:45:48 03[NET] waiting for data on sockets
Apr 27 18:45:48 16[MGR] checkout IKEv2 SA by message with SPIs b4cc45e0a7eee159_i 1867321342a86654_r
Apr 27 18:45:48 16[MGR] IKE_SA remote-peer-2[4] successfully checked out
Apr 27 18:45:48 16[NET] <remote-peer-2|4> received packet: from 192.168.1.47[4500] to 192.168.1.254[4500] (288 bytes)
Apr 27 18:45:48 16[IKE] <remote-peer-2|4> authentication of '192.168.1.47' with pre-shared key successful
Apr 27 18:45:48 16[IKE] <remote-peer-2|4> IKE_SA remote-peer-2[4] established between 192.168.1.254[192.168.1.254]...192.168.1.47[192.168.1.47]
Apr 27 18:45:48 16[IKE] <remote-peer-2|4> IKE_SA remote-peer-2[4] state change: CONNECTING => ESTABLISHED
Apr 27 18:45:48 16[IKE] <remote-peer-2|4> scheduling reauthentication in 25879s
Apr 27 18:45:48 16[IKE] <remote-peer-2|4> maximum IKE_SA lifetime 28759s
Apr 27 18:45:48 16[CFG] <remote-peer-2|4> selecting proposal:
Apr 27 18:45:48 16[CFG] <remote-peer-2|4>   proposal matches
Apr 27 18:45:48 16[CFG] <remote-peer-2|4> received proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Apr 27 18:45:48 16[CFG] <remote-peer-2|4> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Apr 27 18:45:48 16[CFG] <remote-peer-2|4> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Apr 27 18:45:48 16[CFG] <remote-peer-2|4> selecting traffic selectors for us:
Apr 27 18:45:48 16[CFG] <remote-peer-2|4>  config: 192.168.135.0/24, received: 192.168.135.0/24 => match: 192.168.135.0/24
Apr 27 18:45:48 16[CFG] <remote-peer-2|4> selecting traffic selectors for other:
Apr 27 18:45:48 16[CFG] <remote-peer-2|4>  config: 192.168.145.0/24, received: 192.168.145.0/24 => match: 192.168.145.0/24
Apr 27 18:45:48 16[CHD] <remote-peer-2|4> CHILD_SA net-2{9} state change: CREATED => INSTALLING
Apr 27 18:45:48 16[CHD] <remote-peer-2|4>   using AES_CBC for encryption
Apr 27 18:45:48 16[CHD] <remote-peer-2|4>   using HMAC_SHA2_256_128 for integrity
Apr 27 18:45:48 16[CHD] <remote-peer-2|4> adding inbound ESP SA
Apr 27 18:45:48 16[CHD] <remote-peer-2|4>   SPI 0xc4731ec5, src 192.168.1.47 dst 192.168.1.254
Apr 27 18:45:48 16[KNL] <remote-peer-2|4> adding SAD entry with SPI c4731ec5 and reqid {1}
Apr 27 18:45:48 16[KNL] <remote-peer-2|4>   using encryption algorithm AES_CBC with key size 256
Apr 27 18:45:48 16[KNL] <remote-peer-2|4>   using integrity algorithm HMAC_SHA2_256_128 with key size 256
Apr 27 18:45:48 16[KNL] <remote-peer-2|4>   using replay window of 32 packets
Apr 27 18:45:48 16[KNL] <remote-peer-2|4>   HW offload: no
Apr 27 18:45:48 16[CHD] <remote-peer-2|4> adding outbound ESP SA
Apr 27 18:45:48 16[CHD] <remote-peer-2|4>   SPI 0xc3572f55, src 192.168.1.254 dst 192.168.1.47
Apr 27 18:45:48 16[KNL] <remote-peer-2|4> adding SAD entry with SPI c3572f55 and reqid {1}
Apr 27 18:45:48 16[KNL] <remote-peer-2|4>   using encryption algorithm AES_CBC with key size 256
Apr 27 18:45:48 16[KNL] <remote-peer-2|4>   using integrity algorithm HMAC_SHA2_256_128 with key size 256
Apr 27 18:45:48 16[KNL] <remote-peer-2|4>   using replay window of 0 packets
Apr 27 18:45:48 16[KNL] <remote-peer-2|4>   HW offload: no
Apr 27 18:45:48 16[KNL] <remote-peer-2|4> policy 192.168.145.0/24 === 192.168.135.0/24 in already exists, increasing refcount
Apr 27 18:45:48 16[KNL] <remote-peer-2|4> updating policy 192.168.145.0/24 === 192.168.135.0/24 in [priority 375423, refcount 2]
Apr 27 18:45:48 16[KNL] <remote-peer-2|4> policy 192.168.145.0/24 === 192.168.135.0/24 fwd already exists, increasing refcount
Apr 27 18:45:48 16[KNL] <remote-peer-2|4> updating policy 192.168.145.0/24 === 192.168.135.0/24 fwd [priority 375423, refcount 2]
Apr 27 18:45:48 16[KNL] <remote-peer-2|4> policy 192.168.135.0/24 === 192.168.145.0/24 out already exists, increasing refcount
Apr 27 18:45:48 16[KNL] <remote-peer-2|4> updating policy 192.168.135.0/24 === 192.168.145.0/24 out [priority 375423, refcount 2]
Apr 27 18:45:48 16[KNL] <remote-peer-2|4> getting a local address in traffic selector 192.168.135.0/24
Apr 27 18:45:48 16[KNL] <remote-peer-2|4> using host 192.168.135.1
Apr 27 18:45:48 16[KNL] <remote-peer-2|4> getting iface name for index 2
Apr 27 18:45:48 16[KNL] <remote-peer-2|4> using 192.168.1.47 as nexthop and enp0s31f6 as dev to reach 192.168.1.47/32
Apr 27 18:45:48 16[IKE] <remote-peer-2|4> CHILD_SA net-2{9} established with SPIs c4731ec5_i c3572f55_o and TS 192.168.135.0/24 === 192.168.145.0/24
Apr 27 18:45:48 16[CHD] <remote-peer-2|4> CHILD_SA net-2{9} state change: INSTALLING => INSTALLED
Apr 27 18:45:48 16[IKE] <remote-peer-2|4> received AUTH_LIFETIME of 23279s, scheduling reauthentication in 20399s
Apr 27 18:45:48 16[IKE] <remote-peer-2|4> peer supports MOBIKE
Apr 27 18:45:48 16[IKE] <remote-peer-2|4> got additional MOBIKE peer address: 172.17.0.1
Apr 27 18:45:48 16[IKE] <remote-peer-2|4> got additional MOBIKE peer address: 192.168.145.1
Apr 27 18:45:48 16[IKE] <remote-peer-2|4> got additional MOBIKE peer address: fd2c:97b1:3ae0:d000:2e0:f7ff:fee0:76a
Apr 27 18:45:48 16[IKE] <remote-peer-2|4> activating new tasks
Apr 27 18:45:48 16[IKE] <remote-peer-2|4> nothing to initiate
Apr 27 18:45:48 16[MGR] <remote-peer-2|4> checkin IKE_SA remote-peer-2[4]
Apr 27 18:45:48 16[MGR] <remote-peer-2|4> checkin of IKE_SA successful
Apr 27 18:45:52 12[MGR] checkout IKEv2 SA with SPIs b4cc45e0a7eee159_i 0000000000000000_r
Apr 27 18:45:52 12[MGR] IKE_SA remote-peer-2[4] successfully checked out
Apr 27 18:45:52 12[MGR] <remote-peer-2|4> checkin IKE_SA remote-peer-2[4]
Apr 27 18:45:52 12[MGR] <remote-peer-2|4> checkin of IKE_SA successful
Apr 27 18:45:52 09[MGR] checkout IKEv2 SA with SPIs b4cc45e0a7eee159_i 1867321342a86654_r
Apr 27 18:45:52 09[MGR] IKE_SA remote-peer-2[4] successfully checked out
Apr 27 18:45:52 09[MGR] <remote-peer-2|4> checkin IKE_SA remote-peer-2[4]
Apr 27 18:45:52 09[MGR] <remote-peer-2|4> checkin of IKE_SA successful
Apr 27 18:45:58 08[MGR] checkout IKEv2 SA with SPIs b4cc45e0a7eee159_i 1867321342a86654_r
Apr 27 18:45:58 08[MGR] IKE_SA remote-peer-2[4] successfully checked out
Apr 27 18:45:58 08[KNL] <remote-peer-2|4> querying policy 192.168.145.0/24 === 192.168.135.0/24 in
Apr 27 18:45:58 08[KNL] <remote-peer-2|4> querying policy 192.168.145.0/24 === 192.168.135.0/24 fwd
Apr 27 18:45:58 08[MGR] <remote-peer-2|4> checkin IKE_SA remote-peer-2[4]
Apr 27 18:45:58 08[MGR] <remote-peer-2|4> checkin of IKE_SA successful

Update config with new subnet on site1

connections {

   remote-peer-2 {
      local_addrs  = 192.168.1.254
      remote_addrs = 192.168.1.47

      version = 2
      fragmentation = yes
      reauth_time = 25920s
      over_time = 2880s
      keyingtries = 1
      proposals = aes256-sha256-modp2048
      dpd_delay = 10s

      local {
         id = 192.168.1.254
         auth = psk
      }
      remote {
         id = 192.168.1.47
         auth = psk
      }

      children {
         net-2 {
            start_action = trap
            close_action = trap
            ipcomp = no
            esp_proposals = aes256-sha256-modp2048
            mode = tunnel
            inactivity = 50000
            rekey_time = 25920s
            life_time = 28800s
            replay_window = 32
            dpd_action = trap
            local_ts  = 192.168.135.0/24,192.168.136.0/24
            remote_ts = 192.168.145.0/24

         }
      }

   }
}

secrets {

   ike-2 {
      id = 192.168.1.47
      secret = test1234
   }
}

Logs on running swanctl -q on site1

Apr 27 18:49:07 15[CFG] vici client 33 connected
Apr 27 18:49:07 04[CFG] vici client 33 requests: get-keys
Apr 27 18:49:07 12[CFG] vici client 33 requests: get-shared
Apr 27 18:49:07 10[CFG] vici client 33 requests: load-shared
Apr 27 18:49:07 10[CFG] loaded IKE shared key with id 'ike-2' for: '192.168.1.47'
Apr 27 18:49:07 13[CFG] vici client 33 requests: get-authorities
Apr 27 18:49:07 09[CFG] vici client 33 requests: get-pools
Apr 27 18:49:07 04[CFG] vici client 33 requests: get-conns
Apr 27 18:49:07 13[CFG] vici client 33 requests: load-conn
Apr 27 18:49:07 13[CFG]  conn remote-peer-2:
Apr 27 18:49:07 13[CFG]   child net-2:
Apr 27 18:49:07 13[CFG]    rekey_time = 25920
Apr 27 18:49:07 13[CFG]    life_time = 28800
Apr 27 18:49:07 13[CFG]    rand_time = 2880
Apr 27 18:49:07 13[CFG]    rekey_bytes = 0
Apr 27 18:49:07 13[CFG]    life_bytes = 0
Apr 27 18:49:07 13[CFG]    rand_bytes = 0
Apr 27 18:49:07 13[CFG]    rekey_packets = 0
Apr 27 18:49:07 13[CFG]    life_packets = 0
Apr 27 18:49:07 13[CFG]    rand_packets = 0
Apr 27 18:49:07 13[CFG]    updown = (null)
Apr 27 18:49:07 13[CFG]    hostaccess = 0
Apr 27 18:49:07 13[CFG]    ipcomp = 0
Apr 27 18:49:07 13[CFG]    mode = TUNNEL
Apr 27 18:49:07 13[CFG]    policies = 1
Apr 27 18:49:07 13[CFG]    policies_fwd_out = 0
Apr 27 18:49:07 13[CFG]    replay_window = 32
Apr 27 18:49:07 13[CFG]    dpd_action = hold
Apr 27 18:49:07 13[CFG]    start_action = hold
Apr 27 18:49:07 13[CFG]    close_action = clear
Apr 27 18:49:07 13[CFG]    reqid = 0
Apr 27 18:49:07 13[CFG]    tfc = 0
Apr 27 18:49:07 13[CFG]    priority = 0
Apr 27 18:49:07 13[CFG]    interface = (null)
Apr 27 18:49:07 13[CFG]    if_id_in = 0
Apr 27 18:49:07 13[CFG]    if_id_out = 0
Apr 27 18:49:07 13[CFG]    mark_in = 0/0
Apr 27 18:49:07 13[CFG]    mark_in_sa = 0
Apr 27 18:49:07 13[CFG]    mark_out = 0/0
Apr 27 18:49:07 13[CFG]    set_mark_in = 0/0
Apr 27 18:49:07 13[CFG]    set_mark_out = 0/0
Apr 27 18:49:07 13[CFG]    inactivity = 50000
Apr 27 18:49:07 13[CFG]    proposals = ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Apr 27 18:49:07 13[CFG]    local_ts = 192.168.135.0/24 192.168.136.0/24
Apr 27 18:49:07 13[CFG]    remote_ts = 192.168.145.0/24
Apr 27 18:49:07 13[CFG]    hw_offload = no
Apr 27 18:49:07 13[CFG]    sha256_96 = 0
Apr 27 18:49:07 13[CFG]    copy_df = 1
Apr 27 18:49:07 13[CFG]    copy_ecn = 1
Apr 27 18:49:07 13[CFG]    copy_dscp = out
Apr 27 18:49:07 13[CFG]   version = 2
Apr 27 18:49:07 13[CFG]   local_addrs = 192.168.1.254
Apr 27 18:49:07 13[CFG]   remote_addrs = 192.168.1.47
Apr 27 18:49:07 13[CFG]   local_port = 500
Apr 27 18:49:07 13[CFG]   remote_port = 500
Apr 27 18:49:07 13[CFG]   send_certreq = 1
Apr 27 18:49:07 13[CFG]   send_cert = CERT_SEND_IF_ASKED
Apr 27 18:49:07 13[CFG]   ppk_id = (null)
Apr 27 18:49:07 13[CFG]   ppk_required = 0
Apr 27 18:49:07 13[CFG]   mobike = 1
Apr 27 18:49:07 13[CFG]   aggressive = 0
Apr 27 18:49:07 13[CFG]   dscp = 0x00
Apr 27 18:49:07 13[CFG]   encap = 0
Apr 27 18:49:07 13[CFG]   dpd_delay = 10
Apr 27 18:49:07 13[CFG]   dpd_timeout = 0
Apr 27 18:49:07 13[CFG]   fragmentation = 2
Apr 27 18:49:07 13[CFG]   childless = 0
Apr 27 18:49:07 13[CFG]   unique = UNIQUE_NO
Apr 27 18:49:07 13[CFG]   keyingtries = 1
Apr 27 18:49:07 13[CFG]   reauth_time = 25920
Apr 27 18:49:07 13[CFG]   rekey_time = 0
Apr 27 18:49:07 13[CFG]   over_time = 2880
Apr 27 18:49:07 13[CFG]   rand_time = 2880
Apr 27 18:49:07 13[CFG]   proposals = IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Apr 27 18:49:07 13[CFG]   if_id_in = 0
Apr 27 18:49:07 13[CFG]   if_id_out = 0
Apr 27 18:49:07 13[CFG]   local:
Apr 27 18:49:07 13[CFG]    class = pre-shared key
Apr 27 18:49:07 13[CFG]    id = 192.168.1.254
Apr 27 18:49:07 13[CFG]   remote:
Apr 27 18:49:07 13[CFG]    class = pre-shared key
Apr 27 18:49:07 13[CFG]    id = 192.168.1.47
Apr 27 18:49:07 13[CFG] updated vici connection: remote-peer-2
Apr 27 18:49:07 13[CFG] uninstalling 'net-2'
Apr 27 18:49:07 13[CHD] CHILD_SA net-2{8} state change: ROUTED => DESTROYING
Apr 27 18:49:07 13[KNL] deleting policy 192.168.135.0/24 === 192.168.145.0/24 out
Apr 27 18:49:07 13[KNL] policy still used by another CHILD_SA, not removed
Apr 27 18:49:07 13[KNL] not updating policy 192.168.135.0/24 === 192.168.145.0/24 out [priority 375423, refcount 1]
Apr 27 18:49:07 13[KNL] deleting policy 192.168.145.0/24 === 192.168.135.0/24 in
Apr 27 18:49:07 13[KNL] policy still used by another CHILD_SA, not removed
Apr 27 18:49:07 13[KNL] not updating policy 192.168.145.0/24 === 192.168.135.0/24 in [priority 375423, refcount 1]
Apr 27 18:49:07 13[KNL] deleting policy 192.168.145.0/24 === 192.168.135.0/24 fwd
Apr 27 18:49:07 13[KNL] policy still used by another CHILD_SA, not removed
Apr 27 18:49:07 13[KNL] not updating policy 192.168.145.0/24 === 192.168.135.0/24 fwd [priority 375423, refcount 1]
Apr 27 18:49:07 13[CFG] installing 'net-2'
Apr 27 18:49:07 13[CFG] configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Apr 27 18:49:07 13[CFG] unable to install policy 192.168.145.0/24 === 192.168.135.0/24 in for reqid 2, the same policy for reqid 1 exists
Apr 27 18:49:07 13[CFG] unable to install policy 192.168.145.0/24 === 192.168.135.0/24 fwd for reqid 2, the same policy for reqid 1 exists
Apr 27 18:49:07 13[CFG] unable to install policy 192.168.135.0/24 === 192.168.145.0/24 out for reqid 2, the same policy for reqid 1 exists
Apr 27 18:49:07 13[CFG] installing trap failed
Apr 27 18:49:07 13[CHD] CHILD_SA net-2{10} state change: CREATED => DESTROYING
Apr 27 18:49:07 13[KNL] deleting policy 192.168.135.0/24 === 192.168.145.0/24 out
Apr 27 18:49:07 13[KNL] policy still used by another CHILD_SA, not removed
Apr 27 18:49:07 13[KNL] not updating policy 192.168.135.0/24 === 192.168.145.0/24 out [priority 375423, refcount 1]
Apr 27 18:49:07 13[KNL] deleting policy 192.168.145.0/24 === 192.168.135.0/24 in
Apr 27 18:49:07 13[KNL] policy still used by another CHILD_SA, not removed
Apr 27 18:49:07 13[KNL] not updating policy 192.168.145.0/24 === 192.168.135.0/24 in [priority 375423, refcount 1]
Apr 27 18:49:07 13[KNL] deleting policy 192.168.145.0/24 === 192.168.135.0/24 fwd
Apr 27 18:49:07 13[KNL] policy still used by another CHILD_SA, not removed
Apr 27 18:49:07 13[KNL] not updating policy 192.168.145.0/24 === 192.168.135.0/24 fwd [priority 375423, refcount 1]
Apr 27 18:49:07 13[KNL] deleting policy 192.168.136.0/24 === 192.168.145.0/24 out
Apr 27 18:49:07 13[KNL] deleting policy 192.168.136.0/24 === 192.168.145.0/24 out failed, not found
Apr 27 18:49:07 13[KNL] deleting policy 192.168.145.0/24 === 192.168.136.0/24 in
Apr 27 18:49:07 13[KNL] deleting policy 192.168.145.0/24 === 192.168.136.0/24 in failed, not found
Apr 27 18:49:07 13[KNL] deleting policy 192.168.145.0/24 === 192.168.136.0/24 fwd
Apr 27 18:49:07 13[KNL] deleting policy 192.168.145.0/24 === 192.168.136.0/24 fwd failed, not found
Apr 27 18:49:07 12[CFG] vici client 33 disconnected
Apr 27 18:49:12 03[NET] received packet: from 192.168.1.47[4500] to 192.168.1.254[4500]
Apr 27 18:49:12 08[MGR] checkout IKEv2 SA by message with SPIs b4cc45e0a7eee159_i 1867321342a86654_r
Apr 27 18:49:12 08[MGR] IKE_SA remote-peer-2[4] successfully checked out
Apr 27 18:49:12 08[NET] <remote-peer-2|4> received packet: from 192.168.1.47[4500] to 192.168.1.254[4500] (80 bytes)
Apr 27 18:49:12 08[NET] <remote-peer-2|4> sending packet: from 192.168.1.254[4500] to 192.168.1.47[4500] (80 bytes)
Apr 27 18:49:12 08[MGR] <remote-peer-2|4> checkin IKE_SA remote-peer-2[4]
Apr 27 18:49:12 08[MGR] <remote-peer-2|4> checkin of IKE_SA successful
Apr 27 18:49:12 11[NET] sending packet: from 192.168.1.254[4500] to 192.168.1.47[4500]
Apr 27 18:49:12 03[NET] waiting for data on sockets
Apr 27 18:49:12 07[MGR] checkout IKEv2 SA with SPIs b4cc45e0a7eee159_i 1867321342a86654_r
Apr 27 18:49:12 07[MGR] IKE_SA remote-peer-2[4] successfully checked out
Apr 27 18:49:12 07[KNL] <remote-peer-2|4> querying policy 192.168.145.0/24 === 192.168.135.0/24 in
Apr 27 18:49:12 07[KNL] <remote-peer-2|4> querying policy 192.168.145.0/24 === 192.168.135.0/24 fwd
Apr 27 18:49:12 07[MGR] <remote-peer-2|4> checkin IKE_SA remote-peer-2[4]
Apr 27 18:49:12 07[MGR] <remote-peer-2|4> checkin of IKE_SA successful
Apr 27 18:49:22 03[NET] received packet: from 192.168.1.47[4500] to 192.168.1.254[4500]
Apr 27 18:49:22 03[NET] waiting for data on sockets

Question
From the little I've gleaned by looking at the code, I understand that if a policy of the same reqid (with the same parameters for ts) is attempted to be installed it updates the refcount. But from the logs it looks like the installed policy is not looked at and an entire new policy is attempted to be installed (understood by the new reqid let me know if that understanding is wrong)

Strongswan not respondong to IKE messages on port 500 after establishing a connection

Hi,

I have an IKEv2 tunnel with forceencaps enabled (both sides are NAT'd) where after switching to 4500 and establishing the tunnel etc (ESP traffic flows across the tunnel on 4500 just fine). Subsequent IKE messages from the remote to the local strongswan on 500 are ignored until the tunnel is manually terminated and recreated. My understanding is it shouldn't matter what port out of 500/4500 the remote uses for IKE messages, they should still be accepted (ESP is a different matter).

From https://datatracker.ietf.org/doc/html/rfc3947

"Similarly, if the responder has to rekey the Phase 1 SA, then the
rekey negotiation MUST be started by using UDP(4500,Y). Any
implementation that supports NAT traversal MUST support negotiations
that begin on port 4500. If a negotiation starts on port 4500, then
it doesn't need to change anywhere else in the exchange.

Once port change has occurred, if a packet is received on port 500,
that packet is old. If the packet is an informational packet, it MAY
be processed if local policy allows this. If the packet is a Main
Mode or an Aggressive Mode packet (with the same cookies as previous
packets), it SHOULD be discarded. If the packet is a new Main Mode
or Aggressive exchange, then it is processed normally (the other end
might have rebooted, and this is starting new exchange)."

I am seeing an issue where we try rekey on 4500 but the other end doesn't respond to 4500 rekeys. It only responds to 500 rekeys. So while there is an obvious issue with the other end (Cisco I believe), I would also like strongswan to respond to the remote's rekeys on 500.

I'm not sure if this is a strongswan problem, or a linux kernel issue, or a config issue on my part.

In the attached screenshot, things only started working again when my end (192.168.122.5) started sending IKE packets back on 500 not 4500. Packet 3 has the remote send on UDP 500 to us - why didn't strongswan respond is my question? What can I do to make it respond?

Screenshot 2021-06-14 at 12 08 33

Config (Strongswan 5.9.0, Linux 5.4.74):

conn vpn
auto=start
dpdaction=restart
dpddelay=30s
dpdtimeout=90s
esp=aes256-sha512-modp2048!
forceencaps=yes
ike=aes256-sha256-modp2048!
ikelifetime=5400s
keyexchange=ikev2
keyingtries=%forever
keylife=1800s
left=192.168.9.1
leftfirewall=no
leftid=192.168.122.5
leftsubnet=10.0.0.1/32
margintime=9
rekeymargin=60s
right=192.168.122.2
rightfirewall=no
rightid=192.168.122.2
rightsubnet=172.16.100.0/24

strongswan/ipsec status command freezes with HA configuration after a while

Discussed in #450

Originally posted by khramov86 June 16, 2021
Hi,

while testing HA configuration faced with problem, after 8+ hours that tunnel is up, in some moment of time service on passive host takes weight as on active (also tried implement active-active configuration and obtained same behaviour) and after that command strongswan status on secondary hosts don't work.
Strace of strongswan status in attachment with strongswan.log for primary and secondary.

strongswan_primary.log
strongswan_secondary.log
strongswan_status_strace.log

Can you help me please?

This is caused by a bug introduced with 20dfbca.

charon stuck if swanctl is used to close connections shortly before terminating the daemon (potentially also in other scenarios)

We migrated from ipsec.conf to swanctl.conf a few weeks ago. We have never seen this problem with ipsec.conf (stroke). We use strongswan on embeded devices (armv5, armv7 and aarch64) with a 4.14.x kernel. While testing devices in our test system, we noticed that sometimes Charon is stucking when the IPsec service is stopped. The following commands are executed during service ipsec stop:

swanctl --terminate --ike "ike_name" --force; kill "charon_pid"

If issue appears charon is not terminated succesfully - it remains in the process list and it is not possible to connect it via swanctl.

I looked at it more and found that Charon was stuck at this line:

strongswan/src/libstrongswan/processing/processor.c

Line 501 in 6aef079

this->thread_terminated->wait(this->thread_terminated, this->mutex);

Looks like Charon is waiting for something (a signal?) that never comes.
I tested it on version 5.9.2 and 5.8.4

Start error when run strongswan on Ubuntu firefly

  • OS: [Firefly based on Ubuntu]
  • strongSwan version(s): [e.g. 5.9.0]

When running strongswan in debug mode, an error occured: "received netlink error: operation not supported (95)", detailed below:

root@firefly:~# /usr/local/libexec/ipsec/starter --nofork
Starting strongSwan 5.9.0 IPsec [starter]...
00[DMN] Starting IKE charon daemon (strongSwan 5.9.0, Linux 4.4.179, aarch64)
00[LIB] created TUN device: ipsec0
create receive information sa thread
00[KNL] received netlink error: Operation not supported (95)
00[KNL] unable to create IPv4 routing table rule
00[KNL] received netlink error: Operation not supported (95)
00[KNL] unable to create IPv6 routing table rule
00[CFG] loading ca certificates from '/usr/local/etc/ipsec.d/cacerts'
00[LIB] file coded in unknown format, discarded
00[LIB] building CRED_CERTIFICATE - X509 failed, tried 3 builders
00[CFG] loading ca certificate from '/usr/local/etc/ipsec.d/cacerts/ca.cert.pem' failed
00[CFG] loading aa certificates from '/usr/local/etc/ipsec.d/aacerts'
00[CFG] loading ocsp signer certificates from '/usr/local/etc/ipsec.d/ocspcerts'
00[CFG] loading attribute certificates from '/usr/local/etc/ipsec.d/acerts'
00[CFG] loading crls from '/usr/local/etc/ipsec.d/crls'
00[CFG] loading secrets from '/usr/local/etc/ipsec.secrets'
00[LIB] file coded in unknown format, discarded
00[LIB] building CRED_PRIVATE_KEY - RSA failed, tried 4 builders
00[CFG] loading private key from '/usr/local/etc/ipsec.d/private/server.pem' failed

Add support for AES in OCB mode

Is your feature request related to a problem? Please describe.
None at all.

Describe the solution you'd like
The patent for OCB (RFC7253) has been abandoned a while ago: https://mailarchive.ietf.org/arch/msg/cfrg/qLTveWOdTJcLn4HP3ev-vrj05Vg/
and because of this, I think this would be a great addition for strongSwan as a new mode for AES. According to the internet ([citation needed]...) apparently it's even faster than AES in GCM mode.

Describe alternatives you've considered
None needed.

Additional context
OpenSSL 3.0.0 has just been released with AES-OCB mode support according to the changelog:

Added support for OCB mode. OpenSSL has been granted a patent license compatible with the OpenSSL license for use of OCB.
Details are available at https://www.openssl.org/source/OCB-patent-grant-OpenSSL.pdf.
Support for OCB can be removed by calling config with no-ocb.

€: To be honest, I am not familiar at all with the kernel crypto but I think the kernel needs to support this aswell...

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.