19 files changed, 405 insertions, 17 deletions

diff --git a/src/libcharon/Android.mk b/src/libcharon/Android.mk
index b2d6c3128..b64174f8b 100644
--- a/src/libcharon/Android.mk
+++ b/src/libcharon/Android.mk
@@ -62,7 +62,7 @@ processing/jobs/start_action_job.c processing/jobs/start_action_job.h \
 processing/jobs/roam_job.c processing/jobs/roam_job.h \
 processing/jobs/update_sa_job.c processing/jobs/update_sa_job.h \
 processing/jobs/inactivity_job.c processing/jobs/inactivity_job.h \
-sa/eap/eap_method.c sa/eap/eap_method.h \
+sa/eap/eap_method.c sa/eap/eap_method.h sa/eap/eap_inner_method.h \
 sa/eap/eap_manager.c sa/eap/eap_manager.h \
 sa/xauth/xauth_method.c sa/xauth/xauth_method.h \
 sa/xauth/xauth_manager.c sa/xauth/xauth_manager.h \
diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c
index a4d7445fa..c5e6bf4bd 100644
--- a/src/libcharon/sa/ike_sa_manager.c
+++ b/src/libcharon/sa/ike_sa_manager.c
@@ -1784,6 +1784,7 @@ METHOD(ike_sa_manager_t, check_uniqueness, bool,
 		{
 			DBG1(DBG_IKE, "destroying duplicate IKE_SA for peer '%Y', "
 				 "received INITIAL_CONTACT", other);
+			charon->bus->ike_updown(charon->bus, duplicate, FALSE);
 			checkin_and_destroy(this, duplicate);
 			continue;
 		}
diff --git a/src/libcharon/sa/ikev2/tasks/child_create.c b/src/libcharon/sa/ikev2/tasks/child_create.c
index eb3972c29..32c0e8c4a 100644
--- a/src/libcharon/sa/ikev2/tasks/child_create.c
+++ b/src/libcharon/sa/ikev2/tasks/child_create.c
@@ -18,6 +18,7 @@
 #include "child_create.h"
 
 #include <daemon.h>
+#include <hydra.h>
 #include <sa/ikev2/keymat_v2.h>
 #include <crypto/diffie_hellman.h>
 #include <credentials/certificates/x509.h>
@@ -615,6 +616,7 @@ static void build_payloads(private_child_create_t *this, message_t *message)
 	nonce_payload_t *nonce_payload;
 	ke_payload_t *ke_payload;
 	ts_payload_t *ts_payload;
+	kernel_feature_t features;
 
 	/* add SA payload */
 	if (this->initiator)
@@ -661,6 +663,13 @@ static void build_payloads(private_child_create_t *this, message_t *message)
 		default:
 			break;
 	}
+
+	features = hydra->kernel_interface->get_features(hydra->kernel_interface);
+	if (!(features & KERNEL_ESP_V3_TFC))
+	{
+		message->add_notify(message, FALSE, ESP_TFC_PADDING_NOT_SUPPORTED,
+							chunk_empty);
+	}
 }
 
 /**
diff --git a/src/libhydra/kernel/kernel_interface.c b/src/libhydra/kernel/kernel_interface.c
index 8948e0561..b82fd6d3d 100644
--- a/src/libhydra/kernel/kernel_interface.c
+++ b/src/libhydra/kernel/kernel_interface.c
@@ -137,6 +137,22 @@ struct private_kernel_interface_t {
 	bool ifaces_exclude;
 };
 
+METHOD(kernel_interface_t, get_features, kernel_feature_t,
+	private_kernel_interface_t *this)
+{
+	kernel_feature_t features = 0;
+
+	if (this->ipsec && this->ipsec->get_features)
+	{
+		features |= this->ipsec->get_features(this->ipsec);
+	}
+	if (this->net && this->net->get_features)
+	{
+		features |= this->net->get_features(this->net);
+	}
+	return features;
+}
+
 METHOD(kernel_interface_t, get_spi, status_t,
 	private_kernel_interface_t *this, host_t *src, host_t *dst,
 	u_int8_t protocol, u_int32_t reqid, u_int32_t *spi)
@@ -682,6 +698,7 @@ kernel_interface_t *kernel_interface_create()
 
 	INIT(this,
 		.public = {
+			.get_features = _get_features,
 			.get_spi = _get_spi,
 			.get_cpi = _get_cpi,
 			.add_sa = _add_sa,
@@ -757,4 +774,3 @@ kernel_interface_t *kernel_interface_create()
 
 	return &this->public;
 }
-
diff --git a/src/libhydra/kernel/kernel_interface.h b/src/libhydra/kernel/kernel_interface.h
index 8d8ef2e83..8d8d048d0 100644
--- a/src/libhydra/kernel/kernel_interface.h
+++ b/src/libhydra/kernel/kernel_interface.h
@@ -47,6 +47,7 @@
 #define KERNEL_INTERFACE_H_
 
 typedef struct kernel_interface_t kernel_interface_t;
+typedef enum kernel_feature_t kernel_feature_t;
 
 #include <networking/host.h>
 #include <crypto/prf_plus.h>
@@ -56,6 +57,17 @@ typedef struct kernel_interface_t kernel_interface_t;
 #include <kernel/kernel_net.h>
 
 /**
+ * Bitfield of optional features a kernel backend supports.
+ *
+ * This feature-set is for both, kernel_ipsec_t and kernel_net_t. Each
+ * backend returns a subset of these features.
+ */
+enum kernel_feature_t {
+	/** IPsec can process ESPv3 (RFC 4303) TFC padded packets */
+	KERNEL_ESP_V3_TFC = (1<<0),
+};
+
+/**
  * Constructor function for ipsec kernel interface
  */
 typedef kernel_ipsec_t* (*kernel_ipsec_constructor_t)(void);
@@ -74,6 +86,13 @@ typedef kernel_net_t* (*kernel_net_constructor_t)(void);
 struct kernel_interface_t {
 
 	/**
+	 * Get the feature set supported by the net and ipsec kernel backends.
+	 *
+	 * @return				ORed feature-set of backends
+	 */
+	kernel_feature_t (*get_features)(kernel_interface_t *this);
+
+	/**
 	 * Get a SPI from the kernel.
 	 *
 	 * @param src		source address of SA
diff --git a/src/libhydra/kernel/kernel_ipsec.h b/src/libhydra/kernel/kernel_ipsec.h
index 1da0805cb..c8afcaffd 100644
--- a/src/libhydra/kernel/kernel_ipsec.h
+++ b/src/libhydra/kernel/kernel_ipsec.h
@@ -30,6 +30,7 @@ typedef struct kernel_ipsec_t kernel_ipsec_t;
 #include <ipsec/ipsec_types.h>
 #include <selectors/traffic_selector.h>
 #include <plugins/plugin.h>
+#include <kernel/kernel_interface.h>
 
 /**
  * Interface to the ipsec subsystem of the kernel.
@@ -45,6 +46,13 @@ typedef struct kernel_ipsec_t kernel_ipsec_t;
 struct kernel_ipsec_t {
 
 	/**
+	 * Get the feature set supported by this kernel backend.
+	 *
+	 * @return				ORed feature-set of backend
+	 */
+	kernel_feature_t (*get_features)(kernel_ipsec_t *this);
+
+	/**
 	 * Get a SPI from the kernel.
 	 *
 	 * @param src		source address of SA
diff --git a/src/libhydra/kernel/kernel_net.h b/src/libhydra/kernel/kernel_net.h
index 6a3b2cee7..0d3417f1d 100644
--- a/src/libhydra/kernel/kernel_net.h
+++ b/src/libhydra/kernel/kernel_net.h
@@ -28,6 +28,7 @@ typedef enum kernel_address_type_t kernel_address_type_t;
 #include <collections/enumerator.h>
 #include <networking/host.h>
 #include <plugins/plugin.h>
+#include <kernel/kernel_interface.h>
 
 /**
  * Type of addresses (e.g. when enumerating them)
@@ -56,6 +57,13 @@ enum kernel_address_type_t {
 struct kernel_net_t {
 
 	/**
+	 * Get the feature set supported by this kernel backend.
+	 *
+	 * @return				ORed feature-set of backend
+	 */
+	kernel_feature_t (*get_features)(kernel_net_t *this);
+
+	/**
 	 * Get our outgoing source address for a destination.
 	 *
 	 * Does a route lookup to get the source address used to reach dest.
diff --git a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
index f9b2634a0..eebb5d978 100644
--- a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
+++ b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
@@ -1036,6 +1036,12 @@ static job_requeue_t receive_events(private_kernel_netlink_ipsec_t *this)
 	return JOB_REQUEUE_DIRECT;
 }
 
+METHOD(kernel_ipsec_t, get_features, kernel_feature_t,
+	private_kernel_netlink_ipsec_t *this)
+{
+	return KERNEL_ESP_V3_TFC;
+}
+
 /**
  * Get an SPI for a specific protocol from the kernel.
  */
@@ -2734,6 +2740,7 @@ kernel_netlink_ipsec_t *kernel_netlink_ipsec_create()
 	INIT(this,
 		.public = {
 			.interface = {
+				.get_features = _get_features,
 				.get_spi = _get_spi,
 				.get_cpi = _get_cpi,
 				.add_sa  = _add_sa,
@@ -2822,4 +2829,3 @@ kernel_netlink_ipsec_t *kernel_netlink_ipsec_create()
 
 	return &this->public;
 }
-
diff --git a/src/libstrongswan/Android.mk b/src/libstrongswan/Android.mk
index 65cfe5292..a46b0d9a1 100644
--- a/src/libstrongswan/Android.mk
+++ b/src/libstrongswan/Android.mk
@@ -28,6 +28,7 @@ networking/host.c networking/host_resolver.c networking/packet.c \
 networking/tun_device.c \
 pen/pen.c plugins/plugin_loader.c plugins/plugin_feature.c processing/jobs/job.c \
 processing/jobs/callback_job.c processing/processor.c processing/scheduler.c \
+resolver/resolver_manager.c resolver/rr_set.c \
 selectors/traffic_selector.c threading/thread.c threading/thread_value.c \
 threading/mutex.c threading/semaphore.c threading/rwlock.c threading/spinlock.c \
 utils/utils.c utils/chunk.c utils/debug.c utils/enum.c utils/identification.c \
diff --git a/src/libstrongswan/credentials/auth_cfg.c b/src/libstrongswan/credentials/auth_cfg.c
index a718de3dc..a2ffe0295 100644
--- a/src/libstrongswan/credentials/auth_cfg.c
+++ b/src/libstrongswan/credentials/auth_cfg.c
@@ -999,14 +999,15 @@ METHOD(auth_cfg_t, clone_, auth_cfg_t*,
 {
 	enumerator_t *enumerator;
 	auth_cfg_t *clone;
-	entry_t *entry;
+	auth_rule_t type;
+	void *value;
 
 	clone = auth_cfg_create();
 	/* this enumerator skips duplicates for rules we expect only once */
-	enumerator = this->entries->create_enumerator(this->entries);
-	while (enumerator->enumerate(enumerator, &entry))
+	enumerator = create_enumerator(this);
+	while (enumerator->enumerate(enumerator, &type, &value))
 	{
-		switch (entry->type)
+		switch (type)
 		{
 			case AUTH_RULE_IDENTITY:
 			case AUTH_RULE_EAP_IDENTITY:
@@ -1014,8 +1015,8 @@ METHOD(auth_cfg_t, clone_, auth_cfg_t*,
 			case AUTH_RULE_GROUP:
 			case AUTH_RULE_XAUTH_IDENTITY:
 			{
-				identification_t *id = (identification_t*)entry->value;
-				clone->add(clone, entry->type, id->clone(id));
+				identification_t *id = (identification_t*)value;
+				clone->add(clone, type, id->clone(id));
 				break;
 			}
 			case AUTH_RULE_CA_CERT:
@@ -1025,8 +1026,8 @@ METHOD(auth_cfg_t, clone_, auth_cfg_t*,
 			case AUTH_HELPER_SUBJECT_CERT:
 			case AUTH_HELPER_REVOCATION_CERT:
 			{
-				certificate_t *cert = (certificate_t*)entry->value;
-				clone->add(clone, entry->type, cert->get_ref(cert));
+				certificate_t *cert = (certificate_t*)value;
+				clone->add(clone, type, cert->get_ref(cert));
 				break;
 			}
 			case AUTH_RULE_XAUTH_BACKEND:
@@ -1034,7 +1035,7 @@ METHOD(auth_cfg_t, clone_, auth_cfg_t*,
 			case AUTH_HELPER_IM_HASH_URL:
 			case AUTH_HELPER_SUBJECT_HASH_URL:
 			{
-				clone->add(clone, entry->type, strdup(entry->value));
+				clone->add(clone, type, strdup(value));
 				break;
 			}
 			case AUTH_RULE_IDENTITY_LOOSE:
@@ -1046,7 +1047,7 @@ METHOD(auth_cfg_t, clone_, auth_cfg_t*,
 			case AUTH_RULE_RSA_STRENGTH:
 			case AUTH_RULE_ECDSA_STRENGTH:
 			case AUTH_RULE_SIGNATURE_SCHEME:
-				clone->add(clone, entry->type, (uintptr_t)entry->value);
+				clone->add(clone, type, (uintptr_t)value);
 				break;
 			case AUTH_RULE_MAX:
 				break;
diff --git a/src/libstrongswan/crypto/crypto_tester.c b/src/libstrongswan/crypto/crypto_tester.c
index 08b226468..12db0961b 100644
--- a/src/libstrongswan/crypto/crypto_tester.c
+++ b/src/libstrongswan/crypto/crypto_tester.c
@@ -451,7 +451,10 @@ METHOD(crypto_tester_t, test_aead, bool,
 failure:
 		aead->destroy(aead);
 		chunk_free(&cipher);
-		chunk_free(&plain);
+		if (plain.ptr != vector->plain)
+		{
+			chunk_free(&plain);
+		}
 		if (failed)
 		{
 			DBG1(DBG_LIB, "disabled %N[%s]: %s test vector failed",
diff --git a/src/libstrongswan/plugins/ccm/ccm_aead.h b/src/libstrongswan/plugins/ccm/ccm_aead.h
index d5e302f94..79ab31804 100644
--- a/src/libstrongswan/plugins/ccm/ccm_aead.h
+++ b/src/libstrongswan/plugins/ccm/ccm_aead.h
@@ -42,8 +42,8 @@ struct ccm_aead_t {
 /**
  * Create a ccm_aead instance.
  *
- * @param key_size		key size in bytes
  * @param algo			algorithm to implement, a CCM mode
+ * @param key_size		key size in bytes
  * @return				aead, NULL if not supported
  */
 ccm_aead_t *ccm_aead_create(encryption_algorithm_t algo, size_t key_size);
diff --git a/src/libstrongswan/plugins/gcm/gcm_aead.h b/src/libstrongswan/plugins/gcm/gcm_aead.h
index db4be2442..846c3c76c 100644
--- a/src/libstrongswan/plugins/gcm/gcm_aead.h
+++ b/src/libstrongswan/plugins/gcm/gcm_aead.h
@@ -42,8 +42,8 @@ struct gcm_aead_t {
 /**
  * Create a gcm_aead instance.
  *
- * @param key_size		key size in bytes
  * @param algo			algorithm to implement, a gcm mode
+ * @param key_size		key size in bytes
  * @return				aead, NULL if not supported
  */
 gcm_aead_t *gcm_aead_create(encryption_algorithm_t algo, size_t key_size);
diff --git a/src/libstrongswan/plugins/openssl/Makefile.am b/src/libstrongswan/plugins/openssl/Makefile.am
index f971a5e08..e71567311 100644
--- a/src/libstrongswan/plugins/openssl/Makefile.am
+++ b/src/libstrongswan/plugins/openssl/Makefile.am
@@ -25,7 +25,8 @@ libstrongswan_openssl_la_SOURCES = \
 	openssl_crl.c openssl_crl.h \
 	openssl_pkcs7.c openssl_pkcs7.h \
 	openssl_rng.c openssl_rng.h \
-	openssl_hmac.c openssl_hmac.h
+	openssl_hmac.c openssl_hmac.h \
+	openssl_gcm.c openssl_gcm.h
 
 libstrongswan_openssl_la_LDFLAGS = -module -avoid-version
 libstrongswan_openssl_la_LIBADD  = -lcrypto
diff --git a/src/libstrongswan/plugins/openssl/openssl_gcm.c b/src/libstrongswan/plugins/openssl/openssl_gcm.c
new file mode 100644
index 000000000..fde7ae71d
--- /dev/null
+++ b/src/libstrongswan/plugins/openssl/openssl_gcm.c
@@ -0,0 +1,259 @@
+/*
+ * Copyright (C) 2013 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "openssl_gcm.h"
+
+#include <openssl/evp.h>
+
+/** as defined in RFC 4106 */
+#define IV_LEN		8
+#define SALT_LEN	4
+#define NONCE_LEN	(IV_LEN + SALT_LEN)
+
+typedef struct private_aead_t private_aead_t;
+
+/**
+ * Private data of aead_t
+ */
+struct private_aead_t {
+
+	/**
+	 * Public interface
+	 */
+	aead_t public;
+
+	/**
+	 * The encryption key
+	 */
+	chunk_t	key;
+
+	/**
+	 * Salt value
+	 */
+	char salt[SALT_LEN];
+
+	/**
+	 * Size of the integrity check value
+	 */
+	size_t icv_size;
+
+	/**
+	 * The cipher to use
+	 */
+	const EVP_CIPHER *cipher;
+};
+
+/**
+ * Do the actual en/decryption in an EVP context
+ */
+static bool crypt(private_aead_t *this, chunk_t data, chunk_t assoc, chunk_t iv,
+				  u_char *out, int enc)
+{
+	EVP_CIPHER_CTX ctx;
+	u_char nonce[NONCE_LEN];
+	bool success = FALSE;
+	int len;
+
+	memcpy(nonce, this->salt, SALT_LEN);
+	memcpy(nonce + SALT_LEN, iv.ptr, IV_LEN);
+
+	EVP_CIPHER_CTX_init(&ctx);
+	EVP_CIPHER_CTX_set_padding(&ctx, 0);
+	if (!EVP_CipherInit_ex(&ctx, this->cipher, NULL, NULL, NULL, enc) ||
+		!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, NONCE_LEN, NULL) ||
+		!EVP_CipherInit_ex(&ctx, NULL, NULL, this->key.ptr, nonce, enc))
+	{
+		goto done;
+	}
+	if (!enc && !EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_TAG, this->icv_size,
+									 data.ptr + data.len))
+	{	/* set ICV for verification on decryption */
+		goto done;
+	}
+	if (assoc.len && !EVP_CipherUpdate(&ctx, NULL, &len, assoc.ptr, assoc.len))
+	{	/* set AAD if specified */
+		goto done;
+	}
+	if (!EVP_CipherUpdate(&ctx, out, &len, data.ptr, data.len) ||
+		!EVP_CipherFinal_ex(&ctx, out + len, &len))
+	{	/* EVP_CipherFinal_ex fails if ICV is incorrect on decryption */
+		goto done;
+	}
+	if (enc && !EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_GET_TAG, this->icv_size,
+									out + data.len))
+	{	/* copy back the ICV when encrypting */
+		goto done;
+	}
+	success = TRUE;
+
+done:
+	EVP_CIPHER_CTX_cleanup(&ctx);
+	return success;
+}
+
+METHOD(aead_t, encrypt, bool,
+	private_aead_t *this, chunk_t plain, chunk_t assoc, chunk_t iv,
+	chunk_t *encrypted)
+{
+	u_char *out;
+
+	out = plain.ptr;
+	if (encrypted)
+	{
+		*encrypted = chunk_alloc(plain.len + this->icv_size);
+		out = encrypted->ptr;
+	}
+	return crypt(this, plain, assoc, iv, out, 1);
+}
+
+METHOD(aead_t, decrypt, bool,
+	private_aead_t *this, chunk_t encrypted, chunk_t assoc, chunk_t iv,
+	chunk_t *plain)
+{
+	u_char *out;
+
+	if (encrypted.len < this->icv_size)
+	{
+		return FALSE;
+	}
+	encrypted.len -= this->icv_size;
+
+	out = encrypted.ptr;
+	if (plain)
+	{
+		*plain = chunk_alloc(encrypted.len);
+		out = plain->ptr;
+	}
+	return crypt(this, encrypted, assoc, iv, out, 0);
+}
+
+METHOD(aead_t, get_block_size, size_t,
+	private_aead_t *this)
+{
+	return this->cipher->block_size;
+}
+
+METHOD(aead_t, get_icv_size, size_t,
+	private_aead_t *this)
+{
+	return this->icv_size;
+}
+
+METHOD(aead_t, get_iv_size, size_t,
+	private_aead_t *this)
+{
+	return IV_LEN;
+}
+
+METHOD(aead_t, get_key_size, size_t,
+	private_aead_t *this)
+{
+	return this->key.len + SALT_LEN;
+}
+
+METHOD(aead_t, set_key, bool,
+	private_aead_t *this, chunk_t key)
+{
+	if (key.len != get_key_size(this))
+	{
+		return FALSE;
+	}
+	memcpy(this->salt, key.ptr + key.len - SALT_LEN, SALT_LEN);
+	memcpy(this->key.ptr, key.ptr, this->key.len);
+	return TRUE;
+}
+
+METHOD(aead_t, destroy, void,
+	private_aead_t *this)
+{
+	chunk_clear(&this->key);
+	free(this);
+}
+
+/*
+ * Described in header
+ */
+aead_t *openssl_gcm_create(encryption_algorithm_t algo, size_t key_size)
+{
+	private_aead_t *this;
+
+	INIT(this,
+		.public = {
+			.encrypt = _encrypt,
+			.decrypt = _decrypt,
+			.get_block_size = _get_block_size,
+			.get_icv_size = _get_icv_size,
+			.get_iv_size = _get_iv_size,
+			.get_key_size = _get_key_size,
+			.set_key = _set_key,
+			.destroy = _destroy,
+		},
+	);
+
+	switch (algo)
+	{
+		case ENCR_AES_GCM_ICV8:
+			this->icv_size = 8;
+			break;
+		case ENCR_AES_GCM_ICV12:
+			this->icv_size = 12;
+			break;
+		case ENCR_AES_GCM_ICV16:
+			this->icv_size = 16;
+			break;
+		default:
+			free(this);
+			return NULL;
+	}
+
+	switch (algo)
+	{
+		case ENCR_AES_GCM_ICV8:
+		case ENCR_AES_GCM_ICV12:
+		case ENCR_AES_GCM_ICV16:
+			switch (key_size)
+			{
+				case 0:
+					key_size = 16;
+					/* FALL */
+				case 16:
+					this->cipher = EVP_get_cipherbyname("aes-128-gcm");
+					break;
+				case 24:
+					this->cipher = EVP_get_cipherbyname("aes-192-gcm");
+					break;
+				case 32:
+					this->cipher = EVP_get_cipherbyname("aes-256-gcm");
+					break;
+				default:
+					free(this);
+					return NULL;
+			}
+			break;
+		default:
+			free(this);
+			return NULL;
+	}
+
+	if (!this->cipher)
+	{
+		free(this);
+		return NULL;
+	}
+
+	this->key = chunk_alloc(key_size);
+
+	return &this->public;
+}
diff --git a/src/libstrongswan/plugins/openssl/openssl_gcm.h b/src/libstrongswan/plugins/openssl/openssl_gcm.h
new file mode 100644
index 000000000..12d2e8ab6
--- /dev/null
+++ b/src/libstrongswan/plugins/openssl/openssl_gcm.h
@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2013 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * Implements the aead_t interface using OpenSSL in GCM mode.
+ *
+ * @defgroup openssl_gcm openssl_gcm
+ * @{ @ingroup openssl_p
+ */
+
+#ifndef OPENSSL_GCM_H_
+#define OPENSSL_GCM_H_
+
+#include <crypto/aead.h>
+
+/**
+ * Constructor to create aead_t implementation.
+ *
+ * @param algo			algorithm to implement
+ * @param key_size		key size in bytes
+ * @return				aead_t object, NULL if not supported
+ */
+aead_t *openssl_gcm_create(encryption_algorithm_t algo, size_t key_size);
+
+#endif /** OPENSSL_GCM_H_ @}*/
diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c
index 0f5b07137..282fe2b1b 100644
--- a/src/libstrongswan/plugins/openssl/openssl_plugin.c
+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c
@@ -43,6 +43,7 @@
 #include "openssl_pkcs7.h"
 #include "openssl_rng.h"
 #include "openssl_hmac.h"
+#include "openssl_gcm.h"
 
 typedef struct private_openssl_plugin_t private_openssl_plugin_t;
 
@@ -304,6 +305,19 @@ METHOD(plugin_t, get_features, int,
 			PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_SHA2_512_256),
 #endif
 #endif /* OPENSSL_NO_HMAC */
+#ifndef OPENSSL_NO_AES
+		/* AES GCM */
+		PLUGIN_REGISTER(AEAD, openssl_gcm_create),
+			PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV8, 16),
+			PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV8, 24),
+			PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV8, 32),
+			PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV12, 16),
+			PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV12, 24),
+			PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV12, 32),
+			PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV16, 16),
+			PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV16, 24),
+			PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV16, 32),
+#endif /* OPENSSL_NO_AES */
 #ifndef OPENSSL_NO_DH
 		/* MODP DH groups */
 		PLUGIN_REGISTER(DH, openssl_diffie_hellman_create),
diff --git a/src/libstrongswan/threading/thread.c b/src/libstrongswan/threading/thread.c
index e524409c7..d6d98d1ef 100644
--- a/src/libstrongswan/threading/thread.c
+++ b/src/libstrongswan/threading/thread.c
@@ -129,7 +129,11 @@ static thread_value_t *current_thread;
 
 #ifndef HAVE_PTHREAD_CANCEL
 /* if pthread_cancel is not available, we emulate it using a signal */
+#ifdef ANDROID
+#define SIG_CANCEL SIGUSR2
+#else
 #define SIG_CANCEL (SIGRTMIN+7)
+#endif
 
 /* the signal handler for SIG_CANCEL uses pthread_exit to terminate the
  * "cancelled" thread */
diff --git a/src/libtncif/Android.mk b/src/libtncif/Android.mk
index ef406dd59..a337a0dcc 100644
--- a/src/libtncif/Android.mk
+++ b/src/libtncif/Android.mk
@@ -4,6 +4,7 @@ include $(CLEAR_VARS)
 # copy-n-paste from Makefile.am
 LOCAL_SRC_FILES := \
 tncif.h tncifimc.h tncifimv.h tncif_names.h tncif_names.c \
+tncif_identity.h tncif_identity.c \
 tncif_pa_subtypes.h tncif_pa_subtypes.c
 
 # build libtncif ---------------------------------------------------------------