| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes an issue when using the Android M preview. Bionic's dynamic
linker was changed so that symbols in libraries loaded with RTLD_LOCAL
were not found anymore in dlsym(RTLD_DEFAULT, ...). This is the case
for libraries loaded with System.loadLibrary(), therefore, the plugin
loader in libstrongswan was not able to resolve any symbols defined in
other libraries loaded later. While this seems to have been broken
unintentionally for existing apps (fix at [1]), it will again be a
problem whenever we decide to increase targetSdkVersion beyond 22 (or
until that fix makes it into the system/emulator images).
Unfortunately, the dynamic loader in releases prior to Android 4.3 can't
load libandroidbridge without also loading its dependencies.
[1] https://github.com/android/platform_bionic/commit/1913352c6b
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
While it is stored as property of individual profiles it is really a
global setting because we currently don't support more than one
connection.
|
| |
|
|
|
|
|
|
|
|
|
| |
This also adds a new area for advanced settings that is only displayed
if the user requests it (or if advanced settings already have been set).
The min. MTU for IPv6 is 1280, anything lower lets the TUN device
creation fail if an IPv6 address has been assigned. If lower MTUs are
necessary we might be able to catch that later when setting the MTU and
just use at least 1280 if an IPv6 address was assigned, but let's keep
it simple for now.
|
| | |
|
| | |
|
| |
|
|
| |
This makes adding new configuration settings easier.
|
| |
|
|
| |
snippets
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Unterminated strings are now an error.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Was incorrectly changed with the refactoring in a64089738d3e ("android:
Change how features of VPN types are stored and checked").
|
| | |
|
| |
|
|
|
| |
There are no devices anymore that use API level 14 (4.0-4.0.2) and 22 is
the most recent level.
|
| | |
|
| |
|
|
|
|
| |
This generalization allows the ring dimension n to be different
from the current n = 512 and allows kappa to be > 56. Also the
hash octets are consumed in a more consistent manner.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The c_indices derived from the SHA-512 random oracle consist of
nine bits (0..511). The leftmost 8 bits of each index are taken
on an octet-by-octet basis from the 56 leftmost octets of the
SHA-512 hash. The 9th bit needed for the LSB is taken from the
extra_bits 64 bit unsigned integer which consists of the 8 rightmost
octets of the SHA-512 hash (in network order). If more than 56
indices must be derived then additional rounds of the random oracle
are executed until all kappa c_indices have been determined.
The bug fix shifts the extra_bits value by one bit in each loop
iteration so that the LSB of each index is random. Also iterate
through the hash array using the loop variable j not the c_indices
variable i.
|
| | |
|
| | |
|
| |
|
|
|
| |
Even when there is no error the CREATE_CHILD_SA response should be sent
in the context of the existing IKE_SA.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The destroy() method sets the IKE_SA on the bus to NULL, we reset it to
the current IKE_SA so any events and log messages that follow happen in
the correct context.
A practical example where this is problematic is a DH group mismatch,
which causes the first CREATE_CHILD_SA exchange to fail. Because the SA
was not reset previously, the message() hook for the CREATE_CHILD_SA
response, for instance, was triggered outside the context of an IKE_SA,
that is, the ike_sa parameter was NULL, which is definitely not expected
by several plugins.
Fixes #862.
|
| | |
|
| |
|
|
|
| |
This will allow us to uninstall shunts before unloading the
kernel-interface plugins.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
When flush() is called there might be threads in install() waiting for
trap policies to get installed (without holding the lock). We have to
wait until they updated the entries with the respective CHILD_SAs before
destroying the list.
We also have to prevent further trap policy installations (and wait until
threads in install() are really finished), otherwise we might end up
destroying CHILD_SA objects after the kernel interface implementations
have already been unloaded (avoiding this is the whole point of calling
flush() before unloading the plugins).
|
| |
|
|
|
|
|
|
|
| |
This fixes potential race conditions in case complete() or flush() is
executed before or concurrently with a thread that handles an acquire.
It will also simplify tracking multiple acquires created for the same
trap policy in the future.
Also fixes the behavior in some error situations.
|
| |
|
|
|
|
|
|
|
| |
This basically reverts f4e822c1b422 ("trap-manager: don't check-in
nonexisting IKE_SA if acquire fails"). As checkout_by_config() could
return an already existing and established IKE_SA we have to properly
destroy it, for instance, in case other threads are waiting to check
it out. checkin_and_destroy() should handle the case of a new SA
properly (it produces a log message on level 1, though).
|
| |
|
|
|
|
|
|
|
| |
In some situations it might be valid for a host that configures
right=%any to reestablish or reauthenticate an IKE_SA. Using %any would
immediately abort the initiation causing the new SA to fail (which
might already have the existing CHILD_SAs assigned).
Fixes #1027.
|
| |
|
|
|
|
|
| |
If static local addresses are configured we should use their address family
as a hint when resolving the remote address.
We don't do this if %any is configured as this might break existing
configurations (%any4 and %any6 are however used as hint).
|
| | |
|
| |
|
|
|
| |
All configured static addresses (hostnames, ranges or subnets are not
considered) must be of the same family, otherwise AF_UNSPEC is returned.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
CDP and OCSP URIs for a one or multiple certification authorities
can be added via the VICI interface. swanctl allows to read
definitions from a new authorities section.
|
| |
|
|
| |
are defined
|
| |
|
|
|
|
|
|
|
|
|
| |
Threads might still be allocating SPIs (e.g. triggered by an acquire or
an inbound message) while the main thread calls flush(). If there is a
context switch right after such a thread successfully checked this->rng
in get_spi() and the main thread destroys the RNG instance right then,
that worker thread will cause a segmentation fault when it continues and
attempts to call get_bytes().
Fixes #1014.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The vici logger uses the listener_t.log() callback to raise vici events.
When doing so, it holds the bus lock as reader while acquiring the vici socket
mutex (1). If at the same time the vici socket enables a writer, that thread
tries to lock the watcher mutex (2). The watcher thread uses debugging while
holding the lock, i.e. acquires the bus read lock (3).
(1) bus.rlock -> vici.lock!
(2) vici.lock -> watcher.lock!
(3) watcher.lock -> bus.rlock!
This all actually would resolve just fine, as we have a shared read lock on the
bus. However, under Windows we seem to have a strict writer preference when
acquiring the rwlock (4). This results in blocking read locks until any pending
write lock can be fulfilled, and makes the constellation deadlock. The relevant
threads are:
Thread (1)
6 0x71313d25 in wait_ at threading/windows/mutex.c:137
7 0x7054c8a2 in find_entry at vici_socket.c:201
8 0x7054d690 in send_ at vici_socket.c:624
9 0x7054f6c1 in send_op at vici_dispatcher.c:119
10 0x705502c1 in raise_event at vici_dispatcher.c:469
12 0x704c3878 in log_cb at bus/bus.c:332
13 0x712c7c3a in invoke_function at collections/linked_list.c:414
14 0x704c3a63 in vlog at bus/bus.c:400
15 0x704c3b36 in log_ at bus/bus.c:430
18 0x70508f1f in process_response at sa/ikev2/task_manager_v2.c:664
20 0x704f5430 in process_message at sa/ike_sa.c:1369
21 0x704e3823 in execute at processing/jobs/process_message_job.c:74
22 0x712e629f in process_job at processing/processor.c:235
Thread (2)
4 0x71313b61 in lock at threading/windows/mutex.c:66
5 0x712e81fd in add at processing/watcher.c:441
6 0x712e1ab9 in add_watcher at networking/streams/stream.c:213
7 0x712e1b4d in on_write at networking/streams/stream.c:237
8 0x7054d606 in _cb_enable_writer at vici_socket.c:609
9 0x712e5e34 in execute at processing/jobs/callback_job.c:77
10 0x712e629f in process_job at processing/processor.c:235
Thread (3)
3 0x71313f38 in read_lock at threading/windows/rwlock.c:74
4 0x704c3971 in vlog at bus/bus.c:373
5 0x704cc156 in dbg_bus at daemon.c:126
6 0x712e7bf9 in watch at processing/watcher.c:316
7 0x712e5e34 in execute at processing/jobs/callback_job.c:77
8 0x712e629f in process_job at processing/processor.c:235
Thread (4)
3 0x71313f70 in write_lock at threading/windows/rwlock.c:82
4 0x704c378b in remove_logger at bus/bus.c:290
5 0x704cb284 in listener_unregister at control/controller.c:166
6 0x713136cd in thread_cleanup_pop at threading/windows/thread.c:558
8 0x704cb94e in initiate at control/controller.c:435
9 0x70553996 in _cb_initiate at vici_control.c:187
12 0x7054d200 in _cb_process_queue at vici_socket.c:508
13 0x712e5e34 in execute at processing/jobs/callback_job.c:77
14 0x712e629f in process_job at processing/processor.c:235
To avoid such a situation, we dissolve the (1) lock sequence. It's actually
never good practice to acquire shared locks during bus hooks, as it is
problematic if we raise bus events while holding the lock. We do so by
raising vici events for log message asynchronously, but of curse must keep
log order as is using a synchronized queue.
|
| | |
|
| | |
|
| |
|
|
|
| |
It uses the ChaCha20Poly1305 test vectors from
draft-ietf-ipsecme-chacha20-poly1305-06.
|
| | |
|
