changes

ike协商阶段证书认证补丁 for freeswan

Version 1.6.3
-------------

- Thomas Walpuski made me aware of a potential DoS attack via
  a PKCS#7-wrapped certificate bundle which could overwrite valid CA
  certificates in Pluto's authority certificate store. This vulnerability
  was fixed by establishing trust in CA candidate certificates up to a
  trusted root CA before inserting them in Pluto's chained list.

- replaced the --assign option by the -v option in the auto awk script
  in order to make it run with mawk under debian/woody.


Version 1.6.2
-------------

- Split of the status information between ipsec auto  --status (concise)
  and ipsec auto --statusall (verbose). Both commands can be used with
  an optional connection selector:

    ipsec auto --status[all] <connection_name>

- Added the description of X.509 related features to the ipsec_auto(8)
  man page.

- Hardened the ASN.1 parser in debug mode, especially the printing
  of malformed distinguished names.

- The size of an RSA public key received in a certificate is now restricted to

    512 bits <= modulus length in bytes <= 8192 bits.


Version 1.6.1
-------------

- Fixed another PKCS#7 vulnerability which could lead to an
  endless loop while following the X.509 trust chain.


Version 1.6.0
-------------

- The new "ca" section allows to define the following parameters:

  ca kool
     cacert=koolCA.pem                   # cacert of kool CA
     ocspuri=http://ocsp.kool.net:8001   # ocsp server
     ldapserver=ldap.kool.net            # default ldap server
     crluri=http://www.kool.net/kool.crl # crl distribution point
     crluri2="ldap:///O=Kool, C= .."     # crl distribution point #2
     auto=add                            # add, ignore

  The ca definitions can be monitored via the command

     ipsec auto --listcainfos


Version 1.5.5
-------------

- Fixed the PKCS#7 vulnerability discovered by Thomas Walpuski
  that accepted end certificates having identical issuer and subject
  distinguished names in a multi-tier X.509 trust chain.


Version 1.5.4
-------------

- an empty ASN.1 SEQUENCE OF or SET OF object (e.g. a subjectAltName
  certificate extension which contains no generalName item)  can cause
  a pluto crash. This bug has been fixed. Additionally the ASN.1 parser has
  been hardened to make it more robust against malformed ASN.1 objects.


Version 1.5.3
-------------

- Introduced port wildcards which make l2tp interoperability
  with Mac OS X Panther possible. Configuration Example:

  conn l2tp
       right=%any
       rightprotoport=17/%any
       left=%defaultroute
       leftid=@pluto.strongsec.com
       leftprotoport=17/1701


Version 1.5.2a
--------------

- FreeS/WAN 2.05 introduced a new st_ph1_iv state which caused
  the IV for encryption notification messages to be chosen
  incorrectly. Version 1.5.2a fixes this bug for freeswan-2.05.
  

Version 1.5.2
-------------

- Fixed a stupid bug introduced with version 1.5.1 which
  prevented that a matching roadwarrior connection could be found
  in IKE phase 1 if the peer sent a certificate request
  payload (CR) requesting a specific CA.


Version 1.5.1
-------------

- Integrated Mathieu Lafon's Notification SA patch which
  sends informational messages to the peer in case of errors.
  
- Fixed a bug which in rare cases prevented Pluto to find a 
  matching connection during Phase 2 because the required
  CA of the tentative Phase 1 connection was %any.
  
- Some IPsec clients send malformed certificate requests (CRs).
  If the CR is not an ASN.1 DN then it will be discarded.

- Disabled the OE default policy groups in ipsec.conf since
  the often prevent VPN tunnels from being established correctly.


Version 1.5.0
-------------

- The Online Certificate Status Protocol (OCSP, RFC 2560) is now
  fully supported and can be used as an alternative to Certificate
  Revocation Lists (CRLs). For the configuration details consult
  section 5.4 of the README.

- ipsec barf now includes the output from ipsec auto --listall.
  This new feature will help to debug X.509 certificate problems.

- instead of the curl command, the libcurl library is used by Pluto
  to fetch data from http, file and ftp URLs. The compile option
  LIBCURL=1 must be uncommented in pluto/Makefile in order to
  activate this functionality.
  

Version 1.4.8
--------------

- Native 2.6 kernel IPsec now fully supports port and transport
  protocol selectors.


Version 1.4.7a
--------------

- Made ipsec_xmit.c:extract_ports() visible to ipsec_tunnel.c
  by defining it as external in ipsec_xmit.h.


Version 1.4.7
-------------

- Removed an assertion which caused pluto to abort when
  using DN wildcards in connection definitions.

- Added a warning which is issued both in the log and in
  the whack console if SMARTCARD support is not compiled into Pluto.

- Fixed a bug which did not set the destination port in
  IPsec transport mode based roadwarrior connections using
  port selectors.


Version 1.4.6
-------------

- FreeS/WAN now lets the OpenSC library or the smartcard itself
  do the PKCS#1 padding of the MD5 or SHA-1 hash before the
  RSA signature is applied. Reason: some smartcards want to
  do the padding on-card and accept raw hash values, only.

- The DN wildcard bug fix introduced with version 1.3.4 somehow
  got lost in the 1.4.x series and has been reapplied.


Version 1.4.5
-------------

- Private RSA key files can now be protected by a passphrase which
  are entered interactively. In /etc/ipsec.secrets define
  
    : RSA myKey.pem %prompt
  
  After Pluto startup the passphrase prompt is initiated by the
  command
  
    ipsec secrets
   
  which is an alias for ipsec auto --rereadsecrets

- The year 2050 is nearing rapidly. This is why we support now the
  GENERALIZEDTIME date format in certificates and CRLs so that some
  German certificates can be parsed correctly.
  
- We also introduce the nameDistinguisher OID (0.2.262.1.10.7.20)
  which is used in certificates issued by the Deutsche Telekom AG
  in connection with the Common Name field to obtain unique
  Distinguished Names, as e.g. in 'C=DE, O=ACME, ND=1, CN=Joe Doe'.


Version 1.4.4
-------------

- Fixed a bug which caused the port selector not to be set
  in roadwarrior connections with a rightsubnetwithin parameter.

- Fixed a bug which caused the port selector to be erroneously
  set in OE connections to clients behind OE-enabled gateways
  causing endless Quick Mode renegotiations.


Version 1.4.3
-------------

- FreeS/WAN now supports the X.509v3 certificate extensions
  'subjectKeyIdentifier' and 'authorityKeyIdentifier'. This
  feature facilitates the traversal of X.509 trust chains and
  also makes it possible to have in simultaneous use multiple
  versions of a CA certificate with identical distinguished
  names but different RSA keys.

- Smart card support now requires OpenSC version 0.8.0 or newer.

- Fixed a bug in the temporary_cyclic_buffer() for ID strings


Version 1.4.2
-------------

- FreeS/WAN as a responder to a road warrior can now send multiple
  certificate request payloads in IKE Main Mode, enumerating all
  available CAs. This new feature should now make full interoperability
  with Cisco boxes possible.

- Using the compiler directive LDAP_VERSION=3 or LDAP_VERSION=2,
  dynamic CRL fetching can be based either on LDAP V3 (latest
  OpenLDAP releases) or LDAP V2 (older OpenLDAP version), respectively.


Version 1.4.1
-------------

- Until now only one certificate request (CR) payload could be handled.
  Now multiple CRs are collected and are taken into account when selecting
  an appropriate connection.

- Fixed a bug in the smartcard support that prevented Pluto from successfully
  switching between multiple roadwarrior connections when acting as a
  responder.


Version 1.4.0
-------------

- Introduces smartcard support based on the PCKS#15 Cryptographic Token
  Information Format Standard. OpenSC smartcard library functions are
  used to implement the PKCS#15 functionality. Configuration example
  in ipsec.conf:
  
    conn tandoori
         right=160.85.22.10
	 rightid=@tandoori.strongsec.com
	 rightrsasigkey=%cert
	 left=%defaultroute
	 leftcert=%smartcard
	 auto=add
  
  Secret PIN is either stored in ipsec.secrets:

    : PIN %smartcard "12345678"

  or prompted for when starting up a connection:
  
    : PIN %smartcard %prompt

- Includes an experimental parser for X.509 attribute certificates.


Version 1.3.6
-------------

- Changes in stock FreeS/WAN caused that no certificate request
  payload (CR) was sent anymore when Pluto was the responder.

- The $PLUTO_PEER_CA variable was not initialized properly for
  PSK connections.

- Fixed a port map bug which allowed all ports to be tunneled
  through an eroute set up with port selectors.


Version 1.3.5
-------------

- Raw RSA keys don't have an issuer field. Fixed a bug in kernel.c:do_command()
  that caused a Pluto crash when the issuer field contained a NULL pointer.


Version 1.3.4
-------------

- The DN wildcard bug was not completely fixed by version 1.3.3.


Version 1.3.3
-------------

- Fixed a bug causing allocation of 0 bytes of dynamic memory for
  an issuer DN in preshared.c. Occured only when loading raw RSA keys
  via whack.

- Fixed a bug that occurred when using roadwarrior connections with
  DN wildcards. If the connection was not switched after receiving
  the peer id, the wildcard id was not replaced by the actual peer id.


Version 1.3.2
-------------

- Changed the #include in pem.c from <des.h> to <crypto/des.h>


Version 1.3.1
-------------

- The statement rightca=%same copies the CA from leftca which by default is
  usually the issuer field extracted from the certificate loaded via leftcert.

- Created the $PLUTO_PEER_CA environment variable that makes the peer's
  CA available to the updown script.

- Closest match metrics to desired CA have been extended to Quick Mode


Version 1.3.0
-------------

- By introducing the new parameters leftca and rightca, IPsec policies
  based on issuing CAs can now be implemented. Example:

    conn sales
         right=%any
	 rightca="C=CH, O=ACME, OU=Sales, CN=Sales CA"
	 rightsubnetwithin=10.1.0.0/24  # Sales DHCP range
	 leftsubnet=10.0.0.0/24         # Sales subnet

  This means that the connection sales can only be used by peers presenting
  a certificate that has been issued by the Sales CA.

- Additionally if a rightca statement is present, then the CA defined by
  it will  be sent to the peer as part of a certificate request message
  (this should help with some Cisco implementations that require a 
  specific CA in the CR message). The sending of CR messages can be
  disabled by using the existing nocrsend=yes parameter.

- Automated the error-prone generation of the table coding the OID tree
  used by the X.509 patch. The perl script oid.pl now generates the new
  files oid.h and oid.c based on a common text file oid.txt. New OIDs
  can now be added to oid.txt with ease.

- In order to increase the interoperability with OpenSSL 0.9.7
  the following two attributes were added that could be use
  as relative distinguished names:

  emailAddress   long form of E and Email
  serialAddress: long form of SN


Version 1.2.2
--------------

- A little bug in connections.c:default_end() caused that connections
  without a rightid parameter (defaulting to right) could not be initiated
  ("cannot initiate connection without knowing peer IP address")


Version 1.2.1
-------------

- A stupid bug caused pluto to crash while establishing
  non-roadwarrior connections.

- Corrected a couple of wrong cross-references in the README.


Version 1.2.0
-------------

- Wildcard based templates for ID_DER_ASN1_DNs can be used to enforce
  complex IPsec  policies are now supported. Example:

    rightid="C=CH, O=strongSec GmbH, OU=Sales, CN=*"

  matches any VPN user or host belonging to the Sales department.


Version 1.1.6
-------------

- Added the following attributes that could be used as relative
  distinguished names:

  short  long			OID

  UID    userId			0.9.2342.19200300.100.1.1
  DC     domainComponent	0.9.2342.19200300.100.1.25
  ID     x500UniqueIdentifier	2.5.4.45
  

Version 1.1.5
-------------

- Removed last traces of the obsolete --rereadmycert option

- Changed questionable question mark in connections.c:format_end()
  to 0.0.0.0/0 client subnet instead.