changes

ike协商阶段证书认证补丁 for freeswan

    "http": 160.85.106.10[@pulpo.strongsec.com]:6/80...%any:6/0

  When an instance of these connection definitions is set up,
  the corresponding eroutes are created automatically. The remaining
  protocols and ports are either dropped by default or can be passed
  in the clear outside the tunnel by setting up appropriate eroutes
  manually (see Stephen's README.selectors for details).

- Fixed a bug in the _updown.x509 script that uses iptables to
  set up dynamical firewall rules supporting port and protocol
  based filtering.


Version 0.9.15
--------------

- For security reasons the shell metacharacters ', ", `, $, and \
  are replaced by their octal escape values in the environment variables
  $PLUTO_MY_ID and $PLUTO_PEER_ID that are made available in the
  _updown script.


Version 0.9.14
--------------

- In a connection definition an IP protocol and optionally
  the source and/or destination ports can be specified. Example:

  conn dhcp
       right=%any
       rightprotoport=udp/bootpc
       left=%defaultroute
       leftid=@pluto.strongsec.com
       leftsubnet=0.0.0.0/0  #allows DHCP discovery broadcast
       leftprotoport=udp/bootps
       rekey=no
       keylife=20s
       rekeymargin=10s
       auto=add

  ipsec auto -status shows the following connection definition:

 "dhcp": 0.0.0.0/0===160.85.106.10[@pulpo.strongsec.com]:17/67...%any:17/68

  Important: KLIPS does not enforce these protocol/port restrictions so
  that always the whole IP traffic is tunneled! Currently the protoport
  parameter can be used as directions for an ipchains or iptables based
  firewall, only. By means of the new environment variables $PLUTO_MY_PROTOCOL,
  $PLUTO_PEER_PROTOCOL, $PLUTO_MY_PORT, and $PLUTO_PEER_PORT, dynamical
  firewall rules can be set up and released in a customized updown script
  (see next point below).

- The template utils/_updown.x509 can be used to dynamically insert and
  delete firewall rules using iptables. The script also includes a facility
  to log all established or disbanded VPN connections in a concise format.

- The new parameter "strictcrlpolicy" enforces a strict CRL policy.
  With the ipsec.conf setting

  config setup
       strictcrlpolicy=yes

  a received peer certificate will not be accepted if the corresponding
  CRL is either not found in /etc/ipsec.d/crls or if the nextUpdate
  date of the current CRL is reached and no new CRL has been made
  available. Please be aware of the severe consequences of setting
  strictcrlpolicy=yes. All connections will come to a sudden standstill
  if you forget to update the CRL in time. The default setting is
  strictcrlpolicy=no.

- The monitoring commands ipsec auto --listcerts | --listcacerts
  now additionally list the size and the keyid of the RSA public key
  contained in the certificate. The listing also indicates the possession
  of a matching RSA private key.


Version 0.9.13
--------------

- Bug fix: whack --debug-raw | --debug-crypt | --debug-parsing |
                 --debug-emitting | --debug-control | --debug-klips |
                 --debug-dns | --debug-private
  caused a segmentation fault because more than 64 different command
  line options had to be supported. This has been fixed by rising the
  number of possible options to 128.


Version 0.9.12
--------------

- Good news for network administrators who must manage dozens
  of roadwarriors behind NAT boxes with IPsec passthrough. Instead
  of defining each connection individually

    conn rw1
  	right=%any
	rightsubnet=10.0.1.5/32

   conn rw2
 	right=%any
	rightsubnet=10.0.1.42/32

   a single connection definition is now sufficient to handle
   Virtual IPs:

  conn rw
  	right=%any
	rightsubnetwithin=10.0.1.0/24

  This feature has been developed by Mario Strasser and is a first
  step towards full support of the "DHCP-over-IPsec" internet draft.

- Good news for user who run both X.509 based tunnels
  and connections to unpatched FreeS/WAN peers requiring
  raw RSA keys. With the new parameter 'nocrsend' in
  the config setup section of ipsec.conf

    config setup:
  	nocrsend=yes

  no X.509 certificate requests will be sent to the peers.

  Standard FreeS/WAN boxes are known to choke on certificate
  requests and also PGPnet when run with OpenPGP certificates
  will panic when it gets a X.509 CR. The nocrsend=yes setting
  will help in both cases. The default setting is nocrsend=no.

- The comparison of two distinguished names (DNs) has been refined.
  Boths DNs are now split into their set of relative distinguished
  names (RDNs). The individual RDN strings are then compared with
  each other irrespective of the ASN.1 string type they were coded
  in. If both RDNs are of ASN.1 type printableString which is usually
  the case when no special characters are used then the strings
  will be converted to upper case before comparison. The same applies
  to an IA5String-coded Email field. One restriction remains:
  The relative order of the RDNs must be the same in both DNs.

  This fix will help e.g. with X.509 certificates based on certificate
  requests issued by SSH Sentinel v3.x. Due to a different encoding
  of RDNs containing special characters, valid connection definitions
  could not be found by  Pluto.

- "make install" now creates the /etc/ipsec.d directory and its
  sub directories cacerts, crls, and private. This feature was
  announced for version 0.9.10 but somehow got lost in the
  final patch.


Version 0.9.11
--------------

- When multi-tier X.509 hierarchical trust chains are used,
  Windows XP sends its certificate plus any intermediate CA
  certificates wrapped in a PKCS#7 signedData structure.
  Pluto is now able to parse received certificates of type
  CERT_PKCS7_WRAPPED_X509. In a first step all intermediate
  CA certificates are added to the chained list of cacerts
  rejecting self-signed root CA certificates. In a second
  step the host or user certificate contained in the PKCS#7
  structure is verified along the trust chain up to the
  self-signed root CA certificate which must be present
  in /etc/ipsec.d/cacerts and which is loaded statically
  when Pluto starts up.

- The monitoring functions ipsec auto --listcerts, --listcacerts
  and --listcrls now also feature a timestamp logging
  the exact time when a certificate or CRL was last loaded.


Version 0.9.10
--------------

- Multiple certificates and corresponding multiple private keys
  for the local FreeS/WAN host are now supported. Assuming that the
  local side is "left", the parameter leftcert= indicates the
  certificate to be sent to the peer.

  A leftcert entry in the conn %default section provides a default
  certificate so that /etc/x509cert.der is not needed anymore.

  Examples:

  conn %default
       left=%defaultroute
       leftcert=myCert1.pem

  conn rw1
       right=%any
       rightid=@peer1.domain1
       # leftid is the DN of myCert1

  conn rw2
       right=%any
       rightid=@peer2.domain2
       leftcert=myCert2.pem
       # leftid is the DN of myCert2

  conn rw3
       right=%any
       rightid=@peer3.domain1
       leftid=@myid.domain1
       # leftid is myid.domain1 and must be a subjectAltName
         contained in myCert1

  The certificates are loaded relative to /etc/ipsec.d or from
  an arbitrary absolute path. The corresponding private keys
  are loaded via ipsec.secrets:

  : RSA myKey1.pem "<optional passphrase>"

  : RSA myKey2.pem "<optional passphrase>"

  Based on the public key contained in the leftcert certificate
  the corresponding private key is found automatically.

- Due to the support of multiple certificates and corresponding
  private keys, configuration has become much simpler. Therefore
  a large part of the README has been rewritten. Still, backward
  compatibility to previous versions of the patch has been
  maintained.

- Since x509.c has grown quite significantly over the last few
  versions, it has been split into asn1.c, pkcs.c and x509.c,
  accompanied by the corresponding header files asn1.h, pkcs.h
  and x509.h.

- The ASN.1 parser now tolerates UTCTIME and GENERALIZEDTIME
  objects with nonzero time zone offsets and missing seconds
  field (DER coding requires both Zulu time and a seconds field,
  so in a proper certificate these special cases should never
  occur). Thanks go to Jochen Eisinger for his patch.

- Adopted the new FreeS/WAN keyid for RSA public keys, consisting
  of 9 base64 digits. Used in ipsec auto --listpubkeys.

- "make install" now creates the /etc/ipsec.d directory and its
  sub directories cacerts, crls, and private.


Version 0.9.9
-------------

- When Pluto wants to use an expired public key in the public key
  cache in order to check a signature, then the expired key is now
  deleted from the chained list and the setup of the connection is
  prevented.

- No certificate request is sent if the public key of the connection
  has been preloaded using rightrsasigkey=0x.... This makes
  interoperability with non-X.509 enabled FreeS/WAN clients possible
  because they choke on certificate requests.

- Created the environment variables $PLUTO_MY_ID and $PLUTO_PEER_ID
  which can be accessed in the updown script. Use in ID based firewalling
  policies or for logging purposes.

- Added the distinguished name attribute [Siemens] Trust Center Global
  ID (TCGID=) having the OID 1.3.6.1.4.1.1201.1.1.2.2.75


Version 0.9.8
-------------

- PKCS#1 RSA private key files can now be read directly by
  Pluto, thereby eliminating the need to extract the private
  key using the fswcert tool. As a consequence fswcert is not bundled
  with the X.509 patch any more but is still available as a
  separate distribution from http://www.strongsec.com/freeswan/.

  RSA private key files are declared in /etc/ipsec.secrets in
  the form

    : RSA myKey.pem

  as a PEM file or with

    : RSA freeswanKey.der

  as a DER file. If the private key has been encrypted with 3DES
  and protected with a passphrase then with the notation

    : RSA pulpoKey.pem "This is my passphrase"

  the key file is automatically decrypted. Be careful to make
  /etc/ipsec.secrets root readable only.

  Relative pathnames are looked up in the directory /etc/ipsec.d/private.
  Absolute pathnames like e.g./usr/ssl/private/pulpoKey.pem are also
  possible. If not protected by a passphrase be sure to make key
  files root readable only.

- Distinguished Names in ipsec.conf can now be written without
  the preceding '@' character. The new notation is

    leftid="C=CH, O=strongSec GmbH, CN=pulpo.strongsec.com"

  or alternatively

    leftid="/C=CH/O=strongSec GmbH/CN=pulpo.strongsec.com"

  The old notation

    leftid="@C=CH, O=strongSec GmbH, CN=pulpo.strongsec.com"

  or alternatively

    leftid="@/C=CH/O=strongSec GmbH/CN=pulpo.strongsec.com"

  will also be supported, thus ensuring that existing configuration
  files can still be used.

- leftcert and rightcert can now be used together with leftid and
  rightid, if you want to specify a subjectAltName instead of the
  default subject distinguished name of the certificate. Example:

  conn use_ID_DER_ASN1_DN
       right=%any
       rightcert=peerCert.pem

  or

  conn use_ID_FQDN
       right=%any
       rightid=@peer.host
       rightcert=peerCert.pem

  Of course the ID_FQDN peer.host must exist as a DNS subjectAltName
  extension in the certificate "peerCert.pem", otherwise the subject DN
  is automatically assumed.

- A certificate can now contain an unlimited amount of subjectAltNames
  either of the same type or of various types.

- crlDistributionPoints are now parsed in certificates. This is
  a further step towards support of dynamic CRL updates.


Version 0.9.7
-------------

- Fixed both a bug and a memory leak in send_delete(), the
  function responsible for sending delete notifications. Both
  patches were contributed by D. Hugh Redelmeier. Thanks!


Version 0.9.6
-------------

- The following monitoring functions are now available:

  ipsec auto --listpubkeys  #lists all installed public keys
  ipsec auto --listcacerts  #lists all installed cacerts
  ipsec auto --listcrls     #lists all installed crls

  all three commands can be used with the option --utc
  which causes all dates to be represented in UTC time
  instead of the default local time. The expiration date of cacerts
  and crls is checked and a warning is issued some time
  (30 days for cacerts / 7 days for crls) before imminent expiry.

- Dates extracted from certificates and CRLs (e.g. validity,
  next update,revocation dates) are now represented as standard
  time_t objects.

- The three patches to the pluto directory, utils/auto and
  utils/_confread, respectively, have been merged into a
  single patch "freeswan.diff" that can be applied to the
  freeswan top directory.

- The script utils/auto does not generate a whack message for
  leftrsasigkey=%cert and/or rightrsasigkey=%cert anymore,
  since no RSA keys must be stored in the chained list of
  public keys before the actual connection is negotiated.

- Locally stored host certificates defined in ipsec.conf are now
  loaded by pluto. The fswcert tool is not used by utils/_confread
  anymore.

- Bug fix: Everytime a certificate was received during IKE Main Phase,
  the validated public key is inserted into a chained list of
  public keys without prior deletion of the already existing copy.
  This behaviour leads caused a memory leak in version 0.9.5, but only
  in combination with freeswan-1.93 or the snapshot.


Version 0.9.5
-------------

- Bug fix: When a roadwarrior set up multiple IPsec SAs,
  rekeying was impossible since the ID was missing in the
  roadwarrior instances. Fixed in rw_instantiate() in ipsec_doi.c.


Version 0.9.4
-------------

- Support of several subnets in certificate based roadwarrior
  connections. Example

  conn rw1
	right=%any
	leftsubnet=10.0.1.0/24
	auto=add

  conn rw2
	right=%any
	leftsubnet=10.0.2.0/24
	auto=add

  conn rw3
  	right=%any
	rightsubnet=10.0.3.0/24
	leftsubnet=10.0.1.0/24
	auto=add

- Support of ISO-8859-1 character set in distinguished names (DNs).
  In the example

  rightid="@C=CH, O=strongSec GmbH, OU=@*#