Blog

Release and vulnerability announcements for strongSwan

strongSwan 5.7.2 Released

We are happy to announce the release of strongSwan 5.7.2, which brings automatic signature scheme selection for TPM 2.0, updates for RADIUS and crypto plugins, dynamic paths for swanctl, and several other new features and fixes.

Automatic Signature Scheme Selection for TPM 2.0

Private key implementations may optionally provide a list of supported signature schemes, which is used by the tpm plugin because for each key on a TPM 2.0 the hash algorithm and for RSA also the padding scheme is predefined.

For RSA with PSS padding, the TPM 2.0 specification mandates the maximum salt length (as defined by the length of the key and hash). However, if the TPM is FIPS-168-4 compliant, the salt length equals the hash length. This is assumed for FIPS-140-2 compliant TPMs, but if that's not the case, it might be necessary to manually enable charon.plugins.tpm.fips_186_4 if the TPM doesn't use the maximum salt length.

RADIUS Updates

If RADIUS Accounting is enabled, the eap-radius plugin will add the session ID (Acct-Session-Id) to Access-Request messages, which e.g. simplifies associating database entries for IP leases and accounting with sessions (the session ID does not change when IKE_SAs are rekeyed).

All IP addresses assigned by a RADIUS server are included in Accounting-Stop messages even if the client did not claim them, allowing to release them early in case of connection errors.

Crypto Plugin Updates

The agent plugin, which access private keys via ssh/gpg-agent, now supports RSA signatures with SHA-256 and SHA-512 (for older versions of ssh/gpg-agent that only support SHA-1, IKEv2 signature authentication has to be disabled via charon.signature_authentication) and Ed25519/Ed448 SSH keys and signatures.

The openssl plugin supports X25519/X448 Diffie-Hellman and Ed25519/Ed448 keys and signatures when built against OpenSSL 1.1.1.

Support for Ed25519, ChaCha20/Poly1305, SHA-3 and AES-CCM was added to the botan plugin.

Credential Paths Relative to swanctl.conf

Directories for credentials loaded by swanctl are now accessed relative to the loaded swanctl.conf file, in particular, when loading it from a custom location via --file argument. The base directory, which is used if no custom location for swanctl.conf is specified, is now also configurable at runtime via SWANCTL_DIR environment variable.

Other Notable Features and Fixes

Download Complete Changelog