ipnsec-0.84/README-0.84 This is the fourth alpha release of ipnsec for Linux. There is another IPSec project for Linux (known as Freeswan and KLIPS), their home page is at http://www.xs4all/~freeswan/ I am watching their work, but work independently. It is up to the users to choose which version meets their requirements. Changes to the previous version: - completely new kernel interface to the Linux TCP/IP stack: expect new problems on this front, but sooner or later one had to move in this direction. - the tncfg utility has gone, as well as ipsec devices. The ipnsec module now automatically attaches to any interfaces which have enabled IP processing - the photurisd has been updated and now disables IPSec processing for its own packets. Please note that this makes it incompatible with any older version, including the current OpenBSD implementation (which turns off IPSec options on the Photuris socket, but the OpenBSD kernel does not take those options into account yet) - some small bugs have been fixed (thanks to the KLIPS team for finding some of them) - the photurisd looping problem while reading from FIFO has been fixed (thanks to Angelos and Niels) - some elementary documentation in doc/INSTALL.txt and doc/HOWITWORKS.txt Known problems in ipnsec-0.84: - this software has been tested only with Linux kernel 2.0.33. It will probably not compile nor run with any 2.1.x kernels and most probably will not compile and run with any older version than 2.0.33. - the transport mode works only for unfragmented packets. The locally generated packets which need to be fragmented are not processed correctly in the transport mode. The module will complain that it cannot process fragments. I am not sure how to do this without breaking the whole TCP/IP stack in Linux. If you need long packets, you should turn the tunnel option on the SA. (the previous versions of ipnsec did not support locally generated fragments properly as well) - the documentation is incomplete Praha, 27th April 1998 ----------------------------------------------------------------------------------- (there was no publicly available version 0.83) ipnsec-0.82/README-0.82 This is a third alpha release of ipnsec for Linux. Changes to 0.81: - the addrt and delrt utilities have been replaced by OpenBSD lookalikes to rt(1) and rtdelete(1). Please see the manual pages in their respective directories (sbin/*). The kernel interface is actually ENABLESPI and DISABLESPI, not the routing socket as in OpenBSD. The EROUTE specific kernel interface from IPSec for Linux 0.7 has disappeared. - the eroute mechanism has been completely rewritten and is now more-or-less a straight copy from the OpenBSD. The IPSec routing table is still kept outside the main Linux routing table, but the behaviour is now very similar to that of OpenBSD. The selection of SPI can now depend on IP protocol (UDP, TCP, etc.) and in the case of UDP and TCP on source and/or destination port numbers. - photurisd and startkey now work in Linux! They seem to be fully interoperable with OpenBSD implementation. If you want to run startkey on the Linux side, you *have to* change the file: /usr/src/linux/fs/pipe.c so that FIFO_SUNOS_BRAINDAMAGE is defined (and not undefinded). Without this, photurisd will loop while reading from the FIFO. Any hint how to rewrite photurisd so that it will work with Linux 2.0.33 kernel with and without that flag is welcomed - I have not found any sensible way. I will mail any volunteer with the details I have available about the problem. You need gmp-2.0.2 installed on your machine in order to compile and link photurisd, I have included libdes in a subdir of photurisd. You need to copy the *.conf files to /etc/photuris (or to start photurisd with a flag telling it to use another directory). - the kernel interface now supports the ENABLESPI and DISABLESPI operations. What is *not* supported yet is: - SPI expirations - notifications - statistics - a typical installation of IPSec would now look like this: insmod ipsec.o tncfg attach ipsec0 eth0 ifconfig ipsec0 route del route del default route add -net dev ipsec0 route add default gw photurisd You may setup SAs and routes manually. You have to setup the SA first (ipsecadm) and install the route with rt *after* the SA is created (the code checks wheather the SA exists). You may start photuris key exchanges manually using startkey. Please note that the SPIs can now be identical for AH and ESP for the same destination - this is for compatibility with OpenBSD (and Photuris actually tries to use the same SPI for AH and ESP if both are used at the same time). - the /usr/src/linux/net/Makefile now works properly for make dep so that the IPSec files are remade after changing any IPSec headers. I will try to hack pluto so that it does work with ipnsec, I have just wanted to port photuris for testing OpenBSD interoperability. The next release will either have the SPI expirations, or a new interface to the IP code to get rid of the ipsec network device (that should also fix the multihop transport mode routing problem). I cannot commit to any of these yet, sorry. I will also try to fix any bugs found so far. Praha, 16th March 1998 -------------------------------------------------------------------- Previous ipnsec-0.81/README-0.81 This is a minor enhanced release of the ipnsec for Linux. The only change is that the tunnel mode works now. The tunnel does not work in OpenBSD and I have opened another bug with OpenBSD team including a fix. Please note that you have to set the tunnel mode at both ends, as the code checks for tunnel mode when it finds an IPIP packet inside an AH or ESP encapsulated datagram. This release does not try to solve the multihop transport mode limitation yet. Praha, March 13th -------------------------------------------------------------------- Previous ipnsec-08/README-0.8 This is the first preliminary release of a merged implementations of IPSec from Linux and OpenBSD, running on Linux. You can fetch this (and the later versions) from ftp://ftp.eunet.cz/icz/ipnsec/ You can find the (old) Linux implementation at http://www.xs4all.nl/~freeswan/ You can find the OpenBSD code at http://www.openbsd.org/ Both the Linux and OpenBSD versions have been originally written by John Ioannidis and the OpenBSD has been heavily modified by Angelos D. Keromytis and Niels Provos (and possibly others). I (Petr Novak, ) took both of the code bases and tried to merge the newer functions from OpenBSD into the existing Linux code. The code bases were ipsec-linux ver. 0.7 and OpenBSD 2.2 with all modifications up to March 9, 1998. The versioning of this software is a continuation of that of the ipsec-linux code, but this does not mean that the ipsec-linux will not evolve further on its own. This version is somewhere half on the way, as it still lacks some of the essential functions of OpenBSD. On the other hand, it should be at least as stable as the existing Linux code, but it should be more interoperable with other IPSec implementations. The code has been tested with Linux kernel 2.0.32 and 2.0.33. The development environment and the testbed is based on Redhat Linux 4.2. Here is a rough sketch of the major changes from the ipsec for Linux 0.7 and some random remarks: - the IP stack kernel interface has not changed (yet), I plan to steal that either from ENskip or to inspire in OpenBSD to fix the known problems with transport mode routing etc. - what *has* changed is the userland to kernel level interface to IPSec. The paradigm of netlink interface has been preserved, but the format of the messages is more close to the OpenBSD PF_ENCAP than to the original Linux code. The reasoning is that I would like to use the OpenBSD user-level code, rather than to stick with the existing Linux utilities (which have been a victim of recent criticism from the interoperability tester team). - the main area of differences is the code of the actual transformations (ie. esp and ah header processing). The file-per-xform approach of the original Linux code has been replaced with the file-per-standard approach of the OpenBSD code. The new files are called ipsec_{ah,esp}_{old,new}.c and the changes there required changing the ipsec_{ah,esp}.h files. To make the structure of the files cleaner, I have moved all the ciphers and hashes code to separate directories (ciphers, hashes) and I have included all the transforms from OpenBSD (ie. Blowfish, CAST and RIPEMD-160). The libdeslite has been enhanced with 3-DES in ecb mode and the cbc mode routines have been deleted for both DES and 3-DES. The ipsec_esp_{old,new}.c code does a central cipher-independent CBC processing and uses only ECB mode external ciphers. This is in line with the recent IETF draft draft-ietf-ipsec-ciph-cbc-01, although the implementation allows backwards compatibility with some older drafts (IV derived from the replay protection field). The implementation does not include the IDEA and RC5 ciphers mentioned in the draft. They were not in the OpenBSD code, as IDEA is patented in several countries (including most EU countries and the USA). If included, it should at least be possible to turn it off. As there are not that many IPSec implementations with IDEA, it is not a major interoperability requirement at this moment. I have not yet investigated the status of RC5 and I will include that cipher once confirmed that it can be distributed freely. The interoperability of all the transforms with existing OpenBSD has been tested with manual keying (using ipsecadm - see later) and they seem to work in all possible combinations, except when OpenBSD tries to receive keyed SHA-1 old-style AH packets, where the problem is at the OpenBSD side (a bug has been opened including fix with the OpenBSD team). Some of the transforms might not work with the old Linux code base, due to different key slicing and possibly other differences (at least the length of the replay protection field has changed). As the OpenBSD code seems to be more up-to-date and is a much more stable implementation at this moment, I gave priority to compatibilty with that, rather than with the existing Linux code. Unfortunately, I have not tested which actual transforms do and which do not work interoperably with the old Linux code. - the tunnel mode does not work at the moment, as the logic is different in both of the original implementations. I will finish porting and testing the tunnelling mode in several days, as that is a showstopper for any tests over the Internet. - it is not possible to print the keys in /proc/net/ipsec-spi any more in most of the cases, as any constant per-packet processing is now done in the key schedule routine (xxx_init), rather than for every packet. This means that the key schedules and hash contexts are available, but the original keys are not. Also, the format of /proc/net/ipsec-spi has changed substantially. - the expiration and statistics processing of OpenBSD are not implemented yet. - the flows of OpenBSD are not implemented yet (ie. we still use the existing eroute code of the Linux implementation - watch this space) - the main user interface for setting up IPSec is the ipsecadm utility, replacing the setsa and spigrp utilities. The ipsecadm is taken from OpenBSD (you will find it in sbin/ipsecadm) and the only changes were in the includes and the kernel interface (although the format of the actual messages has remained - the only real difference is the replacement of using /dev/ipsec instead of the PF_ENCAP socket). The manual page (ipsecadm.1) and usage printed in case of running the program without arguments are the same as in OpenBSD and should be all relevant to the existing code, except the tunnelling mode does not work yet. The diagnostics performed at the kernel level (ie. checking of key lengths, IV lengths etc) are still poorly reported, but you will find a desription of the problem in /var/log/messages (or wherever else you log your kernel messages). The user level code should perform the same sanity checks as the kernel does and report them sensibly to the user (someone to volunteer for implementing this?). - the photurisd and pluto key management daemons are not supposed to work with this release yet. - this release is a development snapshot and will be replaced by enhanced versions on about weekly basis (at least initially). Anyone who wants to run any tests over the Internet (with this or any other IPSec implementation), please mail me (pn@i.cz) and I will setup our end to talk to you. - the code is stable while being used, the only kernel oops I have seen are while bringing down the system. This does not mean there are no memory leaks, but I have fixed (possibly) the TDB memory leaks mentioned in the old XXX comments. I am not sure wheather I have created some race conditions with this or not (anyone to check?). - all the new code has been written in Praha, Czech republic and is therefore free of any export restrictions. The OpenBSD code has been legally exported from Canada (well, actually I have fetched my copy from Sweden). No US originated code has been (knowingly) included. - The code is not under RCS or CVS at the moment, as it seems to be too unstable and still large parts of files are deleted or replaced. The comments at the beginning of files about changes and versions are not always updated, I plan to start the versioning from scratch once the code reaches some of my other objectives (ie. new IP kernel interface, expiration messages etc. to enable full interopeability with ISAKMP/Oakley and Photuris). If you need to know what has changed, you need to make the diffs yourself. The doc directory has not been updated or touched, so you need to read that and *then* the ipsecadm man page. If anything goes wrong, do not blame me, nor the authors of most of the code. This code is provided AS IS, with no warranties or other blah blah. In any case, I'd like to hear from those who had any success or trouble with this code, so that it can do what somebody might think is useful. Praha, 12th March 1998 Petr Novak ICZ, a.s. .