[strongSwan-dev] ANNOUNCE: strongswan-4.6.2rc1 released

Andreas Steffen andreas.steffen at strongswan.org
Fri Feb 10 22:54:00 CET 2012


the first 4.6.2 strongSwan release candidate is now available,
offering the following new features:

Trusted Network Connect

- Upgraded the TCG IF-IMC and IF-IMV C API to the upcoming version 1.3
  which supports IF-TNCCS 2.0 long message types, the exclusive flag
  and multiple IMC/IMV IDs. Both the TNC Client and Server as well as
  the "Test", "Scanner", and "Attestation" IMC/IMV pairs were updated.


- Fully implemented the "TCG Attestation PTS Protocol: Binding to IF-M"
  standard (TLV-based messages only). TPM-based remote attestation of
  Linux IMA (Integrity Measurement Architecture) possible. Measurement
  reference values are automatically stored in an SQLite database.

  * PTS Integrity Measurement Collector:


  * PTS Integrity Measurement Verifier


RADIUS Accounting

- The EAP-RADIUS authentication backend supports RADIUS accounting.
  It sends start/stop messages containing Username, Framed-IP and
  Input/Output-Octets attributes and has been tested against FreeRADIUS
  and Microsoft NPS.


  Tue Feb  7 16:32:21 2012
	Acct-Status-Type = Start
	Acct-Session-Id = "1328628738-1"
	User-Name = "carol"
	NAS-Port-Type = Virtual
	NAS-Identifier = "strongSwan"
	NAS-IP-Address =
	Acct-Unique-Session-Id = "385526c5638de88a"
	Timestamp = 1328628741
	Request-Authenticator = Verified

  Tue Feb  7 16:32:29 2012
	Acct-Status-Type = Stop
	Acct-Session-Id = "1328628738-1"
	User-Name = "carol"
	Acct-Output-Octets = 7100
	Acct-Input-Octets = 7100
	Acct-Session-Time = 8
	NAS-Port-Type = Virtual
	NAS-Identifier = "strongSwan"
	NAS-IP-Address =
	Acct-Unique-Session-Id = "385526c5638de88a"
	Timestamp = 1328628749
	Request-Authenticator = Verified

PKCS#8 Encoded Private Keys

- Added support for PKCS#8 encoded private keys via the libstrongswan
  pkcs8 plugin.  This is the default format used by some OpenSSL tools
  since version 1.0.0 (e.g. openssl req with -keyout).



TLS Session Resumption

- Added session resumption support to the strongSwan TLS stack.

Please test the release candidate and give us a feedback. ETA for
the stable release is February 20 2012.

Best regards


Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution!                www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)

More information about the Dev mailing list