======================================================================== * docs/CREDITS.freeswan ======================================================================== We haven't kept proper track of everybody who has helped us, alas, but here's a first attempt at acknowledgements... Most of the FreeS/WAN software has been done by Richard Guy Briggs (KLIPS), D. Hugh Redelmeier (Pluto), Michael Richardson (technical lead, KLIPS, testing, etc.), Henry Spencer (past technical lead, scripts, libraries, packaging, etc.), Sandy Harris (documentation), Claudia Schmeing (support, documentation), and Sam Sgro (support, releases). Peter Onion has collaborated extensively with RGB on PFKEY2 stuff. The original version of our IPComp code came from Svenning Soerensen, who has also contributed various bug fixes and improvements. The first versions of KLIPS were done by John Ioannidis . The first versions of Pluto (and further work on KLIPS) were done by Angelos D. Keromytis . The MD5 implementation is from RSADSI, so this package must include the following phrase: "derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm". It is not under the GPL; see details in linux/net/ipsec/ipsec_md5c.c. The LIBDES library by Eric Young is used. It is not under the GPL -- see details in libdes/COPYRIGHT -- although he has graciously waived the advertising clause for FreeS/WAN use of LIBDES. The SHA-1 code is derived from Steve Reid's; it is public domain. Some bits of Linux code, notably drivers/net/new_tunnel.c and net/ipv4/ipip.c, are used in heavily modified forms. The radix-tree code from 4.4BSD is used in a modified form. It is not under the GPL; see details in klips/net/ipsec/radij.c. The lib/pfkeyv2.h header file contains public-domain material published in RFC 2367. Delete SA code is based on Mathieu Lafon's Notification/Delete patch. Peter Onion has been immensely helpful in finding portability bugs in general, and in making FreeS/WAN work on the Alpha in particular. Rob Hatfield likewise found and fixed some problems making it work on the Netwinder. John S. Denker of AT&T Shannon Labs has found a number of bugs the hard way, has pointed out various problems (some of which we have fixed!) in using the software in production applications, and has suggested some substantial improvements to the documentation. Marc Boucher did a quick-and-dirty port of KLIPS to the Linux 2.2.x kernels, at a time when we needed it badly, and has helped chase down 2.2.xx bugs and keep us current with 2.4.x development. John Gilmore organized the FreeS/WAN project and continues to direct it. Hugh Daniel handles day-to-day management, customer interface, and both constructive and destructive testing. See the project's web page for other contributors to this project and related ones. This file is RCSID $Id: CREDITS.freeswan,v 1.1 2003/11/24 19:23:42 mcr Exp $ ======================================================================== * docs/README.x509 ======================================================================== Installation and Configuration Guide ------------------------------------ X.509 - based on version 1.4.8 Contents 1. Summary 2. Acknowledgements 3. Installation 3.1 The X.509 distribution 3.2 Installing the X.509 patch 3.3 Enabling dynamic LDAP URL fetching 3.4 Compiling and Installing FreeS/WAN with X.509 4. Configuring the connections - ipsec.conf 4.1 Configuring my side 4.2 Multiple certificates 4.3 Configuring the peer side using CA certificates 4.4 Handling Virtual IPs and wildcard subnets 4.5 Protocol and port selectors 4.6 IPsec policies based on wildcards 4.7 IPsec policies based on CA certificates 4.8 Sending certificate requests 5. Configuring certificates and CRLS 5.1 Installing CA certificates 5.2 Installing optional certificate revocation lists (CRLs) 5.3 Update of certificates and CRLs 5.4 CRL policy 5.5 Configuring the peer side using locally stored certificates 6. Configuring the private keys - ipsec.secrets 6.1 Loading private key files in PKCS#1 format 6.2 Entering passphrases interactively (NEW) 6.3 Multiple private keys 7. Generating X.509 certificates and CRLs with OpenSSL 7.1 Generating a CA certificate 7.2 Generating a host or user certificate 7.3 Generating a CRL 7.4 Revoking a certificate 8. Smartcard Support 8.1 Compiling FreeS/WAN with smartcard support 8.2 Configuring a smartcard-based connection 8.3 Entering the PIN code 8.4 Configuring a smartcard using pkcs15-init 9. Configuring the clients 9.1 FreeS/WAN 9.2 PGPnet 9.3 Safenet/Soft-PK/Soft-Remote 9.4 SSH Sentinel 9.5 Windows 2000/XP 10. Monitoring functions 11. Firewall support functions 11.1 Environment variables in the updown script 11.2 Sample updown script for iptables 12. Using the patch with standard FreeS/WAN 13. Using the patch with OpenPGP certificates 13.1 OpenPGP certificates 13.2 OpenPGP private keys 13.3 Monitoring functions 13.4 Suppression of certificate request messages 1. Summary ------- The X.509 patch supports RSA-based authentication using X.509 or OpenPGP certificates between a Linux FreeS/WAN security gateway and an unlimited number of IPsec peers. - Version 0.9 of the patch introduced certification authorities (CAs), hierarchical trust chains and certificate revocation lists (CRLs), thereby eliminating the need to store peer certificates locally on the Linux security gateway. - Version 0.9.10 introduced support of multiple certificates and corresponding private keys as described in sections 4.2 and 6.2. - Version 1.0.0 improved the support of OpenPGP certificates which can now be used concurrently with X.509 certificates. For details consult section 13. - Version 1.1.0 introduced dynamic CRL fetching supporting http, ftp, file and ldap crlDistributionPoints. For details refer to section 3.3 and 5.3. - Version 1.1.1 introduced protocol and port selectors for outbound IPsec SAs. - Version 1.2.0 brought IPsec policies based on wildcards(*) in distinguished names (ID_DER_ASN1_DN). For details see section 4.6. - Version 1.3.0 introduced IPsec policies based on certification authorities (several root and/or intermediate CAs). This feature facilitates the setup of extranets giving restricted VPN access to third parties (e.g. customers or suppliers). For details refer to section 4.7. - Version 1.4.0 brings smartcard support. The functionality is base on the PKCS#15 cryptotoken interface provided by the OpenSC project. For details see section 8. Compatibility has successfully been tested with peers running the following IPsec clients: FreeS/WAN, PGPnet, SafeNet/Soft-PK, SafeNet/SoftRemote, SSH Sentinel, Microsoft Windows 2000/XP, CheckPoint VPN-1 NG. Furthermore, interoperability with the following VPN gateways has been demonstrated during the IPsec 2001 Conference in Paris: Cisco IOS Routers, Cisco PIX firewall, Cisco VPN3000, Nortel Contivity VPN Switch, NetScreen (FreeS/WAN as responder only), OpenBSD with isakmpd, Netasq, Netcelo, and 6WIND. Potentially any IPsec implementation with X.509 certificate support can be made to cooperate with X.509-enabled FreeS/WAN. 2. Acknowledgements ---------------- Major contributions to the X.509 patch for Linux FreeS/WAN have come from Marco Bertossa, Andreas Hess, Patric Lichtsteiner, Andreas Schleiss, and Roger Wegmann, all present or former students of the Zurich University of Applied Sciences in Winterthur (Switzerland). The support of Virtual IPs and the DHCP-over-IPsec protocol has been developed and coded by Mario Strasser, former research assistant at the ZHW. Smartcard support has been provided by the ZHW students Christoph Gysin and Simon Zwahlen. Stephane Laroche from Colubris has contributed dynamic CRL fetching. Stephen J. Bevan has contributed the enforcement of port and protocol selectors on outbound traffic based on extended eroutes. The X.509 patch also integrates the original contribution by Kai Martius supporting RSA based authentication using OpenPGP certificates and PGP's proprietary Key IDs. The development of the patch is coordinated by Andreas Steffen, professor for Security and Communications at the ZHW. 3. Installation ------------ 3.1 The X.509 distribution ---------------------- The X.509 patch distribution contains the following files: +----------------------------------------------------------------------------+ | README This installation and configuration guide | |----------------------------------------------------------------------------| | CHANGES Change history for the X.509 patch | |----------------------------------------------------------------------------| | freeswan.diff Patch for the freeswan directory | |----------------------------------------------------------------------------| | ipsec.secrets.template Template for /etc/ipsec.secrets | +----------------------------------------------------------------------------+ 3.2. Installing the X.509 patch -------------------------- Copy the patch freeswan.diff to the FreeS/WAN directory and type: patch -p1 < freeswan.diff This applies all necessary changes to the FreeS/WAN source code. 3.3 Enabling dynamic LDAP URL fetching ---------------------------------- By default LDAP support will not be compiled into Pluto. In order to enable dynamic LDAP URL fetching on of the two following lines must be uncommented in the programs/pluto/Makefile: # Uncomment this line to enable dynamic CRL fetching using LDAP V3 LDAP_VERSION=3 # Uncomment this line to enable dynamic CRL fetching using LDAP V2 #LDAP_VERSION=2 Compilation will be successful only if the OpenLDAP 2.x header files and the ldap library are present. The latest OpenLDAP releases require the LDAP V3 protocol whereas older versions use LDAP V2. 'http', 'ftp', and 'file' URLs are fetched using the 'curl' command line tool. LDAP source code support is not required for these URLs. 3.4 Compiling and Installing FreeS/WAN with X.509 --------------------------------------------- After you have applied the X.509 patch, compilation and installation is done in exactly the same way as with standard FreeS/WAN. Please consult the FreeS/WAN documentation for the details. In order to compile and install the userland programs, change into the FreeS/WAN top source directory and type make programs followed by make install. With the introduction of the protocol and port selectors in version 0.9.16 it is now also necessary to recompile the kernel part of FreeS/WAN. If you want to build KLIPS as a module then you can do this with the command make module After successful module compilation, copy the module ./linux/net/ipsec/ipsec.o into the directory /lib/modules//kernel/net As a last step you must restart IPsec to enable the X.509 features ipsec setup restart 4. Configuring the connections - ipsec.conf ---------------------------------------- 4.1 Configuring my side ------------------- Usually the local side is the same for all connections. Therefore it makes sense to put the definitions characterizing the FreeS/WAN security gateway into the conn %default section of the configuration file /etc/ipsec.conf. If we assume throughout this document that the FreeS/WAN security gateway is left and the peer is right then we can write conn %default # use RSA based authentication with certificates authby=rsasig rightrsasigkey=%cert # my side is left - the freeswan security gateway left=160.85.22.2 leftcert=pulpoCert.pem # load connection definitions automatically auto=add The X.509 certificate by which the FreeS/WAN security gateway will authenticate itself by sending it in binary form to its peers as part of the Internet Key Exchange (IKE) is specified in the line leftcert=pulpoCert.pem The certificate can either be stored in base64 PEM-format or the binary DER-format. Irrespective of the file suffix, Pluto "automagically" determines the correct format. Therefore leftcert=pulpoCert.der or leftcert=pulpoCert.cer would also be valid alternatives. When using relative pathnames as in the examples above, the certificate files must be stored in in the directory /etc/ipsec.d/certs. In order to distinguish FreeS/WAN's own certificates from locally stored trusted peer certificates (see section 5.5 for details), they could also be stored in a subdirectory below /etc/ipsec.d/certs as e.g. in leftcert=mycerts/pulpoCert.pem Absolute pathnames are also possible as in leftcert=/usr/ssl/certs/pulpoCert.pem As an ID for the VPN gateway we recommend the use of a Fully Qualified Domain Name (FQDN) of the form conn rw right=%any leftid=@pulpo.strongsec.com Important: When an FQDN identifier is used it must be explicitly included as a so called subjectAltName of type dnsName (DNS:) in the certificate indicated by leftcert. For details on how to generate certificates with subjectAltNames, please refer to section 7.2. If you don't want to mess with subjectAltNames, you can use the certificate's Distinguished Name (DN) instead, which is an identifier of type DER_ASN1_DN and which can be written e.g. in the LDAP-type format conn rw right=%any leftid="C=CH, O=strongSec GmbH, CN=pulpo.strongsec.com" Since the subject's DN is part of the certificate, the leftid does not have to be declared explicitly. Thus the entry conn rw right=%any automatically assumes the subject DN of leftcert to be the host ID. 4.2 Multiple certificates --------------------- Starting with version 0.9.10, the X.509 patch supports multiple local host certificates and corresponding RSA private keys: conn rw1 right=%any rightid=@peer1.domain1 leftcert=myCert1.pem # leftid is DN of myCert1 conn rw2 right=%any rightid=@peer2.domain2 leftcert=myCert2.pem # leftid is DN of myCert2 When peer1 initiates a connection then FreeS/WAN will send myCert1 and will sign with myKey1 defined in /etc/ipsec.secrets (see section 6.2) whereas myCert2 and myKey2 will be used in a connection setup started from peer2. 4.3 Configuring the peer side using CA certificates ----------------------------------------------- Now we can proceed to define our connections. In many applications we might have dozens of mostly Windows-based road warriors connecting to a central FreeS/WAN security gateway. The following most simple statement: conn rw right=%any defines the general roadwarrior case. The line right=%any literally means that any IPSec peer is accepted, regardless of its current IP source address and its ID, as long as the peer presents a valid X.509 certificate signed by a CA the FreeS/WAN security gateway puts explicit trust in. Additionally the signature during IKE main mode gives proof that the peer is in possession of the private RSA key matching the public key contained in the transmitted certificate. The ID by which a peer is identifying itself during IKE main mode can by any of the ID types IPV4_ADDR, FQDN, USER_FQDN or DER_ASN1_DN. If one of the first three ID types is used, then the accompanying X.509 certificate of the peer must contain a matching subjectAltName field of the type ipAddress (IP:), dnsName (DNS:) or rfc822Name (email:), respectively. With the fourth type DER_ASN1_DN the identifier must completely match the subject field of the peer's certificate. One of the two possible representations of a Distinguished Name (DN) is the LDAP-type format rightid="C=CH, O=strongSec GmbH, CN=wroclaw.strongsec.com" Additional whitespace can be added everywhere as desired since it will be automatically eliminated by the X.509 parser. An exception is the single whitespace between individual words , like e.g. in strongSec GmbH, which is preserved by the parser. The Relative Distinguished Names (RDNs) can alternatively be separated by a slash '/' instead of a comma ',' rightid="/C=CH/O=strongSec GmbH/CN=wroclaw.strongsec.com" This is the representation extracted from the certificate by the OpenSSL command line option openssl x509 -in wroclawCert.pem -noout -subject The following RDNs are supported by the X.509 patch +-----------------------------------------------+ | DC Domain Component | |-----------------------------------------------| | C Country | |-----------------------------------------------| | ST State or province | |-----------------------------------------------| | L Locality or town | |-----------------------------------------------| | O Organisation | |-----------------------------------------------| | OU Organisational Unit | |-----------------------------------------------| | CN Common Name | |-----------------------------------------------| | ND NameDistinguisher, used with CN | |-----------------------------------------------| | N Name | |-----------------------------------------------| | G Given name | |-----------------------------------------------| | S Surname | |-----------------------------------------------| | I Initials | |-----------------------------------------------| | T Personal title | |-----------------------------------------------| | E E-mail | |-----------------------------------------------| | Email E-mail | |-----------------------------------------------| | emailAddress E-mail | |-----------------------------------------------| | SN Serial number | |-----------------------------------------------| | serialNumber Serial number | |-----------------------------------------------| | D Description | |-----------------------------------------------| | ID X.500 Unique Identifier | |-----------------------------------------------| | UID User ID | |-----------------------------------------------| | TCGID [Siemens] Trust Center Global ID | |-----------------------------------------------| | unstructuredName Unstructured Name | |-----------------------------------------------| | UN Unstructured Name | +-----------------------------------------------+ With the roadwarrior connection definition listed above, an IPsec SA for the FreeS/WAN security gateway pulpo.strongsec.com itself can be established. If any roadwarrior should be able to reach e.g. the two subnets 10.0.1.0/24 and 10.0.3.0/24 behind the security gateway then the following connection definitions will make this possible conn rw1 right=%any leftsubnet=10.0.1.0/24 conn rw3 right=%any leftsubnet=10.0.3.0/24 If not all peers in possession of a X.509 certificate signed by a specific certificate authority shall be given access to the Linux security gateway, then either a subset of them can be barred by listing the serial numbers of their certificates in a certificate revocation list (CRL) as specified in section 5.2 or as an alternative, access can be controlled by explicitly putting a roadwarrior entry for each eligible peer into ipsec.conf: conn soggy right=%any rightid=@soggy.strongsec.com conn ewa right=%any rightid=ewa@strongsec.com conn wroclaw right=%any rightid="C=CH, O=strongSec GmbH, CN=wroclaw.strongsec.com" When the IP address of a peer is known to be stable, it can be specified as well. This entry is mandatory when the FreeS/WAN host wants to act as the initiator an IPSec connection. conn soggy right=160.85.22.3 rightid=@soggy.strongsec.com conn ewa right=160.85.22.8 rightid=ewa@strongsec.com conn wroclaw right=160.85.22.8 rightid="C=CH, O=strongSec GmbH, CN=wroclaw.strongsec.com" conn frosch right=160.85.22.5 In the last example the ID types FQDN, USER_FQDN, DER_ASN1_DN and IPV4_ADDR, respectively, were used. Of course all connection definitions presented so far have included the lines in the conn %defaults section, comprising among other a left and leftcert entry, as well as a rightrsasigkey parameter set to the magic value %cert , signifying that the public key will be extracted from a X.509 certificates sent by the peer. 4.4 Handling Virtual IPs and wildcard subnets ----------------------------------------- Often roadwarriors are behind NAT-boxes with IPsec passthrough, which causes the inner IP source address of an IPsec tunnel to be different from the outer IP source address usually assigned dynamically by the ISP. Whereas the varying outer IP address can be handled by the right=%any construct, the inner IP address or subnet must always be declared in a connection definition. Therefore for the three roadwarriors rw1 to rw3 connecting to a FreeS/WAN security gateway the following entries are required in /etc/ipsec.conf: conn rw1 right=%any righsubnet=10.0.1.5/32 conn rw2 right=%any rightsubnet=10.0.1.5.47/32 conn rw3 right=%any rightsubnet=10.0.1.128/28 With the wildcard parameter rightsubnetwithin these three entries can be reduced to the single connection definition conn rw right=%any rightsubnetwithin=10.0.1.0/24 Any host will be accepted (of course after successful authentication based on the peer's X.509 certificate only) if it declares a client subnet lying totally within the brackets defined by the wildcard subnet definition (in our example 10.0.1.0/24). For each roadwarrior a connection instance tailored to the subnet of the particular client will be created,based on the generic rightsubnetwithin template. This new feature introduced with version 0.9.12 of the X.509 patch can also be helpful with VPN clients getting a dynamically assigned inner IP from a DHCP server located on the NAT router box. 4.5 Protocol and Port Selectors --------------------------- The X.509 patch has been combined with the selectors patch to offer the possibility to restrict the protocol and optionally the ports in an IPsec SA using the rightprotoport and leftprotoport parameter. Some examples: conn icmp right=%any rightprotoport=icmp left=%defaultroute leftid=@pluto.strongsec.com leftprotoport=icmp conn http right=%any rightprotoport=6 left=%defaultroute leftid=@pluto.strongsec.com leftprotoport=6/80 conn dhcp right=%any rightprotoport=udp/bootpc left=%defaultroute leftid=@pluto.strongsec.com leftsubnet=0.0.0.0/0 #allows DHCP discovery broadcast leftprotoport=udp/bootps rekey=no keylife=20s rekeymargin=10s auto=add Protocols and ports can be designated either by their numerical values or by their acronyms defined in /etc/services. ipsec auto --status shows the following connection definitions: "icmp": 160.85.106.10[@pulpo.strongsec.com]:1/0...%any:1/0 "http": 160.85.106.10[@pulpo.strongsec.com]:6/80...%any:6/0 "dhcp": 0.0.0.0/0===160.85.106.10[@pulpo.strongsec.com]:17/67...%any:17/68 Based on the protocol and port selectors appropriate eroutes will be set up, so that only the specified payload types will pass through the IPsec tunnel. 4.6 IPsec policies based on wildcards --------------------------------- In large VPN-based remote access networks there is often a requirement that access to the various parts of an internal network must be granted selectively, e.g. depending on the group membership of the remote access user. Version 0.9.24 of the X.509 patch makes this possible by applying wildcard filtering on the VPN user's distinguished name (ID_DER_ASN1_DN). Let's make a practical example: An organization has a sales department (OU=Sales) and a research group (OU=Research). In the company intranet there are separate subnets for Sales (10.0.0.0/24) and Research (10.0.1.0/24) but both groups share a common web server (10.0.2.100). The VPN clients use Virtual IP addresses that are either assigned statically or via DHCP-over-IPsec. The sales and research departments use IP addresses from separate DHCP address pools (10.1.0.0/24) and (10.1.1.0/24), respectively. An X.509 certificate is issued to each employee, containing in its subject distinguished name the country (C=CH), the company (O=ACME), the group membership(OU=Sales or OU=Research) and the common name (e.g. CN=Bart Simpson). The IPsec policy defined above can now be enforced with the following three IPsec security associations: conn sales right=%any rightid="C=CH, O=ACME, OU=Sales, CN=*" rightsubnetwithin=10.1.0.0/24 # Sales DHCP range leftsubnet=10.0.0.0/24 # Sales subnet conn research right=%any rightid="C=CH, O=ACME, OU=Research, CN=*" rightsubnetwithin=10.1.1.0/24 # Research DHCP range leftsubnet=10.0.1.0/24 # Research subnet conn web right=%any rightid="C=CH, O=ACME, OU=*, CN=*" rightsubnetwithin=10.1.0.0/23 # Remote access DHCP range leftsubnet=10.0.2.100/32 # Web server rightprotoport=tcp # TCP protocol only leftprotoport=tcp/http # TCP port 80 only Of course group specific tunneling could be implemented on the basis of the Virtual IP range specified by the rightsubnetwithin parameter alone, but the wildcard matching mechanism guarantees that only authorized user can access the corresponding subnets. The '*' character is used as a wildcard in relative distinguished names (RDNs). In order to match a wildcard template, the ID_DER_ASN1_DN of a peer must contain the same number of RDNs (selected from the list in section 4.3) appearing in the exact order defined by the template. "C=CH, O=ACME, OU=Research, OU=Special Effects, CN=Bart Simpson" matches the templates "C=CH, O=ACME, OU=Research, OU=*, CN=*" "C=CH, O=ACME, OU=*, OU=Special Effects, CN=*" "C=CH, O=ACME, OU=*, OU=*, CN=*" but not the template "C=CH, O=ACME, OU=*, CN=*" which doesn't have the same number of RDNs. 4.7 IPsec policies based on CA certificates --------------------------------------- As an alternative to the wildcard based IPsec policies described in section 4.6, access to specific client host and subnets can abe controlled on the basis of the CA that issued the peer certificate conn sales right=%any rightca="C=CH, O=ACME, OU=Sales, CN=Sales CA" rightsubnetwithin=10.1.0.0/24 # Sales DHCP range leftsubnet=10.0.0.0/24 # Sales subnet conn research right=%any rightca="C=CH, O=ACME, OU=Research, CN=Research CA" rightsubnetwithin=10.1.1.0/24 # Research DHCP range leftsubnet=10.0.1.0/24 # Research subnet conn web right=%any rightca="C=CH, O=ACME, CN=ACME Root CA" rightsubnetwithin=10.1.0.0/23 # Remote access DHCP range leftsubnet=10.0.2.100/32 # Web server rightprotoport=tcp # TCP protocol only leftprotoport=tcp/http # TCP port 80 only In the example above, the connection "sales" can be used by peers presenting certificates issued by the Sales CA, only. In the same way, the use of the connection "research" is restricted to owners of certificates issued by the Research CA. The connection "web" is open to both "Sales" and "Research" peers because the required "ACME Root CA" is the issuer of the Research and Sales intermediate CAs. If no rightca parameter is present then any valid certificate issued by one of the trusted CAs in /etc/ipsec.d/cacerts can be used by the peer. The leftca parameter usually doesn't have to be set explicitely because by default it is set to the issuer field of the certificate loaded via leftcert. The statement rightca=%same sets the CA requested from the peer to the CA used by the left side itself as e.g. in conn sales right=%any rightca=%same leftcert=mySalesCert.pem 4.8 Sending certificate requests ---------------------------- The presence of a rightca parameter also causes the CA to be sent as part of the certificate request message when FreeS/WAN is the initiator. As a responder FreeS/WAN sends the desired CA only for non-roadwarrior connections. 5. Configuring certificates and CRLs --------------------------------- 5.1 Installing the CA certificates ------------------------------ X.509 certificates received by FreeS/WAN during the IKE protocol are automatically authenticated by going up the trust chain until a self-signed root CA certificate is reached. Usually host certificates are directly signed by a root CA, but the X.509 patch version 0.9 also supports multi-level hierarchies with intermediate CAs in between. All CA certificates belonging to a trust chain must be copied in either binary DER or base64 PEM format into the directory /etc/ipsec.d/cacerts Multiple CAs are supported, but presently they just create a large pool of valid user or host certificates and cannot be assigned to specific connection definitions in /etc/ipsec.conf. 5.2 Installing optional certificate revocation lists (CRLs) ------------------------------------------------------- By copying a CA certificate into /etc/ipsec.d/cacerts, automatically all user or host certificates issued by this CA are declared valid. Unfortunately private keys might get compromised inadvertently or intentionally, personal certificates of users leaving a company have to be blocked immediately, etc. To this purpose certificate revocation lists (CRLs) have been created. CRLs contain the serial numbers of all user or host certificates that have been revoked due to various reasons. After successful verification of the X.509 trust chain, Pluto searches the directory /etc/ipsec.d/crls for the presence of a CRL issued by the CA that has signed the certificate. If the serial number of the certificate is found in the CRL then the public key contained in the certificate is declared invalid and the IPSec SA will not be established. If no CRL is found in the crls directory or if the deadline defined in the nextUpdate field of the CRL has been reached, a warning is issued but the public key will nevertheless be accepted. CRLs must be stored either in binary DER or base64 PEM format in the crls directory. Section 7.3 will explain in detail how CRLs can be created using OpenSSL. 5.3 Update of certificates and CRLs ------------------------------- Pluto reads certificates and CRLs from their respective files during system startup and keeps them in memory in the form of chained lists. X.509 certificates have a finite life span defined by their validity field. Therefore it must be possible to replace host and CA certificates kept in system memory without disturbing established ISAKMP SAs. Certificate revocation lists should also be updated in the regular intervals indicated by the nextUpdate field in the CRL body. The following interactive commands allow the manual replacement of the various files: +----------------------------------------------------------------------------+ | ipsec auto --rereadsecrets reload file /etc/ipsec.secrets | |----------------------------------------------------------------------------| | ipsec auto --rereadcacerts reload files in /etc/ipsec.d/cacerts directory | |----------------------------------------------------------------------------| | ipsec auto --rereadcrls reload files in /etc/ipsec.d/crls directory | |----------------------------------------------------------------------------| | ipsec auto --rereadall ipsec auto --rereadsecrets | | --rereadcacerts | | --rereadcrls | +----------------------------------------------------------------------------+ Starting with version 1.1.0 of the X.509 patch, CRLs can be automatically fetched from an HTTP or LDAP server using the CRL distribution points contained in X.509 certificates. The command ipsec auto --listcrls shows any pending fetch requests: Oct 31 00:29:53 2002, trials: 2 issuer: 'C=CH, O=strongSec GmbH, CN=strongSec Root CA' distPts: 'http://www.strongsec.com/ca/cert.crl' 'ldap://ldap.strongsec.com/o=strongSec GmbH, c=CH ?certificateRevocationList?base ?(objectClass=certificationAuthority)' In the example above, an http and an ldap URL were extracted from a received end certificate. An independent thread then tries to fetch a CRL from the designated distribution points. The same thread also periodically checks if any loaded CRLs are about to expire. The check interval can be defined in the "config setup" section of the ipsec.conf file: config setup crlcheckinterval=600 In our example the thread wakes up every 600 seconds or 10 minutes in order to check the validity of the CRLs or to retry any pending fetch requests: List of X.509 CRLs: Dec 19 09:35:31 2002, revoked certs: 40 issuer: 'C=CH, O=strongSec GmbH, CN=strongSec Root CA' distPts: 'http://www.strongsec.com/ca/cert.crl' updates: this Dec 19 09:35:00 2002 next Dec 19 10:35:00 2002 warning (expires in 19 minutes) List of fetch requests: Dec 19 10:15:31 2002, trials: 1 issuer: 'C=CH, O=strongSec GmbH, CN=strongSec Root CA' distPts: 'http://www.strongsec.com/ca/cert.crl' The first trial to update a CRL is started 2*crlcheckinterval before the nextUpdate time, i.e. when less than 20 minutes are left in our practical example. When crlcheckinterval is set to 0 (this is also the default value when the parameter is not set in ipsec.conf) then the CRL checking and updating thread is not started and dynamic CRL fetching is disabled. 5.4 CRL Policy ---------- By default Pluto is quite tolerant concerning the handling of CRLs. It is not mandatory for a CRL to be present in /etc/ipsec.d/crls and if the expiration date defined by the nextUpdate field of a CRL has been reached just a warning is issued but a peer certificate will always be accepted if it has not been revoked. If you want to enforce a stricter CRL policy then you can do this by setting the "strictcrlpolicy" option. This is done in the "config setup" section of the ipsec.conf file: config setup strictcrlpolicy=yes ... A certificate received from a peer will not be accepted if no corresponding CRL is present in /etc/ipsec.conf. And if an ISAKMP SA re-negotiation takes place after the nextUpdate deadline has been reached, the peer certificate will be declared invalid and the cached RSA public key will be deleted causing the connection in question to fail. Therefore if you are going to use the "strictcrlpolicy=yes" option make sure that the CRLs will always be updated in time. Otherwise a total standstill would ensue. As mentioned earlier the default setting is "strictcrlpolicy=no" 5.5 Configuring the peer side using locally stored certificates ----------------------------------------------------------- If you don't want to use trust chains based on CA certificates as proposed in section 4.3 you can alternatively import trusted peer certificates directly into Pluto. Thus you do not have to rely on the certificate to be transmitted by the peer as part of the IKE protocol. With the conn %default section defined in section 4.1 and the use of the rightcert keyword for the peer side, the connection definitions in section 4.3 can alternatively be written as conn soggy right=%any rightid=@soggy.strongsec.com rightcert=soggyCert.cer conn wroclaw right=160.85.22.8 rightcert=wroclawCert.der If a peer certificate contains a subjectAltName extension, then an alternative rightid type can be used, as the example "conn soggy" shows. If no rightid entry is present then the subject distinguished name contained in the certificate is taken as the ID. Using the same rules concerning pathnames that apply to FreeS/WAN's own certificates, the following two definitions are also valid for trusted peer certificates: rightcert=peercerts/wroclawCert.der or rightcert=/usr/ssl/certs/wroclawCert.der 6. Installing the private key - ipsec.secrets ------------------------------------------ 6.1 Loading private key files in PKCS#1 format ------------------------------------------ Starting with version 0.9.8 of the X.509 patch, Pluto has been enabled to load RSA private keys in the PKCS#1 file format. The key files can be optionally secured with a passphrase. RSA private key files are declared in /etc/ipsec.secrets using the syntax : RSA "" The key file can be either in base64 PEM-format or binary DER-format. The actual coding is detected "automagically" by Pluto. The example : RSA pulpoKey.pem uses a relative pathname. In this case Pluto will look for the key file in the directory /etc/ipsec.d/private As an alternative an absolute pathname can be given as in : RSA /usr/ssl/private/pulpoKey.pem In both cases make sure that the key files are root readable only. Often a private key must be transported from the Certification Authority where it was generated to the target security gateway where it is going to be used. In order to protect the key it can be encrypted with 3DES using a symmetric transport key derived from a cryptographically strong passphrase. openssl genrsa -des3 -out pulpoKey.pem 1024 Because of the weak security, key files protected by single DES will not be accepted by Pluto!!! Once on the security gateway the private key can either be permanently unlocked so that it can be used by Pluto without having to know a passphrase openssl rsa -in pulpoKey.pem -out pulpoKey.pem or as an option the key file can remain secured. In this case the passphrase unlocking the private key must be added after the pathname in /etc/ipsec.secrets : RSA pulpoKey.pem "This is my passphrase" Some CAs distribute private keys embedded in a PKCS#12 file. Since Pluto is not able yet to read this format directly, the private key part must first be extracted using the command openssl pkcs12 -nocerts -in pulpoCert.p12 -out pulpoKey.pem if the key file pulpoKey.pem is to be secured again by a passphrase, or openssl pkcs12 -nocerts -nodes -in pulpoCert.p12 -out pulpoKey.pem if the private key is to be stored unlocked. 6.2 Entering passphrases interactively ---------------------------------- On a VPN gateway you would want to put the passphrase protecting the private key file right into /etc/ipsec.secrets as described in the previous paragraph, so that the gateway can be booted in unattended mode. The risk of keeping unencrypted secrets on a server can be minimized by putting the box into a locked room. As long as no one can get root access on the machine the private keys are safe. On a mobile laptop computer the situation is quite different. The computer can be stolen or the user is leaving it unattended so that unauthorized persons can get access to it. In theses cases it would be preferable not to keep any passphrases openly in /etc/ipsec.secrets but to prompt for them interactively instead. This is easily done by defining : RSA pulpoKey.pem %prompt Since FreeS/WAN is usually started during the boot process, usually no interactive console windows is available which can be used by Pluto to prompt for the passphrase. This must be initiated by the user by typing ipsec secrets which actually is an alias for the existing command ipsec auto --rereadsecrets and which causes the prompt need passphrase for '/etc/ipsec.d/private/pulpoKey.pem' Enter: to appear. If the passphrase was correct and the private key file could be successfully decrypted then valid passphrase results. Otherwise the prompt invalid passphrase, please try again Enter: will give you another try. Entering a carriage return will abort the the passphrase prompting. 6.3 Multiple private keys --------------------- Starting with version 0.9.10 of the X.509 patch, multiple private keys are supported. Since the connections defined in ipsec.conf can find the correct private key based on the public key contained in the certificate assigned by leftcert, default private key definitions without specific IDs can be used : RSA myKey1.pem "" : RSA myKey2.pem "" 7. Generating certificates and CRLs with OpenSSL --------------------------------------------- This section is not a full-blown tutorial on how to use OpenSSL. It just lists a few points that are relevant if you want to generate your own certificates and CRLs for use with FreeS/WAN. 7.1 Generating a CA certificate --------------------------- The OpenSSL statement openssl req -x509 -days 1460 -newkey rsa:2048 \ -keyout caKey.pem -out caCert.pem creates a 2048 bit RSA private key caKey.pem and a self-signed CA certificate caCert.pem with a validity of 4 years (1460 days). openssl x509 -in cert.pem -noout -text lists the properties of a X.509 certificate cert.pem. It allows you to verify whether the configuration defaults in openssl.cnf have been inserted correctly. If you prefer the CA certificate to be in binary DER format then the following command achieves this transformation: openssl x509 -in caCert.pem -outform DER -out caCert.der The directory /etc/ipsec.d/cacerts contains all required CA certificates either in binary DER or in base64 PEM format. Irrespective of the file suffix, Pluto "automagically" determines the correct format. 7.2 Generating a host or user certificate ------------------------------------- The OpenSSL statement openssl req -newkey rsa:1024 -keyout hostKey.pem \ -out hostReq.pem generates a 1024 bit RSA private key hostKey.pem and a certificate request hostReq.pem which has to be signed by the CA. If you want to add a subjectAltName field to the host certificate you must edit the OpenSSL configuration file openssl.cnf and add the following line in the [ usr_cert ] section: subjectAltName=DNS:soggy.strongsec.com if you want to identify the host by its Fully Qualified Domain Name (FQDN ), or subjectAltName=IP:160.85.22.3 if you want the ID to be of type IPV4_ADDR. Of course you could include both ID types with subjectAltName=DNS:soggy.strongsec.com,IP:160.85.22.3 but the use of an IP address for the identification of a host should be discouraged anyway. For user certificates the appropriate ID type is USER_FQDN which can be specified as subjectAltName=email:ewa@strongsec.com or if the user's e-mail address is part of the subject's distinguished name subjectAltName=email:copy Now the certificate request can be signed by the CA with the command openssl ca -in hostReq.pem -days 730 -out hostCert.pem -notext If you omit the -days option then the default_days value (365 days) specified in openssl.cnf is used. The -notext option avoids that a human readable listing of the certificate is prepended to the base64 encoded certificate body. If you want to use the dynamic CRL fetching feature described in section 4.7 then you must include one or several crlDistributionPoints in your end certificates. This can be done in the [ usr_cert ] section of the openssl.cnf configuration file: crlDistributionPoints= @crl_dp [ crl_dp ] URI.1="http://www.strongsec.com/ca/cert.crl" URI.2="ldap://ldap.strongsec.com/o=strongSec GmbH, c=CH ?certificateRevocationList?base?(objectClass=certificationAuthority)" If you have only a single http distribution point then the short form crlDistributionPoints="URI:http://www.strongsec.com/ca/cert.crl" also works. Due to a known bug in OpenSSL this notation fails with ldap URIs. Usually a Windows-based VPN client needs its private key, its host or user certificate, and the CA certificate. The most convenient way to load this information is to put everything into a PKCS#12 file: openssl pkcs12 -export -inkey hostKey.pem \ -in hostCert.pem -name "soggy" \ -certfile caCert.pem -caname "Root CA" \ -out hostCert.p12 7.3 Generating a CRL ---------------- An empty CRL that is signed by the CA can be generated with the command openssl ca -gencrl -crldays 15 -out crl.pem If you omit the -crldays option then the default_crl_days value (30 days) specified in openssl.cnf is used. If you prefer the CRL to be in binary DER format then this conversion can be achieved with openssl crl -in crl.pem -outform DER -out cert.crl The directory /etc/ipsec.d/crls contains all CRLs either in binary DER or in base64 PEM format. Irrespective of the file suffix, Pluto "automagically" determines the correct format. 7.4 Revoking a certificate ---------------------- A specific host certificate stored in the file host.pem is revoked with the command openssl ca -revoke host.pem Next the CRL file must be updated openssl ca -gencrl -crldays 60 -out crl.pem The content of the CRL file can be listed with the command openssl crl -in crl.pem -noout -text in the case of a base64 CRL, or alternatively for a CRL in DER format openssl crl -inform DER -in cert.crl -noout -text 8. Smartcard Support ----------------- 8.1 Compiling FreeS/WAN with smartcard support ------------------------------------------ By default smartcard support will not be compiled into Pluto. In order to enable smartcard-based authentication the following line must be uncommented in the programs/pluto/Makefile: #Uncomment this line to enable smartcard support SMARTCARD=1 Compilation will be successful only if the OpenSC header files and the opensc library available from http://www.opensc.org are present. Currently opensc-0.7.0 and opensc-0.8.0 using pcsc-lite, usbtoken or openct drivers are supported. 8.2 Configuring a smartcard-based connection ---------------------------------------- Defining a smartcard-based connection in ipsec.conf is easy: conn tandoori right=160.85.22.10 rightid=@tandoori.strongsec.com rightrsasigkey=%cert left=%defaultroute leftcert=%smartcard auto=add In most cases there is a single smartcard reader or cryptotoken and only one RSA private key safely stored on the crypto device. Thus the default entry leftcert=%smartcard which stands for the full notation leftcert=%smartcard0:45 is sufficient. The general notation leftcert=%smartcard: supports the simultaneous use of several smartcard readers and cryptotoken and can access multiple RSA private keys and corresponding X.509 certificates stored on a crypto device. 8.3 Entering the PIN code --------------------- Since the smartcard signing operation needed to sign the hash with the RSA private key during IKE Main Mode is protected by a PIN code, the secret PIN must be made available to Pluto. For gateways that must be able to start IPsec tunnels automatically in unattended mode after a reboot, the secret PIN can be stored statically in ipsec.secrets : PIN %smartcard "12345678" or with the general notation : PIN %smartcard: "" On personal notebooks that could get stolen, you wouldn't want to store your PIN in ipsec.secrets. Thus the alternative form : PIN %smartcard %prompt will prompt you for the PIN when you start up the first IPsec connection using the command ipsec auto --up tandoori The auto command calls the whack function which in turn communicates with Pluto over a socket. Since the whack function call is executed from a command window, Pluto can prompt you for the PIN over this socket connection. Unfortunately roadwarrior connections which just wait passively for peers cannot be initiated via the command window: conn rw right=%any rightrsasigkey=%cert left=%defaultroute leftcert=%smartcard1:50 auto=add But if there is a corresponding entry : PIN %smartcard1:50 %prompt in ipsec.secrets, then the standard command ipsec auto --rereadsecrets or the alias ipsec secrets can be used to enter the PIN code for this connection interactively. The command ipsec auto --listcards can be executed at any time to check the current status of the PIN code[s]. 8.4 Configuring a smartcard with pkcsc15-init ----------------------------------------- FreeS/WAN's smartcard solution is based on the PKCS#15 "Cryptographic Token Information Format Standard" fully supported by OpenSC library functions. Using the command pkcs15-init --create-pkcs15 --profile pkcs15 a fresh PKCS#15 file structure is created on a smartcard or cryptotoken. With the next command pkcs15-init --auth-id 1 --store-pin --pin "12345678" --puk "87654321" --label "my PIN" a secret PIN code with auth-id 1 is stored in an unretrievable location on the smart card. The PIN will protect the RSA signing operation. If the PIN is entered incorrectly more than three times the smartcard will be locked and the PUK code can be used to unlock the card again. Next the RSA private key is transferred to the smartcard pkcs15-init --auth-id 1 --store-private-key myKey.pem [--id 45] By default the PKCS#15 smartcard record will be assigned the id 45. Using the --id option multiple key records can be stored on a smartcard. At last we load the matching X.509 certificate onto the smartcard pkcs15-init --auth-id 1 --store-certificate myCert.pem [--id 45] The pkcs15-tool can now be used to verify the contents of the smartcard. pkcs15-tool --list-pins --list-keys --list-certificates If everything is ok then you are ready to use the generated PKCS#15 structure with FreeS/WAN. 9. Configuring the clients ----------------------- 9.1 FreeS/WAN --------- A FreeS/WAN to FreeS/WAN connection is symmetrical. Any of the four defined ID types can be used, even different types on either end of the connection, although this wouldn't make much sense. +--------------------------------------------------------------+ | Connection Definition ID type subjectAltName | |--------------------------------------------------------------| | rightid (FreeS/WAN) DER_ASN1_DN - | | FQDN DNS: | | USER_FQDN email: | | IPV4_ADDR IP: | |--------------------------------------------------------------| | leftid (FreeS/WAN) DER_ASN1_DN - | | FQDN DNS: | | USER_FQDN email: | | IPV4_ADDR IP: | +--------------------------------------------------------------+ 9.2 PGPnet ------ Use the file peerCert.p12 to import PGPnet's X.509 certificate, the CA certificate, plus the encrypted private key in binary PKCS#12 format into the PGPkey tool. You will be prompted for the passphrase securing the private key. Use the file myCert.pem to import the X.509 certificate of the FreeS/WAN security gateway into the PGPkey tool. The PGPkeyTool does not accept X.509 certificates in binary DER format, so it must be imported in base64 format: -----BEGIN CERTIFICATE----- M... ... -----END CERTIFICATE----- Make sure that there is no human-readable listing of the X.509 certificate in front of the line -----BEGIN CERTIFICATE----- otherwise PGPnet will refuse to load the *.PEM file. Any surplus lines can either be deleted by loading the certificate into a text editor or you can apply the command openssl x509 -in myCert.pem -out myCert.pem to achieve the same effect. With authentication based on X.509 certificates, PGPnet always sends the ID type DER_ASN1_DN, therefore rightid in the connection definition of the FreeS/WAN security gateway must be an ASN.1 distinguished name. In the receiving direction PGPnet accepts all four ID types from FreeS/WAN. +--------------------------------------------------------------+ | Connection Definition ID type subjectAltName | |--------------------------------------------------------------| | rightid (PGPnet) DER_ASN1_DN - | |--------------------------------------------------------------| | leftid (FreeS/WAN) DER_ASN1_DN - | | FQDN DNS: | | USER_FQDN email: | | IPV4_ADDR IP: | +--------------------------------------------------------------+ 9.3 SafeNet/Soft-PK/Soft-Remote --------------------------- SafeNet/Soft-PK and SafeNet/Soft-Remote can be configured to send their identity either as DER_ASN1_DN, IPV4_ADDR, FQDN, or USER_FQDN. In the receiving direction SafeNet/Soft-PK and SafeNet/Soft-Remote accept all four ID types coming from FreeS/WAN. +--------------------------------------------------------------+ | Connection Definition ID type subjectAltName | |--------------------------------------------------------------| | rightid (SafeNet/Soft-PK) DER_ASN1_DN - | | FQDN DNS: | | USER_FQDN email: | | IPV4_ADDR IP: | |--------------------------------------------------------------| | leftid (FreeS/WAN) DER_ASN1_DN - | | FQDN DNS: | | USER_FQDN email: | | IPV4_ADDR IP: | +--------------------------------------------------------------+ 9.4 SSH Sentinel ------------ SSH Sentinel sends its identity as DER_ASN1_DN if the subjectAltName field of its certificate is empty. If a subjectAltName field is present, then the corresponding type IPV4_ADDR, FQDN, or USER_FQDN is automatically chosen. With several subjectAltName entries, the precedence of the different ID types is not quite clear. In the receiving direction SSH Sentinel accepts all four ID types from FreeS/WAN. +--------------------------------------------------------------+ | Connection Definition ID type subjectAltName | |--------------------------------------------------------------| | rightid (SSH Sentinel) DER_ASN1_DN - | | FQDN DNS: | | USER_FQDN email: | | IPV4_ADDR IP: | |--------------------------------------------------------------| | leftid (FreeS/WAN) DER_ASN1_DN - | | FQDN DNS: | | USER_FQDN email: | | IPV4_ADDR IP: | +--------------------------------------------------------------+ 9.5 Windows 2000/XP --------------- Windows 2000 and Windows XP always send the ID type DER_ASN1_DN, therefore rightid in the connection definition of the FreeS/WAN security gateway must be an ASN.1 distinguished name.In the receiving direction Windows 2000/XP accepts all four ID types from FreeS/WAN. +--------------------------------------------------------------+ | Connection Definition ID type subjectAltName | |--------------------------------------------------------------| | rightid (Windows 2000/XP) DER_ASN1_DN - | |--------------------------------------------------------------| | leftid (FreeS/WAN) DER_ASN1_D - | | FQDN DNS: | | USER_FQDN email: | | IPV4_ADDR IP: | +--------------------------------------------------------------+ 10. Monitoring functions -------------------- The X.509 patch offers the following monitoring functions: ipsec auto [--utc] --listpubkeys This command lists all public keys currently installed in the chained list of public keys. These keys were statically loaded from ipsec.conf or aquired either from received certificates or retrieved from secure DNS servers using opportunistic mode. The public key listing has the following form: Apr 10 00:10:31 2002, 1024 RSA Key AwEAAb8F/, until Jun 09 18:29:32 2002 ok ID_DER_ASN1_DN 'C=CH, O=strongSec GmbH, CN=soggy.strongsec.com' Issuer 'C=CH, O=strongSec GmbH, CN=strongSec Root CA' Apr 09 20:57:49 2002, 1024 RSA Key AwEAAbl5j, until Feb 13 11:19:25 2003 ok ID_USER_FQDN 'Andreas.Steffen@zhwin.ch' Issuer 'C=CH, O=ZHW, CN=ZHW Root CA' Apr 09 20:57:49 2002, 1024 RSA Key AwEAAbl5j, until Feb 13 11:19:25 2003 ok ID_USER_FQDN 'sna@zhwin.ch' Issuer 'C=CH, O=ZHW, CN=ZHW Root CA' It consists of - the date the public key was installed either in local time or UTC (--utc) - the modulus size of the RSA key in bits - a keyID consisting of 9 base64 symbols representing the public exponent and the most significant bits of the modulus - the expiration date of the public key (extracted from the certificate) - the type and value of the ID associated with the public key. - the issuer of the certificate the public key was extracted from. A public key can be associated with several IDs, e.g. using subjectAltNames in certificates and an ID can possess several public keys, e.g. retrieved from a secure DNS server. The command ipsec auto [--utc] --listcerts lists all local certificates, both FreeS/WAN's own and those of trusted peer loaded via leftcert and rightcert, respectively. The output has the form May 01 07:09:47 2002, count: 2 subject: 'C=CH, O=ZHW, OU=IKT, CN=Andreas Steffen' issuer: 'C=CH, O=ZHW, OU=IKT, CN=ZHW Root CA' pubkey: 1024 RSA Key AwEAAbl5j validity: not before Feb 13 11:19:25 2002 ok not after Feb 13 11:19:25 2003 ok May 01 07:09:47 2002, count: 10 subject: 'C=CH, O=strongSec GmbH, CN=pulpo.strongsec.com' issuer: 'C=CH, O=strongSec GmbH, CN=strongSec Root CA' pubkey: 1024 RSA Key AwEAAfic+, has private key validity: not before Jun 09 18:38:04 2001 ok not after Jun 09 18:38:04 2002 ok and shows - the date the certificate was installed either in local time or UTC (--utc) - the count shows how many connections refer to this certificate - the subject of the CA certificate - the issuer of the CA certificate - the size and keyid of the RSA public key contained in the certificate. the label "has private key" indicates that a matching RSA private key has been found, defined or loaded in ipsec.secrets. - the label "on smartcard" indicates that the certificate was loaded from a smartcard or cryptotoken and that most probably a matching RSA private key also resides on-card. - the validity of the CA certificate expressed either in local time or UTC (--utc). The validity is checked automatically resulting either in an "ok" message or a "fatal" error message. The command ipsec auto [--utc] --listcacerts lists all CA certificates that have been loaded from /etc/ipsec.d/cacerts. The output has the form May 01 07:09:47 2002, count: 1 subject: 'C=CH, O=strongSec GmbH, CN=strongSec Root CA' issuer: 'C=CH, O=strongSec GmbH, CN=strongSec Root CA' pubkey: 2048 RSA Key AwEAAcLG1 validity: not before May 02 23:02:35 2001 ok not after May 01 23:02:35 2005 ok and shows - the date the CA certificate was installed either in local time or UTC (--utc) - the count is always set to 1 - the subject of the CA certificate - the issuer of the CA certificate - the size and keyid of the RSA public key contained in the certificate. - the validity of the CA certificate expressed either in local time or UTC (--utc). The validity is checked automatically resulting either in an "ok" message or a "fatal" error message. The command ipsec auto [--utc] --listcrls lists all CRLs that have been loaded from /etc/ipsec.d/crls. The output has the form Oct 30 22:57:51 2002, revoked certs: 37 issuer: 'C=CH, O=strongSec GmbH, CN=strongSec Root CA' distPts: 'http://www.strongsec.com/ca/cert.crl' updates: this Oct 15 23:42:12 2002 next Nov 14 22:42:12 2002 ok and shows - the date the CRL was installed either in local time or UTC (--utc) - the number revoked certificates - the issuer of the CRL - the URLs of the distribution points where the CRL can be fetched from. - the dates when the CRL was issued and when the next update is expected, respectively, expressed either in local time or UTC (--utc). It is automatically checked if the next update deadline has passed, resulting either in an "ok" message, a a "warning" message when strictcrlpolicy=no or a "fatal" message when strictcrlpolicy=yes. The command ipsec auto [--utc] --listcards lists all smartcard records that are currently in use by Pluto. The output has the form Jul 08 17:12:49 2003, count: 2 reader: 0, id: 50, has no pin Jul 08 17:12:50 2003, count: 6 reader: 0, id: 45, has valid pin and shows - the date the certificate was read from the smartcard record - the count shows how many connections and secret pin entries point to the smartcard record - the smartcard reader or cryptotoken number. With a single reader or cryptotoken this number is usually 0. - the ID of the certificate/private key record. With a single certificate this ID is usually 45 - the status of the PIN: no | valid | invalid The command ipsec auto [--utc] -listall is equivalent to ipsec auto [--utc] -listpubkeys ipsec auto [--utc] -listcerts ipsec auto [--utc] -listcacerts ipsec auto [--utc] -listcrls ipsec auto [--utc] -listcards 11. Firewall support functions -------------------------- 11.1 Environment variables in the updown script ------------------------------------------ The X.509 patch makes the following environment variables available in the updown script indicated by the leftupdown option: +------------------------------------------------------------------+ | Variable Example Comment | |------------------------------------------------------------------| | $PLUTO_PEER_ID ewa@strongsec.com USER_FQDN (1) | |------------------------------------------------------------------| | $PLUTO_PEER_PROTOCOL 17 udp (2) | |------------------------------------------------------------------| | $PLUTO_PEER_PORT 68 bootpc (3) | |------------------------------------------------------------------| | $PLUTO_PEER_CA C=CH, O=ACME, CN=Sales CA (4) | |------------------------------------------------------------------| | $PLUTO_MY_ID @pulpo.strongsec.com FQDN (1) | |------------------------------------------------------------------| | $PLUTO_MY_PROTOCOL 17 udp (2) | |------------------------------------------------------------------| | $PLUTO_MY_PORT 67 bootps (3) | +------------------------------------------------------------------+ (1) $PLUTO_PEER_ID/$PLUTO_MY_ID contain the IDs of the two ends of an established connection. In our examples these correspond to the strings defined by rightid and leftid, respectively. (2) $PLUTO_PEER_PROTOCOL/$PLUTO_MY_PROTOCOL contain the protocol defined by the rightprotoport and leftprotoport options, respectively. Both variables contain the same protocol value. The variables take on the value '0' if no protocol has been defined. (3) $PLUTO_PEER_PORT/$PLUTO_MY_PORT contain the ports defined by the rightprotoport and leftprotoport options, respectively. The variables take on the value '0' if no port has been defined. (4) $PLUTO_PEER_CA contains the distinguished name of the CA that issued the peer's certificate. 11.2 Sample updown script for iptables --------------------------------- The template "_updown.x509" that can be found in the programs/_updown_x509 directory of the FreeS/WAN distribution after applying the X.509 patch, can be used as an updown script to dynamically insert and delete iptables firewall rules. The script also features a logging facility which will register the creation (+) and the expiration (-) of each successfully established VPN connection in a special syslog file in the following concise and easily readable format: Jul 19 18:58:38 firewall vpn: + @wroclaw.strongsec.com 160.85.106.2 -- 160.85.106.1 == 0.0.0.0/0 Jul 19 22:15:17 firewall vpn: - @wroclaw.strongsec.com 160.85.106.2 -- 160.85.106.1 == 0.0.0.0/0 12. Using the patch with standard FreeS/WAN --------------------------------------- Standard FreeS/WAN, as it is available from www.freeswan.org does public key authentication with raw RSA public keys that are directly defined in /etc/ipsec.conf rightrsasigkey=0sAq4c.... When standard FreeS/WAN receives a certificate request (CR), it immediately drops the negotiation because it does not know how to answer the request. As a workaround X.509 enabled FreeS/WAN does not send a CR if the RSA key has been statically loaded using [right/left]rsasigkey. A problem remains with roadwarriors initiating a connection. Since X.509 enabled FreeS/WAN does not know the identity of the initiating peer in advance , it will always send a CR, causing the rupture of the IKE negotiation if the peer is a standard FreeS/WAN host. To circumvent this problem the configuration parameter 'nocrsend' can be set in the config setup section of /etc/ipsec.conf: config setup: nocrsend=yes With this entry no certificate request is sent in any connection. The default setting is nocrsend=no. 13. Using the patch with OpenPGP certificates ----------------------------------------- The X.509 patch also supports RSA based authentication using OpenPGP certificates and OpenPGP V3 fingerprints used as an KEY_ID identifier. 13.1 OpenPGP certificates -------------------- OpenPGP certificates containing RSA public keys can now directly be loaded in ASCII armored PGP format using the leftcert and rightcert parameters in /etc/ipsec.conf: conn pgp right=%any righcert=peerCert.asc left=%defaultroute leftcert=gatewayCert.asc The peer certificate must be stored locally (the default directory is /etc/ipsec.d/certs) since currently no trust can be established for PGP certificates received from a peer via the IKE protocol. 13.2 OpenPGP private keys -------------------- PGP private keys in unencrypted form can now directly be loaded in ASCII armored PGP format via an entry in /etc/ipsec.secrets: : RSA gatewayKey.asc Existing IDEA-encrypted RSA private keys can be unlocked with GnuPG and the IDEA extension (see http://www.gnupg.org/gph/en/pgp2x.html) using the commands gpg --import gatewayCert.asc gpg --allow-secret-key-import --import gatewayKey.asc gpg --edit-key > passwd #change to empty password > save gpg -a --export-secret-key gatewayKey.asc 13.3 Monitoring functions -------------------- The command ipsec auto --listcerts shows all loaded PGP certificates in the following format: Aug 28 09:51:55 2002, count: 1 fingerprint: 0x1ccfca12d93467ffa9d5093d87a465dc pubkey: 1024 RSA Key ARHso6uKQ created: Aug 27 08:51:39 2002 until: --- -- --:--:-- ---- ok (expires never) The entries are - the date the certificate was loaded either in local time or UTC (--utc) - the V3 fingerprint consisting of the 16 byte MD5 hash of the public key which is used as an ID of type KEY_ID - the modulus size of the RSA key in bits - a keyID consisting of 9 base64 symbols representing the public exponent and the most significant bits of the modulus - the creation date of the public key (extracted from the certificate) - the optional expiration date of the public key (extracted from the certificate) 13.4 Suppression of certificate request messages ------------------------------------------- PGPnet configured to work with OpenPGP certificates aborts the IKE negotiation when it receives a X.509 certificate. Therefore it is recommended (mandatory for roadwarrior connections) to set config setup: nocrsend=yes in /etc/ipsec.conf. ----------------------------------------------------------------------------- X.509 FreeS/WAN patch: Copyright (c) 2000, Andreas Hess, Patric Lichtsteiner, Roger Wegmann Copyright (c) 2001, Marco Bertossa, Andreas Schleiss Copyright (c) 2002, Mario Strasser Copyright (c) 2003, Christoph Gysin, Simon Zwahlen Copyright (c) 2000-2003, Andreas Steffen Zurich University of Applied Sciences in Winterthur, Switzerland Dynamic CRL fetching Copyright (c) 2002 Stephane Laroche Port and protocol selectors for outbound traffic Copyright (c) 2002, Stephen J. Bevan PGPnet-RSA parts of patch: Copyright (c) 2000, Kai Martius This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. See http://www.fsf.org/copyleft/gpl.txt. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. ----------------------------------------------------------------------------- ======================================================================== * lib/libcrypto/libblowfish/README ======================================================================== This is a quick packaging up of my blowfish code into a library. It has been lifted from SSLeay. The copyright notices seem a little harsh because I have not spent the time to rewrite the conditions from the normal SSLeay ones. Basically if you just want to play with the library, not a problem. eric 15-Apr-1997 ======================================================================== * linux/net/ipsec/README-zlib ======================================================================== zlib 1.1.4 is a general purpose data compression library. All the code is thread safe. The data format used by the zlib library is described by RFCs (Request for Comments) 1950 to 1952 in the files http://www.ietf.org/rfc/rfc1950.txt (zlib format), rfc1951.txt (deflate format) and rfc1952.txt (gzip format). These documents are also available in other formats from ftp://ftp.uu.net/graphics/png/documents/zlib/zdoc-index.html All functions of the compression library are documented in the file zlib.h (volunteer to write man pages welcome, contact jloup@gzip.org). A usage example of the library is given in the file example.c which also tests that the library is working correctly. Another example is given in the file minigzip.c. The compression library itself is composed of all source files except example.c and minigzip.c. To compile all files and run the test program, follow the instructions given at the top of Makefile. In short "make test; make install" should work for most machines. For Unix: "./configure; make test; make install" For MSDOS, use one of the special makefiles such as Makefile.msc. For VMS, use Make_vms.com or descrip.mms. Questions about zlib should be sent to , or to Gilles Vollant for the Windows DLL version. The zlib home page is http://www.zlib.org or http://www.gzip.org/zlib/ Before reporting a problem, please check this site to verify that you have the latest version of zlib; otherwise get the latest version and check whether the problem still exists or not. PLEASE read the zlib FAQ http://www.gzip.org/zlib/zlib_faq.html before asking for help. Mark Nelson wrote an article about zlib for the Jan. 1997 issue of Dr. Dobb's Journal; a copy of the article is available in http://dogma.net/markn/articles/zlibtool/zlibtool.htm The changes made in version 1.1.4 are documented in the file ChangeLog. The only changes made since 1.1.3 are bug corrections: - ZFREE was repeated on same allocation on some error conditions. This creates a security problem described in http://www.zlib.org/advisory-2002-03-11.txt - Returned incorrect error (Z_MEM_ERROR) on some invalid data - Avoid accesses before window for invalid distances with inflate window less than 32K. - force windowBits > 8 to avoid a bug in the encoder for a window size of 256 bytes. (A complete fix will be available in 1.1.5). The beta version 1.1.5beta includes many more changes. A new official version 1.1.5 will be released as soon as extensive testing has been completed on it. Unsupported third party contributions are provided in directory "contrib". A Java implementation of zlib is available in the Java Development Kit http://www.javasoft.com/products/JDK/1.1/docs/api/Package-java.util.zip.html See the zlib home page http://www.zlib.org for details. A Perl interface to zlib written by Paul Marquess is in the CPAN (Comprehensive Perl Archive Network) sites http://www.cpan.org/modules/by-module/Compress/ A Python interface to zlib written by A.M. Kuchling is available in Python 1.5 and later versions, see http://www.python.org/doc/lib/module-zlib.html A zlib binding for TCL written by Andreas Kupries is availlable at http://www.westend.com/~kupries/doc/trf/man/man.html An experimental package to read and write files in .zip format, written on top of zlib by Gilles Vollant , is available at http://www.winimage.com/zLibDll/unzip.html and also in the contrib/minizip directory of zlib. Notes for some targets: - To build a Windows DLL version, include in a DLL project zlib.def, zlib.rc and all .c files except example.c and minigzip.c; compile with -DZLIB_DLL The zlib DLL support was initially done by Alessandro Iacopetti and is now maintained by Gilles Vollant . Check the zlib DLL home page at http://www.winimage.com/zLibDll From Visual Basic, you can call the DLL functions which do not take a structure as argument: compress, uncompress and all gz* functions. See contrib/visual-basic.txt for more information, or get http://www.tcfb.com/dowseware/cmp-z-it.zip - For 64-bit Irix, deflate.c must be compiled without any optimization. With -O, one libpng test fails. The test works in 32 bit mode (with the -n32 compiler flag). The compiler bug has been reported to SGI. - zlib doesn't work with gcc 2.6.3 on a DEC 3000/300LX under OSF/1 2.1 it works when compiled with cc. - on Digital Unix 4.0D (formely OSF/1) on AlphaServer, the cc option -std1 is necessary to get gzprintf working correctly. This is done by configure. - zlib doesn't work on HP-UX 9.05 with some versions of /bin/cc. It works with other compilers. Use "make test" to check your compiler. - gzdopen is not supported on RISCOS, BEOS and by some Mac compilers. - For Turbo C the small model is supported only with reduced performance to avoid any far allocation; it was tested with -DMAX_WBITS=11 -DMAX_MEM_LEVEL=3 - For PalmOs, see http://www.cs.uit.no/~perm/PASTA/pilot/software.html Per Harald Myrvang Acknowledgments: The deflate format used by zlib was defined by Phil Katz. The deflate and zlib specifications were written by L. Peter Deutsch. Thanks to all the people who reported problems and suggested various improvements in zlib; they are too numerous to cite here. Copyright notice: (C) 1995-2002 Jean-loup Gailly and Mark Adler This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages arising from the use of this software. Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions: 1. The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation would be appreciated but is not required. 2. Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software. 3. This notice may not be removed or altered from any source distribution. Jean-loup Gailly Mark Adler jloup@gzip.org madler@alumni.caltech.edu If you use the zlib library in a product, we would appreciate *not* receiving lengthy legal documents to sign. The sources are provided for free but without warranty of any kind. The library has been entirely written by Jean-loup Gailly and Mark Adler; it does not include third-party code. If you redistribute modified sources, we would appreciate that you include in the file ChangeLog history information documenting your changes. ======================================================================== * linux/net/ipsec/README-zlib.freeswan ======================================================================== The only changes made to these files for use in FreeS/WAN are: - In zconf.h, macros are defined to prefix global symbols with "ipcomp_" (or "_ipcomp"), when compiled with -DIPCOMP_PREFIX. - The copyright strings are defined local (static) The above changes are made to avoid name collisions with ppp_deflate and ext2compr. - Files not needed for FreeS/WAN have been removed See the "README" file for information about where to obtain the complete zlib package. ======================================================================== * linux/net/ipsec/des/README ======================================================================== libdes, Version 4.01 10-Jan-97 Copyright (c) 1997, Eric Young All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms specified in COPYRIGHT. -- The primary ftp site for this library is ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/libdes-x.xx.tar.gz libdes is now also shipped with SSLeay. Primary ftp site of ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.x.x.tar.gz The best way to build this library is to build it as part of SSLeay. This kit builds a DES encryption library and a DES encryption program. It supports ecb, cbc, ofb, cfb, triple ecb, triple cbc, triple ofb, triple cfb, desx, and MIT's pcbc encryption modes and also has a fast implementation of crypt(3). It contains support routines to read keys from a terminal, generate a random key, generate a key from an arbitrary length string, read/write encrypted data from/to a file descriptor. The implementation was written so as to conform with the manual entry for the des_crypt(3) library routines from MIT's project Athena. destest should be run after compilation to test the des routines. rpw should be run after compilation to test the read password routines. The des program is a replacement for the sun des command. I believe it conforms to the sun version. The Imakefile is setup for use in the kerberos distribution. These routines are best compiled with gcc or any other good optimising compiler. Just turn you optimiser up to the highest settings and run destest after the build to make sure everything works. I believe these routines are close to the fastest and most portable DES routines that use small lookup tables (4.5k) that are publicly available. The fcrypt routine is faster than ufc's fcrypt (when compiling with gcc2 -O2) on the sparc 2 (1410 vs 1270) but is not so good on other machines (on a sun3/260 168 vs 336). It is a function of CPU on chip cache size. [ 10-Jan-97 and a function of an incorrect speed testing program in ufc which gave much better test figures that reality ]. It is worth noting that on sparc and Alpha CPUs, performance of the DES library can vary by upto %10 due to the positioning of files after application linkage. Eric Young (eay@cryptsoft.com) ======================================================================== * COPYING ======================================================================== GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Library General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) 19yy This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) 19yy name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. , 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Library General Public License instead of this License. ======================================================================== * LICENSE ======================================================================== Except for the DES library, MD5 code, and linux/net/ipsec/radij.c this software is under the GNU Public License, see the file COPYING. See the file CREDITS for details on origins of more of the code. The linux/net/ipsec/radij.c code is derived from BSD 4.4lite code from sys/net/radix.c. In addition to the terms set out under the GPL, permission is granted to link the software against the libdes, md5c.c, and radij.c libraries just mentioned. The following additional notes apply if if you are NOT using CrytpoAPI: The DES library is under a BSD style license, see linux/crypto/ciphers/des/COPYRIGHT. Note that this software has a advertising clause in it. The MD5 implementation is from RSADSI, so this package must include the following phrase: "derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm". It is not under the GPL; see details in linux/net/ipsec/ipsec_md5c.c. ======================================================================== * lib/COPYING.LIB ======================================================================== GNU LIBRARY GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1991 Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. [This is the first released version of the library GPL. It is numbered 2 because it goes with version 2 of the ordinary GPL.] Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This license, the Library General Public License, applies to some specially designated Free Software Foundation software, and to any other libraries whose authors decide to use it. You can use it for your libraries, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the library, or if you modify it. For example, if you distribute copies of the library, whether gratis or for a fee, you must give the recipients all the rights that we gave you. You must make sure that they, too, receive or can get the source code. If you link a program with the library, you must provide complete object files to the recipients so that they can relink them with the library, after making changes to the library and recompiling it. And you must show them these terms so they know their rights. Our method of protecting your rights has two steps: (1) copyright the library, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the library. Also, for each distributor's protection, we want to make certain that everyone understands that there is no warranty for this free library. If the library is modified by someone else and passed on, we want its recipients to know that what they have is not the original version, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that companies distributing free software will individually obtain patent licenses, thus in effect transforming the program into proprietary software. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. Most GNU software, including some libraries, is covered by the ordinary GNU General Public License, which was designed for utility programs. This license, the GNU Library General Public License, applies to certain designated libraries. This license is quite different from the ordinary one; be sure to read it in full, and don't assume that anything in it is the same as in the ordinary license. The reason we have a separate public license for some libraries is that they blur the distinction we usually make between modifying or adding to a program and simply using it. Linking a program with a library, without changing the library, is in some sense simply using the library, and is analogous to running a utility program or application program. However, in a textual and legal sense, the linked executable is a combined work, a derivative of the original library, and the ordinary General Public License treats it as such. Because of this blurred distinction, using the ordinary General Public License for libraries did not effectively promote software sharing, because most developers did not use the libraries. We concluded that weaker conditions might promote sharing better. However, unrestricted linking of non-free programs would deprive the users of those programs of all benefit from the free status of the libraries themselves. This Library General Public License is intended to permit developers of non-free programs to use free libraries, while preserving your freedom as a user of such programs to change the free libraries that are incorporated in them. (We have not seen how to achieve this as regards changes in header files, but we have achieved it as regards changes in the actual functions of the Library.) The hope is that this will lead to faster development of free libraries. The precise terms and conditions for copying, distribution and modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contains code derived from the library, while the latter only works together with the library. Note that it is possible for a library to be covered by the ordinary General Public License rather than by this special one. GNU LIBRARY GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any software library which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Library General Public License (also called "this License"). Each licensee is addressed as "you". A "library" means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions and data) to form executables. The "Library", below, refers to any such software library or work which has been distributed under these terms. A "work based on the Library" means either the Library or any derivative work under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language. (Hereinafter, translation is included without limitation in the term "modification".) "Source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) The modified work must itself be a software library. b) You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change. c) You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License. d) If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility, other than as an argument passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility still operates, and performs whatever part of its purpose remains meaningful. (For example, a function in a library to compute square roots has a purpose that is entirely well-defined independent of the application. Therefore, Subsection 2d requires that any application-supplied function or table used by this function must be optional: if the application does not supply it, the square root function must still compute square roots.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library. In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library. To do this, you must alter all the notices that refer to this License, so that they refer to the ordinary GNU General Public License, version 2, instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. This option is useful when you wish to copy part of the code of the Library into a program that is not a library. 4. You may copy and distribute the Library (or a portion or derivative of it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange. If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code. 5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License. However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables. When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law. If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.) Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. 6. As an exception to the Sections above, you may also compile or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications. You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things: a) Accompany the work with the complete corresponding machine-readable source code for the Library including whatever changes were used in the work (which must be distributed under Sections 1 and 2 above); and, if the work is an executable linked with the Library, with the complete machine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.) b) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution. c) If distribution of the work is made by offering access to copy from a designated place, offer equivalent access to copy the above specified materials from the same place. d) Verify that the user has already received a copy of these materials or that you have already sent this user a copy. For an executable, the required form of the "work that uses the Library" must include any data and utility programs needed for reproducing the executable from it. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute. 7. You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined library, provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted, and provided that you do these two things: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections above. b) Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 8. You may not copy, modify, sublicense, link with, or distribute the Library except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, link with, or distribute the Library is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it. 10. Each time you redistribute the Library (or any work based on the Library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the Library subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Library at all. For example, if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 13. The Free Software Foundation may publish revised and/or new versions of the Library General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation. 14. If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Libraries If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License). To apply these terms, attach the following notices to the library. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) This library is free software; you can redistribute it and/or modify it under the terms of the GNU Library General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public License for more details. You should have received a copy of the GNU Library General Public License along with this library; if not, write to the Free Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Also add information on how to contact you by electronic and paper mail. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the library, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the library `Frob' (a library for tweaking knobs) written by James Random Hacker. , 1 April 1990 Ty Coon, President of Vice That's all there is to it! ======================================================================== * lib/libcrypto/libblowfish/COPYRIGHT ======================================================================== Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) All rights reserved. This package is an Blowfish implementation written by Eric Young (eay@cryptsoft.com). This library is free for commercial and non-commercial use as long as the following conditions are aheared to. The following conditions apply to all code found in this distribution. Copyright remains Eric Young's, and as such any Copyright notices in the code are not to be removed. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Young (eay@cryptsoft.com) THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. The license and distribution terms for any publically available version or derivative of this code cannot be changed. i.e. this code cannot simply be copied and put under another distrubution license [including the GNU Public License.] The reason behind this being stated in this direct manner is past experience in code simply being copied and the attribution removed from it and then being distributed as part of other packages. This implementation was a non-trivial and unpaid effort. ======================================================================== * linux/net/ipsec/des/COPYRIGHT ======================================================================== Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) All rights reserved. This package is an DES implementation written by Eric Young (eay@cryptsoft.com). The implementation was written so as to conform with MIT's libdes. This library is free for commercial and non-commercial use as long as the following conditions are aheared to. The following conditions apply to all code found in this distribution. Copyright remains Eric Young's, and as such any Copyright notices in the code are not to be removed. If this package is used in a product, Eric Young should be given attribution as the author of that the SSL library. This can be in the form of a textual message at program startup or in documentation (online or textual) provided with the package. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Young (eay@cryptsoft.com) THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. The license and distribution terms for any publically available version or derivative of this code cannot be changed. i.e. this code cannot simply be copied and put under another distrubution license [including the GNU Public License.] The reason behind this being stated in this direct manner is past experience in code simply being copied and the attribution removed from it and then being distributed as part of other packages. This implementation was a non-trivial and unpaid effort.