Figure out best options for a custom build of strongSwan

[dguido]

After we get everything working, we should try to trim down the StrongSwan binaries as much as possible by compiling from source and disabling everything we don't use. As a side benefit, this makes it a more unique target for exploitation and ensures that we're using the latest version.

Here my initial review of Autoconf options:

Enable new good features:
--enable-chapoly
--enable-gcm
--enable-openssl
--enable-rdrand

Enable testing support
--enable-conftest
--enable-integrity-test
--enable-test-vectors

Disable legacy ciphers
--disable-cmac
--disable-des
--disable-ikev1
--disable-md5
--disable-rc2
--disable-sha1
--disable-xcbc

Disable unused features
--disable-attr
--disable-dnskey
--disable-pgp
--disable-pkcs1
--disable-pkcs7
--disable-pkcs8
--disable-resolve
--disable-scepclient
--disable-sshkey
--disable-xauth-generic

We'll also need to figure out package signing and write a script to automate this somehow:

• PPA Guide

We may be able to limit the privileges of the strongSwan daemon even further by running StrongSwan as a non-root user and then limiting it to cap_net_admin. cap_new_raw may be required if we use connmark since it's required by the iptables library that plugin uses.

[dguido]

So, one concrete issue that is resolved by building from source is that we get AES-NI support. AESNI is supported on DigitalOcean by default. It helps extremely low performance VPS providers avoid getting overwhelmed in CPU usage.

[tobiasbrunner]

So, one concrete issue that is resolved by building from source is that we get AES-NI support.

Enabling the aesni plugin (which I guess is what you are referring to) only has an effect on IKE traffic, of which there isn't a lot. So unless you use the kernel-libipsec plugin (userland IPsec stack) you need a kernel that supports AES-NI.

Some notes on the other options you listed there:

--enable-gcm

Not needed if the openssl plugin is enabled and the installed OpenSSL version supports AES-GCM.

--enable-rdrand

Only useful if the CPU actually supports it (similar to AES-NI).

--enable-conftest

This is a special testing framework that is of no use in production environments.

--enable-test-vectors

This only has an effect if tests are enabled (charon.crypto_test options in strongswan.conf) or when running the unit tests (make check).

--disable-ikev1

Not really a cipher, but if it's not used, disabling it sure makes sense.

--disable-des
--disable-md5
--disable-sha1

These are also provided by the openssl plugin (unless they are disabled in the OpenSSL library against which it is built, or specific OPENSSL_NO_* options were explicitly set when building the plugin). Anyway, some of them might be required (e.g. SHA-1 is required for IKEv2 itself, and some certificates/key formats might still use some of them).

[dguido]

Thanks for the tips @tobiasbrunner! My goal is to support only the features that Algo uses and none others. I will ultimately use this to make a PPA specifically for Algo in #194.

Here are my notes so far.

• The Debian Building Tutorial describes how to use all the deb packaging tools.
• The Ubuntu Packaging Guide has some fairly minor changes to the process and uses slightly different tools.
• Hardening Walkthrough describes some of the compiler options available to deb packages.
• 16.04 includes strongSwan 5.3.5 but you can clone their 5.5.1 package from git://anonscm.debian.org/pkg-swan/strongswan.git

apt-get update
mkdir strongswan; cd strongswan

# dpkg-dev provides apt-get source
# devscripts provides debuild
# debian-keyring provides gpg keys needed to verify signing
apt-get install dpkg-dev devscripts debian-keyring

# Pull down the source and build dependencies from Debian
apt-get source strongswan; cd strongswan-5.3.5
apt-get build-dep strongswan

# modify debian/rules here
nano -w debian/rules

# binary only build, do not sign changes or source
# add -tc to clean build artifacts between builds
debuild -b -uc -us

Here is what I trimmed the Debian CONFIGUREARGS down to.

CONFIGUREARGS := --libdir=/usr/lib --libexecdir=/usr/lib \
                --enable-acert \
                --enable-addrblock \
                --enable-aesni \
                --enable-chapoly \
                --enable-connmark \
                --enable-coupling \
                --enable-error-notify \
                --enable-gcm \
                --enable-integrity-test \
                --enable-lookip \
                --enable-openssl \
                --disable-blowfish \
                --disable-cmac \
                --disable-des \
                --disable-dnskey \
                --disable-fast \
                --disable-ikev1 \
                --disable-md5 \
                --disable-pkcs1 \
                --disable-rc2 \
                --disable-sha1 \
                --disable-sshkey \
                --disable-xcbc

This results in the following build configuration:

 strongSwan will be built with the following plugins
-----------------------------------------------------
libstrongswan: pkcs11 aesni aes sha2 rdrand random nonce x509 revocation constraints acert pubkey pkcs7 pkcs8 pkcs12 pgp pem openssl af-alg fips-prf gmp chapoly hmac gcm
libcharon:     attr resolve socket-default connmark farp stroke updown dhcp lookip error-notify coupling addrblock
libhydra:      kernel-netlink
libtnccs:     

Finally, the following entries need to be deleted from files in the debian directory:

libcharon-extra-plugins.install:
usr/lib/ipsec/plugins/libstrongswan-dhcp.so
usr/lib/ipsec/plugins/libstrongswan-certexpire.so
usr/lib/ipsec/plugins/libstrongswan-eap*.so
usr/lib/ipsec/plugins/libstrongswan-kernel-libipsec.so
usr/lib/ipsec/plugins/libstrongswan-led.so
usr/lib/ipsec/plugins/libstrongswan-unity.so
usr/lib/ipsec/plugins/libstrongswan-xauth-*.so
usr/share/strongswan/templates/config/plugins/certexpire.conf
usr/share/strongswan/templates/config/plugins/eap-*.conf
usr/share/strongswan/templates/config/plugins/kernel-libipsec.conf
usr/share/strongswan/templates/config/plugins/led.conf
usr/share/strongswan/templates/config/plugins/unity.conf
usr/share/strongswan/templates/config/plugins/xauth-*.conf
etc/strongswan.d/charon/certexpire.conf
etc/strongswan.d/charon/eap-*.conf
etc/strongswan.d/charon/kernel-libipsec.conf
etc/strongswan.d/charon/led.conf
etc/strongswan.d/charon/unity.conf
etc/strongswan.d/charon/xauth-*.conf
usr/lib/ipsec/libipsec.so*
usr/lib/ipsec/libpttls.so*
usr/lib/ipsec/libradius.so*
usr/lib/ipsec/libsimaka.so*
usr/lib/ipsec/libtls.so*
usr/lib/ipsec/pt-tls-client

libstrongswan.install:
usr/lib/ipsec/plugins/libstrongswan-ccm.so
usr/lib/ipsec/plugins/libstrongswan-dnskey.so
usr/lib/ipsec/plugins/libstrongswan-md4.so
usr/lib/ipsec/plugins/libstrongswan-md5.so
usr/lib/ipsec/plugins/libstrongswan-pkcs1.so
usr/lib/ipsec/plugins/libstrongswan-rc2.so
usr/lib/ipsec/plugins/libstrongswan-sha1.so
usr/lib/ipsec/plugins/libstrongswan-sshkey.so
usr/lib/ipsec/plugins/libstrongswan-test-vectors.so
usr/lib/ipsec/plugins/libstrongswan-xcbc.so
usr/share/strongswan/templates/config/plugins/dnskey.conf
usr/share/strongswan/templates/config/plugins/md4.conf
usr/share/strongswan/templates/config/plugins/md5.conf
usr/share/strongswan/templates/config/plugins/pkcs1.conf
usr/share/strongswan/templates/config/plugins/rc2.conf
usr/share/strongswan/templates/config/plugins/sha1.conf
usr/share/strongswan/templates/config/plugins/sshkey.conf
usr/share/strongswan/templates/config/plugins/test-vectors.conf
usr/share/strongswan/templates/config/plugins/xcbc.conf
etc/strongswan.d/charon/dnskey.conf
etc/strongswan.d/charon/md4.conf
etc/strongswan.d/charon/md5.conf
etc/strongswan.d/charon/pkcs1.conf
etc/strongswan.d/charon/rc2.conf
etc/strongswan.d/charon/sha1.conf
etc/strongswan.d/charon/sshkey.conf
etc/strongswan.d/charon/test-vectors.conf
etc/strongswan.d/charon/xcbc.conf

libstrongswan-extra-plugins.install:
usr/lib/ipsec/plugins/libstrongswan-attr-sql.so
usr/lib/ipsec/plugins/libstrongswan-bliss.so
usr/lib/ipsec/plugins/libstrongswan-cmac.so
usr/lib/ipsec/plugins/libstrongswan-ctr.so
usr/lib/ipsec/plugins/libstrongswan-curl.so
usr/lib/ipsec/plugins/libstrongswan-dnscert.so
usr/lib/ipsec/plugins/libstrongswan-gcrypt.so
usr/lib/ipsec/plugins/libstrongswan-ipseckey.so
usr/lib/ipsec/plugins/libstrongswan-ldap.so
usr/lib/ipsec/plugins/libstrongswan-load-tester.so
usr/lib/ipsec/plugins/libstrongswan-mysql.so
usr/lib/ipsec/plugins/libstrongswan-ntru.so
usr/lib/ipsec/plugins/libstrongswan-radattr.so
usr/lib/ipsec/plugins/libstrongswan-soup.so
usr/lib/ipsec/plugins/libstrongswan-sqlite.so
usr/lib/ipsec/plugins/libstrongswan-sql.so
usr/lib/ipsec/plugins/libstrongswan-systime-fix.so
usr/lib/ipsec/plugins/libstrongswan-unbound.so
usr/lib/ipsec/plugins/libstrongswan-whitelist.so
usr/share/strongswan/templates/config/plugins/attr-sql.conf
usr/share/strongswan/templates/config/plugins/ccm.conf
usr/share/strongswan/templates/config/plugins/bliss.conf
usr/share/strongswan/templates/config/plugins/cmac.conf
usr/share/strongswan/templates/config/plugins/ctr.conf
usr/share/strongswan/templates/config/plugins/curl.conf
usr/share/strongswan/templates/config/plugins/dnscert.conf
usr/share/strongswan/templates/config/plugins/gcrypt.conf
usr/share/strongswan/templates/config/plugins/ipseckey.conf
usr/share/strongswan/templates/config/plugins/ldap.conf
usr/share/strongswan/templates/config/plugins/load-tester.conf
usr/share/strongswan/templates/config/plugins/mysql.conf
usr/share/strongswan/templates/config/plugins/ntru.conf
usr/share/strongswan/templates/config/plugins/radattr.conf
usr/share/strongswan/templates/config/plugins/soup.conf
usr/share/strongswan/templates/config/plugins/sql.conf
usr/share/strongswan/templates/config/plugins/sqlite.conf
usr/share/strongswan/templates/config/plugins/systime-fix.conf
usr/share/strongswan/templates/config/plugins/unbound.conf
usr/share/strongswan/templates/config/plugins/whitelist.conf
usr/share/strongswan/templates/database/sql/mysql.sql
usr/share/strongswan/templates/database/sql/sqlite.sql
etc/strongswan.d/charon/attr-sql.conf
etc/strongswan.d/charon/ccm.conf
etc/strongswan.d/charon/bliss.conf
etc/strongswan.d/charon/cmac.conf
etc/strongswan.d/charon/ctr.conf
etc/strongswan.d/charon/curl.conf
etc/strongswan.d/charon/dnscert.conf
etc/strongswan.d/charon/gcrypt.conf
etc/strongswan.d/charon/ipseckey.conf
etc/strongswan.d/charon/ldap.conf
etc/strongswan.d/charon/load-tester.conf
etc/strongswan.d/charon/mysql.conf
etc/strongswan.d/charon/ntru.conf
etc/strongswan.d/charon/radattr.conf
etc/strongswan.d/charon/soup.conf
etc/strongswan.d/charon/sql.conf
etc/strongswan.d/charon/sqlite.conf
etc/strongswan.d/charon/systime-fix.conf
etc/strongswan.d/charon/unbound.conf
etc/strongswan.d/charon/whitelist.conf
usr/lib/ipsec/load-tester
usr/lib/ipsec/whitelist

libstrongswan-standard-plugins.install:
usr/lib/ipsec/plugins/libstrongswan-agent.so
usr/share/strongswan/templates/config/plugins/agent.conf
etc/strongswan.d/charon/agent.conf

strongswan-starter.install:
usr/lib/ipsec/pool
usr/share/strongswan/templates/config/strongswan.d/pool.conf
etc/strongswan.d/pool.conf

rm strongswan-tnc-ifmap.install
rm strongswan-tnc-base.install
rm strongswan-tnc-client.install
rm strongswan-tnc-pdp.install
rm strongswan-tnc-server.install

charon-cmd.install:
usr/sbin/charon-cmd
usr/share/man/man8/charon-cmd.8

add to libstrongswan-extra-plugins:
usr/share/strongswan/templates/config/plugins/aesni.conf
usr/lib/ipsec/plugins/libstrongswan-aesni.so
etc/strongswan.d/charon/aesni.conf

Suggestions to trim this down further are welcome!

[tobiasbrunner]

You might want to consider using --disable-defaults and then explicitly enable all the features you want. That way new stuff won't get enabled automatically.