Todo #14686
closed
Check for deprecated OpenVPN encryption and digest options on upgrade
100%
Description
OpenSSL 3.x deprecated several algorithms for encryption and digest.
Encryption algorithms removed from OpenVPN:
- ARIA
- Blowfish (e.g. BF-CBC), which was formerly an OpenVPN default
- CAST5
- DES
- DESX
- IDEA
- RC2
- RC5
- SEED
- SM4
Hash algorithms removed from OpenVPN:
- MD4
- MDC2
- SM3
- Whirlpool
On upgrade these should be removed and replaced with a stronger default.
Deprecated encryption options should be removed and replaced with valid options. In the interest of compatibility, we can replace these with the current recommended defaults, rather than disabling the tunnel and forcing the user to correct the options manually.
If there are no valid ciphers remaining in the data_ciphers list, replace it with AES-256-GCM,AES-128-GCM,CHACHA20-POLY1305
If data_ciphers_fallback is using a deprecated value, replace it with AES-256-CBC
If digest is using an invalid value, replace it with SHA256
Notify the user if any changes are made, similar to what was done for IPsec in the past (See upgrade_227_to_228())
We also need to check if the certificate is using a weak digest but that's in issue #14677 though it may be lumped into the same upgrade code function.
N.B. Though in theory using the legacy provider may allow these weak algorithms to function, it's past time to retire them and if someone wants to dig into doing that in custom options, that's left as an exercise for the reader. We shouldn't add support for that into the GUI or backend.
Files
Updated by Jim Pingle 9 months ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Applied in changeset 45b87923fecb8d7e414f927997b399fbe5a69355.
Updated by Jim Pingle 9 months ago
- Subject changed from Check for usage of deprecated options on upgrade to builds with OpenSSL 3.x to Check for deprecated OpenVPN encryption and digest options on upgrade
Updating subject for release notes.
Updated by Chris W 9 months ago
- File Screenshot from 2023-08-26 16-37-11.png Screenshot from 2023-08-26 16-37-11.png added
- File Screenshot from 2023-08-26 16-37-23.png Screenshot from 2023-08-26 16-37-23.png added
I used the wizard to make an OpenVPN server in 23.05, then manually:
- Confirmed all the algorithm choices listed above were available.
- Added ARIA 128 CBC to the Allowed Data Encryption Algorithm box and removed the default AES-GCM and CHACHA/POLY lines.
- Set auth digest to MD4
- Set fallback to BF-CBC-128
After upgrading directly to:
23.09-DEVELOPMENT (amd64)
built on Sat Aug 26 17:37:15 UTC 2023
FreeBSD 14.0-ALPHA2
- The deprecated choices above weren't available anymore, however DES-ED and DES-EDE were still available (screenshots). Not sure if that's intended.
- Algorithms were set back to the defaults of:
- Allowed Data Encryption Algorithm: AES-256-GCM, AES-256-GCM, and CHACHA20-POLY1305
- Fallback Data Encryption Algorithm: AES-256-CBC
- Auth digest algorithm: SHA256
Updated by Jim Pingle 9 months ago
- Status changed from Feedback to Resolved
The list of current algorithms is pulled dynamically from OpenVPN/OpenSSL, so if it's in the list on a current snapshot it's still supported (for now).
So long as the other behavior is correct, which it appears to be, I think we're in good shape here. Closing this out for now, if someone hits an issue we can either reopen it or treat it separately.