Todo #13648
closed
Remove deprecated IPsec algorithms (3DES, Blowfish, and CAST 128 encryption; MD5 HMAC/Hashing)
100%
Description
FreeBSD removed support for several obsolete ciphers from its IPsec stack. See https://cgit.freebsd.org/src/commit/?id=16aabb761c0a8e5fb120594fcce4f2bf79fad61e
The relevant removed entries appear to be
- 3DES
- Blowfish
- Cast128
- MD5 HMAC authentication.
We need to remove these from the the IPsec GUI and add upgrade code to disable any tunnels using them and document this removal for users.
NOTE: The MD5 variants removed here should not affect FRR/BGP. From the look of the FreeBSD source code, tcp-md5 remains in place and that's what is used by FRR.
These changes are mostly implemented now by Kristof, from MR https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/915 (f9cfd6bc0c3674382a87fe07ba00a3a5365c1744, ee9bbad1ce23989515dfb061ef087180c0514cb8, 807e91174169614c7f5402d66de88f924a48febd)
In addition to the current code, I'm going to try a more fine-grained approach where instead of disabling entire entries it only disables or skips entries with deprecated ciphers. If there are none left, then the whole P1/P2 can be disabled. This would be smoother for the user since they may need the IPsec tunnel to manage the router and it may not actually be using the outdated ciphers.
What we have in place is good enough for a start, though, I'll work on refining it and see how that goes.
Related issues
Updated by Jim Pingle about 2 years ago
- Related to Feature #13647: Support for ChaCha20-Poly1305 encryption with IPsec added
Updated by Jim Pingle about 2 years ago
- Tracker changed from Feature to Todo
- Status changed from In Progress to Feedback
- % Done changed from 70 to 100
This is now complete. See 599742b01436e2b99c0c2fb52cab71f5726a695d
P1 and P2 entries are only disabled if they have no remaining valid combinations of options. This way tunnels that just had one bad entry selected can continue working as long as there is some viable combination remaining.
Also refined the notices so it only notifies once per P1 or P2 when adjustments were made, and then once at the end listing the deprecated algorithms to avoid some repetition.
Updated by Jim Pingle almost 2 years ago
- Subject changed from Remove deprecated IPsec algorithms to Remove deprecated IPsec algorithms (3DES, Blowfish, and CAST 128 encryption; MD5 HMAC/Hashing)
Updating subject for release notes.
Updated by Jim Pingle almost 2 years ago
- Status changed from Feedback to Resolved
I've tried the upgrade path several more times and it's been doing the right/expected thing each time. Deprecated entries are removed and if there are still valid entries remaining, the tunnels are still active.
I also added a large warning to the release notes alerting users to this behavior.
https://docs.netgate.com/pfsense/en/latest/releases/23-01.html#general