Project

General

Profile

Actions

Todo #13648

closed

Remove deprecated IPsec algorithms (3DES, Blowfish, and CAST 128 encryption; MD5 HMAC/Hashing)

Added by Jim Pingle about 2 years ago. Updated about 2 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
IPsec
Target version:
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
23.01
Release Notes:
Default

Description

FreeBSD removed support for several obsolete ciphers from its IPsec stack. See https://cgit.freebsd.org/src/commit/?id=16aabb761c0a8e5fb120594fcce4f2bf79fad61e

The relevant removed entries appear to be

  • 3DES
  • Blowfish
  • Cast128
  • MD5 HMAC authentication.

We need to remove these from the the IPsec GUI and add upgrade code to disable any tunnels using them and document this removal for users.

NOTE: The MD5 variants removed here should not affect FRR/BGP. From the look of the FreeBSD source code, tcp-md5 remains in place and that's what is used by FRR.

These changes are mostly implemented now by Kristof, from MR https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/915 (f9cfd6bc0c3674382a87fe07ba00a3a5365c1744, ee9bbad1ce23989515dfb061ef087180c0514cb8, 807e91174169614c7f5402d66de88f924a48febd)

In addition to the current code, I'm going to try a more fine-grained approach where instead of disabling entire entries it only disables or skips entries with deprecated ciphers. If there are none left, then the whole P1/P2 can be disabled. This would be smoother for the user since they may need the IPsec tunnel to manage the router and it may not actually be using the outdated ciphers.

What we have in place is good enough for a start, though, I'll work on refining it and see how that goes.


Related issues

Related to Feature #13647: Support for ChaCha20-Poly1305 encryption with IPsecResolvedKristof Provost

Actions
Actions #1

Updated by Jim Pingle about 2 years ago

  • Related to Feature #13647: Support for ChaCha20-Poly1305 encryption with IPsec added
Actions #2

Updated by Jim Pingle about 2 years ago

  • Description updated (diff)
Actions #3

Updated by Jim Pingle about 2 years ago

  • Tracker changed from Feature to Todo
  • Status changed from In Progress to Feedback
  • % Done changed from 70 to 100

This is now complete. See 599742b01436e2b99c0c2fb52cab71f5726a695d

P1 and P2 entries are only disabled if they have no remaining valid combinations of options. This way tunnels that just had one bad entry selected can continue working as long as there is some viable combination remaining.

Also refined the notices so it only notifies once per P1 or P2 when adjustments were made, and then once at the end listing the deprecated algorithms to avoid some repetition.

Actions #4

Updated by Jim Pingle about 2 years ago

  • Subject changed from Remove deprecated IPsec algorithms to Remove deprecated IPsec algorithms (3DES, Blowfish, and CAST 128 encryption; MD5 HMAC/Hashing)

Updating subject for release notes.

Actions #5

Updated by Jim Pingle about 2 years ago

  • Status changed from Feedback to Resolved

I've tried the upgrade path several more times and it's been doing the right/expected thing each time. Deprecated entries are removed and if there are still valid entries remaining, the tunnels are still active.

I also added a large warning to the release notes alerting users to this behavior.

https://docs.netgate.com/pfsense/en/latest/releases/23-01.html#general

Actions

Also available in: Atom PDF