Hi, On 16-02-17 22:30, David Sommerseth wrote: > On 16/02/17 18:58, Gert Doering wrote: >> On Thu, Feb 16, 2017 at 02:44:13PM +0100, David Sommerseth wrote: >>> A v2.4 (and newer) client which adds --ncp-ciphers can steer which >>> ciphers a NCP capable server will use. So if the server uses >>> --ncp-ciphers AES-256-GCM:AES-256-CBC:AES-128-GCM:AES-128-CBC and you >>> want your client to only use 128 bits ciphers, you add to the client >>> configuration --ncp-ciphers AES-128-GCM:AES-128-CBC. With this >>> configuration, even if the server have --cipher BF-CBC as the default, >>> the client ciphers will be upgraded to AES-128-GCM or AES-128-CBC >>> (depending on the strongest cipher which the SSL libraries support). >> >> Close. There is no signalling client->server about the list of >> supported ciphers yet, only "I can do NCP!" - in this case the server >> will pick the first cipher from *the server side* --ncp-ciphers list. >> >> "I can do NCP!" (IV_NCP=1) is defined as "the client can do server-pushed >> ciphers, AND supports AES-256-GCM". > > Ahh! Thanks! I was not aware that AES-GCM is required for NCP > >> [..] >>> In addition, which cipher which will effectively be used also depends on >>> which ciphers the SSL libraries OpenVPN is built against supports. >> >> Sort of. If the SSL libraries do not support AES, NCP will be disabled. > > Do you mean AES-GCM, or AES in general? AES-GCM is the AEAD cipher > stuff which is quite different from plain AES. And AES is even > supported in OpenSSL v0.9.8.
The statement is true for both AES and AES-GCM, but NCP indeed specifically requires AES-GCM. >> Otherwise, there is no automatism "SSL library does not have <x>, so fall >> back to <x>" - it will just fail. > > Right! > >> (... and I bet there's yet another detail I didn't get right either) > > Steffan, come save us! :) You covered this quite well. One corner case to note is perhaps that pre-2.4 clients (or 2.4 clients with --ncp-disable) built with --enable-small (typically done on resource-constraint devices like home routers), do not tell the server which cipher they are using. This means that a 2.4 server with NCP enabled can not switch to the correct cipher, and thus that --cipher on both server and client must match for the connection to work. I'm working on a workaround for this. -Steffan ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-users
