Re: [Openvpn-devel] [PATCH v2 4/4] Do not set pool netmask when nopool is set

2020-06-22 Thread Gert Doering 
Hi,

On Wed, Nov 13, 2019 at 06:07:02PM +0800, Tom Yan wrote:
> The setting probably just slipped out of the if-block over rewrites.

Possibly... so it makes sense to clean this up.

Can you please re-send the patch to change *both* places where this
occurs, helper.c line 348 and helper.c line 391?  Seems a bit weird to
just change one occurance.

gert
-- 
"If was one thing all people took for granted, was conviction that if you 
 feed honest figures into a computer, honest figures come out. Never doubted 
 it myself till I met a computer with a sense of humor."
 Robert A. Heinlein, The Moon is a Harsh Mistress

Gert Doering - Munich, Germany g...@greenie.muc.de


signature.asc
Description: PGP signature
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

[Openvpn-devel] [PATCH applied] Re: Add unit tests for engine keys

2020-06-22 Thread Gert Doering 
Acked-by: Gert Doering 

Tested on :
 - MacOS Mojave with OpenSSL 1.1.1c (brew) and out-of-tree build, works.
 - Linux with mbedtls (does not try engine tests, good :-) )
 - Linux with OpenSSL 1.1.1, works
 - FreeBSD 11.3 with OpenSSL 1.0.2s -> v6 fails, v6 works \o/

Conferred with Arne, we agreed on "this is good enough, and who wants 
something more sophisticated is welcome to send more patches".

Your patch has been applied to the master branch.

Thanks :)

commit 542c69c37b347d1895dde076508d0f6554544860
Author: James Bottomley
Date:   Mon Jun 22 16:23:19 2020 -0700

 Add unit tests for engine keys

 Signed-off-by: James Bottomley 
 Acked-by: Gert Doering 
 Message-Id: <20200622232319.8143-2-james.bottom...@hansenpartnership.com>
 URL: 
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg20075.html
 Signed-off-by: Gert Doering 


--
kind regards,

Gert Doering



___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] [PATCH] systemd: Change the default cipher to AES-256-GCM for server configs

2020-06-22 Thread Dmitry Melekhov 

22.06.2020 20:58, Selva Nair пишет:

+*WARNING*This MAY break configurations where the client uses
+``--disable-occ`` feature where the ``--cipher`` has
+not been explicitly configured on both client and
+server side.  It is recommended to remove the ``--disable-occ``
+option*or*  explicitly add ``--cipher AES-256-GCM`` on the
+client side if ``--disable-occ`` is strictly needed.


Well, may be it is possible to add support for setting cipher in ccd

as it was possible before 2.4.9 using patch from here

https://community.openvpn.net/openvpn/ticket/845

?


Thank you!





___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

[Openvpn-devel] [PATCH v8 1/1] Add unit tests for engine keys

2020-06-22 Thread James Bottomley 
Testing engines is problematic, so one of the prerequisites built for
the tests is a simple openssl engine that reads a non-standard PEM
guarded key.  The test is simply can we run a client/server
configuration with the usual sample key replaced by an engine key.
The trivial engine prints out some operations and we check for these
in the log to make sure the engine was used to load the key and that
it correctly got the password.

Signed-off-by: James Bottomley 

---
v8: Fix openssl.cnf.in build rule for BSD
v7: Hard code .so for dll
v6: add absolute path instead of env variable in openssl.cnf (MacOS)
v5: do not hard code dynamic library extension into openssl.cnf (MacOS)
v4: add OPENSSL_config(NULL) so debian checks will work
v3: added this patch
---
 configure.ac  |   2 +
 tests/unit_tests/Makefile.am  |   3 +
 tests/unit_tests/engine-key/Makefile.am   |  24 +
 .../engine-key/check_engine_keys.sh   |  30 ++
 tests/unit_tests/engine-key/libtestengine.c   | 101 ++
 tests/unit_tests/engine-key/openssl.cnf.in|  12 +++
 6 files changed, 172 insertions(+)
 create mode 100644 tests/unit_tests/engine-key/Makefile.am
 create mode 100755 tests/unit_tests/engine-key/check_engine_keys.sh
 create mode 100644 tests/unit_tests/engine-key/libtestengine.c
 create mode 100644 tests/unit_tests/engine-key/openssl.cnf.in

diff --git a/configure.ac b/configure.ac
index 273a8d1b..53b7a967 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1387,6 +1387,7 @@ AM_CONDITIONAL([GIT_CHECKOUT], [test "${GIT_CHECKOUT}" = 
"yes"])
 AM_CONDITIONAL([ENABLE_PLUGIN_AUTH_PAM], [test "${enable_plugin_auth_pam}" = 
"yes"])
 AM_CONDITIONAL([ENABLE_PLUGIN_DOWN_ROOT], [test "${enable_plugin_down_root}" = 
"yes"])
 AM_CONDITIONAL([HAVE_LD_WRAP_SUPPORT], [test "${have_ld_wrap_support}" = 
"yes"])
+AM_CONDITIONAL([OPENSSL_ENGINE], [test "${have_openssl_engine}" = "yes"])
 
 sampledir="\$(docdir)/sample"
 AC_SUBST([plugindir])
@@ -1448,6 +1449,7 @@ AC_CONFIG_FILES([
 tests/unit_tests/openvpn/Makefile
 tests/unit_tests/plugins/Makefile
 tests/unit_tests/plugins/auth-pam/Makefile
+   tests/unit_tests/engine-key/Makefile
sample/Makefile
 ])
 AC_CONFIG_FILES([tests/t_client.sh], [chmod +x tests/t_client.sh])
diff --git a/tests/unit_tests/Makefile.am b/tests/unit_tests/Makefile.am
index 33fefaac..f27cd90f 100644
--- a/tests/unit_tests/Makefile.am
+++ b/tests/unit_tests/Makefile.am
@@ -2,4 +2,7 @@ AUTOMAKE_OPTIONS = foreign
 
 if ENABLE_UNITTESTS
 SUBDIRS = example_test openvpn plugins
+if OPENSSL_ENGINE
+SUBDIRS += engine-key
+endif
 endif
diff --git a/tests/unit_tests/engine-key/Makefile.am 
b/tests/unit_tests/engine-key/Makefile.am
new file mode 100644
index ..39bed743
--- /dev/null
+++ b/tests/unit_tests/engine-key/Makefile.am
@@ -0,0 +1,24 @@
+AUTOMAKE_OPTIONS = foreign
+
+check_LTLIBRARIES = libtestengine.la
+conffiles = openssl.cnf
+
+TESTS_ENVIRONMENT = srcdir="$(abs_srcdir)"; \
+   builddir="$(abs_builddir)"; \
+   top_builddir="$(top_builddir)"; \
+   top_srcdir="$(top_srcdir)"; \
+   export srcdir builddir top_builddir top_srcdir;
+
+TESTS = check_engine_keys.sh
+check_engine_keys.sh: $(conffiles)
+
+clean-local:
+   rm -f $(conffiles)
+
+$(builddir)/openssl.cnf: $(srcdir)/openssl.cnf.in
+   sed "s|ABSBUILDDIR|$(abs_builddir)|" < $< > $@
+
+libtestengine_la_SOURCES = libtestengine.c
+libtestengine_la_LDFLAGS = @TEST_LDFLAGS@ -rpath /lib -shrext .so
+libtestengine_la_CFLAGS = @TEST_CFLAGS@ -I$(openvpn_srcdir) -I$(compat_srcdir)
+
diff --git a/tests/unit_tests/engine-key/check_engine_keys.sh 
b/tests/unit_tests/engine-key/check_engine_keys.sh
new file mode 100755
index ..e0c9d7b0
--- /dev/null
+++ b/tests/unit_tests/engine-key/check_engine_keys.sh
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+OPENSSL_CONF="${builddir}/openssl.cnf"
+export OPENSSL_CONF
+
+password='AT3S4PASSWD'
+
+key="${builddir}/client.key"
+pwdfile="${builddir}/passwd"
+
+# create an engine key for us
+sed 's/PRIVATE KEY/TEST ENGINE KEY/' < 
${top_srcdir}/sample/sample-keys/client.key > ${key}
+echo "$password" > $pwdfile
+
+# note here we've induced a mismatch in the client key and the server
+# cert which openvpn should report and die.  Check that it does.  Note
+# also that this mismatch depends on openssl not openvpn, so it is
+# somewhat fragile
+${top_builddir}/src/openvpn/openvpn --cd ${top_srcdir}/sample --config 
sample-config-files/loopback-server --engine testengine --key ${key} --askpass 
$pwdfile > log.txt 2>&1
+
+# first off check we died because of a key mismatch.  If this doesn't
+# pass, suspect openssl of returning different messages and update the
+# test accordingly
+grep -q 'X509_check_private_key:key values mismatch' log.txt || { echo "Key 
mismatch not detected"; exit 1; }
+
+# now look for the engine prints (these are under our control)
+grep -q 'ENGINE: engine_init called' log.txt || { echo "Engine initializati

[Openvpn-devel] [PATCH v8 0/1] Add unit tests for engine keys

2020-06-22 Thread James Bottomley 
This is the version that should work on Linux, Mac and BSD (famous
last words ...).  I've checked it on the Linux platforms (Ubuntu and
OpenSUSE).

James

---

James Bottomley (1):
  Add unit tests for engine keys

 configure.ac  |   2 +
 tests/unit_tests/Makefile.am  |   3 +
 tests/unit_tests/engine-key/Makefile.am   |  24 +
 .../engine-key/check_engine_keys.sh   |  30 ++
 tests/unit_tests/engine-key/libtestengine.c   | 101 ++
 tests/unit_tests/engine-key/openssl.cnf.in|  12 +++
 6 files changed, 172 insertions(+)
 create mode 100644 tests/unit_tests/engine-key/Makefile.am
 create mode 100755 tests/unit_tests/engine-key/check_engine_keys.sh
 create mode 100644 tests/unit_tests/engine-key/libtestengine.c
 create mode 100644 tests/unit_tests/engine-key/openssl.cnf.in

-- 
2.26.2



___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] [PATCH v6 3/3] Add unit tests for engine keys

2020-06-22 Thread Gert Doering 
Hi,

On Mon, Jun 22, 2020 at 11:28:16AM -0700, James Bottomley wrote:
> That will be my fault.  I assumed automake always ran with gnu make, 

No :-)   (and let's not start a gnu make vs bsd make vs. cmake vs. ant
discussion now :-) ).

Specifically, we run automake on linux systems before doing release
tarballs, so the target host doesn't even *need* automake installed -
but if you want, automake runs just fine on BSD, producing "standard
makefiles" that work fine with BSD make.

> so the .cnf rule is in gnu make syntax at the bottom of (Makefile.am):
> 
> $(builddir)/%.cnf: $(srcdir)/%.cnf.in
>   sed "s|ABSBUILDDIR|$(abs_builddir)|" < $< > $@
> 
> 
> If I just spell everything out and don't use the percent wildcard, it
> should work even on legacy make.

Ah, there it is :) - I think "non-GNU" make doesn't handle these in
combination with paths.

"man make" on FreeBSD says:

 The $@ and $< variables are more or less universally portable, as is the
 $(MAKE) variable.  Basic use of suffix rules (for files only in the
 current directory, not trying to chain transformations together, etc.) is
 also reasonably portable.

so

$(builddir)/openvpn.cnf: $(srcdir)/openvpn.cnf.in
sed "s|ABSBUILDDIR|$(abs_builddir)|" < $< > $@

should work.

gert

-- 
"If was one thing all people took for granted, was conviction that if you 
 feed honest figures into a computer, honest figures come out. Never doubted 
 it myself till I met a computer with a sense of humor."
 Robert A. Heinlein, The Moon is a Harsh Mistress

Gert Doering - Munich, Germany g...@greenie.muc.de


signature.asc
Description: PGP signature
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] [PATCH v6 3/3] Add unit tests for engine keys

2020-06-22 Thread James Bottomley 
On Mon, 2020-06-22 at 19:28 +0200, Gert Doering wrote:
> Hi,
> 
> On Mon, Jun 22, 2020 at 10:06:44AM -0700, James Bottomley wrote:
> > > [..]
> > > > Right, that's what the patch in the url does: uses .so on both
> > > > mac
> > > > and linux.
> > > 
> > > I got all confused with your "v6" patch and your "v7" patch,
> > > which
> > > did other things, and but did not have a "v6" in the history :-)
> > > 
> > > *This* patch definitely looks like it's doing the right thing on
> > > MacOS.
> > 
> > Great, thanks ... I'll rewrap it and submit as a separate patch
> > email
> > with cover letter.
> 
> I was about to just merge what I have, but it exploded on me on
> FreeBSD
> now - and I can't really figure out why (yet)...
> 
> libtool: link: (cd ".libs" && rm -f "libtestengine.so.0" && ln -s
> "libtestengine.so.0.0.0" "libtestengine.so.0")
> libtool: link: (cd ".libs" && rm -f "libtestengine.so" && ln -s
> "libtestengine.so.0.0.0" "libtestengine.so")
> libtool: link: ar cru .libs/libtestengine.a  libtestengine_la-
> libtestengine.o
> libtool: link: ranlib .libs/libtestengine.a
> libtool: link: ( cd ".libs" && rm -f "libtestengine.la" && ln -s
> "../libtestengine.la" "libtestengine.la" )
> make  check-TESTS
> make[5]: don't know how to make openssl.cnf. Stop
> 
> make[5]: stopped in /home/gert/src/openvpn-maint/test-build-master-
> fbsd/tests/unit_tests/engine-key
> 
> 
> it seems as if there is an implicit rule "somewhere" that Linux make
> has
> and FreeBSD make not how to build openssl.cnf from
> $(srcdir)/openssl.cnf.in
> - on Linux, when I remove "openssl.cnf" from the target dir and re-
> run
> "make check", I get
> 
> make[5]: Entering directory '/rhome/gert/src/openvpn-maint/test-
> build-master-ossl111/tests/unit_tests/engine-key'
> sed "s|ABSBUILDDIR|/rhome/gert/src/openvpn-maint/test-build-master-
> ossl111/tests/unit_tests/engine-key|" <
> ../../../../openvpn/tests/unit_tests/engine-key/openssl.cnf.in >
> openssl.cnf
> PASS: check_engine_keys.sh
> 
> 
> Ah.  If I run "gmake check", it also passes on FreeBSD...
> 
> gmake[5]: Entering directory '/home/gert/src/openvpn-maint/test-
> build-master-fbsd/tests/unit_tests/engine-key'
> sed "s|ABSBUILDDIR|/home/gert/src/openvpn-maint/test-build-master-
> fbsd/tests/unit_tests/engine-key|" <
> ../../../../openvpn/tests/unit_tests/engine-key/openssl.cnf.in >
> openssl.cnf
> PASS: check_engine_keys.sh
> =
> 1 test passed
> =
> 
> ... so the engine part *itself* is fine, just the "openssl.cnf from
> .in" doesn't work with BSD make...
> 
> 
> We need a v7 (or v8?) :-(

That will be my fault.  I assumed automake always ran with gnu make, so
the .cnf rule is in gnu make syntax at the bottom of (Makefile.am):

$(builddir)/%.cnf: $(srcdir)/%.cnf.in
sed "s|ABSBUILDDIR|$(abs_builddir)|" < $< > $@


If I just spell everything out and don't use the percent wildcard, it
should work even on legacy make.

James



signature.asc
Description: This is a digitally signed message part
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] [PATCH] systemd: Change the default cipher to AES-256-GCM for server configs

2020-06-22 Thread David Sommerseth 
[resent for the ML inclusion]

On 22/06/2020 18:58, Selva Nair wrote:
> On Mon, Jun 22, 2020 at 7:31 AM David Sommerseth  wrote:
[...snip...]
>> +ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log 
>> --status-version 2 --suppress-timestamps --cipher AES-256-GCM --ncp-ciphers 
>> AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC:BF-CBC --config %i.conf
> 
> This is why I keep my openvpn servers out of systemd's view -- it
> keeps deciding what's good for us. I want to run my configs as is.

The order of options are crucial here.  This only changes the _default_ if
these options are not set.  If they are set in the config file, the config
file will override.


-- 
kind regards,

David Sommerseth
OpenVPN Inc






signature.asc
Description: OpenPGP digital signature
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] [PATCH] systemd: Change the default cipher to AES-256-GCM for server configs

2020-06-22 Thread David Sommerseth 
On 22/06/2020 14:43, Steffan Karger wrote:
> Hi,
> 
> On 22-06-2020 14:29, David Sommerseth wrote:
>> On 22/06/2020 14:21, Arne Schwabe wrote:
>>>
  PrivateTmp=true
  WorkingDirectory=/etc/openvpn/server
 -ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log 
 --status-version 2 --suppress-timestamps --config %i.conf
 +ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log 
 --status-version 2 --suppress-timestamps --cipher AES-256-GCM 
 --ncp-ciphers AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC:BF-CBC 
 --config %i.conf
  CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE 
 CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE 
 CAP_AUDIT_WRITE
  LimitNPROC=10
  DeviceAllow=/dev/null rw

>>>
>>> NACK.
>>>
>>> Setting ncp-cipher to include BF-CBC by default allows BF-CBC in configs
>>> that did not allow it before. Basically any config that had something
>>> other than cipher BF-CBC and no ncp-ciphers in it will now allow clients
>>> with BF-CBC to connect. I don't want force users to set ncp-cipher to a
>>> sane value since the systemd unit file doesn't.
>>
>> That will break existing configs on the next upgrade.  Do we want do do that?
>>
>> I'm fine with removing BF-CBC, but it is scheduled for removal in OpenVPN 
>> 2.6.
> 
> I think Arne has a very good point that it's kinda weird to "degrade"
> the NCP defaults.
> 
> Making AES-256-GCM the default cipher for TLS-based connections (GCM
> won't work with static key configs) does not imply *removing* BF-CBC
> support. Maybe these should be the steps:
> 
> 2.4: Use to AES-256-GCM when available (basically what NCP did)
> 2.5: Switch to AES-256-GCM as the default cipher (but allow overriding)
> 2.6: Remove support for small block ciphers all together
> 
> Yes, this will probably break some (less secure) setups and make some
> people angry. But at some point people need to move on. We've been
> throwing warnings at them for a while now.

Yes, I agree that Arne got a point.  But I'm not completely convinced breaking
configs in OpenVPN 2.5 without a prior note that it will stop working.  Our
warning only screams "you shouldn't use ciphers with block sizes < 128 bits",
it doesn't say "this will stop working in a future release".

OpenVPN 2.4.9 gives this warning:

WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This
allows attacks like SWEET32.  Mitigate by using a --cipher with a larger
block size (e.g. AES-256-CBC).

The community has been informed it will stop working in 2.6, not before this
release.

This must be documented properly and log warnings updated to indicate
short-term workarounds.

I could be willing to consider breaking configs for ciphers in a later 2.5.x
release as long as users are properly warned *when* it will stop working - and
that users gets a real chance to fix configs before we do break their configs
- where a workaround approach could be considered and available from v2.5.0
(on the other hand, if they change their configs, they should swap ciphers
instead of applying a workaround for a dying cipher - but for some it might be
a bit more complicated to do such a swap).

We need to find a good middle-way for OpenVPN 2.5, where we clearly signal
"weak ciphers will be removed" and when we will do that.  While also moving
forward and break as few configs as possible and not make configs weaker than
before.


-- 
kind regards,

David Sommerseth
OpenVPN Inc




signature.asc
Description: OpenPGP digital signature
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] [PATCH] systemd: Change the default cipher to AES-256-GCM for server configs

2020-06-22 Thread David Sommerseth 
On 22/06/2020 19:20, André via Openvpn-devel wrote:
> Hi,
> 
> 
> Sent with ProtonMail Secure Email.
> 
> ‐‐‐ Original Message ‐‐‐
> On Monday 22 June 2020 18:58, Selva Nair  wrote:
> 
>> On Mon, Jun 22, 2020 at 7:31 AM David Sommerseth dav...@openvpn.net wrote:
>>
>>> This change makes the server use AES-256-GCM instead of BF-CBC as the
>>> default cipher for the VPN tunnel when starting OpenVPN via systemd
>>> and the openvpn-server@.service unit file.
>>> To avoid breaking existing running configurations defaulting to BF-CBC,
>>> the Negotiable Crypto Parameters (NCP) list contains the BF-CBC in
>>> addition to AES-CBC. This makes it possible to migrate existing older
>>> client configurations one-by-one to use at least AES-CBC unless the
>>> client is updated to v2.4 or newer (which defaults to upgrade to
>>> AES-GCM automatically)
>>> This has been tested in Fedora 27 (released November 2017) with no
>>> reported issues. By making this default for all Linux distributions
>>> with systemd shipping with the unit files we provide, we gradually
>>> expand setups using this possibility. As we gather experience from
>>> this change, we can further move these changes into the defaults of
>>> the OpenVPN binary itself with time.
>>>
>>> Signed-off-by: David Sommerseth dav...@openvpn.net
>>>
>>> ---
>>>
>>> Changes.rst | 15 +++
>>> distro/systemd/openvpn-ser...@.service.in | 2 +-
>>> 2 files changed, 16 insertions(+), 1 deletion(-)
>>> diff --git a/Changes.rst b/Changes.rst
>>> index 00dd6ed8..e76d3c73 100644
>>> --- a/Changes.rst
>>> +++ b/Changes.rst
>>> @@ -14,6 +14,21 @@ ChaCha20-Poly1305 cipher support
>>> channel.
>>> +User-visible Changes
>>> +
>>> +New default cipher for systemd based Linux distributions
>>>
>>> -   For Linux distributions with systemd which packages the systemd unit 
>>> files
>>> -   from the OpenVPN project, the default cipher is now changed to 
>>> AES-256-GCM,
>>> -   with BF-CBC as a fallback through the NCP feature. This change has been
>>> -   tested successfully since the Fedora 27 release (released November 
>>> 2017).
>>> -
>>> -   WARNING This MAY break configurations where the client uses
>>> -  ``--disable-occ`` feature where the ``--cipher`` has
>>>
>>>
>>> -  not been explicitly configured on both client and
>>>
>>>
>>> -  server side.  It is recommended to remove the 
>>> ``--disable-occ``
>>>
>>>
>>> -  option *or* explicitly add ``--cipher AES-256-GCM`` on 
>>> the
>>>
>>>
>>> -  client side if ``--disable-occ`` is strictly needed.
>>>
>>>
>>> -
>>>
>>> Overview of changes in 2.4
>>>
>>> ===
>>>
>>> diff --git a/distro/systemd/openvpn-ser...@.service.in 
>>> b/distro/systemd/openvpn-ser...@.service.in
>>> index d1cc72cb..f3545ff5 100644
>>> --- a/distro/systemd/openvpn-ser...@.service.in
>>> +++ b/distro/systemd/openvpn-ser...@.service.in
>>> @@ -10,7 +10,7 @@ 
>>> Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
>>> Type=notify
>>> PrivateTmp=true
>>> WorkingDirectory=/etc/openvpn/server
>>> -ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log 
>>> --status-version 2 --suppress-timestamps --config %i.conf
>>> +ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log 
>>> --status-version 2 --suppress-timestamps --cipher AES-256-GCM --ncp-ciphers 
>>> AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC:BF-CBC --config %i.conf
>>
>> This is why I keep my openvpn servers out of systemd's view -- it
>> keeps deciding what's good for us. I want to run my configs as is.
>>
>> Selva
>>
>> Openvpn-devel mailing list
>> Openvpn-devel@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/openvpn-devel
> 
> Sorry for the noise in advance but I agree.
> No idea how to keep it out of systemd's view :) but I change the line to
> -ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log 
> --status-version 2 --suppress-timestamps --config %i.conf
> +ExecStart=@sbindir@/openvpn --config %i.conf
> and do everything in %i.conf
> No unexpected configuration behaviour that way like missing timestamps in log.

The --suppress-timestamps is actually the _only_ option there which cannot be
overridden.  By not having it there, a lot of users would be annoyed by
duplicated timestamps in their logs when they don't use log files directly.
But I can agree, having a way to override this option could be beneficial for
some users.

There might be many reasons why to use separate log files, but on a busy
server it may actually slow openvpn down a little bit (it is still single
threaded and logging happens in the same thread as key negotiations and VPN
network traffic) - especially if file write caches fills up and the fprint()
calls are blocked until file system has synced up.

By default, all logging is easily accessible via 'journalctl -u
ope

Re: [Openvpn-devel] [PATCH v6 3/3] Add unit tests for engine keys

2020-06-22 Thread Gert Doering 
Hi,

On Mon, Jun 22, 2020 at 10:06:44AM -0700, James Bottomley wrote:
> > [..]
> > > Right, that's what the patch in the url does: uses .so on both mac
> > > and linux.
> > 
> > I got all confused with your "v6" patch and your "v7" patch, which
> > did other things, and but did not have a "v6" in the history :-)
> > 
> > *This* patch definitely looks like it's doing the right thing on
> > MacOS.
> 
> Great, thanks ... I'll rewrap it and submit as a separate patch email
> with cover letter.

I was about to just merge what I have, but it exploded on me on FreeBSD
now - and I can't really figure out why (yet)...

libtool: link: (cd ".libs" && rm -f "libtestengine.so.0" && ln -s 
"libtestengine.so.0.0.0" "libtestengine.so.0")
libtool: link: (cd ".libs" && rm -f "libtestengine.so" && ln -s 
"libtestengine.so.0.0.0" "libtestengine.so")
libtool: link: ar cru .libs/libtestengine.a  libtestengine_la-libtestengine.o
libtool: link: ranlib .libs/libtestengine.a
libtool: link: ( cd ".libs" && rm -f "libtestengine.la" && ln -s 
"../libtestengine.la" "libtestengine.la" )
make  check-TESTS
make[5]: don't know how to make openssl.cnf. Stop

make[5]: stopped in 
/home/gert/src/openvpn-maint/test-build-master-fbsd/tests/unit_tests/engine-key


it seems as if there is an implicit rule "somewhere" that Linux make has
and FreeBSD make not how to build openssl.cnf from $(srcdir)/openssl.cnf.in
- on Linux, when I remove "openssl.cnf" from the target dir and re-run
"make check", I get

make[5]: Entering directory 
'/rhome/gert/src/openvpn-maint/test-build-master-ossl111/tests/unit_tests/engine-key'
sed 
"s|ABSBUILDDIR|/rhome/gert/src/openvpn-maint/test-build-master-ossl111/tests/unit_tests/engine-key|"
 < ../../../../openvpn/tests/unit_tests/engine-key/openssl.cnf.in > openssl.cnf
PASS: check_engine_keys.sh


Ah.  If I run "gmake check", it also passes on FreeBSD...

gmake[5]: Entering directory 
'/home/gert/src/openvpn-maint/test-build-master-fbsd/tests/unit_tests/engine-key'
sed 
"s|ABSBUILDDIR|/home/gert/src/openvpn-maint/test-build-master-fbsd/tests/unit_tests/engine-key|"
 < ../../../../openvpn/tests/unit_tests/engine-key/openssl.cnf.in > openssl.cnf
PASS: check_engine_keys.sh
=
1 test passed
=

... so the engine part *itself* is fine, just the "openssl.cnf from .in"
doesn't work with BSD make...


We need a v7 (or v8?) :-(

gert

-- 
"If was one thing all people took for granted, was conviction that if you 
 feed honest figures into a computer, honest figures come out. Never doubted 
 it myself till I met a computer with a sense of humor."
 Robert A. Heinlein, The Moon is a Harsh Mistress

Gert Doering - Munich, Germany g...@greenie.muc.de


signature.asc
Description: PGP signature
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] [PATCH] systemd: Change the default cipher to AES-256-GCM for server configs

2020-06-22 Thread André via Openvpn-devel 
Hi,


Sent with ProtonMail Secure Email.

‐‐‐ Original Message ‐‐‐
On Monday 22 June 2020 18:58, Selva Nair  wrote:

> On Mon, Jun 22, 2020 at 7:31 AM David Sommerseth dav...@openvpn.net wrote:
>
> > This change makes the server use AES-256-GCM instead of BF-CBC as the
> > default cipher for the VPN tunnel when starting OpenVPN via systemd
> > and the openvpn-server@.service unit file.
> > To avoid breaking existing running configurations defaulting to BF-CBC,
> > the Negotiable Crypto Parameters (NCP) list contains the BF-CBC in
> > addition to AES-CBC. This makes it possible to migrate existing older
> > client configurations one-by-one to use at least AES-CBC unless the
> > client is updated to v2.4 or newer (which defaults to upgrade to
> > AES-GCM automatically)
> > This has been tested in Fedora 27 (released November 2017) with no
> > reported issues. By making this default for all Linux distributions
> > with systemd shipping with the unit files we provide, we gradually
> > expand setups using this possibility. As we gather experience from
> > this change, we can further move these changes into the defaults of
> > the OpenVPN binary itself with time.
> >
> > Signed-off-by: David Sommerseth dav...@openvpn.net
> >
> > ---
> >
> > Changes.rst | 15 +++
> > distro/systemd/openvpn-ser...@.service.in | 2 +-
> > 2 files changed, 16 insertions(+), 1 deletion(-)
> > diff --git a/Changes.rst b/Changes.rst
> > index 00dd6ed8..e76d3c73 100644
> > --- a/Changes.rst
> > +++ b/Changes.rst
> > @@ -14,6 +14,21 @@ ChaCha20-Poly1305 cipher support
> > channel.
> > +User-visible Changes
> > +
> > +New default cipher for systemd based Linux distributions
> >
> > -   For Linux distributions with systemd which packages the systemd unit 
> > files
> > -   from the OpenVPN project, the default cipher is now changed to 
> > AES-256-GCM,
> > -   with BF-CBC as a fallback through the NCP feature. This change has been
> > -   tested successfully since the Fedora 27 release (released November 
> > 2017).
> > -
> > -   WARNING This MAY break configurations where the client uses
> > -  ``--disable-occ`` feature where the ``--cipher`` has
> >
> >
> > -  not been explicitly configured on both client and
> >
> >
> > -  server side.  It is recommended to remove the 
> > ``--disable-occ``
> >
> >
> > -  option *or* explicitly add ``--cipher AES-256-GCM`` on 
> > the
> >
> >
> > -  client side if ``--disable-occ`` is strictly needed.
> >
> >
> > -
> >
> > Overview of changes in 2.4
> >
> > ===
> >
> > diff --git a/distro/systemd/openvpn-ser...@.service.in 
> > b/distro/systemd/openvpn-ser...@.service.in
> > index d1cc72cb..f3545ff5 100644
> > --- a/distro/systemd/openvpn-ser...@.service.in
> > +++ b/distro/systemd/openvpn-ser...@.service.in
> > @@ -10,7 +10,7 @@ 
> > Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
> > Type=notify
> > PrivateTmp=true
> > WorkingDirectory=/etc/openvpn/server
> > -ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log 
> > --status-version 2 --suppress-timestamps --config %i.conf
> > +ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log 
> > --status-version 2 --suppress-timestamps --cipher AES-256-GCM --ncp-ciphers 
> > AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC:BF-CBC --config %i.conf
>
> This is why I keep my openvpn servers out of systemd's view -- it
> keeps deciding what's good for us. I want to run my configs as is.
>
> Selva
>
> Openvpn-devel mailing list
> Openvpn-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Sorry for the noise in advance but I agree.
No idea how to keep it out of systemd's view :) but I change the line to
-ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log 
--status-version 2 --suppress-timestamps --config %i.conf
+ExecStart=@sbindir@/openvpn --config %i.conf
and do everything in %i.conf
No unexpected configuration behaviour that way like missing timestamps in log.

Pippin


___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] [PATCH v6 3/3] Add unit tests for engine keys

2020-06-22 Thread James Bottomley 
On Mon, 2020-06-22 at 18:23 +0200, Gert Doering wrote:
> Hi,
> 
> On Sun, Jun 21, 2020 at 08:10:34AM -0700, James Bottomley wrote:
> > > Arne, James, can we converge on something here?
> > 
> > Could someone just test the proposed updated v6 patch on a Mac?
> > 
> > https://sourceforge.net/p/openvpn/mailman/message/37031113/
> 
> Took Arne and me half a day ("the macos build slave did not have
> cmocka, and it went downhill from there") but I can now confirm that
> it works and passes the tests.
> 
> This is on a Mojave MacMini with "brew" openssl 1.1.1c and your patch
> "v6":
> 
> Making check in engine-key
> /Applications/Xcode.app/Contents/Developer/usr/bin/make  libtestengin
> e.la
> ...
> /bin/sh ../../../libtool  --tag=CC   --mode=link gcc -I/usr/local/Cel
> lar/openssl@1.1/1.1.1c/include   -I../../../../openvpn.git/include
> -I/usr/local/Cellar/cmocka/1.1.5/include -I -I -Wall -Wno-unused-
> parameter -Wno-unused-function -g -O2 -std=c99 -L/usr/local/Cellar/op
> enssl@1.1/1.1.1c/lib -lcrypto -lssl   -
> L/usr/local/Cellar/cmocka/1.1.5/lib -lcmocka -rpath /lib -shrext
> .so  -o libtestengine.la  libtestengine_la-libtestengine.lo  -
> lresolv 
> libtool: link: gcc -dynamiclib -Wl,-undefined -Wl,dynamic_lookup -o
> .libs/libtestengine.0.so  .libs/libtestengine_la-libtestengine.o   -L
> /usr/local/Cellar/openssl@1.1/1.1.1c/lib -lcrypto -lssl
> -L/usr/local/Cellar/cmocka/1.1.5/lib -lcmocka -lresolv  -g -O2   -
> install_name  /lib/libtestengine.0.so -compatibility_version 1
> -current_version 1.0 -Wl,-single_module
> libtool: link: (cd ".libs" && rm -f "libtestengine.so" && ln -s
> "libtestengine.0.so" "libtestengine.so")
> libtool: link: ar cru .libs/libtestengine.a  libtestengine_la-
> libtestengine.o
> libtool: link: ranlib .libs/libtestengine.a
> libtool: link: ( cd ".libs" && rm -f "libtestengine.la" && ln -s
> "../libtestengine.la" "libtestengine.la" )
> /Applications/Xcode.app/Contents/Developer/usr/bin/make  check-TESTS
> sed "s|ABSBUILDDIR|/Users/gert/openvpn-build-
> mojave/tests/unit_tests/engine-key|" <
> ../../../../openvpn.git/tests/unit_tests/engine-key/openssl.cnf.in >
> openssl.cnf
> PASS: check_engine_keys.sh
> =
> 1 test passed
> =
> 
> (I'm not sure where it is actually *calling* the
> "check_engine_keys.sh",
> but it says "test passed!" and I see ".so" up there)

Yes, it's using the standard test runner, so if it says PASS/FAIL:

Re: [Openvpn-devel] [PATCH] systemd: Change the default cipher to AES-256-GCM for server configs

2020-06-22 Thread Selva Nair 
On Mon, Jun 22, 2020 at 7:31 AM David Sommerseth  wrote:
>
> This change makes the server use AES-256-GCM instead of BF-CBC as the
> default cipher for the VPN tunnel when starting OpenVPN via systemd
> and the openvpn-server@.service unit file.
>
> To avoid breaking existing running configurations defaulting to BF-CBC,
> the Negotiable Crypto Parameters (NCP) list contains the BF-CBC in
> addition to AES-CBC.  This makes it possible to migrate existing older
> client configurations one-by-one to use at least AES-CBC unless the
> client is updated to v2.4 or newer (which defaults to upgrade to
> AES-GCM automatically)
>
> This has been tested in Fedora 27 (released November 2017) with no
> reported issues.  By making this default for all Linux distributions
> with systemd shipping with the unit files we provide, we gradually
> expand setups using this possibility.  As we gather experience from
> this change, we can further move these changes into the defaults of
> the OpenVPN binary itself with time.
>
> Signed-off-by: David Sommerseth 
> ---
>  Changes.rst   | 15 +++
>  distro/systemd/openvpn-ser...@.service.in |  2 +-
>  2 files changed, 16 insertions(+), 1 deletion(-)
>
> diff --git a/Changes.rst b/Changes.rst
> index 00dd6ed8..e76d3c73 100644
> --- a/Changes.rst
> +++ b/Changes.rst
> @@ -14,6 +14,21 @@ ChaCha20-Poly1305 cipher support
>  channel.
>
>
> +User-visible Changes
> +
> +New default cipher for systemd based Linux distributions
> +For Linux distributions with systemd which packages the systemd unit 
> files
> +from the OpenVPN project, the default cipher is now changed to 
> AES-256-GCM,
> +with BF-CBC as a fallback through the NCP feature.  This change has been
> +tested successfully since the Fedora 27 release (released November 2017).
> +
> +*WARNING*   This MAY break configurations where the client uses
> +``--disable-occ`` feature where the ``--cipher`` has
> +not been explicitly configured on both client and
> +server side.  It is recommended to remove the 
> ``--disable-occ``
> +option *or* explicitly add ``--cipher AES-256-GCM`` on the
> +client side if ``--disable-occ`` is strictly needed.
> +
>  Overview of changes in 2.4
>  ==
>
> diff --git a/distro/systemd/openvpn-ser...@.service.in 
> b/distro/systemd/openvpn-ser...@.service.in
> index d1cc72cb..f3545ff5 100644
> --- a/distro/systemd/openvpn-ser...@.service.in
> +++ b/distro/systemd/openvpn-ser...@.service.in
> @@ -10,7 +10,7 @@ 
> Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
>  Type=notify
>  PrivateTmp=true
>  WorkingDirectory=/etc/openvpn/server
> -ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log 
> --status-version 2 --suppress-timestamps --config %i.conf
> +ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log 
> --status-version 2 --suppress-timestamps --cipher AES-256-GCM --ncp-ciphers 
> AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC:BF-CBC --config %i.conf

This is why I keep my openvpn servers out of systemd's view -- it
keeps deciding what's good for us. I want to run my configs as is.

Selva


___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] [PATCH v6 3/3] Add unit tests for engine keys

2020-06-22 Thread Gert Doering 
Hi,

On Sun, Jun 21, 2020 at 08:10:34AM -0700, James Bottomley wrote:
> > Arne, James, can we converge on something here?
> 
> Could someone just test the proposed updated v6 patch on a Mac?
> 
> https://sourceforge.net/p/openvpn/mailman/message/37031113/

Took Arne and me half a day ("the macos build slave did not have cmocka,
and it went downhill from there") but I can now confirm that it works
and passes the tests.

This is on a Mojave MacMini with "brew" openssl 1.1.1c and your patch
"v6":

Making check in engine-key
/Applications/Xcode.app/Contents/Developer/usr/bin/make  libtestengine.la
...
/bin/sh ../../../libtool  --tag=CC   --mode=link gcc 
-I/usr/local/Cellar/openssl@1.1/1.1.1c/include   
-I../../../../openvpn.git/include -I/usr/local/Cellar/cmocka/1.1.5/include -I 
-I -Wall -Wno-unused-parameter -Wno-unused-function -g -O2 -std=c99 
-L/usr/local/Cellar/openssl@1.1/1.1.1c/lib -lcrypto -lssl   
-L/usr/local/Cellar/cmocka/1.1.5/lib -lcmocka -rpath /lib -shrext .so  -o 
libtestengine.la  libtestengine_la-libtestengine.lo  -lresolv 
libtool: link: gcc -dynamiclib -Wl,-undefined -Wl,dynamic_lookup -o 
.libs/libtestengine.0.so  .libs/libtestengine_la-libtestengine.o   
-L/usr/local/Cellar/openssl@1.1/1.1.1c/lib -lcrypto -lssl 
-L/usr/local/Cellar/cmocka/1.1.5/lib -lcmocka -lresolv  -g -O2   -install_name  
/lib/libtestengine.0.so -compatibility_version 1 -current_version 1.0 
-Wl,-single_module
libtool: link: (cd ".libs" && rm -f "libtestengine.so" && ln -s 
"libtestengine.0.so" "libtestengine.so")
libtool: link: ar cru .libs/libtestengine.a  libtestengine_la-libtestengine.o
libtool: link: ranlib .libs/libtestengine.a
libtool: link: ( cd ".libs" && rm -f "libtestengine.la" && ln -s 
"../libtestengine.la" "libtestengine.la" )
/Applications/Xcode.app/Contents/Developer/usr/bin/make  check-TESTS
sed 
"s|ABSBUILDDIR|/Users/gert/openvpn-build-mojave/tests/unit_tests/engine-key|" < 
../../../../openvpn.git/tests/unit_tests/engine-key/openssl.cnf.in > openssl.cnf
PASS: check_engine_keys.sh
=
1 test passed
=

(I'm not sure where it is actually *calling* the "check_engine_keys.sh",
but it says "test passed!" and I see ".so" up there)

[..]
> Right, that's what the patch in the url does: uses .so on both mac and
> linux.

I got all confused with your "v6" patch and your "v7" patch, which did
other things, and but did not have a "v6" in the history :-)

*This* patch definitely looks like it's doing the right thing on MacOS.

gert
-- 
"If was one thing all people took for granted, was conviction that if you 
 feed honest figures into a computer, honest figures come out. Never doubted 
 it myself till I met a computer with a sense of humor."
 Robert A. Heinlein, The Moon is a Harsh Mistress

Gert Doering - Munich, Germany g...@greenie.muc.de


signature.asc
Description: PGP signature
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

[Openvpn-devel] [PATCH v4 3/3] Implement tls-groups option to specify eliptic curves/groups

2020-06-22 Thread Arne Schwabe 
By default OpenSSL 1.1+ only allows signatures and ecdh/ecdhx from the
default list of X25519:secp256r1:X448:secp521r1:secp384r1. In
TLS1.3 key exchange is independent from the signature/key of the
certificates, so allowing all groups per default is not a sensible
choice anymore and instead a shorter list is reasonable.

However, when using certificates with exotic curves that are not on
the group list, the signatures of these certificates will no longer
be accepted.

The tls-groups  option allows to modify the group list to account
for these corner cases.

Patch V2: Uses local gc_arena instead of malloc/free, reword commit
  message. Fix other typos/clarify messages

Patch V3: Style fixes, adjust code to changes from mbed tls session
  fix

Patch V4: Resend V3 as V4 as the invalid V3 confused patchwork and Gert.

Signed-off-by: Arne Schwabe 
---
 README.ec |  7 ++---
 doc/openvpn.8 | 33 ++-
 src/openvpn/options.c | 10 ++-
 src/openvpn/options.h |  1 +
 src/openvpn/ssl.c |  6 +
 src/openvpn/ssl_backend.h | 10 +++
 src/openvpn/ssl_mbedtls.c | 46 
 src/openvpn/ssl_mbedtls.h |  1 +
 src/openvpn/ssl_openssl.c | 55 ++-
 9 files changed, 163 insertions(+), 6 deletions(-)

diff --git a/README.ec b/README.ec
index 32938017..61f23b2e 100644
--- a/README.ec
+++ b/README.ec
@@ -12,14 +12,15 @@ OpenVPN 2.4.0 and newer automatically initialize ECDH 
parameters. When ECDSA is
 used for authentication, the curve used for the server certificate will be used
 for ECDH too. When autodetection fails (e.g. when using RSA certificates)
 OpenVPN lets the crypto library decide if possible, or falls back to the
-secp384r1 curve.
+secp384r1 curve. The list of groups/curves that the crypto library will choose
+from can be set with the --tls-groups  option.
 
 An administrator can force an OpenVPN/OpenSSL server to use a specific curve
 using the --ecdh-curve  option with one of the curves listed as
-available by the --show-curves option. Clients will use the same curve as
+available by the --show-groups option. Clients will use the same curve as
 selected by the server.
 
-Note that not all curves listed by --show-curves are available for use with 
TLS;
+Note that not all curves listed by --show-groups are available for use with 
TLS;
 in that case connecting will fail with a 'no shared cipher' TLS error.
 
 Authentication (ECDSA)
diff --git a/doc/openvpn.8 b/doc/openvpn.8
index dcc72abe..f35a4f64 100644
--- a/doc/openvpn.8
+++ b/doc/openvpn.8
@@ -5107,6 +5107,8 @@ Use
 to see a list of TLS ciphers supported by your crypto library.
 
 Warning!
+.B \-\-tls\-groups
+,
 .B \-\-tls\-cipher
 and
 .B \-\-tls\-ciphersuites
@@ -5122,6 +5124,33 @@ OpenSSL.
 The default for \-\-tls\-ciphersuites is to use the crypto library's default.
 .\"*
 .TP
+.B \-\-tls\-groups l
+A list
+.B l
+of allowable groups/curves in order of preference.
+
+Set the allowed elictipic curves/groups for the TLS session.
+These groups are  allowed to be used in signatures and key exchange.
+
+mbed TLS currently allows all known curves per default.
+
+OpenSSL 1.1+ restricts the list per default to
+"X25519:secp256r1:X448:secp521r1:secp384r1".
+
+If you use certificates that use non-standard curves, you
+might need to add them here. If you do not force the ecdh curve
+by using
+.B \-\-ecdh\-curve
+, the groups for ecdh will also be picked from this list.
+
+OpenVPN maps the curve name secp256r1 to prime256v1 to allow
+specifying the same tls-groups option for mbed TLS and OpenSSL.
+
+Warning: this option not only affects eliptic curve certificates
+but also the key exchange in TLS 1.3 and using this option improperly
+will disable TLS 1.3.
+.\"*
+.TP
 .B \-\-tls\-cert\-profile profile
 Set the allowed cryptographic algorithms for certificates according to
 .B profile\fN.
@@ -5887,8 +5916,10 @@ engines supported by the OpenSSL library.
 .TP
 .B \-\-show\-curves
 (Standalone)
-Show all available elliptic curves to use with the
+Show all available elliptic groups/curves to use with the
 .B \-\-ecdh\-curve
+and
+.B \-\-tls\-groups
 option.
 .\"*
 .SS Generating key material:
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 16f9da6a..0c1d590c 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -7947,7 +7947,7 @@ add_option(struct options *options,
 VERIFY_PERMISSION(OPT_P_GENERAL);
 options->show_tls_ciphers = true;
 }
-else if (streq(p[0], "show-curves") && !p[1])
+else if ((streq(p[0], "show-curves") || streq(p[0], "show-groups")) && 
!p[1])
 {
 VERIFY_PERMISSION(OPT_P_GENERAL);
 options->show_curves = true;
@@ -7955,6 +7955,9 @@ add_option(struct options *options,
 else

Re: [Openvpn-devel] [PATCH] systemd: Change the default cipher to AES-256-GCM for server configs

2020-06-22 Thread Arne Schwabe 
Am 22.06.20 um 14:43 schrieb Steffan Karger:
> Hi,
> 
> On 22-06-2020 14:29, David Sommerseth wrote:
>> On 22/06/2020 14:21, Arne Schwabe wrote:
>>>
  PrivateTmp=true
  WorkingDirectory=/etc/openvpn/server
 -ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log 
 --status-version 2 --suppress-timestamps --config %i.conf
 +ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log 
 --status-version 2 --suppress-timestamps --cipher AES-256-GCM 
 --ncp-ciphers AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC:BF-CBC 
 --config %i.conf
  CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE 
 CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE 
 CAP_AUDIT_WRITE
  LimitNPROC=10
  DeviceAllow=/dev/null rw

>>>
>>> NACK.
>>>
>>> Setting ncp-cipher to include BF-CBC by default allows BF-CBC in configs
>>> that did not allow it before. Basically any config that had something
>>> other than cipher BF-CBC and no ncp-ciphers in it will now allow clients
>>> with BF-CBC to connect. I don't want force users to set ncp-cipher to a
>>> sane value since the systemd unit file doesn't.
>>
>> That will break existing configs on the next upgrade.  Do we want do do that?
>>
>> I'm fine with removing BF-CBC, but it is scheduled for removal in OpenVPN 
>> 2.6.
> 
> I think Arne has a very good point that it's kinda weird to "degrade"
> the NCP defaults.
> 
> Making AES-256-GCM the default cipher for TLS-based connections (GCM
> won't work with static key configs) does not imply *removing* BF-CBC
> support. Maybe these should be the steps:
> 
> 2.4: Use to AES-256-GCM when available (basically what NCP did)
> 2.5: Switch to AES-256-GCM as the default cipher (but allow overriding)
> 2.6: Remove support for small block ciphers all together
> 
> Yes, this will probably break some (less secure) setups and make some
> people angry. But at some point people need to move on. We've been
> throwing warnings at them for a while now.

I had a different suggestion in the channel:

- Deprecate ncp-disable. Reason: Was a good debug switch when introduced
should not be necessary anymore.

- Introduce ncp-fallback-cipher for compatibility with ncp-disable/old
versions
- needs to be a cipher from ncp-ciphers list
- Eventually default the first cipher from ncp-ciphers list
- in 2.5 default to --cipher if --cipher is set and automatically
add cipher to ncp-ciphers and set ncp-fallback-cipher.

- If cipher is not set
a) warn about that cipher will be ignored in p2mp mode and if BF-CBC is
still needed (e.g. peer 2.3 or older) that ncp-fallback-cipher should be set
b) same a) but do it automatically for the user+warn


This allows us to eventually get rid of --cipher while providing still a
smooth transaction.

Arne



signature.asc
Description: OpenPGP digital signature
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] [PATCH] systemd: Change the default cipher to AES-256-GCM for server configs

2020-06-22 Thread Steffan Karger 
Hi,

On 22-06-2020 14:29, David Sommerseth wrote:
> On 22/06/2020 14:21, Arne Schwabe wrote:
>>
>>>  PrivateTmp=true
>>>  WorkingDirectory=/etc/openvpn/server
>>> -ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log 
>>> --status-version 2 --suppress-timestamps --config %i.conf
>>> +ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log 
>>> --status-version 2 --suppress-timestamps --cipher AES-256-GCM --ncp-ciphers 
>>> AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC:BF-CBC --config %i.conf
>>>  CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE 
>>> CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE 
>>> CAP_AUDIT_WRITE
>>>  LimitNPROC=10
>>>  DeviceAllow=/dev/null rw
>>>
>>
>> NACK.
>>
>> Setting ncp-cipher to include BF-CBC by default allows BF-CBC in configs
>> that did not allow it before. Basically any config that had something
>> other than cipher BF-CBC and no ncp-ciphers in it will now allow clients
>> with BF-CBC to connect. I don't want force users to set ncp-cipher to a
>> sane value since the systemd unit file doesn't.
> 
> That will break existing configs on the next upgrade.  Do we want do do that?
> 
> I'm fine with removing BF-CBC, but it is scheduled for removal in OpenVPN 2.6.

I think Arne has a very good point that it's kinda weird to "degrade"
the NCP defaults.

Making AES-256-GCM the default cipher for TLS-based connections (GCM
won't work with static key configs) does not imply *removing* BF-CBC
support. Maybe these should be the steps:

2.4: Use to AES-256-GCM when available (basically what NCP did)
2.5: Switch to AES-256-GCM as the default cipher (but allow overriding)
2.6: Remove support for small block ciphers all together

Yes, this will probably break some (less secure) setups and make some
people angry. But at some point people need to move on. We've been
throwing warnings at them for a while now.

-Steffan


___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] [PATCH] systemd: Change the default cipher to AES-256-GCM for server configs

2020-06-22 Thread David Sommerseth 
On 22/06/2020 14:21, Arne Schwabe wrote:
> 
>>  PrivateTmp=true
>>  WorkingDirectory=/etc/openvpn/server
>> -ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log 
>> --status-version 2 --suppress-timestamps --config %i.conf
>> +ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log 
>> --status-version 2 --suppress-timestamps --cipher AES-256-GCM --ncp-ciphers 
>> AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC:BF-CBC --config %i.conf
>>  CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE 
>> CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE 
>> CAP_AUDIT_WRITE
>>  LimitNPROC=10
>>  DeviceAllow=/dev/null rw
>>
> 
> NACK.
> 
> Setting ncp-cipher to include BF-CBC by default allows BF-CBC in configs
> that did not allow it before. Basically any config that had something
> other than cipher BF-CBC and no ncp-ciphers in it will now allow clients
> with BF-CBC to connect. I don't want force users to set ncp-cipher to a
> sane value since the systemd unit file doesn't.

That will break existing configs on the next upgrade.  Do we want do do that?

I'm fine with removing BF-CBC, but it is scheduled for removal in OpenVPN 2.6.




-- 
kind regards,

David Sommerseth
OpenVPN Inc




signature.asc
Description: OpenPGP digital signature
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] [PATCH] systemd: Change the default cipher to AES-256-GCM for server configs

2020-06-22 Thread Arne Schwabe 

>  PrivateTmp=true
>  WorkingDirectory=/etc/openvpn/server
> -ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log 
> --status-version 2 --suppress-timestamps --config %i.conf
> +ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log 
> --status-version 2 --suppress-timestamps --cipher AES-256-GCM --ncp-ciphers 
> AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC:BF-CBC --config %i.conf
>  CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE 
> CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE 
> CAP_AUDIT_WRITE
>  LimitNPROC=10
>  DeviceAllow=/dev/null rw
> 

NACK.

Setting ncp-cipher to include BF-CBC by default allows BF-CBC in configs
that did not allow it before. Basically any config that had something
other than cipher BF-CBC and no ncp-ciphers in it will now allow clients
with BF-CBC to connect. I don't want force users to set ncp-cipher to a
sane value since the systemd unit file doesn't.

Arne



signature.asc
Description: OpenPGP digital signature
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

[Openvpn-devel] [PATCH] systemd: Change the default cipher to AES-256-GCM for server configs

2020-06-22 Thread David Sommerseth 
This change makes the server use AES-256-GCM instead of BF-CBC as the
default cipher for the VPN tunnel when starting OpenVPN via systemd
and the openvpn-server@.service unit file.

To avoid breaking existing running configurations defaulting to BF-CBC,
the Negotiable Crypto Parameters (NCP) list contains the BF-CBC in
addition to AES-CBC.  This makes it possible to migrate existing older
client configurations one-by-one to use at least AES-CBC unless the
client is updated to v2.4 or newer (which defaults to upgrade to
AES-GCM automatically)

This has been tested in Fedora 27 (released November 2017) with no
reported issues.  By making this default for all Linux distributions
with systemd shipping with the unit files we provide, we gradually
expand setups using this possibility.  As we gather experience from
this change, we can further move these changes into the defaults of
the OpenVPN binary itself with time.

Signed-off-by: David Sommerseth 
---
 Changes.rst   | 15 +++
 distro/systemd/openvpn-ser...@.service.in |  2 +-
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/Changes.rst b/Changes.rst
index 00dd6ed8..e76d3c73 100644
--- a/Changes.rst
+++ b/Changes.rst
@@ -14,6 +14,21 @@ ChaCha20-Poly1305 cipher support
 channel.
 
 
+User-visible Changes
+
+New default cipher for systemd based Linux distributions
+For Linux distributions with systemd which packages the systemd unit files
+from the OpenVPN project, the default cipher is now changed to AES-256-GCM,
+with BF-CBC as a fallback through the NCP feature.  This change has been
+tested successfully since the Fedora 27 release (released November 2017).
+
+*WARNING*   This MAY break configurations where the client uses
+``--disable-occ`` feature where the ``--cipher`` has
+not been explicitly configured on both client and
+server side.  It is recommended to remove the ``--disable-occ``
+option *or* explicitly add ``--cipher AES-256-GCM`` on the
+client side if ``--disable-occ`` is strictly needed.
+
 Overview of changes in 2.4
 ==
 
diff --git a/distro/systemd/openvpn-ser...@.service.in 
b/distro/systemd/openvpn-ser...@.service.in
index d1cc72cb..f3545ff5 100644
--- a/distro/systemd/openvpn-ser...@.service.in
+++ b/distro/systemd/openvpn-ser...@.service.in
@@ -10,7 +10,7 @@ Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
 Type=notify
 PrivateTmp=true
 WorkingDirectory=/etc/openvpn/server
-ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log 
--status-version 2 --suppress-timestamps --config %i.conf
+ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log 
--status-version 2 --suppress-timestamps --cipher AES-256-GCM --ncp-ciphers 
AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC:BF-CBC --config %i.conf
 CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE 
CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE 
CAP_AUDIT_WRITE
 LimitNPROC=10
 DeviceAllow=/dev/null rw
-- 
2.26.0



___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel