On 1/31/2022 6:32 PM, Paul Wouters wrote:
I have just checked the January 1st, 2022 security upgrade for
Samsung Android 11, and it still requires USE_DH2 compile time
option to connect L2TP IKEv1 VPN.
I just thought of a vendor compatibility/interoperability matrix
that we would maintain. Do we already have such a thing implemented?
We don't. We do keep a list of supported algorithms. Interoperability
almost often can be fixed with configuration changes. It is rare that
two devices do not have an overlap in supported algorithms.
Ah, I understand. That is similar to the algorithm negotiation in TLS?
Android uses mtpd for its L2TP and PPTP implementations and
ipsec-tools for IKEv1, here are the corresponding AOSP (i.e. Android
Open Source Project) repositories :
https://android.googlesource.com/platform/external/mtpd/
https://android.googlesource.com/platform/external/ipsec-tools/
I think the Android hardware manufactures hardly ever deviate from
the AOSP implementations of mtpd and ipsec-tools.
If you have a look at the master source code of setup.c in ipsec-tools :
https://android.googlesource.com/platform/external/ipsec-tools/+/refs/heads/master/setup.c
You'll note for the add_proposal() function that
OAKLEY_ATTR_GRP_DESC_MODP1024 is hard coded for the DH group.
This is good to know. I'll add an entry to our FAQ.
It looks like aged source (2011). Is it still maintained?
Google decided to remove L2TP (and PPTP) from their Pixel 6 Android
12 phone, so I don't think there is much hope in Android ever
supporting something better than modp1024 (DH2) for its L2TP/IPsec
VPN implementation.
Yes, IKEv1 stuff really should not be shipped anymore. The only reason
Android did it for so long was because they had no IKEv2 support at all
(libreswan and strongswan are GPL licensed, so they could not use it)
I am not that certain. L2TP is going to be around for a while more
because it is so easy to set up with PSK.
And you have yourself said that governments break MODP1024 DH group in
offline attacks, so theoretically Iran could record VPNs of humanitarian
workers or North Korea of South Koreans and break that when they have
stronger computers available.
What is today theoretical could be a practical attack in just a few years.
IMHO Google should patch L2TP client, since many servers offer only
that. It is still the first VPN I was introduced with, so I guess may
will go the same path. My $0.02.
Kind regards,
Mirsad
--
Mirsad Goran Todorovac
CARNet sistem inženjer
Grafički fakultet | Akademija likovnih umjetnosti
Sveučilište u Zagrebu
--
CARNet system engineer
Faculty of Graphic Arts | Academy of Fine Arts
University of Zagreb, Republic of Croatia
tel. +385 (0)1 3711 451
mob. +385 91 57 88 355
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
