Am 22.06.20 um 14:43 schrieb Steffan Karger: > Hi, > > On 22-06-2020 14:29, David Sommerseth wrote: >> On 22/06/2020 14:21, Arne Schwabe wrote: >>> >>>> PrivateTmp=true >>>> WorkingDirectory=/etc/openvpn/server >>>> -ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log >>>> --status-version 2 --suppress-timestamps --config %i.conf >>>> +ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log >>>> --status-version 2 --suppress-timestamps --cipher AES-256-GCM >>>> --ncp-ciphers AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC:BF-CBC >>>> --config %i.conf >>>> CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE >>>> CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE >>>> CAP_AUDIT_WRITE >>>> LimitNPROC=10 >>>> DeviceAllow=/dev/null rw >>>> >>> >>> NACK. >>> >>> Setting ncp-cipher to include BF-CBC by default allows BF-CBC in configs >>> that did not allow it before. Basically any config that had something >>> other than cipher BF-CBC and no ncp-ciphers in it will now allow clients >>> with BF-CBC to connect. I don't want force users to set ncp-cipher to a >>> sane value since the systemd unit file doesn't. >> >> That will break existing configs on the next upgrade. Do we want do do that? >> >> I'm fine with removing BF-CBC, but it is scheduled for removal in OpenVPN >> 2.6. > > I think Arne has a very good point that it's kinda weird to "degrade" > the NCP defaults. > > Making AES-256-GCM the default cipher for TLS-based connections (GCM > won't work with static key configs) does not imply *removing* BF-CBC > support. Maybe these should be the steps: > > 2.4: Use to AES-256-GCM when available (basically what NCP did) > 2.5: Switch to AES-256-GCM as the default cipher (but allow overriding) > 2.6: Remove support for small block ciphers all together > > Yes, this will probably break some (less secure) setups and make some > people angry. But at some point people need to move on. We've been > throwing warnings at them for a while now.
I had a different suggestion in the channel:
- Deprecate ncp-disable. Reason: Was a good debug switch when introduced
should not be necessary anymore.
- Introduce ncp-fallback-cipher for compatibility with ncp-disable/old
versions
- needs to be a cipher from ncp-ciphers list
- Eventually default the first cipher from ncp-ciphers list
- in 2.5 default to --cipher if --cipher is set and automatically
add cipher to ncp-ciphers and set ncp-fallback-cipher.
- If cipher is not set
a) warn about that cipher will be ignored in p2mp mode and if BF-CBC is
still needed (e.g. peer 2.3 or older) that ncp-fallback-cipher should be set
b) same a) but do it automatically for the user+warn
This allows us to eventually get rid of --cipher while providing still a
smooth transaction.
Arne
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
