On 26/06/17 15:21, David Sommerseth wrote: > On 26/06/17 14:12, Arne Schwabe wrote: >> Am 26.06.17 um 13:51 schrieb David Sommerseth: >>> On 26/06/17 13:13, Arne Schwabe wrote: >>>> OpenSSL 1.1 does not allow MD5 signed certificates by default anymore. >>>> This can be enabled again by settings tls-cipher "DEFAULT:@SECLEVEL=0" but >>>> only if the cipher list is set before loading the certificates. This patch >>>> changes the order of loading. >>> >>> I'm not fully convinced of the argumentation for this feature - unless >>> something have changed in OpenSSL 1.1. I believe the same can be >>> achieved by setting an environment variable before starting OpenVPN. >>> >>> $ OPENSSL_ENABLE_MD5_VERIFY=1 /usr/sbin/openvpn .... >>> >>> I know several Fedora users have deployed this, even when systemd is >>> involved. This is needed on systems with OpenSSL 1.0 as well when they >>> connect to a server having an MD5 based certificate or signed by a CA >>> with an MD5 based certificate. >>> >>> So unless OpenSSL 1.1 have changed this behaviour from OpenSSL 1.0, I'm >>> not really convinced we need this. >>> >>> >> >> See this also a bugfix. Since tls-cipher options affect certificate >> loading, it is good to set it before certificate loading. E.g. you might >> want to use @SECLEVEL=5 to only allow loading of SHA256 based certificates. Oh, btw ... We need to align this with another patch-set from Steffan. There is a feature we have in OpenVPN 3 and the proposed patches from Steffan which adds --tls-cert-profile. This is aimed at controlling what kind of TLS security parameters which is required.
Currently there is an agreement of the following profiles:
- legacy: SHA1 and newer, RSA 2048-bit+, any elliptic curve.
- preferred: SHA2 and newer, RSA 2048-bit+, any elliptic curve.
(default in v2.5)
- suiteb: SHA256/SHA384, ECDSA with P-256 or P-384.
The mbed TLS definition of these profiles in OpenVPN 3 is like this.
const mbedtls_x509_crt_profile crt_profile_legacy = // CONST GLOBAL
{
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) |
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_RIPEMD160 ) |
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) |
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) |
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ),
0xFFFFFFF, /* Any PK alg */
0xFFFFFFF, /* Any curve */
1024, /* Minimum size for RSA keys */
};
const mbedtls_x509_crt_profile crt_profile_preferred = // CONST GLOBAL
{
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) |
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ),
0xFFFFFFF, /* Any PK alg */
0xFFFFFFF, /* Any curve */
2048, /* Minimum size for RSA keys */
};
The suiteb profile is just reusing the mbed TLS definition directly.
With that said ... The legacy profile does not include MD5. So either
we allow MD5 into the legacy profile; or we need legacy-md5.
--
kind regards,
David Sommerseth
OpenVPN Technologies, Inc
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
