Re: [Swan] Is it possible to not be strict with rightid?

Mon, 30 Apr 2018 09:13:45 -0700 

On Thu, 26 Apr 2018, Xinwei Hong wrote:


Thank you Paul.So, seems it cannot be more tolerant if right !=%any. Right?


Do you understand that making it more tolerant is a security issue?

Image a cloud with web.example, mail.example.com and client.example.com.
All have certificates.

Now web.example.com gets compromised. It takes over the IP of
mail.example.com. Now when client.example.com connects to the IP
of mail.example.com, and the compromised web.example.come uses
the ID of mail.example.com. Then when it comes time to present a
valid certificate, since it does not have the cert for mail, it
will present its own web.example.com certificate. This cert is
valid and verifies properly. And now the client will send email
to the compromised web server.

This is why there is a restriction so that the ID presented during
an IKE exchange, when using certificates, MUST be present as an ID
(either CN= or subjectAltName) in the certificate it will use.

When doing authby=secret this restriction does not apply, since there
are no certificates in place and both parties can decide on whatever
strings they like.


In our case, we do provide both left and right with specific IP. 


Note there is a difference between right/left and rightid/leftid

You can still use:

        left=1.2.3.4
        right=5.6.7.8
        authby=secret
        leftid=@server
        rightid=@remoteusers

In this case, the right ID tend to be called "group ID" since every
client in this group will use the same ID (and the same secret/PSK)

Paul


Thanks,
Xinwei


On Thu, Apr 26, 2018 at 2:01 PM, Paul Wouters <[email protected]> wrote:
      On Thu, 26 Apr 2018, Xinwei Hong wrote:

            Currently, 'rightid' is default to 'left'. However, a lot of time 
the remote peer software cannot send
            out correct rightid (e.g. internal private IP
            was used). When we were using racoon, racoon seems to be more 
tolerant and works OK when rightid
            mismatches. With pluto, we would have to specific
            rightid= whatever the other end sends. Is there a global switch 
that we can turn libreswan to have
            similar behavior as racoon, i.e. be more tolerant
            with rightid?


      We already did that when specifying right=%any and authby=secret. We
      know this really means a "group PSK" where ID of IP makes no sense.

      But that code is post 3.23 so please try either a pre-release from
      download.libreswan.org/development/ or wait a couple of days for 3.24 ?

      Paul





_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan






















					Reply via email to