git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Arne Schwabe <arne@rfc2549.org>
	Thu, 1 Apr 2021 11:00:03 +0000 (13:00 +0200)
committer	Gert Doering <gert@greenie.muc.de>
	Fri, 2 Apr 2021 18:17:03 +0000 (20:17 +0200)
commit	a31c4b73f56e1dddda64ba15b27f0c5b2c6a26d4
tree	87d7f5617ee68592faec9cc1b9f0a24f5250b5e4	tree
parent	a177388735566c3d7c3120860ceea71b81db5c34	commit \| diff

Always disable TLS renegotiations

Renegotiations have been troublesome in the past and also the recent
OpenSSL security problem (CVE-2021-3449) is only exploitable if
TLS renegotiation is enabled.

mbed TLS disables it by default and says in the documentation:

Warning: It is recommended to always disable renegotation unless you
know you need it and you know what you're doing. In the past, there
have been several issues associated with renegotiation or a poor
understanding of its properties.

TLS renegotiation can be used to restart a session with different
parameters (e.g. now with client certs). This something that OpenVPN does
not use.

For OpenSSL 1.0.2 the workaround to disable renegotiation is rather
cumbersome. So we keep this to 1.1.1 only since 1.0.2 is on its way to
deprecation anyway.

Furthermore because of all these problems, also TLS 1.3 completely
drops support for renegotiations.

Patch V2: Improve comments and commit message
Patch V3: Only disable renegotiation where the SSL_OP_NO_RENEGOTIATION
define is available. LibreSSL, wolfSSL and OpenSSL 1.0.2 are
lacking this macro.
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Antonio Quartulli <antonio@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20210401110003.19689-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg21939.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 9e702a5d0f1d8ca0443d95ba13fc821deaa81d48)

src/openvpn/ssl_mbedtls.c		diff \| blob \| blame \| history
src/openvpn/ssl_openssl.c		diff \| blob \| blame \| history