Set TLS 1.2 as minimum by default

Do not accept handshakes with peers trying to negotiate TLS lower than 1.2.

TLS 1.1 and 1.0 are not recommended and therefore we will, by default,
allow TLS 1.2 as minimum version.

The minimum allowed version can still be controlled via
'--tls-version-min'.

At the same time automatically set '--tls-version-min' to 1.0 if the
user requires compatibility with versions onlder than 2.3.7, as that was
the only version supported back then.

Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20210913192929.26391-1-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg22838.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/Changes.rst b/Changes.rst
index 2393e31d527a8bd5962d63bd33437e35a554b301..d24b6d20fdd1173d7f099042945faf686a3305e9 100644 (file)
--- a/Changes.rst
+++ b/Changes.rst
@@ -71,6 +71,11 @@ Deprecated features
     This option mainly served a role as debug option when NCP was first
     introduced. It should now no longer be necessary.
 
+TLS 1.0 and 1.1 are deprecated
+    ``tls-version-min`` is set to 1.2 by default.  OpenVPN 2.6.0 defaults
+    to a minimum TLS version of 1.2 as TLS 1.0 and 1.1 should be generally
+    avoided. Note that OpenVPN versions older than 2.3.7 use TLS 1.0 only.
+
 ``--cipher`` argument is no longer appended to ``--data-ciphers``
     by default. Data cipher negotiation has been introduced in 2.4.0
     and been significantly improved in 2.5.0. The implicit fallback

diff --git a/doc/man-sections/generic-options.rst b/doc/man-sections/generic-options.rst
index 3e099e129ee0d4ae5e9abae873097c10342175c9..e6c1fe4558fb93461dac454a655a2c29ae49e107 100644 (file)
--- a/doc/man-sections/generic-options.rst
+++ b/doc/man-sections/generic-options.rst
@@ -70,6 +70,8 @@ which mode OpenVPN is configured as.
     ``--data-ciphers``
   - 2.3.x or lower: ``--data-cipher-fallback`` is automatically added with
     the same cipher as ``--cipher``
+  - 2.3.6 or lower: ``--tls-version-min 1.0`` is added to the configuration
+    when ``--tls-version-min`` is not explicitly set.
 
 --config file
   Load additional config options from ``file`` where each line corresponds

diff --git a/doc/man-sections/tls-options.rst b/doc/man-sections/tls-options.rst
index 00ea063af75a9994b22eb4e74c2a023e5d1f81c2..eaf38395d9ae7660ad8b557ffa38ddc0f094164e 100644 (file)
--- a/doc/man-sections/tls-options.rst
+++ b/doc/man-sections/tls-options.rst
@@ -545,8 +545,8 @@ certificates and keys: https://github.com/OpenVPN/easy-rsa
   them.
 
 --tls-version-min args
-  Sets the minimum TLS version we will accept from the peer (default is
-  "1.0").
+  Sets the minimum TLS version we will accept from the peer (default in
+  2.6.0 and later is "1.2").
 
   Valid syntax:
   ::

diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 4b6655d92dffb0ee8be306667395d4c30e432b89..b3a83aa126687c9778b3e26c6b4698662db8135b 100644 (file)
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -3164,6 +3164,21 @@ need_compatibility_before(const struct options *o, unsigned int version)
 static void
 options_set_backwards_compatible_options(struct options *o)
 {
+    /* TLS min version is not set */
+    if ((o->ssl_flags & SSLF_TLS_VERSION_MIN_MASK) == 0)
+    {
+        if (need_compatibility_before(o, 20307))
+        {
+            /* 2.3.6 and earlier have TLS 1.0 only, set minimum to TLS 1.0 */
+            o->ssl_flags = (TLS_VER_1_0 << SSLF_TLS_VERSION_MIN_SHIFT);
+        }
+        else
+        {
+            /* Use TLS 1.2 as proper default */
+            o->ssl_flags = (TLS_VER_1_2 << SSLF_TLS_VERSION_MIN_SHIFT);
+        }
+    }
+
     /* Versions < 2.5.0 do need --cipher in the list of accepted ciphers.
      * Version 2.4 might probably does not need it but NCP was not so
      * good with 2.4 and ncp-disable might be more common on 2.4 peers.