From a256aee8e70ceb7059b9da69bc3e7cccbd094916 Mon Sep 17 00:00:00 2001 From: David Sommerseth Date: Fri, 23 Dec 2016 17:07:44 +0100 Subject: [PATCH] docs: Further enhance the documentation related to SWEET32 The git master/2.4 code lacked some useful information about the changes to --reneg-bytes, SWEET32 and weak ciphers (less than 128-bits cipher blocks) v2 - Fixed a couple of grammar/typo issues Signed-off-by: David Sommerseth Acked-by: Steffan Karger Message-Id: <1482509264-24550-1-git-send-email-davids@openvpn.net> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13682.html --- Changes.rst | 6 ++++++ doc/openvpn.8 | 13 ++++++++++--- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/Changes.rst b/Changes.rst index 8508fa3fa..df5ccb631 100644 --- a/Changes.rst +++ b/Changes.rst @@ -182,6 +182,12 @@ Deprecated features User-visible Changes -------------------- +- When using ciphers with cipher blocks less than 128-bits + OpenVPN will complain loudly if the configuration uses ciphers considered + weak, such as the SWEET32 attack vector. In such scenarios, OpenVPN will by + default do a renegotiation for each 64MB of transported data (``--reneg-bytes``). + This renegotiation can be disabled, but is HIGHLY DISCOURAGED. + - For certificate DNs with duplicate fields, e.g. "OU=one,OU=two", both fields are now exported to the environment, where each second and later occurrence of a field get _$N appended to it's field name, starting at N=1. For the diff --git a/doc/openvpn.8 b/doc/openvpn.8 index b1ca9ed9c..b1bb39c72 100644 --- a/doc/openvpn.8 +++ b/doc/openvpn.8 @@ -4876,11 +4876,18 @@ such as TCP expect this role to be left to them. .B \-\-reneg\-bytes n Renegotiate data channel key after .B n -bytes sent or received (disabled by default). +bytes sent or received (disabled by default with an exception, see below). OpenVPN allows the lifetime of a key -to be expressed as a number of bytes encrypted/decrypted, a number of packets, or -a number of seconds. A key renegotiation will be forced +to be expressed as a number of bytes encrypted/decrypted, a number of packets, +or a number of seconds. A key renegotiation will be forced if any of these three criteria are met by either peer. + +If using ciphers with cipher block sizes less than 128-bits, \-\-reneg\-bytes is +set to 64MB by default, unless it is explicitly disabled by setting the value to +0, but this is +.B HIGHLY DISCOURAGED +as this is designed to add some protection against the SWEET32 attack vector. +For more information see the \-\-cipher option. .\"********************************************************* .TP .B \-\-reneg\-pkts n -- 2.47.2