openvpn-install icon indicating copy to clipboard operation
openvpn-install copied to clipboard

Published 20 hours ago verified publisher icon angristan

TLS 1.3 support

Open x0r2d2 opened this issue 4 years ago • 12 comments

Hello to dev team!

Just noticed that Openvpn Connect for Android now supports tls 1.3 ciphers (still beta).

23:53:28.237 -- SSL Handshake: CN=server_icij7YmhfXXXXXXX, TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384

Openvpn for Android also supports tls 1.3. I think all other apps also support tls 1.3 with openssl 1.1.1c.

IMG_20200426_000821

Maybe we can update config to use tls 1.3 only?

x0r2d2 avatar Apr 25 '20 19:04 x0r2d2

That would be great but it requires some rewrite:

  • There are new ciphersuites that only work in TLSv1.3. The old ciphersuites cannot be used for TLSv1.3 connections and the new ones cannot be used in TLSv1.2 and below.
  • The new ciphersuites are defined differently and do not specify the certificate type (e.g. RSA, DSA, ECDSA) or the key exchange mechanism (e.g. DHE or ECHDE). This has implications for ciphersuite configuration.
  • DSA certificates are no longer allowed in TLSv1.3 connections

Source: OpenSSL wiki

use tls 1.3 only

@hybtoy I don't think we can yet. Changing the config to TLS 1.3 breaks compatibility with Ubuntu 16.04, Centos 7 and Debian 9 because they don't have openssl 1.1.1 in the repositories.

Adding support for 1.3 and not dropping 1.2 in the same script adds some code and test cases... @angristan if you're ok with this or maybe we can use another branch for 1.3 only like we did for openvpn 2.4?

randshell avatar Apr 25 '20 23:04 randshell

Openvpn will provide TLS 1.3 as it becomes available like so: Sat Apr 25 23:01:18 2020 us=464971 tct.66.c.ub18/ip.add.re.ss:3455 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 384 bit EC, curve: secp384r1

TinCanTech avatar Apr 26 '20 00:04 TinCanTech

@TinCanTech Github saves previous comments where you pasted your IP. You may want to delete them https://help.github.com/en/enterprise/2.19/user/github/building-a-strong-community/tracking-changes-in-a-comment

randshell avatar Apr 26 '20 01:04 randshell

It is a mutable client IP .. of no interest to anybody. I simply cleaned up the comment. But thanks for the pointer !

TinCanTech avatar Apr 26 '20 01:04 TinCanTech

Openvpn will provide TLS 1.3 as it becomes available like so: Sat Apr 25 23:01:18 2020 us=464971 tct.66.c.ub18/ip.add.re.ss:3455 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 384 bit EC, curve: secp384r1

Thanks @TinCanTech

So there isn't a need to explicit this configuration in the script now. The renegotiation handles it and uses a secure default already.

randshell avatar May 06 '20 11:05 randshell

Just to add a little clarity. OpenVPN will select the best/highest (what ever term you use to describe the security level) between peers.

For example:

  • Server running Linux may have openvpn built with openssl 1.1.1f
  • Client running Windows may have openvpn built with openssl 1.1.0j

openvpn will select the best matching TLS settings.

FTR: The above scenario results in:

Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 384 bit EC, curve: secp384r1

Had the server been configured to use TLS 1.3 then this client would not be able to connect.

TinCanTech avatar May 06 '20 12:05 TinCanTech

openvpn will select the best matching TLS settings.

Maybe we can default to TLS_CHACHA20_POLY1305_SHA256 in the script instead of TLS_AES_256_GCM_SHA384 for performance? It benefits on mobile devices, routers and raspberrys and it's still the second most secure option.

randshell avatar May 06 '20 13:05 randshell

Personally, if you decide to change the script, I would make it a user choice .. with a FAQ.

TinCanTech avatar May 06 '20 17:05 TinCanTech

Yes, of course. I meant the default of the auto completion :smile:

https://github.com/angristan/openvpn-install/blob/5e2e67f78df9f92a8d7ce92338a8f6e653c0c149/openvpn-install.sh#L394 https://github.com/angristan/openvpn-install/blob/5e2e67f78df9f92a8d7ce92338a8f6e653c0c149/openvpn-install.sh#L401

randshell avatar May 06 '20 18:05 randshell

Your two links above relate directly to the data channel not the control channel.

Maybe we can default to TLS_CHACHA20_POLY1305_SHA256 in the script instead of TLS_AES_256_GCM_SHA384 for performance?

This would have the effect of disabling any user AES-NI .. so I would not make this change. Hence: a FAQ.

TinCanTech avatar May 06 '20 19:05 TinCanTech

Hiya,

When the OP/Developer will update this script to enable us to select 'TLS 1.3' on installation?

Tnx and best of luck

perfectpeach avatar Jul 28 '20 23:07 perfectpeach

When the OP/Developer will update this script to enable us to select 'TLS 1.3' on installation?

That will be when:

  • OpenSSL makes this a suitable option
  • OpenVPN implements the changes you are looking for

Harassing this project will not produce results.

Also, your avatar is completely unacceptable.

TinCanTech avatar Jul 28 '20 23:07 TinCanTech