[Openvpn-devel,v2] Deprecate non TLS mode in OpenVPN

Message ID 20210328090530.10653-1-arne@rfc2549.org
State Accepted
Headers show
Series
  • [Openvpn-devel,v2] Deprecate non TLS mode in OpenVPN
Related show

Commit Message

Arne Schwabe March 28, 2021, 9:05 a.m.
The non-TLS mode is a relict from OpenVPN 1.x or 2.0. When tls mode was
introduce the advantages of TLS over non-tls were small but tls mode
evolved to include a lot more features. (NCP, multipeer, AEAD ciphers to name
a few).

Today VPN that use --secret are mainly used because of its relative easy to
setup and requiring to setup a PKI. This shortcoming of TLS mode should be
addressed now with the peer-fingerprint option.

But the biggest reason to deprecate --secret is that the use of a fixed
pre-shared key and lack of any of session key. No forward secrecy is
possible and any VPN traffic can be decrypted later should the --secret
by anyone who can get the session key. The cryptography overall used here
was okay when --secret was introduced but is not acceptable by today's
standard anymore.

Patch V2: Improve commit message
---
 doc/man-sections/protocol-options.rst |  2 +-
 src/openvpn/options.c                 | 12 +++++++++++-
 2 files changed, 12 insertions(+), 2 deletions(-)

Comments

Gert Doering April 3, 2021, 9:29 a.m. | #1
Acked-by: Gert Doering <gert@greenie.muc.de>

The code change is simple enough to review.  My p2p tests now complain
to me in large letters that I should not be doing this (but still work
fine).

I have spent a bit of time on the commit message and I hope I made it 
even more clear.

I have added a note to Changes.rst

Your patch has been applied to the master branch.

commit b72b5ff5e80135e85acc54b807797947528f1963
Author: Arne Schwabe
Date:   Sun Mar 28 11:05:30 2021 +0200

     Deprecate non TLS mode in OpenVPN

     Acked-by: Gert Doering <gert@greenie.muc.de>
     Message-Id: <20210328090530.10653-1-arne@rfc2549.org>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg21868.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering

Patch

diff --git a/doc/man-sections/protocol-options.rst b/doc/man-sections/protocol-options.rst
index e9d5d63d4..bb08fa3ef 100644
--- a/doc/man-sections/protocol-options.rst
+++ b/doc/man-sections/protocol-options.rst
@@ -226,7 +226,7 @@  configured in a compatible way between both the local and remote side.
   disables cipher negotiation.
 
 --secret args
-  Enable Static Key encryption mode (non-TLS). Use pre-shared secret
+  **DEPRECATED** Enable Static Key encryption mode (non-TLS). Use pre-shared secret
   ``file`` which was generated with ``--genkey``.
 
   Valid syntaxes:
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 51bd56c2b..4ef8924f5 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -514,7 +514,7 @@  static const char usage_message[] =
     "\n"
     "Data Channel Encryption Options (must be compatible between peers):\n"
     "(These options are meaningful for both Static Key & TLS-mode)\n"
-    "--secret f [d]  : Enable Static Key encryption mode (non-TLS).\n"
+    "--secret f [d]  : (DEPRECATED) Enable Static Key encryption mode (non-TLS).\n"
     "                  Use shared secret file f, generate with --genkey.\n"
     "                  The optional d parameter controls key directionality.\n"
     "                  If d is specified, use separate keys for each\n"
@@ -2564,6 +2564,15 @@  options_postprocess_verify_ce(const struct options *options,
         msg(M_USAGE, "specify only one of --tls-server, --tls-client, or --secret");
     }
 
+    if (!options->tls_server || !options->tls_client)
+    {
+        msg(M_INFO, "DEPRECATION: No tls-client or tls-server option in "
+                    "configuration detected. OpenVPN 2.7 will remove the "
+                    "functionality to run a VPN without TLS. "
+                    "See the examples section in the manual page for "
+                    "examples of a similar quick setup with peer-fingerprint.");
+    }
+
     if (options->ssl_flags & (SSLF_CLIENT_CERT_NOT_REQUIRED|SSLF_CLIENT_CERT_OPTIONAL))
     {
         msg(M_WARN, "WARNING: POTENTIALLY DANGEROUS OPTION "
@@ -7862,6 +7871,7 @@  add_option(struct options *options,
     }
     else if (streq(p[0], "secret") && p[1] && !p[3])
     {
+        msg(M_WARN, "DEPRECATED OPTION: The option --secret is deprecated.");
         VERIFY_PERMISSION(OPT_P_GENERAL|OPT_P_INLINE);
         options->shared_secret_file = p[1];
         options->shared_secret_file_inline = is_inline;