From patchwork Mon Feb 16 15:10:27 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 4767 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7001:ab03:b0:838:aef6:1aff with SMTP id xi3csp9620mab; Mon, 16 Feb 2026 07:10:51 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCUJwVc/kaylG+6prGGtzZMDiwilvQEcWL3X5OIrsrypkDBH0FzI8OLzlstw0n0cvSP8Vm0Wjexlip8=@openvpn.net X-Received: by 2002:a05:6870:c68b:b0:409:5ef7:43bd with SMTP id 586e51a60fabf-40f0d8c2793mr4914931fac.46.1771254650955; Mon, 16 Feb 2026 07:10:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1771254650; cv=none; d=google.com; s=arc-20240605; b=JV+inDPkWTneZcOWSYCoYBO/zW7l9N4DVXW0Xzy1pQwpzlPJceMWznZYc1ThYscd8J 3HGWoFg6xX0sodQDaya/iwGzVoUyBtZMB2kkR5hIJy3uKNC15Jwp98q6htpSFicvN4o6 zucUq5wxXBOpUBAHJee3AO+OjOOXY3dr4YIXEbcrqbqKBYcKKrS/cN3h6UCSAsvxPUZ4 g75G2JP2jxq5lFthuW9R9PzwclSs0a1xBuBMGmayJQjabDKWU74uiHCjx3y68R3FHbU2 1lr/bVU8p0MEE6kJJU+3S0xa70aUmuhC7udtveihXH//HiuehBp+cAu3Ivj4Ian56V41 DQXQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=1OHj2tSHZdOeIExRctPLBAGqNpfwzIWjKEUyngqdBuI=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=RHKR5xJz72NDFkUGplQbEOUiKbU0uqfpc3n0BqGK21Ru2eRAOgN6/MqXS51hVRRPHi 9E6dQ7xkHunVispqDE/qYRfbUTZDCmr8r2gRcANbdSuH2dy1QHput1RfNNwcvm8Y9ZyO yQNcQPqwlXZELEzGOvf4kDaDXz7ZPVU0/PeYZHs9f2r6N8M3N7ZSSnDG18NSgbkqQGhC R681mH/pjHuDKDDL7ivve8LvSayZ4Y48ZoqwcsjkhZ1Y5zD5ex7guAQURLUhdjhbt9UF CTcTcHmOWOTXZubO4lS0uEuBjDzWfLY40MjqqHOcraslbG6dwAAfWySIQouIWMq7bpkf amYQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b="nWVBpg/P"; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=VFuarrsp; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=bBUFnfUV; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 586e51a60fabf-40ebc76edbbsi11581918fac.214.2026.02.16.07.10.50 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 16 Feb 2026 07:10:50 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b="nWVBpg/P"; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=VFuarrsp; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=bBUFnfUV; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=1OHj2tSHZdOeIExRctPLBAGqNpfwzIWjKEUyngqdBuI=; b=nWVBpg/PIzDgb9QIBOXk3HQltD TMiArFQEoMPwJH3v9uy3Byswa4PeKsJxDtvuKc1DlXVhJkunyefxBK/pSnLWx1sfEk3TfeNEMbGYK u8YGRkcveXYyHTj9bnIBfPNk6uc5QNsfBfa8c1bs64bfWMbXXlYBDNN8iQfE25h01oM4=; Received: from [127.0.0.1] (helo=sfs-ml-3.v29.lw.sourceforge.com) by sfs-ml-3.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1vs0FL-0002r8-Tw; Mon, 16 Feb 2026 15:10:47 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-3.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1vs0FL-0002r2-1D for openvpn-devel@lists.sourceforge.net; Mon, 16 Feb 2026 15:10:47 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=P0qzKXSja0NC6DtBJ9ww3594Sz6vrCjytDsgcG1QOno=; b=VFuarrsp3LvBmVTQl6b/gX7kCv 82qNGxNqPSRtLVMXqFV58Bl3hSFHP6tbdekUOTzu0e0c8olSNOliP4kj9C+PjMiKTLAT0RkaD1JOq X1ERA6726MkQFCi5R8/uqfNxovUiBd/rVrjwC+nsmCHKO3exm0AKMEDuddtXqqTGpJ4k=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=P0qzKXSja0NC6DtBJ9ww3594Sz6vrCjytDsgcG1QOno=; b=bBUFnfUVcKxoh6xhShPxyX41hJ bBYiR1NqB2h1eaVFgD0C+6nL7JcGtWg69MUhhQxg2p8UduKYQK+hDOn++IAeLw5RSRbWeXvd8tgMR VAwrSaf5gjFinhRnstBz6aPqKxVbfVSeSzavDPu5FCtynw7kudMapJAh48cw05H1y4x8=; Received: from [193.149.48.129] (helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1vs0FK-0000AV-0r for openvpn-devel@lists.sourceforge.net; Mon, 16 Feb 2026 15:10:46 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.18.1/8.18.1) with ESMTP id 61GFAYTA016600 for ; Mon, 16 Feb 2026 16:10:34 +0100 Received: (from gert@localhost) by blue.greenie.muc.de (8.18.1/8.18.1/Submit) id 61GFAYJZ016599 for openvpn-devel@lists.sourceforge.net; Mon, 16 Feb 2026 16:10:34 +0100 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Mon, 16 Feb 2026 16:10:27 +0100 Message-ID: <20260216151033.16585-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.52.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-1.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Max Fillinger The option --use-prediction-resistance causes the random number generator to be reseeded for every call. This is excessive. This commit removes that option. Content analysis details: (1.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS X-Headers-End: 1vs0FK-0000AV-0r Subject: [Openvpn-devel] [PATCH v2] Mbed TLS 3: Remove prediction resistance option X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1857295116971201578?= X-GMAIL-MSGID: =?utf-8?q?1857295116971201578?= From: Max Fillinger The option --use-prediction-resistance causes the random number generator to be reseeded for every call. This is excessive. This commit removes that option. Change-Id: I6298795f140c2c62252638f9e0cd6df19cb3d7ed Signed-off-by: Max Fillinger Acked-by: Frank Lichtenheld Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1530 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1530 This mail reflects revision 2 of this Change. Acked-by according to Gerrit (reflected above): Frank Lichtenheld diff --git a/doc/man-sections/generic-options.rst b/doc/man-sections/generic-options.rst index ed581b1..f46dfec 100644 --- a/doc/man-sections/generic-options.rst +++ b/doc/man-sections/generic-options.rst @@ -462,16 +462,6 @@ success/failure via :code:`auth_control_file` when using deferred auth method and pending authentication via :code:`auth_pending_file`. ---use-prediction-resistance - Enable prediction resistance on mbed TLS's RNG. - - Enabling prediction resistance causes the RNG to reseed in each call for - random. Reseeding this often can quickly deplete the kernel entropy - pool. - - If you need this option, please consider running a daemon that adds - entropy to the kernel pool. - --user user Change the user ID of the OpenVPN process to ``user`` after initialization, dropping privileges in the process. This option is diff --git a/doc/man-sections/unsupported-options.rst b/doc/man-sections/unsupported-options.rst index f1332f3..c273905 100644 --- a/doc/man-sections/unsupported-options.rst +++ b/doc/man-sections/unsupported-options.rst @@ -65,3 +65,8 @@ Removed in OpenVPN 2.7. OpenVPN will always use ovpn-dco as the default driver on Windows. It will fall back to tap-windows6 if options are used that are incompatible with ovpn-dco. + +--use-prediction-resistance + Removed in OpenVPN 2.8. This option caused the Mbed TLS 3 random number + generator to be reseeded on every call. It has been removed because this + is excessive. diff --git a/src/openvpn/crypto_mbedtls_legacy.c b/src/openvpn/crypto_mbedtls_legacy.c index a991349..b8e7d6a 100644 --- a/src/openvpn/crypto_mbedtls_legacy.c +++ b/src/openvpn/crypto_mbedtls_legacy.c @@ -366,16 +366,6 @@ return &cd_ctx; } -#ifdef ENABLE_PREDICTION_RESISTANCE -void -rand_ctx_enable_prediction_resistance(void) -{ - mbedtls_ctr_drbg_context *cd_ctx = rand_ctx_get(); - - mbedtls_ctr_drbg_set_prediction_resistance(cd_ctx, 1); -} -#endif /* ENABLE_PREDICTION_RESISTANCE */ - int rand_bytes(uint8_t *output, int len) { diff --git a/src/openvpn/crypto_mbedtls_legacy.h b/src/openvpn/crypto_mbedtls_legacy.h index af71037..1005057 100644 --- a/src/openvpn/crypto_mbedtls_legacy.h +++ b/src/openvpn/crypto_mbedtls_legacy.h @@ -89,14 +89,6 @@ */ mbedtls_ctr_drbg_context *rand_ctx_get(void); -#ifdef ENABLE_PREDICTION_RESISTANCE -/** - * Enable prediction resistance on the random number generator. - */ -void rand_ctx_enable_prediction_resistance(void); - -#endif - /** * Log the supplied mbed TLS error, prefixed by supplied prefix. * diff --git a/src/openvpn/init.c b/src/openvpn/init.c index 70c0b5d..1391aa85 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -2989,13 +2989,6 @@ packet_id_persist_load(&c->c1.pid_persist, c->options.packet_id_file); } } - -#ifdef ENABLE_PREDICTION_RESISTANCE - if (c->options.use_prediction_resistance) - { - rand_ctx_enable_prediction_resistance(); - } -#endif } diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 2bca647..51b4252 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -566,10 +566,6 @@ " using file.\n" "--test-crypto : Run a self-test of crypto features enabled.\n" " For debugging only.\n" -#ifdef ENABLE_PREDICTION_RESISTANCE - "--use-prediction-resistance: Enable prediction resistance on the random\n" - " number generator.\n" -#endif "\n" "TLS Key Negotiation Options:\n" "(These options are meaningful only for TLS-mode)\n" @@ -872,9 +868,6 @@ o->replay_window = DEFAULT_SEQ_BACKTRACK; o->replay_time = DEFAULT_TIME_BACKTRACK; o->key_direction = KEY_DIRECTION_BIDIRECTIONAL; -#ifdef ENABLE_PREDICTION_RESISTANCE - o->use_prediction_resistance = false; -#endif o->tls_timeout = 2; o->renegotiate_bytes = -1; o->renegotiate_seconds = 3600; @@ -1841,9 +1834,6 @@ SHOW_INT(replay_time); SHOW_STR(packet_id_file); SHOW_BOOL(test_crypto); -#ifdef ENABLE_PREDICTION_RESISTANCE - SHOW_BOOL(use_prediction_resistance); -#endif SHOW_BOOL(tls_server); SHOW_BOOL(tls_client); @@ -4476,13 +4466,6 @@ { buf_printf(&out, ",secret"); } - -#ifdef ENABLE_PREDICTION_RESISTANCE - if (o->use_prediction_resistance) - { - buf_printf(&out, ",use-prediction-resistance"); - } -#endif } /* @@ -8543,13 +8526,6 @@ options->providers.names[j] = p[j]; } } -#ifdef ENABLE_PREDICTION_RESISTANCE - else if (streq(p[0], "use-prediction-resistance") && !p[1]) - { - VERIFY_PERMISSION(OPT_P_GENERAL); - options->use_prediction_resistance = true; - } -#endif else if (streq(p[0], "show-tls") && !p[1]) { VERIFY_PERMISSION(OPT_P_GENERAL); diff --git a/src/openvpn/options.h b/src/openvpn/options.h index 16cfdb5..cf9936b 100644 --- a/src/openvpn/options.h +++ b/src/openvpn/options.h @@ -584,9 +584,6 @@ int replay_time; const char *packet_id_file; bool test_crypto; -#ifdef ENABLE_PREDICTION_RESISTANCE - bool use_prediction_resistance; -#endif /* TLS (control channel) parms */ bool tls_server; diff --git a/src/openvpn/syshead.h b/src/openvpn/syshead.h index 582e130..7e742b3 100644 --- a/src/openvpn/syshead.h +++ b/src/openvpn/syshead.h @@ -474,13 +474,6 @@ #define PORT_SHARE 0 #endif -#ifdef ENABLE_CRYPTO_MBEDTLS -#include -#if MBEDTLS_VERSION_NUMBER < 0x04000000 -#define ENABLE_PREDICTION_RESISTANCE -#endif /* MBEDTLS_VERSION_NUMBER < 0x04000000 */ -#endif /* ENABLE_CRYPTO_MBEDTLS */ - /* * Do we support Unix domain sockets? */