From patchwork Mon Feb 16 14:47:57 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 4768 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7001:ab03:b0:838:aef6:1aff with SMTP id xi3csp17840mab; Mon, 16 Feb 2026 07:23:27 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCXK9A3TDxPUikoz9zeVfaTrUS8GdLry8hcHEld4HiQ0cogzLtPKYjHsRvYiyOvxMmkLaDjrSgdnRO4=@openvpn.net X-Received: by 2002:a05:6870:f20a:b0:409:5c31:b6b3 with SMTP id 586e51a60fabf-40ef3b76e8cmr5085639fac.2.1771255407468; Mon, 16 Feb 2026 07:23:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1771255407; cv=none; d=google.com; s=arc-20240605; b=QA8NirAGpxUa52cR8V4ENjPfilBE+tzi7FJbhAu04N9f3Wt3oHYYEFcs7sd9t4aABB PExy1OuxrVJRD5PKrpXugkb1bupMQgbNjtQ/yHls5rmdMsXzyYf4LLb/m6StPpqjt1vy 8tsrmw+UHXy9b32TeriabDTOJ9/N1q3I2k8F34FjWO+hYtE+2b8Ix6I2xGlOpTvqg2Ho 3u3z4xBk0UhVpGNO+j655S+8p1oFYadBI7yblB8XKR3o/VD1dW6RG9vYWFLSdQV/D9nh DCFU3vsVQgfVdfyQ491uPnABhRp9JVinzQq5mbRiS6tLS07jfOM1CmQz4gaK8pFK4BWU ZWQw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=1OHj2tSHZdOeIExRctPLBAGqNpfwzIWjKEUyngqdBuI=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=c0SNRylzaFk7+BsGNL9YzRv3UKthIaBKdgE94DEiLS68zd3V5wAv3lUPNn0zg/2zoh smjYFy6bkOmgu4fwUPl7j2qxIinbNK441bZLRLnj0/U0y1CIwv9Udk0V6FTRX7RGV9BE kC4QaXKz04uaev+JmDcbv1EqEjX7GTos9zw0S6o3u1o8zLDXOyTlh9w4VvTGAaMkt0bk qyEWyusfLu1l8a4V4vM3eHG/Ybo7gj54Ui6XGsuRA/x0W+EejN3XFRDSkdev/cMVZ0Xy gOkPxegWt21vqlAbyP3Kd2PT4Lso8jOBO7C3mJz1kl6XUh8c+qLtI8iZIVMddQE2Trw+ t5hg==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=MvMazr0Y; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=QQpYdGiE; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=lE7poU3d; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 586e51a60fabf-40ef486d564si7542710fac.409.2026.02.16.07.23.27 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 16 Feb 2026 07:23:27 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=MvMazr0Y; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=QQpYdGiE; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=lE7poU3d; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=1OHj2tSHZdOeIExRctPLBAGqNpfwzIWjKEUyngqdBuI=; b=MvMazr0Yfu7mXzz97mVzNh74nT sE7plmr0dh9oT+nDa1Tn7/qC7/veKz6YrdBapU/AvKQOlQIguNQ+ZPkBwmcXT4To/gCtiztZd9Gkk yHd1qr9S/omzfFfKckvPb/NYNHuXNF70RqbB2LqT978SJ1yK37Fth63BfakBfS9eHw/0=; Received: from [127.0.0.1] (helo=sfs-ml-3.v29.lw.sourceforge.com) by sfs-ml-3.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1vs0RY-0003DO-Lv; Mon, 16 Feb 2026 15:23:24 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-3.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1vs0R6-0003Cj-EZ for openvpn-devel@lists.sourceforge.net; Mon, 16 Feb 2026 15:22:56 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=P0qzKXSja0NC6DtBJ9ww3594Sz6vrCjytDsgcG1QOno=; b=QQpYdGiEr1OjG6KysAf6pJ4Xcm sVD3ATd0PqZXB/5xjsBKWYj42ri9Fc7BENJ3EeXaogYCAHIMkWcRWUAT+FJtCYlPSRl+HX0pwvD5m nZ/w/wrI4g2BAA+mNgS1/Ry4qw+AC8idmYz7jAImKzU0DXvAVi1dDyy7AIP28kB8NP5M=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=P0qzKXSja0NC6DtBJ9ww3594Sz6vrCjytDsgcG1QOno=; b=lE7poU3dlwDIL4DbXj7zGYB5fr A2E2XxOmi/scQwYNYXZh56XjUYyC9LHbrIc+Ngus0jZNEVfteR+2Y1ppL1ef9Ma8FwBMXtGIVuM/o Iu+LRfmLJfBC43voMRRx4AYOk2KUMS6lnkwGK4VI/YIVoDGBfE19aWm6/odJGX2dB9b8=; Received: from [193.149.48.129] (helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1vrztX-0007B4-OQ for openvpn-devel@lists.sourceforge.net; Mon, 16 Feb 2026 14:48:16 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.18.1/8.18.1) with ESMTP id 61GEm37Q014521 for ; Mon, 16 Feb 2026 15:48:03 +0100 Received: (from gert@localhost) by blue.greenie.muc.de (8.18.1/8.18.1/Submit) id 61GEm3MF014520 for openvpn-devel@lists.sourceforge.net; Mon, 16 Feb 2026 15:48:03 +0100 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Mon, 16 Feb 2026 15:47:57 +0100 Message-ID: <20260216144803.14504-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.52.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-1.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Max Fillinger The option --use-prediction-resistance causes the random number generator to be reseeded for every call. This is excessive. This commit removes that option. Content analysis details: (1.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS X-Headers-End: 1vrztX-0007B4-OQ Subject: [Openvpn-devel] [PATCH v2] Mbed TLS 3: Remove prediction resistance option X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1857295116971201578?= X-GMAIL-MSGID: =?utf-8?q?1857295909894703600?= From: Max Fillinger The option --use-prediction-resistance causes the random number generator to be reseeded for every call. This is excessive. This commit removes that option. Change-Id: I6298795f140c2c62252638f9e0cd6df19cb3d7ed Signed-off-by: Max Fillinger Acked-by: Frank Lichtenheld Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1530 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1530 This mail reflects revision 2 of this Change. Acked-by according to Gerrit (reflected above): Frank Lichtenheld diff --git a/doc/man-sections/generic-options.rst b/doc/man-sections/generic-options.rst index ed581b1..f46dfec 100644 --- a/doc/man-sections/generic-options.rst +++ b/doc/man-sections/generic-options.rst @@ -462,16 +462,6 @@ success/failure via :code:`auth_control_file` when using deferred auth method and pending authentication via :code:`auth_pending_file`. ---use-prediction-resistance - Enable prediction resistance on mbed TLS's RNG. - - Enabling prediction resistance causes the RNG to reseed in each call for - random. Reseeding this often can quickly deplete the kernel entropy - pool. - - If you need this option, please consider running a daemon that adds - entropy to the kernel pool. - --user user Change the user ID of the OpenVPN process to ``user`` after initialization, dropping privileges in the process. This option is diff --git a/doc/man-sections/unsupported-options.rst b/doc/man-sections/unsupported-options.rst index f1332f3..c273905 100644 --- a/doc/man-sections/unsupported-options.rst +++ b/doc/man-sections/unsupported-options.rst @@ -65,3 +65,8 @@ Removed in OpenVPN 2.7. OpenVPN will always use ovpn-dco as the default driver on Windows. It will fall back to tap-windows6 if options are used that are incompatible with ovpn-dco. + +--use-prediction-resistance + Removed in OpenVPN 2.8. This option caused the Mbed TLS 3 random number + generator to be reseeded on every call. It has been removed because this + is excessive. diff --git a/src/openvpn/crypto_mbedtls_legacy.c b/src/openvpn/crypto_mbedtls_legacy.c index a991349..b8e7d6a 100644 --- a/src/openvpn/crypto_mbedtls_legacy.c +++ b/src/openvpn/crypto_mbedtls_legacy.c @@ -366,16 +366,6 @@ return &cd_ctx; } -#ifdef ENABLE_PREDICTION_RESISTANCE -void -rand_ctx_enable_prediction_resistance(void) -{ - mbedtls_ctr_drbg_context *cd_ctx = rand_ctx_get(); - - mbedtls_ctr_drbg_set_prediction_resistance(cd_ctx, 1); -} -#endif /* ENABLE_PREDICTION_RESISTANCE */ - int rand_bytes(uint8_t *output, int len) { diff --git a/src/openvpn/crypto_mbedtls_legacy.h b/src/openvpn/crypto_mbedtls_legacy.h index af71037..1005057 100644 --- a/src/openvpn/crypto_mbedtls_legacy.h +++ b/src/openvpn/crypto_mbedtls_legacy.h @@ -89,14 +89,6 @@ */ mbedtls_ctr_drbg_context *rand_ctx_get(void); -#ifdef ENABLE_PREDICTION_RESISTANCE -/** - * Enable prediction resistance on the random number generator. - */ -void rand_ctx_enable_prediction_resistance(void); - -#endif - /** * Log the supplied mbed TLS error, prefixed by supplied prefix. * diff --git a/src/openvpn/init.c b/src/openvpn/init.c index 70c0b5d..1391aa85 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -2989,13 +2989,6 @@ packet_id_persist_load(&c->c1.pid_persist, c->options.packet_id_file); } } - -#ifdef ENABLE_PREDICTION_RESISTANCE - if (c->options.use_prediction_resistance) - { - rand_ctx_enable_prediction_resistance(); - } -#endif } diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 2bca647..51b4252 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -566,10 +566,6 @@ " using file.\n" "--test-crypto : Run a self-test of crypto features enabled.\n" " For debugging only.\n" -#ifdef ENABLE_PREDICTION_RESISTANCE - "--use-prediction-resistance: Enable prediction resistance on the random\n" - " number generator.\n" -#endif "\n" "TLS Key Negotiation Options:\n" "(These options are meaningful only for TLS-mode)\n" @@ -872,9 +868,6 @@ o->replay_window = DEFAULT_SEQ_BACKTRACK; o->replay_time = DEFAULT_TIME_BACKTRACK; o->key_direction = KEY_DIRECTION_BIDIRECTIONAL; -#ifdef ENABLE_PREDICTION_RESISTANCE - o->use_prediction_resistance = false; -#endif o->tls_timeout = 2; o->renegotiate_bytes = -1; o->renegotiate_seconds = 3600; @@ -1841,9 +1834,6 @@ SHOW_INT(replay_time); SHOW_STR(packet_id_file); SHOW_BOOL(test_crypto); -#ifdef ENABLE_PREDICTION_RESISTANCE - SHOW_BOOL(use_prediction_resistance); -#endif SHOW_BOOL(tls_server); SHOW_BOOL(tls_client); @@ -4476,13 +4466,6 @@ { buf_printf(&out, ",secret"); } - -#ifdef ENABLE_PREDICTION_RESISTANCE - if (o->use_prediction_resistance) - { - buf_printf(&out, ",use-prediction-resistance"); - } -#endif } /* @@ -8543,13 +8526,6 @@ options->providers.names[j] = p[j]; } } -#ifdef ENABLE_PREDICTION_RESISTANCE - else if (streq(p[0], "use-prediction-resistance") && !p[1]) - { - VERIFY_PERMISSION(OPT_P_GENERAL); - options->use_prediction_resistance = true; - } -#endif else if (streq(p[0], "show-tls") && !p[1]) { VERIFY_PERMISSION(OPT_P_GENERAL); diff --git a/src/openvpn/options.h b/src/openvpn/options.h index 16cfdb5..cf9936b 100644 --- a/src/openvpn/options.h +++ b/src/openvpn/options.h @@ -584,9 +584,6 @@ int replay_time; const char *packet_id_file; bool test_crypto; -#ifdef ENABLE_PREDICTION_RESISTANCE - bool use_prediction_resistance; -#endif /* TLS (control channel) parms */ bool tls_server; diff --git a/src/openvpn/syshead.h b/src/openvpn/syshead.h index 582e130..7e742b3 100644 --- a/src/openvpn/syshead.h +++ b/src/openvpn/syshead.h @@ -474,13 +474,6 @@ #define PORT_SHARE 0 #endif -#ifdef ENABLE_CRYPTO_MBEDTLS -#include -#if MBEDTLS_VERSION_NUMBER < 0x04000000 -#define ENABLE_PREDICTION_RESISTANCE -#endif /* MBEDTLS_VERSION_NUMBER < 0x04000000 */ -#endif /* ENABLE_CRYPTO_MBEDTLS */ - /* * Do we support Unix domain sockets? */