diff options
author | Arne Schwabe | 2022-05-05 15:03:48 +0200 |
---|---|---|
committer | Gert Doering | 2022-05-06 14:16:05 +0200 |
commit | e7d8c4a72002cbaa7542ea0cff8acca1b971b1f5 (patch) | |
tree | e98bfcbd9a0659ec520586581944ac4de548ce0f /Changes.rst | |
parent | 44517fd7694012502318975173b1d0c05045d388 (diff) | |
download | openvpn-e7d8c4a72002cbaa7542ea0cff8acca1b971b1f5.zip openvpn-e7d8c4a72002cbaa7542ea0cff8acca1b971b1f5.tar.gz |
Implement HMAC based session id for tls-crypt v2
Tls-crypt v2 is more complicated to implement a proper stateless
handshake. To allow state handshake this commit does
- introduce a new packet CONTROL_WKC_V1 that repeats the wrapped
client key.
- introduce a way to negotiate the support for this packet in the
three way handshake
Details about the protocol changes are in tls-crypt-v2.txt. Optional
arguments to the tls-crypt-v2 option have been added to explicitly
allow or disallow client that do not support the stateless handshake.
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Patch v3: improve grammar, style, comments, fix unit tests
Patch v4: remove explicit flag for ability to resend WKc,
clean up comments, improve code style in some instances
Acked-by: Antonio Quartulli <antonio@openvpn.net>
Message-Id: <20220505130348.1183195-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24287.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'Changes.rst')
-rw-r--r-- | Changes.rst | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/Changes.rst b/Changes.rst index ceb0b26..67a23c7 100644 --- a/Changes.rst +++ b/Changes.rst @@ -69,6 +69,16 @@ Improved ``--mssfix`` and ``--fragment`` calculation account and the resulting size is specified as the total size of the VPN packets including IP and UDP headers. +Cookie based handshake for UDP server + Instead of allocating a connection for each client on the initial packet + OpenVPN server will now use an HMAC based cookie as its session id. This + way the server can verify it on completing the handshake without keeping + state. This eliminates the amplification and resource exhaustion attacks. + For tls-crypt-v2 clients, this requires OpenVPN 2.6 clients or later + because the client needs to resend its client key on completing the hand + shake. The tls-crypt-v2 option allows controlling if older clients are + accepted. + Deprecated features ------------------- ``inetd`` has been removed |