GitList

Browse code

Make --dh none behaviour default if not specified

Nowadays ciphers that are using still DH and not ECDH are rarely chosen
as best cipher suite. Our man page even indicates that OpenSSL 1.0.1+
supports ECDH cipher suites. So it does not feel useful to force
specifying --dh anymore.

Side note: Custom generated Diffie Hellmann parameters are also
discouraged nowadays. The newest OpenSSL FIPS libraries even flat
out reject them:

FIPS 186-4 type domain parameters no longer allowed in FIPS mode,
since the required validation routines were removed from FIPS 186-5

But instead of adding support for loading the well-known curve just make
dh none the default and the recommended option as finite field Diffie
Hellmann is being deprecated anyway
(https://datatracker.ietf.org/doc/draft-ietf-tls-deprecate-obsolete-kex/)
and not supported by TLS 1.3 at all.

Change-Id: Ica02244c9f0ac9b4690a51f940fda9d900465289
Signed-off-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20250518220245.24489-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg31695.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

Arne Schwabe authored on 2025/05/19 07:02:39
Showing 3 changed files

Changes.rst index a4f5e57..e297334 100644
doc/man-sections/tls-options.rst index 0638d09..db107e6 100644
src/openvpn/options.c index 810bb56..6672b5c 100644

Changes.rst

History View file @ 57bdefb

@@ -103,6 +103,11 @@ User-visible Changes
                      - ``--x509-username-field`` will no longer automatically convert fieldnames to
                        uppercase. This is deprecated since OpenVPN 2.4, and has now been removed.
                     +- ``--dh none`` is now the default if ``--dh`` is not specified. Modern TLS
                     +  implementations will prefer ECDH and other more modern algorithms anyway.
                     +  And finite field Diffie Hellman is in the proces of being deprecated
                     +  (see draft-ietf-tls-deprecate-obsolete-kex)
+                    +
                      Overview of changes in 2.6
                      ==========================

doc/man-sections/tls-options.rst

History View file @ 57bdefb

@@ -171,16 +171,22 @@ certificates and keys: https://github.com/OpenVPN/easy-rsa
                      --dh file
                     -  File containing Diffie Hellman parameters in .pem format (required for
                     -  ``--tls-server`` only).
+                    -
                     -  Set ``file`` to :code:`none` to disable Diffie Hellman key exchange (and
                     -  use ECDH only). Note that this requires peers to be using an SSL library
                     -  that supports ECDH TLS cipher suites (e.g. OpenSSL 1.0.1+, or
                     -  mbed TLS 2.0+).
+                    -
                     -  Use ``openssl dhparam -out dh2048.pem 2048`` to generate 2048-bit DH
                     -  parameters. Diffie Hellman parameters may be considered public.
                     +  File containing finite field Diffie Hellman parameters in .pem format (used
                     +  by ``--tls-server`` only).
+                    +
                     +  Set ``file`` to :code:`none` to disable fine field Diffie Hellman
                     +  key exchange (and to only use ECDH or newer hybrid key agreement algorithms
                     +  like X25519MLKEM768 instead).
                     +  Note that this requires peers to be using an SSL library that supports
                     +  ECDH TLS cipher suites (e.g. OpenSSL 1.0.1+, or mbed TLS 2.0+). Starting
                     +  with 2.7.0, this is the same as not specifying ``--dh`` at all.
+                    +
                     +  Diffie Hellman parameters can be generated using
                     +  ``openssl dhparam -out dh2048.pem 2048`` but it is recommended to
                     +  use ``none`` as finite field Diffie Hellman have been replaced
                     +  by more modern variants like ECDH.
+                    +
                     +  Diffie Hellman parameters may be considered public.
                      --ecdh-curve name
                        Specify the curve to use for elliptic curve Diffie Hellman. Available

src/openvpn/options.c

History View file @ 57bdefb

@@ -3703,8 +3703,6 @@ options_postprocess_mutate(struct options *o, struct env_set *es)
 
     if (o->tls_server)
     {
-        /* Check that DH file is specified, or explicitly disabled */
-        notnull(o->dh_file, "DH file (--dh)");
         if (streq(o->dh_file, "none"))
         {
             o->dh_file = NULL;

...	...	@@ -3703,8 +3703,6 @@ options_postprocess_mutate(struct options o, struct env_set es)
3703	3703
3704	3704	if (o->tls_server)
3705	3705	{
3706		- /* Check that DH file is specified, or explicitly disabled */
3707		- notnull(o->dh_file, "DH file (--dh)");
3708	3706	if (streq(o->dh_file, "none"))
3709	3707	{
3710	3708	o->dh_file = NULL;