Use AES256 and SHA256 by default for the legacy protocol.

At the start of the decade, there were still distributions that shipped
with versions of OpenSSL that did not support these algorithms. By now
everyone should support them. The old defaults were Blowfish and SHA1,
both of which are not considered secure anymore.

The meta-protocol now always uses AES in CFB mode, but the key length
will adapt to the one specified by the Cipher option. The digest for the
meta-protocol is hardcoded to SHA256.

diff --git a/m4/openssl.m4 b/m4/openssl.m4
index 6bb33cf52198bfe1a107f4fa16ff834ff298107c..4afcff2f0dc8ebc0ec1dad4651ad7a53942f06c8 100644 (file)
--- a/m4/openssl.m4
+++ b/m4/openssl.m4
@@ -49,7 +49,7 @@ AC_DEFUN([tinc_OPENSSL],
     [AC_MSG_ERROR([Missing LibreSSL/OpenSSL functionality, make sure you have installed the latest version.]); break],
   )
 
-  AC_CHECK_DECLS([OpenSSL_add_all_algorithms], ,
+  AC_CHECK_DECLS([OpenSSL_add_all_algorithms EVP_aes_256_cfb], ,
     [AC_MSG_ERROR([Missing LibreSSL/OpenSSL functionality, make sure you have installed the latest version.]); break],
     [#include <openssl/evp.h>]
   )

diff --git a/src/cipher.h b/src/cipher.h
index 3f98c18f20c02a63b992af30712eb05f35a1b94c..41335ec4c8686049b6c5e54434866e85405494ec 100644 (file)
--- a/src/cipher.h
+++ b/src/cipher.h
@@ -1,6 +1,6 @@
 /*
     cipher.h -- header file cipher.c
-    Copyright (C) 2007-2013 Guus Sliepen <guus@tinc-vpn.org>
+    Copyright (C) 2007-2016 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -30,7 +30,6 @@ typedef struct cipher cipher_t;
 
 extern cipher_t *cipher_open_by_name(const char *) __attribute__ ((__malloc__));
 extern cipher_t *cipher_open_by_nid(int) __attribute__ ((__malloc__));
-extern cipher_t *cipher_open_blowfish_ofb(void) __attribute__ ((__malloc__));
 extern void cipher_close(cipher_t *);
 extern size_t cipher_keylength(const cipher_t *);
 extern size_t cipher_blocksize(const cipher_t *);

diff --git a/src/digest.h b/src/digest.h
index 204048adeec79562865eb7302ee56f1073d20f55..a3691bf05b8cd4591f3dfb696f2ac3f6ee31f2c5 100644 (file)
--- a/src/digest.h
+++ b/src/digest.h
@@ -1,6 +1,6 @@
 /*
     digest.h -- header file digest.c
-    Copyright (C) 2007-2013 Guus Sliepen <guus@tinc-vpn.org>
+    Copyright (C) 2007-2016 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -28,7 +28,6 @@ typedef struct digest digest_t;
 
 extern digest_t *digest_open_by_name(const char *name, int maclength) __attribute__ ((__malloc__));
 extern digest_t *digest_open_by_nid(int nid, int maclength) __attribute__ ((__malloc__));
-extern digest_t *digest_open_sha1(int maclength) __attribute__ ((__malloc__));
 extern void digest_close(digest_t *);
 extern bool digest_create(digest_t *, const void *indata, size_t inlen, void *outdata) __attribute__ ((__warn_unused_result__));
 extern bool digest_verify(digest_t *, const void *indata, size_t inlen, const void *digestdata) __attribute__ ((__warn_unused_result__));

diff --git a/src/net_setup.c b/src/net_setup.c
index b0a0c953a9acc4c2510efcfcc58fd846cac4903d..9293c1189bd014d576d62c2e79113fb2edca4895 100644 (file)
--- a/src/net_setup.c
+++ b/src/net_setup.c
@@ -857,7 +857,7 @@ static bool setup_myself(void) {
        /* Generate packet encryption key */
 
        if(!get_config_string(lookup_config(config_tree, "Cipher"), &cipher))
-               cipher = xstrdup("blowfish");
+               cipher = xstrdup("aes-256-cbc");
 
        if(!strcasecmp(cipher, "none")) {
                myself->incipher = NULL;
@@ -881,7 +881,7 @@ static bool setup_myself(void) {
        }
 
        if(!get_config_string(lookup_config(config_tree, "Digest"), &digest))
-               digest = xstrdup("sha1");
+               digest = xstrdup("sha256");
 
        if(!strcasecmp(digest, "none")) {
                myself->indigest = NULL;

diff --git a/src/openssl/cipher.c b/src/openssl/cipher.c
index ae9640f0d6b5ed6f59ebcac50aa6f7412bab8bd5..17ad408b317dd7465eb576c06c28040aa7708f33 100644 (file)
--- a/src/openssl/cipher.c
+++ b/src/openssl/cipher.c
@@ -1,6 +1,6 @@
 /*
     cipher.c -- Symmetric block cipher handling
-    Copyright (C) 2007-2013 Guus Sliepen <guus@tinc-vpn.org>
+    Copyright (C) 2007-2016 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -62,10 +62,6 @@ cipher_t *cipher_open_by_nid(int nid) {
        return cipher_open(evp_cipher);
 }
 
-cipher_t *cipher_open_blowfish_ofb(void) {
-       return cipher_open(EVP_bf_ofb());
-}
-
 void cipher_close(cipher_t *cipher) {
        if(!cipher)
                return;

diff --git a/src/openssl/digest.c b/src/openssl/digest.c
index c303785dfd712047fe81316a105d67b10d018d73..58ca167f309b5329375ee3ff204a65c05260f55d 100644 (file)
--- a/src/openssl/digest.c
+++ b/src/openssl/digest.c
@@ -1,6 +1,6 @@
 /*
     digest.c -- Digest handling
-    Copyright (C) 2007-2013 Guus Sliepen <guus@tinc-vpn.org>
+    Copyright (C) 2007-2016 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -64,10 +64,6 @@ digest_t *digest_open_by_nid(int nid, int maclength) {
        return digest_open(evp_md, maclength);
 }
 
-digest_t *digest_open_sha1(int maclength) {
-       return digest_open(EVP_sha1(), maclength);
-}
-
 bool digest_set_key(digest_t *digest, const void *key, size_t len) {
        digest->key = xrealloc(digest->key, len);
        memcpy(digest->key, key, len);

diff --git a/src/protocol_auth.c b/src/protocol_auth.c
index 31b1f1e7253964929973a29a523595d1cd97d8e6..aee5736af6db5e5ecbceedaf64c2469e29677023 100644 (file)
--- a/src/protocol_auth.c
+++ b/src/protocol_auth.c
@@ -1,7 +1,7 @@
 /*
     protocol_auth.c -- handle the meta-protocol, authentication
     Copyright (C) 1999-2005 Ivo Timmermans,
-                  2000-2014 Guus Sliepen <guus@tinc-vpn.org>
+                  2000-2016 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -421,10 +421,22 @@ bool send_metakey(connection_t *c) {
        if(!read_rsa_public_key(c))
                return false;
 
-       if(!(c->outcipher = cipher_open_blowfish_ofb()))
+       /* We need to use a stream mode for the meta protocol. Use AES for this,
+          but try to match the key size with the one from the cipher selected
+          by Cipher.
+       */
+
+       int keylen = cipher_keylength(myself->incipher);
+       if(keylen <= 16)
+               c->outcipher = cipher_open_by_name("aes-128-cfb");
+       else if(keylen <= 24)
+               c->outcipher = cipher_open_by_name("aes-192-cfb");
+       else
+               c->outcipher = cipher_open_by_name("aes-256-cfb");
+       if(!c)
                return false;
 
-       if(!(c->outdigest = digest_open_sha1(-1)))
+       if(!(c->outdigest = digest_open_by_name("sha256", -1)))
                return false;
 
        const size_t len = rsa_size(c->rsa);