tinc/debian/patches/alt-ciphersuite/0009-Make-the-ExperimentalProtocol-option-obsolete.patch
lagertonne d787d2479a
All checks were successful
continuous-integration/drone/push Build is passing
Add patches for alternative ciphersuite
2022-04-25 13:11:44 +02:00

230 lines
10 KiB
Diff

From 4e64f72feb99b7933e907fb0fab93368749db779 Mon Sep 17 00:00:00 2001
From: Guus Sliepen <guus@tinc-vpn.org>
Date: Sun, 22 Aug 2021 22:44:04 +0200
Subject: [PATCH 09/10] Make the ExperimentalProtocol option obsolete.
Remove mentions of it from the documentation, but keep supporting the
option for now, as this makes it easier to test compatibility with the
legacy protocol.
---
README.md | 8 ++++----
doc/tinc.conf.5.in | 18 +++---------------
doc/tinc.texi | 21 ++++++---------------
src/tincctl.c | 2 +-
test/integration/algorithms.py | 4 ++--
test/integration/legacy_protocol.py | 4 ++--
test/integration/splice.py | 4 ++--
7 files changed, 20 insertions(+), 41 deletions(-)
diff --git a/README.md b/README.md
index 11129f79..9e3a64a4 100644
--- a/README.md
+++ b/README.md
@@ -55,12 +55,12 @@ versions, the security might only be as good as that of the oldest version.
## Compatibility
-Version 1.1pre18 is compatible with 1.0pre8, 1.0 and later, but not with older
+Version 1.1pre18 is compatible with 1.0 and later, but not with older
versions of tinc.
-When the ExperimentalProtocol option is used, tinc is still compatible with
-1.0.X, 1.1pre11 and later, but not with any version between 1.1pre1 and
-1.1pre10.
+Note that this pre-release version of tinc 1.1 might be incompatible with older
+pre-release versions as the new cryptographic protocol might still undergo
+changes.
## Requirements
diff --git a/doc/tinc.conf.5.in b/doc/tinc.conf.5.in
index 0cfdd089..a5a56ed5 100644
--- a/doc/tinc.conf.5.in
+++ b/doc/tinc.conf.5.in
@@ -287,15 +287,6 @@ When combined with the IndirectData option,
packets for nodes for which we do not have a meta connection with are also dropped.
.It Va Ed25519PrivateKeyFile Li = Ar filename Po Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /ed25519_key.priv Pc
The file in which the private Ed25519 key of this tinc daemon resides.
-This is only used if
-.Va ExperimentalProtocol
-is enabled.
-.It Va ExperimentalProtocol Li = yes | no Pq yes
-When this option is enabled, the SPTPS protocol will be used when connecting to nodes that also support it.
-Ephemeral ECDH will be used for key exchanges,
-and Ed25519 will be used instead of RSA for authentication.
-When enabled, an Ed25519 key must have been generated before with
-.Nm tinc generate-ed25519-keys .
.It Va Forwarding Li = off | internal | kernel Po internal Pc Bq experimental
This option selects the way indirect packets are forwarded.
.Bl -tag -width indent
@@ -569,8 +560,7 @@ Furthermore, specifying
.Qq none
will turn off packet encryption.
It is best to use only those ciphers which support CBC mode.
-This option has no effect for connections between nodes using
-.Va ExperimentalProtocol .
+This option only affects communication using the legacy protocol.
.It Va ClampMSS Li = yes | no Pq yes
This option specifies whether tinc should clamp the maximum segment size (MSS)
of TCP packets to the path MTU. This helps in situations where ICMP
@@ -585,8 +575,7 @@ Any digest supported by LibreSSL or OpenSSL is recognised.
Furthermore, specifying
.Qq none
will turn off packet authentication.
-This option has no effect for connections between nodes using
-.Va ExperimentalProtocol .
+This option only affects communication using the legacy protocol.
.It Va IndirectData Li = yes | no Pq no
When set to yes, only nodes which already have a meta connection to you
will try to establish direct communication with you.
@@ -596,8 +585,7 @@ The length of the message authentication code used to authenticate UDP packets.
Can be anything from
.Qq 0
up to the length of the digest produced by the digest algorithm.
-This option has no effect for connections between nodes using
-.Va ExperimentalProtocol .
+This option only affects communication using the legacy protocol.
.It Va PMTU Li = Ar mtu Po 1514 Pc
This option controls the initial path MTU to this node.
.It Va PMTUDiscovery Li = yes | no Po yes Pc
diff --git a/doc/tinc.texi b/doc/tinc.texi
index ab3dca23..c1e62a52 100644
--- a/doc/tinc.texi
+++ b/doc/tinc.texi
@@ -1025,15 +1025,6 @@ packets for nodes for which we do not have a meta connection with are also dropp
@cindex Ed25519PrivateKeyFile
@item Ed25519PrivateKeyFile = <@var{path}> (@file{@value{sysconfdir}/tinc/@var{netname}/ed25519_key.priv})
The file in which the private Ed25519 key of this tinc daemon resides.
-This is only used if ExperimentalProtocol is enabled.
-
-@cindex ExperimentalProtocol
-@item ExperimentalProtocol = <yes|no> (yes)
-When this option is enabled, the SPTPS protocol will be used when connecting to nodes that also support it.
-Ephemeral ECDH will be used for key exchanges,
-and Ed25519 will be used instead of RSA for authentication.
-When enabled, an Ed25519 key must have been generated before with
-@command{tinc generate-ed25519-keys}.
@cindex Forwarding
@item Forwarding = <off|internal|kernel> (internal) [experimental]
@@ -1333,7 +1324,7 @@ The symmetric cipher algorithm used to encrypt UDP packets using the legacy prot
Any cipher supported by LibreSSL or OpenSSL is recognized.
Furthermore, specifying @samp{none} will turn off packet encryption.
It is best to use only those ciphers which support CBC mode.
-This option has no effect for connections using the SPTPS protocol, which always use AES-256-CTR.
+This option only affects communication using the legacy protocol.
@cindex ClampMSS
@item ClampMSS = <yes|no> (yes)
@@ -1352,7 +1343,7 @@ Possible values are 0 (off), 1 (fast zlib) and any integer up to 9 (best zlib),
The digest algorithm used to authenticate UDP packets using the legacy protocol.
Any digest supported by LibreSSL or OpenSSL is recognized.
Furthermore, specifying @samp{none} will turn off packet authentication.
-This option has no effect for connections using the SPTPS protocol, which always use HMAC-SHA-256.
+This option only affects communication using the legacy protocol.
@cindex IndirectData
@item IndirectData = <yes|no> (no)
@@ -1365,7 +1356,7 @@ It is best to leave this option out or set it to no.
The length of the message authentication code used to authenticate UDP packets using the legacy protocol.
Can be anything from 0
up to the length of the digest produced by the digest algorithm.
-This option has no effect for connections using the SPTPS protocol, which never truncate MACs.
+This option only affects communication using the legacy protocol.
@cindex PMTU
@item PMTU = <@var{mtu}> (1514)
@@ -3030,9 +3021,9 @@ Therefore, tinc also authenticates the data.
Finally, tinc uses sequence numbers (which themselves are also authenticated) to prevent an attacker from replaying valid packets.
Since version 1.1pre3, tinc has two protocols used to protect your data; the legacy protocol, and the new Simple Peer-to-Peer Security (SPTPS) protocol.
-The SPTPS protocol is designed to address some weaknesses in the legacy protocol.
-The new authentication protocol is used when two nodes connect to each other that both have the ExperimentalProtocol option set to yes,
-otherwise the legacy protocol will be used.
+The SPTPS protocol is designed to address some weaknesses in the legacy protocol,
+and is used automatically if both sides support it.
+Once two nodes have connected with the new protocol, rollback to the legacy protocol is not allowed.
@menu
* Legacy authentication protocol::
diff --git a/src/tincctl.c b/src/tincctl.c
index 9b39f2ce..2032b33a 100644
--- a/src/tincctl.c
+++ b/src/tincctl.c
@@ -1651,7 +1651,7 @@ const var_t variables[] = {
{"DeviceType", VAR_SERVER},
{"DirectOnly", VAR_SERVER | VAR_SAFE},
{"Ed25519PrivateKeyFile", VAR_SERVER},
- {"ExperimentalProtocol", VAR_SERVER},
+ {"ExperimentalProtocol", VAR_SERVER | VAR_OBSOLETE},
{"Forwarding", VAR_SERVER},
{"FWMark", VAR_SERVER},
{"GraphDumpFile", VAR_SERVER | VAR_OBSOLETE},
diff --git a/test/integration/algorithms.py b/test/integration/algorithms.py
index b056c7d5..52e0f820 100755
--- a/test/integration/algorithms.py
+++ b/test/integration/algorithms.py
@@ -23,7 +23,7 @@ def init(ctx: Test, digest: str, cipher: str) -> T.Tuple[Tinc, Tinc]:
set Digest {digest}
set Cipher {cipher}
"""
- foo.cmd(stdin=stdin)
+ foo.cmd("--force", stdin=stdin)
foo.start()
stdin = f"""
@@ -35,7 +35,7 @@ def init(ctx: Test, digest: str, cipher: str) -> T.Tuple[Tinc, Tinc]:
set Digest {digest}
set Cipher {cipher}
"""
- bar.cmd(stdin=stdin)
+ bar.cmd("--force", stdin=stdin)
foo.add_script(bar.script_up)
bar.add_script(foo.script_up)
diff --git a/test/integration/legacy_protocol.py b/test/integration/legacy_protocol.py
index 845ac345..f7ab1bd2 100755
--- a/test/integration/legacy_protocol.py
+++ b/test/integration/legacy_protocol.py
@@ -73,14 +73,14 @@ with Test("foo 1.1, bar 1.1") as context:
with Test("foo 1.1, bar 1.0") as context:
foo_node, bar_node = init(context)
- bar_node.cmd("set", "ExperimentalProtocol", "no")
+ bar_node.cmd("--force", "set", "ExperimentalProtocol", "no")
foo_node.cmd("del", f"{bar_node}.Ed25519PublicKey")
bar_node.cmd("del", f"{foo_node}.Ed25519PublicKey")
run_keys_test(foo_node, bar_node, empty=True)
with Test("bar 1.0 must not be allowed to connect") as context:
foo_node, bar_node = init(context)
- bar_node.cmd("set", "ExperimentalProtocol", "no")
+ bar_node.cmd("--force", "set", "ExperimentalProtocol", "no")
bar_up = bar_node.add_script(Script.SUBNET_UP)
bar_node.cmd("start")
diff --git a/test/integration/splice.py b/test/integration/splice.py
index 578845fb..868ffbc3 100755
--- a/test/integration/splice.py
+++ b/test/integration/splice.py
@@ -28,7 +28,7 @@ def init(ctx: Test, *options: str) -> T.Tuple[Tinc, Tinc]:
set Subnet 10.96.96.1
{custom}
"""
- foo.cmd(stdin=stdin)
+ foo.cmd("--force", stdin=stdin)
stdin = f"""
init {bar}
@@ -39,7 +39,7 @@ def init(ctx: Test, *options: str) -> T.Tuple[Tinc, Tinc]:
set Subnet 10.96.96.2
{custom}
"""
- bar.cmd(stdin=stdin)
+ bar.cmd("--force", stdin=stdin)
foo.add_script(Script.SUBNET_UP)
bar.add_script(Script.SUBNET_UP)
--
2.36.0