TunnelBlick 4.0.0 - asking for passphrase with openssl 3.0.13 but no passphrase is required

[davidef]

Describe the bug
After updating to 4.0.0 we are unable to connect with openvpn 2.6.9 with openssl 3.0.13 because tunnelblick is asking for a not required passphrase. Switching to openvpn 2.6.9 with openssl 1.1.1w (in tunnelblick 4.0.0) it connect fine.
Is passphrase now mandatory with openssl ?

Expected behavior
No passphrase is requested.

tunnelblick.txt

[Amr3zzat]

I had the same issue I had to downgrade to 3.8 version to fix this issue I tried to enter empty passphrase but not working

[jkbullard]

Thanks, @davidef, for reporting the problem and including the Diagnostic Info.

I don't see how a passphrase could be required; it's probably a bug in Tunnelblick, or in OpenVPN's interface with OpenSSL 3.

[jkbullard]

@Amr3zzat, thanks for reporting the problem. Did you try Tunnelblick 4 using OpenVPN 2.6.9 with OpenSSL 1.1.1w?

[davidef]

@jkbullard as wrote above with OpenVPN 2.6.9 with OpenSSL 1.1.1w it works. The issue is only with openssl 3.0.13

[jkbullard]

@Amr3zzat - Please post the Diagnostic Info with the Tunnelblick 4 using OpenVPN 2.6.9 with OpenSSL 3.0.13 (which will fail).

[jkbullard]

@Amr3zzat - You can follow the instructions at Before You Post About a Problem.

[davidef]

@jkbullard My log for the issue is already attached to the first post. In the passphrase popup we can only cancel it to continue as no passphrase is needed and empty is not accepted.

[jkbullard]

@davidef - Thanks, but I wasn't asking you, I was asking @Amr3zzat, both for the diagnostic info, and asking about trying it with OpenSSL 1.1.1w. I had no questions for you because your report was very complete!

(That's what the "@xxxxx" is for: directing a comment/question to a particular person.)

[jkbullard]

Everyone with this problem: If you could post the Diagnostic Info after enabling extra logging, that would be very helpful.

To enable extra logging for this problem, please copy/paste the following into /Applications/Utilities/Terminal:

defaults write net.tunnelblick.tunnelblick DB-AU -bool yes

Then try to connect, disconnect, and get the Diagnostic Info again.

You can then disable the extra logging by copy/pasting:

defaults delete net.tunnelblick.tunnelblick DB-AU

[jkbullard]

There is a relevant comment on the Tunnelblick Discussion Group by Andrew. Here is a copy for those who do not want to use Google websites:

It's worth noting that this error (OpenSSL unsupported RC2-40-CBC) and the repeated passphrase prompts can occur even when the server and all of the certs/keys use proper ciphers, but the PKCS#12 bundle containing the certs & keys uses legacy ciphers. This behavior also occurs with GUI frontends on other platforms, including the Windows OpenVPN GUI and the GNOME Network Manager plugin. And on all of these, you have no indication what the real problem is until you check the log...

Notably, the default .p12 output of all OpenSSL versions except OpenSSL 3 (OpenSSL <= 1.1, LibreSSL, etc.) uses legacy ciphers RC2-40/3DES/SHA1 which OpenSSL 3 refuses to load without the -legacy option. It is possible to generate an OpenSSL 3-compliant .p12 bundle on OpenSSL 1.1 with the appropriate options; I submitted such a patch to EasyRSA. (It's been merged but not yet included in any release.)

This was the case in my setup and after I created a new .p12 file with the same contents but using AES-256/SHA256 it now works with OpenVPN 2.6 + OpenSSL 3.

A workaround is to extract the certs & keys and use the appropriate separate config file options (ca, cert, key instead of p12). But as you say, it's really up to the server administrator to supply clients with compatible credentials.

[davidef]

@jkbullard Thank you for the feedback we inlined the certificate and private key as it now works. I think it will be helpful to include the p12 legacy ciphers note by Andrew also here: https://tunnelblick.net/cTunnelblick4.html

[jkbullard]

It was actually Andrew who provided the critical comment!

[Amr3zzat]

@jkbullard Thanks for your feedback When I switched to 2.6.9 with openssl 1.1.1w, It connects fine

[jkbullard]

@Amr3zzat - You're welcome. But it's important that you – and everyone else unable to use the version of OpenVPN/OpenSSL that Tunnelblick chooses by default – update your VPN setup; see Tunnelblick 4 for details.

[everlof]

If you want to use the latest version of OpenSSL but don't have a p12, convert it using this:

openssl pkcs12 -in original.p12 -out keycerts.pem -nodes
openssl pkcs12 -export -in keycerts.pem -out new.p12 -macalg sha256 -keypbe AES-256-CBC -certpbe AES-256-CBC -iter 2048

To verify that your p12 is a problem, this should output "Error outputting keys and certificates":

openssl pkcs12 -noout -info -in .../.p12

and:

openssl pkcs12 -noout -info -in .../.p12 -legacy

should output:

MAC: sha1, Iteration 2048
MAC length: 20, salt length: 8
PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 2048
Certificate bag
Certificate bag
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048

After converting it should output:

MAC: sha256, Iteration 2048
MAC length: 32, salt length: 8
PKCS7 Encrypted data: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048
Certificate bag
Certificate bag
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048