strongswan: drop deprecated crypto protocols#29547
Conversation
|
cc: @lucize |
|
Don't do that. It will break all sorts of things.
…On May 24, 2026 7:57:37 PM UTC, Philip Prindeville ***@***.***> wrote:
## 📦 Package Details
**Maintainer:** me, @Thermi
**Description:**
AEAD, CCM, MD4, and MS CHAP v2 are all deprecated due to insecurity.
---
## 🧪 Run Testing Details
- **OpenWrt Version:** HEAD
- **OpenWrt Target/Subtarget:** x86_64/generic
- **OpenWrt Device:** pc-engines-apu6
---
## ✅ Formalities
- [X] I have reviewed the [CONTRIBUTING.md](https://github.com/openwrt/packages/blob/master/CONTRIBUTING.md) file for detailed contributing guidelines.
### If your PR contains a patch:
- [X] It can be applied using `git am`
- [X] It has been refreshed to avoid offsets, fuzzes, etc., using
- [X] It is structured in a way that it is potentially upstreamable
You can view, comment on, or merge this pull request online at:
#29547
-- Commit Summary --
* strongswan: drop deprecated crypto protocols
-- File Changes --
M net/strongswan/Makefile (12)
-- Patch Links --
https://github.com/openwrt/packages/pull/29547.patch
https://github.com/openwrt/packages/pull/29547.diff
--
Reply to this email directly or view it on GitHub:
#29547
You are receiving this because you were mentioned.
Message ID: ***@***.***>
--
Sent from mobile. Please excuse any typos or brevity
|
|
@Thermi: Uhh... which and what will it break? |
|
Md4 and eap-mschapv2 will break pw based authentication for users with the native windows von client
Aead will break encryption for users without alternative implementations.
E.g. for systems without openssl
On May 24, 2026 8:56:17 PM UTC, Philip Prindeville ***@***.***> wrote:
pprindeville left a comment (openwrt/packages#29547)
@Thermi: Uhh... which and what will it break?
--
Reply to this email directly or view it on GitHub:
#29547 (comment)
You are receiving this because you were mentioned.
Message ID: ***@***.***>
--
Sent from mobile. Please excuse any typos or brevity
|
|
Yeah, but I'm not comfortable shipping cryptographically insecure protocols. It gives a false sense of security. Literally. |
|
It's not relevant to any attack scenario because it's encrypted with the ephemeral shared key negotiated under pki protection in ike
On May 24, 2026 10:12:20 PM UTC, Philip Prindeville ***@***.***> wrote:
pprindeville left a comment (openwrt/packages#29547)
Yeah, but I'm not comfortable shipping cryptographically insecure protocols. It gives a false sense of security. Literally.
--
Reply to this email directly or view it on GitHub:
#29547 (comment)
You are receiving this because you were mentioned.
Message ID: ***@***.***>
--
Sent from mobile. Please excuse any typos or brevity
|
ee9e935 to
7f55355
Compare
|
Is Windows still shipping CHAP v2? My read was that they encourage everyone to use certificate based EAP. |
7f55355 to
cec73df
Compare
|
@Thermi: Okay, reworked it. if |
|
Similar PR related to libreswan #29313 |
|
Thank you.
Regarding insecurity, it is only usage of ahead via af_alg that is vulnerable. It's not aead itself. So the module should be loaded, but af_alg should not be used or loaded to reduce the attack surface. So we do not need and should not block aead in any way.
I think CCM is the same? It's just because of this in-place encryption bug that it's a problem, is it not?
Then we should also not block it.
CONFIG_STRONGSWAN_INCLUDE_INSECURE should be true by default, otherwise we break user authentication when people upgrade systems. And also existing tutorials will not work for it. Just more work for everybody.
Regarding the whole module disabling thing, why go through the motions at all here?
On May 25, 2026 4:13:26 AM UTC, Philip Prindeville ***@***.***> wrote:
pprindeville left a comment (openwrt/packages#29547)
@Thermi: Okay, reworded it. if `CONFIG_STRONGSWAN_INCLUDE_INSECURE` it set, then `ccm`, `md4`, and `mschapv4` are exposed.
--
Reply to this email directly or view it on GitHub:
#29547 (comment)
You are receiving this because you were mentioned.
Message ID: ***@***.***>
--
Sent from mobile. Please excuse any typos or brevity
|
|
@Thermi: We could also do: per your earlier comment. |
cec73df to
8b84e6c
Compare
|
Casting a wider net. |
|
Whatever works tbh. We just have to reflect somebody might want to only use botan or wolfssl or something instead of openssl.
On May 25, 2026 6:18:47 PM UTC, Philip Prindeville ***@***.***> wrote:
pprindeville left a comment (openwrt/packages#29547)
@Thermi: We could also do:
```
default !PACKAGE_openssl
```
per your earlier comment.
--
Reply to this email directly or view it on GitHub:
#29547 (comment)
You are receiving this because you were mentioned.
Message ID: ***@***.***>
--
Sent from mobile. Please excuse any typos or brevity
|
8b84e6c to
dc36431
Compare
|
Amended to default to |
|
@pprindeville: It is not possible to disable or enable a specified protocol instead all unsecure protocols? |
@Neustradamus: Not sure I understand the question. As my PR is written, if And if you don't enable |
|
@pprindeville: Ok, it is good! :) It will be nice to have same for libreswan! |
AEAD, CCM, MD4, and MS CHAP v2 are all deprecated due to insecurity. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
|
I'll add the version check override commit here. |
dc36431 to
b7c6ae4
Compare
Add version check override script. Signed-off-by: George Sapkin <george@sapk.in>
b7c6ae4 to
95d4405
Compare
📦 Package Details
Maintainer: me, @Thermi
Description:
AEAD, CCM, MD4, and MS CHAP v2 are all deprecated due to insecurity.
🧪 Run Testing Details
✅ Formalities
If your PR contains a patch:
git am