Hello, > On 18 Jan 2019, at 17:35, ummeegge wrote: > > Hi all, > > Am Freitag, den 18.01.2019, 18:06 +0100 schrieb Peter Müller: >> Hello, >> >> just for the records some explanations on this patch: >> (a) Chacha/Poly is faster on devices without built-in AES >> acceleration. >> Since it provides the same strength as AES, I usually prefer it >> except >> for _very_ high bandwidth requirements. >> (b) At the moment, there seems to be little support of AESCCM, so I >> disabled it for now in order to keep our ciphersuite zoo smaller. :-) >> If there is any need to enable it, I will update the patch >> accordingly. > the new OpenSSL has implemented support for five new TLSv1.3 > ciphersuites. We have already three activated (which is the default) > and the other two are CCM mode ciphers --> > https://wiki.openssl.org/index.php/TLS1.3#Ciphersuites > . Am currently not sure about a concrete use case for this but it > appears that e.g. 'TLS_AES_128_CCM_8_SHA256' have a shorter > authentication tag and in combination with a short plaintext the > ciphertext are less than 16 bytes. > --> https://datatracker.ietf.org/meeting/102/agenda/tls-drafts.pdf > which can be in rare use cases (?) nice. > > >> >> I am happy this made its way into IPFire. :-) > Me too :-) . > >> >> Updated add-on versions for Postfix and Tor will come soon, at the >> moment, I am somewhat busy with libloc, Suricata and the ORANGE >> default >> firewall behaviour. > There are some more OpenSSL patches for > > elinks-0.12pre6-openssl11.patch > net-snmp-5.7.3-openssl.patch > openssh-7.8p1-openssl-1.1.0-1.patch > openssl-1.0.0-beta5-enginesdir.patch > openssl-1.0.2a-rpmbuild.patch > openssl-1.0.2a_disable_ssse3_for_amd.patch > openssl-1.0.2g-disable-sslv2v3.patch > ppp-2.4.7-openssl.patch > > as far as i can see openssl-compat has been dropped ? Please send a patch that cleans them up. I suppose we need to keep the patches in delinks, net-snap and ppp so that those packages compile against the new versions of OpenSSL. -Michael > > > Best, > > Erik > >> >> Thanks, and best regards, >> Peter Müller >> >>> >>> Even i use the old patch i am a happy tester with 64 bit since one >>> month + :-). >>> >>> The difference between old and new patch (from Peter) are not that >>> vast >>> and they looks like this: >>> >>> --- OpenSSL-1.1.1a_old_patch 2019-01-13 18:15:33.316651666 >>> +0100 >>> +++ OpenSSL-1.1.1a-new_patch 2019-01-13 18:16:22.008650232 >>> +0100 >>> @@ -1,31 +1,23 @@ >>> -TLS_AES_256_GCM_SHA384 TLSv1.3 >>> Kx=any Au=any Enc=AESGCM(256) Mac=AEAD >>> TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 >>> Kx=any Au=any Enc=CHACHA20/POLY1305(256) Mac=AEAD >>> +TLS_AES_256_GCM_SHA384 TLSv1.3 >>> Kx=any Au=any Enc=AESGCM(256) Mac=AEAD >>> TLS_AES_128_GCM_SHA256 TLSv1.3 >>> Kx=any Au=any Enc=AESGCM(128) Mac=AEAD >>> -ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA >>> Enc=AESGCM(256) Mac=AEAD >>> ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=ECDSA >>> Enc=CHACHA20/POLY1305(256) Mac=AEAD >>> -ECDHE-ECDSA-AES256-CCM8 TLSv1.2 Kx=ECDH Au=ECDSA >>> Enc=AESCCM8(256) Mac=AEAD >>> -ECDHE-ECDSA-AES256-CCM TLSv1.2 Kx=ECDH Au=ECDSA >>> Enc=AESCCM(256) Mac=AEAD >>> +ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA >>> Enc=AESGCM(256) Mac=AEAD >>> ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA >>> Enc=AESGCM(128) Mac=AEAD >>> -ECDHE-ECDSA-AES128-CCM8 TLSv1.2 Kx=ECDH Au=ECDSA >>> Enc=AESCCM8(128) Mac=AEAD >>> -ECDHE-ECDSA-AES128-CCM TLSv1.2 Kx=ECDH Au=ECDSA >>> Enc=AESCCM(128) Mac=AEAD >>> ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA >>> Enc=AES(256) Mac=SHA384 >>> ECDHE-ECDSA-CAMELLIA256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA >>> Enc=Camellia(256) Mac=SHA384 >>> ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA >>> Enc=AES(128) Mac=SHA256 >>> ECDHE-ECDSA-CAMELLIA128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA >>> Enc=Camellia(128) Mac=SHA256 >>> -ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 >>> Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD >>> ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 >>> Kx=ECDH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD >>> +ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 >>> Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD >>> ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 >>> Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD >>> ECDHE-RSA-AES256-SHA384 TLSv1.2 >>> Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384 >>> ECDHE-RSA-CAMELLIA256-SHA384 TLSv1.2 >>> Kx=ECDH Au=RSA Enc=Camellia(256) Mac=SHA384 >>> ECDHE-RSA-AES128-SHA256 TLSv1.2 >>> Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256 >>> ECDHE-RSA-CAMELLIA128-SHA256 TLSv1.2 >>> Kx=ECDH Au=RSA Enc=Camellia(128) Mac=SHA256 >>> -DHE-RSA-AES256-GCM-SHA384 TLSv1.2 >>> Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD >>> DHE-RSA-CHACHA20-POLY1305 TLSv1.2 >>> Kx=DH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD >>> -DHE-RSA-AES256-CCM8 TLSv1.2 >>> Kx=DH Au=RSA Enc=AESCCM8(256) Mac=AEAD >>> -DHE-RSA-AES256-CCM TLSv1.2 >>> Kx=DH Au=RSA Enc=AESCCM(256) Mac=AEAD >>> +DHE-RSA-AES256-GCM-SHA384 TLSv1.2 >>> Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD >>> DHE-RSA-AES128-GCM-SHA256 TLSv1.2 >>> Kx=DH Au=RSA Enc=AESGCM(128) Mac=AEAD >>> -DHE-RSA-AES128-CCM8 TLSv1.2 >>> Kx=DH Au=RSA Enc=AESCCM8(128) Mac=AEAD >>> -DHE-RSA-AES128-CCM TLSv1.2 >>> Kx=DH Au=RSA Enc=AESCCM(128) Mac=AEAD >>> DHE-RSA-AES256-SHA256 TLSv1.2 >>> Kx=DH Au=RSA Enc=AES(256) Mac=SHA256 >>> DHE-RSA-CAMELLIA256-SHA256 TLSv1.2 >>> Kx=DH Au=RSA Enc=Camellia(256) Mac=SHA256 >>> DHE-RSA-AES128-SHA256 TLSv1.2 >>> Kx=DH Au=RSA Enc=AES(128) Mac=SHA256 >>> @@ -37,14 +29,9 @@ >>> DHE-RSA-AES256-SHA SSLv3 >>> Kx=DH Au=RSA Enc=AES(256) Mac=SHA1 >>> DHE-RSA-CAMELLIA256-SHA SSLv3 >>> Kx=DH Au=RSA Enc=Camellia(256) Mac=SHA1 >>> DHE-RSA-AES128-SHA SSLv3 >>> Kx=DH Au=RSA Enc=AES(128) Mac=SHA1 >>> -DHE-RSA-SEED-SHA SSLv3 Kx=DH Au=RSA Enc=SEED(128) >>> Mac=SHA1 >>> DHE-RSA-CAMELLIA128-SHA SSLv3 >>> Kx=DH Au=RSA Enc=Camellia(128) Mac=SHA1 >>> AES256-GCM-SHA384 TLSv1.2 >>> Kx=RSA Au=RSA Enc=AESGCM(256) Mac=AEAD >>> -AES256-CCM8 TLSv1.2 >>> Kx=RSA Au=RSA Enc=AESCCM8(256) Mac=AEAD >>> -AES256-CCM TLSv1.2 >>> Kx=RSA Au=RSA Enc=AESCCM(256) Mac=AEAD >>> AES128-GCM-SHA256 TLSv1.2 >>> Kx=RSA Au=RSA Enc=AESGCM(128) Mac=AEAD >>> -AES128-CCM8 TLSv1.2 >>> Kx=RSA Au=RSA Enc=AESCCM8(128) Mac=AEAD >>> -AES128-CCM TLSv1.2 >>> Kx=RSA Au=RSA Enc=AESCCM(128) Mac=AEAD >>> AES256-SHA256 TLSv1.2 >>> Kx=RSA Au=RSA Enc=AES(256) Mac=SHA256 >>> CAMELLIA256-SHA256 TLSv1.2 >>> Kx=RSA Au=RSA Enc=Camellia(256) Mac=SHA256 >>> AES128-SHA256 TLSv1.2 >>> Kx=RSA Au=RSA Enc=AES(128) Mac=SHA256 >>> >>> So mostly changes are causing by the disabled AES-CCM. >>> >>> Best, >>> >>> Erik >> >> >