OpenVPN / openvpn

OpenVPN is an open source VPN daemon
http://openvpn.net
Other
11k stars 3.01k forks source link

2.6.4: ERROR: failed to read OpenVPN tls-crypt-v2 server key file (keys/myserver.tls-crypt-v2.key) ERROR: invalid tls-crypt-v2 server key format #366

Open mmokrejs opened 1 year ago

mmokrejs commented 1 year ago

Hi, I am trying to setup tls-crypt-v2 but the server complain about the key being wrong, somehow. I used easy-rsa3 and easy-tls to generate one but they look same even under od -c, where = and \n chars are in same positions. Also the header lines are exactly same. I haven't found which cipher is used to generate them. Could it be the cipher got removed in recen openssl libs? It should be specified in the description line of the key, IMO.

I tried both approaches:

openvpn --genkey tls-crypt-v2-server myserver.tls-crypt-v2.key
easytls build-tls-crypt-v2-server myserver.domainname 
Jul 16 18:51:46 myserver openvpn[20021]: OpenVPN 2.6.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Jul 16 18:51:46 myserver openvpn[20021]: library versions: OpenSSL 1.1.1q  5 Jul 2022, LZO 2.10
Jul 16 18:51:46 myserver openvpn[20024]: WARNING: you are using user/group/chroot/setcon without persist-tun -- this may cause restarts to fail
Jul 16 18:51:46 myserver openvpn[20024]: WARNING: you are using user/group/chroot/setcon without persist-key -- this may cause restarts to fail
Jul 16 18:51:46 myserver openvpn[20024]: Diffie-Hellman initialized with 4096 bit key
Jul 16 18:51:46 myserver openvpn[20024]: tls-crypt-v2 server key: Cipher 'AES-256-CTR' initialized with 256 bit key
Jul 16 18:51:46 myserver openvpn[20024]: tls-crypt-v2 server key: Using 256 bit message hash 'SHA256' for HMAC authentication
Jul 16 18:51:46 myserver openvpn[20024]: TLS-Auth MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]

...

Jul 16 18:54:40 myserver openvpn[20024]: Control Channel: using tls-crypt-v2 key
Jul 16 18:54:40 myserver openvpn[20024]: Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Jul 16 18:54:40 myserver openvpn[20024]: Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Jul 16 18:54:40 myserver openvpn[20024]: Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Jul 16 18:54:40 myserver openvpn[20024]: Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Jul 16 18:54:40 myserver openvpn[20024]: Connection Attempt Control Channel: using tls-crypt-v2 key
Jul 16 18:54:40 myserver openvpn[20024]: Connection Attempt Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Jul 16 18:54:40 myserver openvpn[20024]: Connection Attempt Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Jul 16 18:54:40 myserver openvpn[20024]: Connection Attempt Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Jul 16 18:54:40 myserver openvpn[20024]: Connection Attempt Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Jul 16 18:54:40 myserver openvpn[20024]: Connection Attempt MULTI: multi_create_instance called
Jul 16 18:54:40 myserver openvpn[20024]: xx.xx.xx.xx:58184 Re-using SSL/TLS context
Jul 16 18:54:40 myserver openvpn[20024]: xx.xx.xx.xx:58184 ERROR: failed to read OpenVPN tls-crypt-v2 server key file (keys/myserver.domainname-tls-crypt-v2.key)
Jul 16 18:54:40 myserver openvpn[20024]: xx.xx.xx.xx:58184 ERROR: invalid tls-crypt-v2 server key format
Jul 16 18:54:40 myserver openvpn[20024]: xx.xx.xx.xx:58184 Exiting due to fatal error

Client receives only:

... read UDPv4 [ECONNREFUSED]: Connection refused (fd=4,code=111)

Initially I thought that openvpn does not follow symlinks to the keys but even when full path is specified, the error is same.

At least the error should appear immediately upon startup and not only after a client connects.

mmokrejs commented 1 year ago

I got assumingly past this error by chown openvn.openvn of the key file, seems it was a permissions error. Please install some checks in the code in the server so that it fails clearly of it cannot read a file with a Permission denied error.

Jul 16 20:15:48 myserver openvpn[22815]: Control Channel: using tls-crypt-v2 key
Jul 16 20:15:48 myserver openvpn[22815]: tls_crypt_v2_unwrap_client_key: client key authentication error
Jul 16 20:15:48 myserver openvpn[22815]: Can not unwrap tls-crypt-v2 client key
Jul 16 20:15:48 myserver openvpn[22815]: TLS Error: can not extract tls-crypt-v2 client key from [AF_INET]client1_ip:56872 (via [AF_INET]myserver_ip%enp0s3)

Likewise it affect clients, seems client also could not read its own file, as again chown openvn.openvn on client side moved me further:

Jul 16 20:20:12 myserver openvpn[22815]: Control Channel: using tls-crypt-v2 key
Jul 16 20:20:12 myserver openvpn[22815]: Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Jul 16 20:20:12 myserver openvpn[22815]: Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Jul 16 20:20:12 myserver openvpn[22815]: Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Jul 16 20:20:12 myserver openvpn[22815]: Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Jul 16 20:20:12 myserver openvpn[22815]: Connection Attempt Control Channel: using tls-crypt-v2 key
Jul 16 20:20:12 myserver openvpn[22815]: Connection Attempt Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Jul 16 20:20:12 myserver openvpn[22815]: Connection Attempt Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Jul 16 20:20:12 myserver openvpn[22815]: Connection Attempt Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Jul 16 20:20:12 myserver openvpn[22815]: Connection Attempt Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Jul 16 20:20:12 myserver openvpn[22815]: Connection Attempt MULTI: multi_create_instance called
Jul 16 20:20:12 myserver openvpn[22815]: client1_ip:43502 Re-using SSL/TLS context
Jul 16 20:20:12 myserver openvpn[22815]: client1_ip:43502 tls-crypt-v2 server key: Cipher 'AES-256-CTR' initialized with 256 bit key
Jul 16 20:20:12 myserver openvpn[22815]: client1_ip:43502 tls-crypt-v2 server key: Using 256 bit message hash 'SHA256' for HMAC authentication
Jul 16 20:20:12 myserver openvpn[22815]: client1_ip:43502 Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]
Jul 16 20:20:12 myserver openvpn[22815]: client1_ip:43502 Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
Jul 16 20:20:12 myserver openvpn[22815]: client1_ip:43502 Control Channel: using tls-crypt-v2 key
Jul 16 20:20:12 myserver openvpn[22815]: client1_ip:43502 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Jul 16 20:20:12 myserver openvpn[22815]: client1_ip:43502 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Jul 16 20:20:12 myserver openvpn[22815]: client1_ip:43502 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Jul 16 20:20:12 myserver openvpn[22815]: client1_ip:43502 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Jul 16 20:20:12 myserver openvpn[22815]: client1_ip:43502 VERIFY OK: depth=1, CN=myserver.somedomain
Jul 16 20:20:12 myserver openvpn[22815]: client1_ip:43502 VERIFY OK: depth=0, CN=client1.somedomain
Jul 16 20:20:12 myserver openvpn[22815]: client1_ip:43502 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305
Jul 16 20:20:12 myserver openvpn[22815]: client1_ip:43502 peer info: IV_PROTO=746
Jul 16 20:20:12 myserver openvpn[22815]: client1_ip:43502 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
Jul 16 20:20:12 myserver openvpn[22815]: client1_ip:43502 TLS: tls_multi_process: initial untrusted session promoted to trusted
Jul 16 20:20:12 myserver openvpn[22815]: client1_ip:43502 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 521 bit EC, curve secp521r1, signature: ecdsa-with-SHA512
Jul 16 20:20:12 myserver openvpn[22815]: client1_ip:43502 [client1.somedomain] Peer Connection Initiated with [AF_INET]client1_ip:43502 (via [AF_INET]server_ip%enp0s3)
Jul 16 20:20:12 myserver openvpn[22815]: client1.somedomain/client1_ip:43502 MULTI_sva: pool returned IPv4=192.168.252.2, IPv6=(Not enabled)
Jul 16 20:20:12 myserver openvpn[22815]: client1.somedomain/client1_ip:43502 MULTI: Learn: 192.168.252.2 -> client1.somedomain/client1_ip:43502
Jul 16 20:20:12 myserver openvpn[22815]: client1.somedomain/client1_ip:43502 MULTI: primary virtual IP for client1.somedomain/client1_ip:43502: 192.168.252.2
Jul 16 20:20:12 myserver openvpn[22815]: client1.somedomain/client1_ip:43502 Data Channel MTU parms [ mss_fix:1400 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
Jul 16 20:20:12 myserver openvpn[22815]: client1.somedomain/client1_ip:43502 Outgoing dynamic tls-crypt: Cipher 'AES-256-CTR' initialized with 256 bit key
Jul 16 20:20:12 myserver openvpn[22815]: client1.somedomain/client1_ip:43502 Outgoing dynamic tls-crypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Jul 16 20:20:12 myserver openvpn[22815]: client1.somedomain/client1_ip:43502 Incoming dynamic tls-crypt: Cipher 'AES-256-CTR' initialized with 256 bit key
Jul 16 20:20:12 myserver openvpn[22815]: client1.somedomain/client1_ip:43502 Incoming dynamic tls-crypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Jul 16 20:20:12 myserver openvpn[22815]: client1.somedomain/client1_ip:43502 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Jul 16 20:20:12 myserver openvpn[22815]: client1.somedomain/client1_ip:43502 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Jul 16 20:20:13 myserver openvpn[22815]: client1.somedomain/client1_ip:43502 Data Channel: cipher 'AES-256-GCM', peer-id: 0
Jul 16 20:20:13 myserver openvpn[22815]: client1.somedomain/client1_ip:43502 Timers: ping 60, ping-restart 1200
Jul 16 20:20:13 myserver openvpn[22815]: client1.somedomain/client1_ip:43502 Protocol options: explicit-exit-notify 1, protocol-flags cc-exit tls-ekm dyn-tls-crypt
Jul 16 20:20:22 myserver openvpn[22815]: client1.somedomain/client1_ip:43502 AEAD Decrypt error: cipher final failed
Jul 16 20:20:32 myserver openvpn[22815]: client1.somedomain/client1_ip:43502 AEAD Decrypt error: cipher final failed

Could the issue be that the server thinks TLS connection uses AES-256-CTR whereas client says AES-256-GCM?

Server has openssl-1.1.1q while client has openssl-3.1.1-r1.

Jul 16 21:24:14 myserver openvpn[25004]: OpenVPN 2.6.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Jul 16 21:24:14 myserver openvpn[25004]: library versions: OpenSSL 1.1.1q  5 Jul 2022, LZO 2.10
Jul 16 21:26:01 client1 openvpn[53866]: OpenVPN 2.6.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Jul 16 21:26:01 client1 openvpn[53866]: library versions: OpenSSL 3.1.1 30 May 2023, LZO 2.10
mehdies commented 1 year ago

TinCanTech commented 1 year ago

@mmokrejs

I tried both approaches:

openvpn --genkey tls-crypt-v2-server myserver.tls-crypt-v2.key
easytls build-tls-crypt-v2-server myserver.domainname 

Use ONLY openvpn approach.

If you continue to use easytls approach then please report your issue here.