os-openconnect: Regression due to required secure renegotiation in OpenSSL 3.x

[robertzaage]

Important notices Before you add a new report, we ask you kindly to acknowledge the following:

• [x] I have read the contributing guide lines at https://github.com/opnsense/plugins/blob/master/CONTRIBUTING.md
• [x] I have searched the existing issues, open and closed, and I'm convinced that mine is new.
• [x] The title contains the plugin to which this issue belongs

Describe the bug OpenConnect can't setup the connection due to a failing TLS handshake.

To Reproduce Steps to reproduce the behavior from CLI:

starting openconnect
+ /usr/local/sbin/openconnect -s /usr/local/opnsense/scripts/OPNsense/Openconnect/vpnc.sh '--config=/usr/local/etc/openconnect.conf' vpn.example.com
SSL connection failure
00E0AA2908000000:error:0A000152:SSL routines:final_renegotiate:unsafe legacy renegotiation disabled:ssl/statem/extensions.c:894:
Failed to open HTTPS connection to vpn.example.com
Failed to complete authentication

or just use curl:

# curl -vvv https://vpn.example.com
* Host vpn.example.com:443 was resolved.
* IPv6: (none)
* IPv4: 233.252.0.1
*   Trying 233.252.0.1:443...
* Connected to vpn.example.com (233.252.0.1) port 443
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (OUT), TLS alert, handshake failure (552):
* OpenSSL/3.0.13: error:0A000152:SSL routines::unsafe legacy renegotiation disabled
* Closing connection
curl: (35) OpenSSL/3.0.13: error:0A000152:SSL routines::unsafe legacy renegotiation disabled

Expected behavior A successful TLS handshake and a working vpn connection via openconnect.

Additional context The used VPN is an older Cisco ASA which doesn't get OpenSSL updates anymore. There are some workarounds available to re-enable renegotiation again, but this really shouldn't be done on a system-wide level.

See: https://github.com/openssl/openssl/issues/21296

Regression was introduced in 24.1: ports: openssl 3.0.12[6]

Support for RFC 5746 secure renegotiation is now required by default for SSL or TLS connections to succeed.

Environment OPNsense 24.1.1-amd64 FreeBSD 13.2-RELEASE-p9 OpenSSL 3.0.13

[fichtner]

Yep, OpenSSL 3 issue. I don’t believe the “legacy” trick that they did has any real world value other than causing havoc. They should have removed it or kept it as was. We’ve seen a number of broken things now because of it. 😉

though I’m not sure if Openconnect can actually allow this per config?

Cheers, Franco

[robertzaage]

I think we need a new "Allow insecure crypto" Option which adds /usr/local/sbin/openconnect --allow-insecure-crypto to the program call. If you want , I can try my luck and prepare a PR for this. According to their docs this option can also be set in the config file. 🙂

[fichtner]

That would be nice. Make sure the open connect version in FreeBSD ports supports this, otherwise we should aim to update the version there first.

[c4mmartin]

Opnsense update last night is now showing this:

root@opnsense:~ # openconnect --protocol=gp vpn.server.com -u username POST https://vpn.server.com/global-protect/prelogin.esp?tmp=tmp&clientVer=4100&clientos=Linux Failed to connect to [ipv6]:443: Operation timed out Connected to ipv4 SSL negotiation with vpn.server.com SSL connection failure 00D0C42908000000:error:0A000152:SSL routines:final_renegotiate:unsafe legacy renegotiation disabled:ssl/statem/extensions.c:894: Failed to open HTTPS connection to vpn.server.com Failed to complete authentication