-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
A new version of OpenVPN-NL is available on the OpenVPN-NL site [1]. This version fixes a few small issues reported by the community, and includes support for the random number generator introduced in PolarSSL v1.1.0 [2]. Aside from these technical changes, the deployment advisory has been updated with a new section on virtual machines. Details of these changes will be given in the next few sections.
Due to the improvements in the random number generator, we strongly recommend that you upgrade to the new version of OpenVPN-NL.
New PolarSSL RNG - ----------------
In response to security concerns PolarSSL has introduced a new random number generator. It consists of two parts: an entropy gathering function, which allows the combination of a number of entropy sources, and a front-end deterministic random bit generator (DRBG), based on NIST-SP800-90 [3].
OpenVPN-NL uses a combination of the existing HAVEGE random number generator and the platform entropy device (e.g. /dev/random on Linux, CryptoAPI on Windows) as entropy sources. Two new OpenVPN-NL command line options have been introduced to allow users to tweak the new RNG:
- min-platform-entropy: On Linux, sets the minimum number of bytes to read from /dev/random when reseeding. As /dev/random is blocking, setting this too high can cause OpenVPN-NL to block when not enough platform entropy is available. The deployment advisory recommends the use of at least 10 bytes. The default is 16 bytes.
- use-prediction-resistance: Enables prediction resistance according to the NIST standard [3]. This should only be enabled if enough platform entropy is available. Enabling this option is recommended in the deployment advisory. The default is to disable prediction resistance.
New deployment advisory - -----------------------
The deployment advisory has been updated to v1.2. This version adds a new paragraph on the use of OpenVPN-NL in virtual environments and on concentrators:
"Users are advised to use hardware random number generators or entropy gathering daemons via the interfaces and conventions that the host offers. These feed into the system entropy pool. This is recommended on concentrators and systems that run in virtual environments.
Enabling the use-prediction-resistance configuration option is recommended. Note that this may deplete kernel entropy sources more quickly. Users are advised not to adjust the configuration option min-platform-entropy below the value 10."
Minor bug fixes - ---------------
- Fixed bug in certificate serial number output to scripts. The last digit of the serial number was not output in some situations.
- Disabled non-blocking connect on the Windows version, fixing the broken TCP behaviour.