On Mon, 2018-07-16 at 16:09 -0500, Marc West wrote:
> Hi,
>
> Is there a way to have the latest Cisco AnyConnect 4.6 clients use
> ocserv with a stronger DTLS cipher than the default
> RSA_AES_128_SHA1?
> When the same version of AnyConnect connects to an ASA the DTLS
> cipher
> shows as DHE_RSA_AES256_SHA, which GnuTLS 3.5.18 on my ocserv box
> should
> also support. I have tried playing around with the
> cisco-client-compat/dtls-legacy/dtls-psk/match-tls-dtls-ciphers
> config
> options, but understand some of those are mutually exclusive.
>
> I plan to force TCP and TLS1.2 with GCM ciphers for most AnyConnect
> clients with ocserv which works fine, but would like to support the
> "best DTLS possible" (or at least match the ASA cipher) for a few
> cases where TCP file transfer throughput through AnyConnect is
> important (seeing about 3x throughput via DTLS).
>
> `occtl show user` with ocserv 0.12.1 and AnyConnect 4.6.01103:
> TLS ciphersuite: (TLS1.2)-(ECDHE-RSA-SECP521R1)-(AES-256-GCM)
> DTLS cipher: (DTLS0.9)-(RSA)-(AES-128-CBC)-(SHA1)
You cannot with the current ocserv as it doesn't support anything but
aes-128 or 3des for compatibility with anyconnect. You could try a
patch like the one below if AES256-SHA is supported by anyconnect. If
that works for you, we'd only need a test case for it, to include it in
the server.
regards,
Nikos
-------------- next part --------------
diff --git a/src/worker-http.c b/src/worker-http.c
index fd6b998e..65c40fc9 100644
--- a/src/worker-http.c
+++ b/src/worker-http.c
@@ -103,6 +103,16 @@ static const dtls_ciphersuite_st ciphersuites[] = {
.server_prio = 80,
.txt_version = "3.2.7",
},
+ {
+ .oc_name = "AES256-SHA",
+ .gnutls_name =
+ "NONE:+VERS-DTLS0.9:+COMP-NULL:+AES-256-CBC:+SHA1:+RSA:%COMPAT",
+ .gnutls_version = GNUTLS_DTLS0_9,
+ .gnutls_mac = GNUTLS_MAC_SHA1,
+ .gnutls_kx = GNUTLS_KX_RSA,
+ .gnutls_cipher = GNUTLS_CIPHER_AES_256_CBC,
+ .server_prio = 60,
+ },
{
.oc_name = "AES128-SHA",
.gnutls_name =
