Add two-factor authentication (2FA) to OpenVPN host connections with
one-time passwords.
The 2FA can be enabled or disabled per host connection and requires the
client to download it's configuration again after 2FA has beend enabled
for it.
Additionally the client needs to configure an TOTP application, like
"Google Authenticator" which then provides the second factor.
To faciliate this every connection with enabled 2FA
gets an "show qrcode" button after the "show file" button in the
host connection list to show the 2FA secret and an 2FA configuration QRCode.
When 2FA is enabled, the client needs to provide the second factor plus
the private key password (if set) to successfully authorize.
This only supports time based one-time passwords, TOTP with 30s
window and 6 digits, for now but we may update this in the future.
Signed-off-by: Timo Eissler <timo.eissler@ipfire.org>
The Captive Portal should not be framed or leak sensitive detail via
Referrers either.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
These cause caching trouble and pose a potential security risk due to
exposing inode numbers of files within the Apache site directories on an
IPFire machine.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
There is no legitimate reason to do this. Setting header X-Frame-Options
to "sameorigin" is necessary for displaying some collectd graphs on the
WebUI.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Acked-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
By default, even modern browsers sent the URL of ther originating
site to another one when accessing hyperlinks. This is an information
leak and may expose internal details (such as FQDN or IP address)
of an IPFire installation to a third party.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Acked-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
CBC ciphers contain some known vulnerabilities and should not be used
anymore. While dropping them for OpenSSL clients or public web servers
still causes interoperability problems with legacy setups, they can
be safely removed from IPFire's administrative UI.
This patch changes the used cipersuite to:
TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any Au=any Enc=CHACHA20/POLY1305(256) Mac=AEAD
TLS_AES_256_GCM_SHA384 TLSv1.3 Kx=any Au=any Enc=AESGCM(256) Mac=AEAD
TLS_AES_128_GCM_SHA256 TLSv1.3 Kx=any Au=any Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD
Since TLS 1.3 ciphers will be added automatically by OpenSSL, mentioning
them in "SSLCipherSuite" is unnecessary. ECDSA is preferred over RSA for
performance reasons.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Acked-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
CBC ciphers are vulnerable to a bunch of attacks (being
rather academic so far) such as MAC-then-encrypt or
padding oracle.
These seem to be more serious (see
https://blog.qualys.com/technology/2019/04/22/zombie-poodle-and-goldendoodle-vulnerabilities
for further readings) which is why they should be used
for interoperability purposes only.
I plan to remove AES-CBC ciphers for the WebUI at the
end of the year, provided overall security landscape
has not changed until that.
This patch changes the WebUI cipherlist to:
TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any Au=any Enc=CHACHA20/POLY1305(256) Mac=AEAD
TLS_AES_256_GCM_SHA384 TLSv1.3 Kx=any Au=any Enc=AESGCM(256) Mac=AEAD
TLS_AES_128_GCM_SHA256 TLSv1.3 Kx=any Au=any Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD
ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA256
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384
ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256
(AES-CBC + ECDSA will be preferred over RSA for performance
reasons. As this cipher order cannot be trivially rebuilt with
OpenSSL cipher stings, it has to be hard-coded.)
All working clients will stay compatible.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This will work fine for FF 27 or newer, Chrome 30 or newer,
IE 11 on Windows 7 or newer, Opera 17 or newer, Safari 9 or
newer, Android 5.0 or newer and Java 8 or newer
Since IPFire is not supposed to host any other applications and
all have been removed in the last few Core Updates, only the web
user interface is served over HTTPS here. We clearly prefer
security over compatibility.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Change the TLS cipher list of Apache to "Mozilla Modern".
ECDSA is preferred over RSA to save CPU time on both server
and client. Clients without support for TLS 1.2 and AES will
experience connection failures.
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Sending the server signature is unnecessary and might leak
some internal information (although ServerTokens is already
set to "Prod").
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This is no longer needed and in the telephone conference
on Dec 4th, it was decided to drop it.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This is EOL upstream for over ten years now and therefore
we cannot continue to support this either.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Make Apache transmit a CSP (Content Security Policy) header
for WebUI and Captive Portal contents.
This prevents some XSS and content injection attacks, especially
in case no transport encryption (Captive Portal!) can be used.
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Add X-Content-Type-Options header to prevent Internet Explorer
from interpreting the MIME type of a server answer on its own,
which could lead to security risks.
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Ensure that Apache never uses SSL compression, which is vulnerable,
and turn off session tickets since the might cause impact to PFS.
Based against next, supersedes first version.
Reported-by: Wolfgang Apolinarski <wolfgang.apolinarski@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Do not allow credentials being submitted in plaintext to Apache.
Instead, redirect the user with a 301 to the TLS version of IPFire's
web interface.
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Note: Apache crashes if any of these files does not exist. Thereof it
is necessary to generate missing keys on existing installations.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Priorize ECDSA before RSA and remove unused cipher suites.
Remove redundant OpenSSL directives to make SSL configuration more readable.
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Remove configuration lines in Apache vhosts files which
are not used anymore (old dial.cgi stuff).
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Previously the assets directory has ExecCGI privileges
which is not at all required and potentially dangerous.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Introduce new Captive-Portal.
Here we add the menu, apache configuration (vhost), IPFire configuration
website and Captive-Portal Access site. Also the languagefiles are
updated.
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
- Updated to apache 2.4
- Updated the htpasswd generation to use the more secure bcrypt algorithm
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Disable unauthenticated access to cgi-bin/credits.cgi. The page
leaks the currently installed version of IPFire and the hardware
architecture.
Both information might make a successful attack much easier.
This issue can be reproduced by accessing https://[IPFire-IP]:444/cgi-bin/credits.cgi
and accepting a SSL certificate warning (if any).
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
In large networks, when ever multiple clients connect at the
same time and request the proxy.pac configuration file, apache
rate-limited requests so that some clients did not get a response
and therefore could not connect to the Internet.
This allows apache to handle more connections at the same time.
Suggested-by: Thoralf Söldenwagner <soeldenwagner@brecht-schule.hamburg>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
