There has been a previous thread started by @Baserk but I thought to start a new one for those interested. Maybe better to first read that previous thread. You can also search the forum for "OpenVPN-NL"; it has been mentioned a few times. Site: OpenVPN-NL by Fox-IT https://openvpn.fox-it.com/index.html To start, about the "why" and the "Differences between OpenVPN and OpenVPN-NL" you have to read: https://openvpn.fox-it.com/about.html About the "Audience": "While OpenVPN-NL is targeted for use by Dutch governmental bodies, it is available for anybody who wants to use it. No registration is required for download or use. A low-volume mailing list is available and open to all users to be informed of updates and security issues." "OpenVPN-NL is available free of licence costs. One should be aware that deployment and maintenance of any product requires knowledge and manpower, neither of which is free. Neither NBV nor Fox-IT provides free support or consultancy on OpenVPN. The commitment of NBV and Fox-IT is essentially limited to keeping the product up to date, and providing the information which can be found on this site." There is a lot more there: Deployment https://openvpn.fox-it.com/deployment.html The OpenVPN-NL lifecycle https://openvpn.fox-it.com/lifecycle.html Software https://openvpn.fox-it.com/software.html
It is not completely clear to me why it uses mbed TLS 2.16.2. According to https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.3-and-2.7.12-released mbed TLS 2.16.3 was released in September 2019.
I tried very hard to grep word "backdoor" from their modified version of openvpn 2.4.7 source code and only found this: https://www.orwell1984.today/foxit1.png Opening that mbedtls/include/mbedtls/dhm.h shows the following: https://www.orwell1984.today/foxit2.png So it's just a warning from the mbedtls (formerly PolarSSL) that don't use DHM with your SSL connections and instead use elliptic curve crypto stuff like ECDH. Problem is, mbedtls elliptic curve crypto is horrible compared to OpenSSL (scroll all the way down to "Supported Elliptic Curves": https://en.wikipedia.org/wiki/Comparison_of_TLS_implementations And if you look the Fox-IT comparison of their version openvpn and vanilla version of openvpn, you see that they are actually worse in elliptic curve support (vanilla supports all; theirs only small subset) and even the insecure RSA stuff max bit strength is worse than OpenSSL https://www.orwell1984.today/foxit3.png So why did they choose the crypto library (mbedtls) with less options? Especially the x25519 is missing (according to wikipedia) from mbedtls. And why did they not just post their changes to upstream as a separate patch? I did a very quick diff -Naur openvpn-2.4.7 openvpn-nl/openvpn and most of the stuff I see is just removing autotools files (recuired when building from source on Unix/Linux machines), some cosmetic rebranding (putting Fox-It here and there) and some documentation changes. (source can be downloaded here if interested https://openvpn.fox-it.com/repos/source/) The real stuff is in openvpn-nl/openvpn/src/openvpn/allowed_crypto.h and openvpn-nl/openvpn/src/openvpn/allowed_crypto.c files which are rather short and just mainly remove most of the ciphers, which is their hardening. So the good news is, there probably is no backdoor there but it is still strange why they wanted to use the lesser crypto library (mbedtls) of the two crypto libraries supported by openvpn ? It's just vanilla openvpn with some weaker ciphers removed. But if you really want to build and try it yourself .... Building yourself Because they removed most of the default configure stuff, you have to go to openvpn-nl/openvpn directory, have autools packages installed( dnf install automake autoconf on Fedora apt-get install autoconf automake or something like that in Debian clans...) and run autoreconf -fiv After that you can give the normal ./configure --disable-ofb-cfb && make && make DESTDIR=<some directory of your liking> install
Welcome I also just found this old conversation from openvpn forum: https://forums.openvpn.net/viewtopic.php?t=10180 So if there is any backdoor, then it would be most likely in the mbedtls (PolarSSL) folder from that openvpn-nl source package. That folder is not in the original openvpn-2.4.7 source package. EDIT: Some their marketing material from wikileaks: https://wikileaks.org/spyfiles/document/page/4/#FOXIT EDIT2: And this is interesting too https://blog.puscii.nl/content/whats-wrong-kids-these-days