20845 – openvpn new security issues CVE-2017-7478 and CVE-2017-7479

Bug 20845 - openvpn new security issues CVE-2017-7478 and CVE-2017-7479

Summary: openvpn new security issues CVE-2017-7478 and CVE-2017-7479

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	5
Hardware:	All Linux

Priority:	Normal Severity: critical
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:
Whiteboard:	has_procedure mga5-64-ok mga5-32-ok a...
Keywords:	validated_update

Depends on:
Blocks:

Reported:	2017-05-13 19:13 CEST by David Walser
Modified:	2020-05-01 21:02 CEST (History)
CC List:	6 users (show)

See Also:
Source RPM:	openvpn-2.3.12-1.mga5.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2017-05-13 19:13:43 CEST

Ubuntu has issued an advisory on May 11:
https://www.ubuntu.com/usn/usn-3284-1/

Mageia 5 is also affected.

David Walser 2017-05-13 19:13:51 CEST

Whiteboard: (none) => MGA5TOO

Comment 1 Marja Van Waes 2017-05-13 20:06:46 CEST

Assigning to the registered maintainer.

Assignee: bugsquad => bruno
CC: (none) => marja11

Comment 2 Nicolas Lécureuil 2017-05-15 01:32:22 CEST

Fixed in cauldron

Whiteboard: MGA5TOO => (none)
CC: (none) => mageia
Version: Cauldron => 5

Comment 3 David Walser 2017-05-24 12:06:54 CEST

Updated package uploaded for Mageia 5.

Testing ideas in Bug 10125 and Bug 17418.

Advisory:
========================

Updated openvpn packages fix security vulnerabilities:

It was discovered that OpenVPN improperly triggered an assert when receiving an
oversized control packet in some situations. A remote attacker could use this
to cause a denial of service (server or client crash) (CVE-2017-7478).

It was discovered that OpenVPN improperly triggered an assert when packet ids
rolled over. An authenticated remote attacker could use this to cause a denial
of service (application crash) (CVE-2017-7479).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7479
https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23
https://www.ubuntu.com/usn/usn-3284-1/
========================

Updated packages in core/updates_testing:
========================
openvpn-2.3.16-1.mga5
libopenvpn-devel-2.3.16-1.mga5

from openvpn-2.3.16-1.mga5.src.rpm

Whiteboard: (none) => has_procedure
Assignee: bruno => qa-bugs

Comment 4 Brian Rockwell 2017-05-27 17:15:58 CEST


# uname -a
Linux localhost 4.4.68-desktop-1.mga5 #1 SMP Sun May 14 17:56:12 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

The following 4 packages are going to be installed:

- lib64openvpn-devel-2.3.16-1.mga5.x86_64
- libobjc4-4.9.2-4.1.mga5.x86_64
- openvpn-2.3.16-1.mga5.x86_64
- perl-Authen-PAM-0.160.0-11.mga5.x86_64

2.1MB of additional disk space will be used.

745KB of packages will be retrieved.

Is it ok to continue?




# openvpn
OpenVPN 2.3.16 x86_64-mageia-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on May 24 2017

# openvpn --genkey --secret key
# openvpn --test-crypto --secret key

at May 27 10:02:53 2017 TESTING ENCRYPT/DECRYPT of packet length=476
Sat May 27 10:02:53 2017 TESTING ENCRYPT/DECRYPT of packet length=477
Sat May 27 10:02:53 2017 TESTING ENCRYPT/DECRYPT of packet length=478
Sat May 27 10:02:53 2017 TESTING ENCRYPT/DECRYPT of packet length=479
Sat May 27 10:02:53 2017 TESTING ENCRYPT/DECRYPT of packet length=480
Sat May 27 10:02:53 2017 TESTING ENCRYPT/DECRYPT of packet length=481
Sat May 27 10:02:53 2017 TESTING ENCRYPT/DECRYPT of packet length=482
Sat May 27 10:02:53 2017 TESTING ENCRYPT/DECRYPT of packet length=483
Sat May 27 10:02:53 2017 TESTING ENCRYPT/DECRYPT of packet length=484
Sat May 27 10:02:53 2017 TESTING ENCRYPT/DECRYPT of packet length=485
Sat May 27 10:02:53 2017 TESTING ENCRYPT/DECRYPT of packet length=486
Sat May 27 10:02:53 2017 TESTING ENCRYPT/DECRYPT of packet length=487

Key is good

Modify location of loopback test configuratons:

# vi /usr/share/openvpn/sample-config-files/loopback-server
vi /usr/share/openvpn/sample-config-files/loopback-client


from server

# openvpn --config /usr/share/openvpn/sample-config-files/loopback-server
Sat May 27 10:11:48 2017 OpenVPN 2.3.16 x86_64-mageia-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on May 24 2017
Sat May 27 10:11:48 2017 library versions: OpenSSL 1.0.2k  26 Jan 2017, LZO 2.09
Sat May 27 10:11:48 2017 WARNING: --ping should normally be used with --ping-restart or --ping-exit
Sat May 27 10:11:48 2017 Diffie-Hellman initialized with 2048 bit key
Sat May 27 10:11:48 2017 WARNING: file '/usr/share/openvpn/sample-keys/server.key' is group or others accessible
Sat May 27 10:11:48 2017 Socket Buffers: R=[212992->212992] S=[212992->212992]
Sat May 27 10:11:48 2017 UDPv4 link local (bound): [AF_INET]127.0.0.1:16000
Sat May 27 10:11:48 2017 UDPv4 link remote: [AF_INET]127.0.0.1:16001
Sat May 27 10:12:17 2017 TLS: Initial packet from [AF_INET]127.0.0.1:16001, sid=8499d68e fe8acd84
Sat May 27 10:12:17 2017 VERIFY OK: depth=1, C=KG, ST=NA, L=BISHKEK, O=OpenVPN-TEST, emailAddress=me@myhost.mydomain
Sat May 27 10:12:17 2017 VERIFY OK: depth=0, C=KG, ST=NA, O=OpenVPN-TEST, CN=Test-Client, emailAddress=me@myhost.mydomain
Sat May 27 10:12:17 2017 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat May 27 10:12:17 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Sat May 27 10:12:17 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat May 27 10:12:17 2017 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat May 27 10:12:17 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Sat May 27 10:12:17 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat May 27 10:12:17 2017 WARNING: cipher with small block size in use, reducing reneg-bytes to 64MB to mitigate SWEET32 attacks.
Sat May 27 10:12:17 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sat May 27 10:12:17 2017 [Test-Client] Peer Connection Initiated with [AF_INET]127.0.0.1:16001
Sat May 27 10:12:18 2017 Initialization Sequence Completed
Sat May 27 10:12:27 2017 TLS: soft reset sec=0 bytes=893/67108864 pkts=17/0
Sat May 27 10:12:27 2017 VERIFY OK: depth=1, C=KG, ST=NA, L=BISHKEK, O=OpenVPN-TEST, emailAddress=me@myhost.mydomain
Sat May 27 10:12:27 2017 VERIFY OK: depth=0, C=KG, ST=NA, O=OpenVPN-TEST, CN=Test-Client, emailAddress=me@myhost.mydomain
Sat May 27 10:12:27 2017 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat May 27 10:12:27 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Sat May 27 10:12:27 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat May 27 10:12:27 2017 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat May 27 10:12:27 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Sat May 27 10:12:27 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat May 27 10:12:27 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sat May 27 10:12:37 2017 TLS: soft reset sec=0 bytes=630/67108864 pkts=12/0
Sat May 27 10:12:37 2017 VERIFY OK: depth=1, C=KG, ST=NA, L=BISHKEK, O=OpenVPN-TEST, emailAddress=me@myhost.mydomain
Sat May 27 10:12:37 2017 VERIFY OK: depth=0, C=KG, ST=NA, O=OpenVPN-TEST, CN=Test-Client, emailAddress=me@myhost.mydomain
Sat May 27 10:12:37 2017 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat May 27 10:12:37 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Sat May 27 10:12:37 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat May 27 10:12:37 2017 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat May 27 10:12:37 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Sat May 27 10:12:37 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat May 27 10:12:37 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA

from the client

# openvpn --config /usr/share/openvpn/sample-config-files/loopback-client
Sat May 27 10:12:17 2017 OpenVPN 2.3.16 x86_64-mageia-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on May 24 2017
Sat May 27 10:12:17 2017 library versions: OpenSSL 1.0.2k  26 Jan 2017, LZO 2.09
Sat May 27 10:12:17 2017 WARNING: --ping should normally be used with --ping-restart or --ping-exit
Sat May 27 10:12:17 2017 WARNING: file '/usr/share/openvpn/sample-keys/client.key' is group or others accessible
Sat May 27 10:12:17 2017 Socket Buffers: R=[212992->212992] S=[212992->212992]
Sat May 27 10:12:17 2017 UDPv4 link local (bound): [AF_INET]127.0.0.1:16001
Sat May 27 10:12:17 2017 UDPv4 link remote: [AF_INET]127.0.0.1:16000
Sat May 27 10:12:17 2017 TLS: Initial packet from [AF_INET]127.0.0.1:16000, sid=f41c50ef 96da7caf
Sat May 27 10:12:17 2017 VERIFY OK: depth=1, C=KG, ST=NA, L=BISHKEK, O=OpenVPN-TEST, emailAddress=me@myhost.mydomain
Sat May 27 10:12:17 2017 Validating certificate key usage
Sat May 27 10:12:17 2017 ++ Certificate has key usage  00a0, expects 00a0
Sat May 27 10:12:17 2017 VERIFY KU OK
Sat May 27 10:12:17 2017 Validating certificate extended key usage
Sat May 27 10:12:17 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sat May 27 10:12:17 2017 VERIFY EKU OK
Sat May 27 10:12:17 2017 VERIFY OK: depth=0, C=KG, ST=NA, O=OpenVPN-TEST, CN=Test-Server, emailAddress=me@myhost.mydomain
Sat May 27 10:12:17 2017 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat May 27 10:12:17 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Sat May 27 10:12:17 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat May 27 10:12:17 2017 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat May 27 10:12:17 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Sat May 27 10:12:17 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat May 27 10:12:17 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sat May 27 10:12:17 2017 [Test-Server] Peer Connection Initiated with [AF_INET]127.0.0.1:16000
Sat May 27 10:12:18 2017 Initialization Sequence Completed
Sat May 27 10:12:27 2017 TLS: soft reset sec=0 bytes=945/-1 pkts=18/0
Sat May 27 10:12:27 2017 VERIFY OK: depth=1, C=KG, ST=NA, L=BISHKEK, O=OpenVPN-TEST, emailAddress=me@myhost.mydomain
Sat May 27 10:12:27 2017 Validating certificate key usage
Sat May 27 10:12:27 2017 ++ Certificate has key usage  00a0, expects 00a0
Sat May 27 10:12:27 2017 VERIFY KU OK
Sat May 27 10:12:27 2017 Validating certificate extended key usage
Sat May 27 10:12:27 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sat May 27 10:12:27 2017 VERIFY EKU OK
Sat May 27 10:12:27 2017 VERIFY OK: depth=0, C=KG, ST=NA, O=OpenVPN-TEST, CN=Test-Server, emailAddress=me@myhost.mydomain
Sat May 27 10:12:27 2017 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat May 27 10:12:27 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Sat May 27 10:12:27 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat May 27 10:12:27 2017 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat May 27 10:12:27 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Sat May 27 10:12:27 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat May 27 10:12:27 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sat May 27 10:12:37 2017 TLS: soft reset sec=0 bytes=578/-1 pkts=11/0
Sat May 27 10:12:37 2017 VERIFY OK: depth=1, C=KG, ST=NA, L=BISHKEK, O=OpenVPN-TEST, emailAddress=me@myhost.mydomain
Sat May 27 10:12:37 2017 Validating certificate key usage
Sat May 27 10:12:37 2017 ++ Certificate has key usage  00a0, expects 00a0
Sat May 27 10:12:37 2017 VERIFY KU OK
Sat May 27 10:12:37 2017 Validating certificate extended key usage
Sat May 27 10:12:37 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sat May 27 10:12:37 2017 VERIFY EKU OK
Sat May 27 10:12:37 2017 VERIFY OK: depth=0, C=KG, ST=NA, O=OpenVPN-TEST, CN=Test-Server, emailAddress=me@myhost.mydomain
Sat May 27 10:12:37 2017 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat May 27 10:12:37 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Sat May 27 10:12:37 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat May 27 10:12:37 2017 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat May 27 10:12:37 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Sat May 27 10:12:37 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat May 27 10:12:37 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sat May 27 10:12:47 2017 TLS: soft reset sec=0 bytes=473/-1 pkts=9/0
Sat May 27 10:12:47 2017 VERIFY OK: depth=1, C=KG, ST=NA, L=BISHKEK, O=OpenVPN-TEST, emailAddress=me@myhost.mydomain
Sat May 27 10:12:47 2017 Validating certificate key usage
Sat May 27 10:12:47 2017 ++ Certificate has key usage  00a0, expects 00a0
Sat May 27 10:12:47 2017 VERIFY KU OK
Sat May 27 10:12:47 2017 Validating certificate extended key usage
Sat May 27 10:12:47 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sat May 27 10:12:47 2017 VERIFY EKU OK
Sat May 27 10:12:47 2017 VERIFY OK: depth=0, C=KG, ST=NA, O=OpenVPN-TEST, CN=Test-Server, emailAddress=me@myhost.mydomain
Sat May 27 10:12:47 2017 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat May 27 10:12:47 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Sat May 27 10:12:47 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat May 27 10:12:47 2017 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat May 27 10:12:47 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Sat May 27 10:12:47 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat May 27 10:12:47 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sat May 27 10:12:57 2017 TLS: soft reset sec=0 bytes=578/-1 pkts=11/0
Sat May 27 10:12:57 2017 VERIFY OK: depth=1, C=KG, ST=NA, L=BISHKEK, O=OpenVPN-TEST, emailAddress=me@myhost.mydomain
Sat May 27 10:12:57 2017 Validating certificate key usage
Sat May 27 10:12:57 2017 ++ Certificate has key usage  00a0, expects 00a0
Sat May 27 10:12:57 2017 VERIFY KU OK
Sat May 27 10:12:57 2017 Validating certificate extended key usage
Sat May 27 10:12:57 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sat May 27 10:12:57 2017 VERIFY EKU OK
Sat May 27 10:12:57 2017 VERIFY OK: depth=0, C=KG, ST=NA, O=OpenVPN-TEST, CN=Test-Server, emailAddress=me@myhost.mydomain
Sat May 27 10:12:57 2017 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat May 27 10:12:57 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Sat May 27 10:12:57 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat May 27 10:12:57 2017 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat May 27 10:12:57 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Sat May 27 10:12:57 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat May 27 10:12:57 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sat May 27 10:13:07 2017 TLS: soft reset sec=0 bytes=630/-1 pkts=12/0
Sat May 27 10:13:07 2017 VERIFY OK: depth=1, C=KG, ST=NA, L=BISHKEK, O=OpenVPN-TEST, emailAddress=me@myhost.mydomain
Sat May 27 10:13:07 2017 Validating certificate key usage
Sat May 27 10:13:07 2017 ++ Certificate has key usage  00a0, expects 00a0
Sat May 27 10:13:07 2017 VERIFY KU OK
Sat May 27 10:13:07 2017 Validating certificate extended key usage
Sat May 27 10:13:07 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sat May 27 10:13:07 2017 VERIFY EKU OK
Sat May 27 10:13:07 2017 VERIFY OK: depth=0, C=KG, ST=NA, O=OpenVPN-TEST, CN=Test-Server, emailAddress=me@myhost.mydomain
Sat May 27 10:13:07 2017 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat May 27 10:13:07 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Sat May 27 10:13:07 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat May 27 10:13:07 2017 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat May 27 10:13:07 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Sat May 27 10:13:07 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat May 27 10:13:07 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA


--------------
Appears to be working as designed.

Whiteboard: has_procedure => has_procedure mga5-64-ok
CC: (none) => brtians1

Dave Hodgins 2017-05-28 01:35:03 CEST

CC: (none) => davidwhodgins
Whiteboard: has_procedure mga5-64-ok => has_procedure mga5-64-ok advisory

Comment 5 Brian Rockwell 2017-06-01 15:21:08 CEST

$ uname -a
Linux localhost 4.4.68-desktop-1.mga5 #1 SMP Sun May 14 18:41:19 UTC 2017 i686 i686 i686 GNU/Linux


The following 4 packages are going to be installed:

- libobjc4-4.9.2-4.1.mga5.i586
- libopenvpn-devel-2.3.16-1.mga5.i586
- openvpn-2.3.16-1.mga5.i586
- perl-Authen-PAM-0.160.0-11.mga5.i586

1.8MB of additional disk space will be used.

665KB of packages will be retrieved.

Is it ok to continue?


$ openvpn
OpenVPN 2.3.16 i586-mageia-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on May 24 2017


[root@localhost brian]# openvpn --genkey --secret key

[root@localhost brian]# openvpn --test-crypto --secret key
Thu Jun  1 08:09:32 2017 OpenVPN 2.3.16 i586-mageia-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on May 24 2017
Thu Jun  1 08:09:32 2017 library versions: OpenSSL 1.0.2k  26 Jan 2017, LZO 2.09
Thu Jun  1 08:09:32 2017 OpenVPN 2.3.16 i586-mageia-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on May 24 2017
Thu Jun  1 08:09:32 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Thu Jun  1 08:09:32 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Thu Jun  1 08:09:32 2017 Entering OpenVPN crypto self-test mode.
Thu Jun  1 08:09:32 2017 TESTING ENCRYPT/DECRYPT of packet length=1
Thu Jun  1 08:09:32 2017 TESTING ENCRYPT/DECRYPT of packet length=2
Thu Jun  1 08:09:32 2017 TESTING ENCRYPT/DECRYPT of packet length=3
Thu Jun  1 08:09:32 2017 TESTING ENCRYPT/DECRYPT of packet length=4
Thu Jun  1 08:09:32 2017 TESTING ENCRYPT/DECRYPT of packet length=5
Thu Jun  1 08:09:32 2017 TESTING ENCRYPT/DECRYPT of packet length=6
Thu Jun  1 08:09:32 2017 TESTING ENCRYPT/DECRYPT of packet length=7

<blah blah blah>

Key is wimpy, but will do

Modified the configuration files

vi /usr/share/openvpn/sample-config-files/loopback-server

dh /usr/share/openvpn/sample-keys/dh2048.pem
ca /usr/share/openvpn/sample-keys/ca.crt
key /usr/share/openvpn/sample-keys/server.key
cert /usr/share/openvpn/sample-keys/server.crt

vi /usr/share/openvpn/sample-config-files/loopback-client

Modify the following rows:

ca /usr/share/openvpn/sample-keys/ca.crt
key /usr/share/openvpn/sample-keys/client.key
cert /usr/share/openvpn/sample-keys/client.crt



Now I open two terminals – one running the server and the other running the client


[root@localhost brian]# openvpn --config /usr/share/openvpn/sample-config-files/loopback-server
Thu Jun  1 08:16:54 2017 OpenVPN 2.3.16 i586-mageia-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on May 24 2017
Thu Jun  1 08:16:54 2017 library versions: OpenSSL 1.0.2k  26 Jan 2017, LZO 2.09
Thu Jun  1 08:16:54 2017 WARNING: --ping should normally be used with --ping-restart or --ping-exit
Thu Jun  1 08:16:54 2017 Diffie-Hellman initialized with 2048 bit key
Thu Jun  1 08:16:54 2017 WARNING: file '/usr/share/openvpn/sample-keys/server.key' is group or others accessible
Thu Jun  1 08:16:54 2017 Socket Buffers: R=[163840->163840] S=[163840->163840]
Thu Jun  1 08:16:54 2017 UDPv4 link local (bound): [AF_INET]127.0.0.1:16000
Thu Jun  1 08:16:54 2017 UDPv4 link remote: [AF_INET]127.0.0.1:16001
Thu Jun  1 08:17:10 2017 TLS: Initial packet from [AF_INET]127.0.0.1:16001, sid=2d31c85b 5b37d767
Thu Jun  1 08:17:11 2017 VERIFY OK: depth=1, C=KG, ST=NA, L=BISHKEK, O=OpenVPN-TEST, emailAddress=me@myhost.mydomain
Thu Jun  1 08:17:11 2017 VERIFY OK: depth=0, C=KG, ST=NA, O=OpenVPN-TEST, CN=Test-Client, emailAddress=me@myhost.mydomain
Thu Jun  1 08:17:11 2017 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Jun  1 08:17:11 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Thu Jun  1 08:17:11 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jun  1 08:17:11 2017 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Jun  1 08:17:11 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Thu Jun  1 08:17:11 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jun  1 08:17:11 2017 WARNING: cipher with small block size in use, reducing reneg-bytes to 64MB to mitigate SWEET32 attacks.
Thu Jun  1 08:17:11 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Thu Jun  1 08:17:11 2017 [Test-Client] Peer Connection Initiated with [AF_INET]127.0.0.1:16001
Thu Jun  1 08:17:12 2017 Initialization Sequence Completed
Thu Jun  1 08:17:21 2017 TLS: soft reset sec=0 bytes=998/67108864 pkts=19/0
Thu Jun  1 08:17:21 2017 VERIFY OK: depth=1, C=KG, ST=NA, L=BISHKEK, O=OpenVPN-TEST, emailAddress=me@myhost.mydomain
Thu Jun  1 08:17:21 2017 VERIFY OK: depth=0, C=KG, ST=NA, O=OpenVPN-TEST, CN=Test-Client, emailAddress=me@myhost.mydomain
Thu Jun  1 08:17:21 2017 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Jun  1 08:17:21 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Thu Jun  1 08:17:21 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jun  1 08:17:21 2017 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Jun  1 08:17:21 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Thu Jun  1 08:17:21 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jun  1 08:17:21 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Thu Jun  1 08:17:31 2017 TLS: soft reset sec=0 bytes=630/67108864 pkts=12/0
Thu Jun  1 08:17:31 2017 VERIFY OK: depth=1, C=KG, ST=NA, L=BISHKEK, O=OpenVPN-TEST, emailAddress=me@myhost.mydomain
Thu Jun  1 08:17:31 2017 VERIFY OK: depth=0, C=KG, ST=NA, O=OpenVPN-TEST, CN=Test-Client, emailAddress=me@myhost.mydomain
Thu Jun  1 08:17:31 2017 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Jun  1 08:17:31 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Thu Jun  1 08:17:31 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jun  1 08:17:31 2017 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Jun  1 08:17:31 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Thu Jun  1 08:17:31 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jun  1 08:17:31 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Thu Jun  1 08:17:41 2017 TLS: soft reset sec=0 bytes=578/67108864 pkts=11/0
Thu Jun  1 08:17:41 2017 VERIFY OK: depth=1, C=KG, ST=NA, L=BISHKEK, O=OpenVPN-TEST, emailAddress=me@myhost.mydomain
Thu Jun  1 08:17:41 2017 VERIFY OK: depth=0, C=KG, ST=NA, O=OpenVPN-TEST, CN=Test-Client, emailAddress=me@myhost.mydomain
Thu Jun  1 08:17:41 2017 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Jun  1 08:17:41 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Thu Jun  1 08:17:41 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jun  1 08:17:41 2017 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Jun  1 08:17:41 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Thu Jun  1 08:17:41 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jun  1 08:17:41 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA



client

]$ openvpn --config /usr/share/openvpn/sample-config-files/loopback-client
Thu Jun  1 08:17:10 2017 OpenVPN 2.3.16 i586-mageia-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on May 24 2017
Thu Jun  1 08:17:10 2017 library versions: OpenSSL 1.0.2k  26 Jan 2017, LZO 2.09
Thu Jun  1 08:17:10 2017 WARNING: --ping should normally be used with --ping-restart or --ping-exit
Thu Jun  1 08:17:10 2017 WARNING: file '/usr/share/openvpn/sample-keys/client.key' is group or others accessible
Thu Jun  1 08:17:10 2017 Socket Buffers: R=[163840->163840] S=[163840->163840]
Thu Jun  1 08:17:10 2017 UDPv4 link local (bound): [AF_INET]127.0.0.1:16001
Thu Jun  1 08:17:10 2017 UDPv4 link remote: [AF_INET]127.0.0.1:16000
Thu Jun  1 08:17:10 2017 TLS: Initial packet from [AF_INET]127.0.0.1:16000, sid=956f92a7 c4b94606
Thu Jun  1 08:17:10 2017 VERIFY OK: depth=1, C=KG, ST=NA, L=BISHKEK, O=OpenVPN-TEST, emailAddress=me@myhost.mydomain
Thu Jun  1 08:17:10 2017 Validating certificate key usage
Thu Jun  1 08:17:10 2017 ++ Certificate has key usage  00a0, expects 00a0
Thu Jun  1 08:17:10 2017 VERIFY KU OK
Thu Jun  1 08:17:10 2017 Validating certificate extended key usage
Thu Jun  1 08:17:10 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Thu Jun  1 08:17:10 2017 VERIFY EKU OK
Thu Jun  1 08:17:10 2017 VERIFY OK: depth=0, C=KG, ST=NA, O=OpenVPN-TEST, CN=Test-Server, emailAddress=me@myhost.mydomain
Thu Jun  1 08:17:11 2017 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Jun  1 08:17:11 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Thu Jun  1 08:17:11 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jun  1 08:17:11 2017 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Jun  1 08:17:11 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Thu Jun  1 08:17:11 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jun  1 08:17:11 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Thu Jun  1 08:17:11 2017 [Test-Server] Peer Connection Initiated with [AF_INET]127.0.0.1:16000
Thu Jun  1 08:17:12 2017 Initialization Sequence Completed




Working as designed.

Whiteboard: has_procedure mga5-64-ok advisory => has_procedure mga5-64-ok mga5-32-ok advisory

Lewis Smith 2017-06-01 21:31:10 CEST

Keywords: (none) => validated_update
CC: (none) => lewyssmith, sysadmin-bugs

Comment 6 Mageia Robot 2017-06-01 23:26:34 CEST

An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2017-0152.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED

Comment 7 Brian Rockwell 2020-05-01 21:02:38 CEST

The following 4 packages are going to be installed:

- libobjc4-8.4.0-1.mga7.i586
- libopenvpn-devel-2.4.9-1.mga7.i586
- openvpn-2.4.9-1.mga7.i586
- perl-Authen-PAM-0.160.0-22.mga7.i586



# openvpn --genkey --secret key

# openvpn --test-crypto --secret key

blah blah blah ...
Fri May  1 09:54:31 2020 TESTING ENCRYPT/DECRYPT of packet length=1500
Fri May  1 09:54:31 2020 OpenVPN crypto self-test mode SUCCEEDED.


vi /usr/share/openvpn/sample-config-files/loopback-server

dh /usr/share/openvpn/sample-keys/dh2048.pem
ca /usr/share/openvpn/sample-keys/ca.crt
key /usr/share/openvpn/sample-keys/server.key
cert /usr/share/openvpn/sample-keys/server.crt
tls-auth /usr/share/openvpn/sample-keys/ta.key 0

vi /usr/share/openvpn/sample-config-files/loopback-client

Modify the following rows:

ca /usr/share/openvpn/sample-keys/ca.crt
key /usr/share/openvpn/sample-keys/client.key
cert /usr/share/openvpn/sample-keys/client.crt
tls-auth /usr/share/openvpn/sample-keys/ta.key 1


# NOW PROTECT THE FILES

# cd /usr/share/openvpn/sample-config-files
# chmod go-r loop*
# cd /usr/share/openvpn/sample-keys
# chmod go-r ta.key
# chmod go-r client.key

Then on one terminal I run the server:

# openvpn --config /usr/share/openvpn/sample-config-files/loopback-server

on the other terminal I run

# openvpn --config /usr/share/openvpn/sample-config-files/loopback-client


When the client starts I see this on the server

Fri May  1 14:00:36 2020 TLS: Initial packet from [AF_INET6]::1:16001, sid=20e7d1e0 6ad892ed

On the client I see

ri May  1 14:00:41 2020 WARNING: --ping should normally be used with --ping-restart or --ping-exit
Fri May  1 14:00:41 2020 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri May  1 14:00:41 2020 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri May  1 14:00:41 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:16000
Fri May  1 14:00:41 2020 Socket Buffers: R=[180224->180224] S=[180224->180224]
Fri May  1 14:00:41 2020 UDP link local (bound): [AF_INET]127.0.0.1:16001
Fri May  1 14:00:41 2020 UDP link remote: [AF_INET]127.0.0.1:16000

They seem to be goign through a series of connections

Seems to work.

Note You need to log in before you can comment on or make changes to this bug.