← Back to team overview

desktop-packages team mailing list archive

[Bug 1386361] Re: network-manager-openvpn leaks while connecting

 

** Description changed:

  Network-manager-openvpn leaks while connecting. Maybe that is intended
  behavior when activating a VPN-connection manually but it also leaks
  when "Automatically connect to VPN when using this connection" is
  checked.
+ 
+ By "leaking" I mean that there are packages leaving/entering the machine
+ without passing through the VPN.
  
  Verfied the following way:
  1. Set up a VPN that connects via UDP (verify it).
  2. Configure a Wifi network that blocks UDP, check "Automatically connect to VPN..." and preselect your special VPN.
  3. Connect to that newly configured Wifi network.
  4. Browse the internet.
  
  Another way:
  1. Type "traceroute ubuntu.com" into a terminal but don't press enter.
  2. Start the Wifi network that uses the "Automatically connect... VPN..." feature.
  3. Go back to the terminal press enter.
  4. After the VPN has connected repeat the command.
  5. Compare the first hop of the traceroute results.
  
  I consider this a security bug since it endangers users relying on a
  working/leak-free VPN.

** Description changed:

  Network-manager-openvpn leaks while connecting. Maybe that is intended
- behavior when activating a VPN-connection manually but it also leaks
+ behavior when activating a VPN-connection manually but it also *leaks
  when "Automatically connect to VPN when using this connection" is
- checked.
+ checked*.
  
  By "leaking" I mean that there are packages leaving/entering the machine
  without passing through the VPN.
  
  Verfied the following way:
  1. Set up a VPN that connects via UDP (verify it).
  2. Configure a Wifi network that blocks UDP, check "Automatically connect to VPN..." and preselect your special VPN.
  3. Connect to that newly configured Wifi network.
  4. Browse the internet.
  
  Another way:
  1. Type "traceroute ubuntu.com" into a terminal but don't press enter.
  2. Start the Wifi network that uses the "Automatically connect... VPN..." feature.
  3. Go back to the terminal press enter.
  4. After the VPN has connected repeat the command.
  5. Compare the first hop of the traceroute results.
  
  I consider this a security bug since it endangers users relying on a
  working/leak-free VPN.

** Description changed:

  Network-manager-openvpn leaks while connecting. Maybe that is intended
- behavior when activating a VPN-connection manually but it also *leaks
+ behavior when activating a VPN-connection manually but it also **leaks
  when "Automatically connect to VPN when using this connection" is
- checked*.
+ checked**.
  
  By "leaking" I mean that there are packages leaving/entering the machine
  without passing through the VPN.
  
  Verfied the following way:
  1. Set up a VPN that connects via UDP (verify it).
  2. Configure a Wifi network that blocks UDP, check "Automatically connect to VPN..." and preselect your special VPN.
  3. Connect to that newly configured Wifi network.
  4. Browse the internet.
  
  Another way:
  1. Type "traceroute ubuntu.com" into a terminal but don't press enter.
  2. Start the Wifi network that uses the "Automatically connect... VPN..." feature.
  3. Go back to the terminal press enter.
  4. After the VPN has connected repeat the command.
  5. Compare the first hop of the traceroute results.
  
  I consider this a security bug since it endangers users relying on a
  working/leak-free VPN.

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1386361

Title:
  network-manager-openvpn leaks while connecting

Status in “network-manager” package in Ubuntu:
  New
Status in “network-manager-openvpn” package in Ubuntu:
  New

Bug description:
  Network-manager-openvpn leaks while connecting. Maybe that is intended
  behavior when activating a VPN-connection manually but it also **leaks
  when "Automatically connect to VPN when using this connection" is
  checked**.

  By "leaking" I mean that there are packages leaving/entering the
  machine without passing through the VPN.

  Verfied the following way:
  1. Set up a VPN that connects via UDP (verify it).
  2. Configure a Wifi network that blocks UDP, check "Automatically connect to VPN..." and preselect your special VPN.
  3. Connect to that newly configured Wifi network.
  4. Browse the internet.

  Another way:
  1. Type "traceroute ubuntu.com" into a terminal but don't press enter.
  2. Start the Wifi network that uses the "Automatically connect... VPN..." feature.
  3. Go back to the terminal press enter.
  4. After the VPN has connected repeat the command.
  5. Compare the first hop of the traceroute results.

  I consider this a security bug since it endangers users relying on a
  working/leak-free VPN.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1386361/+subscriptions


References