group.of.nepali.translators team mailing list archive

Thread
Date
[Bug 1807439] Re: openvpn crashes when run with fips openssl

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Andreas Hasenack <andreas@xxxxxxxxxxxxx>
Date: Tue, 08 Jan 2019 16:21:25 -0000
Reply-to: Bug 1807439 <1807439@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
** Also affects: openvpn (Ubuntu Cosmic)
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1807439

Title:
  openvpn crashes when run with fips openssl

Status in openvpn package in Ubuntu:
  New
Status in openvpn source package in Xenial:
  New
Status in openvpn source package in Bionic:
  New
Status in openvpn source package in Cosmic:
  New
Status in openvpn source package in Disco:
  New

Bug description:
  [IMPACT]
  openvpn when estabishing a tls connection will segfault when used with Ubuntu's FIPS 140-2 libcrypto.so (openssl).

  openvpn tls connection does TLS PRF(pseudorandom function) to produce securely generated pseudo random output that is used to generate keys.
  MD5 is used as the hash in this computation.

  FIPS 140-2 does not permit MD5 use except when used for pseudorandom
  function (PRF). When openvpn requests MD5 operation to FIPS-mode
  libcrypto.so, since it is not allowed in general, FIPS-mode
  libcrypto.so goes into an error state.

  openvpn needs to set and pass a flag that FIPS-mode libcrypto.so
  recognizes and that indicates it is using MD5 for PRF, thereby FIPS-
  mode libcrypto.so will grant the request instead of entering an error
  state. In non-FIPS libcrypto.so the flag has no meaning.

  **NOTE: The openvpn 2.3 version in xenial has the above issue and an
  additional one. It also use MD5 internally for configuration status
  verification. It is not communicated externally. However, this
  particular use of MD5 is not allowed by FIPS and thus when openvpn
  tries to use FIPS-mode libcrypto.so to compute MD5, it results in
  openvpn segfaulting. This 2nd issue was fixed by upstream openvpn
  community in subsequent versions(2.4) to not use MD5 and use SHA(256)
  instead and thus why bionic and disco do not require any change for
  this 2nd issue.

  [TEST]
  Test data including commands and parameters are included below.

  Testing comprised establishing a tls connection between an openvpn
  client and server. Once the connection was successfully established, a
  ping thru the established vpn tunnel was done from the client for
  assurance.

  Interoperability testing was done to ensure no regression. Test data
  reflects testing was done between openvpn server and client with and
  without the patch and between various releases (xenial, bionic, and
  disco).

  Test was also done with FIPS-enabled libcrypto.so to ensure everything
  worked in FIPS mode.

  [REGRESSION]
  The FIPS-mode libcrypto.so flag passed by openvpn has no meaning in non-FIPS libcrypto.so. Thus nothing changes for openvpn behaviour in non-FIPS mode in regards to this.

  xenial has additional change of using SHA instead of MD5 for
  configuration status verification. This is an internal hash that is
  not communicated externally. Thus it should not regress
  interoperability or ability to establish connections.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1807439/+subscriptions