touch-packages team mailing list archive

Thread
Date

[Bug 1476769] Re: When activating OpenVPN without DHCP6, random traffic will be routed without VPN

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Alberto Salvia Novella <es20490446e@xxxxxxxxx>
Date: Sat, 12 Sep 2015 00:04:44 -0000
Reply-to: Bug 1476769 <1476769@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: network-manager (Ubuntu)
   Importance: Undecided => High

** Changed in: openvpn (Ubuntu)
   Importance: Undecided => High

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1476769

Title:
  When activating OpenVPN without DHCP6, random traffic will be routed
  without VPN

Status in network-manager package in Ubuntu:
  Confirmed
Status in openvpn package in Ubuntu:
  Confirmed
Status in Fedora:
  Unknown

Bug description:
  When activating an OpenVPN without DHCP6 through NetworkManager,
  random traffic will be routed without VPN if the basic physical
  network device has IPv6 connectivity but the VPN hasn't. This is a
  security issue, since a user activating the VPN would expect all go
  through it.

  network-manager package version: 0.9.10.0-4ubuntu15.1

  Steps to reproduce:
  1. Find some VPN without IPv6 routing or DHCP6. Get the according openvpn configuration file and import into NetworkManager
  2. Make sure your physical networking device has native IPv6 access
  3. Activate the VPN in the network settings

  Expected result:

   * IPv4 default route through VPN
   * IPv6 default route absent (as VPN doesn't provide any)

  Actual result (as I understand the bug report):

   * IPv4 default route through VPN (good)
   * IPv6 default route via local gateway (bad)

  ProblemType: Bug
  DistroRelease: Ubuntu 15.04
  Package: openvpn 2.3.2-9ubuntu4
  ProcVersionSignature: Ubuntu 3.19.0-21.21-generic 3.19.8
  Uname: Linux 3.19.0-21-generic x86_64
  ApportVersion: 2.17.2-0ubuntu1.1
  Architecture: amd64
  CurrentDesktop: GNOME
  Date: Tue Jul 21 19:21:50 2015
  ProcEnviron:
   TERM=xterm
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=<set>
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: openvpn
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1476769/+subscriptions