Opened 4 years ago

Closed 4 years ago

#784 closed Bug / Defect (fixed)

openvpn-2.4_rc1 assertion failure in AEAD code on renegotiation (AES-256-OFB)

Reported by: marcan Owned by: Steffan Karger
Priority: major Milestone: release 2.4
Component: Crypto Version: OpenVPN git master branch (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:
Cc: Steffan Karger

Description

OpenVPN crashes with an assertion failure during renegotiation, in AES-256-OFB cipher mode (1h after startup by default):

Dec  6 20:52:02 hub openvpn[5785]: Assertion failed at crypto.c:608 (opt->flags & CO_USE_IV)
Dec  6 20:52:02 hub openvpn[5785]: Exiting due to fatal error

reneg-sec 10 can be used to force the assert to happen earlier.

Version: 2.4_rc1 (not available in the bugtracker picker yet)
Distro: Gentoo Linux (installed via portage)

Client config:

client
proto udp6
remote <remote addr/port>
resolv-retry infinite
nobind
ca <ca file>
cert <cert file>
key <key file>
dev tun0
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
replay-window 256 15
remote-cert-tls server
cipher AES-256-OFB

Attachments (1)

0001-XXX-fix-and-cleanup-crypto-flags-setting.patch (3.0 KB) - added by Steffan Karger 4 years ago.

Download all attachments as: .zip

Change History (7)

comment:1 Changed 4 years ago by Gert Döring

Cc: Steffan Karger added
Milestone: release 2.4
Version: 2.4_alpha2git master branch

thanks for the report. setting "git master" as version as that's (today) the same as 2.4_rc1, and this is likely not specific to rc1 but older.

@syzzer: yours :-)

@marcan: do you have a particular reason not to use AES-256-GCM (2.4 to 2.4) or AES-256-CBC?

comment:2 Changed 4 years ago by marcan

The other end is still 2.3; not entirely sure why I wound up with OFB and not CBC though. I could've sworn I read it was recommended somewhere but I can't locate that now. CBC mode indeed works fine.

comment:3 Changed 4 years ago by Steffan Karger

Owner: set to Steffan Karger
Status: newaccepted

Definitely a bug. So, thanks for using unusual ciphers and running our RCs! I'll send a fix soon.

Changed 4 years ago by Steffan Karger

comment:4 Changed 4 years ago by Steffan Karger

I didn't manage to reproduce triggering the ASSERT, but I did find bugs there, and managed to trigger other bugs. I think the supplied patch will also fix your problems, could you apply this and test if it fixes the issue for you?

comment:5 Changed 4 years ago by marcan

Looks like it does, I can't repro with the patch. Thanks for taking a look so quickly! I'll leave it running in OFB mode and let you know if something breaks.

comment:6 Changed 4 years ago by Steffan Karger

Resolution: fixed
Status: acceptedclosed

Great! Thanks for reporting back.

Fix has been applied in commit 84f88ca4d57cd0dc40fd945e09ab1cea1b2cd0b7.

Note: See TracTickets for help on using tickets.