In some SSL libraries, some ciphers may be defective. Bugs are introduced from time to time, it's normal.
OpenVPN has a facility to --test-crypto to verify if the system's ciphers are functioning correctly. However, this crypto test is only run when the user explicitly runs the binary with --test-crypto.
Furthermore, as part of the build, a test "t_lpback.sh" supposedly checks all the ciphers that openvpn knows about (the output of "openvpn --show-ciphers"). However, this build time test avoids running tests on ciphers known to be broken (among them, DES-EDE3-CFB1, DES-CFB1). Additionally, it also doesn't test RC5-* on any platform, because on NetBSD without libcrypto_rc5 these tests would fail.
The problem is that known broken ciphers are intentionally not tested, leaving the user exposed to these ciphers. So what then is the purpose of running the t_lpback.sh test?
Since the software is able to detect bugs in the system crypto libs, the appropriate action is to:
disable the affected ciphers, and error out when the user's config uses them, or,
provide alternate compat-*.c implementations for the affected ciphers, and use them instead of the system implementation, or,
both (ie, mitigate the known bugs, and fail clearly when new, unmitigated bugs are detected)
I have removed the waiver for bad ciphers in 05dbde8d; This will cause "make check" to fail every time.
Since b690f28, the t_lpback.sh test will first test for the presence of a "SSL+mitigations" feature; if not implemented, the test will fail without testing any ciphers. This will break all builds with ENABLE_CRYPTO until a mitigation feature is implemented. Until then, the software leaves the user
intentionally exposed to crypto bugs, which is unnacceptable in this reporter's opinion.
In some SSL libraries, some ciphers may be defective. Bugs are introduced from time to time, it's normal.
OpenVPN has a facility to --test-crypto to verify if the system's ciphers are functioning correctly. However, this crypto test is only run when the user explicitly runs the binary with --test-crypto.
Furthermore, as part of the build, a test "t_lpback.sh" supposedly checks all the ciphers that openvpn knows about (the output of "openvpn --show-ciphers"). However, this build time test avoids running tests on ciphers known to be broken (among them, DES-EDE3-CFB1, DES-CFB1). Additionally, it also doesn't test RC5-* on any platform, because on NetBSD without libcrypto_rc5 these tests would fail.
The problem is that known broken ciphers are intentionally not tested, leaving the user exposed to these ciphers. So what then is the purpose of running the t_lpback.sh test?
Since the software is able to detect bugs in the system crypto libs, the appropriate action is to:
I have removed the waiver for bad ciphers in 05dbde8d; This will cause "make check" to fail every time.
Since b690f28, the t_lpback.sh test will first test for the presence of a "SSL+mitigations" feature; if not implemented, the test will fail without testing any ciphers. This will break all builds with ENABLE_CRYPTO until a mitigation feature is implemented. Until then, the software leaves the user intentionally exposed to crypto bugs, which is unnacceptable in this reporter's opinion.