Bug 1077641
| Summary: | Cisco 2811 & OpenSWAN SHA256 truncate bug | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Joe Madden <joe.madden> |
| Component: | openswan | Assignee: | Paul Wouters <pwouters> |
| Status: | CLOSED NOTABUG | QA Contact: | BaseOS QE Security Team <qe-baseos-security> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 6.5 | CC: | joe.madden |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2014-03-18 19:36:16 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Interesting, that seems to indicate that the remote cisco also implements a draft version of the SHA2-256 truncation instead of the final RFC version.
It would be good to have the cisco firmware version for documentation purposes.
regardless, you already fixed the problem. The sha2_truncbug=yes option tells the kernel to use the broken non-RFC truncation to interop with the broken device.
So I am not sure why you are reporting this as an openswan bug? From the man page:
sha2_truncbug
The default hash truncation for sha2_256 is 128 bits. Linux
implemented the draft version which stated 96 bits. This option
enables using the bad 96 bits version to interop with older linux
kernels (unpatched version 2.6.33 and older) and openswan versions
before 2.6.38. Currently the accepted values are no, (the default)
signifying default IETF truncation of 128 bits, or yes, signifying
96 bits broken Linux kernel style truncation.
Hi there, Sorry i jumped the gun raising this ticket but as of IOS 15.2 (4) M5 proper SHA256_128 is not supported. They also have no plan for this to be fixed in IKE V1. From: Madden, Joe Sent: 18 March 2014 14:43 To: Patrick, David J; Patton, Eamonn J; Patton Eamonn (HA) (Eamonn.Patton.gov.uk) Subject: FW: 629604779 : CISCO2911-SEC/K9 // Error message. No traffic flow Stuck using 96bit! Looks like my hunch was right. There VPN uses SHA2_256_96bit Joe. From: Suleiman Suleiman -X (sulsulei) [sulsulei] Sent: 18 March 2014 14:35 To: Madden, Joe Cc: attach Subject: RE: 629604779 : CISCO2911-SEC/K9 // Error message. No traffic flow Hi Joe, I can see that RFC4868 is supported but only for Ikev2 and next generation routers, http://www.cisco.com/c/en/us/support/docs/security/flexvpn/115730-flexvpn-suiteb-00.html I cannot see any plans to add this for Ikev1 and first generation routers. Waiting for your feedback Suleiman From: Madden, Joe [Joe.Madden] Sent: Tuesday, March 18, 2014 4:16 PM To: Suleiman Suleiman -X (sulsulei) Cc: attach Subject: RE: 629604779 : CISCO2911-SEC/K9 // Error message. No traffic flow Hi Suleiman, That’s fine, that calcifies why it does not work. However can you confirm if cisco will ever properly implement RFC4868? As the HMAC-SHA-256-96 is not the correct standard. Thanks Joe. From: Suleiman Suleiman -X (sulsulei) [sulsulei] Sent: 18 March 2014 14:14 To: Madden, Joe Cc: attach Subject: RE: 629604779 : CISCO2911-SEC/K9 // Error message. No traffic flow Hi Joe, Exactly, I believe that this is the case here, our router is configured to use HMAC-SHA-256-96 while the openswan is using HMAC-SHA-256-128. Please let me know how you would like to proceed. Thanks in advance Suleiman This can be closed now! Thanks for the vendor/firmware information |
Description of problem: When using OpenSWAN and IPSEC tunnel VPN the system establishes a VPN however no traffic is received or sent. There is no complaint from the OpenSWAN but the cisco router complains off CRYPTO-4-RECVD_PKT_MAC_ERR: decrypt: mac verify failed for connection Our Cisco and OpenSWAN configurations are like so: conn tunnelipsec authby= secret auto= start type= tunnel #RRT left= ########### leftsubnet= ########### leftid= gw.harcc.org.uk #SAA right= ######## rightsubnet= 1###### keyexchange= ike ike= aes256-sha2_256! phase2= esp phase2alg= aes256-sha2_256! sha2_truncbug= no Cisco Configuration: crypto isakmp policy 10 encr aes 256 hash sha256 authentication pre-share group 2 crypto isakmp key ############# address ############ ! ! crypto ipsec transform-set TS esp-aes 256 esp-sha256-hmac mode tunnel ! ! ! crypto map CMAP 10 ipsec-isakmp set peer ########################## set transform-set TS match address VPN-TRAF ip access-list extended VPN-TRAF permit ip ########################### ! interface GigabitEthernet0/1 ip address ############### duplex auto speed auto ! interface GigabitEthernet0/2 ip address ########### duplex auto speed auto crypto map CMAP ---- If i configure OpenSWAN like so: sha2_truncbug= yes It works and traffic can flow - No Cisco errors are reported. ---- Version-Release number of selected component (if applicable): openswan.2.6.32_27.2.el6_5 How reproducible: Configure VPNs as above and try and send some traffic to the other end Steps to Reproduce: 1. 2. 3. Actual results: VPN establishes but then complains about CRYPTO-4-RECVD_PKT_MAC_ERR: decrypt: mac verify failed for connection Expected results: Vpn establishes and routes traffic Additional info: