Created attachment 1193087 [details]
Modified version of SuSE patch, also checks binary
Description of problem:
Version-Release number of selected component (if applicable):
100% reproducible on EL6
does not reproduce on EL7
Steps to Reproduce:
1. Pass fips=1 as a kernel boot parameter; reboot
2. Verify the system really is in FIPS mode via "fipscheck"; you should see "fips mode is on" as output
3. Install openVPN on two systems.
4. (With one exception, described in item 4b) Establish a connection as described in the OpenVPN "Static Key Mini-Howto"
4b) Specify "cipher AES-256-CBC" in both config files.
Server and/or client segfaults.
Ideally, openVPN would still work. At very least, a clean message explaining what happened.
Web searches show a lot of people are running into this, and SuSE has published a patch for the OpenVPN source. I'm attaching patches and an updated .spec file.
Created attachment 1193089 [details]
Patch to .spec file
Note: looks like fipscheck doesn't say "fips mode is on" in EL6. Disregard step 2.
FYU: I have started a discussion upstream OpenVPN to add FIPS support.
Can you please test openvpn-2.4.1 on a FIPS enabled system now? We have added a patch in this so it should no longer require MD5.
Created attachment 1291136 [details]
openSUSE FIPS patch
The openvpn-2.4.1-3 packages currently in EPEL still segfalt on EL6 in FIPS mode. With "verb 11", the last line in the server log is for "tls1_P_hash seed:".
openSUSE has a patch that sets EVP_MD_CTX_FLAG_NON_FIPS_ALLOW the "special PRF-exception for MD5 in FIPS" mentioned in the OpenVPN issue above (#725) to actually work (see attached).
Ah, sorry, got my wires a bit crossed. It's been a long night/morning....
To clarify, the openSUSE patch mentioned and attached here a few months ago was for OpenVPN 2.3. I've been using that in my own 2.3 el6 packages for a while with success, slightly modified as upstream changed.
The code that was eventually accepted into 2.4 (https://email@example.com/msg13926.html) does not include the EVP_MD_CTX_FLAG_NON_FIPS_ALLOW part, so doesn't actually work under FIPS mode. It segfaults during the TLS PRF function.
The openSUSE patch has just been updated for 2.4 (coincidentally as I was doing the same thing myself last night), which is what I attached in my last comment. The only difference between their patch now and mine is that they set the cipher default to AES-256-CBC instead of BF-CBC, which I personally think was unnecessary and a bit ugly, since the documentation wasn't updated to reflect that.
First of all, I'm not going to do what SUSE does - applying their own patches on-top of OpenVPN and not even trying to be involved in getting these patches upstream. I want Fedora to ship as little additional modifications as possible, and when needed - let it be really strictly Fedora related. Anything else
The other thing, I had a quick look at the openvpn-2.4.3 package SUSE have ... And I didn't spot any new FIPS related patches. Can you please please point at the exact patch for v2.4.3? Then we can see how we can get that upstream first.
That said, it is far more fruitful to have this discussion in the upstream trac ticket: https://community.openvpn.net/openvpn/ticket/725
Sorry! I now spotted the patch you added ... which looks more like v2.4 related. I initially took it to be the v2.3 patch.
FIPS is now being discussed and looked at upstream. So closing this ticket as UPSTREAM, as this is not something we will patch outside the upstream project.
Oh, forgot the upstream Trac ticket URL: https://community.openvpn.net/openvpn/ticket/725