openvpn: disable CBC record splitting in PolarSSL/mbedTLS (#19101)

OpenVPN assumes that its control channel messages are sent and received
unfragmented, this assumption is broken when CBC record splitting is
enabled in mbedTLS.

The record splitting is intended as countermeasure against BEAST attacks
which do not apply to OpenVPN, therefore we simply disable it until
upstream OpenVPN gains the ability to process fragmented control
messages.

Disabling the splitting also works around a (not remotely triggerable)
segmentation fault in mbedTLS.

References:

 * https://dev.openwrt.org/ticket/19101
 * https://community.openvpn.net/openvpn/ticket/524
 * https://github.com/ARMmbed/mbedtls/pull/185

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 45602

diff --git a/package/network/services/openvpn/Makefile b/package/network/services/openvpn/Makefile
index 2b0b038a290b9a8ed44dd4b30c54c74f355e99d5..3e9be0dae3cc9e875d68c272b94b2361ccc56425 100644 (file)
--- a/package/network/services/openvpn/Makefile
+++ b/package/network/services/openvpn/Makefile
@@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=openvpn
 
 PKG_VERSION:=2.3.6
-PKG_RELEASE:=3
+PKG_RELEASE:=4
 
 PKG_SOURCE_URL:=http://swupdate.openvpn.net/community/releases
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz

diff --git a/package/network/services/openvpn/patches/120-polarssl-disable-record-splitting.patch b/package/network/services/openvpn/patches/120-polarssl-disable-record-splitting.patch
new file mode 100644 (file)
index 0000000..9e1511b
--- /dev/null
+++ b/package/network/services/openvpn/patches/120-polarssl-disable-record-splitting.patch
@@ -0,0 +1,16 @@
+Index: openvpn-2.3.6/src/openvpn/ssl_polarssl.c
+===================================================================
+--- openvpn-2.3.6.orig/src/openvpn/ssl_polarssl.c
++++ openvpn-2.3.6/src/openvpn/ssl_polarssl.c
+@@ -707,6 +707,11 @@ void key_state_ssl_init(struct key_state
+       if (ssl_ctx->allowed_ciphers)
+       ssl_set_ciphersuites (ks_ssl->ctx, ssl_ctx->allowed_ciphers);
+ 
++      /* Disable record splitting (breaks current ssl handling) */
++#if defined(POLARSSL_SSL_CBC_RECORD_SPLITTING)
++      ssl_set_cbc_record_splitting (ks_ssl->ctx, SSL_CBC_RECORD_SPLITTING_DISABLED);
++#endif /* POLARSSL_SSL_CBC_RECORD_SPLITTING */
++
+       /* Initialise authentication information */
+       if (is_server)
+       ssl_set_dh_param_ctx (ks_ssl->ctx, ssl_ctx->dhm_ctx );