To upgrade the current package to rc9 the debian_openssl_vulnkeys.patch
needed some work due to upstream changes. Attached is updated version
on the hope it might be useful.
Regards
Tristan
Index: trunk/init.c
===================================================================
--- trunk/init.c (revision 56669)
+++ trunk/init.c (working copy)
@@ -1513,6 +1513,23 @@
const struct options *options = &c->options;
ASSERT (options->shared_secret_file);
+ /* CVE-2008-0166 (Debian weak key checks) */
+ /* Only check if we can actually read the key file. Unless the file does not
+ * exist in the first place, this should never happen (since static keys do
+ * not work with multi-client mode), but we test it anyway to be on the safe
+ * side and avoid wrong -vulnkey alerts. */
+ if (access (options->shared_secret_file, R_OK) == 0)
+ {
+ struct argv argv = argv_new ();
+ argv_printf (&argv, "/usr/sbin/openvpn-vulnkey -q %s", options->shared_secret_file);
+ argv_msg (M_INFO, &argv);
+ if (openvpn_execve (&argv, c->c2.es, 0) != 0)
+ {
+ msg (M_WARN, "******* WARNING *******: '%s' is a known vulnerable key. See 'man openvpn-vulnkey' for details.", options->shared_secret_file);
+ }
+ argv_reset (&argv);
+ }
+
init_crypto_pre (c, flags);
/* Initialize packet ID tracking */
@@ -1598,6 +1615,7 @@
do_init_crypto_tls_c1 (struct context *c)
{
const struct options *options = &c->options;
+ SSL *ssl;
if (!c->c1.ks.ssl_ctx)
{
@@ -1634,6 +1652,53 @@
options->ciphername_defined, options->authname,
options->authname_defined, options->keysize, true, true);
+ /* CVE-2008-0166 (Debian weak key checks)
+ * Obtain the modulus and bits from the certificate that was initialized,
+ * and send that to openssl-vulnkey.
+ */
+ ssl = SSL_new(c->c1.ks.ssl_ctx);
+ if (ssl != NULL)
+ {
+ X509* cert = NULL;
+ char *bn;
+ int bits;
+
+ cert = SSL_get_certificate(ssl);
+ if (cert != NULL)
+ {
+ EVP_PKEY *pkey = X509_get_pubkey (cert);
+ if (pkey != NULL)
+ {
+ if (pkey->type == EVP_PKEY_RSA && pkey->pkey.rsa != NULL
+ && pkey->pkey.rsa->n != NULL)
+ {
+ bits = BN_num_bits(pkey->pkey.rsa->n);
+ bn = BN_bn2hex(pkey->pkey.rsa->n);
+ }
+ else if (pkey->type == EVP_PKEY_DSA && pkey->pkey.dsa != NULL
+ && pkey->pkey.dsa->p != NULL)
+ {
+ bits = BN_num_bits(pkey->pkey.dsa->p);
+ bn = BN_bn2hex(pkey->pkey.dsa->p);
+ }
+ if (bn != NULL)
+ {
+ struct argv argv = argv_new ();
+ argv_printf (&argv, "/usr/bin/openssl-vulnkey -q -b %d -m %s", bits, bn);
+ OPENSSL_free(bn);
+ msg (M_INFO, "/usr/bin/openssl-vulnkey -q -b %d -m <modulus omitted>", bits);
+ if (openvpn_execve (&argv, NULL, 0) != 0)
+ {
+ msg (M_WARN, "******* WARNING *******: '%s' is a known vulnerable key. See 'man openvpn-vulnkey' for details.", options->shared_secret_file);
+ }
+ argv_reset (&argv);
+ }
+ EVP_PKEY_free (pkey);
+ }
+ }
+ SSL_free(ssl);
+ }
+
/* TLS handshake authentication (--tls-auth) */
if (options->tls_auth_file)
{
