Problem with OpenVPN on LEDE

perdrix · June 9, 2017, 2:44pm

If I try to connect to the Private Internet Access VPN server on my Ubuntu server using the following OpenVPN configuration file

client
dev tun
proto udp
resolv-retry infinite
nobind 1
persist-key 1
persist-tun 1
cipher BF-CBC
auth SHA1
tls-client 1
remote-cert-tls server
auth-user-pass /etc/openvpn/.secret
comp-lzo yes
verb 3
reneg-sec 0
crl-verify /etc/openvpn/crl.pem
ca /etc/openvpn/ca.crt
disable-occ 1
port 53
remote 5.63.151.156
remote 104.238.169.85
script-security 2
ping 10
ping-restart 60

it works and see this:

Fri Jun  9 15:08:29 2017 Socket Buffers: R=[212992->212992] S=[212992->212992]
Fri Jun  9 15:08:29 2017 UDPv4 link local: [undef]
Fri Jun  9 15:08:29 2017 UDPv4 link remote: [AF_INET]104.238.169.85:53
Fri Jun  9 15:08:29 2017 TLS: Initial packet from [AF_INET]104.238.169.85:53, sid=5821d6f5 20296e9d
Fri Jun  9 15:08:29 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Jun  9 15:08:29 2017 CRL CHECK OK: C=US, ST=OH, L=Columbus, O=Private Internet Access, CN=Private Internet Access CA, emailAddress=secure@privateinternetaccess.com
Fri Jun  9 15:08:29 2017 VERIFY OK: depth=1, C=US, ST=OH, L=Columbus, O=Private Internet Access, CN=Private Internet Access CA, emailAddress=secure@privateinternetaccess.com
Fri Jun  9 15:08:29 2017 Validating certificate key usage
Fri Jun  9 15:08:29 2017 ++ Certificate has key usage  00a0, expects 00a0
Fri Jun  9 15:08:29 2017 VERIFY KU OK
Fri Jun  9 15:08:29 2017 Validating certificate extended key usage
Fri Jun  9 15:08:29 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Fri Jun  9 15:08:29 2017 VERIFY EKU OK
Fri Jun  9 15:08:29 2017 CRL CHECK OK: C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=913b6ab8cfffcfc9efa4345d4104a57b, name=913b6ab8cfffcfc9efa4345d4104a57b
Fri Jun  9 15:08:29 2017 VERIFY OK: depth=0, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=913b6ab8cfffcfc9efa4345d4104a57b, name=913b6ab8cfffcfc9efa4345d4104a57b
Fri Jun  9 15:08:29 2017 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Jun  9 15:08:29 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Jun  9 15:08:29 2017 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Jun  9 15:08:29 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Jun  9 15:08:29 2017 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Fri Jun  9 15:08:29 2017 [913b6ab8cfffcfc9efa4345d4104a57b] Peer Connection Initiated with [AF_INET]104.238.169.85:53
Fri Jun  9 15:08:31 2017 SENT CONTROL [913b6ab8cfffcfc9efa4345d4104a57b]: 'PUSH_REQUEST' (status=1)
Fri Jun  9 15:08:31 2017 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 209.222.18.222,dhcp-option DNS 209.222.18.218,ping 10,comp-lzo no,route 10.62.10.1,topology net30,ifconfig 10.62.10.6 10.62.10.5,auth-token toQJXs191geecQsjVLIjSmVXWoo6mFk9dgl4Ou+7soQ='
Fri Jun  9 15:08:31 2017 OPTIONS IMPORT: timers and/or timeouts modified
Fri Jun  9 15:08:31 2017 OPTIONS IMPORT: LZO parms modified
Fri Jun  9 15:08:31 2017 OPTIONS IMPORT: --ifconfig/up options modified
Fri Jun  9 15:08:31 2017 OPTIONS IMPORT: route options modified
Fri Jun  9 15:08:31 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Jun  9 15:08:31 2017 ROUTE_GATEWAY 192.168.129.1/255.255.255.0 IFACE=eth0 HWADDR=00:01:2e:3d:2a:d1
Fri Jun  9 15:08:31 2017 TUN/TAP device tun0 opened
Fri Jun  9 15:08:31 2017 TUN/TAP TX queue length set to 100
Fri Jun  9 15:08:31 2017 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Fri Jun  9 15:08:31 2017 /sbin/ip link set dev tun0 up mtu 1500
Fri Jun  9 15:08:31 2017 /sbin/ip addr add dev tun0 local 10.62.10.6 peer 10.62.10.5
Fri Jun  9 15:08:31 2017 /sbin/ip route add 104.238.169.85/32 via 192.168.129.1
Fri Jun  9 15:08:31 2017 /sbin/ip route add 0.0.0.0/1 via 10.62.10.5
Fri Jun  9 15:08:31 2017 /sbin/ip route add 128.0.0.0/1 via 10.62.10.5
Fri Jun  9 15:08:31 2017 /sbin/ip route add 10.62.10.1/32 via 10.62.10.5
Fri Jun  9 15:08:31 2017 Initialization Sequence Completed

However if I try the equivalent on my Homehub 5A running LEDE, I get the following in syslog:

Fri Jun  9 14:27:01 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: Restart pause, 5 second(s)
Fri Jun  9 14:27:06 2017 daemon.warn openvpn(PIA_VPN_BF)[17573]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: Re-using SSL/TLS context
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: LZO compression initializing
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: Control Channel MTU parms [ L:1622 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 40 bytes
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: calc_options_string_link_mtu: link-mtu 1622 -> 1542
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 40 bytes
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: calc_options_string_link_mtu: link-mtu 1622 -> 1542
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: TCP/UDP: Preserving recently used remote address: [AF_INET]104.238.169.85:53
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: Socket Buffers: R=[163840->163840] S=[163840->163840]
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: UDP link local: (not bound)
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: UDP link remote: [AF_INET]104.238.169.85:53
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]:  event_wait returned 1
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: UDP WRITE [14] to [AF_INET]104.238.169.85:53: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=7c4bac2c 0ee25db6 [ ] pid=0 DATA 
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: UDP write returned 14
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]:  event_wait returned 1
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: UDP read returned 26
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: UDP READ [26] from [AF_INET]104.238.169.85:53: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 sid=74fbe891 cdc5da12 [ 0 sid=7c4bac2c 0ee25db6 ] pid=0 DATA 
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: TLS: Initial packet from [AF_INET]104.238.169.85:53, sid=74fbe891 cdc5da12
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]:  event_wait returned 1
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: UDP WRITE [22] to [AF_INET]104.238.169.85:53: P_ACK_V1 kid=0 sid=7c4bac2c 0ee25db6 [ 0 sid=74fbe891 cdc5da12 ]
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: UDP write returned 22
Fri Jun  9 14:27:06 2017 daemon.warn openvpn(PIA_VPN_BF)[17573]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]:  event_wait returned 1
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: UDP WRITE [178] to [AF_INET]104.238.169.85:53: P_CONTROL_V1 kid=0 sid=7c4bac2c 0ee25db6 [ ] pid=1 DATA 16030100 9f010000 9b030359 3ab03ac0 ed869418 8c7726cc 70f8eff3 be5e51d[more...]
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: UDP write returned 178
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]:  event_wait returned 1
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: UDP read returned 1200
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: UDP READ [1200] from [AF_INET]104.238.169.85:53: P_CONTROL_V1 kid=0 sid=74fbe891 cdc5da12 [ 1 sid=7c4bac2c 0ee25db6 ] pid=1 DATA 16030100 31020000 2d03018a fe3c27bd 11918831 1c0cf3fb afdc1520 df5de92[more...]
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]:  event_wait returned 1
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: UDP WRITE [22] to [AF_INET]104.238.169.85:53: P_ACK_V1 kid=0 sid=7c4bac2c 0ee25db6 [ 1 sid=74fbe891 cdc5da12 ]
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: UDP write returned 22
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]:  event_wait returned 1
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: UDP read returned 1188
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: UDP READ [1188] from [AF_INET]104.238.169.85:53: P_CONTROL_V1 kid=0 sid=74fbe891 cdc5da12 [ ] pid=2 DATA 32447625 25eb300d 06092a86 4886f70d 01010505 003081a5 310b3009 0603550[more...]
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: VERIFY OK: depth=1, C=US, ST=OH, L=Columbus, O=Private Internet Access, CN=Private Internet Access CA, emailAddress=secure@privateinternetaccess.com
Fri Jun  9 14:27:06 2017 daemon.err openvpn(PIA_VPN_BF)[17573]: VERIFY ERROR: depth=0, subject=C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=913b6ab8cfffcfc9efa4345d4104a57b, ??=913b6ab8cfffcfc9efa4345d4104a57b: The certificate is signed with an unacceptable key (eg bad curve, RSA too short).
Fri Jun  9 14:27:06 2017 daemon.err openvpn(PIA_VPN_BF)[17573]: TLS_ERROR: read tls_read_plaintext error: X509 - Certificate verification failed, e.g. CRL, CA or signature check failed
Fri Jun  9 14:27:06 2017 daemon.err openvpn(PIA_VPN_BF)[17573]: TLS Error: TLS object -> incoming plaintext read error
Fri Jun  9 14:27:06 2017 daemon.err openvpn(PIA_VPN_BF)[17573]: TLS Error: TLS handshake failed
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: TCP/UDP: Closing socket
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: SIGUSR1[soft,tls-error] received, process restarting
Fri Jun  9 14:27:06 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: Restart pause, 5 second(s)
Fri Jun  9 14:27:08 2017 daemon.notice openvpn(PIA_VPN_BF)[17573]: SIGTERM[hard,init_instance] received, process exiting
Fri Jun  9 14:27:51 2017 daemon.notice openvpn(PIA_VPN_BF)[18461]: OpenVPN 2.4.2 mips-openwrt-linux-gnu [SSL (mbed TLS)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Fri Jun  9 14:27:51 2017 daemon.notice openvpn(PIA_VPN_BF)[18461]: library versions: mbed TLS 2.4.2, LZO 2.09
Fri Jun  9 14:27:51 2017 daemon.warn openvpn(PIA_VPN_BF)[18461]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Fri Jun  9 14:27:51 2017 daemon.notice openvpn(PIA_VPN_BF)[18461]: TCP/UDP: Preserving recently used remote address: [AF_INET]5.63.151.156:53
Fri Jun  9 14:27:51 2017 daemon.notice openvpn(PIA_VPN_BF)[18461]: Socket Buffers: R=[163840->163840] S=[163840->163840]
Fri Jun  9 14:27:51 2017 daemon.notice openvpn(PIA_VPN_BF)[18461]: UDP link local: (not bound)
Fri Jun  9 14:27:51 2017 daemon.notice openvpn(PIA_VPN_BF)[18461]: UDP link remote: [AF_INET]5.63.151.156:53
Fri Jun  9 14:28:09 2017 daemon.info odhcpd[812]: Using a RA lifetime of 0 seconds on br-lan
Fri Jun  9 14:28:51 2017 daemon.notice openvpn(PIA_VPN_BF)[18461]: [UNDEF] Inactivity timeout (--ping-restart), restarting
Fri Jun  9 14:28:51 2017 daemon.notice openvpn(PIA_VPN_BF)[18461]: SIGUSR1[soft,ping-restart] received, process restarting
Fri Jun  9 14:28:51 2017 daemon.notice openvpn(PIA_VPN_BF)[18461]: Restart pause, 5 second(s)
Fri Jun  9 14:28:56 2017 daemon.warn openvpn(PIA_VPN_BF)[18461]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Fri Jun  9 14:28:56 2017 daemon.notice openvpn(PIA_VPN_BF)[18461]: TCP/UDP: Preserving recently used remote address: [AF_INET]104.238.169.85:53
Fri Jun  9 14:28:56 2017 daemon.notice openvpn(PIA_VPN_BF)[18461]: Socket Buffers: R=[163840->163840] S=[163840->163840]
Fri Jun  9 14:28:56 2017 daemon.notice openvpn(PIA_VPN_BF)[18461]: UDP link local: (not bound)
Fri Jun  9 14:28:56 2017 daemon.notice openvpn(PIA_VPN_BF)[18461]: UDP link remote: [AF_INET]104.238.169.85:53
Fri Jun  9 14:28:56 2017 daemon.notice openvpn(PIA_VPN_BF)[18461]: TLS: Initial packet from [AF_INET]104.238.169.85:53, sid=d910ac67 3cfe9bbd
Fri Jun  9 14:28:56 2017 daemon.warn openvpn(PIA_VPN_BF)[18461]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Jun  9 14:28:56 2017 daemon.notice openvpn(PIA_VPN_BF)[18461]: VERIFY OK: depth=1, C=US, ST=OH, L=Columbus, O=Private Internet Access, CN=Private Internet Access CA, emailAddress=secure@privateinternetaccess.com
Fri Jun  9 14:28:56 2017 daemon.err openvpn(PIA_VPN_BF)[18461]: VERIFY ERROR: depth=0, subject=C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=913b6ab8cfffcfc9efa4345d4104a57b, ??=913b6ab8cfffcfc9efa4345d4104a57b: The certificate is signed with an unacceptable key (eg bad curve, RSA too short).
Fri Jun  9 14:28:56 2017 daemon.err openvpn(PIA_VPN_BF)[18461]: TLS_ERROR: read tls_read_plaintext error: X509 - Certificate verification failed, e.g. CRL, CA or signature check failed
Fri Jun  9 14:28:56 2017 daemon.err openvpn(PIA_VPN_BF)[18461]: TLS Error: TLS object -> incoming plaintext read error
Fri Jun  9 14:28:56 2017 daemon.err openvpn(PIA_VPN_BF)[18461]: TLS Error: TLS handshake failed
Fri Jun  9 14:28:56 2017 daemon.notice openvpn(PIA_VPN_BF)[18461]: SIGUSR1[soft,tls-error] received, process restarting
Fri Jun  9 14:28:56 2017 daemon.notice openvpn(PIA_VPN_BF)[18461]: Restart pause, 5 second(s)
Fri Jun  9 14:29:01 2017 daemon.warn openvpn(PIA_VPN_BF)[18461]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Fri Jun  9 14:29:01 2017 daemon.notice openvpn(PIA_VPN_BF)[18461]: TCP/UDP: Preserving recently used remote address: [AF_INET]5.63.151.156:53
Fri Jun  9 14:29:01 2017 daemon.notice openvpn(PIA_VPN_BF)[18461]: Socket Buffers: R=[163840->163840] S=[163840->163840]
Fri Jun  9 14:29:01 2017 daemon.notice openvpn(PIA_VPN_BF)[18461]: UDP link local: (not bound)
Fri Jun  9 14:29:01 2017 daemon.notice openvpn(PIA_VPN_BF)[18461]: UDP link remote: [AF_INET]5.63.151.156:53
Fri Jun  9 14:29:04 2017 daemon.info hostapd: wlan1: STA 34:15:9e:6b:17:ad WPA: group key handshake completed (RSN)
Fri Jun  9 14:29:21 2017 daemon.err openvpn(PIA_VPN_BF)[18461]: event_wait : Interrupted system call (code=4)
Fri Jun  9 14:29:21 2017 daemon.notice openvpn(PIA_VPN_BF)[18461]: SIGTERM[hard,] received, process exiting

Note that a similar config using AES-256-CBC and different ca and crl files works on LEDE.

Can anyone cast light on what's wrong please?

perdrix · June 9, 2017, 3:28pm

Arrgh! This appears to be related for bug FS#405 in that mbedtls used by openvpn-mbedtls has code specifically to REJECT 1024 bit certificates regardless of validity.

This sort of works is you have control over the CAs, but where you are connecting to VPN servers owned and run by a commercial organisation, you can't just reissue the certificates. Changing the certificate is not an option, as it's what is considered sufficient by my VPN provider.

Is there any way to configure openvpn-mbedtls to allow 1024 bit certs?

Alternatively is there any way to use openvpn-openssl on the Homehub 5A port of LEDE?

Dave

takimata · June 9, 2017, 8:03pm

Yes, mbedtls comes with a stricter default about what it accepts as certificates. Especially notable is the rejection of MD5-hashed certificates (which has been the default in easy-rsa for a long time, I had to recreate my whole CA when I switched to a current mbedtls on the server side).

I see openvpn-openssl_2.4.2-1_mips_24kc.ipk, so it should not be a problem to install openvpn-openssl.

perdrix · June 9, 2017, 8:38pm

Uninstalling openvpn-mbedtls and installing openvpn-openssl solved the problem for me.

Unfortunately using Blowfish was only marginally faster the AES.

Hoping that the guys who ported to the HH5A can enable the hardware crypto accelerator ...

Dave

krazeh · June 9, 2017, 10:43pm

I wouldn't hold your breath, I don't think it's a particular priority (or even if anyone is looking at it at all). If you have an Ubuntu server (which presumably is running on more powerful hardware) you'd be better off running OpenVPN server on that and simply adding a route to your router to send all relevant traffic to the Ubuntu server so it can go through your VPN. It is marginally more complicated than simply running OpenVPN on the router, but it'll be far faster.