src/plugins/auth-pam/auth-pam.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 fix libpam.so filename to /lib/libpam.so.0 in pam plugin

src/openvpn/socket.c | 8 4 + 4 - 0 !
1 file changed, 4 insertions(+), 4 deletions(-)

 set socket's fd_cloexec flag before calling up script
 Moving the set_cloexec() call from link_socket_init_phase2() to
 link_socket_init_phase1().

sample/sample-config-files/client.conf | 2 1 + 1 - 0 !
sample/sample-config-files/server.conf | 2 1 + 1 - 0 !
sample/sample-config-files/static-home.conf | 2 1 + 1 - 0 !
sample/sample-config-files/static-office.conf | 2 1 + 1 - 0 !
sample/sample-config-files/tls-home.conf | 2 1 + 1 - 0 !
sample/sample-config-files/tls-office.conf | 2 1 + 1 - 0 !
6 files changed, 6 insertions(+), 6 deletions(-)

 unpriviledged group in debian is called nogroup instead of nobody

src/openvpn/options.c | 14 14 + 0 - 0 !
1 file changed, 14 insertions(+)

 warn users about deprecated pkcs11 options

doc/openvpn.8 | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 fix small wording in man page.

src/openvpn/route.c | 2 1 + 1 - 0 !
src/openvpn/tun.c | 2 1 + 1 - 0 !
2 files changed, 2 insertions(+), 2 deletions(-)

 improve kfreebsd support

src/openvpn/occ.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 simple spelling fix

doc/openvpn.8 | 44 22 + 22 - 0 !
1 file changed, 22 insertions(+), 22 deletions(-)

 man page fixes

src/openvpn/console.c | 9 2 + 7 - 0 !
1 file changed, 2 insertions(+), 7 deletions(-)

 improved systemd detection for password prompt

src/openvpn/multi.c | 14 10 + 4 - 0 !
1 file changed, 10 insertions(+), 4 deletions(-)

---

src/openvpn/ssl.c | 6 5 + 1 - 0 !
1 file changed, 5 insertions(+), 1 deletion(-)

 [patch] drop too-short control channel packets instead of asserting
 out.

This fixes a denial-of-service vulnerability where an authenticated client
could stop the server by triggering a server-side ASSERT().

OpenVPN would previously ASSERT() that control channel packets have a
payload of at least 4 bytes. An authenticated client could trigger this
assert by sending a too-short control channel packet to the server.

Thanks to Dragana Damjanovic for reporting the issue.

This bug has been assigned CVE-2014-8104.

Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>

sample/sample-keys/ca.crt | 48 32 + 16 - 0 !
sample/sample-keys/ca.key | 67 52 + 15 - 0 !
sample/sample-keys/client.crt | 126 82 + 44 - 0 !
sample/sample-keys/client.key | 43 28 + 15 - 0 !
sample/sample-keys/server.crt | 130 88 + 42 - 0 !
sample/sample-keys/server.key | 43 28 + 15 - 0 !
6 files changed, 310 insertions(+), 147 deletions(-)

---

src/openvpn/crypto.c | 12 3 + 9 - 0 !
src/openvpn/packet_id.c | 24 21 + 3 - 0 !
src/openvpn/packet_id.h | 34 13 + 21 - 0 !
tests/unit_tests/openvpn/Makefile.am | 24 24 + 0 - 0 !
tests/unit_tests/openvpn/mock_msg.c | 98 98 + 0 - 0 !
tests/unit_tests/openvpn/mock_msg.h | 35 35 + 0 - 0 !
tests/unit_tests/openvpn/test_packet_id.c | 169 169 + 0 - 0 !
7 files changed, 363 insertions(+), 33 deletions(-)

 [patch] cleanup: merge packet_id_alloc_outgoing() into
 packet_id_write()

The functions packet_id_alloc_outgoing() and packet_id_write() were
always called in tandem.  Instead of forcing the caller to allocate a
packet_id_net to do so, merge the two functions.  This simplifies the API
and reduces the chance on mistakes in the future.

This patch adds unit tests to verify the behaviour of packet_id_write().
Verifying that we assert out correctly required the change to mock_msg.c.

This patch was cherry-picked from a87e1431 (master).

Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>

src/openvpn/crypto.c | 15 11 + 4 - 0 !
src/openvpn/packet_id.c | 22 16 + 6 - 0 !
src/openvpn/packet_id.h | 1 1 + 0 - 0 !
tests/unit_tests/openvpn/test_packet_id.c | 11 9 + 2 - 0 !
4 files changed, 37 insertions(+), 12 deletions(-)

 [patch 2/2] drop packets instead of asserting out if packet id rolls
 over
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Previously, if a mode was selected where packet ids are not allowed to roll
over, but renegotiation does not succeed for some reason (e.g. no password
entered in time, certificate expired or a malicious peer that refuses the
renegotiaion on purpose) we would continue to use the old keys.  Until the
packet ID would roll over and we would ASSERT() out.

Given that this can be triggered on purpose by an authenticated peer, this
is a fix for an authenticated remote DoS vulnerability.  An attack is
rather inefficient though; a peer would need to get us to send 2^32
packets (min-size packet is IP+UDP+OPCODE+PID+TAG (no payload), results in
(20+8+1+4+16)2^32 bytes, or approx. 196 GB).

Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>

CVE-2017-7479

[Ubuntu note: 2.3.x does not support tlscrypt, so that portion of patch
was dropped; other backporting to 2.3.x]. --sbeattie

src/openvpn/ssl_verify_openssl.c | 5 4 + 1 - 0 !
1 file changed, 4 insertions(+), 1 deletion(-)

---

src/openvpn/ssl_verify_openssl.c | 9 4 + 5 - 0 !
1 file changed, 4 insertions(+), 5 deletions(-)

---

src/openvpn/ntlm.c | 10 8 + 2 - 0 !
1 file changed, 8 insertions(+), 2 deletions(-)

---

src/openvpn/mss.c | 11 9 + 2 - 0 !
1 file changed, 9 insertions(+), 2 deletions(-)

---