The venerable OpenVPN client has been given a mostly clean bill of health.
Between December and February, a team led by Johns Hopkins University crypto-boffin Dr Matthew Green has been auditing OpenVPN 2.4's code.
The review, paid for by Private Internet Access (which uses the software), has been published.
While all software has bugs, the most important part of the verdict is that the review found “no major vulnerabilities”.
Apparently, the project offers a bit of a tutorial for how to develop secure software, highlighting:
- There's a buffer library API that handles dynamically allocated memory safely;
- Wrappers like
openvpn_snprintf()protect unsafe C standard libraries by protecting against buffer overflows and unsafe NULL termination; and
- Keys and other sensitive data are securely wiped from memory to prevent information leaks.
Crypto gets a bouquet: for example, nobody fell into the trap of using weak key generation.
Developers of the future get perhaps the sternest warning, because as the report notes, there's always the chance that a vulnerability will come not from fat-thumbs in the C code, but in someone's “hey, everybody, why don't we …”
As the report notes: “vulnerabilities may crop up from certain feature combinations. This will be an ongoing challenge for OpenVPN developers to catch these problems early as the code base continues to evolve and expand”.
Green's audit was carried out in parallel with a separate European audit run by QuarksLab and supported by the Open Source Technology Improvement Fund.
That audit turned up two bugs Green's project missed: CVE-2017-7478 (the server can be hosed by a large control packet), and CVE0-2917-7479 a packet counter ID rollover that causes a denial of service. Both were fixed in versions 2.4.2 and 2.3.15 before the report landed. ®