Comment 21 for bug 1674399

libssl1.0.0 1.0.2g-1ubuntu9.2 breaks OpenVPN (2.4.0-5ubuntu1 or 2.3.11-1ubuntu2) connections to Canonical's VPN on my Ryzen 7 1700X desktop running Linux 4.10.0-21-generic. In UDP mode the server stops responding during TLS negotiation, and in TCP mode the server closes the connection at the same stage. Downgrading to ubuntu9.1 fixes it. artful's 1.0.2g-1ubuntu12 is broken in the same way. The HMAC in use by the VPN is SHA-1.

From the server log:

ovpn-tcp[30227]: TCP connection established with [AF_INET]<REDACTED>:44544
ovpn-tcp[30227]: <REDACTED>:44544 TCP connection established with [AF_INET]<REDACTED>:47753
ovpn-tcp[30227]: <REDACTED>:44544 TLS_ERROR: BIO read tls_read_plaintext error: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac
ovpn-tcp[30227]: <REDACTED>:44544 TLS Error: TLS object -> incoming plaintext read error
ovpn-tcp[30227]: <REDACTED>:44544 TLS Error: TLS handshake failed
ovpn-tcp[30227]: <REDACTED>:44544 Fatal TLS error (check_tls_errors_co), restarting

The start of a client log is at http://paste.ubuntu.com/24603459/. Until the connection is closed by the server, it differs from a successful connection only in its keys and session IDs.