You may want to check the openvpn page on that topic. But you can not eliminate the server as a factor.

A lot depends on the actual configuration of vpn server. In addition, there may be weaknesses in implementation as well as cryptography.

In brief:
OpenVPN uses TLS/SSL as transport protocol. When SSL session is established, two sides exchange public keys (certificates). By applying both keys to Diffie-Hellman authentication, the shared secret is computed. This shared secret is the symmetric key that is used for the symmetric cipher to transform the plain text to cipher text at the source, and later to transform the cipher text to plain text at the destination.

Please be more specific, because I am not sure if you are referring to the session establishment, or later integrity checks, when data are actualy sent?

By this you mean chroot-ing the openvpn client itself?

The posted exploit does not recover username/passwords from within browser. It basically replaces legitimate login page.

The attacker poses as a default router, by producing massive number of arp messages in order to confuse the victim about default gateways actual ARP address.

The attacker itself is configured to forward any incoming traffic to the legitimate router. The sslstrip is used in-between to replace unencrypted HTML login pages, with ones that can be used to log username/passwords.

Once the username/password is recovered, the information is used to create a legitimate session, so victim firmly belives it is secure, since the SSL is established and locker is visible.