Package: openvpn
Version: 2.1~rc9-3
Severity: important
OpenVPN was working fine before the upgrade to 2.1~rc9-3. I included
script-security to my config without success. So this might be a
problem.
openvpn --config /etc/openvpn/wlan.conf
Thu Aug 21 18:52:34 2008 us=296076 NOTE: the current --script-security setting
may allow this configuration to call user-defined scripts
Thu Aug 21 18:52:34 2008 us=296107 WARNING: the current --script-security
setting may allow passwords to be passed to scripts via environmental variables
Thu Aug 21 18:52:34 2008 us=296167 /usr/sbin/openvpn-vulnkey -q
/etc/openvpn/wlan.key
Thu Aug 21 18:52:34 2008 us=431170 Static Encrypt: Cipher 'BF-CBC' initialized
with 128 bit key
Thu Aug 21 18:52:34 2008 us=431283 Static Encrypt: Using 160 bit message hash
'SHA1' for HMAC authentication
Thu Aug 21 18:52:34 2008 us=431425 Static Decrypt: Cipher 'BF-CBC' initialized
with 128 bit key
Thu Aug 21 18:52:34 2008 us=431460 Static Decrypt: Using 160 bit message hash
'SHA1' for HMAC authentication
Thu Aug 21 18:52:34 2008 us=431518 LZO compression initialized
Thu Aug 21 18:52:34 2008 us=434337 TUN/TAP device tap0 opened
Thu Aug 21 18:52:34 2008 us=434415 TUN/TAP TX queue length set to 100
Thu Aug 21 18:52:34 2008 us=434515 /etc/openvpn/scripts/bridge.up br0 tap0 1500
1577 init
Thu Aug 21 18:52:34 2008 us=435562 script failed: could not execute external
program
Thu Aug 21 18:52:34 2008 us=435631 Exiting
Where /etc/openvpn/scripts/bridge.up:
#!/bin/sh
echo foo > /tmp/foo
and /etc/openvpn/wlan.conf:
local 10.1.1.1
float
dev tap
lport 1194
secret /etc/openvpn/wlan.key
script-security 3
up "/etc/openvpn/scripts/bridge.up br0"
down "/etc/openvpn/scripts/bridge.down br0"
persist-tun
ping 3
ping-restart 30
comp-lzo
verb 5
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.25.1-vs2.3.x-vs2.3.0.34.9 (SMP w/2 CPU cores)
Locale: LANG=en_US.ISO-8859-15, LC_CTYPE=en_US.ISO-8859-15 (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash
Versions of packages openvpn depends on:
ii debconf [debconf-2.0] 1.5.22 Debian configuration management sy
ii libc6 2.7-13 GNU C Library: Shared libraries
ii liblzo2-2 2.03-1 data compression library
ii libpam0g 1.0.1-2 Pluggable Authentication Modules l
ii libpkcs11-helper1 1.05-1 library that simplifies the intera
ii libssl0.9.8 0.9.8g-13 SSL shared libraries
ii openssl-blacklist 0.4.2 list of blacklisted OpenSSL RSA ke
ii openvpn-blacklist 0.3 list of blacklisted OpenVPN RSA sh
Versions of packages openvpn recommends:
ii net-tools 1.60-19 The NET-3 networking toolkit
Versions of packages openvpn suggests:
ii openssl 0.9.8g-13 Secure Socket Layer (SSL) binary a
pn resolvconf <none> (no description available)
-- debconf information:
* openvpn/vulnerable_prng:
openvpn/change_init: false
openvpn/change_init2: false
openvpn/create_tun: false
openvpn/stop2upgrade: false
openvpn/default_port:
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
