Public bug reported:
Affected software:
- lsb_release -rd: Ubuntu 16.04.4 LTS
- apt-cache policy network-manager: Installed: 1.2.6-0ubuntu0.16.04.2
- apt-cache policy network-manager-openvpn: Installed: 1.1.93-1ubuntu1.1
Steps to reproduce:
1. Prepare an .ovpn config file of the form:
client
nobind
dev tun
remote-cert-tls server
remote 1.2.3.4 1194 udp
<key>
-----BEGIN PRIVATE KEY-----
[... some key here ...]
-----END PRIVATE KEY-----
</key>
<cert>
-----BEGIN CERTIFICATE-----
[... some key here ...]
-----END CERTIFICATE-----
</cert>
<ca>
-----BEGIN CERTIFICATE-----
[... some key here ...]
-----END CERTIFICATE-----
</ca>
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
[... some key here ...]
-----END OpenVPN Static key V1-----
</tls-auth>
key-direction 1
2. Use Ubuntu network manager to import the file, using "Edit
Connections.." -> "Add" -> "Import a saved VPN configuration"
Result:
In resulting connection info window, in tab "VPN", after clicking on
"Advanced..." -> "TLS Authentication", the field "Key Direction" is set to
"None".
Expected result:
"Key Direction" is set to "1".
Notes:
- Moving the line "key-direction 1" above the inline <key>, <cert>, etc
sections fixes the problem.
- Moving the line "remote 1.2.3.4 1194 udp" below the inline <key>, <cert>, etc
sections still correctly sets the remote server address. So it seems that not
all directives are affected by this problem.
- Using the file as written above in 'openvpn --config file.ovpn' works fine.
- This bug made me waste about 2 hours trying to figure out why I was getting
"TLS handshake failed"...
Thank you very much for fixing.
** Affects: network-manager-openvpn (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager-openvpn in Ubuntu.
https://bugs.launchpad.net/bugs/1754643
Title:
When importing config file, "key-direction" is ignored if it's after
inline block.
Status in network-manager-openvpn package in Ubuntu:
New
Bug description:
Affected software:
- lsb_release -rd: Ubuntu 16.04.4 LTS
- apt-cache policy network-manager: Installed: 1.2.6-0ubuntu0.16.04.2
- apt-cache policy network-manager-openvpn: Installed: 1.1.93-1ubuntu1.1
Steps to reproduce:
1. Prepare an .ovpn config file of the form:
client
nobind
dev tun
remote-cert-tls server
remote 1.2.3.4 1194 udp
<key>
-----BEGIN PRIVATE KEY-----
[... some key here ...]
-----END PRIVATE KEY-----
</key>
<cert>
-----BEGIN CERTIFICATE-----
[... some key here ...]
-----END CERTIFICATE-----
</cert>
<ca>
-----BEGIN CERTIFICATE-----
[... some key here ...]
-----END CERTIFICATE-----
</ca>
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
[... some key here ...]
-----END OpenVPN Static key V1-----
</tls-auth>
key-direction 1
2. Use Ubuntu network manager to import the file, using "Edit
Connections.." -> "Add" -> "Import a saved VPN configuration"
Result:
In resulting connection info window, in tab "VPN", after clicking on
"Advanced..." -> "TLS Authentication", the field "Key Direction" is set to
"None".
Expected result:
"Key Direction" is set to "1".
Notes:
- Moving the line "key-direction 1" above the inline <key>, <cert>, etc
sections fixes the problem.
- Moving the line "remote 1.2.3.4 1194 udp" below the inline <key>, <cert>,
etc sections still correctly sets the remote server address. So it seems that
not all directives are affected by this problem.
- Using the file as written above in 'openvpn --config file.ovpn' works fine.
- This bug made me waste about 2 hours trying to figure out why I was getting
"TLS handshake failed"...
Thank you very much for fixing.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/1754643/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
