|Summary:||Not working with static key and tcp|
|Product:||[Fedora] Fedora EPEL||Reporter:||Michael S. <misc>|
|Component:||NetworkManager-openvpn||Assignee:||Gwyn Ciesla <gwync>|
|Status:||CLOSED ERRATA||QA Contact:||Fedora Extras Quality Assurance <extras-qa>|
|Version:||epel7||CC:||gwync, psimerda, rkhan, thaller|
|Fixed In Version:||NetworkManager-openvpn-1.2.6-1.el7||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2016-12-31 10:47:50 UTC||Type:||Bug|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Cloudforms Team:||---||Target Upstream Version:|
Description Michael S. 2015-12-05 13:07:27 UTC
Created attachment 1102522 [details] sample openvpn config for the client Description of problem: When i try to use my openvpn (since RHEL 7.2 upgrade), it fail with this error: déc. 05 13:40:44 kiora.example.com nm-openvpn: Options error: --proto tcp is ambiguous in this context. Please specify --proto tcp-server or --proto tcp-client It used to be working before the upgrade. I did tried with either NetworkManager-openvpn 1.0 and the 1.0.8 in update-testing Version-Release number of selected component (if applicable): NetworkManager-openvpn-1.0.8-1.el7.x86_64 How reproducible: each time Steps to Reproduce: 1. import the config I attached (after setting a similar setup) 2. try to run the VPN 3.
Comment 1 Jirka Klimes 2015-12-05 18:16:15 UTC
It is an error from openvpn. Change the line "proto tcp" to "proto tcp-client". Maybe there's a problem in NM openvpn plugin too, but it seems that openvpn doesn't want to accept "tcp" value. Where did you get the file from? man openvpn says: --proto p Use protocol p for communicating with remote host. p can be udp, tcp-client, or tcp-server.
Comment 2 Michael S. 2015-12-13 14:08:22 UTC
I exported the config from NetworkManager, and it was a configuration I imported around 7.0 time. It was working fine before the upgrade to 7.2 beta. Once imported, the confi But I tought that giving the exported configuration was easier than a screenshot to reproduce the issue. Once imported, you can check and uncheck 'use tcp", and it will still use the wrong protocol anyway. I also did create the same exact configuration from scratch and it fail the same. And looking at the code, I do not see where it is adding tcp-client, and the only mention I see is around: https://git.gnome.org/browse/network-manager-openvpn/tree/src/nm-openvpn-service.c#n1038 I would propose the following patch, but I couldn't test it (nor compile on my RHEL 7.2, missing deps it seems). Should I open a bug on gnome bugzilla for review instead ?
Comment 3 Michael S. 2015-12-13 14:10:14 UTC
Created attachment 1105336 [details] Fix the bug, by using tcp-client.
Comment 4 Michael S. 2015-12-23 16:20:19 UTC
So I went ahead and posted https://bugzilla.gnome.org/show_bug.cgi?id=759811
Comment 5 Thomas Haller 2016-01-11 13:02:53 UTC
Upstream BZ https://bugzilla.gnome.org/show_bug.cgi?id=759811 handled. Patch from comment 3 is applied as: master: https://git.gnome.org/browse/network-manager-openvpn/commit/?id=03ad88a8678f2204784ba38dfe60c6f8410a9ffe nm-1-0: https://git.gnome.org/browse/network-manager-openvpn/commit/?id=90489e9dc5851b3546e6f2579dad42ab3d86096a
Comment 6 Thomas Haller 2016-02-11 18:07:02 UTC
Package NetworkManager-openvpn-1.0.8-2 fixes this for F23 and F22. EPEL package still missing.
Comment 7 Mike McCune 2016-03-28 22:55:34 UTC
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see email@example.com with any questions
Comment 8 Fedora Update System 2016-12-14 18:32:59 UTC
NetworkManager-openvpn-1.2.6-1.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-1427c2b2fc
Comment 9 Fedora Update System 2016-12-16 04:19:54 UTC
NetworkManager-openvpn-1.2.6-1.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-1427c2b2fc
Comment 10 Fedora Update System 2016-12-31 10:47:50 UTC
NetworkManager-openvpn-1.2.6-1.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.