Bug 1288711
| Summary: | Not working with static key and tcp | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora EPEL | Reporter: | Michael S. <misc> | ||||||
| Component: | NetworkManager-openvpn | Assignee: | Gwyn Ciesla <gwync> | ||||||
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||
| Severity: | unspecified | Docs Contact: | |||||||
| Priority: | unspecified | ||||||||
| Version: | epel7 | CC: | gwync, psimerda, rkhan, thaller | ||||||
| Target Milestone: | --- | ||||||||
| Target Release: | --- | ||||||||
| Hardware: | Unspecified | ||||||||
| OS: | Unspecified | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | NetworkManager-openvpn-1.2.6-1.el7 | Doc Type: | Bug Fix | ||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2016-12-31 10:47:50 UTC | Type: | Bug | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Attachments: |
|
||||||||
It is an error from openvpn. Change the line "proto tcp" to "proto tcp-client".
Maybe there's a problem in NM openvpn plugin too, but it seems that openvpn doesn't want to accept "tcp" value.
Where did you get the file from?
man openvpn says:
--proto p
Use protocol p for communicating with remote host. p can be udp, tcp-client, or tcp-server.
I exported the config from NetworkManager, and it was a configuration I imported around 7.0 time. It was working fine before the upgrade to 7.2 beta. Once imported, the confi But I tought that giving the exported configuration was easier than a screenshot to reproduce the issue. Once imported, you can check and uncheck 'use tcp", and it will still use the wrong protocol anyway. I also did create the same exact configuration from scratch and it fail the same. And looking at the code, I do not see where it is adding tcp-client, and the only mention I see is around: https://git.gnome.org/browse/network-manager-openvpn/tree/src/nm-openvpn-service.c#n1038 I would propose the following patch, but I couldn't test it (nor compile on my RHEL 7.2, missing deps it seems). Should I open a bug on gnome bugzilla for review instead ? Created attachment 1105336 [details]
Fix the bug, by using tcp-client.
So I went ahead and posted https://bugzilla.gnome.org/show_bug.cgi?id=759811 Upstream BZ https://bugzilla.gnome.org/show_bug.cgi?id=759811 handled. Patch from comment 3 is applied as: master: https://git.gnome.org/browse/network-manager-openvpn/commit/?id=03ad88a8678f2204784ba38dfe60c6f8410a9ffe nm-1-0: https://git.gnome.org/browse/network-manager-openvpn/commit/?id=90489e9dc5851b3546e6f2579dad42ab3d86096a Package NetworkManager-openvpn-1.0.8-2 fixes this for F23 and F22. EPEL package still missing. This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune with any questions NetworkManager-openvpn-1.2.6-1.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-1427c2b2fc NetworkManager-openvpn-1.2.6-1.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-1427c2b2fc NetworkManager-openvpn-1.2.6-1.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report. |
Created attachment 1102522 [details] sample openvpn config for the client Description of problem: When i try to use my openvpn (since RHEL 7.2 upgrade), it fail with this error: déc. 05 13:40:44 kiora.example.com nm-openvpn[12454]: Options error: --proto tcp is ambiguous in this context. Please specify --proto tcp-server or --proto tcp-client It used to be working before the upgrade. I did tried with either NetworkManager-openvpn 1.0 and the 1.0.8 in update-testing Version-Release number of selected component (if applicable): NetworkManager-openvpn-1.0.8-1.el7.x86_64 How reproducible: each time Steps to Reproduce: 1. import the config I attached (after setting a similar setup) 2. try to run the VPN 3.