| Summary: | Not working with static key and tcp | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora EPEL | Reporter: | Michael S. <misc> | ||||||
| Component: | NetworkManager-openvpn | Assignee: | Gwyn Ciesla <gwync> | ||||||
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||
| Severity: | unspecified | Docs Contact: | |||||||
| Priority: | unspecified | ||||||||
| Version: | epel7 | CC: | gwync, psimerda, rkhan, thaller | ||||||
| Target Milestone: | --- | ||||||||
| Target Release: | --- | ||||||||
| Hardware: | Unspecified | ||||||||
| OS: | Unspecified | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | NetworkManager-openvpn-1.2.6-1.el7 | Doc Type: | Bug Fix | ||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2016-12-31 10:47:50 UTC | Type: | Bug | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Attachments: |
|
||||||||
It is an error from openvpn. Change the line "proto tcp" to "proto tcp-client".
Maybe there's a problem in NM openvpn plugin too, but it seems that openvpn doesn't want to accept "tcp" value.
Where did you get the file from?
man openvpn says:
--proto p
Use protocol p for communicating with remote host. p can be udp, tcp-client, or tcp-server.
I exported the config from NetworkManager, and it was a configuration I imported around 7.0 time. It was working fine before the upgrade to 7.2 beta. Once imported, the confi But I tought that giving the exported configuration was easier than a screenshot to reproduce the issue. Once imported, you can check and uncheck 'use tcp", and it will still use the wrong protocol anyway. I also did create the same exact configuration from scratch and it fail the same. And looking at the code, I do not see where it is adding tcp-client, and the only mention I see is around: https://git.gnome.org/browse/network-manager-openvpn/tree/src/nm-openvpn-service.c#n1038 I would propose the following patch, but I couldn't test it (nor compile on my RHEL 7.2, missing deps it seems). Should I open a bug on gnome bugzilla for review instead ? Created attachment 1105336 [details]
Fix the bug, by using tcp-client.
So I went ahead and posted https://bugzilla.gnome.org/show_bug.cgi?id=759811 Upstream BZ https://bugzilla.gnome.org/show_bug.cgi?id=759811 handled. Patch from comment 3 is applied as: master: https://git.gnome.org/browse/network-manager-openvpn/commit/?id=03ad88a8678f2204784ba38dfe60c6f8410a9ffe nm-1-0: https://git.gnome.org/browse/network-manager-openvpn/commit/?id=90489e9dc5851b3546e6f2579dad42ab3d86096a Package NetworkManager-openvpn-1.0.8-2 fixes this for F23 and F22. EPEL package still missing. This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune@redhat.com with any questions NetworkManager-openvpn-1.2.6-1.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-1427c2b2fc NetworkManager-openvpn-1.2.6-1.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-1427c2b2fc NetworkManager-openvpn-1.2.6-1.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report. |
Created attachment 1102522 [details] sample openvpn config for the client Description of problem: When i try to use my openvpn (since RHEL 7.2 upgrade), it fail with this error: déc. 05 13:40:44 kiora.example.com nm-openvpn[12454]: Options error: --proto tcp is ambiguous in this context. Please specify --proto tcp-server or --proto tcp-client It used to be working before the upgrade. I did tried with either NetworkManager-openvpn 1.0 and the 1.0.8 in update-testing Version-Release number of selected component (if applicable): NetworkManager-openvpn-1.0.8-1.el7.x86_64 How reproducible: each time Steps to Reproduce: 1. import the config I attached (after setting a similar setup) 2. try to run the VPN 3.