Bug 1288711 - Not working with static key and tcp
Summary: Not working with static key and tcp
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: NetworkManager-openvpn
Version: epel7
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
Assignee: Gwyn Ciesla
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2015-12-05 13:07 UTC by Michael S.
Modified: 2016-12-31 10:47 UTC (History)
4 users (show)

Fixed In Version: NetworkManager-openvpn-1.2.6-1.el7
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2016-12-31 10:47:50 UTC
Type: Bug

Attachments (Terms of Use)
sample openvpn config for the client (222 bytes, text/plain)
2015-12-05 13:07 UTC, Michael S.
no flags Details
Fix the bug, by using tcp-client. (1.42 KB, application/mbox)
2015-12-13 14:10 UTC, Michael S.
no flags Details

Description Michael S. 2015-12-05 13:07:27 UTC
Created attachment 1102522 [details]
sample openvpn config for the client

Description of problem:
When i try to use my openvpn (since RHEL 7.2 upgrade), it fail with this error:

déc. 05 13:40:44 kiora.example.com nm-openvpn[12454]: Options error: --proto tcp is ambiguous in this context.  Please specify --proto tcp-server or --proto tcp-client

It used to be working before the upgrade. I did tried with either NetworkManager-openvpn 1.0 and the 1.0.8 in update-testing

Version-Release number of selected component (if applicable):

How reproducible:
each time

Steps to Reproduce:
1. import the config I attached (after setting a similar setup)
2. try to run the VPN

Comment 1 Jirka Klimes 2015-12-05 18:16:15 UTC
It is an error from openvpn. Change the line "proto tcp" to "proto tcp-client".
Maybe there's a problem in NM openvpn plugin too, but it seems that openvpn doesn't want to accept "tcp" value.
Where did you get the file from? 

man openvpn says:
--proto p
              Use protocol p for communicating with remote host.  p can be udp, tcp-client, or tcp-server.

Comment 2 Michael S. 2015-12-13 14:08:22 UTC
I exported the config from NetworkManager, and it was a configuration I imported around 7.0 time. It was working fine before the upgrade to 7.2 beta.

Once imported, the confi
 But I tought that giving the exported configuration was easier than a screenshot to reproduce the issue. Once imported, you can check and uncheck 'use tcp", and it will still use the wrong protocol anyway. I also did create the same exact configuration from scratch and it fail the same.

And looking at the code, I do not see where it is adding tcp-client, and the only mention I see is around:


I would propose the following patch, but I couldn't test it (nor compile on my RHEL 7.2, missing deps it seems).

Should I open a bug on gnome bugzilla for review instead ?

Comment 3 Michael S. 2015-12-13 14:10:14 UTC
Created attachment 1105336 [details]
Fix the bug, by using tcp-client.

Comment 4 Michael S. 2015-12-23 16:20:19 UTC
So I went ahead and posted https://bugzilla.gnome.org/show_bug.cgi?id=759811

Comment 6 Thomas Haller 2016-02-11 18:07:02 UTC
Package NetworkManager-openvpn-1.0.8-2 fixes this for F23 and F22.

EPEL package still missing.

Comment 7 Mike McCune 2016-03-28 22:55:34 UTC
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune@redhat.com with any questions

Comment 8 Fedora Update System 2016-12-14 18:32:59 UTC
NetworkManager-openvpn-1.2.6-1.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-1427c2b2fc

Comment 9 Fedora Update System 2016-12-16 04:19:54 UTC
NetworkManager-openvpn-1.2.6-1.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-1427c2b2fc

Comment 10 Fedora Update System 2016-12-31 10:47:50 UTC
NetworkManager-openvpn-1.2.6-1.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.