Created attachment 341551 [details] Importing pcf file error Description of problem: Importing pcf file does not work Version-Release number of selected component (if applicable): NetworkManager-vpnc-0.7.0.99-1 How reproducible: Import pcf file Steps to Reproduce: 1. Import pcf file with networkmanager 2. 3. Actual results: Failed import Expected results: Successful import Additional info: The file name in the attachment is not correct. The file name seems to change randomly.
can you attach the pcf file you are trying to import?
Created attachment 341747 [details] pcf file Pcf file is attached.
Need Real Name (heck, is this really your name? ;), There are really two problems here: 1.) NetworkManager-vpnc does not like your file because it lacks Description= Did you generate the file with some software or created by hand? Do you know whether other VPNC clients accept this file? Please add some Description= there and let me know if it helps. 2.) The file name is obviously garbled. I could not reproduce this. Do you use any other NetworkManager plugins? I'd be very thankful if you could launch nm-connection-editor and attached output of the following commands: This will list which shared objects are in use by the connection editor: cat /proc/$(/sbin/pidof nm-connection-editor)/maps And this will list exactly which versions of packages are in use: cat /proc/$(/sbin/pidof nm-connection-editor)/maps |awk '{print $6}' |xargs rpm -qf |sort |uniq Thanks in advance!
Created attachment 341982 [details] Accept files with missing description (In reply to comment #3) > Did you generate the file with some software or created by hand? Do you know > whether other VPNC clients accept this file? I'm still interested in answer for this, I think I sorted the rest out. I'd prefer if Dan had a look before I commit though. > 2.) The file name is obviously garbled. This was filed as separate issue (bug #497992) and it can't be fixed in EPEL (it is a NetworkManager issue). dcbw: Does the patch make sense to you, should I commit? (the previous build didn't leave testing yet, patch was tested)
The pcf file may have been created automatically but it has been modified by hand afterwards.
Fixed in revision 1:0.7.0.99-1.4 in EPEL. Handing the open bug to Dan to track fixing in Fedora Rawhide.
1fb3ebbef18b621733b3dea00ff72d114fad80fc (master) 4e04bfb4877f23ec14ac298a9ff7a63f1e7eaa5d (0.7) Thanks!
Where can I find this new package?
http://buildsys.fedoraproject.org/plague-results/fedora-5-epel/NetworkManager-vpnc/0.7.0.99-1.el5.4/
Yes, the importing works except the encrypted group password does not get imported. In pcf file "enc_GroupPwd=somethingencrypted"
(In reply to comment #11) > Yes, the importing works except the encrypted group password does not get > imported. In pcf file "enc_GroupPwd=somethingencrypted" I'd prefer if you opened separate reports for separate bugs. enc_GroupPwd works for me, tested with (which decrypts to "world"): enc_GroupPwd=A7AB1FF21C8A1488A319FA5BA302D9644D04D2346D47097B3441FF44C0B55D4C1BD59983ED15E7E478BEE2B42DE9D709 Is your enc_GroupPwd similar to that? (Same length, similar characters, etc.)
I tried with your enc_GroupPwd, it does not get imported either. If I put something to the cleartext grouppwd it gets imported. Mine enc_GroupPwd should be ok, I've tested it with other tools. Just for the reference. There has been similar problems with Ubuntu: https://bugs.launchpad.net/ubuntu/+source/network-manager-vpnc/+bug/283635 If that is any help...
Does anybody have the time to look at this?
(In reply to comment #14) > Does anybody have the time to look at this? I would love to, I just can not reproduce. Are you able to reproduce the problem with the PCF file you initially attached with enc_GroupPwd set as follows? enc_GroupPwd=A7AB1FF21C8A1488A319FA5BA302D9644D04D2346D47097B3441FF44C0B55D4C1BD59983ED15E7E478BEE2B42DE9D709 If yes, it would be awesome if you could attach list of packages you have installed (output of rpm -qa) and your architecture. And, please open a separate bug for this issue, so that it doesn't mix with the Description handling and garbled file name issues which were fixed.
This bug appears to have been reported against 'rawhide' during the Fedora 11 development cycle. Changing version to '11'. More information and reason for this action is here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping
With the new default setting "Use this connection only for resources on its network" in "IPv4 settings > Routes...", I can connect to an internal network via VPN but I cannot access resources on the latter. I am treated like a foreign system for which access is blocked. Output of 'route' (192.168.2.1 is the IP of an AP at home) then reads [liveuser@localhost ~]$ route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface pix-outside.ccc 192.168.2.1 255.255.255.255 UGH 0 0 0 wlan0 192.168.2.0 * 255.255.255.0 U 2 0 0 wlan0 172.17.1.0 * 255.255.255.0 U 0 0 0 tun0 default 192.168.2.1 0.0.0.0 UG 0 0 0 wlan0 Removing the corresponding checkmark and reconnecting restores full access to internal resources. Now, output of 'route' reads [liveuser@localhost ~]$ route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface pix-outside.ccc 192.168.2.1 255.255.255.255 UGH 0 0 0 wlan0 192.168.2.0 * 255.255.255.0 U 2 0 0 wlan0 172.17.1.0 * 255.255.255.0 U 0 0 0 tun0 default * 0.0.0.0 U 0 0 0 tun0 For final F10, VPN connection worked out of the box after importing the PCF file provided by the accessed site. For a fully updated F10, I have to uncheck "Use this connection only for resources on its network" in order to obtain access via VPN.
I mean on RHEL 5.3 importing enc_GroupPwd does not work. Did you try to reproduce it with RHEL 5.3 or Fedora?
VPN works again correctly for me after removing the checkmark from option "Use this connection only for resources on its network" under "IPv4 Settings / Routes...". I suppose this means that the entire network traffic is handled through the VPN channel now but that's still better than not being able to use it.
@Taunus, This bug was opened against Fedora and not RHEL. Are you talking about the EPEL version of NM-vpnc? Importing encrypted group passwords worked for me on a RHEL 5.3 machine with NetworkManager-vpnc-0.7.0.99-1
Yes, the epel version of NM-vpnc on RHEL 5. For some reason it does not work for me.
To be more specific: it works otherwise well but not importing the enc group pw
Importing the encrypted group password depends on the cisco-decrypt tool that's provided with the vpnc package. Is that tool present? Can you provide the output of 'rpm -ql vpnc' for me?
In any case, fedora packages have been long updated with this fix (0.7.2 packages in F11 will have the fix); if there's a problem with encrypted group passwords in the EPEL packages, let's clone this bug (see the "Clone this bug" link near the bottom of the page) and set the distribution to RHEL5.