From mboxrd@z Thu Jan 1 00:00:00 1970 From: Adolf Belka To: development@lists.ipfire.org Subject: Re: Testing of openvpn-2.6-meetup branch Date: Sat, 07 Dec 2024 15:11:47 +0100 Message-ID: <0116a4a1-0e7d-4bb8-a75a-9abbfd8088ca@ipfire.org> In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============4200626711346528104==" List-Id: --===============4200626711346528104== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hi Michael, On 06/12/2024 21:11, Michael Tremer wrote: > Hello Adolf, >=20 > Thanks for testing this and finally getting some traction back into this pr= oject=E2=80=A6 >=20 > It is very important, but it has been painful work, which is why I am putti= ng this slightly more towards the end of my TODO list than I should. >=20 > There is however not *that* much to do to get this finally over the line. I= believe that the RW stuff is mostly done. It will need a lot of bug fixing, = but it should generally be complete. >=20 > There is still the net-to-net stuff which I haven=E2=80=99t touched because= the code is more than difficult to read and handle. >=20 > =E2=80=94=E2=80=94 >=20 > The Perl module problem is probably something the OpenVPN branch inherited = from the then current next branch, but those problems have already been fixed= . I also believe that some of the issues with starting the process have been = fixed and should be in next. I think a lot of the problems with the OpenVPN b= ranch is that so many changes came out of it on the side that I started to ge= t them merged into mainline before the branch grows even larger. Sometimes, I= think, we lost the fixes from the actual OpenVPN branch. >=20 > Therefore I have rebased the branch against next. That means that you will = have to build it all again, but on the plus side, you will have all the bugs = that next has, and maybe more from the OpenVPN branch. Hopefully some things = would have resolved themselves. >=20 > The branch is here: >=20 > https://git.ipfire.org/?p=3Dpeople/ms/ipfire-2.x.git;a=3Dshortlog;h=3Dre= fs/heads/openvpn-2.6-meetup-rebased >=20 > I did not build it myself, yet - the build is still running. It could be th= at I broke even more stuff, but I would be interested to know if I did so, th= at we finally can get this all ready for some sunny days. I have built it and installed it. The perl module issues have been resolved. = However the OpenVPN Server status and the client Invalid input are both still= the same as before. So not fixed or even obviously changed from before the r= ebase. >=20 > Please send me your patch with the updated version of OpenVPN so that I can= merge it into this branch and we are all testing with the latest version. I will send it later today. >=20 > Let=E2=80=99s get this build started and then we will look what is causing = the invalid input problems=E2=80=A6 The message invalid input is used three times in the ovpnmain.cgi file but I = can't figure out from those what the message would be caused by. Regards, Adolf. >=20 > -Michael >=20 >> On 6 Dec 2024, at 18:13, Adolf Belka wrote: >> >> Hi Michael, >> >> I did a fresh new clone of the openvpn-2.6-meetup branch and built it with= only uncommenting the Compress/Raw/Zlib.pm >> >> I then installed it onto a vm and tested it out. The same issues are prese= nt as before so it is not a problem of the repo clone that I had. >> >> Basically the OpenVPN RW server can be started and using the openvpnctrl p= rogram the status says it is running and shows the pid but the WUI still says= that it is Stopped. >> >> Also any client connection creation shows up with Invalid input, even with= client connections that work with CU189. >> >> Regards, >> >> Adolf. >> >> On 06/12/2024 12:59, Adolf Belka wrote: >>> Hi Michael, >>> >>> So I did a pull of the openvpn-2.6-meetup branch from your repo. I notice= d that it was using OpenVPN-2.6.9 and 2.6.12 is available now so I updated th= e openvpn to 2.6.12 and did a build. >>> >>> Then I installed the created iso and the OpenVPN WUI page came up with an= Internal Server Error. >>> >>> The logs indicated that it couldn't find the Compress::Raw::Zlib perl mod= ule. >>> >>> That was one of the separate perl modules removed from the system because= they were now in the core. >>> >>> I checked the perl rootfile on the openvpn-2.6.meetup branch and it had t= he >>> >>> usr/lib/perl5/5.36.0/xxxMACHINExxx-linux-thread-multi/Compress/Raw/Zlib.p= m line commented out. >>> >>> So I uncommented that line in the rootfile and rebuilt the branch and now= the OpenVPN WUI page was shown okay. >>> >>> However when I tried to create a client connection I kept getting an "Oop= s something went wrong Invalid input" message but it didn't say what was inva= lid. >>> >>> I then restored a backup with my existing OpenVPN root/host and client se= ttings and using the pencil icon to go into edit mode for one of the known wo= rking client connections when I just pressed the Save button without changing= anything it again gave me the Invalid input message. >>> >>> The other issue I found was that the OpenVPN Server page was constantly s= howing Stopped. >>> >>> At this point I did a rebuild of the openvpn-2.6-meetup branch with the p= revious 2.6.9 OpenVPN but the same as above occurred, again with a fresh clie= nt connection creation or with the restored known working client connections. >>> >>> I then tried to start the openvpn from the command line to see what messa= ges it cam up with. >>> >>> I tried first of all using the restart command and got >>> >>> /usr/local/bin/openvpnctrl rw restart >>> Stopping OpenVPN Authenticator... Not running. = [ WARN ] >>> Stopping OpenVPN Roadwarrior Server... = [ FAIL ] >>> Starting OpenVPN Roadwarrior Server... >>> Unable to continue: /var/run/openvpn-rw.pid exists = [ WARN ] >>> Starting OpenVPN Authenticator... [ OK ] >>> >>> so I checked and the openvpn-rw.pid file was present. So I then removed t= hat file and ran the status command >>> >>> /usr/local/bin/openvpnctrl rw status >>> /usr/sbin/openvpn is not running. >>> >>> Then I ran the start command >>> >>> /usr/local/bin/openvpnctrl rw start >>> Starting OpenVPN Roadwarrior Server... = [ OK ] >>> Starting OpenVPN Authenticator... [ OK ] >>> >>> So tried the status command again >>> >>> /usr/local/bin/openvpnctrl rw status >>> openvpn is running with Process ID(s) 6883. >>> >>> So good the server is running but when I looked at the OpenVPN WUI page i= t still showed Stopped, also on the Services page. >>> >>> I then pressed the Save button on the OpenVPN WUI main page and then che= cked the status again and got >>> >>> /usr/local/bin/openvpnctrl rw status >>> /usr/sbin/openvpn is not running but /var/run/openvpn-rw.pid exists. >>> >>> So doing the save caused the server to stop but leave the pid in place. >>> >>> >>> So I am not sure what has changed between our meetup and what I am buildi= ng now. As far as I can tell from the branch in the repo, nothing has changed= since 23rd Sept. >>> >>> Maybe how I have done the pull of the repo is incorrect in some way and I= am ending up in some mixed up situation but as it stands I definitely cannot= test anything. >>> >>> I will try creating a complete new copy of that branch on my system to se= e if anything gets better but I am also open to any suggestions of what I mig= ht have done wrong. >>> >>> >>> Regards, >>> >>> Adolf >>> >=20 --===============4200626711346528104==--