From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: Testing of openvpn-2.6-meetup branch Date: Fri, 06 Dec 2024 20:11:23 +0000 Message-ID: In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0433806172003858982==" List-Id: --===============0433806172003858982== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello Adolf, Thanks for testing this and finally getting some traction back into this proj= ect=E2=80=A6 It is very important, but it has been painful work, which is why I am putting= this slightly more towards the end of my TODO list than I should. There is however not *that* much to do to get this finally over the line. I b= elieve that the RW stuff is mostly done. It will need a lot of bug fixing, bu= t it should generally be complete. There is still the net-to-net stuff which I haven=E2=80=99t touched because t= he code is more than difficult to read and handle. =E2=80=94=E2=80=94 The Perl module problem is probably something the OpenVPN branch inherited fr= om the then current next branch, but those problems have already been fixed. = I also believe that some of the issues with starting the process have been fi= xed and should be in next. I think a lot of the problems with the OpenVPN bra= nch is that so many changes came out of it on the side that I started to get = them merged into mainline before the branch grows even larger. Sometimes, I t= hink, we lost the fixes from the actual OpenVPN branch. Therefore I have rebased the branch against next. That means that you will ha= ve to build it all again, but on the plus side, you will have all the bugs th= at next has, and maybe more from the OpenVPN branch. Hopefully some things wo= uld have resolved themselves. The branch is here: https://git.ipfire.org/?p=3Dpeople/ms/ipfire-2.x.git;a=3Dshortlog;h=3Drefs/= heads/openvpn-2.6-meetup-rebased I did not build it myself, yet - the build is still running. It could be that= I broke even more stuff, but I would be interested to know if I did so, that= we finally can get this all ready for some sunny days. Please send me your patch with the updated version of OpenVPN so that I can m= erge it into this branch and we are all testing with the latest version. Let=E2=80=99s get this build started and then we will look what is causing th= e invalid input problems=E2=80=A6 -Michael > On 6 Dec 2024, at 18:13, Adolf Belka wrote: >=20 > Hi Michael, >=20 > I did a fresh new clone of the openvpn-2.6-meetup branch and built it with = only uncommenting the Compress/Raw/Zlib.pm >=20 > I then installed it onto a vm and tested it out. The same issues are presen= t as before so it is not a problem of the repo clone that I had. >=20 > Basically the OpenVPN RW server can be started and using the openvpnctrl pr= ogram the status says it is running and shows the pid but the WUI still says = that it is Stopped. >=20 > Also any client connection creation shows up with Invalid input, even with = client connections that work with CU189. >=20 > Regards, >=20 > Adolf. >=20 > On 06/12/2024 12:59, Adolf Belka wrote: >> Hi Michael, >>=20 >> So I did a pull of the openvpn-2.6-meetup branch from your repo. I noticed= that it was using OpenVPN-2.6.9 and 2.6.12 is available now so I updated the= openvpn to 2.6.12 and did a build. >>=20 >> Then I installed the created iso and the OpenVPN WUI page came up with an = Internal Server Error. >>=20 >> The logs indicated that it couldn't find the Compress::Raw::Zlib perl modu= le. >>=20 >> That was one of the separate perl modules removed from the system because = they were now in the core. >>=20 >> I checked the perl rootfile on the openvpn-2.6.meetup branch and it had the >>=20 >> usr/lib/perl5/5.36.0/xxxMACHINExxx-linux-thread-multi/Compress/Raw/Zlib.pm= line commented out. >>=20 >> So I uncommented that line in the rootfile and rebuilt the branch and now = the OpenVPN WUI page was shown okay. >>=20 >> However when I tried to create a client connection I kept getting an "Oops= something went wrong Invalid input" message but it didn't say what was inval= id. >>=20 >> I then restored a backup with my existing OpenVPN root/host and client set= tings and using the pencil icon to go into edit mode for one of the known wor= king client connections when I just pressed the Save button without changing = anything it again gave me the Invalid input message. >>=20 >> The other issue I found was that the OpenVPN Server page was constantly sh= owing Stopped. >>=20 >> At this point I did a rebuild of the openvpn-2.6-meetup branch with the pr= evious 2.6.9 OpenVPN but the same as above occurred, again with a fresh clien= t connection creation or with the restored known working client connections. >>=20 >> I then tried to start the openvpn from the command line to see what messag= es it cam up with. >>=20 >> I tried first of all using the restart command and got >>=20 >> /usr/local/bin/openvpnctrl rw restart >> Stopping OpenVPN Authenticator... Not running. = [ WARN ] >> Stopping OpenVPN Roadwarrior Server... = [ FAIL ] >> Starting OpenVPN Roadwarrior Server... >> Unable to continue: /var/run/openvpn-rw.pid exists = [ WARN ] >> Starting OpenVPN Authenticator... [ OK ] >>=20 >> so I checked and the openvpn-rw.pid file was present. So I then removed th= at file and ran the status command >>=20 >> /usr/local/bin/openvpnctrl rw status >> /usr/sbin/openvpn is not running. >>=20 >> Then I ran the start command >>=20 >> /usr/local/bin/openvpnctrl rw start >> Starting OpenVPN Roadwarrior Server... = [ OK ] >> Starting OpenVPN Authenticator... [ OK ] >>=20 >> So tried the status command again >>=20 >> /usr/local/bin/openvpnctrl rw status >> openvpn is running with Process ID(s) 6883. >>=20 >> So good the server is running but when I looked at the OpenVPN WUI page it= still showed Stopped, also on the Services page. >>=20 >> I then pressed the Save button on the OpenVPN WUI main page and then chec= ked the status again and got >>=20 >> /usr/local/bin/openvpnctrl rw status >> /usr/sbin/openvpn is not running but /var/run/openvpn-rw.pid exists. >>=20 >> So doing the save caused the server to stop but leave the pid in place. >>=20 >>=20 >> So I am not sure what has changed between our meetup and what I am buildin= g now. As far as I can tell from the branch in the repo, nothing has changed = since 23rd Sept. >>=20 >> Maybe how I have done the pull of the repo is incorrect in some way and I = am ending up in some mixed up situation but as it stands I definitely cannot = test anything. >>=20 >> I will try creating a complete new copy of that branch on my system to see= if anything gets better but I am also open to any suggestions of what I migh= t have done wrong. >>=20 >>=20 >> Regards, >>=20 >> Adolf >>=20 --===============0433806172003858982==--