From mboxrd@z Thu Jan 1 00:00:00 1970 From: "R. W. Rodolico" To: development@lists.ipfire.org Subject: Possible bug in OpenVPN, Core 65 Date: Sun, 06 Jan 2013 23:44:50 -0600 Message-ID: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1153259267569527438==" List-Id: --===============1153259267569527438== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit See http://forum.ipfire.org/index.php/topic,7365.0.html for information. Turns out the CCD does not work if the user has embedded spaces in the CN (field labeled "User's full name or system hostname:" on Road Warrior creation screen). I don't remember exactly, but I believe OpenSSL or OpenVPN itself converts spaces to underscores. You can test this by creating a user, embedding spaces, and then on the server cat /var/log/ovpnserver.log You will note the Common Name has spaces converted to underscores. The solution is to write the ccd file with underscores, ie $filename =~ s/ /_/gi; If someone will point me to the script that creates that, I will be happy to patch and test, then send you the diff. Rod NOTE: I have spent a little time looking at this and solving it for an existing installation, but I intend to pull an old router out and reconfigure it for a controlled test, unless someone else can verify my findings independently. Rod -- R. W. "Rod" Rodolico Daily Data, Inc. POB 140465 Dallas TX 75214-0465 http://www.dailydata.net 214.827.2170 --===============1153259267569527438== Content-Type: text/x-vcard Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="rodo.vcf" MIME-Version: 1.0 YmVnaW46dmNhcmQKZm46Ui4gVy4gUm9kb2xpY28KbjpSb2RvbGljbztSLiBXLgpvcmc6RGFpbHkg RGF0YSwgSW5jLgphZHI6OztQT0IgMTQwNDY1O0RhbGxhcztUWDs3NTIxNC0wNDY1O1VTCmVtYWls O2ludGVybmV0OnJvZG9AZGFpbHlkYXRhLm5ldAp0aXRsZTpQcmVzaWRlbnQKdGVsO3dvcms6MjE0 LjgyNy4yMTcwCnVybDpodHRwOi8vd3d3LmRhaWx5ZGF0YS5uZXQKdmVyc2lvbjoyLjEKZW5kOnZj YXJkCgo= --===============1153259267569527438==--