From mboxrd@z Thu Jan 1 00:00:00 1970 From: "R. W. Rodolico" To: development@lists.ipfire.org Subject: Re: Possible bug in OpenVPN, Core 65 Date: Mon, 07 Jan 2013 09:49:19 -0600 Message-ID: In-Reply-To: <1357558628.26961.0.camel@rice-oxley.tremer.info> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============5109302711921020675==" List-Id: --===============5109302711921020675== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Thank you Alexander, for checking and building the patch. Michael, thank you for fixing it so rapidly. And, I do apologize. I ran into this issue while testing several months ago and apparently did not report it. Rod On 01/07/2013 05:37 AM, Michael Tremer wrote: > Thanks guys. > > I merged the patch and it will ship with IPFire 2.13. > > Best, > -Michael > > On Mon, 2013-01-07 at 08:36 +0100, Alexander Marx wrote: >> Hi >> i can fully acknoledge this. >> Tried to reproduce your error and found the same problems. >> i will provide a patch for this. >> >> >> >> Alexander Marx >> >> >> Fachinformatiker Systemintegration >> >> >> >> >> Am 07.01.2013 06:44, schrieb R. W. Rodolico: >> >>> See http://forum.ipfire.org/index.php/topic,7365.0.html for information. >>> >>> Turns out the CCD does not work if the user has embedded spaces in the >>> CN (field labeled "User's full name or system hostname:" on Road Warrior >>> creation screen). I don't remember exactly, but I believe OpenSSL or >>> OpenVPN itself converts spaces to underscores. You can test this by >>> creating a user, embedding spaces, and then on the server >>> cat /var/log/ovpnserver.log >>> >>> You will note the Common Name has spaces converted to underscores. >>> >>> The solution is to write the ccd file with underscores, ie >>> $filename =~ s/ /_/gi; >>> >>> If someone will point me to the script that creates that, I will be >>> happy to patch and test, then send you the diff. >>> >>> Rod >>> >>> NOTE: I have spent a little time looking at this and solving it for an >>> existing installation, but I intend to pull an old router out and >>> reconfigure it for a controlled test, unless someone else can verify my >>> findings independently. >>> >>> Rod >>> >>> >>> _______________________________________________ >>> Development mailing list >>> Development(a)lists.ipfire.org >>> http://lists.ipfire.org/mailman/listinfo/development >> >> _______________________________________________ >> Development mailing list >> Development(a)lists.ipfire.org >> http://lists.ipfire.org/mailman/listinfo/development > > > _______________________________________________ > Development mailing list > Development(a)lists.ipfire.org > http://lists.ipfire.org/mailman/listinfo/development > -- R. W. "Rod" Rodolico Daily Data, Inc. POB 140465 Dallas TX 75214-0465 http://www.dailydata.net 214.827.2170 --===============5109302711921020675== Content-Type: text/x-vcard Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="rodo.vcf" MIME-Version: 1.0 YmVnaW46dmNhcmQKZm46Ui4gVy4gUm9kb2xpY28KbjpSb2RvbGljbztSLiBXLgpvcmc6RGFpbHkg RGF0YSwgSW5jLgphZHI6OztQT0IgMTQwNDY1O0RhbGxhcztUWDs3NTIxNC0wNDY1O1VTCmVtYWls O2ludGVybmV0OnJvZG9AZGFpbHlkYXRhLm5ldAp0aXRsZTpQcmVzaWRlbnQKdGVsO3dvcms6MjE0 LjgyNy4yMTcwCnVybDpodHRwOi8vd3d3LmRhaWx5ZGF0YS5uZXQKdmVyc2lvbjoyLjEKZW5kOnZj YXJkCgo= --===============5109302711921020675==--