From: "Peter Müller" <peter.mueller@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: IPFire 2.27 - Core Update 175 is available for testing
Date: Mon, 22 May 2023 22:18:00 +0000 [thread overview]
Message-ID: <b0d81eb6-7251-eec6-7bc4-2bb0ea876c9e@ipfire.org> (raw)
In-Reply-To: <01841464-ef54-5c9d-6f9e-5d642b80879c@ipfire.org>
[-- Attachment #1: Type: text/plain, Size: 2527 bytes --]
Hello Adolf,
thank you for your e-mail, your patches, and testing everything so thoroughly. Highly appreciated! :-)
Just to ensure I didn't miss anything: I interpret comment #3 in bug #13117 that this bug has been
created as a follow-up to the behaviour observed in Core Update 175 (testing), related to the patchset
submitted for bug #11048.
So, having amended your patchset for fixing #13117, my understanding is that that fixing #11048 does
not need to be reverted anymore?
Thanks in advance for clarifying, and all the best,
Peter Müller (under-caffeinated)
> Hi Peter,
>
> I have found that the code for the update.sh script for the Bug#11048 fix has a bug in it. The code looks for 'Encrypted' in the OpenSSL feedback for non password certs and 'error' for certs with a password.
>
> I have found that with the OpenSSL3 version that some of the old certs without a password can end up also giving an error message so that both 'Encrypted' and 'error' are present. This means that an entry for that cert was placed in ovpnconfig twice for the same connection, once with pass and the second time with no-pass. It ends up only showing the first entry as the name is the same for both but this means that you end up with a connection with no password showing up like it has a password.
>
> In the code grep needs to look for 'verify error' instead of just 'error' which will solve the above problem during the update.
>
> I didn't find this when I did my testing, which I don't understand yet as I did the same sort of tests with the same sort of range of connections with and without passwords.
>
> I think it would be a good idea to revert the patch set for the Bug Fix for Bug#11048 until I have sorted this all out and can confirm that with my testing.
>
> Regards,
>
> Adolf.
>
> On 20/05/2023 09:00, IPFire Project wrote:
>> IPFire Logo
>>
>> there is a new post from Peter Müller on the IPFire Blog:
>>
>> *IPFire 2.27 - Core Update 175 is available for testing*
>>
>> The forthcoming update, IPFire 2.27 - Core Update 175, is available for testing! Most noteworthy, it updates OpenSSL to the 3.1.0 branch, features a kernel update as well as other package updates and a variety of bug fixes are also included in this update.
>>
>> Click Here To Read More <https://blog.ipfire.org/post/ipfire-2-27-core-update-175-is-available-for-testing>
>>
>> The IPFire Project
>> Don't like these emails? Unsubscribe <https://people.ipfire.org/unsubscribe>.
>>
next prev parent reply other threads:[~2023-05-22 22:18 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <168456600904.682715.17753844671708569948.ipfire@ipfire.org>
2023-05-20 13:00 ` Adolf Belka
2023-05-22 22:18 ` Peter Müller [this message]
2023-05-23 9:04 ` Adolf Belka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b0d81eb6-7251-eec6-7bc4-2bb0ea876c9e@ipfire.org \
--to=peter.mueller@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox