Package: network-manager-openvpn Version: 1.0.8-1 Followup-For: Bug #792389
Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** I am trying to create an OpenVPN connection using a local port that is forwarded to the server over an established SSH connection. Using NetworkManager I created a corresponding entry. The tunnel does not get established and a syslog entry is created: Dec 18 15:44:24 my_hostname NetworkManager[578]: <info> Starting VPN service 'openvpn'... Dec 18 15:44:24 my_hostname NetworkManager[578]: <info> VPN service 'openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 19517 Dec 18 15:44:24 my_hostname kernel: tun: Universal TUN/TAP device driver, 1.6 Dec 18 15:44:24 my_hostname kernel: tun: (C) 1999-2004 Max Krasnyansky <m...@qualcomm.com> Dec 18 15:44:24 my_hostname NetworkManager[578]: <info> VPN service 'openvpn' appeared; activating connections Dec 18 15:44:24 my_hostname NetworkManager[578]: <info> VPN plugin state changed: starting (3) Dec 18 15:44:24 my_hostname NetworkManager[578]: nm-openvpn-Message: openvpn started with pid 19522 Dec 18 15:44:24 my_hostname NetworkManager[578]: <info> VPN connection 'my_openvpn_connection' (ConnectInteractive) reply received. Dec 18 15:44:24 my_hostname nm-openvpn[19522]: Options error: --proto tcp is ambiguous in this context. Please specify --proto tcp-server or --proto tcp- client Dec 18 15:44:24 my_hostname nm-openvpn[19522]: Use --help for more information. Dec 18 15:44:24 my_hostname NetworkManager[578]: <warn> VPN plugin failed: connect-failed (1) Dec 18 15:44:24 my_hostname NetworkManager[578]: <info> VPN plugin state changed: stopped (6) Dec 18 15:44:24 my_hostname NetworkManager[578]: <info> VPN plugin state change reason: unknown (0) Dec 18 15:44:24 my_hostname NetworkManager[578]: <warn> error disconnecting VPN: Could not process the request because no VPN connection was active. Dec 18 15:44:24 my_hostname NetworkManager[578]: (nm-openvpn-service:19517): nm-openvpn-WARNING **: openvpn exited with error code 1 I solved the problem by recompiling the packet, adding a patch to the debian/patches directory. The patch can be found at `https://bugzilla.redhat.com/show_bug.cgi?id=1288711' which I also attach to this bug report. I then installed this patched packet. Now the connection is established and working without any problems. -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.2.0-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages network-manager-openvpn depends on: ii adduser 3.113+nmu3 ii libc6 2.21-4 ii libdbus-1-3 1.10.6-1 ii libdbus-glib-1-2 0.102-1 ii libglib2.0-0 2.46.2-1 ii libnm-glib-vpn1 1.0.8-1 ii libnm-glib4 1.0.8-1 ii libnm-util2 1.0.8-1 ii openvpn 2.3.8-1 network-manager-openvpn recommends no packages. network-manager-openvpn suggests no packages.
>From 86e28db8fb86b839aa47a01a330b9da3495e8b81 Mon Sep 17 00:00:00 2001 From: Michael Scherer <m...@zarb.org> Date: Sun, 13 Dec 2015 14:48:32 +0100 Subject: [PATCH] Force the use of tcp-client protocol option instead of tcp Since there is case where using "proto tcp" is ambiguous, it is better to always use tcp-client to be sure. See https://bugzilla.redhat.com/show_bug.cgi?id=1288711 --- src/nm-openvpn-service.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/nm-openvpn-service.c b/src/nm-openvpn-service.c index 087be14..6b6229d 100644 --- a/src/nm-openvpn-service.c +++ b/src/nm-openvpn-service.c @@ -1023,8 +1023,10 @@ nm_openvpn_start_openvpn_binary (NMOpenvpnPlugin *plugin, add_openvpn_arg (args, "1194"); /* default IANA port */ if (proto) { - if (!strcmp (proto, "udp") || !strcmp (proto, "tcp")) - add_openvpn_arg (args, proto); + if (!strcmp (proto, "udp")) + add_openvpn_arg (args, proto); + else if (!strcmp (proto, "tcp")) + add_openvpn_arg (args, "tcp-client"); else { g_set_error (error, NM_VPN_PLUGIN_ERROR, @@ -1035,7 +1037,7 @@ nm_openvpn_start_openvpn_binary (NMOpenvpnPlugin *plugin, return FALSE; } } else if (proto_tcp && !strcmp (proto_tcp, "yes")) - add_openvpn_arg (args, "tcp"); + add_openvpn_arg (args, "tcp-client"); else add_openvpn_arg (args, "udp"); } -- 1.8.3.1
>From 86e28db8fb86b839aa47a01a330b9da3495e8b81 Mon Sep 17 00:00:00 2001 From: Michael Scherer <m...@zarb.org> Date: Sun, 13 Dec 2015 14:48:32 +0100 Subject: [PATCH] Force the use of tcp-client protocol option instead of tcp Since there is case where using "proto tcp" is ambiguous, it is better to always use tcp-client to be sure. See https://bugzilla.redhat.com/show_bug.cgi?id=1288711 --- src/nm-openvpn-service.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/nm-openvpn-service.c b/src/nm-openvpn-service.c index 087be14..6b6229d 100644 --- a/src/nm-openvpn-service.c +++ b/src/nm-openvpn-service.c @@ -1023,8 +1023,10 @@ nm_openvpn_start_openvpn_binary (NMOpenvpnPlugin *plugin, add_openvpn_arg (args, "1194"); /* default IANA port */ if (proto) { - if (!strcmp (proto, "udp") || !strcmp (proto, "tcp")) - add_openvpn_arg (args, proto); + if (!strcmp (proto, "udp")) + add_openvpn_arg (args, proto); + else if (!strcmp (proto, "tcp")) + add_openvpn_arg (args, "tcp-client"); else { g_set_error (error, NM_VPN_PLUGIN_ERROR, @@ -1035,7 +1037,7 @@ nm_openvpn_start_openvpn_binary (NMOpenvpnPlugin *plugin, return FALSE; } } else if (proto_tcp && !strcmp (proto_tcp, "yes")) - add_openvpn_arg (args, "tcp"); + add_openvpn_arg (args, "tcp-client"); else add_openvpn_arg (args, "udp"); } -- 1.8.3.1
