This bug was fixed in the package openvpn - 2.1~rc7-1ubuntu3.6
---
openvpn (2.1~rc7-1ubuntu3.6) hardy-proposed; urgency=low
* ssl.c: re-applied fix from upstream to fix extract_x509_field_ssl
where the extraction would fail on the first field of the subject
name (LP: #265058
** Tags added: verification-done
** Tags removed: verification-needed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/265058
Title:
[SRU] openvpn2.1~rc7 fails to pick up the CN of certificates
--
ub
Tested the package from -proposed with the same certificate I generated
in comment #25 and this time is seems to work just fine:
r...@ds9:~# apt-cache policy openvpn
openvpn:
Installed: 2.1~rc7-1ubuntu3.6
Candidate: 2.1~rc7-1ubuntu3.6
Version table:
*** 2.1~rc7-1ubuntu3.6 0
500 http
Accepted openvpn into hardy-proposed, the package will build now and be
available in a few hours. Please test and give feedback here. See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed. Thank you in advance!
** Changed in: openvpn (Ubuntu Hardy)
In hours or days. It needs to get manually accepted. Once it in
-proposed, you will get notified.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/265058
Title:
[SRU] openvpn2.1~rc7 fails to pick up th
I don't see it in -proposed yet, when should it appear?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/265058
Title:
[SRU] openvpn2.1~rc7 fails to pick up the CN of certificates
--
ubuntu-bugs mail
uploaded openvpn 2.1~rc7-1ubuntu3.6 to hardy-proposed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/265058
Title:
[SRU] openvpn2.1~rc7 fails to pick up the CN of certificates
--
ubuntu-bugs mailin
Subscribing ubuntu-sponsors.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/265058
Title:
[SRU] openvpn2.1~rc7 fails to pick up the CN of certificates
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.
Extracted the fix from the old rc7-1ubuntu3.4 package from hardy-
proposed (which never got in the -updates), and applied it to the
current package (rc7-1ubuntu3.5). See attached debdiff. Hope it helps.
** Patch added: "openvpn.diff"
https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/26505
Soo... I did some more digging and I think I've found the thing. The
problem occurs ONLY when the CN appears first in the certificate's
subject, like this:
write(1, "Fri Dec 3 15:08:12 2010 us=921796 89.136.48.193:48274 VERIFY
OK: depth=0,
/CN=ximi3/C=RO/ST=CJ/L=Cluj_Napoca/O=DS9/emailaddress=gi.
As far as I can tell, there was a rc7~1ubuntu3.3 version which was buggy
so 3.4 was put in -proposed I guess with the fix. That fix was later
taken out in rc7~1ubuntu3.5 in favor of something else.
I'm running rc7~1ubuntu3.5 for a year now on my Hardy, with x509
certificates and ccd and I did not
there isn't a clear step-by-step set of repro instructions (I couldn't
create one because I was using my own x509 infrastructure and I've never
used easy_rsa in my life) but basically, if you're using x509
certificates (ie the same kind you could install in your web browser,
for example), and it pi
I'm on Hardy and I'm using openvpn 2.1~rc7-1ubuntu3.5 as a server to which
connect 3 or more different openvpn clients (from Windows, Debian, and Ubuntu).
I would like to help testing it from proposed, but I don't really see a clear
test case, how to reproduce and how to verify if the package fro
Reopening hardy task instead, since it is fixed in karmic.
** Changed in: openvpn (Ubuntu)
Status: New => Fix Released
** Changed in: openvpn (Ubuntu Hardy)
Status: Won't Fix => Triaged
--
[SRU] openvpn2.1~rc7 fails to pick up the CN of certificates
https://bugs.launchpad.net/bugs
I am reopening this bug.
An openvpn client running rc7-1ubuntu3.5 fails to connect to the server with
the following error:
Wed Sep 16 11:04:58 2009 TLS_ERROR: BIO read tls_read_plaintext error:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
failed
Wed Sep 16 11:04:5
Setting as WontFix in Hardy to allow reversion and publication of hardy
SRU for bug 271777.
** Changed in: openvpn (Ubuntu Hardy)
Status: Fix Committed => Won't Fix
--
[SRU] openvpn2.1~rc7 fails to pick up the CN of certificates
https://bugs.launchpad.net/bugs/265058
You received this bug
My main concern is to get feedback about regressions. Upstream certainly
knows what they are doing, and the patch might fix the bug, but it is
important to get feedback from other users whether their system still
works (misbuild, using different toolchain version than last build of
the package, etc
Hi Thierry:
http://sourceforge.net/mailarchive/forum.php?thread_name=dac97fdc77ef4700eab65450a4fc2451%40127001.org&forum_name
=openvpn-users
That's the mail thread where the problem was discussed; sorry our
pastebin stuff disappeared but it turns out the pastebin variety we use
had a bug where it
OK, I've spent a fair amount of time trying to reproduce that issue with
2.1~rc7-1ubuntu3.3.
CCD are working great. tls-remote is working great.
I've a setup with
tls-remote client
client-config-dir ccd
and a ccd/client script that pushes a specific route
Connecting with a certificate with CN=c
frymaster:
Could you describe how to reproduce the bug from a basic hardy system (what
packages should be installed, what configuration files should be used...) so
that someone else with minimal knowledge can reproduce the bug and verify it is
fixed. You can pastebin configfiles to pastebin.ubun
I tested the fix posted on 2008-09-08 but I didn't test the proposed fix
as the system went live (we manually installed the .deb from 8.10 which
is a later version) - if this still needs checked I suppose I can set up
a VM or similar
as regards to pastebin cleaning up entries - anyone know a good
Hi, unfortunately I was unable to verify this bug existed for me as it
uses X509 certificates. It was confirmed as a bug by the developers and
was confirmed as resolved by Frymaster.
--
[SRU] openvpn2.1~rc7 fails to pick up the CN of certificates
https://bugs.launchpad.net/bugs/265058
You receive
Stefan / Frymaster :
Could you provide a simple test case so that we can reproduce the bug and
verify it is fixed ?
The pastebin entries referred to in the ML post seem to have been cleaned up...
--
[SRU] openvpn2.1~rc7 fails to pick up the CN of certificates
https://bugs.launchpad.net/bugs/2650
Any testers on this one?
--
[SRU] openvpn2.1~rc7 fails to pick up the CN of certificates
https://bugs.launchpad.net/bugs/265058
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
htt
Accepted into -proposed, please test and give feedback here. Please see
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed. Thank you in advance!
** Changed in: openvpn (Ubuntu Hardy)
Status: Confirmed => Fix Committed
** Tags added: verificati
25 matches
Mail list logo
