Public bug reported: Network Manager Import VPN configuration does not work correctly if a file contains a lowercase cipher.
Worst is, the import appears to work (no errors). The connection fails with "Invalid HMAC signature" and no other errors. I only figured out what the problem was by going to the advanced settings and opening the cipher dropdown. Perhaps the easiest fix to this would be to convert the "cipher" value to upper case when importing. Using the `openvpn` command directly does work with lowercase "cipher" value, it's only when importing it via the Network Manager where there is a problem. Example .ovpn file contents (the lowercase cipher value here is "aes-128-cbc"): client dev tun proto udp remote austria.privateinternetaccess.com 1198 resolv-retry infinite nobind persist-key persist-tun cipher aes-128-cbc auth sha1 tls-client remote-cert-tls server auth-user-pass comp-lzo verb 1 reneg-sec 0 crl-verify crl.rsa.2048.pem ca ca.rsa.2048.crt disable-occ ** Affects: network-manager (Ubuntu) Importance: Undecided Status: New ** Tags: vpn ** Description changed: Network Manager Import VPN configuration does not work correctly if a file contains a lowercase cipher. Worst is, the import appears to work (no errors). The connection fails with "Invalid HMAC signature" and no other errors. I only figured out what the problem was by going to the advanced settings and opening the cipher dropdown. Perhaps the easiest fix to this would be to convert the "cipher" value to upper case when importing. - Example .ovpn file contents: + Using the `openvpn` command directly does work with lowercase "cipher" + value, it's only when importing it via the Network Manager where there + is a problem. + + Example .ovpn file contents (the lowercase cipher value here is + "aes-128-cbc"): client dev tun proto udp remote austria.privateinternetaccess.com 1198 resolv-retry infinite nobind persist-key persist-tun cipher aes-128-cbc auth sha1 tls-client remote-cert-tls server auth-user-pass comp-lzo verb 1 reneg-sec 0 crl-verify crl.rsa.2048.pem ca ca.rsa.2048.crt disable-occ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1746245 Title: .ovpn file "cipher" does not work if it is lowercase To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1746245/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs