Ubuntu
network-manager-openvpn package

Importing an OpenVPN config file does not fill all supported options

Bug #443174 reported by Milan Bouchet-Valat
16
This bug affects 3 people
Affects Status Importance Assigned to Milestone
NetworkManager
Fix Released
Wishlist
NetworkManager-OpenVPN
Fix Released
Wishlist
network-manager-openvpn (Ubuntu)
Fix Released
Wishlist
Mathieu Trudel-Lapierre

Bug Description

Binary package hint: network-manager-openvpn

When importing the attached config file, only the name of the network, the gateway address, LZO compression and the TLS authentication were actually set. The connexion port was not retrieved from the file, which led to failure without any notice. That's very confusing: I expected unsupported parameters to be missing, but the port is actually supported (there's a spin button).

Also, all certificates and key files were missing while they were in the config file. That's bug 285138, which was already reported and marked as fixed for Jaunty.

ProblemType: Bug
Architecture: i386
Date: Mon Oct 5 16:51:22 2009
DistroRelease: Ubuntu 9.10
Package: network-manager-openvpn 0.8~a~git.20090831t215704.5dd87bd-0ubuntu2
ProcEnviron:
 LANGUAGE=fr_FR.UTF-8
 PATH=(custom, user)
 LANG=fr_FR.UTF-8
 SHELL=/bin/bash
ProcVersionSignature: Ubuntu 2.6.31-11.36-generic
SourcePackage: network-manager-openvpn
Uname: Linux 2.6.31-11-generic i686

Revision history for this message
Milan Bouchet-Valat (nalimilan) wrote :
Revision history for this message
Mathieu Trudel-Lapierre (cyphermox) wrote :

Milan,

When you import the configuration file, are your certificates also in the same path as the imported file?

I'm confirming this bug, as I can currently notice that behaviour in Karmic with the attached configuration file: certificates are missing (which is probably normal since I don't have them), and the port specified in the config as well.

The connection port doesn't appear to ever be imported from the config as per even the latest git snapshot available, so I'll mark this as importance: Wishlist, since it requires implementing some new stuff.

Currently supported parameters appear to be only the following: "client", "tls-client", "dev ", "proto ", "remote ", "ca", "cert", "key", "cipher", "comp-lzo", "ifconfig ", "secret", "auth-user-pass", "tls-auth", "auth ", "reneg-sec".

Changed in network-manager-openvpn (Ubuntu):
status: New → Confirmed
importance: Undecided → Wishlist
Revision history for this message
Mathieu Trudel-Lapierre (cyphermox) wrote :

Reported as gnome bug 604329 for importing/exporting already supported options.

It appears that there also was gnome bug 484315 for other options I found in your config file: mtu, etc.

Changed in network-manager-openvpn (Ubuntu):
status: Confirmed → Triaged
Revision history for this message
Milan Bouchet-Valat (nalimilan) wrote :

Yeah, the certificate was also in the same dir. That can hardly affect importing of settings, though.

I don't think bgo#484315 is really related since I'm able to connect to my VPN when I enter the settings manually into nm-connection-editor.

(And, sorry, I could have reported it upstream myself - I reported it in Ubuntu first because I wanted to be sure that wasn't known to be fixed in a newer version, and then I forgot about the report.)

Revision history for this message
Mathieu Trudel-Lapierre (cyphermox) wrote :

Milan,

The certificate needs to be in the same directory for NM to use it's current logic (default path... unless I missed something) to take a guess as to its location since it's not specified in your configuration file.

I linked bgo #484315 since it mentions tun-mtu and mssfix which are included in your config file, but for which I could not find import logic at first glance.

With a little luck I should be able to tackle this issue and provide a draft patch that ensures 'port' and any other options already provided by the UI are properly imported, so I'll assign this to myself for now.

Changed in network-manager-openvpn (Ubuntu):
assignee: nobody → Matt Trudel (mathieu-tl)
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package network-manager-openvpn - 0.8-0ubuntu1

---------------
network-manager-openvpn (0.8-0ubuntu1) lucid; urgency=low

  * upstream release 0.8
    - core: add tls-remote support (bgo #455142)
    - export: fix tls-auth export
    - import/export: handle 'port' and 'rport' correctly (bgo #604329) (LP: #443174)
    - build: disable .desktop file for now
    - core: handle remote VPN peer correctly in shared key mode too (bgo #606998)
  * bump build-depends to >= 0.8 to build with 0.8 final.
    - update debian/control
  * don't install nm-openvpn.desktop, it's not being built
    - update debian/network-manager-openvpn.install
  * don't install the associated mime-type icon either
    - update debian/network-manager-openvpn-gnome.install
 -- Mathieu Trudel <email address hidden> Fri, 19 Feb 2010 08:58:49 -0500

Changed in network-manager-openvpn (Ubuntu):
status: Triaged → Fix Released
Revision history for this message
hongy19@gmail.com (hongy19-gmail) wrote :

does network-manager-vpn support route for import function?
It seems that route could not be imported into network-manager-vpn

Bug Watch Updater (bug-watch-updater)
Changed in network-manager:
importance: Unknown → Wishlist
status: Unknown → Fix Released
Bug Watch Updater (bug-watch-updater)
Changed in network-manager-openvpn:
importance: Unknown → Wishlist
status: Unknown → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.