Project

General

Profile

Bug #7002

OpenVPN unable to use authentication server with ampersand in descriptive name

Added by James Dekker 4 months ago. Updated about 2 months ago.

Status:
Resolved
Priority:
Low
Assignee:
Category:
OpenVPN
Target version:
Start date:
12/10/2016
Due date:
% Done:

100%

Affected version:
2.3.2
Affected Architecture:
All

Description

Add LDAP server in System/User Manager/Authentication Servers, include an ampersand in the Descriptive Name. Test against LDAP server in Diagnostics/Authentication, success. Configure OpenVPN server to authenticate against the LDAP server, attempt to connect with client. Server logs will show

Dec 10 23:11:15 openvpn 28595 customer_ip:1194 Peer Connection Initiated with [AF_INET]70.184.186.68:1194
Dec 10 23:11:15 openvpn 28595 customer_ip:1194 TLS Auth Error: Auth Username/Password verification failed for peer
Dec 10 23:11:15 openvpn 28595 customer_ip:1194 WARNING: Failed running command (--auth-user-pass-verify): external program exited with error status: 1
Dec 10 23:11:15 openvpn user 'test' could not authenticate.

Recreate LDAP server without ampersand in the Descriptive Name, configure OpenVPN to use new LDAP server. Attempt to connect from client, success.

Associated revisions

Revision c165a17e
Added by Jim Pingle 4 months ago

Encode the auth server list before passing it on the CLI, to avoid issues with special characters that break when interpreted as URL parameters during OpenVPN auth. Fixes #7002

Revision f24b6fb6
Added by Jim Pingle 4 months ago

Encode the auth server list before passing it on the CLI, to avoid issues with special characters that break when interpreted as URL parameters during OpenVPN auth. Fixes #7002

History

#1 Updated by Jim Pingle 4 months ago

  • Target version changed from Future to 2.4.0

#2 Updated by Jim Pingle 4 months ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100

#3 Updated by Jim Pingle 3 months ago

  • Status changed from Feedback to Resolved

Works

#4 Updated by Jim Pingle about 2 months ago

  • Target version changed from 2.4.0 to 2.3.3

Also available in: Atom PDF