Project

General

Profile

Bug #10235

OpenVPN server tries to push compress parameter when it's empty

Added by Renato Botelho 6 months ago. Updated 5 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
OpenVPN
Target version:
Start date:
02/05/2020
Due date:
% Done:

100%

Estimated time:
Affected Version:
2.4.x
Affected Architecture:

Description

Define a Server with Compression option set to Disabled and click option "Push the selected compression setting to connecting clients" and clients won't be able to connect seeing following error:

Client exception in transport_recv: process_server_push_error: Problem accepting server-pushed compressor: option_error: option 'compress' must have at least 2 arguments.
Client terminated, restarting in 2000 ms...

Associated revisions

Revision 32218e9e (diff)
Added by Renato Botelho 6 months ago

Fix #10235

Add a missing break to case statement. Without it, $compression was
being filled with a bad value and also if push compress was being used,
it added the option breaking connection.

Reported by: Vinicius Dell'Aglio on Telegram pfSense group

Revision 64e65655 (diff)
Added by Renato Botelho 6 months ago

Fix #10235

Add a missing break to case statement. Without it, $compression was
being filled with a bad value and also if push compress was being used,
it added the option breaking connection.

Reported by: Vinicius Dell'Aglio on Telegram pfSense group

History

#1 Updated by Jim Pingle 6 months ago

  • Target version set to 2.4.5

#2 Updated by Renato Botelho 6 months ago

  • Status changed from Confirmed to Feedback
  • % Done changed from 0 to 100

#3 Updated by Viktor Gurov 6 months ago

  • Status changed from Feedback to Resolved

works as expected on 2.4.5.r.20200206.1944

#4 Updated by Manuel Piovan 6 months ago

regression?
2 openvpn, server is 2.5.0 client is 2.4.5-rc
both had -> Compression = "Disable compression, retain compression packet framing"
message on the log Bad compression stub (swap) decompression header
https://forum.netgate.com/topic/150338/openvpn-bad-compression-stub-2-4-5-rc

#5 Updated by Jim Pingle 6 months ago

  • Status changed from Resolved to In Progress

I think the change didn't do what was intended here. The 'none' setting should end up with compress only in the config which isn't happening now.

It needs to go back the way it was, I don't see a bug with the old behavior. Maybe the user didn't understand what this option is supposed to do.

Most likely they wanted "Omit Preference" -- which is not the same as this option.

#6 Updated by Jim Pingle 6 months ago

  • Status changed from In Progress to Feedback
  • Assignee changed from Renato Botelho to Jim Pingle

I reverted the change here, since it wasn't correct.

#7 Updated by Jim Pingle 5 months ago

  • Status changed from Feedback to Resolved

No problems on current snapshots that I can see, with the proper combinations of settings.

Also available in: Atom PDF