Bug #10560
closedConnection fails connecting to (my) OpenVPN instance.
0%
Description
When connecting using either OpenVPN Connect on Android using client certificate + username/password or OpenVPN client on a raspberry Pi using only certificate (different server instance of course) connection doesn't work.
It worked in OpenVPN 2.5.0 from 2019-09-19, but not in the daily named 2020-05-14.
I have tracked it down to /usr/local/sbin/ovpn_auth_verify calling fcgicli during cert validation.
The expected response to "RESULT=$(/usr/local/sbin/fcgicli -f /etc/inc/openvpn.tls-verify.php -d "servercn=$2&depth=$3&certdepth=$4&certsubject=$5&serial=$serial&config=$config")" is "OK", but the response received is "Something wrong happened while reading request" which is a response from inside the fcgicli binary:
ch = read_packet(sb, fcgisock, header);
if (ch < 0) {
printf("Something wrong happened while reading request\n");
//sbuf_finish(sb);
//sbuf_delete(sb);
break;
}
If I override the response with "OK" in the script file (which is obviously only a hack) the connection succeeds.
I get the exact same response if I call the binary on a command line using the same options.