Project

General

Profile

Bug #11559

OpenVPN does not start with a long list of Data Encryption Algorithms

Added by Viktor Gurov about 2 months ago. Updated 3 days ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
OpenVPN
Target version:
Start date:
02/27/2021
Due date:
% Done:

0%

Estimated time:
Affected Version:
2.5.0
Affected Architecture:
Release Notes:
Default

Description

If you select too many data ciphers OpenVPN won't start:

Feb 26 23:32:14 pf41 openvpn[80792]: Options error: In /var/etc/openvpn/server2/config.ovpn:33: Maximum option line
length (256) exceeded, line starts with data-ciphers AES-256-GCM:AES-128-CFB8:AES-128-GCM:AES-128-OFB:AES-192-CFB:AES-
192-CFB1:AES-192-CFB8:AES-192-GCM:AES-192-OFB:AES-256-CBC:AES-256-CFB1:AES-256-CFB8:AES-256-OFB:ARIA-128-CBC:ARIA-128-
CFB:ARIA-128-CFB1:ARIA-128-OFB:ARIA-192-CBC:ARIA-192-CFB:ARI

see also #11104


Related issues

Related to Bug #11104: OpenVPN does not start with several authentication sources selectedClosed2020-11-25

Associated revisions

Revision 44baf5a7 (diff)
Added by Viktor Gurov about 2 months ago

OpenVPN data-ciphers option length validation. Issue #11559

Revision 5b638980 (diff)
Added by Viktor Gurov about 1 month ago

OpenVPN data-ciphers option length validation. Issue #11559

(cherry picked from commit 44baf5a77b618f2c67587029c87b03887e2f35e9)

History

#1 Updated by Viktor Gurov about 2 months ago

  • Related to Bug #11104: OpenVPN does not start with several authentication sources selected added

#3 Updated by Jim Pingle about 2 months ago

  • Status changed from New to Pull Request Review
  • Target version set to CE-Next

#4 Updated by Renato Botelho about 2 months ago

  • Status changed from Pull Request Review to Feedback
  • Assignee set to Viktor Gurov

PR has been merged. Thanks!

#5 Updated by Danilo Zrenjanin about 1 month ago

  • Status changed from Feedback to Resolved

Tested on the latest release. It doesn't allow selecting too many data ciphers.

Ticket resolved.

#6 Updated by Jim Pingle about 1 month ago

  • Status changed from Resolved to Waiting on Merge
  • Target version changed from CE-Next to 2.5.1

#7 Updated by Renato Botelho about 1 month ago

  • Status changed from Waiting on Merge to Feedback

Cherry-picked to RELENG_2_5_1

#8 Updated by Jim Pingle about 1 month ago

  • Subject changed from OpenVPN won't start after adding too many data ciphers to OpenVPN does not start with a long list of Data Encryption Algorithms

Updating subject for release notes.

#9 Updated by Jim Pingle 3 days ago

  • Status changed from Feedback to Closed

Also available in: Atom PDF