Bug 13129 - In Core 175 testing, all OpenVPN n2n connections are broken
Summary: In Core 175 testing, all OpenVPN n2n connections are broken
Status: CLOSED DUPLICATE of bug 11048
Alias: None
Product: IPFire
Classification: Unclassified
Component: openvpn (show other bugs)
Version: 2
Hardware: unspecified Unspecified
: - Unknown - - Unknown -
Assignee: Assigned to nobody - feel free to grab it and work on it
QA Contact:
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-05-28 11:16 UTC by Man Grove
Modified: 2023-05-28 18:38 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Man Grove 2023-05-28 11:16:37 UTC
See https://community.ipfire.org/t/core-175-testing-n2n-openvpn-totally-borked-nothing-connects/9760 for details: this seems to be because a private key password is now required by the OpenVPN version, even though the IPFire keys are password-less.
Comment 1 Adolf Belka 2023-05-28 17:09:52 UTC
This effect occurred from the fix to Bug#11048 that was applied in Core Update 175 Testing.

The fix from 11048 has been reverted and will likely end up in CU176.

As this effect is caused by the fix for Bug#11048 and will be solved by the updated fix for Bug#11048, I am closing this bug as a duplicate to that one.

*** This bug has been marked as a duplicate of bug 11048 ***
Comment 2 Adolf Belka 2023-05-28 17:14:17 UTC
If you change the /opt/pakfire/db/core/mine file from 175 to 174 and then rerun the Pakfire Refresh List you can redo the update from CU174 to CU175 Testing but with the most recent build which includes the reversion of the patch set for Bug#11048.
Comment 3 Man Grove 2023-05-28 17:33:40 UTC
(In reply to Adolf Belka from comment #2)
> If you change the /opt/pakfire/db/core/mine file from 175 to 174 and then
> rerun the Pakfire Refresh List you can redo the update from CU174 to CU175
> Testing but with the most recent build which includes the reversion of the
> patch set for Bug#11048.

Sadly this didn't solve the problem: still the exact same error.
Comment 4 Adolf Belka 2023-05-28 18:38:47 UTC
You are of course correct. I reverted the patches but can't revert the actions from the update.sh script.

If you look in /var/ipfire/ovpn/ovpnconfig at each of the n2n connections what do you find near the end of the line. There should be an entry at index 43 of no-pass. I suspect it will be an entry of disabled. It could also be pass but should not be.

I would like to know what entry you find.

Could you please put your answer into bug#11048. I will add your name to the cc list for that bug.