Opened 6 years ago

Closed 15 months ago

#1088 closed Bug / Defect (wontfix)

Android: app crashes upon connection

Reported by: bstanger Owned by: OpenVPN Inc.
Priority: major Milestone:
Component: OpenVPN Connect Version:
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:
Cc:

Description

On my Nokia 6.1 with Adroid 8.1 the app crashes immediately after trying to connect. No connection possible.
I'll attach my openvpn config.

Attachments (1)

firewall-UDP4-1194-bstanger-ios-config.ovpn (5.8 KB) - added by bstanger 6 years ago.

Download all attachments as: .zip

Change History (10)

Changed 6 years ago by bstanger

comment:1 Changed 6 years ago by plaisthos

Owner: changed from Antonio Quartulli to plaisthos
Status: newassigned

comment:2 Changed 6 years ago by plaisthos

Reproduced the bug. This is a kind of obscure bug. An illegal character in the certifcate kills the JVM via JNI:

08-20 18:54:18.243 24179 24202 F zygote64: runtime.cc:508] JNI DETECTED ERROR IN APPLICATION: input is not valid Modified UTF-8: illegal start byte 0xfc
08-20 18:54:18.243 24179 24202 F zygote64: runtime.cc:508]     string: 'VERIFY OK : depth=0
08-20 18:54:18.243 24179 24202 F zygote64: runtime.cc:508] cert. version     : 3
08-20 18:54:18.243 24179 24202 F zygote64: runtime.cc:508] serial number     : 02
08-20 18:54:18.243 24179 24202 F zygote64: runtime.cc:508] issuer name       : C=DE, ST=Baden - W?rttemberg, L=Hermaringen, O=Stanger, emailAddress=email@bstanger.de, CN=openvpnca
08-20 18:54:18.243 24179 24202 F zygote64: runtime.cc:508] subject name      : C=DE, ST=Baden - W?rttemberg, L=Hermaringen, O=Stanger, emailAddress=email@bstanger.de, CN=openvpnca
08-20 18:54:18.243 24179 24202 F zygote64: runtime.cc:508] issued  on        : 2016-09-19 15:57:17
08-20 18:54:18.243 24179 24202 F zygote64: runtime.cc:508] expires on        : 2026-09-17 15:57:17
08-20 18:54:18.243 24179 24202 F zygote64: runtime.cc:508] signed using      : RSA with SHA-256
08-20 18:54:18.243 24179 24202 F zygote64: runtime.cc:508] RSA key size      : 2048 bits
08-20 18:54:18.243 24179 24202 F zygote64: runtime.cc:508] basic constraints : CA=false
08-20 18:54:18.243 24179 24202 F zygote64: runtime.cc:508] cert. type        : SSL Server
08-20 18:54:18.243 24179 24202 F zygote64: runtime.cc:508] key usage         : Digital Signature, Key Encipherment
08-20 18:54:18.243 24179 24202 F zygote64: runtime.cc:508] ext key usage     : TLS Web Server Authentication, ???
08-20 18:54:18.244 24179 24202 F zygote64: runtime.cc:508] 
08-20 18:54:18.244 24179 24202 F zygote64: runtime.cc:508] '
08-20 18:54:18.244 24179 24202 F zygote64: runtime.cc:508]     input: '0x56 0x45 0x52 0x49 0x46 0x59 0x20 0x4f 0x4b 0x20 0x3a 0x20 0x64 0x65 0x70 0x74 0x68 0x3d 0x30 0x0a 0x63 0x65 0x72 0x74 0x2e 0x20 0x76 0x65 0x72 0x73 0x69 0x6f 0x6e 0x20 0x20 0x20 0x20 0x20 0x3a 0x20 0x33 0x0a 0x73 0x65 0x72 0x69 0x61 0x6c 0x20 0x6e 0x75 0x6d 0x62 0x65 0x72 0x20 0x20 0x20 0x20 0x20 0x3a 0x20 0x30 0x32 0x0a 0x69 0x73 0x73 0x75 0x65 0x72 0x20 0x6e 0x61 0x6d 0x65 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x3a 0x20 0x43 0x3d 0x44 0x45 0x2c 0x20 0x53 0x54 0x3d 0x42 0x61 0x64 0x65 0x6e 0x20 0x2d 0x20 0x57 <0xfc> 0x72 0x74 0x74 0x65 0x6d 0x62 0x65 0x72 0x67 0x2c 0x20 0x4c 0x3d 0x48 0x65 0x72 0x6d 0x61 0x72 0x69 0x6e 0x67 0x65 0x6e 0x2c 0x20 0x4f 0x3d 0x53 0x74 0x61 0x6e 0x67 0x65 0x72 0x2c 0x20 0x65 0x6d 0x61 0x69 0x6c 0x41 0x64 0x64 0x72 0x65 0x73 0x73 0x3d 0x65 0x6d 0x61 0x69 0x6c 0x40 0x62 0x73 0x74 0x61 0x6e 0x67 0x65 0x72 0x2e 0x64 0x65 0x2c 0x20 0x43 0x4e 0x3d 0x6f 0x70 0x65 0x6e 0x76 0x70 0x6e 0x63 0x61 0x0a 0x73 0x75 0x62 0x6a 0x65 0x63 0x74 0x20 0x6e 0x61 0x6d 0x65 0x2
08-20 18:54:18.244 24179 24202 F zygote64: runtime.cc:508]     in call to NewStringUTF
08-20 18:54:18.244 24179 24202 F zygote64: runtime.cc:508]     from java.lang.String net.openvpn.ovpn3.ovpncliJNI.ClientAPI_LogInfo_text_get(long, net.openvpn.ovpn3.ClientAPI_LogInfo)

comment:3 Changed 6 years ago by plaisthos

Problem is exatcly here: C=DE, ST=Baden - Württemberg.

The ü is enoceded with 0xFC, which is valid iso-8859-1 but not UTF-8. Still the client not should not crash on encountering an invalid utf-8 string

Version 1, edited 6 years ago by plaisthos (previous) (next) (diff)

comment:4 Changed 6 years ago by Gert Döring

I need to borrow you my "schei<?> encoding" T-Shirt :-)

comment:5 Changed 6 years ago by fschaefer

I've the same problem with the iOS OpenVPN Connect App:

"L=Lüneburg" gets encoded as "L=L\134M-C?\M-B\M-<neburg"

(at least that's what I see in Apple Configurator 2 logs)

comment:6 Changed 5 years ago by forca

The same here, last version installed(on Android 9).

The app crashes on connect, and yes, the issuer string has "illegal character", like here:

Problem is exatcly here: C=DE, ST=Baden - Württemberg.

any news about fixing it?

comment:7 Changed 5 years ago by bstanger

Seems to be fixed now! Everything fine with 3.0.6.(3510).

comment:8 Changed 3 years ago by Antonio Quartulli

Owner: changed from plaisthos to OpenVPN Inc.

comment:9 Changed 15 months ago by Gert Döring

Resolution: wontfix
Status: assignedclosed

OpenVPN Inc does not want to receive any feedback for the "Connect"
OpenVPN clients via the community bug trackers (here and in GH issues).

Please resubmit - if still relevant - via https://support.openvpn.net/

Note: See TracTickets for help on using tickets.