Opened 9 years ago

Closed 8 years ago

#118 closed Bug / Defect (notabug)

Missing reset of script_security variable in init.d script of Ubuntu package

Reported by: BigBear Owned by:
Priority: minor Milestone:
Component: Packaging Version: OpenVPN 2.1.4 (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:
Cc:

Description

Scenario:
OpenVPN acting as server and client simultainously, e. g. there is a client.conf and a server.conf file in /etc/openvpn on a Ubuntu 10.04LTS box.
client.conf contains no script-security setting.
server.conf contains "script-security 3" setting for external LDAP authentication script.

Problem:
When client.conf is processed first, the /etc/init.d/openvpn script set the variable script_security to "--script-security 2" in this
code block:
# Handle backwards compatibility
if test -z "$( grep ':space:?*script-security:space:?' $CONFIG_DIR/$NAME.conf )" ; then

script_security="--script-security 2"

fi

When server.conf is processed, the variable is still set, although the server.conf contains it's own script-security setting. So clearing the variable is missing here.

Proposed solution:
This works at least for me although I'm definitively no scripting expert:

# Handle backwards compatibility
if test -z "$( grep ':space:?*script-security:space:?' $CONFIG_DIR/$NAME.conf )" ; then

script_security="--script-security 2"

else

script_security=""

fi

Change History (2)

comment:1 Changed 9 years ago by Simon Deziel

I have forwarded this bug to Ubuntu Launchpad : https://bugs.launchpad.net/openvpn/+bug/814164

comment:2 Changed 8 years ago by David Sommerseth

Resolution: notabug
Status: newclosed

Closing as this is not a OpenVPN bug, but related to Ubuntu packaging.

Note: See TracTickets for help on using tickets.