Opened 18 months ago

#1182 new Bug / Defect

iOS: OpenVPN Connect v3.0.2.(894) errors out on mbedTLS ca bundle parsing

Reported by: foobarbaz Owned by: yuriy
Priority: major Milestone:
Component: OpenVPN Connect Version:
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:
Cc:

Description

There seems to be a bug in the mbedTLS library that's being used in the OpenVPN Connect app.

The OpenVPN Connect version I'm using is 3.0.2.(894), running on iOS 12.1.2.

When I'm trying to connect to a OpenVPN server, it fails on:

mbed TLS: 1 certificate(s) in ca bundle failed to parse

This seems to happen in the NIP process.

Few lines before this error, I'm seeing an error message complaining about being denied access to a path.

NIP: Network status changed: key kind=1
 old=<null>
 new=
    status = unsatisfied
    reasonCode = 2
    reason = Path was denied by NECP policy
    isViable = NO
    isExpensive = NO
    clientID = 87680882-2E77-4BCA-8D94-EA4434D60EDB
    mtu = 0

The cert chain is embedded in the imported OpenVPN configuration file, and all CAs in the cert chain are using RSA.

I do not have this issue with OpenVPN clients using OpenSSL.

Change History (0)

Note: See TracTickets for help on using tickets.