Opened 2 years ago

Last modified 4 months ago

#1182 assigned Bug / Defect

iOS: OpenVPN Connect v3.0.2.(894) errors out on mbedTLS ca bundle parsing

Reported by: foobarbaz Owned by: denys
Priority: major Milestone:
Component: OpenVPN Connect Version:
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:
Cc:

Description

There seems to be a bug in the mbedTLS library that's being used in the OpenVPN Connect app.

The OpenVPN Connect version I'm using is 3.0.2.(894), running on iOS 12.1.2.

When I'm trying to connect to a OpenVPN server, it fails on:

mbed TLS: 1 certificate(s) in ca bundle failed to parse

This seems to happen in the NIP process.

Few lines before this error, I'm seeing an error message complaining about being denied access to a path.

NIP: Network status changed: key kind=1
 old=<null>
 new=
    status = unsatisfied
    reasonCode = 2
    reason = Path was denied by NECP policy
    isViable = NO
    isExpensive = NO
    clientID = 87680882-2E77-4BCA-8D94-EA4434D60EDB
    mtu = 0

The cert chain is embedded in the imported OpenVPN configuration file, and all CAs in the cert chain are using RSA.

I do not have this issue with OpenVPN clients using OpenSSL.

Change History (1)

comment:1 Changed 4 months ago by Gert Döring

Owner: changed from yuriy to denys
Status: newassigned
Note: See TracTickets for help on using tickets.