Opened 4 years ago

Closed 3 years ago

#1342 closed Bug / Defect (worksforme)

openvpn on linux not ignoring "windows-driver"

Reported by: hildeb Owned by: stipa
Priority: major Milestone: release 2.5.1
Component: Generic / unclassified Version: OpenVPN 2.5.0 (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:
Cc:

Description

$ openvpn --config charite-hildeb.ovpn
Options error: Unrecognized option or missing or extra parameter(s) in charite-hildeb.ovpn:3: windows-driver (2.5_rc3)
Use --help for more information.

looking at the config:

$ head charite-hildeb.ovpn

# Konfiguration fuer Charite-OpenVPN

windows-driver wintun

client
dev tun

key-direction 1
<tls-auth>
#

openvpn should ignore those architecture specific settings - just as it does with block-outside-dns ...
or "Windows-Specific Options" in general.

Change History (8)

comment:1 Changed 4 years ago by tct

+1

comment:2 Changed 4 years ago by Gert Döring

Milestone: release 2.5.1
Owner: set to stipa
Status: newassigned

@hildeb: actually, --block-outside-dns also errors out if put into an .ovpn file. It's just on PUSH_REPLY that "unknown option, FATAL" turns into "unknown option, WARNING". This is less of a problem than --windows-driver, which cannot be pushed and has to be in the client config.

So I can see your problem ("I want to generate optimal configs for my clients, without having to know their operating system").

@stipa, what do you think? For 2.5.1? Your option, your code :-)

comment:3 Changed 4 years ago by Gert Döring

hah! I just rediscovered a well-hidden openvpn config trick.

You can put "options that might not work everywhere" in the config like this:

setenv opt windows-driver wintun

the code in question will read "setenv opt <something>", then reduce the error level for "something failed in config parsing" to M_WARN, and then feed <something> to the rest of the config parser.

So a fatal error in "windows-driver wintun" (on 2.4 or tunnelblick or...) would turn into a warning about "unknown option".

Good enough?

(options.c, early in add_option(), magic from the last century)

comment:4 in reply to:  3 Changed 4 years ago by tct

Replying to Gert Döring:

hah! I just rediscovered a well-hidden openvpn config trick.


Perhaps it is well hidden because setenv opt foo means nothing to most users.

You can put "options that might not work everywhere" in the config like this:

setenv opt windows-driver wintun

Good enough?

Almost ;-) (Thanks for the tip!)

Last edited 4 years ago by tct (previous) (diff)

comment:5 Changed 4 years ago by stipa

So apparently no code change is needed. You could also put "--ignore-unknown-option windows-driver" to the config before "windows-driver" and client will use it if it knows how to.

comment:6 Changed 4 years ago by Gert Döring

So this can be closed?

comment:7 Changed 4 years ago by stipa

Yes, let's close it. There are two workarounds mentioned above for this issue.

comment:8 Changed 3 years ago by Gert Döring

Resolution: worksforme
Status: assignedclosed
Note: See TracTickets for help on using tickets.