Opened 3 years ago
Closed 3 years ago
#1433 closed Bug / Defect (fixed)
Windows OpenVPN 2.5.4 client-connect script issue
Reported by: | Camille Guerin | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | release 2.5.5 |
Component: | Generic / unclassified | Version: | OpenVPN 2.5.4 (Community Ed) |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
Cc: | Samuli Seppänen, stipa |
Description
Hi,
Since version 2.5.4, I have some issues with a client-connect script.
I use the script to change on the fly the VPN IP of a device connecting.
Since 2.5.4 the VPN IP is not changed...
Sat Oct 16 17:45:44 2021 X.X.X.X:3548 [OpenVPN Client 1] Peer Connection Initiated with [AF_INET]X.X.X.X:3548 Sat Oct 16 17:45:44 2021 OpenVPN Client 1/X.X.X.X:3548 MULTI_sva: pool returned IPv4=10.1.0.2, IPv6=(Not enabled) Sat Oct 16 17:45:44 2021 OpenVPN Client 1/X.X.X.X:3548 env_block: add PATH=C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem Sat Oct 16 17:45:45 2021 OpenVPN Client 1/X.X.X.X:3548 OPTIONS IMPORT: reading client specific options from: C:\Users\blabla\Documents\VPN\server\tmp\openvpn_cc_2d5b6b21362844c5.tmp Sat Oct 16 17:45:45 2021 OpenVPN Client 1/X.X.X.X:3548 MULTI: problem deleting temporary file: C:\Users\blabla\Documents\VPN\server\tmp\openvpn_cc_2d5b6b21362844c5.tmp Sat Oct 16 17:45:45 2021 OpenVPN Client 1/X.X.X.X:3548 MULTI: problem deleting temporary file: C:\Users\blabla\Documents\VPN\server\tmp\openvpn_ccr_6b4aa6cd7997fa48.tmp Sat Oct 16 17:45:45 2021 OpenVPN Client 1/X.X.X.X:3548 MULTI: Learn: 10.1.0.2 -> OpenVPN Client 1/X.X.X.X:3548 Sat Oct 16 17:45:45 2021 OpenVPN Client 1/X.X.X.X:3548 MULTI: primary virtual IP for OpenVPN Client 1/X.X.X.X:3548: 10.1.0.2
(IP have been removed from log)
Here is the config file:
proto tcp4 port 444 dev tun server 10.1.0.0 255.255.0.0 keepalive 10 120 client-to-client push "route 10.1.0.0 255.255.0.0" cipher AES-256-CBC verb 6 #management 127.0.0.1 8088 persist-key persist-tun topology subnet remote-cert-tls client script-security 2 ca "C:\\Users\\blabla\\Documents\\VPN\\ca\\ca.crt" cert "C:\\Users\\blabla\\Documents\\VPN\\server\\server.crt" key "C:\\Users\\blabla\\Documents\\VPN\\server\\server.key" dh "C:\\Users\\blabla\\Documents\\VPN\\server\\dh.pem" tls-auth "C:\\Users\\blabla\\Documents\\VPN\\server\\ta.key" 0 log "C:\\Users\\blabla\\Documents\\VPN\\server\\server.log" ifconfig-pool-persist "C:\\Users\\blabla\\Documents\\VPN\\server\\client_ips.txt" #status "C:\\Users\\blabla\\Documents\\VPN\\server\\status.log" client-connect "C:\\Users\\blabla\\Documents\\VPN\\server\\script.bat" tmp-dir "C:\\Users\\blabla\\Documents\\VPN\\server\\tmp"
I have tried with and without tmp-dir, but result is the same...
This was working great with 2.5.3 and before....
I think other script might be impacted as well...
Change History (6)
comment:1 Changed 3 years ago by
comment:2 Changed 3 years ago by
Fixed by: commit c699c0d85cf2028796cdb0592271f1167709e6ac
Date: Fri Oct 15 14:47:33 2021 -0400
Fix some more wrong defines in config-msvc.h
comment:3 Changed 3 years ago by
Milestone: | release 2.5.4 → release 2.5.5 |
---|---|
Version: | → OpenVPN 2.5.4 (Community Ed) |
comment:4 Changed 3 years ago by
Cc: | Samuli Seppänen stipa added |
---|
I hope I can get mattock and stipa to release a new windows installer tomorrow... so we can see if this is now fixed.
And then it might be reasonable to do 2.5.5 fairly soon, with now 3 different broken Windows installer versions floating around.
comment:6 Changed 3 years ago by
Resolution: | → fixed |
---|---|
Status: | new → closed |
We are reasonably sure that this bug has been fixed in 2.5.4-I604 and also in 2.5.5-I602.
Thus, closing this ticket, even if we never got feedback.
Looks like the same problem as #1430 -- i.e., files are created without write permission. In this case writing the config directives from client-connect script to the temp file would fail. You can confirm it by checking for write errors in your script. The deletion error in the log is also related.
For a proper resolution wait for a fixed release. For a quick-fix try adding this to the top of your client-connect script:
attrib -r $tmp_file
where $tmp_file is the name of the file passed to the script. That is, the file it writes the config directive into ($1 if the script has no other args).