Opened 6 months ago

Closed 6 weeks ago

#1472 closed Bug / Defect (wontfix)

OpenVPN 3.2.7 and Android 9.0 - dhcp-option PROXY_AUTO_CONFIG_URL not working

Reported by: yanggis Owned by: OpenVPN Inc.
Priority: minor Milestone:
Component: OpenVPN Connect Version: OpenVPN Connect for Android
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:
Cc:

Description

I've added one option in the openvpn config server to use pac file, here is the option:
push "dhcp-option PROXY_AUTO_CONFIG_URL https://xx.yys.com/share/acl/proxy.pac"

However, when connecting to the server, I got this error:
exception setting dhcp-option for proxy: tun_prop_dhcp_option_error: tun_builder_set_proxy_auto_config_url
Do you guys know what is wrony with the option? How to fix it?

Here is the log file:

17:10:16.854 -- EVENT: DISCONNECTED

17:10:16.855 -- Tunnel bytes per CPU second: 0

17:10:16.855 -- ----- OpenVPN Stop -----

17:10:20.731 -- ----- OpenVPN Start -----

17:10:20.732 -- EVENT: CORE_THREAD_ACTIVE

17:10:20.736 -- OpenVPN core 3.git::d3f8b18b:Release android arm64 64-bit PT_PROXY

17:10:20.738 -- Frame=512/2048/512 mssfix-ctrl=1250

17:10:20.739 -- UNUSED OPTIONS
4 [resolv-retry] [infinite]
5 [nobind]
6 [persist-key]
7 [persist-tun]
11 [ignore-unknown-option] [block-outside-dns]
12 [block-outside-dns]
13 [verb] [3]

17:10:20.741 -- EVENT: RESOLVE

17:10:20.744 -- Contacting 66.254.xx.xx:1194 via TCPv4

17:10:20.745 -- EVENT: WAIT

17:10:21.574 -- Connecting to [66.254.xx.xx]:1194 (66.254.xx.xx) via TCPv4

17:10:22.581 -- EVENT: CONNECTING

17:10:22.606 -- Tunnel Options:V4,dev-type tun,link-mtu 1603,tun-mtu 1500,proto TCPv4_CLIENT,cipher AES-256-CBC,auth SHA512,keysize 256,key-method 2,tls-client

17:10:22.607 -- Creds: UsernameEmpty/PasswordEmpty?

17:10:22.609 -- Peer Info:
IV_VER=3.git::d3f8b18b:Release
IV_PLAT=android
IV_NCP=2
IV_TCPNL=1
IV_PROTO=30
IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
IV_AUTO_SESS=1
IV_GUI_VER=net.openvpn.connect.android_3.2.7-7957
IV_SSO=webauth,openurl

17:10:23.235 -- VERIFY OK: depth=1, /CN=Easy-RSA CA, signature: RSA-SHA256

17:10:23.239 -- VERIFY OK: depth=0, /CN=server, signature: RSA-SHA256

17:10:25.190 -- SSL Handshake: peer certificate: CN=server, 2048 bit RSA, cipher: TLS_AES_256_GCM_SHA384 TLSv1.3 Kx=any Au=any Enc=AESGCM(256) Mac=AEAD

17:10:25.193 -- Session is ACTIVE

17:10:25.196 -- EVENT: GET_CONFIG

17:10:25.204 -- Sending PUSH_REQUEST to server...

17:10:25.742 -- OPTIONS:
0 [dhcp-option] [PROXY_AUTO_CONFIG_URL] https://xx.yys.com/share/acl/proxy.pac
1 [dhcp-option] [DNS] [8.8.8.8]
2 [route-gateway] [10.13.0.1]
3 [topology] [subnet]
4 [ping] [10]
5 [ping-restart] [60]
6 [ifconfig] [10.13.0.2] [255.255.255.0]
7 [peer-id] [0]
8 [cipher] [AES-256-GCM]

17:10:25.743 -- PROTOCOL OPTIONS:
cipher: AES-256-GCM
digest: NONE
key-derivation: OpenVPN PRF
compress: NONE
peer ID: 0
control channel: tls-crypt enabled

17:10:25.745 -- EVENT: ASSIGN_IP

17:10:25.753 -- exception setting dhcp-option for proxy: tun_prop_dhcp_option_error: tun_builder_set_proxy_auto_config_url

17:10:25.781 -- Connected via tun

17:10:25.784 -- EVENT: CONNECTED info='66.254.xx.xx:1194 (66.254.xx.xx) via /TCPv4 on tun/10.13.0.2/ gw=[10.13.0.1/]'

17:11:10.415 -- EVENT: DISCONNECTED trans=TO_DISCONNECTED

17:11:10.415 -- Tunnel bytes per CPU second: 0

17:11:10.416 -- ----- OpenVPN Stop -----


Info about the OpenVPN Server
openvpn --version

OpenVPN 2.5.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 24 2022
library versions: OpenSSL 1.1.1 11 Sep 2018, LZO 2.08
Originally developed by James Yonan
Copyright (C) 2002-2022 OpenVPN Inc <sales@…>
Compile time defines: enable_async_push=no enable_comp_stub=no enable_crypto_ofb_cfb=yes enable_debug=yes enable_def_auth=yes enable_dependency_tracking=no enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=needless enable_fragment=yes enable_iproute2=yes enable_libtool_lock=yes enable_lz4=yes enable_lzo=yes enable_maintainer_mode=no enable_management=yes enable_multihome=yes enable_pam_dlopen=no enable_pedantic=no enable_pf=yes enable_pkcs11=yes enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enable_shared=yes enable_shared_with_static_runtimes=no enable_silent_rules=no enable_small=no enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=yes enable_werror=no enable_win32_dll=yes enable_x509_alt_username=yes with_aix_soname=aix with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_openssl_engine=auto with_sysroot=no

Change History (4)

comment:1 Changed 6 months ago by Antonio Quartulli

Still same answer as here https://github.com/OpenVPN/openvpn3/issues/230
At the moment this option is not supported by OpenVPN Connect for Android.

comment:2 Changed 6 months ago by Antonio Quartulli

Owner: set to OpenVPN Inc.
Status: newassigned

comment:3 Changed 6 months ago by Antonio Quartulli

Component: Generic / unclassifiedOpenVPN Connect
Priority: majorminor
Version: OpenVPN Connect for Android

comment:4 Changed 6 weeks ago by Gert Döring

Resolution: wontfix
Status: assignedclosed

OpenVPN Inc does not want to receive any feedback for the "Connect"
OpenVPN clients via the community bug trackers (here and in GH issues).

Please resubmit - if still relevant - via https://support.openvpn.net/

Note: See TracTickets for help on using tickets.