Opened 13 years ago
Closed 2 years ago
#194 closed Bug / Defect (worksforme)
Management Interface does not allow UTF8 passwords
Reported by: | fjaeger | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | release 2.4 |
Component: | Management | Version: | OpenVPN 2.2.2 (Community Ed) |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | mac osx unicode ascii |
Cc: |
Description
I am using OpenVPN's management interface with Shimo (MacOSX VPN Client) and I realized that I am unable to login when the user password contains a German umlaut. Same holds for other UTF8 characters.
Currently I am using OpenVPN version 2.2.2
Change History (5)
comment:1 Changed 11 years ago by
Keywords: | mac osx unicode ascii added |
---|
comment:2 Changed 11 years ago by
this might not be "just" an umlaut issue, but an "is the umlaut encoding the same on the OpenVPN client and the OpenVPN server" (so if the Mac GUI sends UTF8 umlauts to the management interface and the server compares to ISO umlauts...)
No idea how SSH and friends solve this. I just don't use non-ASCII characters in usernames or passwords...
comment:3 Changed 9 years ago by
Milestone: | release 2.2.2 → release 2.4 |
---|
comment:4 Changed 2 years ago by
I think management i/f accepts any byte sequence as password with few exceptions (no embedded new lines or NULs) -- its up to the client to ensure that consistent values are provided when starting openvpn.exe on, say, command line, and from management client.
The error reported here is very likely mismatch between encoding used on the command line and management-client UI.
Shall we close this?
comment:5 Changed 2 years ago by
Resolution: | → worksforme |
---|---|
Status: | new → closed |
Closing this as indeed character set issues are complex (GUI to management interface, Terminal to config file, server side script to authentication backend), and we can't really solve this inside OpenVPN except "do not even try to autoconvert something".
While this is not really helping the original poster, trying to do charset autoconversion here ("if a --auth-user-pass file
has no UTF8 BOM, treat as ISO8859-1, and convert to UTF8 before sending to server") will be a major undertaking, and not necessarily create less pain...
The best way is to have the same encoding everywhere, which would be UTF-8 today - and avoid using non-7-bit-characters in usernames and passwords, as a matter of good practice.
Can someone reproduce this on 2.3.2 or latest Git "master"?