Opened 4 years ago

Last modified 2 years ago

#573 new Bug / Defect

Client on Fedora 21: config option "auth-user-pass" works when in config file, but not on command line

Reported by: tarquinq Owned by:
Priority: minor Milestone:
Component: Configuration Version: OpenVPN 2.3.8 (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:
Cc: plaisthos

Description

Description of problem:
OpenVPN client supports automated password entry from a file. The specific option is "auth-user-pass".
When I specify this option inside a config file, it works, and VPN connects.
When I specify this option on the command line, it ignores it, and doesn't prompt for it.
I have run an strace on it, and when passed via command-line, the program _never_ checks for the file on-disk (which it does, successfully, when passed in via config file), so I'm guessing the command line parsing is wrong somehow.

Version-Release number of selected component (if applicable):
Fedora release : 21
OpenVPN Version : 2.3.7
Release : 1.fc21
Architecture : armv7hl
Source RPM : openvpn-2.3.7-1.fc21.src.rpm

How reproducible:
Always, I think. I've only got one username & password, and it does it every time for me!

Steps to Reproduce:

  1. Create a file on-disk, 2 lines, username on 1st line & password on 2nd (bare config lines, just the two words on two lines)
  2. Start Openvpn client with a config file containing the line "auth-user-pass /path/to/file.conf" - watch it succeed!
  3. Start Openvpn client with "openvpn --auth-user-pass /path/to/file.conf" as one of the command-line options - watch it ignore the option and ask you for a password (and blast systemD ask-pass Wall messages!).

Actual results:
Password requested interactively from user on command line.

Expected results:
Password read from on-disk file and auto-connect.

Additional info:
No X, GUI, or NetworkManager?-controlled hilarity, this is just a headless command-line system.
First logged via Fedora Bugzilla, referred upstream; https://bugzilla.redhat.com/show_bug.cgi?id=1238733

Change History (2)

comment:1 Changed 4 years ago by Gert Döring

Cc: plaisthos added

that's an interesting one, as our config parser does not make a difference between "read file" and "read command line options"... need to go test...

comment:2 Changed 2 years ago by debbie10t

I tested this on Fedora 24 with Openvpn 2.3.13 and 2.4_rc1 and --auth-user-pass /path/to/userpass.txt in a command line and it worked as expected. If the file is specified the user/pass are read from the file; If the file is not specified then the username and password are prompted for on the console.

Note: See TracTickets for help on using tickets.