Package: openvpn Version: 2.3.4-5+deb8u1 Severity: important Dear Maintainer,
With the retirement of squeeze LTS, we've been forced to upgrade our OpenVPN server to jessie. Unfortunately, we seem to have run across an old bug again (#543941), whereby using LDAP+TLS for authentication of OpenVPN sessions ultimately leads to file handle exhaustion becasue of stale references to /dev/urandom. We had no problems on our squeeze machine with this. I've tried the LD_PRELOAD workaround suggested in the Readme.Debian doc, but it does not appear to have any affect. I also backported the latest version of OpenVPN (2.3.10-1) and it still suffered from the same issue. It appears the original bug reports was resolved because libgcrypt11 was being dropped. Any suggested workarounds? Is this even an OpenVPN bug or should this be reported to the libgcrypt maintainers? I'm happy to help try and debug this in any way I can. Thanks! Mark -- System Information: Debian Release: 8.3 APT prefers stable APT policy: (750, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages openvpn depends on: ii debconf [debconf-2.0] 1.5.56 ii init-system-helpers 1.22 ii initscripts 2.88dsf-59 ii iproute2 3.16.0-2 ii libc6 2.19-18+deb8u3 ii liblzo2-2 2.08-1.2 ii libpam0g 1.1.8-3.1+deb8u1 ii libpkcs11-helper1 1.11-2 ii libssl1.0.0 1.0.1k-3+deb8u4 Versions of packages openvpn recommends: pn easy-rsa <none> Versions of packages openvpn suggests: ii openssl 1.0.1k-3+deb8u4 pn resolvconf <none> -- Configuration Files: /etc/init.d/openvpn changed [not included] -- debconf-show failed
