It would be grand if one could just add arbitrary key/value pairs of arguments.
-- You received this bug notification because you are a member of Desktop Packages, which is subscribed to network-manager-openvpn in Ubuntu. https://bugs.launchpad.net/bugs/364101 Title: network-manager-openvpn does not support all options supported by openvpn Status in NetworkManager-OpenVPN: Confirmed Status in network-manager-openvpn package in Ubuntu: Confirmed Bug description: Binary package hint: network-manager-openvpn This is my .ovpn config file that works on Windows and on Intrepid/Jaunty using the command line: ------ cut here ---- pull tls-client port 443 #check remote xx.xx.xx.xx #check proto tcp-client #check pkcs12 mycert.p12 #converted to *.pem then was able to import them reneg-sec 300 keysize 512 cipher BF-CBC #check tls-cipher DHE-RSA-AES256-SHA dev tap #check verb 4 comp-lzo #check link-mtu 1400 ping 15 ---- end of config file ---- All the options marked with #check have a corresponding option within the network-manager-openvpn GUI. All those not marked have no way of being configured. When trying to connect with only those options configured I get the following errors: --- start of log file ---- Apr 20 15:00:16 valentin-laptop NetworkManager: <info> Starting VPN service 'org.freedesktop.NetworkManager.openvpn'... Apr 20 15:00:16 valentin-laptop NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 3965 Apr 20 15:00:16 valentin-laptop kernel: [64813.625564] tun: Universal TUN/TAP device driver, 1.6 Apr 20 15:00:16 valentin-laptop kernel: [64813.625570] tun: (C) 1999-2004 Max Krasnyansky <[email protected]> Apr 20 15:00:16 valentin-laptop NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.openvpn' just appeared, activating connections Apr 20 15:00:16 valentin-laptop NetworkManager: <info> VPN plugin state changed: 1 Apr 20 15:00:20 valentin-laptop nm-openvpn[3973]: OpenVPN 2.1_rc11 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Mar 9 2009 Apr 20 15:00:20 valentin-laptop NetworkManager: <info> VPN plugin state changed: 3 Apr 20 15:00:20 valentin-laptop nm-openvpn[3973]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Apr 20 15:00:20 valentin-laptop nm-openvpn[3973]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Apr 20 15:00:20 valentin-laptop NetworkManager: <info> VPN connection 'Work OpenVPN' (Connect) reply received. Apr 20 15:00:20 valentin-laptop nm-openvpn[3973]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Apr 20 15:00:20 valentin-laptop nm-openvpn[3973]: WARNING: file '/home/valentin/Stuff/Downloads/openvpn/mycert.key.pem' is group or others accessible Apr 20 15:00:20 valentin-laptop nm-openvpn[3973]: /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted> Apr 20 15:00:20 valentin-laptop nm-openvpn[3973]: LZO compression initialized Apr 20 15:00:20 valentin-laptop nm-openvpn[3973]: Attempting to establish TCP connection with xx.xx.xx.xx:yyy [nonblock] Apr 20 15:00:21 valentin-laptop nm-openvpn[3973]: TCP connection established with xx.xx.xx.xx:yyy Apr 20 15:00:21 valentin-laptop nm-openvpn[3973]: TCPv4_CLIENT link local: [undef] Apr 20 15:00:21 valentin-laptop nm-openvpn[3973]: TCPv4_CLIENT link remote: xx.xx.xx.xx:yyy Apr 20 15:00:22 valentin-laptop nm-openvpn[3973]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1576', remote='link-mtu 1400' Apr 20 15:00:22 valentin-laptop nm-openvpn[3973]: WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1356' Apr 20 15:00:22 valentin-laptop nm-openvpn[3973]: WARNING: 'keysize' is used inconsistently, local='keysize 128', remote='keysize 512' Apr 20 15:00:22 valentin-laptop nm-openvpn[3973]: [some-random-hostname] Peer Connection Initiated with xx.xx.xx.xx:yyy Apr 20 15:00:22 valentin-laptop nm-openvpn[3973]: Authenticate/Decrypt packet error: cipher final failed Apr 20 15:00:22 valentin-laptop nm-openvpn[3973]: Fatal decryption error (process_incoming_link), restarting Apr 20 15:00:22 valentin-laptop nm-openvpn[3973]: SIGUSR1[soft,decryption-error] received, process restarting Apr 20 15:00:27 valentin-laptop nm-openvpn[3973]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Apr 20 15:00:27 valentin-laptop nm-openvpn[3973]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Apr 20 15:00:27 valentin-laptop nm-openvpn[3973]: Re-using SSL/TLS context ---- end of log file ---- After trying to manually set the 3 options it complains about (link- mtu, tun-mtu, keysize) with gconf-editor the connection wouldn't even innitialize any more, saying that it doesn't support these options. Was hoping that the "new and improved" NM in Jaunty would fix this bug, but this seems to not be the case. To manage notifications about this bug go to: https://bugs.launchpad.net/network-manager-openvpn/+bug/364101/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
