seems upstream already fixed
https://git.gnome.org/browse/network-manager-openvpn/commit/?id=d90cf9105e33fd4f646adf4f1ef8b9f95afc737b

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1749562

Title:
  openvpn tls-crypt not working

Status in network-manager package in Ubuntu:
  New

Bug description:
  Hi,

  if i try to connect to my openvpn 2.4 server i got this error on
  serverside:

  Feb 14 18:42:22 fenrir openvpn[58665]: tls-crypt unwrap error: packet too 
short
  Feb 14 18:42:22 fenrir openvpn[58665]: TLS Error: tls-crypt unwrapping failed 
from [AF_INET6]::ffff:91.33.41.15:51754 (via ::ffff:192.168.2.2%igb0)

  my server conf:
  dev ovpns1
  verb 1
  dev-type tun
  dev-node /dev/tun1
  writepid /var/run/openvpn_server1.pid
  #user nobody
  #group nobody
  script-security 3
  daemon
  keepalive 10 60
  ping-timer-rem
  persist-tun
  persist-key
  proto udp
  cipher AES-256-CBC
  auth SHA512
  up /usr/local/sbin/ovpn-linkup
  down /usr/local/sbin/ovpn-linkdown
  client-connect /usr/local/sbin/openvpn.attributes.sh
  client-disconnect /usr/local/sbin/openvpn.attributes.sh
  multihome
  engine cryptodev
  tls-server
  server 10.4.0.0 255.255.0.0
  client-config-dir /var/etc/openvpn-csc/server1
  username-as-common-name
  auth-user-pass-verify "/usr/local/sbin/ovpn_auth_verify user ZmVucmly false 
server1 1194" via-env
  tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'domain.local' 1"
  lport 1194
  management /var/etc/openvpn/server1.sock unix
  ca /var/etc/openvpn/server1.ca 
  cert /var/etc/openvpn/server1.cert 
  key /var/etc/openvpn/server1.key 
  dh /etc/dh-parameters.4096
  tls-crypt /var/etc/openvpn/server1.tls-crypt 
  ncp-ciphers AES-256-CBC
  persist-remote-ip
  float
  topology subnet

  my client config:

  dev tun
  persist-tun
  persist-key
  cipher AES-256-CBC
  ncp-ciphers AES-256-CBC
  auth SHA512
  tls-client
  client
  resolv-retry infinite
  remote tuxist.ddns.net 1194 udp
  verify-x509-name "domain.local" name
  auth-user-pass
  remote-cert-tls server

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: network-manager 1.8.4-1ubuntu4
  ProcVersionSignature: Ubuntu 4.13.0-32.35-generic 4.13.13
  Uname: Linux 4.13.0-32-generic x86_64
  NonfreeKernelModules: nvidia_uvm nvidia
  ApportVersion: 2.20.8-0ubuntu8
  Architecture: amd64
  CurrentDesktop: KDE
  Date: Wed Feb 14 18:46:29 2018
  IfupdownConfig:
   # interfaces(5) file used by ifup(8) and ifdown(8)
   auto lo
   iface lo inet loopback
  InstallationDate: Installed on 2016-08-13 (550 days ago)
  InstallationMedia: Kubuntu 16.04.1 LTS "Xenial Xerus" - Release amd64 
(20160719)
  IpRoute:
   default via 10.3.0.1 dev wlp3s0 proto static metric 600 
   10.3.0.0/16 dev wlp3s0 proto kernel scope link src 10.3.141.174 metric 600 
   169.254.0.0/16 dev wlp3s0 scope link metric 1000
  NetworkManager.state:
   [main]
   NetworkingEnabled=true
   WirelessEnabled=true
   WWANEnabled=false
  SourcePackage: network-manager
  UpgradeStatus: Upgraded to bionic on 2018-02-12 (1 days ago)
  nmcli-dev:
   DEVICE  TYPE      STATE        DBUS-PATH                                  
CONNECTION  CON-UUID                              CON-PATH                      
                     
   wlp3s0  wifi      connected    /org/freedesktop/NetworkManager/Devices/3  
gameofgods  404f7dfd-a05c-4271-9a7f-6e18bc31e0cf  
/org/freedesktop/NetworkManager/ActiveConnection/2 
   eno1    ethernet  unavailable  /org/freedesktop/NetworkManager/Devices/2  -- 
         --                                    --                               
                  
   lo      loopback  unmanaged    /org/freedesktop/NetworkManager/Devices/1  -- 
         --                                    --
  nmcli-nm:
   RUNNING  VERSION  STATE      STARTUP  CONNECTIVITY  NETWORKING  WIFI-HW  
WIFI     WWAN-HW  WWAN     
   running  1.8.4    connected  started  full          enabled     enabled  
enabled  enabled  disabled

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1749562/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to     : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to