Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Apparently openvpn 2.4 needs double quotes around client specific push options #329

Closed
qs5779 opened this issue Feb 22, 2019 · 4 comments
Closed

Apparently openvpn 2.4 needs double quotes around client specific push options #329

qs5779 opened this issue Feb 22, 2019 · 4 comments
Labels
bug Something isn't working

Comments

@qs5779
Copy link
Contributor

qs5779 commented Feb 22, 2019

Affected Puppet, Ruby, OS and module versions/distributions

  • Puppet: 5.5.10
  • Ruby: 2.3.3p222 (2016-11-21) [x86_64-linux-gnu]
  • Distribution: debian/stretch
  • Module version: 8.1.0

How to reproduce (e.g Puppet code you use)

What are you seeing

In my logs I get this error when clients using redirect_gateway: true connect

: [] Peer Connection Initiated with [AF_INET]:18068
: :18068 Options error: Unrecognized option or missing or extra parameter(s) in /etc/openvpn/tejas/client-configs/:2: push (2.4.0)

What behaviour did you expect instead

No errors

Output log

see above

Any additional information you'd like to impart

found this report: https://forums.openvpn.net/viewtopic.php?t=23184https://forums.openvpn.net/viewtopic.php?t=23184

so i modified the template to put double quotes around all push options, now i have NO errors on connect and devices actually send traffic over the vpn, I would have submitted a PR, but I don't have an adequate test environment at the moment.

here is my fix diff

index e96edfc..750de0c 100644
--- a/templates/client_specific_config.erb
+++ b/templates/client_specific_config.erb
@@ -8,10 +8,10 @@ iroute-ipv6 <%= iroute_ipv6 %>
ifconfig-push <%= ifconfig %>
<% end -%>
<% @dhcp_options.each do |option| -%>
-push dhcp-option <%= option %>
+push "dhcp-option <%= option %>"
<% end -%>
<% if @redirect_gateway -%>
-push redirect-gateway def1
+push "redirect-gateway def1"
<% end -%>
<% @route.each do |route| -%>
push "route <%= route %>"
@bastelfreak
Copy link
Member

hey @qs5779, thanks for reporting this. Are you able to provide a PR with the fix?

@qs5779
Copy link
Contributor Author

qs5779 commented Feb 23, 2019 via email
edited
Loading

@qs5779 qs5779 mentioned this issue Feb 24, 2019
Merged
@alexjfisher
Copy link
Member

@qs5779 It's fine to let travis do all your testing if you can't set up an environment locally. Just amend your commit with updates to tests and force push. Travis will automatically run the tests again.
Looking at the travis logs, probably just these two lines need updating.

puppet-openvpn/spec/defines/openvpn_client_specific_config_spec.rb

Lines 54 to 55 in ba39438

it { is_expected.to contain_file('/etc/openvpn/test_server/client-configs/test_client').with_content(%r{^push dhcp-option DNS 8.8.8.8$}) }
it { is_expected.to contain_file('/etc/openvpn/test_server/client-configs/test_client').with_content(%r{^push redirect-gateway def1$}) }

@Dan33l Dan33l added the bug Something isn't working label Feb 25, 2019
@Dan33l
Copy link
Member

Dan33l commented Feb 25, 2019

closed with #330

@Dan33l Dan33l closed this as completed Feb 25, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@alexjfisher @bastelfreak @Dan33l @qs5779