| 2017-04-10 01:37:21 |
Nicholas Stommel |
bug |
|
|
added bug |
| 2017-04-10 01:37:21 |
Nicholas Stommel |
attachment added |
|
The following patch removes the single offending line which causes this issue. https://bugs.launchpad.net/bugs/1681295/+attachment/4859305/+files/nm-openvpn-service-fix.patch |
|
| 2017-04-10 01:37:55 |
Nicholas Stommel |
bug task added |
|
network-manager-openvpn (Ubuntu) |
|
| 2017-04-10 01:38:10 |
Nicholas Stommel |
bug task deleted |
network-manager (Ubuntu) |
|
|
| 2017-04-10 01:40:15 |
Nicholas Stommel |
attachment added |
|
network-manager-openvpn_1.1.93-1ubuntu1.1_amd64.deb https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/1681295/+attachment/4859324/+files/network-manager-openvpn_1.1.93-1ubuntu1.1_amd64.deb |
|
| 2017-04-10 01:42:06 |
Nicholas Stommel |
attachment added |
|
network-manager-openvpn-gnome_1.1.93-1ubuntu1.1_amd64.deb https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/1681295/+attachment/4859325/+files/network-manager-openvpn-gnome_1.1.93-1ubuntu1.1_amd64.deb |
|
| 2017-04-10 04:26:26 |
Ubuntu Foundations Team Bug Bot |
tags |
network-manager network-manager-openvpn openvpn |
network-manager network-manager-openvpn openvpn patch |
|
| 2017-04-10 04:26:35 |
Ubuntu Foundations Team Bug Bot |
bug |
|
|
added subscriber Ubuntu Review Team |
| 2017-04-10 23:29:27 |
Nicholas Stommel |
description |
So I've been using OpenVPN through the network-manager-openvpn package integrated into the network manager GUI. I experienced an odd problem where consistently, during or after downloading (in this case, I tested by just downloading the kernel tarball from kernel.org repeatedly, which is around 90MB) Every single time, without fail, the openvpn client would fail and my connection would go dead. To reconnect, I would have to manually restart the network manager.
Now, I played around with .conf files and the CLI openvpn client and noticed EXACTLY the same behavior happening. I eventually arrived to the conclusion that the flag or option "auth-nocache" would cause a connection reset after or during downloads and streaming. I then got to reading the openvpn man pages and I stumbled across this message (you can easily find it by going 'man openvpn | grep nocache') about the guaranteed failure of key renegotiation if auth-user-pass and auth-nocache were used together:
" Further, using --daemon together with --auth-user-pass (entered
on console) and --auth-nocache will fail as soon as key renego‐
tiation (and reauthentication) occurs."
When I removed auth-user-pass from my .conf files, the problem went away. Then I wondered. Now what if...network-manager-openvpn was actually passing both flags to openvpn? Then I downloaded the source tarball and found that indeed, this exact thing is happening on a SINGLE line. See line 1380 of network-manager-openvpn-1.1.93/src/nm-openvpn-service.c
"add_openvpn_arg (args, "--auth-nocache");"
So I decided to comment out that single line. I then rebuilt the packages network-manager-openvpn and network-manager-openvpn using 'dpkg-buildpackage -us -uc -nc', installed them, and tested downloading the source kernel repeatedly to see if the connection would hold. It does! Literally commenting out ONE line fixed weeks worth of extreme annoyance repeatedly reconnecting to my vpn. This issue is rather annoying and needs to be fixed so openvpn doesn't keep cutting out. I've attached a patch for the source. |
So I've been using OpenVPN through the network-manager-openvpn package integrated into the network manager GUI. I experienced an odd problem where consistently, during or after downloading (in this case, I tested by just downloading the kernel tarball from kernel.org repeatedly, which is around 90MB) Every single time, without fail, the openvpn client would fail and my connection would go dead. To reconnect, I would have to manually restart the network manager.
Now, I played around with .conf files and the CLI openvpn client and noticed EXACTLY the same behavior happening. I eventually arrived to the conclusion that the flag or option "auth-nocache" would cause a connection reset after or during downloads and streaming. I then got to reading the openvpn man pages and I stumbled across this message (you can easily find it by going 'man openvpn | grep nocache') about the guaranteed failure of key renegotiation if auth-user-pass and auth-nocache were used together:
" Further, using --daemon together with --auth-user-pass (entered
on console) and --auth-nocache will fail as soon as key renego‐
tiation (and reauthentication) occurs."
When I removed auth-user-pass from my .conf files, the problem went away. Then I wondered. Now what if...network-manager-openvpn was actually passing both flags to openvpn? Then I downloaded the source tarball and found that indeed, this exact thing is happening on a SINGLE line. See line 1380 of network-manager-openvpn-1.1.93/src/nm-openvpn-service.c
"add_openvpn_arg (args, "--auth-nocache");"
So I decided to comment out that single line. I then rebuilt the packages network-manager-openvpn and network-manager-openvpn-gnome using 'dpkg-buildpackage -us -uc -nc', installed them, and tested downloading the source kernel repeatedly to see if the connection would hold. It does! Literally commenting out ONE line fixed weeks worth of extreme annoyance repeatedly reconnecting to my vpn. This issue is rather annoying and needs to be fixed so openvpn doesn't keep cutting out. I've attached a patch for the source. |
|
| 2017-04-10 23:40:22 |
Nicholas Stommel |
summary |
Problem in network-manager-openvpn, openvpn fails during and after downloads. |
Problem in nm-openvpn-service.c, openvpn connection fails after key renegotiation because --auth-user-pass is passed with --auth-nocache. |
|
| 2017-04-28 06:59:31 |
Launchpad Janitor |
network-manager-openvpn (Ubuntu): status |
New |
Confirmed |
|
| 2017-06-21 20:17:56 |
Christophe H |
bug |
|
|
added subscriber Christophe H |
| 2017-09-01 12:30:20 |
Sebastien Bacher |
network-manager-openvpn (Ubuntu): importance |
Undecided |
High |
|
| 2017-09-01 12:30:20 |
Sebastien Bacher |
network-manager-openvpn (Ubuntu): status |
Confirmed |
Triaged |
|
| 2017-09-20 02:25:36 |
Nicholas Stommel |
attachment added |
|
network-manager-openvpn_1.2.6-2ubuntu2_amd64.deb https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/1681295/+attachment/4953144/+files/network-manager-openvpn_1.2.6-2ubuntu2_amd64.deb |
|
| 2017-09-20 02:26:16 |
Nicholas Stommel |
attachment added |
|
network-manager-openvpn-gnome_1.2.6-2ubuntu2_amd64.deb https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/1681295/+attachment/4953145/+files/network-manager-openvpn-gnome_1.2.6-2ubuntu2_amd64.deb |
|
