Looking at the source code for nm-openvpn-service.c, before this bug was introduced it doesn't appear that the crl-verify option was ever implemented or used, as it is not found within the code. The only lines that refer to crl-verify were introduced in Ubuntu 19.04, and consist of the following:
Frankly I do not know how or why "/var/lib/openvpn/chroot/" gets incorrectly prepended to the file path in the openvpn argument string, but the crl-verify option clearly doesn't work (or may never have worked after it was introduced). This needs fixing ASAP.
Looking at the source code for nm-openvpn- service. c, before this bug was introduced it doesn't appear that the crl-verify option was ever implemented or used, as it is not found within the code. The only lines that refer to crl-verify were introduced in Ubuntu 19.04, and consist of the following:
tmp = nm_setting_ vpn_get_ data_item (s_vpn, NM_OPENVPN_ KEY_CRL_ VERIFY_ FILE); vpn_get_ data_item (s_vpn, NM_OPENVPN_ KEY_CRL_ VERIFY_ DIR);
if (tmp)
args_add_strv (args, "--crl-verify", tmp);
else {
tmp = nm_setting_
if (tmp)
args_add_strv (args, "--crl-verify", tmp, "dir");
}
Frankly I do not know how or why "/var/lib/ openvpn/ chroot/ " gets incorrectly prepended to the file path in the openvpn argument string, but the crl-verify option clearly doesn't work (or may never have worked after it was introduced). This needs fixing ASAP.