Ubuntu
openvpn-auth-ldap package

  1. Bug #1602813
  2. Comment #24

Comment 24 for bug 1602813

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Crash reproduced on trusty:
ubuntu@trusty-openvpn-server-1602813:/etc/openvpn$ sudo openvpn --config server.conf
Mon Jul 24 17:03:30 2017 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Jun 22 2017
Mon Jul 24 17:03:30 2017 TUN/TAP device tun0 opened
Mon Jul 24 17:03:30 2017 Note: Cannot set tx queue length on tun0: Operation not permitted (errno=1)
Mon Jul 24 17:03:30 2017 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mon Jul 24 17:03:30 2017 /sbin/ip link set dev tun0 up mtu 1500
Mon Jul 24 17:03:30 2017 /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
Mon Jul 24 17:03:30 2017 UDPv4 link local (bound): [undef]
Mon Jul 24 17:03:30 2017 UDPv4 link remote: [undef]
Mon Jul 24 17:03:30 2017 Initialization Sequence Completed
openvpn: sasl.c:257: ldap_parse_sasl_bind_result: Assertion `res != ((void *)0)' failed.

ubuntu@trusty-openvpn-server-1602813:/etc/openvpn$ dpkg-query -W openvpn-auth-ldap
openvpn-auth-ldap 2.0.3-5.1

After upgrading to the package in proposed, we just get the expected nice timeout error:
ubuntu@trusty-openvpn-server-1602813:/etc/openvpn$ sudo apt install openvpn-auth-ldap -y
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
  libfreetype6 os-prober
Use 'apt-get autoremove' to remove them.
The following packages will be upgraded:
  openvpn-auth-ldap
1 upgraded, 0 newly installed, 0 to remove and 3 not upgraded.
Need to get 37.2 kB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 http://br.archive.ubuntu.com/ubuntu/ trusty-proposed/universe openvpn-auth-ldap amd64 2.0.3-5.1ubuntu0.1 [37.2 kB]
Fetched 37.2 kB in 0s (1,601 kB/s)
(Reading database ... 25224 files and directories currently installed.)
Preparing to unpack .../openvpn-auth-ldap_2.0.3-5.1ubuntu0.1_amd64.deb ...
Unpacking openvpn-auth-ldap (2.0.3-5.1ubuntu0.1) over (2.0.3-5.1) ...
Setting up openvpn-auth-ldap (2.0.3-5.1ubuntu0.1) ...

ubuntu@trusty-openvpn-server-1602813:/etc/openvpn$ sudo openvpn --config server.conf
Mon Jul 24 17:05:19 2017 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Jun 22 2017
Mon Jul 24 17:05:19 2017 TUN/TAP device tun0 opened
Mon Jul 24 17:05:19 2017 Note: Cannot set tx queue length on tun0: Operation not permitted (errno=1)
Mon Jul 24 17:05:19 2017 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mon Jul 24 17:05:19 2017 /sbin/ip link set dev tun0 up mtu 1500
Mon Jul 24 17:05:19 2017 /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
Mon Jul 24 17:05:19 2017 UDPv4 link local (bound): [undef]
Mon Jul 24 17:05:19 2017 UDPv4 link remote: [undef]
Mon Jul 24 17:05:19 2017 Initialization Sequence Completed
LDAP bind failed: Timed out
Unable to bind as uid=john,ou=People,dc=lxd
LDAP connect failed.
Mon Jul 24 17:05:25 2017 10.0.100.42:1194 PLUGIN_CALL: plugin function PLUGIN_AUTH_USER_PASS_VERIFY failed with status 1: /usr/lib/openvpn/openvpn-auth-ldap.so
Mon Jul 24 17:05:25 2017 10.0.100.42:1194 TLS Auth Error: Auth Username/Password verification failed for peer
Mon Jul 24 17:05:25 2017 10.0.100.42:1194 [client] Peer Connection Initiated with [AF_INET]10.0.100.42:1194
(...)

Trusty verified.