Modify

Opened 5 years ago

Closed 5 years ago

Last modified 4 years ago

#1321 closed bug (fixed)

Spaces not allowed in OpenVPN Client Name

Reported by: anonymous Owned by:
Priority: normal Milestone:
Component: fon-plugin-openvpn Version: 2.3.7.0 (Paco)
Severity: unknown
Cc: Hardware: 2.0n (FON2300)

Description

When I try to create a VPN client with a space (" ") in the name, the new client doesn't appear in the Web UI, but the key files do appear in /etc/openvpn/keys/"client name".csr, .crt, .key

/etc/config/openvpn

config 'openvpn' 'openvpn'
	option 'port' '1194'
	option 'proto' 'udp'
	option 'dev' 'tun-ovpn'
	option 'ca' '/etc/openvpn/keys/ca.crt'
	option 'cert' '/etc/openvpn/keys/Fonera.crt'
	option 'key' '/etc/openvpn/keys/Fonera.key'
	option 'dh' '/etc/openvpn/keys/dh1024.pem'
	option 'crl_verify' '/etc/openvpn/keys/crl.pem'
	option 'topology' 'subnet'
	option 'server' '10.8.0.0 255.255.255.0 nopool'
	option 'ifconfig_pool' '10.8.0.2 10.8.0.127'
	option 'ifconfig_pool_persist' '/tmp/ipp.txt'
	option 'client_connect' '/etc/openvpn/client-connect-script'
	option 'script_security' '2'
	option 'keepalive' '10 120'
	option 'comp_lzo' '1'
	option 'max_clients' '2'
	option 'persist_key' '1'
	option 'persist_tun' '1'
	option 'verb' '3'
	option 'status' '/tmp/openvpn.clients 15'
	option 'status_version' '2'
	option 'enable' '1'
	option 'lan' '1'
	option 'wan' '1'
	option 'client_to_client' '0'
	option 'public' 'myDDNS.domain.goes.here.com'
	option 'tls_auth' '/etc/openvpn/keys/ta.key 0'

config 'client' 'buntubook'
	option 'name' 'buntubook'

config 'client' 'work_mac0'
	option 'name' 'work_mac0'

partial output of ls -lh /etc/openvpn/keys/

-rw-r--r--    1 root     root         3.6k Sep  4 08:42 new computer.crt
-rw-r--r--    1 root     root          672 Sep  4 08:42 new computer.csr
-rw-------    1 root     root          887 Sep  4 08:42 new computer.key

Attachments (0)

Change History (3)

comment:1 Changed 5 years ago by Joe Ashcraft <joeashcraft@…>

OP here... let me know if I can test further

comment:2 Changed 5 years ago by matthijs

  • Resolution set to fixed
  • Status changed from new to closed

(In [2324]) luci-openvpn: Allow any character in client names

The client name is used both for display and as the name of key files and a uci section, with configuration for the client. Since uci sections cannot contain dashes, those were replaced by underscores. However, uci section names also cannot contain spaces, and probably a lot more special characters are forbidden too.

This commit makes sure that anything except letters, numbers and underscores in the given name are replaced by underscores in the uci section name. However, since those names are not so pretty for user display, we preserve the originally entered name in the "name" field in uci.

To make sure nothing breaks, all the code that previously used the "name" field to build filenames or identify the uci section is changed to use the uci section name instead.

Closes: #1321

comment:3 Changed 5 years ago by matthijs

This was fixed in the latest SVN trunk revision. The easiest way to test the fix is to install the automatic firmware build, which you can find here: http://download.fonosfera.org/auto-builds/fon-ng/fon-ng-r2324/fonera2n-dev/

Add Comment

Modify Ticket

Action
as closed The ticket will remain with no owner.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.