From acbd6ff4dbbfa248b00d3922f666da7e6fabcc6c Mon Sep 17 00:00:00 2001 From: Adolf Belka Date: Sun, 14 Nov 2021 21:42:52 +0100 Subject: [PATCH] ovpnmain.cgi: Bug 12574 - OpenVPN Internal server error when returning after generating root/host certificates MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit - Option "--secret" was deprecated in OpenVPN 2.4 and removed in OpenVPN 2.5 It was replaced by "secret". If "--secret" is used with genkey then a user warning is printed and this is what gives the Internal server error. - Patch was defined by Erik Kapfer but currently he does not have a build environment so I have submitted the patch on his behalf. - Patch tested on a vm testbed running Core Update 160. Confirmed that without patch the error still occurs and with patch everything runs smoothly. Fixes: Bug #12574 Tested-by: Adolf Belka Signed-off-by : Erik Kapfer Signed-off-by: Adolf Belka Reviewed-by: Peter Müller --- html/cgi-bin/ovpnmain.cgi | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index f99bfdef7c..7e274b36ad 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -1209,7 +1209,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cg if ($cgiparams{'TLSAUTH'} eq 'on') { if ( ! -e "${General::swroot}/ovpn/certs/ta.key") { # This system call is safe, because all arguements are passed as an array. - system("/usr/sbin/openvpn", "--genkey", "--secret", "${General::swroot}/ovpn/certs/ta.key"); + system("/usr/sbin/openvpn", "--genkey", "secret", "${General::swroot}/ovpn/certs/ta.key"); if ($?) { $errormessage = "$Lang::tr{'openssl produced an error'}: $?"; goto SETTINGS_ERROR; @@ -2012,7 +2012,7 @@ END } # Create ta.key for tls-auth # This system call is safe, because all arguments are passed as an array. - system('/usr/sbin/openvpn', '--genkey', '--secret', "${General::swroot}/ovpn/certs/ta.key"); + system('/usr/sbin/openvpn', '--genkey', 'secret', "${General::swroot}/ovpn/certs/ta.key"); if ($?) { $errormessage = "$Lang::tr{'openssl produced an error'}: $?"; &cleanssldatabase(); -- 2.39.5