]> git.ipfire.org Git - ipfire-2.x.git/commitdiff
projects / ipfire-2.x.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ced15fd)
ovpnmain.cgi: Bug 12574 - OpenVPN Internal server error when returning after generati...
authorAdolf Belka <adolf.belka@ipfire.org>
Sun, 14 Nov 2021 20:42:52 +0000 (21:42 +0100)
committerPeter Müller <peter.mueller@ipfire.org>
Fri, 19 Nov 2021 06:11:08 +0000 (07:11 +0100)
- Option "--secret" was deprecated in OpenVPN 2.4 and removed in OpenVPN 2.5
   It was replaced by "secret". If "--secret" is used with genkey then a user warning is
   printed and this is what gives the Internal server error.
- Patch was defined by Erik Kapfer but currently he does not have a build environment
   so I have submitted the patch on his behalf.
- Patch tested on a vm testbed running Core Update 160. Confirmed that without patch the
   error still occurs and with patch everything runs smoothly.

Fixes: Bug #12574
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by : Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
html/cgi-bin/ovpnmain.cgi patch | blob | blame | history

diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index f99bfdef7c93b711b059df554471e51285f7fdc6..7e274b36ad6810367be42c0907d790de929a7f52 100644 (file)
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -1209,7 +1209,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cg
        if ($cgiparams{'TLSAUTH'} eq 'on') {
                if ( ! -e "${General::swroot}/ovpn/certs/ta.key") {
                        # This system call is safe, because all arguements are passed as an array.
-                       system("/usr/sbin/openvpn", "--genkey", "--secret", "${General::swroot}/ovpn/certs/ta.key");
+                       system("/usr/sbin/openvpn", "--genkey", "secret", "${General::swroot}/ovpn/certs/ta.key");
                        if ($?) {
                                $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
                                goto SETTINGS_ERROR;
@@ -2012,7 +2012,7 @@ END
        }
        # Create ta.key for tls-auth
        # This system call is safe, because all arguments are passed as an array.
-       system('/usr/sbin/openvpn', '--genkey', '--secret', "${General::swroot}/ovpn/certs/ta.key");
+       system('/usr/sbin/openvpn', '--genkey', 'secret', "${General::swroot}/ovpn/certs/ta.key");
        if ($?) {
            $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
            &cleanssldatabase();
IPFire 2.x development tree