Missing algorithms

Gertjan

@coreybrett said in Missing algorithms:

e a box where all the options in the drop down for algorithms are missing and None is the only option. I thought I saw another thread with the same issue a while back, but I cannot find it. Is this a known bug?

What list ? Where ?

@coreybrett said in Missing algorithms:

It’s an i5 running 2.4.3

Among others, OpenVPN was updated - 2.4.3 is no more, 2.4.4 works just fine ;)

coreybrett

The missing options are in the OpenVPN server config for an existing (working) tunnel.

I don't want to upgrade to 2.4.4 until the first maintenance release comes out.

I may just have to wait on the change I need to make to the tunnel until that happens.

jimp

You probably updated the OpenVPN client export package which pulled in the copy from 2.4.4, which broke that drop-down.

The box is populated by the output from an OpenVPN command, and either the output is a different format or the binary is failing to run. You can verify that by checking the output of this command:

/usr/local/sbin/openvpn --show-ciphers

coreybrett

@jimp said in Missing algorithms:

/usr/local/sbin/openvpn --show-ciphers

Shared object "libdl.so.1" not found, required by "openvpn"

johnpoz

Another user updating package without updating to 2.4.4 it seems.. This just came up the other day - same exact question.

jimp

Upgrade to 2.4.4. At this point, it's your only viable path forward in-place.

coreybrett

Would be nice if packages had "dependencies" on pfS release levels to prevent this type of situation.

johnpoz

Guns should have a feature to not allow the user to shoot themselves in the foot as well ;)

coreybrett

That would be an excellent feature! With modern image processing tech, not at all impossible.

johnpoz

hehehe - agreed ;)

Idioting proofing and keeping users from shooting themselves are always good features to implement when time and money and the effort warrants I think everyone will agree.. Over the years they have implemented such features in many other areas already..

II do believe they put in something already to try and stop the users from shooting themselves around the php upgrade already some packages kill. But the openvpn has not been on high priority list to idiot proof since it doesn't cause as big a blowup as when the php stuff blows up.

But have seen users blow up their linux and bsd installs as well by installing packages... Its not something limited to pfsense that is for sure..

You can put in all the features you want - and users still find a way to dick up their installs ;) hehehe

msf2000

To put that in perspective, Red Hat package manager (YUM) has been doing dependency quite well for years, so the algorithm for this has already been solved. Agreed that writing the code for pfSense will require precious developer time....

johnpoz

YUM blows up all the time ;) and while repository mangers like yum and apt don't prevent the users from shooting themselves in the foot and running into dependency hell.

They have attempted to stop most of this by making it harder to install your own packages and stuff - but users still do it.

Pfsense uses apt and use special pfsense repository... Sure they are or will be looking into locking it down to specific version repositories.. Where if package and or any of its dependencies require upstream version of anything the package will not be presented to the current installed version of package manager, etc.