Missing algorithms
-
The missing options are in the OpenVPN server config for an existing (working) tunnel.
I don't want to upgrade to 2.4.4 until the first maintenance release comes out.
I may just have to wait on the change I need to make to the tunnel until that happens.
-
You probably updated the OpenVPN client export package which pulled in the copy from 2.4.4, which broke that drop-down.
The box is populated by the output from an OpenVPN command, and either the output is a different format or the binary is failing to run. You can verify that by checking the output of this command:
/usr/local/sbin/openvpn --show-ciphers -
@jimp said in Missing algorithms:
/usr/local/sbin/openvpn --show-ciphers
Shared object "libdl.so.1" not found, required by "openvpn" -
Another user updating package without updating to 2.4.4 it seems.. This just came up the other day - same exact question.
-
Upgrade to 2.4.4. At this point, it's your only viable path forward in-place.
-
Would be nice if packages had "dependencies" on pfS release levels to prevent this type of situation.
-
Guns should have a feature to not allow the user to shoot themselves in the foot as well ;)
-
That would be an excellent feature! With modern image processing tech, not at all impossible.
-
hehehe - agreed ;)
Idioting proofing and keeping users from shooting themselves are always good features to implement when time and money and the effort warrants I think everyone will agree.. Over the years they have implemented such features in many other areas already..
II do believe they put in something already to try and stop the users from shooting themselves around the php upgrade already some packages kill. But the openvpn has not been on high priority list to idiot proof since it doesn't cause as big a blowup as when the php stuff blows up.
But have seen users blow up their linux and bsd installs as well by installing packages... Its not something limited to pfsense that is for sure..
You can put in all the features you want - and users still find a way to dick up their installs ;) hehehe
-
To put that in perspective, Red Hat package manager (YUM) has been doing dependency quite well for years, so the algorithm for this has already been solved. Agreed that writing the code for pfSense will require precious developer time....
-
YUM blows up all the time ;) and while repository mangers like yum and apt don't prevent the users from shooting themselves in the foot and running into dependency hell.
They have attempted to stop most of this by making it harder to install your own packages and stuff - but users still do it.
Pfsense uses apt and use special pfsense repository... Sure they are or will be looking into locking it down to specific version repositories.. Where if package and or any of its dependencies require upstream version of anything the package will not be presented to the current installed version of package manager, etc.
