OpenVPN, remote access server with SSL/TLS + User Auth glitch

kpa · Aug 30, 2010, 11:14 AM

This is with "2.0-BETA4 (i386) built on Wed Aug 25 02:21:33 EDT 2010 FreeBSD 8.1-RELEASE" snapshot.

If you create a new remote access server with SSL/TLS + User Auth options the "Backend for authentication" -selection has nothing selected by default and if you forget to select anything there you'll get no error when you press save and a rather cryptic error in the openvpn log:


openvpn[13201]: Options error: --username-as-common-name must be used with --management-client-auth, an --auth-user-pass-verify script, or plugin

I think the Local Database should be selected by default or there should be a note somewhere in the UI that prompts you to select something in the "Backend for authentication" selection.

kpa · Aug 30, 2010, 1:44 PM

Same with latest snapshot "2.0-BETA4 (i386) built on Mon Aug 30 03:10:11 EDT 2010 FreeBSD 8.1-RELEASE".

jimp · Aug 30, 2010, 4:29 PM

I added a bit of input validation to prevent that invalid choice from being made.