We have moved to a new Sailfish OS Forum. Please start new discussions there.

Revision history [back]

click to hide/show revision 1
initial version

posted 2014-01-06 23:22:07 +0200

Bug: Connman OpenVPN

Hi,

there seems to be a bug in connman for openvpn - here is what I did find out till now:

I'm working on a OpenVPN client for my Jolla, but it seems that connman is bugging around here:

this is the comman which will be used by connman:

openvpn --remote olz.dyndns.org --ca /home/nemo/OpenVPN/ca.crt --cert /home/nemo/OpenVPN/olz_mobile.crt --key /home/nemo/OpenVPN/olz_mobile.key -- comp-lzo --nobind --persist-key --client --script-security 2 --up /usr/lib/connman/scripts/openvpn-script --up-restart --setenv CONNMAN_BUSNAME :1.71 --setenv CONNMAN_INTERFACE net.connman.Task --setenv CONNMAN_PATH /task/0 --dev vpn0 --dev-type tun --persist-tun --route-noexec --ifconfig- noexec --ping-restart 0

As it wasn't able to connect I've tried to run this command on my own:

[root@localhost OpenVPN]# openvpn --remote olz.dyndns.org --ca /home/nemo/OpenVPN/ca.crt --cert /home/nemo/OpenVPN/olz_mobile.crt --key /home/nemo/OpenVPN/olz_mobile.key --comp-lzo --nobind --persist-key --client --script-security 2 --up /usr/lib/connman/scripts/openvpn-script --up-restart --setenv CONNMAN_BUSNAME :1.71 --setenv CONNMAN_INTERFACE net.connman.Task -- setenv CONNMAN_PATH /task/0 --dev vpn0 --dev-type tun --persist-tun --route- noexec --ifconfig-noexec --ping-restart 0 Sun Jan 5 01:41:41 2014 OpenVPN 2.2.2 armv7l-unknown-linux-gnueabi [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] built on Nov 1 2013 Sun Jan 5 01:41:41 2014 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Sun Jan 5 01:41:41 2014 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Sun Jan 5 01:41:41 2014 LZO compression initialized Sun Jan 5 01:41:42 2014 UDPv4 link local: [undef] Sun Jan 5 01:41:42 2014 UDPv4 link remote: 188.194.98.162:1194 Sun Jan 5 01:42:17 2014 [olz.dyndns.org] Peer Connection Initiated with 188.194.98.162:1194 Sun Jan 5 01:42:20 2014 TUN/TAP device vpn0 opened Sun Jan 5 01:42:20 2014 /usr/lib/connman/scripts/openvpn-script vpn0 1500 1542 192.168.100.202 192.168.100.201 init Sun Jan 5 01:42:20 2014 Initialization Sequence Completed

The issue is related to the script:

/usr/lib/connman/scripts/openvpn-script

which just seems to do nothing.

When I'm just removing the options:

--route-noexec --ifconfig-noexec

from the command above it is connecting fine:

Sun Jan 5 01:57:32 2014 OpenVPN 2.2.2 armv7l-unknown-linux-gnueabi [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] built on Nov 1 2013 Sun Jan 5 01:57:32 2014 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Sun Jan 5 01:57:32 2014 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Sun Jan 5 01:57:32 2014 LZO compression initialized Sun Jan 5 01:57:33 2014 UDPv4 link local: [undef] Sun Jan 5 01:57:33 2014 UDPv4 link remote: 188.194.98.162:1194 Sun Jan 5 01:58:07 2014 [olz.dyndns.org] Peer Connection Initiated with 188.194.98.162:1194 Sun Jan 5 01:58:10 2014 TUN/TAP device vpn0 opened Sun Jan 5 01:58:10 2014 /sbin/ip link set dev vpn0 up mtu 1500 Sun Jan 5 01:58:10 2014 /sbin/ip addr add dev vpn0 local 192.168.100.202 peer 192.168.100.201 Sun Jan 5 01:58:10 2014 /usr/lib/connman/scripts/openvpn-script vpn0 1500 1542 192.168.100.202 192.168.100.201 init RTNETLINK answers: File exists Sun Jan 5 01:58:10 2014 ERROR: Linux route add command failed: external program exited with error status: 2 Sun Jan 5 01:58:10 2014 Initialization Sequence Completed

ifconfig:

vpn0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:192.168.100.202 P-t-P:192.168.100.201
Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

Here are some logs:

Jan 05 23:47:48 localhost openvpn[2854]: /usr/lib/connman/scripts/openvpn- script vpn0 1500 1542 192.168.100.202 192.168.100.201 init Jan 05 23:47:48 localhost connmand[794]: Adding host route failed (No such process) Jan 05 23:47:48 localhost connmand[794]: connman_inet_clear_ipv6_address: Invalid argument Jan 05 23:47:48 localhost connmand[794]: connman_inet_clear_ipv6_address: Invalid argument Jan 05 23:47:48 localhost connmand[794]: Skipping disconnect of /ril_0/context1, network is connecting. Jan 05 23:47:48 localhost connmand[794]: Failed to change property: /ril_0/context1 org.ofono.ConnectionContext.Active: org.ofono.Error.InProgress Operation already in progress Jan 05 23:47:48 localhost connmand[794]: notifier disconnect underflow Jan 05 23:47:48 localhost connmand[794]: Deleting host route failed (No such device) Jan 05 23:47:48 localhost connmand[794]: Deleting host route failed (No such device) Jan 05 23:47:48 localhost connmand[794]: Removing default gateway route failed (No such device) Jan 05 23:47:48 localhost connmand[794]: Skipping disconnect of /ril_0/context1, network is connecting. Jan 05 23:47:48 localhost connmand[794]: connman_inet_clear_address: Invalid argument Jan 05 23:47:48 localhost connmand[794]: connman_inet_clear_ipv6_address: Invalid argument Jan 05 23:47:48 localhost connmand[794]: Failed to change property: /ril_0/context1 org.ofono.ConnectionContext.Active: org.ofono.Error.InProgress Operation already in progress

Would be great to get some help here

BR,

Matthias

Bug: Connman OpenVPN

Hi,

there seems to be a bug in connman for openvpn - here is what I did find out till now:

I'm working on a OpenVPN client for my Jolla, but it seems that connman is bugging around here:

this is the comman which will be used by connman:

openvpn --remote olz.dyndns.org --ca /home/nemo/OpenVPN/ca.crt --cert /home/nemo/OpenVPN/olz_mobile.crt --key /home/nemo/OpenVPN/olz_mobile.key -- comp-lzo --nobind --persist-key --client --script-security 2 --up /usr/lib/connman/scripts/openvpn-script --up-restart --setenv CONNMAN_BUSNAME :1.71 --setenv CONNMAN_INTERFACE net.connman.Task --setenv CONNMAN_PATH /task/0 --dev vpn0 --dev-type tun --persist-tun --route-noexec --ifconfig- noexec --ping-restart 0

As it wasn't able to connect I've tried to run this command on my own:

[root@localhost OpenVPN]# openvpn --remote olz.dyndns.org --ca /home/nemo/OpenVPN/ca.crt --cert /home/nemo/OpenVPN/olz_mobile.crt --key /home/nemo/OpenVPN/olz_mobile.key --comp-lzo --nobind --persist-key --client --script-security 2 --up /usr/lib/connman/scripts/openvpn-script --up-restart --setenv CONNMAN_BUSNAME :1.71 --setenv CONNMAN_INTERFACE net.connman.Task -- setenv CONNMAN_PATH /task/0 --dev vpn0 --dev-type tun --persist-tun --route- noexec --ifconfig-noexec --ping-restart 0 Sun Jan 5 01:41:41 2014 OpenVPN 2.2.2 armv7l-unknown-linux-gnueabi [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] built on Nov 1 2013 Sun Jan 5 01:41:41 2014 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Sun Jan 5 01:41:41 2014 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Sun Jan 5 01:41:41 2014 LZO compression initialized Sun Jan 5 01:41:42 2014 UDPv4 link local: [undef] Sun Jan 5 01:41:42 2014 UDPv4 link remote: 188.194.98.162:1194 Sun Jan 5 01:42:17 2014 [olz.dyndns.org] Peer Connection Initiated with 188.194.98.162:1194 Sun Jan 5 01:42:20 2014 TUN/TAP device vpn0 opened Sun Jan 5 01:42:20 2014 /usr/lib/connman/scripts/openvpn-script vpn0 1500 1542 192.168.100.202 192.168.100.201 init Sun Jan 5 01:42:20 2014 Initialization Sequence Completed

The issue is related to the script:

/usr/lib/connman/scripts/openvpn-script

which just seems to do nothing.

When I'm just removing the options:

--route-noexec --ifconfig-noexec

from the command above it is connecting fine:

Sun Jan 5 01:57:32 2014 OpenVPN 2.2.2 armv7l-unknown-linux-gnueabi [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] built on Nov 1 2013 Sun Jan 5 01:57:32 2014 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Sun Jan 5 01:57:32 2014 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Sun Jan 5 01:57:32 2014 LZO compression initialized Sun Jan 5 01:57:33 2014 UDPv4 link local: [undef] Sun Jan 5 01:57:33 2014 UDPv4 link remote: 188.194.98.162:1194 Sun Jan 5 01:58:07 2014 [olz.dyndns.org] Peer Connection Initiated with 188.194.98.162:1194 Sun Jan 5 01:58:10 2014 TUN/TAP device vpn0 opened Sun Jan 5 01:58:10 2014 /sbin/ip link set dev vpn0 up mtu 1500 Sun Jan 5 01:58:10 2014 /sbin/ip addr add dev vpn0 local 192.168.100.202 peer 192.168.100.201 Sun Jan 5 01:58:10 2014 /usr/lib/connman/scripts/openvpn-script vpn0 1500 1542 192.168.100.202 192.168.100.201 init RTNETLINK answers: File exists Sun Jan 5 01:58:10 2014 ERROR: Linux route add command failed: external program exited with error status: 2 Sun Jan 5 01:58:10 2014 Initialization Sequence Completed

ifconfig:

vpn0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:192.168.100.202 P-t-P:192.168.100.201
Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

Here are some logs:

Jan 05 23:47:48 localhost openvpn[2854]: /usr/lib/connman/scripts/openvpn- script vpn0 1500 1542 192.168.100.202 192.168.100.201 init Jan 05 23:47:48 localhost connmand[794]: Adding host route failed (No such process) Jan 05 23:47:48 localhost connmand[794]: connman_inet_clear_ipv6_address: Invalid argument Jan 05 23:47:48 localhost connmand[794]: connman_inet_clear_ipv6_address: Invalid argument Jan 05 23:47:48 localhost connmand[794]: Skipping disconnect of /ril_0/context1, network is connecting. Jan 05 23:47:48 localhost connmand[794]: Failed to change property: /ril_0/context1 org.ofono.ConnectionContext.Active: org.ofono.Error.InProgress Operation already in progress Jan 05 23:47:48 localhost connmand[794]: notifier disconnect underflow Jan 05 23:47:48 localhost connmand[794]: Deleting host route failed (No such device) Jan 05 23:47:48 localhost connmand[794]: Deleting host route failed (No such device) Jan 05 23:47:48 localhost connmand[794]: Removing default gateway route failed (No such device) Jan 05 23:47:48 localhost connmand[794]: Skipping disconnect of /ril_0/context1, network is connecting. Jan 05 23:47:48 localhost connmand[794]: connman_inet_clear_address: Invalid argument Jan 05 23:47:48 localhost connmand[794]: connman_inet_clear_ipv6_address: Invalid argument Jan 05 23:47:48 localhost connmand[794]: Failed to change property: /ril_0/context1 org.ofono.ConnectionContext.Active: org.ofono.Error.InProgress Operation already in progress

Would be great to get some help here

BR,

Matthias