Package: openvpn Version: 2.1~rc11-1 Severity: grave Steps to verify/recreate: Create a test auth script that simply echos the username and password and configure opevnvpn to use this script
#!/bin/sh echo $username echo $password Start openvpn with the following command openvpn --config /etc/openvpn/server.conf --script-security 2 When a client attempts a connection, the username will be printed in the output but the password will not. Notes: Installing 2.0.9-4etch1 on lenny using the same server.conf and client setup works as expected. #server.conf port 1194 proto udp dev tap0 ca /etc/openvpn/CA/keys/ca.crt cert /etc/openvpn/CA/keys/vpn.domain.com.crt key /etc/openvpn/CA/keys/vpn.domain.com.key crl-verify /etc/openvpn/CA/keys/crl.pem dh /etc/openvpn/CA/keys/dh1024.pem ifconfig-pool-persist used-ips server-bridge 192.168.100.9 255.255.255.0 192.168.100.60 192.168.100.75 push "route 192.168.101.0 255.255.255.0 192.168.100.1" push "dhcp-option WINS 192.168.100.3" push "dhcp-option DNS 192.168.100.3" push "dhcp-option DOMAIN domain.com" client-to-client keepalive 10 120 user nobody group nogroup persist-key persist-tun status /var/log/openvpn-status.log verb 5 auth-user-pass-verify /etc/openvpn/ldap-auth.sh via-env keepalive 10 120 comp-lzo #client configuration client dev tap proto udp remote vpn.domain.com 1194 resolv-retry infinite nobind persist-key persist-tun auth-user-pass comp-lzo ns-cert-type server ca "c:\\Program Files\\openvpn\\config\\Work\\ca.crt" cert "c:\\Program Files\\openvpn\\config\\Work\\user.crt" key "c:\\Program Files\\openvpn\\config\\Work\\user.key" -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
