Am 31.03.2015 um 19:19 schrieb Gert Doering: > Hi, > > On Tue, Mar 31, 2015 at 10:30:39AM -0400, Mike Tancsa wrote: >> On 3/31/2015 10:23 AM, Gert Doering wrote: >>> On Tue, Mar 31, 2015 at 09:39:46AM -0400, Mike Tancsa wrote: >>>> I am not able to reproduce this. >>> >>> You need to use --daemon to make openvpn fork(). Otherwise, it will >>> "just work", but after forking, the cryptodev file descriptor is no >>> longer valid -> boom. Steffan's patch should fix that. >> >> Hi, >> Is having in the config >> >> daemon openvpn-hq >> >> not the same as --daemon from the arguments ? > > It is, sorry, did not look closely enough. > > The fact that this just works for you is... surprising. So maybe it's a > different FreeBSD version, or different openssl, or whatnot... unfortunately, > the original bug report > > https://redmine.pfsense.org/issues/3966 > > does not list FreeBSD version or OpenSSL version, only pfsense version > (2.2) - which does seem to be FreeBSD 10.1-p4, though...
So the feedback of the original reporter arrived, <https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=195004#c7> and Steffan Karger also chimed in there, and there's a new patch for testing up on <https://community.openvpn.net/openvpn/raw-attachment/ticket/480/150406-Reload-OpenSSL-engines-after-forking-v2.patch> in OpenVPN's ticket #480.
