Closed GoogleCodeExporter closed 9 years ago
You should file a bug report at HTC. The openvpn app is using an official API
that has to work in Android 4.0 images.
You can always try to add the up down script as custom options under obscure
options. You will also have to set script-security 3 (or something like this).
But the scripts will be executed as non root.
I also have not looked into iptables/ip rule/routing what android does to
protect the vpn connection socket.
I am not really sure what the best way to fix this in my application is
considering this a bug in the ROM.
Original comment by arne@rfc2549.org
on 11 May 2012 at 9:24
Thanks for the quick reply.
I've now reported the issue to HTC, trying my best to be diplomatic (and
unfortunately that isn't one of my strong suits) while claiming that they have
apparently broken the ICS-api.
I'm not too well traveled in the ics-openvpn yet, But i've trued Custom Options
(and checked the generated config, that they appear):
--------8<--------
up /data/local/vpn.up
down /data/local/vpn.down
script-security 3
--------8<--------
Results in:
P:Fri May 11 12:54:25 2012 us=595568 OPTIONS IMPORT: timers and/or timeouts
modified
P:Fri May 11 12:54:25 2012 us=595599 OPTIONS IMPORT: LZO parms modified
P:Fri May 11 12:54:25 2012 us=595629 OPTIONS IMPORT: --ifconfig/up options
modified
P:Fri May 11 12:54:25 2012 us=595690 OPTIONS IMPORT: route options modified
P:Fri May 11 12:54:25 2012 us=595721 OPTIONS IMPORT: route-related options
modified
P:Fri May 11 12:54:25 2012 us=595751 OPTIONS IMPORT: --ip-win32 and/or
--dhcp-option options modified
P:Fri May 11 12:54:25 2012 us=596178 ROUTE_GATEWAY
10.162.86.229/255.255.255.252 IFACE=rmnet0 HWADDR=00:00:00:00:00:00
P:Fri May 11 12:54:25 2012 us=596362 do_ifconfig, tt->ipv6=0,
tt->did_ifconfig_ipv6_setup=0
P:Fri May 11 12:54:25 2012 us=601153 MANAGEMENT: CMD 'needok 'IFCONFIG' ok'
P:Fri May 11 12:54:25 2012 us=602496 MANAGEMENT: CMD 'needok 'ROUTE' ok'
P:Fri May 11 12:54:25 2012 us=603655 MANAGEMENT: CMD 'needok 'ROUTE' ok'
P:Fri May 11 12:54:25 2012 us=604601 MANAGEMENT: CMD 'needok 'DNSSERVER' ok'
P:Fri May 11 12:54:25 2012 us=609606 MANAGEMENT: CMD 'needok 'DNSDOMAIN' ok'
P:Fri May 11 12:54:26 2012 us=15551 MANAGEMENT: CMD 'needok 'OPENTUN' ok'
P:Fri May 11 12:54:26 2012 us=15917 MANAGEMENT: Client disconnected
P:Fri May 11 12:54:26 2012 us=15978 Assertion failed at
openvpn//src/openvpn/misc.c:116
P:Fri May 11 12:54:26 2012 us=16039 Exiting due to fatal error
MGMT:Got unrecognized command>FATAL:Assertion failed at
openvpn//src/openvpn/misc.c:116
I'm not entirely sure up/down is actually supported.
I've modified my scripts to be runnable as any user, and without "Custom
Options", I can connect run them as user shell and return value is 0 ($?), and
then everything is working.
Original comment by bogeskov...@gmail.com
on 11 May 2012 at 11:14
I will look into the assert failed failed. I believe that is something I fix on
my side :)
Original comment by arne@rfc2549.org
on 11 May 2012 at 11:44
Original issue reported on code.google.com by
bogeskov...@gmail.com
on 11 May 2012 at 8:23