schwabe
commented
2 years ago I need more information than this.
Closed canary5 closed 2 years ago
schwabe
commented
2 years ago I need more information than this.
canary5
commented
2 years ago It just stops on 'building configuration' with this error. Its default protonvpn config, been using since 0.7.24, upgrading every build till now
realbiz21
commented
2 years ago After experiencing inability to connect apparently due to #1437, I have seen the error @canary5 shows.
The error, option 'cert' not found would show up after building configuration if the OpenVPN 3 core was on.
Without the toggle on, I received the error in #1437, Assertion failed [...]openvpn/src/openvpn/crypto.c:260 (mac_out = buf_prepend(buf, hmac_ctx_size(ctx->hmac))).
canary5
commented
2 years ago I have downgraded to 0.7.31. But in logs nothing just hangs after start. Yes its openvpn3, cant use openvpn2 cause have more then 64 servers
schwabe
commented
2 years ago @canary5 can you give a copy of your configuration and post the full log?
canary5
commented
2 years ago Full log i will post tomorrow, will install on a new phone. Current i have dowgraded to 0.7.31.
client
dev tun
proto tcp
server-poll-timeout 20
remote-random
resolv-retry infinite
nobind
cipher AES-256-GCM
auth SHA512
verb 3
setenv CLIENT_CERT 0
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
reneg-sec 0
remote-cert-tls server
auth-user-pass
pull
fast-ioThat config is missing a --cert option. So it is no suprise that it triggers an error message that it is missing the cert. It should not work with any OpenVPN version
canary5
commented
2 years ago Sorry i cut the end in a hurry. Been using it for years. Working perfect on 0.7.31
canary5
commented
2 years ago Thanks 0.7.33 fixed 'cert' error!
ghost
commented
2 years ago I have the same problem. Waiting for the new version on fdroid.
ghost
commented
2 years ago Hi, I've been using Openvpn on Graphene Pixel 5 for a while now with downloaded config files from my provider with no issues. Yesterdays update broke the app for me too and it's impossible to connect.
What makes it worse is that I'm unable to downgrade, whether from F-Droid app or website I get an error anytime I try to install an older version.
I'm new to this so I'm not sure if I should be reporting it here or F-droid? But I'll post the log just in case it's helpful. It sounds like the same issue others are experiencing.
There is a lot of text, some of those warnings were there previously but it worked without issue, the problem seems to be the one near the bottom. I've edited out the login name.
2022-01-13 08:54:56 F-Droid built and signed version 0.7.32 running on google Pixel 5 (redfin), Android 12 (SQ1A.220105.002) API 31, ABI arm64-v8a, (google/redfin/redfin:12/SQ1A.220105.002/2022011009:user/release-keys) 2022-01-13 08:54:56 Building configuration… 2022-01-13 08:54:56 started Socket Thread 2022-01-13 08:54:56 Network Status: CONNECTED to WIFI 2022-01-13 08:54:56 Debug state info: CONNECTED to WIFI , pause: userPause, shouldbeconnected: true, network: SHOULDBECONNECTED 2022-01-13 08:54:56 P:WARNING: linker: Warning: "/data/app/~~caaFSzfeeG3sksn1b5BtYA==/de.blinkt.openvpn-bMu3hDJmcG-iS4ekou0J8Q==/lib/arm64/libovpnexec.so" is not a directory (ignoring) 2022-01-13 08:54:56 Debug state info: CONNECTED to WIFI , pause: userPause, shouldbeconnected: true, network: SHOULDBECONNECTED 2022-01-13 08:54:56 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set. 2022-01-13 08:54:56 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations. 2022-01-13 08:54:56 Current Parameter Settings: 2022-01-13 08:54:56 config = '/data/user/0/de.blinkt.openvpn/cache/android.conf' 2022-01-13 08:54:56 mode = 0 2022-01-13 08:54:56 show_ciphers = DISABLED 2022-01-13 08:54:56 show_digests = DISABLED 2022-01-13 08:54:56 show_engines = DISABLED 2022-01-13 08:54:56 genkey = DISABLED 2022-01-13 08:54:56 Waiting 0s seconds between connection attempt 2022-01-13 08:54:56 genkey_filename = '[UNDEF]' 2022-01-13 08:54:56 key_pass_file = '[UNDEF]' 2022-01-13 08:54:56 show_tls_ciphers = DISABLED 2022-01-13 08:54:56 connect_retry_max = 0 2022-01-13 08:54:56 Connection profiles [0]: 2022-01-13 08:54:56 proto = udp 2022-01-13 08:54:56 local = '[UNDEF]' 2022-01-13 08:54:56 local_port = '[UNDEF]' 2022-01-13 08:54:56 remote = '89.35.30.211' 2022-01-13 08:54:56 remote_port = '1194' 2022-01-13 08:54:56 remote_float = DISABLED 2022-01-13 08:54:56 bind_defined = DISABLED 2022-01-13 08:54:56 bind_local = DISABLED 2022-01-13 08:54:56 bind_ipv6_only = DISABLED 2022-01-13 08:54:56 connect_retry_seconds = 2 2022-01-13 08:54:56 connect_timeout = 120 2022-01-13 08:54:56 socks_proxy_server = '[UNDEF]' 2022-01-13 08:54:56 socks_proxy_port = '[UNDEF]' 2022-01-13 08:54:56 tun_mtu = 1500 2022-01-13 08:54:56 tun_mtu_defined = ENABLED 2022-01-13 08:54:56 link_mtu = 1500 2022-01-13 08:54:56 link_mtu_defined = DISABLED 2022-01-13 08:54:56 tun_mtu_extra = 32 2022-01-13 08:54:56 tun_mtu_extra_defined = ENABLED 2022-01-13 08:54:56 mtu_discover_type = -1 2022-01-13 08:54:56 fragment = 0 2022-01-13 08:54:56 mssfix = 1492 2022-01-13 08:54:56 mssfix_encap = ENABLED 2022-01-13 08:54:56 explicit_exit_notification = 0 2022-01-13 08:54:56 tls_auth_file = '[INLINE]' 2022-01-13 08:54:56 key_direction = 1 2022-01-13 08:54:56 tls_crypt_file = '[UNDEF]' 2022-01-13 08:54:56 tls_crypt_v2_file = '[UNDEF]' 2022-01-13 08:54:56 Connection profiles END 2022-01-13 08:54:56 remote_random = DISABLED 2022-01-13 08:54:56 ipchange = '[UNDEF]' 2022-01-13 08:54:56 dev = 'tun' 2022-01-13 08:54:56 dev_type = '[UNDEF]' 2022-01-13 08:54:56 dev_node = '[UNDEF]' 2022-01-13 08:54:56 lladdr = '[UNDEF]' 2022-01-13 08:54:56 topology = 1 2022-01-13 08:54:56 ifconfig_local = '[UNDEF]' 2022-01-13 08:54:56 ifconfig_remote_netmask = '[UNDEF]' 2022-01-13 08:54:56 ifconfig_noexec = DISABLED 2022-01-13 08:54:56 ifconfig_nowarn = ENABLED 2022-01-13 08:54:56 ifconfig_ipv6_local = '[UNDEF]' 2022-01-13 08:54:56 ifconfig_ipv6_netbits = 0 2022-01-13 08:54:56 ifconfig_ipv6_remote = '[UNDEF]' 2022-01-13 08:54:56 shaper = 0 2022-01-13 08:54:56 mtu_test = 0 2022-01-13 08:54:56 mlock = DISABLED 2022-01-13 08:54:56 keepalive_ping = 0 2022-01-13 08:54:56 keepalive_timeout = 0 2022-01-13 08:54:56 inactivity_timeout = 0 2022-01-13 08:54:56 ping_send_timeout = 15 2022-01-13 08:54:56 ping_rec_timeout = 0 2022-01-13 08:54:56 ping_rec_timeout_action = 2 2022-01-13 08:54:56 ping_timer_remote = ENABLED 2022-01-13 08:54:56 remap_sigusr1 = 0 2022-01-13 08:54:56 persist_tun = ENABLED 2022-01-13 08:54:56 persist_local_ip = DISABLED 2022-01-13 08:54:56 persist_remote_ip = DISABLED 2022-01-13 08:54:56 persist_key = DISABLED 2022-01-13 08:54:56 passtos = DISABLED 2022-01-13 08:54:56 resolve_retry_seconds = 1000000000 2022-01-13 08:54:56 resolve_in_advance = ENABLED 2022-01-13 08:54:56 username = '[UNDEF]' 2022-01-13 08:54:56 groupname = '[UNDEF]' 2022-01-13 08:54:56 chroot_dir = '[UNDEF]' 2022-01-13 08:54:56 cd_dir = '[UNDEF]' 2022-01-13 08:54:56 writepid = '[UNDEF]' 2022-01-13 08:54:56 up_script = '[UNDEF]' 2022-01-13 08:54:56 down_script = '[UNDEF]' 2022-01-13 08:54:56 down_pre = DISABLED 2022-01-13 08:54:56 up_restart = DISABLED 2022-01-13 08:54:56 up_delay = DISABLED 2022-01-13 08:54:56 daemon = DISABLED 2022-01-13 08:54:56 log = DISABLED 2022-01-13 08:54:56 suppress_timestamps = DISABLED 2022-01-13 08:54:56 machine_readable_output = ENABLED 2022-01-13 08:54:56 nice = 0 2022-01-13 08:54:56 verbosity = 4 2022-01-13 08:54:56 mute = 0 2022-01-13 08:54:56 gremlin = 0 2022-01-13 08:54:56 status_file = '[UNDEF]' 2022-01-13 08:54:56 status_file_version = 1 2022-01-13 08:54:56 status_file_update_freq = 60 2022-01-13 08:54:56 occ = ENABLED 2022-01-13 08:54:56 rcvbuf = 0 2022-01-13 08:54:56 sndbuf = 0 2022-01-13 08:54:56 sockflags = 0 2022-01-13 08:54:56 fast_io = ENABLED 2022-01-13 08:54:56 comp.alg = 2 2022-01-13 08:54:56 comp.flags = 1 2022-01-13 08:54:56 route_script = '[UNDEF]' 2022-01-13 08:54:56 route_default_gateway = '[UNDEF]' 2022-01-13 08:54:56 route_default_metric = 0 2022-01-13 08:54:56 route_noexec = DISABLED 2022-01-13 08:54:56 route_delay = 0 2022-01-13 08:54:56 route_delay_window = 30 2022-01-13 08:54:56 route_delay_defined = DISABLED 2022-01-13 08:54:56 route_nopull = DISABLED 2022-01-13 08:54:56 route_gateway_via_dhcp = DISABLED 2022-01-13 08:54:56 allow_pull_fqdn = DISABLED 2022-01-13 08:54:56 management_addr = '/data/user/0/de.blinkt.openvpn/cache/mgmtsocket' 2022-01-13 08:54:56 management_port = 'unix' 2022-01-13 08:54:56 management_user_pass = '[UNDEF]' 2022-01-13 08:54:56 management_log_history_cache = 250 2022-01-13 08:54:56 management_echo_buffer_size = 100 2022-01-13 08:54:56 management_write_peer_info_file = '[UNDEF]' 2022-01-13 08:54:56 management_client_user = '[UNDEF]' 2022-01-13 08:54:56 management_client_group = '[UNDEF]' 2022-01-13 08:54:56 management_flags = 16678 2022-01-13 08:54:56 shared_secret_file = '[UNDEF]' 2022-01-13 08:54:56 key_direction = 1 2022-01-13 08:54:56 ciphername = 'AES-256-CBC' 2022-01-13 08:54:56 ncp_ciphers = 'AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305' 2022-01-13 08:54:56 authname = 'SHA512' 2022-01-13 08:54:56 engine = DISABLED 2022-01-13 08:54:56 replay = ENABLED 2022-01-13 08:54:56 mute_replay_warnings = DISABLED 2022-01-13 08:54:56 replay_window = 64 2022-01-13 08:54:56 replay_time = 15 2022-01-13 08:54:56 packet_id_file = '[UNDEF]' 2022-01-13 08:54:56 test_crypto = DISABLED 2022-01-13 08:54:56 tls_server = DISABLED 2022-01-13 08:54:56 tls_client = ENABLED 2022-01-13 08:54:56 ca_file = '[INLINE]' 2022-01-13 08:54:56 ca_path = '[UNDEF]' 2022-01-13 08:54:56 dh_file = '[UNDEF]' 2022-01-13 08:54:56 cert_file = '[UNDEF]' 2022-01-13 08:54:56 extra_certs_file = '[UNDEF]' 2022-01-13 08:54:56 priv_key_file = '[UNDEF]' 2022-01-13 08:54:56 pkcs12_file = '[UNDEF]' 2022-01-13 08:54:56 cipher_list = '[UNDEF]' 2022-01-13 08:54:56 cipher_list_tls13 = '[UNDEF]' 2022-01-13 08:54:56 tls_cert_profile = '[UNDEF]' 2022-01-13 08:54:56 tls_verify = '[UNDEF]' 2022-01-13 08:54:56 tls_export_cert = '[UNDEF]' 2022-01-13 08:54:56 verify_x509_type = 0 2022-01-13 08:54:56 verify_x509_name = '[UNDEF]' 2022-01-13 08:54:56 crl_file = '[UNDEF]' 2022-01-13 08:54:56 ns_cert_type = 0 2022-01-13 08:54:56 remote_cert_ku[i] = 65535 2022-01-13 08:54:56 remote_cert_ku[i] = 0 2022-01-13 08:54:56 remote_cert_ku[i] = 0 2022-01-13 08:54:56 remote_cert_ku[i] = 0 2022-01-13 08:54:56 remote_cert_ku[i] = 0 2022-01-13 08:54:56 remote_cert_ku[i] = 0 2022-01-13 08:54:56 remote_cert_ku[i] = 0 2022-01-13 08:54:56 remote_cert_ku[i] = 0 2022-01-13 08:54:56 remote_cert_ku[i] = 0 2022-01-13 08:54:56 remote_cert_ku[i] = 0 2022-01-13 08:54:56 remote_cert_ku[i] = 0 2022-01-13 08:54:56 remote_cert_ku[i] = 0 2022-01-13 08:54:56 remote_cert_ku[i] = 0 2022-01-13 08:54:56 remote_cert_ku[i] = 0 2022-01-13 08:54:56 remote_cert_ku[i] = 0 2022-01-13 08:54:56 remote_cert_ku[i] = 0 2022-01-13 08:54:56 remote_cert_eku = 'TLS Web Server Authentication' 2022-01-13 08:54:56 ssl_flags = 192 2022-01-13 08:54:56 tls_timeout = 2 2022-01-13 08:54:56 renegotiate_bytes = -1 2022-01-13 08:54:56 renegotiate_packets = 0 2022-01-13 08:54:56 renegotiate_seconds = 0 2022-01-13 08:54:56 handshake_window = 60 2022-01-13 08:54:56 transition_window = 3600 2022-01-13 08:54:56 single_session = DISABLED 2022-01-13 08:54:56 push_peer_info = DISABLED 2022-01-13 08:54:56 tls_exit = DISABLED 2022-01-13 08:54:56 tls_crypt_v2_metadata = '[UNDEF]' 2022-01-13 08:54:56 server_network = 0.0.0.0 2022-01-13 08:54:56 server_netmask = 0.0.0.0 2022-01-13 08:54:56 server_network_ipv6 = :: 2022-01-13 08:54:56 server_netbits_ipv6 = 0 2022-01-13 08:54:56 server_bridge_ip = 0.0.0.0 2022-01-13 08:54:56 server_bridge_netmask = 0.0.0.0 2022-01-13 08:54:56 server_bridge_pool_start = 0.0.0.0 2022-01-13 08:54:56 server_bridge_pool_end = 0.0.0.0 2022-01-13 08:54:56 ifconfig_pool_defined = DISABLED 2022-01-13 08:54:56 ifconfig_pool_start = 0.0.0.0 2022-01-13 08:54:56 ifconfig_pool_end = 0.0.0.0 2022-01-13 08:54:56 ifconfig_pool_netmask = 0.0.0.0 2022-01-13 08:54:56 ifconfig_pool_persist_filename = '[UNDEF]' 2022-01-13 08:54:56 ifconfig_pool_persist_refresh_freq = 600 2022-01-13 08:54:56 ifconfig_ipv6_pool_defined = DISABLED 2022-01-13 08:54:56 ifconfig_ipv6_pool_base = :: 2022-01-13 08:54:56 ifconfig_ipv6_pool_netbits = 0 2022-01-13 08:54:56 n_bcast_buf = 256 2022-01-13 08:54:56 tcp_queue_limit = 64 2022-01-13 08:54:56 real_hash_size = 256 2022-01-13 08:54:56 virtual_hash_size = 256 2022-01-13 08:54:56 client_connect_script = '[UNDEF]' 2022-01-13 08:54:56 learn_address_script = '[UNDEF]' 2022-01-13 08:54:56 client_disconnect_script = '[UNDEF]' 2022-01-13 08:54:56 client_config_dir = '[UNDEF]' 2022-01-13 08:54:56 ccd_exclusive = DISABLED 2022-01-13 08:54:56 tmp_dir = '/data/data/de.blinkt.openvpn/cache' 2022-01-13 08:54:56 push_ifconfig_defined = DISABLED 2022-01-13 08:54:56 push_ifconfig_local = 0.0.0.0 2022-01-13 08:54:56 push_ifconfig_remote_netmask = 0.0.0.0 2022-01-13 08:54:56 push_ifconfig_ipv6_defined = DISABLED 2022-01-13 08:54:56 push_ifconfig_ipv6_local = ::/0 2022-01-13 08:54:56 push_ifconfig_ipv6_remote = :: 2022-01-13 08:54:56 enable_c2c = DISABLED 2022-01-13 08:54:56 duplicate_cn = DISABLED 2022-01-13 08:54:56 cf_max = 0 2022-01-13 08:54:56 cf_per = 0 2022-01-13 08:54:56 max_clients = 1024 2022-01-13 08:54:56 max_routes_per_client = 256 2022-01-13 08:54:56 auth_user_pass_verify_script = '[UNDEF]' 2022-01-13 08:54:56 auth_user_pass_verify_script_via_file = DISABLED 2022-01-13 08:54:56 auth_token_generate = DISABLED 2022-01-13 08:54:56 auth_token_lifetime = 0 2022-01-13 08:54:56 auth_token_secret_file = '[UNDEF]' 2022-01-13 08:54:56 port_share_host = '[UNDEF]' 2022-01-13 08:54:56 port_share_port = '[UNDEF]' 2022-01-13 08:54:56 vlan_tagging = DISABLED 2022-01-13 08:54:56 vlan_accept = all 2022-01-13 08:54:56 vlan_pvid = 1 2022-01-13 08:54:56 client = ENABLED 2022-01-13 08:54:56 pull = ENABLED 2022-01-13 08:54:56 auth_user_pass_file = 'stdin' 2022-01-13 08:54:56 OpenVPN 2.6-icsopenvpn [git:v2.6-master-422-g0909f23c] arm64-v8a [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Jan 10 2022 2022-01-13 08:54:56 library versions: OpenSSL 3.0.1 14 Dec 2021, LZO 2.10 2022-01-13 08:54:56 MANAGEMENT: Connected to management server at /data/user/0/de.blinkt.openvpn/cache/mgmtsocket 2022-01-13 08:54:56 MANAGEMENT: CMD 'version 3' 2022-01-13 08:54:56 MANAGEMENT: CMD 'hold release' 2022-01-13 08:54:56 MANAGEMENT: CMD 'bytecount 2' 2022-01-13 08:54:56 MANAGEMENT: CMD 'state on' 2022-01-13 08:54:56 MANAGEMENT: CMD 'username 'Auth' "Username"' 2022-01-13 08:54:56 MANAGEMENT: CMD 'password [...]' 2022-01-13 08:54:56 MANAGEMENT: CMD 'proxy NONE' 2022-01-13 08:54:57 WARNING: --ping should normally be used with --ping-restart or --ping-exit 2022-01-13 08:54:57 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA2-512' for HMAC authentication 2022-01-13 08:54:57 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA2-512' for HMAC authentication 2022-01-13 08:54:57 LZO compression initializing 2022-01-13 08:54:57 Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 headroom:85 payload:1335 tailroom:85 ET:0 ] 2022-01-13 08:54:57 Data Channel MTU parms [ mss_fix:1266 max_frag:0 tun_mtu:1500 headroom:136 payload:1768 tailroom:268 ET:32 ] 2022-01-13 08:54:57 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1634,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,auth SHA2-512,keysize 256,tls-auth,key-method 2,tls-client' 2022-01-13 08:54:57 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1634,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,auth SHA2-512,keysize 256,tls-auth,key-method 2,tls-server' 2022-01-13 08:54:57 TCP/UDP: Preserving recently used remote address: [AF_INET]89.35.30.211:1194 2022-01-13 08:54:57 Socket Buffers: R=[212992->212992] S=[212992->212992] 2022-01-13 08:54:57 MANAGEMENT: CMD 'needok 'PROTECTFD' ok' 2022-01-13 08:54:57 UDP link local: (not bound) 2022-01-13 08:54:57 UDP link remote: [AF_INET]89.35.30.211:1194 2022-01-13 08:54:57 MANAGEMENT: >STATE:1642064097,WAIT,,,,,, 2022-01-13 08:54:57 MANAGEMENT: Client disconnected 2022-01-13 08:54:57 Assertion failed at /home/vagrant/build/de.blinkt.openvpn/main/src/main/cpp/openvpn/src/openvpn/crypto.c:260 (mac_out = buf_prepend(buf, hmac_ctx_size(ctx->hmac))) 2022-01-13 08:54:57 Exiting due to fatal error 2022-01-13 08:54:57 Process exited with exit value 1 2022-01-13 08:54:57 MGMT: Got unrecognized command>FATAL:Assertion failed at /home/vagrant/build/de.blinkt.openvpn/main/src/main/cpp/openvpn/src/openvpn/crypto.c:260 (mac_out = buf_prepend(buf, hmac_ctx_size(ctx->hmac)))
canary5
commented
2 years ago Downgrade protection. You need uninstall/reinstall older version. But 0.7.33 is working for me. Pls try newest
ghost
commented
2 years ago Edited
Sorry my mistake, I was utilizing a seperate profile for the play store apps and I forgot I still had openvpn installed on it.
I've managed to get 0.7.33 installed now and I can confirm this resolves the problem I was having. Thank you so much.
schwabe
commented
2 years ago @Big-Boss20 duplicate of #1437
General information
Description of the issue
After upgrading openvpn stopped working:
Option_error : option 'cert' not found