Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FS#1478 - openvpn: comp_lzo option is ignored #6445

Open
openwrt-bot opened this issue Apr 8, 2018 · 5 comments
Open

FS#1478 - openvpn: comp_lzo option is ignored #6445

openwrt-bot opened this issue Apr 8, 2018 · 5 comments
Labels

Comments

@openwrt-bot
Copy link

mbg033:

Model Xiaomi Mi Router 3G
Firmware Version OpenWrt SNAPSHOT r6640-c0742307a1 / LuCI Master (git-18.096.77918-83a59dc)
Kernel Version 4.14.32

"comp_lzo" option in /etc/openvpn/config is ignored - it missing in openvpn conf file

Having following config entry:

config openvpn 'myvpn_tap'
option float '1'
option client '1'
option dev 'tap'
option reneg_sec '0'
option verb '3'
option persist_key '1'
option nobind '1'
option remote_cert_tls 'server'
list remote 'myserver'
option port '1195'
option proto 'udp'
option pkcs12 '/etc/luci-uploads/cbid.openvpn.myvpn_tap.pkcs12'
option log_append '/var/log/openvpn_myvpn_tap.log'
option enabled '1'
option comp_lzo 'yes'

but "comp_lzo" option is not saved into /var/etc/openvpn_myvpn_tap.conf which turns tunnel non-working in case option enabled on the server side

@openwrt-bot
Copy link
Author

arjendekorte:

That option is deprecated. See https://community.openvpn.net/openvpn/wiki/DeprecatedOptions#a--comp-lzo

@openwrt-bot
Copy link
Author

dartraiden:

Similar problem on this router.

Tested with openvpn-mbedtls and openvpn-openssl

@openwrt-bot
Copy link
Author

dartraiden:

That option is deprecated.

But not removed

@openwrt-bot
Copy link
Author

rogerjames99:

See this link.
[[https://github.com/openwrt/openwrt/commit/89b8ba96b404d2e412d5573e25348287255671dd#diff-37e75a0201711d64802dc863bc6019f5|openwrt commit]]

This change removed support for deprecated options from uci. Unfortunately luci does not seem to have caught up with this yet.

@openwrt-bot
Copy link
Author

fredy:

Well, think it is complicated to remove it from uci even though it is been deprecated from the package as it works (in different way) on any binary available for 18.06 and Snapshot and which are normally used to connect to older versions.

Instead of just remove that option it would maybe be better, for while, to keep the comp_lzo option translating it into the newer "--compress lzo" when generating the /tmp/etc/openvpn-myvpn.conf

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant