[Bug 992012] Re: No /openssl.cnf file could be found because of a wrong regex in whichopensslcnf

Nobuto MURATA nobuto at nobuto-murata.org
Sun Feb 23 10:01:33 UTC 2014 

** Also affects: easy-rsa (Ubuntu)
   Importance: Undecided
       Status: New

** Changed in: easy-rsa (Ubuntu)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/992012

Title:
  No /openssl.cnf file could be found because of a wrong regex in
  whichopensslcnf

Status in The OpenVPN Virtual Private Network:
  Fix Released
Status in “easy-rsa” package in Ubuntu:
  Fix Released
Status in “openvpn” package in Ubuntu:
  Confirmed

Bug description:
  [Impact]

   * Cannot create a CA or cert using easy-rsa.
   * Cannot complete the steps described in Ubuntu Server Guide:
     https://help.ubuntu.com/12.04/serverguide/openvpn.html

  [Test Case]
   1. After installing openvpn package, execute following commands:
      $ sudo -i
      # mkdir /etc/openvpn/easy-rsa/
      # cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/* /etc/openvpn/easy-rsa/
      # cd /etc/openvpn/easy-rsa/
      # source vars
   2. Then hit an error:
      **************************************************************
        No /etc/openvpn/easy-rsa/openssl.cnf file could be found
        Further invocations will fail
      **************************************************************
      NOTE: If you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/easy-rsa/keys
   3. update the package to -proposed one
   4. verify we don't hit the error in step 2 and we can execute "./build-ca" with no error.

  
  [Regression Potential] 

   * minimal
     The patch makes last [[:alnum:]] as optional, nothing will be narrowed down.

  [Other Info]
   
   * trusty and raring are not affected:
     - trusty has upstream fix already in easy-rsa package cut off from openvpn package.
   * quantal is also not affected:
     - quantal's openssl can be parsed without a patch.

  
  -- original description --

  /usr/share/doc/openvpn/examples/easy-rsa/2.0/whichopensslcnf contains

  elif $OPENSSL version | grep -E "1\.0\.([[:digit:]][[:alnum:]])" >
  /dev/null; then

  which won't match the openssl version in precise

  $ openssl version
  OpenSSL 1.0.1 14 Mar 2012

To manage notifications about this bug go to:
https://bugs.launchpad.net/openvpn/+bug/992012/+subscriptions

More information about the Ubuntu-sponsors mailing list