Page MenuHomePhabricator

Certificates containing CRLF aren't accepted
Open, LowPublicBUG

Description

If a certificate for OpenVPN created on a windows machine is uploaded to VyOS, VyOS will not allow the configuration to be committed using this certificate. If the line endings in the certificate are changed from CRLF to LF, the certificate is then accepted.

Actions that should reproduce the issue (though this sequence hasn’t been tested):

  1. Create certificate on windows machine. Confirm that line endings are CRLF format.
  2. Upload the certificate onto the router to /config/auth/openvpn/
  3. set interfaces openvpn vtun10 tls ca-cert-file '/config/auth/openvpn/ca.crt'
  4. commit
  5. see error.

This also happens with the DH and key files.

Desired outcome: files with either LF or CRLF line endings are accepted.

Details

Difficulty level
Unknown (require assessment)
Version
1.2.0-rc9
Why the issue appeared?
Will be filled on close

Event Timeline

tracyb created this task.Dec 5 2018, 10:53 PM
syncer triaged this task as Low priority.
pasik added a subscriber: pasik.Mar 12 2019, 6:07 PM