Page MenuHomeVyOS Platform

Certificates containing CRLF aren't accepted
Open, LowPublicBUG

Description

If a certificate for OpenVPN created on a windows machine is uploaded to VyOS, VyOS will not allow the configuration to be committed using this certificate. If the line endings in the certificate are changed from CRLF to LF, the certificate is then accepted.

Actions that should reproduce the issue (though this sequence hasn’t been tested):

  1. Create certificate on windows machine. Confirm that line endings are CRLF format.
  2. Upload the certificate onto the router to /config/auth/openvpn/
  3. set interfaces openvpn vtun10 tls ca-cert-file '/config/auth/openvpn/ca.crt'
  4. commit
  5. see error.

This also happens with the DH and key files.

Desired outcome: files with either LF or CRLF line endings are accepted.

Details

Difficulty level
Unknown (require assessment)
Version
1.2.0-rc9
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Behavior change
Issue type
Bug (incorrect behavior)

Event Timeline

syncer edited projects, added VyOS 1.3 Equuleus; removed VyOS 1.2 Crux.
dmbaturin set Is it a breaking change? to Behavior change.
erkin set Issue type to Bug (incorrect behavior).Aug 31 2021, 7:11 PM